def install_vm(session,
urlvhdbz2,
sruuid,
vmname='CoreOs-%d' % (random.randint(0, 1000)),
templatename='CoreOS'):
# devmode only
log.info("install_vm from url %s to sr %s" % (urlvhdbz2, sruuid))
atempfile = tempfile.mkstemp(suffix='.vhd.bz2')[1]
atempfileunpacked = atempfile.replace('.bz2', '')
# @todo: pipe instead, so the file never actually touches Dom0
cmd = ['curl', '-o', atempfile, urlvhdbz2]
util.runlocal(cmd)
try:
cmd = ['bzip2', '-d', atempfile]
util.runlocal(cmd)
vdiref = api_helper.import_disk(session, sruuid, atempfileunpacked,
'vhd', 'Disk')
finally:
if os.path.exists(atempfile):
os.remove(atempfile)
if os.path.exists(atempfileunpacked):
os.remove(atempfileunpacked)
templateref = session.xenapi.VM.get_by_name_label(templatename)[0]
vmref = session.xenapi.VM.clone(templateref, vmname)
vmuuid = session.xenapi.VM.get_record(vmref)['uuid']
log.info("install_vm created vm %s" % (vmuuid))
remove_disks_in_vm_provisioning(session, vmref)
session.xenapi.VM.provision(vmref)
api_helper.create_vbd(session, vmref, vdiref, 'rw', True)
setup_network_on_lowest_pif(session, vmref)
return vmuuid
def create_config_drive_iso(session, userdata_template, vmuuid):
log.info("create_config_drive_iso for vm %s" % (vmuuid))
umountrequired = False
temptoolsisodir = None
userdatafile = None
latestfolder = None
openstackfolder = None
agentfilepaths = []
agentpath = None
tempisodir = None
try:
tempisodir = tempfile.mkdtemp()
tempisofile = tempfile.mkstemp()[1]
# add the userdata-file
openstackfolder = os.path.join(tempisodir, 'openstack')
latestfolder = os.path.join(openstackfolder, 'latest')
os.makedirs(latestfolder)
userdatafile = os.path.join(latestfolder, 'user_data')
userdatatemplatefile = "%s.template" % userdatafile
template_data = get_template_data(session, vmuuid)
userdata = customize_userdata(userdata_template, template_data)
util.write_file(userdatafile, userdata)
util.write_file(userdatatemplatefile, userdata_template)
log.debug("Userdata: %s" % (userdata))
# Also add the Linux guest agent
temptoolsisodir = tempfile.mkdtemp()
tools_iso_path = find_latest_tools_iso_path()
cmd = ['mount', '-o', 'loop', tools_iso_path, temptoolsisodir]
util.runlocal(cmd)
umountrequired = True
agentpath = os.path.join(tempisodir, 'agent')
os.makedirs(agentpath)
agentfiles = [
'xe-daemon', 'xe-linux-distribution',
'xe-linux-distribution.service', 'xen-vcpu-hotplug.rules',
'install.sh', 'versions.deb', 'versions.rpm', "versions.tgz"
]
for filename in agentfiles:
path = os.path.join(temptoolsisodir, 'Linux', filename)
shutil.copy(path, agentpath)
agentfilepaths.append(os.path.join(agentpath, filename))
# Finally wrap up the iso
util.make_iso('config-2', tempisodir, tempisofile)
finally:
# And tidy
if umountrequired:
cmd = ['umount', temptoolsisodir]
util.runlocal(cmd)
for path in [temptoolsisodir, userdatafile, userdatatemplatefile,
latestfolder, openstackfolder] + agentfilepaths + \
[agentpath, tempisodir]:
if path is not None:
if os.path.isdir(path):
os.rmdir(path)
elif os.path.isfile(path):
os.remove(path)
else:
log.debug("create_config_drive_iso: Not tidying %s because"
" it could not be found" % (path))
return tempisofile
def install_vm(session, urlvhdbz2, sruuid,
vmname='CoreOs-%d' % (random.randint(0, 1000)),
templatename='CoreOS'):
# devmode only
log.info("install_vm from url %s to sr %s" % (urlvhdbz2, sruuid))
atempfile = tempfile.mkstemp(suffix='.vhd.bz2')[1]
atempfileunpacked = atempfile.replace('.bz2', '')
# @todo: pipe instead, so the file never actually touches Dom0
cmd = ['curl', '-o', atempfile, urlvhdbz2]
