def crawl_metadata(self):
"""Crawl metadata service when available.
@returns: Dictionary of crawled metadata content containing the keys:
meta-data, user-data and dynamic.
"""
if not self.wait_for_metadata_service():
return {}
api_version = self.get_metadata_api_version()
crawled_metadata = {}
try:
crawled_metadata['user-data'] = ec2.get_instance_userdata(
api_version, self.metadata_address)
crawled_metadata['meta-data'] = ec2.get_instance_metadata(
api_version, self.metadata_address)
if self.cloud_name == CloudNames.AWS:
identity = ec2.get_instance_identity(
api_version, self.metadata_address)
crawled_metadata['dynamic'] = {'instance-identity': identity}
except Exception:
util.logexc(
LOG, "Failed reading from metadata address %s",
self.metadata_address)
return {}
crawled_metadata['_metadata_api_version'] = api_version
return crawled_metadata
def test_metadata_fetch_with_2_keys(self):
base_url = "http://169.254.169.254/%s/meta-data" % (self.VERSION)
hp.register_uri(hp.GET, base_url, status=200, body="\n".join(["hostname", "instance-id", "public-keys/"]))
hp.register_uri(hp.GET, uh.combine_url(base_url, "hostname"), status=200, body="ec2.fake.host.name.com")
hp.register_uri(hp.GET, uh.combine_url(base_url, "instance-id"), status=200, body="123")
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "public-keys/"),
status=200,
body="\n".join(["0=my-public-key", "1=my-other-key"]),
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "public-keys/0/openssh-key"),
status=200,
body="ssh-rsa AAAA.....wZEf my-public-key",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "public-keys/1/openssh-key"),
status=200,
body="ssh-rsa AAAA.....wZEf my-other-key",
)
md = eu.get_instance_metadata(self.VERSION, retries=0, timeout=0.1)
self.assertEquals(md["hostname"], "ec2.fake.host.name.com")
self.assertEquals(md["instance-id"], "123")
self.assertEquals(2, len(md["public-keys"]))
def test_metadata_fetch_bdm(self):
base_url = 'http://169.254.169.254/%s/meta-data/' % (self.VERSION)
hp.register_uri(hp.GET, base_url, status=200,
body="\n".join(['hostname',
'instance-id',
'block-device-mapping/']))
hp.register_uri(hp.GET, uh.combine_url(base_url, 'hostname'),
status=200, body='ec2.fake.host.name.com')
hp.register_uri(hp.GET, uh.combine_url(base_url, 'instance-id'),
status=200, body='123')
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'block-device-mapping/'),
status=200,
body="\n".join(['ami', 'ephemeral0']))
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'block-device-mapping/ami'),
status=200,
body="sdb")
hp.register_uri(hp.GET,
uh.combine_url(base_url,
'block-device-mapping/ephemeral0'),
status=200,
body="sdc")
md = eu.get_instance_metadata(self.VERSION, retries=0, timeout=0.1)
self.assertEqual(md['hostname'], 'ec2.fake.host.name.com')
self.assertEqual(md['instance-id'], '123')
bdm = md['block-device-mapping']
self.assertEqual(2, len(bdm))
self.assertEqual(bdm['ami'], 'sdb')
self.assertEqual(bdm['ephemeral0'], 'sdc')
def get_data(self):
seed_ret = {}
if util.read_optional_seed(seed_ret, base=(self.seed_dir + "/")):
self.userdata_raw = seed_ret['user-data']
self.metadata = seed_ret['meta-data']
LOG.debug("Using seeded ec2 data from %s", self.seed_dir)
self._cloud_platform = Platforms.SEEDED
return True
strict_mode, _sleep = read_strict_mode(
util.get_cfg_by_path(self.sys_cfg, STRICT_ID_PATH,
STRICT_ID_DEFAULT), ("warn", None))
LOG.debug("strict_mode: %s, cloud_platform=%s", strict_mode,
self.cloud_platform)
if strict_mode == "true" and self.cloud_platform == Platforms.UNKNOWN:
return False
try:
if not self.wait_for_metadata_service():
return False
start_time = time.time()
self.userdata_raw = \
ec2.get_instance_userdata(self.api_ver, self.metadata_address)
self.metadata = ec2.get_instance_metadata(self.api_ver,
self.metadata_address)
LOG.debug("Crawl of metadata service took %.3f seconds",
