def create_server(request): # Normal Response Code: 202 # Error Response Codes: computeFault (400, 500), # serviceUnavailable (503), # unauthorized (401), # badMediaType(415), # itemNotFound (404), # badRequest (400), # serverCapacityUnavailable (503), # overLimit (413) req = utils.get_json_body(request) user_id = request.user_uniq log.info('create_server user: %s request: %s', user_id, req) try: server = req['server'] name = server['name'] metadata = server.get('metadata', {}) assert isinstance(metadata, dict) image_id = server['imageRef'] flavor_id = server['flavorRef'] personality = server.get('personality', []) assert isinstance(personality, list) networks = server.get("networks") if networks is not None: assert isinstance(networks, list) project = server.get("project") except (KeyError, AssertionError): raise faults.BadRequest("Malformed request") volumes = None dev_map = server.get("block_device_mapping_v2") if dev_map is not None: volumes = parse_block_device_mapping(dev_map) # Verify that personalities are well-formed util.verify_personality(personality) # Get flavor (ensure it is active) flavor = util.get_flavor(flavor_id, include_deleted=False) if not flavor.allow_create: msg = ("It is not allowed to create a server from flavor with id '%d'," " see 'allow_create' flavor attribute") raise faults.Forbidden(msg % flavor.id) # Generate password password = util.random_password() vm = servers.create(user_id, name, password, flavor, image_id, metadata=metadata, personality=personality, project=project, networks=networks, volumes=volumes) server = vm_to_dict(vm, detail=True) server['status'] = 'BUILD' server['adminPass'] = password response = render_server(request, server, status=202) return response
def console(vm, console_type): """Arrange for an OOB console of the specified type This method arranges for an OOB console of the specified type. Only consoles of type "vnc" are supported for now. It uses a running instance of vncauthproxy to setup proper VNC forwarding with a random password, then returns the necessary VNC connection info to the caller. """ log.info("Get console VM %s, type %s", vm, console_type) # Use RAPI to get VNC console information for this instance if vm.operstate != "STARTED": raise faults.BadRequest('Server not in ACTIVE state.') if settings.TEST: console_data = {'kind': 'vnc', 'host': 'ganeti_node', 'port': 1000} else: console_data = backend.get_instance_console(vm) if console_data['kind'] != 'vnc': message = 'got console of kind %s, not "vnc"' % console_data['kind'] raise faults.ServiceUnavailable(message) # Let vncauthproxy decide on the source port. # The alternative: static allocation, e.g. # sport = console_data['port'] - 1000 sport = 0 daddr = console_data['host'] dport = console_data['port'] password = util.random_password() if settings.TEST: fwd = {'source_port': 1234, 'status': 'OK'} else: vnc_extra_opts = settings.CYCLADES_VNCAUTHPROXY_OPTS fwd = request_vnc_forwarding(sport, daddr, dport, password, **vnc_extra_opts) if fwd['status'] != "OK": raise faults.ServiceUnavailable('vncauthproxy returned error status') # Verify that the VNC server settings haven't changed if not settings.TEST: if console_data != backend.get_instance_console(vm): raise faults.ServiceUnavailable('VNC Server settings changed.') console = { 'type': 'vnc', 'host': getfqdn(), 'port': fwd['source_port'], 'password': password } return console
def console(vm, console_type): """Arrange for an OOB console of the specified type This method arranges for an OOB console of the specified type. Only consoles of type "vnc" are supported for now. It uses a running instance of vncauthproxy to setup proper VNC forwarding with a random password, then returns the necessary VNC connection info to the caller. """ log.info("Get console VM %s, type %s", vm, console_type) # Use RAPI to get VNC console information for this instance if vm.operstate != "STARTED": raise faults.BadRequest('Server not in ACTIVE state.') if settings.TEST: console_data = {'kind': 'vnc', 'host': 'ganeti_node', 'port': 1000} else: console_data = backend.get_instance_console(vm) if console_data['kind'] != 'vnc': message = 'got console of kind %s, not "vnc"' % console_data['kind'] raise faults.ServiceUnavailable(message) # Let vncauthproxy decide on the source