util.runlocal(cmd)
try:
cmd = ['bzip2', '-d', atempfile]
util.runlocal(cmd)
vdiref = api_helper.import_disk(session, sruuid, atempfileunpacked,
'vhd', 'Disk')
finally:
if os.path.exists(atempfile):
os.remove(atempfile)
if os.path.exists(atempfileunpacked):
os.remove(atempfileunpacked)
templateref = session.xenapi.VM.get_by_name_label(templatename)[0]
vmref = session.xenapi.VM.clone(templateref, vmname)
vmuuid = session.xenapi.VM.get_record(vmref)['uuid']
log.info("install_vm created vm %s" % (vmuuid))
remove_disks_in_vm_provisioning(session, vmref)
session.xenapi.VM.provision(vmref)
api_helper.create_vbd(session, vmref, vdiref, 'rw', True)
setup_network_on_lowest_pif(session, vmref)
return vmuuid
def create_config_drive_iso(session, userdata_template, vmuuid):
log.info("create_config_drive_iso for vm %s" % (vmuuid))
umountrequired = False
temptoolsisodir = None
userdatafile = None
latestfolder = None
openstackfolder = None
agentfilepaths = []
agentpath = None
tempisodir = None
try:
tempisodir = tempfile.mkdtemp()
tempisofile = tempfile.mkstemp()[1]
# add the userdata-file
openstackfolder = os.path.join(tempisodir, 'openstack')
latestfolder = os.path.join(openstackfolder, 'latest')
os.makedirs(latestfolder)
userdatafile = os.path.join(latestfolder, 'user_data')
userdatatemplatefile = "%s.template" % userdatafile
template_data = get_template_data(session, vmuuid)
userdata = customize_userdata(userdata_template, template_data)
util.write_file(userdatafile, userdata)
util.write_file(userdatatemplatefile, userdata_template)
log.debug("Userdata: %s" % (userdata))
# Also add the Linux guest agent
temptoolsisodir = tempfile.mkdtemp()
tools_iso_path = find_latest_tools_iso_path()
cmd = ['mount', '-o', 'loop',
tools_iso_path, temptoolsisodir]
util.runlocal(cmd)
umountrequired = True
agentpath = os.path.join(tempisodir, 'agent')
os.makedirs(agentpath)
agentfiles = ['xe-daemon', 'xe-linux-distribution',
'xe-linux-distribution.service',
'xen-vcpu-hotplug.rules', 'install.sh',
'versions.deb', 'versions.rpm', "versions.tgz"]
for filename in agentfiles:
path = os.path.join(temptoolsisodir, 'Linux', filename)
shutil.copy(path, agentpath)
agentfilepaths.append(os.path.join(agentpath, filename))
# Finally wrap up the iso
util.make_iso('config-2', tempisodir, tempisofile)
finally:
# And tidy
if umountrequired:
cmd = ['umount', temptoolsisodir]
util.runlocal(cmd)
for path in [temptoolsisodir, userdatafile, userdatatemplatefile,
latestfolder, openstackfolder] + agentfilepaths + \
[agentpath, tempisodir]:
if path is not None:
if os.path.isdir(path):
os.rmdir(path)
elif os.path.isfile(path):
os.remove(path)
else:
log.debug("create_config_drive_iso: Not tidying %s because"
" it could not be found" % (path))
return tempisofile
def export_disk(session, vdiuuid):
log.info("export_disk vdi %s" % (vdiuuid))
filename = tempfile.mkstemp(suffix='.raw')[1]
cmd = ['curl', '-L', '-k', '-o', filename,
'https://localhost/export_raw_vdi?session_id=%s&vdi=%s&format=raw'
% (session.handle, vdiuuid)]
util.runlocal(cmd)
return filename
def export_disk(session, vdiuuid):
log.info("export_disk vdi %s" % (vdiuuid))
filename = tempfile.mkstemp(suffix='.raw')[1]
cmd = ['curl', '-k', '-o', filename,
'https://localhost/export_raw_vdi?session_id=%s&vdi=%s&format=raw'
% (session.handle, vdiuuid)]
util.runlocal(cmd)
return filename
def _generate_ca(parent_path):
util.runlocal(['openssl', 'genrsa',
'-out', os.path.join(parent_path, 'ca-key.pem'), '4096'])
