diff options
Diffstat (limited to 'module')
12 files changed, 304 insertions, 81 deletions
diff --git a/module/acme/src/main/resources/io/trygvis/acme/acme.drl b/module/acme/src/main/resources/io/trygvis/acme/acme.drl index cb04b09..76bad0a 100644 --- a/module/acme/src/main/resources/io/trygvis/acme/acme.drl +++ b/module/acme/src/main/resources/io/trygvis/acme/acme.drl @@ -27,6 +27,8 @@ when $m : Machine(fqdn == null) $s : AcmeServer(machine == $m) then - $s.machine.fqdn = "%s.machine.acme.com.".formatted($s.machine.name); - update($s.machine) + var fqdn = "%s.machine.acme.com".formatted($m.name); + modify ($m) { + fqdn = fqdn + } end diff --git a/module/acme/src/main/resources/io/trygvis/acme/apps/apps.drl b/module/acme/src/main/resources/io/trygvis/acme/apps/apps.drl index 95f09c8..e7bdfe3 100644 --- a/module/acme/src/main/resources/io/trygvis/acme/apps/apps.drl +++ b/module/acme/src/main/resources/io/trygvis/acme/apps/apps.drl @@ -2,7 +2,8 @@ package io.trygvis.acme.apps; import io.trygvis.rules.machine.Machine; import io.trygvis.rules.dba.Cluster; -import io.trygvis.rules.dba.Container; +import io.trygvis.rules.dba.Container +import io.trygvis.rules.dns.DnsZone; dialect "mvel" @@ -12,22 +13,28 @@ when then var cluster = new Cluster("acme-ops"); insert(cluster); - insert(new Container(cluster, "app", "pdb", "postgresql", "11")); - insert(new Container(cluster, "app", "n8n", "n8n", "0.84.1")); + insert(new Container(cluster, "pdb", "ops", "postgresql", "11")); + insert(new Container(cluster, "n8n", "ops", "n8n", "0.84.1")); end rule "MyApp" when $app: AcmeMyApp() then + var zone = new DnsZone($app.environment + ".acme.com"); + insert(zone) + var cluster = new Cluster("acme-myapp-" + $app.environment); insert(cluster); + var app = $app.environment + "-app"; + var db = $app.environment + "-db"; + var tag = $app.dockerTag; - insert(new Container(cluster, "app", "statera", "statera", tag)); - insert(new Container(cluster, "app", "statera-console", "statera-console", tag)); - insert(new Container(cluster, "app", "4tune-web", "4tune-web", tag)); - insert(new Container(cluster, "app", "4tune-api", "4tune-api", tag)); - insert(new Container(cluster, "db", "pdb", "postgresql", "13")); - insert(new Container(cluster, "db", "mdb", "mongodb", "3.2")); + insert(new Container(cluster, "statera", app, "statera", tag)); + insert(new Container(cluster, "statera-console", app, "statera-console", tag)); + insert(new Container(cluster, "4tune-web", app, "4tune-web", tag)); + insert(new Container(cluster, "4tune-api", app, "4tune-api", tag)); + insert(new Container(cluster, "pdb", db, "postgresql", "13")); + insert(new Container(cluster, "mdb", db, "mongodb", "3.2")); end diff --git a/module/ri-engine/src/main/java/io/trygvis/rules/core/Problem.java b/module/ri-engine/src/main/java/io/trygvis/rules/core/Problem.java new file mode 100644 index 0000000..04d1af3 --- /dev/null +++ b/module/ri-engine/src/main/java/io/trygvis/rules/core/Problem.java @@ -0,0 +1,11 @@ +package io.trygvis.rules.core; + +public class Problem { + public final String message; + public final Object object; + + public Problem(String message, Object object) { + this.message = message; + this.object = object; + } +} diff --git a/module/ri-engine/src/main/java/io/trygvis/rules/dba/Cluster.java b/module/ri-engine/src/main/java/io/trygvis/rules/dba/Cluster.java index 949d9ae..0b65aaa 100644 --- a/module/ri-engine/src/main/java/io/trygvis/rules/dba/Cluster.java +++ b/module/ri-engine/src/main/java/io/trygvis/rules/dba/Cluster.java @@ -1,5 +1,9 @@ package io.trygvis.rules.dba; +import com.fasterxml.jackson.annotation.JsonIdentityInfo; +import com.fasterxml.jackson.annotation.ObjectIdGenerators; + +@JsonIdentityInfo(generator = ObjectIdGenerators.PropertyGenerator.class, property = "name") public class Cluster { public String name; diff --git a/module/ri-engine/src/main/java/io/trygvis/rules/dba/Container.java b/module/ri-engine/src/main/java/io/trygvis/rules/dba/Container.java index 6df939d..f6d2ba4 100644 --- a/module/ri-engine/src/main/java/io/trygvis/rules/dba/Container.java +++ b/module/ri-engine/src/main/java/io/trygvis/rules/dba/Container.java @@ -1,17 +1,55 @@ package io.trygvis.rules.dba; +import com.fasterxml.jackson.annotation.JsonIdentityReference; +import io.trygvis.rules.machine.Machine; + +//@JsonIdentityInfo(generator = ObjectIdGenerators.PropertyGenerator.class, property = "id") public class Container { - public Cluster cluster; - public String name; - public String machineRole; - public String image; - public String tag; + public final String id; + +// @JsonIdentityReference(alwaysAsId = true) + public final Cluster cluster; + public final String name; + public final String machineRole; + public final String image; + public final String tag; + + private Machine machine; public Container(Cluster cluster, String name, String machineRole, String image, String tag) { + this.id = cluster.name + "-" + name; this.cluster = cluster; this.name = name; this.machineRole = machineRole; this.image = image; this.tag = tag; } + + public Cluster getCluster() { + return cluster; + } + + public String getName() { + return name; + } + + public String getMachineRole() { + return machineRole; + } + + public String getImage() { + return image; + } + + public String getTag() { + return tag; + } + + public Machine getMachine() { + return machine; + } + + public void setMachine(Machine machine) { + this.machine = machine; + } } diff --git a/module/ri-engine/src/main/java/io/trygvis/rules/dns/DnsZone.java b/module/ri-engine/src/main/java/io/trygvis/rules/dns/DnsZone.java new file mode 100644 index 0000000..1af5c8f --- /dev/null +++ b/module/ri-engine/src/main/java/io/trygvis/rules/dns/DnsZone.java @@ -0,0 +1,9 @@ +package io.trygvis.rules.dns; + +public class DnsZone { + public final String name; + + public DnsZone(String name) { + this.name = name; + } +} diff --git a/module/ri-engine/src/main/java/io/trygvis/rules/engine/DbIo.java b/module/ri-engine/src/main/java/io/trygvis/rules/engine/DbIo.java index 3173109..b8ee03a 100644 --- a/module/ri-engine/src/main/java/io/trygvis/rules/engine/DbIo.java +++ b/module/ri-engine/src/main/java/io/trygvis/rules/engine/DbIo.java @@ -1,12 +1,18 @@ package io.trygvis.rules.engine; import ch.qos.logback.core.util.FileUtil; +import com.fasterxml.jackson.annotation.ObjectIdGenerators; import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.PropertyName; import com.fasterxml.jackson.databind.SerializationFeature; +import com.fasterxml.jackson.databind.introspect.Annotated; +import com.fasterxml.jackson.databind.introspect.JacksonAnnotationIntrospector; +import com.fasterxml.jackson.databind.introspect.ObjectIdInfo; import com.fasterxml.jackson.databind.type.TypeFactory; import com.fasterxml.jackson.dataformat.yaml.YAMLFactory; import com.fasterxml.jackson.dataformat.yaml.YAMLGenerator; import org.drools.core.common.DefaultFactHandle; +import org.drools.core.factmodel.GeneratedFact; import org.kie.api.KieBase; import org.kie.api.runtime.rule.FactHandle; @@ -21,6 +27,8 @@ import