port. # The alternative: static allocation, e.g. # sport = console_data['port'] - 1000 sport = 0 daddr = console_data['host'] dport = console_data['port'] password = util.random_password() if settings.TEST: fwd = {'source_port': 1234, 'status': 'OK'} else: vnc_extra_opts = settings.CYCLADES_VNCAUTHPROXY_OPTS fwd = request_vnc_forwarding(sport, daddr, dport, password, **vnc_extra_opts) if fwd['status'] != "OK": raise faults.ServiceUnavailable('vncauthproxy returned error status') # Verify that the VNC server settings haven't changed if not settings.TEST: if console_data != backend.get_instance_console(vm): raise faults.ServiceUnavailable('VNC Server settings changed.') console = { 'type': 'vnc', 'host': getfqdn(), 'port': fwd['source_port'], 'password': password} return console
def create_server(request): # Normal Response Code: 202 # Error Response Codes: computeFault (400, 500), # serviceUnavailable (503), # unauthorized (401), # badMediaType(415), # itemNotFound (404), # badRequest (400), # serverCapacityUnavailable (503), # overLimit (413) req = utils.get_request_dict(request) user_id = request.user_uniq log.info('create_server user: %s request: %s', user_id, req) try: server = req['server'] name = server['name'] metadata = server.get('metadata', {}) assert isinstance(metadata, dict) image_id = server['imageRef'] flavor_id = server['flavorRef'] personality = server.get('personality', []) assert isinstance(personality, list) networks = server.get("networks") if networks is not None: assert isinstance(networks, list) except (KeyError, AssertionError): raise faults.BadRequest("Malformed request") # Verify that personalities are well-formed util.verify_personality(personality) # Get image information image = util.get_image_dict(image_id, user_id) # Get flavor (ensure it is active) flavor = util.get_flavor(flavor_id, include_deleted=False) if not flavor.allow_create: msg = ("It is not allowed to create a server from flavor with id '%d'," " see 'allow_create' flavor attribute") raise faults.Forbidden(msg % flavor.id) # Generate password password = util.random_password() vm = servers.create(user_id, name, password, flavor, image, metadata=metadata, personality=personality, networks=networks) server = vm_to_dict(vm, detail=True) server['status'] = 'BUILD' server['adminPass'] = password response = render_server(request, server, status=202) return response
def create_server(request): # Normal Response Code: 202 # Error Response Codes: computeFault (400, 500), # serviceUnavailable (503), # unauthorized (401), # badMediaType(415), # itemNotFound (404), # badRequest (400), # serverCapacityUnavailable (503), # overLimit (413) req = utils.get_request_dict(request) log.info('create_server %s', req) user_id = request.user_uniq try: server = req['server'] name = server['name'] metadata = server.get('metadata', {}) assert isinstance(metadata, dict) image_id = server['imageRef'] flavor_id = server['flavorRef'] personality = server.get('personality', []) assert isinstance(personality, list) except (KeyError, AssertionError): raise faults.BadRequest("Malformed request") # Verify that personalities are well-formed util.verify_personality(personality) # Get image information image = util.get_image_dict(image_id, user_id) # Get flavor (ensure it is active) flavor = util.get_flavor(flavor_id, include_deleted=False) # Generate password password = util.random_password() vm = do_create_server(user_id, name, password, flavor, image, metadata=metadata, personality=personality) server = vm_to_dict(vm, detail=True) server['status'] = 'BUILD' server['adminPass'] = password response = render_server(request, server, status=202) return response
