def _got_sshfp(ignored):
retries = LISTEN_RETRIES
while True:
try:
install_server(publichost, admin_privkey_path, monitor_pubkey,
monitor_privkey_path, stdout, stderr)
break
except NotListeningError:
retries -= 1
if retries <= 0:
print >>stdout, "Timed out waiting for EC2 instance to listen for ssh connections."
raise TimeoutError()
print >>stdout, "Waiting another %d seconds..." % (LISTEN_POLL_TIME)
time.sleep(LISTEN_POLL_TIME)
continue
furl = bounce_server(publichost, admin_privkey_path, privatehost, useraccesskeyid,
usersecretkey, usertoken, producttoken, bucketname, oldsecrets,
stdout, stderr, secretsfile)
# XXX We'll have to ammend this:
initialize_statmover_source(publichost, monitor_privkey_path, admin_privkey_path,
sinkname_suffix, [instance.instance_id, 'SSEC2s'])
# XXX We probably need to rethink this:
append_record(FilePath(serverinfopath), instance.launch_time, instance.instance_id,
publichost)
print >>stderr, "Signup done."
d4 = defer.succeed(None)
if not oldsecrets:
d4.addCallback(lambda ign: send_signup_confirmation(publichost, customer_name,
customer_email, furl,
customer_keyinfo,
stdout, stderr) )
return d4
def _got_sshfp(ignored):
retries = LISTEN_RETRIES
while True:
try:
install_server(publichost, admin_privkey_path, monitor_pubkey,
monitor_privkey_path, stdout, stderr)
break
except NotListeningError:
retries -= 1
if retries <= 0:
print >>stdout, "Timed out waiting for EC2 instance to listen for ssh connections."
raise TimeoutError()
print >>stdout, "Waiting another %d seconds..." % (LISTEN_POLL_TIME)
time.sleep(LISTEN_POLL_TIME)
continue
furl = bounce_server(publichost, admin_privkey_path, privatehost, useraccesskeyid,
usersecretkey, usertoken, producttoken, bucketname, oldsecrets,
stdout, stderr, secretsfile)
# Disabled for now.
#initialize_statmover_source(publichost, monitor_privkey_path, admin_privkey_path,
# sinkname_suffix, [instance.instance_id, 'SSEC2s'])
# XXX We probably need to rethink this:
append_record(FilePath(serverinfopath), instance.launch_time, instance.instance_id,
publichost)
print >>stderr, "Signup done."
d4 = defer.succeed(None)
if not oldsecrets:
d4.addCallback(lambda ign: send_signup_confirmation(publichost, customer_name,
customer_email, furl,
customer_keyinfo,
stdout, stderr) )
return d4
if len(sys.argv) < 9:
print "Usage: python setup_server.py PUBLIC_IP PRIVATE_IP USER_ACCESS_KEY_ID USER_SECRET_KEY USER_TOKEN LONG_PRODUCT_TOKEN BUCKET_NAME SECRETS_PATH [--no-install]"
print "Happy set-upping!"