time.time() - start_time)
return True
except Exception:
util.logexc(LOG, "Failed reading from metadata address %s",
self.metadata_address)
return False
def test_metadata_fetch_no_keys(self):
base_url = "http://169.254.169.254/%s/meta-data/" % (self.VERSION)
hp.register_uri(
hp.GET,
base_url,
status=200,
body="\n".join(["hostname", "instance-id", "ami-launch-index"]),
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "hostname"),
status=200,
body="ec2.fake.host.name.com",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "instance-id"),
status=200,
body="123",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "ami-launch-index"),
status=200,
body="1",
)
md = eu.get_instance_metadata(self.VERSION, retries=0)
self.assertEqual(md["hostname"], "ec2.fake.host.name.com")
self.assertEqual(md["instance-id"], "123")
self.assertEqual(md["ami-launch-index"], "1")
def test_metadata_fetch_bdm(self):
base_url = 'http://169.254.169.254/%s/meta-data/' % (self.VERSION)
hp.register_uri(hp.GET, base_url, status=200,
body="\n".join(['hostname',
'instance-id',
'block-device-mapping/']))
hp.register_uri(hp.GET, uh.combine_url(base_url, 'hostname'),
status=200, body='ec2.fake.host.name.com')
hp.register_uri(hp.GET, uh.combine_url(base_url, 'instance-id'),
status=200, body='123')
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'block-device-mapping/'),
status=200,
body="\n".join(['ami', 'ephemeral0']))
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'block-device-mapping/ami'),
status=200,
body="sdb")
hp.register_uri(hp.GET,
uh.combine_url(base_url,
'block-device-mapping/ephemeral0'),
status=200,
body="sdc")
md = eu.get_instance_metadata(self.VERSION, retries=0, timeout=0.1)
self.assertEqual(md['hostname'], 'ec2.fake.host.name.com')
self.assertEqual(md['instance-id'], '123')
bdm = md['block-device-mapping']
self.assertEqual(2, len(bdm))
self.assertEqual(bdm['ami'], 'sdb')
self.assertEqual(bdm['ephemeral0'], 'sdc')
def test_metadata_fetch_with_2_keys(self):
base_url = 'http://169.254.169.254/%s/meta-data/' % (self.VERSION)
hp.register_uri(hp.GET,
base_url,
status=200,
body="\n".join(
['hostname', 'instance-id', 'public-keys/']))
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'hostname'),
status=200,
body='ec2.fake.host.name.com')
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'instance-id'),
status=200,
body='123')
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'public-keys/'),
status=200,
body="\n".join(['0=my-public-key', '1=my-other-key']))
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'public-keys/0/openssh-key'),
status=200,
body='ssh-rsa AAAA.....wZEf my-public-key')
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'public-keys/1/openssh-key'),
status=200,
body='ssh-rsa AAAA.....wZEf my-other-key')
md = eu.get_instance_metadata(self.VERSION, retries=0, timeout=0.1)
self.assertEquals(md['hostname'], 'ec2.fake.host.name.com')
self.assertEquals(md['instance-id'], '123')
self.assertEquals(2, len(md['public-keys']))
def test_metadata_fetch_no_keys(self):
base_url = "http://169.254.169.254/%s/meta-data" % (self.VERSION)
hp.register_uri(hp.GET, base_url, status=200, body="\n".join(["hostname", "instance-id", "ami-launch-index"]))
hp.register_uri(hp.GET, uh.combine_url(base_url, "hostname"), status=200, body="ec2.fake.host.name.com")
hp.register_uri(hp.GET, uh.combine_url(base_url, "instance-id"), status=200, body="123")
hp.register_uri(hp.GET, uh.combine_url(base_url, "ami-launch-index"), status=200, body="1")
md = eu.get_instance_metadata(self.VERSION, retries=0)
self.assertEquals(md["hostname"], "ec2.fake.host.name.com")
self.assertEquals(md["instance-id"], "123")
self.assertEquals(md["ami-launch-index"], "1")
def crawl_metadata(self):
"""Crawl metadata service when available.
@returns: Dictionary of crawled metadata content containing the keys:
meta-data, user-data and dynamic.