def get_console(request, vm, args): """Arrange for an OOB console of the specified type This method arranges for an OOB console of the specified type. Only consoles of type "vnc" are supported for now. It uses a running instance of vncauthproxy to setup proper VNC forwarding with a random password, then returns the necessary VNC connection info to the caller. """ # Normal Response Code: 200 # Error Response Codes: computeFault (400, 500), # serviceUnavailable (503), # unauthorized (401), # badRequest (400), # badMediaType(415), # itemNotFound (404), # buildInProgress (409), # overLimit (413) log.info("Get console VM %s", vm) console_type = args.get('type', '') if (console_type != 'vnc' and console_type != 'wsvnc'): raise faults.BadRequest('Type can only be "vnc" or "wsvnc."') # Use RAPI to get VNC console information for this instance if get_rsapi_state(vm) != 'ACTIVE': raise faults.BadRequest('Server not in ACTIVE state.') if settings.TEST: console_data = {'kind': 'vnc', 'host': 'ganeti_node', 'port': 1000} else: console_data = backend.get_instance_console(vm) if console_data['kind'] != 'vnc': message = 'got console of kind %s, not "vnc"' % console_data['kind'] raise faults.ServiceUnavailable(message) # Let vncauthproxy decide on the source port. # The alternative: static allocation, e.g. # sport = console_data['port'] - 1000 sport = 27631 daddr = console_data['host'] dport = console_data['port'] password = random_password() if settings.TEST: fwd = {'source_port': 1234, 'status': 'OK'} else: fwd = request_vnc_forwarding(sport, daddr, dport, password,auth_user="******",auth_password="******",console_type=console_type) #fwd = request_vnc_forwarding(sport, daddr, dport, password) if fwd['status'] != "OK": raise faults.ServiceUnavailable('vncauthproxy returned error status') # Verify that the VNC server settings haven't changed if not settings.TEST: if console_data != backend.get_instance_console(vm): raise faults.ServiceUnavailable('VNC Server settings changed.') console = { 'type': console_type, 'host': getfqdn(), 'port': fwd['source_port'], 'password': password} if request.serialization == 'xml': mimetype = 'application/xml' data = render_to_string('console.xml', {'console': console}) else: mimetype = 'application/json' data = json.dumps({'console': console}) return HttpResponse(data, mimetype=mimetype, status=200)
def console(vm, console_type): """Arrange for an OOB console of the specified type This method arranges for an OOB console of the specified type. Only consoles of type "vnc" are supported for now. It uses a running instance of vncauthproxy to setup proper VNC forwarding with a random password, then returns the necessary VNC connection info to the caller. """ log.info("Get console VM %s, type %s", vm, console_type) if vm.operstate != "STARTED": raise faults.BadRequest('Server not in ACTIVE state.') # Use RAPI to get VNC console information for this instance # RAPI GetInstanceConsole() returns endpoints to the vnc_bind_address, # which is a cluster-wide setting, either 0.0.0.0 or 127.0.0.1, and pretty # useless (see #783). # # Until this is fixed on the Ganeti side, construct a console info reply # directly. # # WARNING: This assumes that VNC runs on port network_port on # the instance's primary node, and is probably # hypervisor-specific. def get_console_data(i): return {"kind": "vnc", "host": i["pnode"], "port": i["network_port"]} with pooled_rapi_client(vm) as c: i = c.GetInstance(vm.backend_vm_id) console_data = get_console_data(i) if vm.backend.hypervisor == "kvm" and i['hvparams']['serial_console']: raise Exception("hv parameter serial_console cannot be true") # Check that the instance is really running if not i["oper_state"]: log.warning("VM '%s' is marked as '%s' in DB while DOWN in Ganeti", vm.id, vm.operstate) # Instance is not running. Mock a shutdown job to sync DB backend.process_op_status(vm, etime=datetime.now(), jobid=0, opcode="OP_INSTANCE_SHUTDOWN", status="success", logmsg="Reconciliation simulated event") raise faults.BadRequest('Server not in ACTIVE state.') # Let vncauthproxy decide on the source port. # The alternative: static allocation, e.g. # sport = console_data['port'] - 1000 sport = 0 daddr = console_data['host'] dport = console_data['port'] password = util.random_password() vnc_extra_opts = settings.CYCLADES_VNCAUTHPROXY_OPTS # Maintain backwards compatibility with the dict setting if isinstance(vnc_extra_opts, list): vnc_extra_opts = choice(vnc_extra_opts) fwd = request_vnc_forwarding(sport, daddr, dport, password, console_type=console_type, **vnc_extra_opts) if fwd['status'] != "OK": log.error("vncauthproxy returned error status: '%s'" % fwd) raise faults.ServiceUnavailable('vncauthproxy returned error status') # Verify that the VNC server settings haven't changed with pooled_rapi_client(vm) as c: i = c.GetInstance(vm.backend_vm_id) if get_console_data(i) != console_data: raise faults.ServiceUnavailable('VNC Server settings changed.') try: host = fwd['proxy_address'] except KeyError: host = getfqdn() console = { 'type': console_type, 'host': host, 'port': fwd['source_port'], 'password': password } return console