# ToDo: we may want to ask the user for his organisation?
util.runlocal(['openssl', 'req', '-new', '-x509', '-sha256',
'-days', "%d" % (CERTIFICATE_DAYSTOBEVALID),
'-key', os.path.join(parent_path, 'ca-key.pem'),
'-out', os.path.join(parent_path, 'ca.pem'),
'-subj', '/O=%s.xscontainer/' % socket.gethostname()])
def import_disk(session,
sruuid,
filename,
fileformat,
namelabel,
other_config_keys={}):
log.info("import_disk file %s on sr %s" % (filename, sruuid))
targetsr = session.xenapi.SR.get_by_uuid(sruuid)
sizeinb = None
if fileformat == "vhd":
cmd = ['vhd-util', 'query', '-n', filename, '-v']
sizeinmb = util.runlocal(cmd)[1]
sizeinb = int(sizeinmb) * 1024 * 1024
elif fileformat == "raw":
sizeinb = os.path.getsize(filename)
# Workaround: can't otherwise import disks that aren't aligned to 2MB
newsizeinb = sizeinb + \
((2 * 1024 * 1024) - sizeinb % (2 * 1024 * 1024))
if sizeinb < newsizeinb:
log.info('Resizing raw disk from size %d to %d' %
(sizeinb, newsizeinb))
filehandle = open(filename, "r+b")
filehandle.seek(newsizeinb - 1)
filehandle.write("\0")
filehandle.close()
sizeinb = os.path.getsize(filename)
else:
raise Exception('Invalid fileformat: %s ' % fileformat)
log.info("Preparing vdi of size %d" % (sizeinb))
vdiconf = {
'SR': targetsr,
'virtual_size': str(sizeinb),
'type': 'system',
'sharable': False,
'read_only': False,
'other_config': {},
'name_label': namelabel
}
vdiref = session.xenapi.VDI.create(vdiconf)
other_config = session.xenapi.VDI.get_other_config(vdiref)
for key, value in other_config_keys.iteritems():
other_config[key] = value
session.xenapi.VDI.set_other_config(vdiref, other_config)
vdiuuid = session.xenapi.VDI.get_record(vdiref)['uuid']
cmd = [
'curl', '-k', '--upload', filename,
'https://localhost/import_raw_vdi?session_id=%s&vdi=%s&format=%s' %
(session.handle, vdiuuid, fileformat)
]
util.runlocal(cmd)
return vdiref
def _generate_ca(parent_path):
util.runlocal([
'openssl', 'genrsa', '-out',
os.path.join(parent_path, 'ca-key.pem'), '4096'
])
# ToDo: we may want to ask the user for his organisation?
util.runlocal([
'openssl', 'req', '-new', '-x509', '-sha256', '-days',
"%d" % (CERTIFICATE_DAYSTOBEVALID), '-key',
os.path.join(parent_path, 'ca-key.pem'), '-out',
os.path.join(parent_path, 'ca.pem'), '-subj',
'/O=%s.xscontainer/' % socket.gethostname()
])
def import_disk(session, sruuid, filename, fileformat, namelabel,
other_config_keys={}):
log.info("import_disk file %s on sr %s" % (filename, sruuid))
targetsr = session.xenapi.SR.get_by_uuid(sruuid)
sizeinb = None
if fileformat == "vhd":
cmd = ['vhd-util', 'query', '-n', filename, '-v']
sizeinmb = util.runlocal(cmd)[1]
sizeinb = int(sizeinmb) * 1024 * 1024
elif fileformat == "raw":
sizeinb = os.path.getsize(filename)
# Workaround: can't otherwise import disks that aren't aligned to 2MB
newsizeinb = sizeinb + \
((2 * 1024 * 1024) - sizeinb % (2 * 1024 * 1024))
if sizeinb < newsizeinb:
log.info('Resizing raw disk from size %d to %d' %
(sizeinb, newsizeinb))
filehandle = open(filename, "r+b")
filehandle.seek(newsizeinb - 1)
filehandle.write("\0")
filehandle.close()
sizeinb = os.path.getsize(filename)
else:
raise Exception('Invalid fileformat: %s ' % fileformat)