"""
if not self.wait_for_metadata_service():
return {}
api_version = self.get_metadata_api_version()
redact = AWS_TOKEN_REDACT
crawled_metadata = {}
if self.cloud_name == CloudNames.AWS:
exc_cb = self._refresh_stale_aws_token_cb
exc_cb_ud = self._skip_or_refresh_stale_aws_token_cb
else:
exc_cb = exc_cb_ud = None
try:
crawled_metadata["user-data"] = ec2.get_instance_userdata(
api_version,
self.metadata_address,
headers_cb=self._get_headers,
headers_redact=redact,
exception_cb=exc_cb_ud,
)
crawled_metadata["meta-data"] = ec2.get_instance_metadata(
api_version,
self.metadata_address,
headers_cb=self._get_headers,
headers_redact=redact,
exception_cb=exc_cb,
)
if self.cloud_name == CloudNames.AWS:
identity = ec2.get_instance_identity(
api_version,
self.metadata_address,
headers_cb=self._get_headers,
headers_redact=redact,
exception_cb=exc_cb,
)
crawled_metadata["dynamic"] = {"instance-identity": identity}
except Exception:
util.logexc(
LOG,
"Failed reading from metadata address %s",
self.metadata_address,
)
return {}
crawled_metadata["_metadata_api_version"] = api_version
return crawled_metadata
def test_metadata_no_security_credentials(self):
base_url = 'http://169.254.169.254/%s/meta-data/' % (self.VERSION)
hp.register_uri(hp.GET,
base_url,
status=200,
body="\n".join(['instance-id', 'iam/']))
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'instance-id'),
status=200,
body='i-0123451689abcdef0')
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'iam/'),
status=200,
body="\n".join(['info/', 'security-credentials/']))
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'iam/info/'),
status=200,
body='LastUpdated')
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'iam/info/LastUpdated'),
status=200,
body='2016-10-27T17:29:39Z')
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'iam/security-credentials/'),
status=200,
body='ReadOnly/')
hp.register_uri(hp.GET,
uh.combine_url(base_url,
'iam/security-credentials/ReadOnly/'),
status=200,
body="\n".join(['LastUpdated', 'Expiration']))
hp.register_uri(hp.GET,
uh.combine_url(
base_url,
'iam/security-credentials/ReadOnly/LastUpdated'),
status=200,
body='2016-10-27T17:28:17Z')
hp.register_uri(hp.GET,
uh.combine_url(
base_url,
'iam/security-credentials/ReadOnly/Expiration'),
status=200,
body='2016-10-28T00:00:34Z')
md = eu.get_instance_metadata(self.VERSION, retries=0, timeout=0.1)
self.assertEqual(md['instance-id'], 'i-0123451689abcdef0')
iam = md['iam']
self.assertEqual(1, len(iam))
self.assertEqual(iam['info']['LastUpdated'], '2016-10-27T17:29:39Z')
self.assertNotIn('security-credentials', iam)
def test_metadata_fetch_no_keys(self):
base_url = 'http://169.254.169.254/%s/meta-data/' % (self.VERSION)
hp.register_uri(hp.GET, base_url, status=200,
body="\n".join(['hostname',
'instance-id',
'ami-launch-index']))
hp.register_uri(hp.GET, uh.combine_url(base_url, 'hostname'),
status=200, body='ec2.fake.host.name.com')
hp.register_uri(hp.GET, uh.combine_url(base_url, 'instance-id'),
status=200, body='123')
hp.register_uri(hp.GET, uh.combine_url(base_url, 'ami-launch-index'),
status=200, body='1')
md = eu.get_instance_metadata(self.VERSION, retries=0)
self.assertEqual(md['hostname'], 'ec2.fake.host.name.com')
self.assertEqual(md['instance-id'], '123')
self.assertEqual(md['ami-launch-index'], '1')
def test_metadata_fetch_no_keys(self):
base_url = 'http://169.254.169.254/%s/meta-data/' % (self.VERSION)
hp.register_uri(hp.GET, base_url, status=200,
body="\n".join(['hostname',
'instance-id',
'ami-launch-index']))
hp.register_uri(hp.GET, uh.combine_url(base_url, 'hostname'),
status=200, body='ec2.fake.host.name.com')
hp.register_uri(hp.GET, uh.combine_url(base_url, 'instance-id'),
