def start(nova_client, start_retry_interval, private_key_path, **kwargs):
server = get_server_by_context(nova_client)
if is_external_resource_not_conditionally_created(ctx):
ctx.logger.info('Validating external server is started')
if server.status != SERVER_STATUS_ACTIVE:
raise NonRecoverableError(
'Expected external resource server {0} to be in '
'"{1}" status'.format(server.id, SERVER_STATUS_ACTIVE))
return
if server.status == SERVER_STATUS_ACTIVE:
ctx.logger.info('Server is {0}'.format(server.status))
if ctx.node.properties['use_password']:
private_key = _get_private_key(private_key_path)
ctx.logger.debug('retrieving password for server')
password = server.get_password(private_key)
if not password:
return ctx.operation.retry(
message='Waiting for server to post generated password',
retry_after=start_retry_interval)
ctx.instance.runtime_properties[ADMIN_PASSWORD_PROPERTY] = password
ctx.logger.info('Server has been set with a password')
_set_network_and_ip_runtime_properties(server)
return
server_task_state = getattr(server, OS_EXT_STS_TASK_STATE)
if server.status == SERVER_STATUS_SHUTOFF and \
server_task_state != SERVER_TASK_STATE_POWERING_ON:
ctx.logger.info('Server is in {0} status - starting server...'.format(
SERVER_STATUS_SHUTOFF))
server.start()
server_task_state = SERVER_TASK_STATE_POWERING_ON
if server.status == SERVER_STATUS_BUILD or \
server_task_state == SERVER_TASK_STATE_POWERING_ON:
return ctx.operation.retry(
message='Waiting for server to be in {0} state but is in {1}:{2} '
'state. Retrying...'.format(SERVER_STATUS_ACTIVE,
server.status,
server_task_state),
retry_after=start_retry_interval)
raise NonRecoverableError(
'Unexpected server state {0}:{1}'.format(server.status,
server_task_state))
def start(nova_client, start_retry_interval, private_key_path, **kwargs):
server = get_server_by_context(nova_client)
if is_external_resource_not_conditionally_created(ctx):
ctx.logger.info('Validating external server is started')
if server.status != SERVER_STATUS_ACTIVE:
raise NonRecoverableError(
'Expected external resource server {0} to be in '
'"{1}" status'.format(server.id, SERVER_STATUS_ACTIVE))
return
if server.status == SERVER_STATUS_ACTIVE:
ctx.logger.info('Server is {0}'.format(server.status))
if ctx.node.properties['use_password']:
private_key = _get_private_key(private_key_path)
ctx.logger.debug('retrieving password for server')
password = server.get_password(private_key)
if not password:
return ctx.operation.retry(
message='Waiting for server to post generated password',
retry_after=start_retry_interval)
ctx.instance.runtime_properties[ADMIN_PASSWORD_PROPERTY] = password
ctx.logger.info('Server has been set with a password')
_set_network_and_ip_runtime_properties(server)
return
server_task_state = getattr(server, OS_EXT_STS_TASK_STATE)
if server.status == SERVER_STATUS_SHUTOFF and \
server_task_state != SERVER_TASK_STATE_POWERING_ON:
ctx.logger.info('Server is in {0} status - starting server...'.format(
SERVER_STATUS_SHUTOFF))
server.start()
server_task_state = SERVER_TASK_STATE_POWERING_ON
if server.status == SERVER_STATUS_BUILD or \
server_task_state == SERVER_TASK_STATE_POWERING_ON:
return ctx.operation.retry(
message='Waiting for server to be in {0} state but is in {1}:{2} '
'state. Retrying...'.format(SERVER_STATUS_ACTIVE,
server.status,
server_task_state),
retry_after=start_retry_interval)
raise NonRecoverableError(
'Unexpected server state {0}:{1}'.format(server.status,
server_task_state))
def _delete_routes(neutron_client):
new_router = _prepare_delete_routes_request(neutron_client)
if new_router and new_router.get(ROUTER_OPENSTACK_TYPE):
router_id = new_router[ROUTER_OPENSTACK_TYPE].pop('id')
else:
raise NonRecoverableError(
'Failed while trying to retrieve router instance')
subject = ctx.source if ctx.type == RELATIONSHIP_INSTANCE else ctx
if not is_external_resource_not_conditionally_created(subject):
ctx.logger.info('deleting {0}'.format(ROUTES_OPENSTACK_TYPE))
neutron_client.update_router(router_id, new_router)
else:
ctx.logger.info('not deleting {0} since an external {0} is '
'being used'.format(ROUTES_OPENSTACK_TYPE))
def start(neutron_client, **kwargs):
network_id = ctx.instance.runtime_properties[OPENSTACK_ID_PROPERTY]
if is_external_resource_not_conditionally_created(ctx):
ctx.logger.info('Validating external network is started')
if not neutron_client.show_network(
network_id)['network']['admin_state_up']:
raise NonRecoverableError(
'Expected external resource network {0} to be in '
'"admin_state_up"=True'.format(network_id))
return
neutron_client.update_network(network_id,
{'network': {
'admin_state_up': True
}})
def start(neutron_client, **kwargs):
network_id = get_openstack_id(ctx)
if is_external_resource_not_conditionally_created(ctx):
ctx.logger.info('Validating external network is started')
if not neutron_client.show_network(
network_id)[NETWORK_OPENSTACK_TYPE][ADMIN_STATE_UP]:
raise NonRecoverableError(
'Expected external resource network {0} to be in '
'"admin_state_up"=True'.format(network_id))
return
neutron_client.update_network(
