Example #1
0
def delete_system_user(user_id, username):
    """
    Delete a system user from Joomla and also delete all accounts on all VMs.

    FIXME: Delete users in a celery task? What do we do if the user can't be deleted, the VM is off, etc????
    """

    user_db = Cvl_users.select(Cvl_users.q.id==user_id).getOne()

    # For each VM that the user is a member of:
    for vm_id, vm_ip, vm_name in cvlsql.get_users_vms(user_id):
        # Delete the user's account on the VM.
        try:
            cvlfabric.env.hosts = [vm_ip]
            cvlfabric.execute(cvlfabric.delete_user, username=username, warn_only=True)
        except:
            logging.error('Could not delete user %s from VM %s' % (username, vm_ip,))

        # Remove the mapping from the user to the VM.
        cvlsql.delete_user_from_vm(user_id, vm_id)

    # Remove the user's user_group mapping:
    Cvl_user_usergroup_map.delete(Cvl_user_usergroup_map.select(Cvl_user_usergroup_map.q.id==user_id).getOne().id)

    # Remove the user record.
    Cvl_users.delete(user_id)
Example #2
0
def new_system_user(user_full_name, username, raw_password, joomla_password, access_level, email,
                    project_group, organisation, approved_by, created_by, massive_account, vm_id, vm_ip):
    """
    Create a new user (in Joomla) *and* add them to a given VM.

    FIXME Is there no way to create a user without assigning them to a VM?
    """

    # Create an SSH keypair for the new user.
    temp_dir = tempfile.mkdtemp()

    private_key_filename = username
    public_key_filename  = username + '.pub'

    private_key_path    = os.path.join(temp_dir, private_key_filename)
    public_key_path     = os.path.join(temp_dir, public_key_filename)

    exit_code, stdout, stderr = run_shell_command("ssh-keygen -f {private_key_path} -N ''".format(private_key_path=private_key_path))
   
    private_key = b64encode(open(private_key_path, 'r').read())
    public_key  = b64encode(open(public_key_path,  'r').read())

    os.remove(private_key_path)
    os.remove(public_key_path)

    if access_level == enums.UserAccess.Administrator:
        group_access_id = Cvl_usergroups.select(sqlobject.AND(Cvl_usergroups.q.title=='Administrator', Cvl_usergroups.q.parentID==2)).getOne().id # FIXME magic value 2?
    else:
        group_access_id = Cvl_usergroups.select(sqlobject.AND(Cvl_usergroups.q.title=='User',          Cvl_usergroups.q.parentID==2)).getOne().id # FIXME magic value 2?

    encrypted_unix_password = crypt.crypt(raw_password, 'CvlEncryption')

    driver_id   = 0 # FIXME this is not supported
    activation  = '0'
    send_email   = 0
    register_date = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
    logging.debug('Create VM user account .....')

    # FIXME Is OperationState used?
    # FIXME all public and private keys have the same name - this is ok?
    user_record, user_vm_record, user_group_map_record = cvlsql.sql_add_user(user_full_name, username, joomla_password, email, enums.OperationState.Idle,
                                                                             public_key, cvl_config.PUBLIC_KEY_NAME, private_key, cvl_config.PRIVATE_KEY_NAME,
                                                                             massive_account, project_group, group_access_id, approved_by, created_by,
                                                                             driver_id, activation, send_email, register_date, organisation, encrypted_unix_password)



    # FIXME This ought to be a celery task, otherwise a dead VM will stop the process?
    cvlfabric.env.hosts = [vm_ip]
    cvlfabric.execute(cvlfabric.new_user, username=username, password=encrypted_unix_password, public_key=public_key)

    cvlsql.add_user_to_vm(user_record, Cvl_cvl_vm.select(Cvl_cvl_vm.q.vmIp==vm_ip).getOne())

    return user_record.id
Example #3
0
    def run(self, vm_name, username, email, password):
        params = (vm_name, username, password)
        logging.debug('changing password for user %s on VM %s' % (username, vm_name,))
        self.vm_name      = vm_name
        self.username     = username
        self.email        = email
        self.password     = password
        self.vm_ip        = get_vm_info(vm_name)['ip']