def get_console(request, vm, args): """Arrange for an OOB console of the specified type This method arranges for an OOB console of the specified type. Only consoles of type "vnc" are supported for now. It uses a running instance of vncauthproxy to setup proper VNC forwarding with a random password, then returns the necessary VNC connection info to the caller. """ # Normal Response Code: 200 # Error Response Codes: computeFault (400, 500), # serviceUnavailable (503), # unauthorized (401), # badRequest (400), # badMediaType(415), # itemNotFound (404), # buildInProgress (409), # overLimit (413) log.info("Get console VM %s", vm) console_type = args.get('type', '') if (console_type != 'vnc' and console_type != 'wsvnc'): raise faults.BadRequest('Type can only be "vnc" or "wsvnc."') # Use RAPI to get VNC console information for this instance if get_rsapi_state(vm) != 'ACTIVE': raise faults.BadRequest('Server not in ACTIVE state.') if settings.TEST: console_data = {'kind': 'vnc', 'host': 'ganeti_node', 'port': 1000} else: console_data = backend.get_instance_console(vm) if console_data['kind'] != 'vnc': message = 'got console of kind %s, not "vnc"' % console_data['kind'] raise faults.ServiceUnavailable(message) # Let vncauthproxy decide on the source port. # The alternative: static allocation, e.g. # sport = console_data['port'] - 1000 sport = 27631 daddr = console_data['host'] dport = console_data['port'] password = random_password() if settings.TEST: fwd = {'source_port': 1234, 'status': 'OK'} else: fwd = request_vnc_forwarding(sport, daddr, dport, password, auth_user="******", auth_password="******", console_type=console_type) #fwd = request_vnc_forwarding(sport, daddr, dport, password) if fwd['status'] != "OK": raise faults.ServiceUnavailable('vncauthproxy returned error status') # Verify that the VNC server settings haven't changed if not settings.TEST: if console_data != backend.get_instance_console(vm): raise faults.ServiceUnavailable('VNC Server settings changed.') console = { 'type': console_type, 'host': getfqdn(), 'port': fwd['source_port'], 'password': password } if request.serialization == 'xml': mimetype = 'application/xml' data = render_to_string('console.xml', {'console': console}) else: mimetype = 'application/json' data = json.dumps({'console': console}) return HttpResponse(data, mimetype=mimetype, status=200)
def create_server(request): # Normal Response Code: 202 # Error Response Codes: computeFault (400, 500), # serviceUnavailable (503), # unauthorized (401), # badMediaType(415), # itemNotFound (404), # badRequest (400), # serverCapacityUnavailable (503), # overLimit (413) req = utils.get_json_body(request) credentials = request.credentials user_id = credentials.userid log.info("User: %s, Action: create_server, Request: %s", user_id, req) try: server = req['server'] name = server['name'] metadata = server.get('metadata', {}) assert isinstance(metadata, dict) image_id = server['imageRef'] flavor_id = server['flavorRef'] personality = server.get('personality', []) assert isinstance(personality, list) networks = server.get("networks") if networks is not None: assert isinstance(networks, list) project = server.get("project") shared_to_project = server.get("shared_to_project", False) key_name = server.get('key_name') user_data = server.get('user_data', "") SNF_key_names = server.get('SNF:key_names', []) assert isinstance(SNF_key_names, list) except (KeyError, AssertionError): raise faults.BadRequest("Malformed request") volumes = None dev_map = server.get("block_device_mapping_v2") if dev_map is not None: allowed_types = VOLUME_SOURCE_TYPES[:] if snapshots_enabled_for_user(request.user): allowed_types.append('snapshot') volumes = parse_block_device_mapping(dev_map, allowed_types) # If no project is provided, use the user's system project as default. if project is None: project = user_id # Verify that personalities are well-formed util.verify_personality(personality) # Verify that user_data are well-formed util.verify_user_data(user_data) # Get flavor (ensure it is