status=200, body='123')
hp.register_uri(hp.GET, uh.combine_url(base_url, 'ami-launch-index'),
status=200, body='1')
md = eu.get_instance_metadata(self.VERSION, retries=0)
self.assertEqual(md['hostname'], 'ec2.fake.host.name.com')
self.assertEqual(md['instance-id'], '123')
self.assertEqual(md['ami-launch-index'], '1')
def test_metadata_fetch_bdm(self):
base_url = "http://169.254.169.254/%s/meta-data/" % (self.VERSION)
hp.register_uri(
hp.GET,
base_url,
status=200,
body="\n".join(
["hostname", "instance-id", "block-device-mapping/"]),
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "hostname"),
status=200,
body="ec2.fake.host.name.com",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "instance-id"),
status=200,
body="123",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "block-device-mapping/"),
status=200,
body="\n".join(["ami", "ephemeral0"]),
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "block-device-mapping/ami"),
status=200,
body="sdb",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "block-device-mapping/ephemeral0"),
status=200,
body="sdc",
)
md = eu.get_instance_metadata(self.VERSION, retries=0, timeout=0.1)
self.assertEqual(md["hostname"], "ec2.fake.host.name.com")
self.assertEqual(md["instance-id"], "123")
bdm = md["block-device-mapping"]
self.assertEqual(2, len(bdm))
self.assertEqual(bdm["ami"], "sdb")
self.assertEqual(bdm["ephemeral0"], "sdc")
def _get_data(self):
seed_ret = {}
if util.read_optional_seed(seed_ret, base=(self.seed_dir + "/")):
self.userdata_raw = seed_ret["user-data"]
self.metadata = seed_ret["meta-data"]
LOG.debug("Using seeded cloudstack data from: %s", self.seed_dir)
return True
try:
if not self.wait_for_metadata_service():
return False
start_time = time.time()
self.userdata_raw = ec2.get_instance_userdata(
self.api_ver, self.metadata_address)
self.metadata = ec2.get_instance_metadata(self.api_ver,
self.metadata_address)
LOG.debug(
"Crawl of metadata service took %s seconds",
int(time.time() - start_time),
)
password_client = CloudStackPasswordServerClient(self.vr_addr)
try:
set_password = password_client.get_password()
except Exception:
util.logexc(
LOG,
"Failed to fetch password from virtual router %s",
self.vr_addr,
)
else:
if set_password:
self.cfg = {
"ssh_pwauth": True,
"password": set_password,
"chpasswd": {
"expire": False,
},
}
return True
except Exception:
util.logexc(
LOG,
"Failed fetching from metadata service %s",
self.metadata_address,
)
return False
def test_metadata_fetch_bdm(self):
base_url = "http://169.254.169.254/%s/meta-data" % (self.VERSION)
hp.register_uri(
hp.GET, base_url, status=200, body="\n".join(["hostname", "instance-id", "block-device-mapping/"])
)
hp.register_uri(hp.GET, uh.combine_url(base_url, "hostname"), status=200, body="ec2.fake.host.name.com")
hp.register_uri(hp.GET, uh.combine_url(base_url, "instance-id"), status=200, body="123")
hp.register_uri(
hp.GET, uh.combine_url(base_url, "block-device-mapping/"), status=200, body="\n".join(["ami", "ephemeral0"])
)
hp.register_uri(hp.GET, uh.combine_url(base_url, "block-device-mapping/ami"), status=200, body="sdb")
hp.register_uri(hp.GET, uh.combine_url(base_url, "block-device-mapping/ephemeral0"), status=200, body="sdc")
md = eu.get_instance_metadata(self.VERSION, retries=0, timeout=0.1)
self.assertEquals(md["hostname"], "ec2.fake.host.name.com")
self.assertEquals(md["instance-id"], "123")
bdm = md["block-device-mapping"]
self.assertEquals(2, len(bdm))
self.assertEquals(bdm["ami"], "sdb")
self.assertEquals(bdm["ephemeral0"], "sdc")
def _crawl_metadata(self):
"""Crawl metadata service when available.
@returns: True on success, False otherwise.