        cvlfabric.env.hosts = [self.vm_ip]
        cvlfabric.execute(cvlfabric.change_password, username=username, password=password)
    def JoinServer(self):
        user_db    = Cvl_users.select(Cvl_users.q.id==self.userId).getOne()
        user_vm_db = Cvl_cvl_vm_user.select(Cvl_cvl_vm_user.q.id==self.userId).getOne()
        vm_db      = cvlsql.sql_get_vm(self.serverIp)

        cvlfabric.env.hosts = [self.serverIp]
        cvlfabric.execute(cvlfabric.new_user, username=user_db.username, password=user_vm_db.vmPassword, public_key=user_vm_db.publicKey)

        cvlsql.add_user_to_vm(user_db, vm_db)

        return True
    def AddServer(self):
        #from CvlAddVm import AddVm
        #process = AddVm(self.path, self.userId, self.serverName, self.nectarId)
        #if process.run() == False:
        #    logging.error("Failed to add VM " + self.serverName)
        #    return False
        #return True

        logging.debug('AddServer: ' + str((self.userId, self.serverName, self.nectarId,)))

        try:
            vm_name = self.serverName

            vm_info = utils.get_vm_info(vm_name)
            logging.debug('vm_info: ' + str(vm_info))

            vm_ip       = vm_info['ip']
            vm_ram      = vm_info['ram']
            vm_disk     = vm_info['disk']
            vm_id       = vm_info['id']
            vm_vcpus    = vm_info['vcpus']

            vm_db = cvlsql.sql_add_vm(0, vm_name, vm_id, vm_ip, vm_ram, vm_vcpus, vm_disk, self.projectGroup, self.nectarId)

            logging.debug('Added vm to database: ' + str(vm_db))

            user_db    = Cvl_users.select(Cvl_users.q.id==self.userId).getOne()
            user_vm_db = Cvl_cvl_vm_user.select(Cvl_cvl_vm_user.q.id==self.userId).getOne()

            logging.debug('username: '******'creating user account <%s> on vm %s' % (user_db.username, vm_ip,))

            cvlfabric.env.hosts = [vm_ip]
            cvlfabric.execute(cvlfabric.new_user, username=user_db.username, password=user_vm_db.vmPassword, public_key=user_vm_db.publicKey)
            cvlsql.add_user_to_vm(user_db, vm_db)

            return True
        except:
            logging.debug('error adding unmanaged VM to system: ' + traceback.format_exc())
            return False
    def DeleteServer(self): # FIXME perhaps this should be "DeleteUserFromServer"? What's the deal with DeleteVmUserAccount???
        logging.debug('Deleting user account <%s> on the VM %s' % (self.username, self.serverIp,))

        try:
            cvlfabric.env.hosts = [self.serverIp]
            cvlfabric.execute(cvlfabric.delete_user, username=self.username)
        except:
            logging.error('Could not remove user %s from vm %s: %s' % (self.username, self.serverIp, traceback.format_exc()))
            print 'Could not remove the user %s from the vm %s. Please check if the user is currently logged in.' % (self.username, self.serverIp,)
            return False
 
        try:
            logging.debug('Removing VM user map for user_id = %s to vm_id %s' % (self.userId, self.vmDbId))
            cvlsql.delete_user_from_vm(self.userId, self.vmDbId)
        except:
            logging.error('Error removing user with id %s from vm with id %s.' % (self.userId, self.vmDbId,))
            return False
 
        print 'Deleted user %s from the vm %s.' % (self.username, self.serverIp,)
        return True
Example #7
0
    def run(self, vm_name, username, email, cpu, user_id, path, project_group, nectar_id):
            """
            The main task. Everything happens here, from booting the VM, creating user
            accounts, adding database records, and installing the CVL packages.
            """

            params = (vm_name, username, email, cpu, user_id, path, project_group, nectar_id)
            self.email    = email
            self.username = username
            self.vm_name  = vm_name

            self.update_state(state="PROGRESS", meta={'params': params, 'info': 'starting up...',})

            logging.debug('create_cvl_vm: ' + str((vm_name, username, email, cpu, user_id, path, project_group, nectar_id,)))

            driver = 0 # FIXME this should be in cvl_config? Somewhere?
            flavor = nova_client().flavors.find(vcpus=int(cvl_config.VM_CPU[cpu]))

            password, vm_public_key = get_vm_password_and_key(user_id)
            logging.debug("Retrieved user's VM password and public key")