network_id, {NETWORK_OPENSTACK_TYPE: {
ADMIN_STATE_UP: True
}})
def start(neutron_client, **kwargs):
network_id = ctx.instance.runtime_properties[OPENSTACK_ID_PROPERTY]
if is_external_resource_not_conditionally_created(ctx):
ctx.logger.info('Validating external network is started')
if not neutron_client.show_network(
network_id)['network']['admin_state_up']:
raise NonRecoverableError(
'Expected external resource network {0} to be in '
'"admin_state_up"=True'.format(network_id))
return
neutron_client.update_network(
network_id, {
'network': {
'admin_state_up': True
}
})
def creation_validation(nova_client, **kwargs):
def validate_private_key_permissions(private_key_path):
ctx.logger.debug('checking whether private key file {0} has the '
'correct permissions'.format(private_key_path))
if not os.access(private_key_path, os.R_OK):
err = 'private key file {0} is not readable'\
.format(private_key_path)
ctx.logger.error('VALIDATION ERROR: ' + err)
raise NonRecoverableError(err)
ctx.logger.debug('OK: private key file {0} has the correct '
'permissions'.format(private_key_path))
def validate_path_owner(path):
ctx.logger.debug('checking whether directory {0} is owned by the '
'current user'.format(path))
from pwd import getpwnam, getpwuid
user = getuser()
owner = getpwuid(os.stat(path).st_uid).pw_name
current_user_id = str(getpwnam(user).pw_uid)
owner_id = str(os.stat(path).st_uid)
if not current_user_id == owner_id:
err = '{0} is not owned by the current user (it is owned by {1})'\
.format(path, owner)
ctx.logger.warning('VALIDATION WARNING: {0}'.format(err))
return
ctx.logger.debug('OK: {0} is owned by the current user'.format(path))
validate_resource(ctx, nova_client, KEYPAIR_OPENSTACK_TYPE)
private_key_path = _get_private_key_path()
pk_exists = _check_private_key_exists(private_key_path)
if is_external_resource_not_conditionally_created(ctx):
if pk_exists:
if platform.system() == 'Linux':
validate_private_key_permissions(private_key_path)
validate_path_owner(private_key_path)
else:
err = "can't use external keypair: the public key {0} is " \
"available on Openstack, but the private key could not be " \
"found at {1}".format(ctx.node.properties['resource_id'],
private_key_path)
ctx.logger.error('VALIDATION ERROR: {0}'.format(err))
raise NonRecoverableError(err)
else:
if pk_exists:
err = 'private key path already exists: {0}'.format(
private_key_path)
ctx.logger.error('VALIDATION ERROR: {0}'.format(err))
raise NonRecoverableError(err)
else:
err = 'private key directory {0} is not writable'
while private_key_path:
if os.path.isdir(private_key_path):
if not os.access(private_key_path, os.W_OK | os.X_OK):
raise NonRecoverableError(err.format(private_key_path))
else:
break
private_key_path, _ = os.path.split(private_key_path)
ctx.logger.debug('OK: keypair configuration is valid')
def creation_validation(nova_client, **kwargs):
def validate_private_key_permissions(private_key_path):
ctx.logger.debug('checking whether private key file {0} has the '
'correct permissions'.format(private_key_path))
if not os.access(private_key_path, os.R_OK):
err = 'private key file {0} is not readable'\
.format(private_key_path)
ctx.logger.error('VALIDATION ERROR: ' + err)
raise NonRecoverableError(err)
ctx.logger.debug('OK: private key file {0} has the correct '
'permissions'.format(private_key_path))
def validate_path_owner(path):
ctx.logger.debug('checking whether directory {0} is owned by the '
'current user'.format(path))
from pwd import getpwnam, getpwuid
user = getuser()
owner = getpwuid(os.stat(path).st_uid).pw_name
current_user_id = str(getpwnam(user).pw_uid)
owner_id = str(os.stat(path).st_uid)
if not current_user_id == owner_id:
err = '{0} is not owned by the current user (it is owned by {1})'\
.format(path, owner)
ctx.logger.warning('VALIDATION WARNING: {0}'.format(err))
return
ctx.logger.debug('OK: {0} is owned by the current user'.format(path))
validate_resource(ctx, nova_client, KEYPAIR_OPENSTACK_TYPE)
private_key_path = _get_private_key_path()
pk_exists = _check_private_key_exists(private_key_path)
if is_external_resource_not_conditionally_created(ctx):
if pk_exists:
if os.name == 'posix':
validate_private_key_permissions(private_key_path)
validate_path_owner(private_key_path)
else:
err = "can't use external keypair: the public key {0} is " \
"available on Openstack, but the private key could not be " \
"found at {1}".format(ctx.node.properties['resource_id'],
private_key_path)
ctx.logger.error('VALIDATION ERROR: {0}'.format(err))
raise NonRecoverableError(err)
else:
if pk_exists:
err = 'private key path already exists: {0}'.format(
private_key_path)
ctx.logger.error('VALIDATION ERROR: {0}'.format(err))
raise NonRecoverableError(err)
else:
err = 'private key directory {0} is not writable'
while private_key_path:
if os.path.isdir(private_key_path):
if not os.access(private_key_path, os.W_OK | os.X_OK):
raise NonRecoverableError(err.format(private_key_path))
else:
break
private_key_path, _ = os.path.split(private_key_path)
ctx.logger.debug('OK: keypair configuration is valid')