sys.exit(1)
publicip = sys.argv[1]
privateip = sys.argv[2]
useraccesskeyid = sys.argv[3]
usersecretkey = sys.argv[4]
usertoken = sys.argv[5]
producttoken = sys.argv[6]
bucketname = sys.argv[7]
secretspath = sys.argv[8]
ec2_privkey_path = '../secret_config/EC2adminkeys2.pem'
monitor_pubkey = FilePath('../secret_config/EC2monitorkeys2.pub').getContent().strip()
monitor_privkey_path = '../secret_config/EC2monitorkeys2.pem'
try:
secretsfile = open(secretspath, 'a')
if "--no-install" not in sys.argv:
install_server(publicip, ec2_privkey_path, monitor_pubkey, monitor_privkey_path, sys.stdout, sys.stderr)
bounce_server(publicip, ec2_privkey_path, privateip, useraccesskeyid, usersecretkey, usertoken, producttoken, bucketname,
None, sys.stdout, sys.stderr, secretsfile)
finally:
secretsfile.close()
self.RUNARGS_FIFO = fifo([
('rm -f /home/customer/introducer/introducer.furl', False, {}),
('LAFS_source/bin/tahoe restart introducer && sleep 5', False, {}),
('cat /home/customer/introducer/introducer.furl', False, {}),
('chmod u+w /home/customer/storageserver/private/s3* || echo Assuming there are no existing s3 secret files.', False, {}),
('LAFS_source/bin/tahoe restart storageserver && sleep 5', False, {}),
('ps -fC tahoe', False, {}),
('netstat -atW', False, {}),
('crontab /home/customer/ctab', False, {}),
('cat /home/customer/introducer/private/node.pem', False, {}),
('cat /home/customer/introducer/my_nodeid', False, {}),
('cat /home/customer/storageserver/private/node.pem', False, {}),
('cat /home/customer/storageserver/my_nodeid', False, {})
])
self.SUDOARGS_FIFO = []
self.WRITEARGS_FIFO = fifo([
(INTRODUCER_PORT + '\n', '/home/customer/introducer/introducer.port', False, None),
(SERVER_PORT + '\n', '/home/customer/storageserver/client.port', False, None),
(test_tahoe_cfg, '/home/customer/storageserver/tahoe.cfg', False, None),
(SECRETACCESSKEY, '/home/customer/storageserver/private/s3secret', False, 0440),
(USERTOKEN, '/home/customer/storageserver/private/s3usertoken', False, 0440),
(PRODUCTTOKEN, '/home/customer/storageserver/private/s3producttoken', False, 0440),
(RESTART_SCRIPT, '/home/customer/restart.sh', False, 0750),
('@reboot /home/customer/restart.sh\n', '/home/customer/ctab', False, None)
])
server.bounce_server(MHOSTNAME, ADMINPRIVKEYPATH, MPRIVHOST, ACCESSKEYID, \
SECRETACCESSKEY, USERTOKEN, PRODUCTTOKEN, BUCKETNAME, None, \
STDOUT, STDERR, MSECRETSFILE, self.CONFIGFILEPATH)
self._check_all_done()
def test_bounce_server(self):
def call_set_host_and_key(publichost, admin_privkey_path, username):
self.failUnlessEqual(publichost, '0.0.0.0')
self.failUnlessEqual(admin_privkey_path, 'mockEC2adminkeys.pem')
self.failUnlessEqual(username, 'customer')
self.patch(server, 'set_host_and_key', call_set_host_and_key)
def call_api_run(argstring, pty, **kwargs):
self.failUnlessEqual(self.RUNARGS_FIFO.pop(),
(argstring, pty, kwargs))
if argstring == 'whoami':
return self.WHOAMI_FIFO.pop()
if argstring == 'cat /home/customer/introducer/introducer.furl':
return INTERNALINTROFURL
self.patch(api, 'run', call_api_run)
MHOSTNAME = '0.0.0.0'
ADMINPRIVKEYPATH = 'mockEC2adminkeys.pem'
MPRIVHOST = '1.1.1.1'
ACCESSKEYID = 'TEST' + 'A' * 16
SECRETACCESSKEY = 'TEST' + 'A' * 36
USERTOKEN = 'TESTUSERTOKEN' + 'A' * 385
PRODUCTTOKEN = 'TESTPRODUCTTOKEN' + 'A' * 295
BUCKETNAME = 'foooooo'
STDOUT = StringIO()