            # We use vm_name as a unique key for the VM, so boot
            # one if a VM with that name doesn't already exist.
            self.update_state(state="PROGRESS", meta={'params': params, 'info': 'checking for existing VM',})
            try:
                vm = nova_client().servers.find(name=vm_name)
                vm_already_exists = True
                # FIXME need to also check if the ip address matches one already in the database
            except novaclient.exceptions.NotFound:
                try:
                    vm = nova_boot(vm_name, driver, flavor.name)
                    vm_already_exists = False
                except:
                    raise ValueError, 'Failed to run nova_boot: %s' % (traceback.format_exc(),)
            self.vm = vm

            if vm_already_exists:
                raise ValueError, 'Attempt to create VM with name <%s> but a VM already exists with that name' % (vm_name,)

            # Wait for the server to get an IP.
            while get_vm_info(vm_name)['ip'] is None:
                logging.debug('VM has no IP, sleeping...')
                time.sleep(1)

            vm_info = get_vm_info(vm_name)
            logging.debug('VM info: ' + str(vm_info))

            vm_ip       = vm_info['ip']
            vm_ram      = vm_info['ram']
            vm_disk     = vm_info['disk']
            vm_id       = vm_info['id']

            self.vm_db = sql_add_vm(driver, vm_name, vm_id, vm_ip, vm_ram, cpu, vm_disk, project_group, nectar_id)
            add_user_to_vm(Cvl_users.select(Cvl_users.q.username==username).getOne(), self.vm_db)

            self.vm_db.state = enums.VmState.Configuration

            # Wait until we can actually ssh into the server.
            self.update_state(state="PROGRESS", meta={'params': params, 'info': 'waiting for SSH connection to VM',})
            while not can_ssh_to_server(vm_name):
                logging.debug("Can't ssh to %s:%s, sleeping..." % (vm_name, vm_ip,))
                time.sleep(1)

            cvlfabric.env.hosts = [vm_ip]

            self.update_state(state="PROGRESS", meta={'params': params, 'info': 'creating user account on VM',})
            logging.debug('Creating user account <%s> on the VM %s' % (username, vm_ip,))

            try:
                cvlfabric.execute(cvlfabric.new_user, username=username, password=password, public_key=vm_public_key)

                self.update_state(state="PROGRESS", meta={'params': params, 'info': 'creating secondary storage on VM',})
                logging.debug('Creating secondary storage on the VM')
                cvlfabric.execute(cvlfabric.create_secondary_storage)

                self.update_state(state="PROGRESS", meta={'params': params, 'info': 'setting VM hostname',})
                logging.debug('Setting VM\'s hostname')
                cvlfabric.execute(cvlfabric.setup_networking, nice_vm_name=vm_name)

                self.update_state(state="PROGRESS", meta={'params': params, 'info': 'installing base CVL system',})
                logging.debug('Installing base CVL system')
                cvlfabric.execute(cvlfabric.install_cvl_base)

                self.update_state(state="PROGRESS", meta={'params': params, 'info': 'installing CVL system (system extension and imaging tools)',})
                logging.debug('Installing CVL system (system extension and imaging tools)')
                cvlfabric.execute(cvlfabric.install_cvl_system)

                self.update_state(state="PROGRESS", meta={'params': params, 'info': 'installing fail2ban',})
                logging.debug('Installing fail2ban')
                cvlfabric.execute(cvlfabric.install_fail2ban)

            except:
               raise ValueError, traceback.format_exc() # avoid SystemExit...

            self.vm_db.state = enums.VmState.Active

            return params