def delete_system_user(user_id, username):
"""
Delete a system user from Joomla and also delete all accounts on all VMs.
FIXME: Delete users in a celery task? What do we do if the user can't be deleted, the VM is off, etc????
"""
user_db = Cvl_users.select(Cvl_users.q.id==user_id).getOne()
# For each VM that the user is a member of:
for vm_id, vm_ip, vm_name in cvlsql.get_users_vms(user_id):
# Delete the user's account on the VM.
try:
cvlfabric.env.hosts = [vm_ip]
cvlfabric.execute(cvlfabric.delete_user, username=username, warn_only=True)
except:
logging.error('Could not delete user %s from VM %s' % (username, vm_ip,))
# Remove the mapping from the user to the VM.
cvlsql.delete_user_from_vm(user_id, vm_id)
# Remove the user's user_group mapping:
Cvl_user_usergroup_map.delete(Cvl_user_usergroup_map.select(Cvl_user_usergroup_map.q.id==user_id).getOne().id)
# Remove the user record.
Cvl_users.delete(user_id)
def AddServer(self):
#from CvlAddVm import AddVm
#process = AddVm(self.path, self.userId, self.serverName, self.nectarId)
#if process.run() == False:
# logging.error("Failed to add VM " + self.serverName)
# return False
#return True
logging.debug('AddServer: ' + str((self.userId, self.serverName, self.nectarId,)))
try:
vm_name = self.serverName
vm_info = utils.get_vm_info(vm_name)
logging.debug('vm_info: ' + str(vm_info))
vm_ip = vm_info['ip']
vm_ram = vm_info['ram']
vm_disk = vm_info['disk']
vm_id = vm_info['id']
vm_vcpus = vm_info['vcpus']
vm_db = cvlsql.sql_add_vm(0, vm_name, vm_id, vm_ip, vm_ram, vm_vcpus, vm_disk, self.projectGroup, self.nectarId)
logging.debug('Added vm to database: ' + str(vm_db))
user_db = Cvl_users.select(Cvl_users.q.id==self.userId).getOne()
user_vm_db = Cvl_cvl_vm_user.select(Cvl_cvl_vm_user.q.id==self.userId).getOne()
logging.debug('username: '******'creating user account <%s> on vm %s' % (user_db.username, vm_ip,))
cvlfabric.env.hosts = [vm_ip]
cvlfabric.execute(cvlfabric.new_user, username=user_db.username, password=user_vm_db.vmPassword, public_key=user_vm_db.publicKey)
cvlsql.add_user_to_vm(user_db, vm_db)
return True
except:
logging.debug('error adding unmanaged VM to system: ' + traceback.format_exc())
return False
def on_failure(self, exc, task_id, args, kwargs, einfo):
"""
If the run() method throws an exception, we drop into this function.
"""
to = Cvl_users.select(Cvl_users.q.username==self.username).getOne()
subject = 'CVL UM: failed to change password for user %s on VM <%s>' % (self.username, self.vm_name,)
body = 'task_id: %s\nexception: %s\nargs: %s\nkwargs: %s\neinfo: %s' % (task_id, str(exc), str(args), str(kwargs), str(einfo),)
send_email(self.email, subject, body)
def on_success(self, retval, task_id, args, kwargs):
"""
Let the user know about the created (finished) VM.
"""
to = Cvl_users.select(Cvl_users.q.username==self.username).getOne()
subject = 'CVL UM: successfully created <%s> with IP %s' % (self.vm_name, self.vm_db.vmIp,)
body = 'task_id: %s\nretval: %s\nargs: %s\nkwargs: %s\neinfo: %s' % (task_id, str(retval), task_id, str(args), str(kwargs),)
send_email(self.email, subject, body)
def ChangePassword(self):
new_unix_password = crypt.crypt(self.password, "CvlEncryption")
# At this point:
# self.password = new plain text password that the user entered
# self.cryptedPassword = new joomla password
# new_unix_password = new Unix password, encrypted
for (vm_id, vm_ip, vm_name) in cvlsql.get_users_vms(self.userId):
job = utils.ChangePasswordsOnVMs.apply_async([vm_name, self.username, Cvl_users.select(Cvl_users.q.id==self.userId).getOne().email, new_unix_password], kwargs={}, queue='usermanagement')
# Update Joomla password:
Cvl_users.select(Cvl_users.q.id==self.userId).getOne().password = self.cryptedPassword
# Update stored Unix VM password:
Cvl_cvl_vm_user.select(Cvl_cvl_vm_user.q.id==self.userId).getOne().vmPassword = new_unix_password
return True
def JoinServer(self):
user_db = Cvl_users.select(Cvl_users.q.id==self.userId).getOne()
user_vm_db = Cvl_cvl_vm_user.select(Cvl_cvl_vm_user.q.id==self.userId).getOne()
vm_db = cvlsql.sql_get_vm(self.serverIp)
cvlfabric.env.hosts = [self.serverIp]
cvlfabric.execute(cvlfabric.new_user, username=user_db.username, password=user_vm_db.vmPassword, public_key=user_vm_db.publicKey)
cvlsql.add_user_to_vm(user_db, vm_db)
return True
def on_success(self, retval, task_id, args, kwargs):
to = Cvl_users.select(Cvl_users.q.username==self.username).getOne()
subject = 'CVL UM: successfully changed password for user %s on VM <%s> with IP %s' % (self.username, self.vm_name, self.vm_ip,)
body = 'task_id: %s\nretval: %s\nargs: %s\nkwargs: %s\neinfo: %s' % (task_id, str(retval), task_id, str(args), str(kwargs),)
send_email(self.email, subject, body)
def run(self, vm_name, username, email, cpu, user_id, path, project_group, nectar_id):
"""
The main task. Everything happens here, from booting the VM, creating user
accounts, adding database records, and installing the CVL packages.