active and project has access) flavor = util.get_flavor(flavor_id, credentials, include_deleted=False, for_project=project) if not util.can_create_flavor(flavor, request.user): msg = ("It is not allowed to create a server from flavor with id '%d'," " see 'allow_create' flavor attribute") raise faults.Forbidden(msg % flavor.id) # Generate password password = util.random_password() if key_name is not None: # If both key_name and SNF:key_names are provided we should # raise an error if len(SNF_key_names) > 0: raise faults.BadRequest('Only one of the SNF:key_names and' 'key_name can be set') # If only key_name is provided then we will set key_names as # a list with only one element else: key_names = [key_name] else: # In case key_name is not provided we will set key_names to the # value of SNF:key_names. We don't need to check if it is provided # since even if it is not, its value will be [] # Remove duplicate key names key_names = list(set(SNF_key_names)) vm = servers.create(credentials, name, password, flavor, image_id, metadata=metadata, personality=personality, user_data=user_data, project=project, networks=networks, volumes=volumes, shared_to_project=shared_to_project, key_names=key_names) log.info("User %s created VM %s, shared: %s", user_id, vm.id, shared_to_project) server = vm_to_dict(vm, detail=True) server['status'] = 'BUILD' server['adminPass'] = password set_password_in_cache(server['id'], password) response = render_server(request, server, status=202) return response
def console(vm, console_type): """Arrange for an OOB console of the specified type This method arranges for an OOB console of the specified type. Only consoles of type "vnc" are supported for now. It uses a running instance of vncauthproxy to setup proper VNC forwarding with a random password, then returns the necessary VNC connection info to the caller. """ log.info("Get console VM %s, type %s", vm, console_type) if vm.operstate != "STARTED": raise faults.BadRequest('Server not in ACTIVE state.') # Use RAPI to get VNC console information for this instance # RAPI GetInstanceConsole() returns endpoints to the vnc_bind_address, # which is a cluster-wide setting, either 0.0.0.0 or 127.0.0.1, and pretty # useless (see #783). # # Until this is fixed on the Ganeti side, construct a console info reply # directly. # # WARNING: This assumes that VNC runs on port network_port on # the instance's primary node, and is probably # hypervisor-specific. def get_console_data(i): return {"kind": "vnc", "host": i["pnode"], "port": i["network_port"]} with pooled_rapi_client(vm) as c: i = c.GetInstance(vm.backend_vm_id) console_data = get_console_data(i) if vm.backend.hypervisor == "kvm" and i['hvparams']['serial_console']: raise Exception("hv parameter serial_console cannot be true") # Check that the instance is really running if not i["oper_state"]: log.warning("VM '%s' is marked as '%s' in DB while DOWN in Ganeti", vm.id, vm.operstate) # Instance is not running. Mock a shutdown job to sync DB backend.process_op_status(vm, etime=datetime.now(), jobid=0, opcode="OP_INSTANCE_SHUTDOWN", status="success", logmsg="Reconciliation simulated event") raise faults.BadRequest('Server not in ACTIVE state.') # Let vncauthproxy decide on the source port. # The alternative: static allocation, e.g. # sport = console_data['port'] - 1000 sport = 0 daddr = console_data['host'] dport = console_data['port'] password = util.random_password() vnc_extra_opts = settings.CYCLADES_VNCAUTHPROXY_OPTS # Maintain backwards compatibility with the dict setting if isinstance(vnc_extra_opts, list): vnc_extra_opts = choice(vnc_extra_opts) fwd = request_vnc_forwarding(sport, daddr, dport, password, console_type=console_type, **vnc_extra_opts) if fwd['status'] != "OK": log.error("vncauthproxy returned error status: '%s'" % fwd) raise faults.ServiceUnavailable('vncauthproxy returned error status') # Verify that the VNC server settings haven't changed with pooled_rapi_client(vm) as c: i = c.GetInstance(vm.backend_vm_id) if get_console_data(i) != console_data: raise faults.ServiceUnavailable('VNC Server settings changed.') try: host = fwd['proxy_address'] except KeyError: host = getfqdn() console = { 'type': console_type, 'host': host, 'port': fwd['source_port'], 'password': password} return console