java.util.function.Function; public class DbIo { private final ObjectMapper mapper; + private static final List<String> prioritizedKeys = List.of("key", "name", "fqdn"); + public DbIo(KieBase kieBase) { var factory = new YAMLFactory(); factory.enable(YAMLGenerator.Feature.USE_NATIVE_TYPE_ID); @@ -31,6 +39,29 @@ public class DbIo { .withClassLoader(new AcmeClassLoader(kieBase)); mapper.setTypeFactory(typeFactory); mapper.findAndRegisterModules(); + + mapper.setAnnotationIntrospector(new JacksonAnnotationIntrospector() { + @Override + public ObjectIdInfo findObjectIdInfo(Annotated a) { + final Class<?> klass = a.getRawType(); + if (GeneratedFact.class.isAssignableFrom(klass)) { + System.out.println("klass = " + klass); + + for (String name : prioritizedKeys) { + try { + final String getter = "get" + name.substring(0, 1).toUpperCase() + name.substring(1); + var f = klass.getMethod(getter); + return new ObjectIdInfo(PropertyName.construct(name), null, ObjectIdGenerators.PropertyGenerator.class, null); + } catch (NoSuchMethodException ignore) { + } + } + System.out.println("a.getRawType() = " + klass); + return new ObjectIdInfo(null, null, ObjectIdGenerators.IntSequenceGenerator.class, null); + } + + return super.findObjectIdInfo(a); + } + }); } public List<Object> load(String file) throws IOException { @@ -86,8 +117,6 @@ public class DbIo { // TODO: check if klass is a Comparable directly. - var prioritizedKeys = List.of("key", "name", "fqdn"); - var discoveredFieldsP1 = new LinkedHashMap<String, Function<Object, Object>>(); var discoveredFieldsP2 = new LinkedHashMap<String, Function<Object, Object>>(); @@ -189,6 +218,9 @@ public class DbIo { return comparator; } + static record DbObject2(String type, Object data) { + } + public void dump(String s, Collection<FactHandle> factHandles, Function<Object, Boolean> filter) throws IOException { var yamlFile = new File("out", s + ".yaml"); @@ -214,18 +246,23 @@ public class DbIo { } } + var objects = new ArrayList<DbObject2>(facts.size()); + for (var e : facts.entrySet()) { + var name = e.getKey().getName(); + + var collection = e.getValue(); + collection.sort(); + for (var fact : collection.values) { + objects.add(new DbObject2(name, fact)); + } + } + + objects.sort(new DbObjectComparator()); + var factory = mapper.getFactory(); try (var writer = new FileWriter(yamlFile); var g = factory.createGenerator(writer)) { - for (var e : facts.entrySet()) { - var name = e.getKey().getName(); - - var collection = e.getValue(); - collection.sort(); - for (var fact : collection.values) { - g.writeObject(new DbObject(name, mapper.valueToTree(fact))); - } - } + g.writeObject(objects); } } @@ -259,4 +296,43 @@ public class DbIo { } } } + + private static class DbObjectComparator implements Comparator<DbObject2> { + private final List<String> prioritizedPackages = List.of( + "io.trygvis.rules.machine", + "io.trygvis.rules.network", + "io.trygvis.rules.dns", + "io.trygvis.rules.dba", + "io.trygvis.rules", + "io.trygvis.rules.core"); + + @Override + public int compare(DbObject2 a, DbObject2 b) { + var indexA = a.type.lastIndexOf("."); + String packageA = indexA == -1 ? null : a.type.substring(0, indexA); + String classA = indexA == -1 ? a.type : a.type.substring(indexA + 1); + + var indexB = b.type.lastIndexOf("."); + String packageB = indexB == -1 ? null : b.type.substring(0, indexB); + String classB = indexB == -1 ? b.type : b.type.substring(indexB + 1); + + var priIdxA = prioritizedPackages.indexOf(packageA); + var priIdxB = prioritizedPackages.indexOf(packageB); + + if (priIdxA == -1 && priIdxB == -1) { + return classB.compareTo(classA); + } else if (priIdxA == -1) { + return 1; + } else if (priIdxB == -1) { + return -1; + } + return priIdxA - priIdxB; +// var diff = priIdxB - priIdxA; +// if (diff != 0) { +// return diff; +// } +// +// return classB.compareTo(classA); + } + } } diff --git a/module/ri-engine/src/main/java/io/trygvis/rules/machine/Machine.java b/module/ri-engine/src/main/java/io/trygvis/rules/machine/Machine.java index 52721e1..34c17ca 100644 --- a/module/ri-engine/src/main/java/io/trygvis/rules/machine/Machine.java +++ b/module/ri-engine/src/main/java/io/trygvis/rules/machine/Machine.java @@ -1,8 +1,13 @@ package io.trygvis.rules.machine; +import com.fasterxml.jackson.annotation.JsonIdentityInfo; +import com.fasterxml.jackson.annotation.ObjectIdGenerators; + +@SuppressWarnings("unused") +@JsonIdentityInfo(generator = ObjectIdGenerators.PropertyGenerator.class, property = "name") public class Machine { public String name; - public String fqdn; + private String fqdn; public Machine() { } @@ -18,4 +23,8 @@ public class Machine { public String getFqdn() { return fqdn; } + + public void setFqdn(String fqdn) { + this.fqdn = fqdn; + } } diff --git a/module/ri-engine/src/main/java/io/trygvis/rules/network/Ipv4Cidr.java b/module/ri-engine/src/main/java/io/trygvis/rules/network/Ipv4Cidr.java index 8e812ef..6362107 100644 --- a/module/ri-engine/src/main/java/io/trygvis/rules/network/Ipv4Cidr.java +++ b/module/ri-engine/src/main/java/io/trygvis/rules/network/Ipv4Cidr.java @@ -85,7 +85,7 @@ public class Ipv4Cidr implements Comparable<Ipv4Cidr> { } var ret = network - o.network; - if (ret == 0) { + if (ret != 0) { return ret; } diff --git a/module/ri-engine/src/main/resources/io/trygvis/rules/dba/dba.drl b/module/ri-engine/src/main/resources/io/trygvis/rules/dba/dba.drl new file mode 100644 index 0000000..0bee004 --- /dev/null +++ b/module/ri-engine/src/main/resources/io/trygvis/rules/dba/dba.drl @@ -0,0 +1,69 @@ +package io.trygvis.rules.dba + +import io.trygvis.rules.core.Problem +import io.trygvis.rules.machine.Machine +import java.util.ArrayList +import java.util.Map +import java.util.HashMap +import java.util.List +import java.util.stream.Collectors +import java.util.Collections + +global io.trygvis.rules.engine.TemplateEngine te; + +dialect "mvel" + +declare DbaMachineRole + machine : String + roles : String[] +end + +rule "Assign containers to machine" +when + $machine : Machine() + $machineRole : DbaMachineRole(machine == $machine.name) + $container : Container(machine == null, $machineRole.roles contains machineRole) +then + System.out.println("Assigning container to machine: " + $machine.name); + modify ($container) { + machine = $machine + } +end + +rule "Containers without hosts" + agenda-group "generate" +when + $container : Container(machine == null) +then + insert(new Problem("No machine for container", $container)) +end + +rule "Generate docker-compose.yaml" + agenda-group "generate" +when + $cluster : Cluster() + $containers : ArrayList(size > 0) from collect(Container(cluster == $cluster)) +then + System.out.println("Docker compose for cluster: " + $cluster.name + " with " + $containers.size() + " containers"); + + Map containersByMachine = new HashMap(); + for (Object o : $containers) { + Container c = (Container) o; + + var list = (List) containersByMachine.get(c.getMachine()); + if (list == null) { + list = new ArrayList(); + containersByMachine.put(c.getMachine(), list); + } + list.add(c); + } + + System.out.println("containersByMachine = " + containersByMachine); + + var path = "ansible/dba/" + $cluster.name + ".yml"; + te.template("dba/cluster", path, Map.of( + "cluster", $cluster, + "containers", $containers, + "containersByMachine", containersByMachine + )); +end diff --git a/module/ri-engine/src/main/resources/io/trygvis/rules/terraform/terraform.drl b/module/ri-engine/src/main/resources/io/trygvis/rules/terraform/terraform.drl index c1293fe..07a96e2 100644 --- a/module/ri-engine/src/main/resources/io/trygvis/rules/terraform/terraform.drl +++ b/module/ri-engine/src/main/resources/io/trygvis/rules/terraform/terraform.drl @@ -10,6 +10,8 @@ import java.util.Map; global io.trygvis.rules.engine.TemplateEngine te; +dialect "mvel" + declare ScalewayMachine machine : Machine key : String diff --git a/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl b/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl index 2e4498f..d971696 100644 --- a/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl +++ b/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl @@ -21,54 +21,48 @@ declare WgNet end declare WgIpPool - net : String + net : WgNet role : String cidr : Ipv4Cidr end declare WgHost - name : String - net : String - publicName : String - netToNetIp : String - networkIp : String + machine : Machine + net : WgNet + publicName : String + ip : String // This host's IP + networkCidr : String end declare WgConnection - host : String - to : String + host : WgHost + to : WgHost end declare WgIpAllocation - host : String + host : WgHost role : String ip : Ipv4Address end -declare WgNetworkAllocation - host : String - role : String - cidr : Ipv4Cidr -end - rule "Create IP pools" when $net : WgNet() // not(Ipv4Cidr(network == Ipv4Cidr.parseCidr($net.linkCidr).network)) then System.out.println("Creating main IP pools"); - insert(new WgIpPool($net.name, "link", Ipv4Cidr.parseCidr($net.linkCidr))) - insert(new WgIpPool($net.name, "networks", Ipv4Cidr.parseCidr($net.networkCidr))) + insert(new WgIpPool($net, "link", Ipv4Cidr.parseCidr($net.linkCidr))) + insert(new WgIpPool($net, "networks", Ipv4Cidr.parseCidr($net.networkCidr))) end rule "WgHost VPN machines" when $machine : Machine() $wgNet : WgNet(name == "vpn0") - not(WgHost(name == $machine.name)) + not(WgHost(machine == $machine)) then var wgHost = new WgHost(); - wgHost.name = $machine.name; - wgHost.net = $wgNet.name; + wgHost.machine = $machine; + wgHost.net = $wgNet; wgHost.publicName = $machine.fqdn; insert(wgHost) end @@ -76,7 +70,7 @@ end rule "Set public name of WgHost" when $host : WgHost(publicName == null) - $m : Machine(name == $host.name, fqdn != null) + $m : Machine(this == $host.machine, fqdn != null) then modify($host) { publicName = $m.fqdn @@ -86,10 +80,9 @@ end rule "Make DNS entries for all VPN hosts" when $h : WgHost() - $net : WgNet(name == $h.net) - not(DnsEntry(fqdn == "%s.%s".formatted($h.name, $net.domain), type == "A")) + not(DnsEntry(fqdn == "%s.%s".formatted($h.machine.name, $h.net.domain), type == "A")) then - var fqdn = "%s.%s".formatted($h.name, $net.domain); + var fqdn = "%s.