"""
params = (vm_name, username, email, cpu, user_id, path, project_group, nectar_id)
self.email = email
self.username = username
self.vm_name = vm_name
self.update_state(state="PROGRESS", meta={'params': params, 'info': 'starting up...',})
logging.debug('create_cvl_vm: ' + str((vm_name, username, email, cpu, user_id, path, project_group, nectar_id,)))
driver = 0 # FIXME this should be in cvl_config? Somewhere?
flavor = nova_client().flavors.find(vcpus=int(cvl_config.VM_CPU[cpu]))
password, vm_public_key = get_vm_password_and_key(user_id)
logging.debug("Retrieved user's VM password and public key")
# We use vm_name as a unique key for the VM, so boot
# one if a VM with that name doesn't already exist.
self.update_state(state="PROGRESS", meta={'params': params, 'info': 'checking for existing VM',})
try:
vm = nova_client().servers.find(name=vm_name)
vm_already_exists = True
# FIXME need to also check if the ip address matches one already in the database
except novaclient.exceptions.NotFound:
try:
vm = nova_boot(vm_name, driver, flavor.name)
vm_already_exists = False
except:
raise ValueError, 'Failed to run nova_boot: %s' % (traceback.format_exc(),)
self.vm = vm
if vm_already_exists:
raise ValueError, 'Attempt to create VM with name <%s> but a VM already exists with that name' % (vm_name,)
# Wait for the server to get an IP.
while get_vm_info(vm_name)['ip'] is None:
logging.debug('VM has no IP, sleeping...')
time.sleep(1)
vm_info = get_vm_info(vm_name)
logging.debug('VM info: ' + str(vm_info))
vm_ip = vm_info['ip']
vm_ram = vm_info['ram']
vm_disk = vm_info['disk']
vm_id = vm_info['id']
self.vm_db = sql_add_vm(driver, vm_name, vm_id, vm_ip, vm_ram, cpu, vm_disk, project_group, nectar_id)
add_user_to_vm(Cvl_users.select(Cvl_users.q.username==username).getOne(), self.vm_db)
self.vm_db.state = enums.VmState.Configuration
# Wait until we can actually ssh into the server.
self.update_state(state="PROGRESS", meta={'params': params, 'info': 'waiting for SSH connection to VM',})
while not can_ssh_to_server(vm_name):
logging.debug("Can't ssh to %s:%s, sleeping..." % (vm_name, vm_ip,))
time.sleep(1)
cvlfabric.env.hosts = [vm_ip]
self.update_state(state="PROGRESS", meta={'params': params, 'info': 'creating user account on VM',})
logging.debug('Creating user account <%s> on the VM %s' % (username, vm_ip,))
try:
cvlfabric.execute(cvlfabric.new_user, username=username, password=password, public_key=vm_public_key)
self.update_state(state="PROGRESS", meta={'params': params, 'info': 'creating secondary storage on VM',})
logging.debug('Creating secondary storage on the VM')
cvlfabric.execute(cvlfabric.create_secondary_storage)
self.update_state(state="PROGRESS", meta={'params': params, 'info': 'setting VM hostname',})
logging.debug('Setting VM\'s hostname')
cvlfabric.execute(cvlfabric.setup_networking, nice_vm_name=vm_name)
self.update_state(state="PROGRESS", meta={'params': params, 'info': 'installing base CVL system',})
logging.debug('Installing base CVL system')
cvlfabric.execute(cvlfabric.install_cvl_base)
self.update_state(state="PROGRESS", meta={'params': params, 'info': 'installing CVL system (system extension and imaging tools)',})
logging.debug('Installing CVL system (system extension and imaging tools)')
cvlfabric.execute(cvlfabric.install_cvl_system)
self.update_state(state="PROGRESS", meta={'params': params, 'info': 'installing fail2ban',})
logging.debug('Installing fail2ban')
cvlfabric.execute(cvlfabric.install_fail2ban)
except:
raise ValueError, traceback.format_exc() # avoid SystemExit...
self.vm_db.state = enums.VmState.Active
return params