"""
if not self.wait_for_metadata_service():
return False
api_version = self.get_metadata_api_version()
try:
self.userdata_raw = ec2.get_instance_userdata(
api_version, self.metadata_address)
self.metadata = ec2.get_instance_metadata(
api_version, self.metadata_address)
except Exception:
util.logexc(
LOG, "Failed reading from metadata address %s",
self.metadata_address)
return False
return True
def test_metadata_no_security_credentials(self):
base_url = 'http://169.254.169.254/%s/meta-data/' % (self.VERSION)
hp.register_uri(hp.GET, base_url, status=200,
body="\n".join(['instance-id',
'iam/']))
hp.register_uri(hp.GET, uh.combine_url(base_url, 'instance-id'),
status=200, body='i-0123451689abcdef0')
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'iam/'),
status=200,
body="\n".join(['info/', 'security-credentials/']))
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'iam/info/'),
status=200,
body='LastUpdated')
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'iam/info/LastUpdated'),
status=200, body='2016-10-27T17:29:39Z')
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'iam/security-credentials/'),
status=200,
body='ReadOnly/')
hp.register_uri(hp.GET,
uh.combine_url(base_url,
'iam/security-credentials/ReadOnly/'),
status=200,
body="\n".join(['LastUpdated', 'Expiration']))
hp.register_uri(hp.GET,
uh.combine_url(
base_url,
'iam/security-credentials/ReadOnly/LastUpdated'),
status=200, body='2016-10-27T17:28:17Z')
hp.register_uri(hp.GET,
uh.combine_url(
base_url,
'iam/security-credentials/ReadOnly/Expiration'),
status=200, body='2016-10-28T00:00:34Z')
md = eu.get_instance_metadata(self.VERSION, retries=0, timeout=0.1)
self.assertEqual(md['instance-id'], 'i-0123451689abcdef0')
iam = md['iam']
self.assertEqual(1, len(iam))
self.assertEqual(iam['info']['LastUpdated'], '2016-10-27T17:29:39Z')
self.assertNotIn('security-credentials', iam)
def test_metadata_fetch_key(self):
base_url = 'http://169.254.169.254/%s/meta-data/' % (self.VERSION)
hp.register_uri(hp.GET, base_url, status=200,
body="\n".join(['hostname',
'instance-id',
'public-keys/']))
hp.register_uri(hp.GET, uh.combine_url(base_url, 'hostname'),
status=200, body='ec2.fake.host.name.com')
hp.register_uri(hp.GET, uh.combine_url(base_url, 'instance-id'),
status=200, body='123')
hp.register_uri(hp.GET, uh.combine_url(base_url, 'public-keys/'),
status=200, body='0=my-public-key')
hp.register_uri(hp.GET,
uh.combine_url(base_url, 'public-keys/0/openssh-key'),
status=200, body='ssh-rsa AAAA.....wZEf my-public-key')
md = eu.get_instance_metadata(self.VERSION, retries=0, timeout=0.1)
self.assertEqual(md['hostname'], 'ec2.fake.host.name.com')
self.assertEqual(md['instance-id'], '123')
self.assertEqual(1, len(md['public-keys']))
def test_metadata_fetch_with_2_keys(self):
base_url = "http://169.254.169.254/%s/meta-data/" % (self.VERSION)
hp.register_uri(
hp.GET,
base_url,
status=200,
body="\n".join(["hostname", "instance-id", "public-keys/"]),
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "hostname"),
status=200,
body="ec2.fake.host.name.com",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "instance-id"),
status=200,
body="123",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "public-keys/"),
status=200,
body="\n".join(["0=my-public-key", "1=my-other-key"]),
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "public-keys/0/openssh-key"),
status=200,
body="ssh-rsa AAAA.....wZEf my-public-key",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "public-keys/1/openssh-key"),
status=200,
body="ssh-rsa AAAA.....wZEf my-other-key",
)
md = eu.get_instance_metadata(self.VERSION, retries=0, timeout=0.1)
self.assertEqual(md["hostname"], "ec2.fake.host.name.com")
self.assertEqual(md["instance-id"], "123")
self.assertEqual(2, len(md["public-keys"]))
def read_metadata(
metadata_url=METADATA_URL,
api_version=API_VERSION,
password_server_port=PASSWORD_SERVER_PORT,
url_timeout=URL_TIMEOUT,
url_retries=URL_RETRIES,
):
"""Query the metadata server and return the retrieved data."""
