Beispiel #1
0
    def _confstore_encrypt(self, key, value, cipher):  # noqa: C901
        if not value:
            return value
        cluster_id = grains_get(
            "cluster_id",
            targets=local_minion_id())[local_minion_id()]["cluster_id"]
        component_name = "cortx"
        unique_seed = key.split(self.key_delimiter)[1]

        if "bmc" in key:
            component_name = "cluster"
        elif "storage_enclosure" in key:
            component_name = "storage"
        else:
            unique_seed = cluster_id

        cipher_key = cipher.Cipher.generate_key(cluster_id, component_name)
        try:
            value = cipher.Cipher.decrypt(
                cipher_key, value.encode("utf-8")).decode("utf-8")
        except cipher.CipherInvalidToken:
            logger.warning(
                f"Decryption for {key} failed as key already decrypted ")

        root_node = key.split(self.key_delimiter)[0]

        cipher_key = cipher.Cipher.generate_key(unique_seed, root_node)
        return str(cipher.Cipher.encrypt(cipher_key, bytes(value, 'utf8')),
                   'utf-8')
Beispiel #2
0
    def run(self, targets=ALL_MINIONS):
        """cluster_id assignment

        Execution:
        `provisioner cluster_id`
        Takes no mandatory argument as input.
        Executed only on primary node.

        """
        try:
            node_role = grains_get("roles", local_minion_id())[
                local_minion_id()]["roles"]  # displays as a list

            if node_role[0] != "primary":
                raise ValueError(
                    "Error: ClusterID can be set only in the Primary node "
                    f"of the cluster. Node role received: '{node_role[0]}'.")

            logger.info("This is the Primary node of the cluster.")

            cluster_id_from_pillar = self._get_cluster_id()

            if not cluster_id_from_pillar:
                logger.info("ClusterID not set in pillar data. "
                            "Checking setup file..")

            # double verification
            cluster_id_from_setup = self._initial_check()

            if cluster_id_from_setup == cluster_id_from_pillar:
                logger.info("Bootstrapping completed and ClusterID is set!")

            elif (cluster_id_from_pillar
                  and cluster_id_from_setup != cluster_id_from_pillar):
                logger.error(
                    "Mismatch in cluster_id value between "
                    "setup and pillar data. Setting unique value now.."
                    "\nPossible warning: Check if cluster values "
                    "have been manually tampered with.")

            PillarSet().run('cluster/cluster_id',
                            f'{cluster_id_from_setup}',
                            targets=targets)

            return f"cluster_id: {cluster_id_from_setup}"

        except Exception as exc:
            raise ValueError("Failed: Encountered error while setting "
                             f"cluster_id to Pillar data: {str(exc)}")
    def run(self, *args, **kwargs):
        """pillar_export command execution method.

        Keyword arguments:
        *args: Pillar path in <root_node>/child_node format.
        (default: all pillar data)
        **kwargs: accepts the following keys:
            export_file: Output file for pillar dump
        """

        try:
            full_pillar_load = PillarGet().run(
                *args, targets=local_minion_id())[local_minion_id()]

            # Knock off the unwanted keys
            unwanted_keys = ["mine_functions", "provisioner", "glusterfs"]
            for key in full_pillar_load.copy().keys():
                if key in unwanted_keys:
                    del full_pillar_load[key]

            ip4_interfaces = grains_get(
                "ip4_interfaces",
                targets=local_minion_id())[local_minion_id()]["ip4_interfaces"]

            network_pillar = full_pillar_load["cluster"][
                local_minion_id()]["network"]

            # Update interface IPs
            # Public Management Interface
            mgmt_if_public = ("mgmt0" if "mgmt0" in ip4_interfaces else
                              network_pillar["mgmt"]["interfaces"][0])
            network_pillar["mgmt"]["public_ip"] = (
                ip4_interfaces[mgmt_if_public][0])

            # Public Data Interface
            data_if_public = ("data0" if "data0" in ip4_interfaces else
                              network_pillar["data"]["public_interfaces"][0])
            network_pillar["data"]["public_ip"] = (
                ip4_interfaces[data_if_public][0])

            # Private Data Interface
            data_if_private = ("data0" if "data0" in ip4_interfaces else
                               network_pillar["data"]["private_interfaces"][0])
            network_pillar["data"]["private_ip"] = (
                ip4_interfaces[data_if_private][0])

            convert_data = self._convert_to_str(full_pillar_load, "")

            pillar_dump_file = (kwargs["export_file"] if "export_file"
                                in kwargs else CORTX_CONFIG_DIR)

            Path(CORTX_CONFIG_DIR).mkdir(parents=True, exist_ok=True)
            with open(pillar_dump_file, "w") as file_value:
                json.dump(convert_data, file_value)

            logger.info("SUCCESS: Pillar data exported as JSON to file "
                        f"'{pillar_dump_file}'.")

        except Exception as exc:
            raise ValueError(
                f"Error in translating Pillar data to JSON: {str(exc)}")
    def run(self, targets=ALL_MINIONS):
        """cluster_id assignment

        Execution:
        `provisioner cluster_id`
        Takes no mandatory argument as input.
        Executed only on primary node.

        """
        try:
            node_role = grains_get(
                "roles",
                local_minion_id()
            )[local_minion_id()]["roles"]            # displays as a list

            cluster_id_from_pillar = self._get_cluster_id()

            if node_role[0] != "primary":
                logger.info(
                     f"Role of current node: '{node_role[0]}'."
                )
                cluster_id_from_setup = self._initial_check(
                                        node_role[0],
                                        cluster_id_from_pillar)

            else:
                logger.debug("This is the Primary node of the cluster.")

                if not cluster_id_from_pillar:
                    logger.debug(
                       "ClusterID not set in pillar data. "
                       "Checking setup file.."
                    )

                # double verification
                cluster_id_from_setup = self._initial_check(
                                        node_role[0],
                                        cluster_id_from_pillar)

                if cluster_id_from_setup == cluster_id_from_pillar:
                    logger.debug(
                      "A unique ClusterID is already set!"
                    )

                elif (cluster_id_from_pillar and
                            cluster_id_from_setup != cluster_id_from_pillar):
                    logger.warning(
                       "Mismatch in cluster_id value between "
                       "setup and pillar data. Setting unique value now.."
                       "\nPossible warning: Check if cluster values "
                       "have been manually tampered with."
                    )

                PillarSet().run(
                    'cluster/cluster_id',
                    f'{cluster_id_from_setup}',
                    targets=ALL_MINIONS
                )

                # Ensure cluster-id file is created in all nodes
                StatesApplier.apply(
                       ['components.provisioner.config.cluster_id',
                        'components.system.config.sync_salt'
                       ],
                       targets=ALL_MINIONS
                )

            return f"cluster_id: {cluster_id_from_setup}"

        except Exception as exc:
            raise ValueError(
                "Failed: Encountered error while setting "
                f"cluster_id to Pillar data: {str(exc)}"
            )