STDERR = StringIO()
MSECRETSFILE = StringIO()
INTERNALINTROFURL = 'pb://TUBID@LOCATION/SWISSNUM'
from lae_automation.server import TAHOE_CFG_TEMPLATE
from lae_automation.server import RESTART_SCRIPT
test_tahoe_cfg = TAHOE_CFG_TEMPLATE % {
'nickname': BUCKETNAME,
'publichost': MHOSTNAME,
'privatehost': MPRIVHOST,
'introducer_furl': INTERNALINTROFURL,
'access_key_id': ACCESSKEYID,
'bucket_name': BUCKETNAME,
'incident_gatherer_furl': "MOCK_incident_gatherer_furl",
'stats_gatherer_furl': "MOCK_stats_gatherer_furl"
}
self.WHOAMI_FIFO = []
self.RUNARGS_FIFO = fifo([
('rm -f /home/customer/introducer/introducer.furl /home/customer/introducer/logport.furl',
False, {}),
('LAFS_source/bin/tahoe restart introducer && sleep 5', False, {}),
('cat /home/customer/introducer/introducer.furl', False, {}),
('chmod u+w /home/customer/storageserver/private/s3* || echo Assuming there are no existing s3 secret files.',
False, {}),
('LAFS_source/bin/tahoe restart storageserver && sleep 5', False,
{}),
('ps -fC tahoe', False, {}),
('netstat -atW', False, {}),
('crontab /home/customer/ctab', False, {}),
('cat /home/customer/introducer/private/node.pem', False, {}),
('cat /home/customer/introducer/my_nodeid', False, {}),
('cat /home/customer/storageserver/private/node.pem', False, {}),
('cat /home/customer/storageserver/my_nodeid', False, {}),
('if [[ -e /home/customer/storageserver/private/node.privkey ]]; then cat /home/customer/storageserver/private/node.privkey; fi',
False, {}),
])
self.SUDOARGS_FIFO = []
self.WRITEARGS_FIFO = fifo([
(INTRODUCER_PORT + '\n',
'/home/customer/introducer/introducer.port', False, None),
(SERVER_PORT + '\n', '/home/customer/storageserver/client.port',
False, None),
(test_tahoe_cfg, '/home/customer/storageserver/tahoe.cfg', False,
None),
(SECRETACCESSKEY, '/home/customer/storageserver/private/s3secret',
False, 0640),
(USERTOKEN, '/home/customer/storageserver/private/s3usertoken',
False, 0640),
(PRODUCTTOKEN,
'/home/customer/storageserver/private/s3producttoken', False,
0640), (RESTART_SCRIPT, '/home/customer/restart.sh', False, 0750),
('@reboot /home/customer/restart.sh\n', '/home/customer/ctab',
False, None)
])
server.bounce_server(MHOSTNAME, ADMINPRIVKEYPATH, MPRIVHOST, ACCESSKEYID, \
SECRETACCESSKEY, USERTOKEN, PRODUCTTOKEN, BUCKETNAME, None, \
STDOUT, STDERR, MSECRETSFILE, self.CONFIGFILEPATH)
self._check_all_done()
print "Usage: python setup_server.py PUBLIC_IP PRIVATE_IP USER_ACCESS_KEY_ID USER_SECRET_KEY USER_TOKEN LONG_PRODUCT_TOKEN BUCKET_NAME SECRETS_PATH [--no-install]"
print "Happy set-upping!"
sys.exit(1)
publicip = sys.argv[1]
privateip = sys.argv[2]
useraccesskeyid = sys.argv[3]
usersecretkey = sys.argv[4]
usertoken = sys.argv[5]
producttoken = sys.argv[6]
bucketname = sys.argv[7]
secretspath = sys.argv[8]
ec2_privkey_path = '../secret_config/EC2adminkeys2.pem'
monitor_pubkey = FilePath(
'../secret_config/EC2monitorkeys2.pub').getContent().strip()
monitor_privkey_path = '../secret_config/EC2monitorkeys2.pem'
try:
secretsfile = open(secretspath, 'a')
if "--no-install" not in sys.argv:
install_server(publicip, ec2_privkey_path, monitor_pubkey,
monitor_privkey_path, sys.stdout, sys.stderr)
bounce_server(publicip, ec2_privkey_path, privateip, useraccesskeyid,
usersecretkey, usertoken, producttoken, bucketname, None,
sys.stdout, sys.stderr, secretsfile)
finally:
secretsfile.close()