crawled_metadata = {}
crawled_metadata["_metadata_api_version"] = api_version
try:
crawled_metadata["user-data"] = ec2.get_instance_userdata(
api_version, metadata_url, timeout=url_timeout, retries=url_retries
)
crawled_metadata["meta-data"] = ec2.get_instance_metadata(
api_version, metadata_url, timeout=url_timeout, retries=url_retries
)
except Exception as e:
util.logexc(
LOG, "failed reading from metadata url %s (%s)", metadata_url, e
)
return {}
try:
crawled_metadata["password"] = get_password(
api_version=api_version,
metadata_url=metadata_url,
password_server_port=password_server_port,
url_retries=url_retries,
url_timeout=url_timeout,
)
except Exception as e:
util.logexc(
LOG,
"failed to read from password server url %s:%s (%s)",
metadata_url,
password_server_port,
e,
)
return crawled_metadata
def get_data(self):
seed_ret = {}
if util.read_optional_seed(seed_ret, base=(self.seed_dir + "/")):
self.userdata_raw = seed_ret['user-data']
self.metadata = seed_ret['meta-data']
LOG.debug("Using seeded cloudstack data from: %s", self.seed_dir)
return True
try:
if not self.wait_for_metadata_service():
return False
start_time = time.time()
self.userdata_raw = ec2.get_instance_userdata(self.api_ver,
self.metadata_address)
self.metadata = ec2.get_instance_metadata(self.api_ver,
self.metadata_address)
LOG.debug("Crawl of metadata service took %s seconds",
int(time.time() - start_time))
return True
except Exception:
util.logexc(LOG, 'Failed fetching from metadata service %s',
self.metadata_address)
return False
def get_data(self):
seed_ret = {}
if util.read_optional_seed(seed_ret, base=(self.seed_dir + "/")):
self.userdata_raw = seed_ret['user-data']
self.metadata = seed_ret['meta-data']
LOG.debug("Using seeded cloudstack data from: %s", self.seed_dir)
return True
try:
if not self.wait_for_metadata_service():
return False
start_time = time.time()
self.userdata_raw = ec2.get_instance_userdata(
self.api_ver, self.metadata_address)
self.metadata = ec2.get_instance_metadata(self.api_ver,
self.metadata_address)
LOG.debug("Crawl of metadata service took %s seconds",
int(time.time() - start_time))
return True
except Exception:
util.logexc(LOG, 'Failed fetching from metadata service %s',
self.metadata_address)
return False
def get_data(self):
seed_ret = {}
if util.read_optional_seed(seed_ret, base=(self.seed_dir + "/")):
self.userdata_raw = seed_ret['user-data']
self.metadata = seed_ret['meta-data']
LOG.debug("Using seeded cloudstack data from: %s", self.seed_dir)
return True
try:
if not self.wait_for_metadata_service():
return False
start_time = time.time()
self.userdata_raw = ec2.get_instance_userdata(
self.api_ver, self.metadata_address)
self.metadata = ec2.get_instance_metadata(self.api_ver,
self.metadata_address)
LOG.debug("Crawl of metadata service took %s seconds",
int(time.time() - start_time))
password_client = CloudStackPasswordServerClient(self.vr_addr)
try:
set_password = password_client.get_password()
except Exception:
util.logexc(LOG,
'Failed to fetch password from virtual router %s',
self.vr_addr)
else:
if set_password:
self.cfg = {
'ssh_pwauth': True,
'password': set_password,
'chpasswd': {
'expire': False,
},
}
return True
except Exception:
util.logexc(LOG, 'Failed fetching from metadata service %s',
self.metadata_address)
return False
def test_metadata_no_security_credentials(self):
base_url = "http://169.254.169.254/%s/meta-data/" % (self.VERSION)
hp.register_uri(
hp.GET,
base_url,
status=200,
body="\n".join(["instance-id", "iam/"]),
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "instance-id"),
status=200,
body="i-0123451689abcdef0",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "iam/"),
status=200,
body="\n".join(["info/", "security-credentials/"]),
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "iam/info/"),
status=200,
body="LastUpdated",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "iam/info/LastUpdated"),
status=200,
body="2016-10-27T17:29:39Z",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "iam/security-credentials/"),
status=200,
body="ReadOnly/",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url, "iam/security-credentials/ReadOnly/"),
status=200,
body="\n".join(["LastUpdated", "Expiration"]),
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url,
"iam/security-credentials/ReadOnly/LastUpdated"),
status=200,
body="2016-10-27T17:28:17Z",
)
hp.register_uri(
hp.GET,
uh.combine_url(base_url,
"iam/security-credentials/ReadOnly/Expiration"),
status=200,
body="2016-10-28T00:00:34Z",
)
md = eu.get_instance_metadata(self.VERSION, retries=0, timeout=0.1)
self.assertEqual(md["instance-id"], "i-0123451689abcdef0")
iam = md["iam"]
self.assertEqual(1, len(iam))
self.assertEqual(iam["info"]["LastUpdated"], "2016-10-27T17:29:39Z")
self.assertNotIn("security-credentials", iam)
def _read_ec2_metadata(self):
return ec2_utils.get_instance_metadata(ssl_details=self.ssl_details,
timeout=self.timeout,
retries=self.retries)
def _read_ec2_metadata(self):
return ec2_utils.get_instance_metadata(ssl_details=self.ssl_details,
timeout=self.timeout,
retries=self.retries)