%s".formatted($h.machine.name, $h.net.domain); insert(DnsEntry.a(fqdn)) end @@ -97,35 +90,38 @@ rule "Connect VPN nodes" salience -1 when $h : WgHost() - $other : WgHost(publicName != null, name != $h.name) + $other : WgHost(publicName != null, this != $h) then - System.out.printf("VPN connection from %s to %s%n", $h.name, $other.name); - insert(new WgConnection($h.name, $other.name)) + System.out.printf("VPN connection from %s to %s%n", $h.machine.name, $other.machine.name); + insert(new WgConnection($h, $other)) end -rule "Assign link IP" +// This and the next rule needs to use .toString(), the specific objects might be generated multiple times, +// but Drools use identityHashCode() to find equal objects, not equals(). +rule "Assign IP" when - $net : WgNet() - $host : WgHost(net == $net.name) - $pool : WgIpPool(net == $net.name, role == "link") - not(WgIpAllocation(host == $host.name, role == $pool.role)) + $pool : WgIpPool(role == "link") $ip : Ipv4Address() from $pool.cidr.addresses() - not(WgIpAllocation(ip == $ip)) + not(WgHost(net == $pool.net, ip == $ip.toString())) + $host : WgHost(net == $pool.net, ip == null) then - System.out.printf("IP: net=%s, pool.role=%s, host=%s, ip=%s%n", $net.name, $pool.role, $host.name, $ip); - insert(new WgIpAllocation($host.name, $pool.role, $ip)) + System.out.printf("IP: net=%s, pool.role=%s, host=%s, ip=%s%n", $pool.net.name, $pool.role, $host.machine.name, $ip); + modify($host) { + ip = $ip.toString() + } end rule "Assign network CIDR" when $net : WgNet() - $host : WgHost(net == $net.name) $network : Ipv4Cidr() from Ipv4Cidr.parseCidr($net.networkCidr).partition($net.networkBits) - not(WgNetworkAllocation(host == $host.name, role == "network")) - not(WgNetworkAllocation(cidr == $network)) + $host : WgHost(net == $net, networkCidr == null) + not(WgHost(net == $net, networkCidr == $network.toString())) then - System.out.printf("Network CIDR: net=%s, host=%s, network=%s%n", $net.name, $host.name, $network); - insert(new WgNetworkAllocation($host.name, "network", $network)) + System.out.printf("Network CIDR: net=%s, host=%s, network=%s%n", $net.name, $host.machine.name, $network); + modify($host) { + networkCidr = $network.toString() + } end rule "Generate per-net files" @@ -133,15 +129,20 @@ rule "Generate per-net files" salience 10 when $net : WgNet() - $names : ArrayList() from accumulate(WgHost(net == $net.name, $name: name), collectList($name)) - $hosts : ArrayList() from accumulate(Machine($names contains name, $m: this), collectList($m)) + $hosts : ArrayList() from collect(WgHost(net == $net)) then te.template("wireguard/ansible", "wireguard-" + $net.name + ".yml", Map.of( "net", $net )); + var machines = new ArrayList(); + for (Object o : $hosts) { + WgHost m = (WgHost) o; + machines.add(m.machine); + } + te.template("wireguard/inventory", "inventory.yml", Map.of( - "hosts", $hosts + "hosts", machines )); end @@ -150,21 +151,16 @@ rule "Generate per-net, per-host files" salience 10 when $net : WgNet() - $host : WgHost(net == $net.name) - $link : WgIpAllocation(host == $host.name, role == "link") - $network : WgNetworkAllocation(host == $host.name, role == "network") - $peerMachines : ArrayList() from accumulate(WgConnection(host == $host.name, $to: to), collectList($to)) - $peers : ArrayList() from accumulate(Machine($peerMachines contains name, $fqdn: fqdn), collectList($fqdn)) + $host : WgHost(net == $net) + $peers : ArrayList() from accumulate(WgConnection(host == $host, $to: to), collectList($to.machine)) then - System.out.printf("Generating per-host files: net=%s, host=%s%n", $net.name, $host.name); + System.out.printf("Generating per-host files: net=%s, host=%s%n", $net.name, $host.machine.name); - String output = "host_vars/%s/wireguard.yml".formatted($host.name); + String output = "host_vars/%s/wireguard.yml".formatted($host.machine.name); te.template("wireguard/ansible-host", output, Map.of( "net", $net, "host", $host, - "link", $link.ip, - "network", $network.cidr, "peers", $peers )); end |