log.info("Preparing vdi of size %d" % (sizeinb))
vdiconf = {'SR': targetsr, 'virtual_size': str(sizeinb), 'type': 'system',
'sharable': False, 'read_only': False, 'other_config': {},
'name_label': namelabel}
vdiref = session.xenapi.VDI.create(vdiconf)
other_config = session.xenapi.VDI.get_other_config(vdiref)
for key, value in other_config_keys.iteritems():
other_config[key] = value
session.xenapi.VDI.set_other_config(vdiref, other_config)
vdiuuid = session.xenapi.VDI.get_record(vdiref)['uuid']
cmd = ['curl', '-k', '--upload', filename,
'https://localhost/import_raw_vdi?session_id=%s&vdi=%s&format=%s'
% (session.handle, vdiuuid, fileformat)]
util.runlocal(cmd)
return vdiref
def get_config_drive_configuration(session, vdiuuid):
log.info("get_config_drive_configuration from vdi %s" % (vdiuuid))
tempdir = None
umountrequired = False
filename = api_helper.export_disk(session, vdiuuid)
try:
tempdir = tempfile.mkdtemp()
cmd = ['mount', '-o', 'loop', '-t', 'iso9660', filename, tempdir]
util.runlocal(cmd)
umountrequired = True
userdatapath_template = os.path.join(tempdir, 'openstack', 'latest',
'user_data.template')
content = util.read_file(userdatapath_template)
finally:
os.remove(filename)
if umountrequired:
cmd = ['umount', tempdir]
util.runlocal(cmd)
if tempdir:
os.rmdir(tempdir)
return content
def get_config_drive_configuration(session, vdiuuid):
log.info("get_config_drive_configuration from vdi %s" % (vdiuuid))
tempdir = None
umountrequired = False
filename = api_helper.export_disk(session, vdiuuid)
try:
tempdir = tempfile.mkdtemp()
cmd = ['mount', '-o', 'loop', '-t', 'iso9660', filename, tempdir]
util.runlocal(cmd)
umountrequired = True
userdatapath_template = os.path.join(
tempdir, 'openstack', 'latest', 'user_data.template')
content = util.read_file(userdatapath_template)
finally:
os.remove(filename)
if umountrequired:
cmd = ['umount', tempdir]
util.runlocal(cmd)
if tempdir:
os.rmdir(tempdir)
return content
def _generate_client(parent_path):
prefix = os.path.join(parent_path, "client")
os.makedirs(prefix)
util.runlocal(
['openssl', 'genrsa', '-out',
os.path.join(prefix, 'key.pem'), '4096'])
try:
util.runlocal([
'openssl', 'req', '-subj', '/CN=client', '-new', '-key',
os.path.join(prefix, 'key.pem'), '-out',
os.path.join(prefix, 'client.csr')
])
util.write_file(os.path.join(prefix, './extfile.cnf'),
'extendedKeyUsage = clientAuth')
util.runlocal([
'openssl', 'x509', '-req', '-sha256', '-days',
"%d" % (CERTIFICATE_DAYSTOBEVALID), '-in',
os.path.join(prefix, 'client.csr'), '-CA',
os.path.join(parent_path, 'ca.pem'), '-CAkey',
os.path.join(parent_path, 'ca-key.pem'), '-CAcreateserial', '-out',
os.path.join(prefix, 'cert.pem'), '-extfile',
os.path.join(prefix, 'extfile.cnf')
])
finally:
_delete_if_exists(prefix, ['extfile.cnf', 'client.csr'])
shutil.copyfile(os.path.join(parent_path, 'ca.pem'),
os.path.join(prefix, 'ca.pem'))
def _generate_server(parent_path, ips):
prefix = os.path.join(parent_path, "server")
os.makedirs(prefix)
util.runlocal(['openssl', 'genrsa',
'-out', os.path.join(prefix, 'server-key.pem'), '4096'])
# hostname is ignored as XS will connect using the IPs
hostname = "_ignored_"
util.runlocal(['openssl', 'req', '-subj', '/CN=%s' % (hostname),
'-days', "%d" % (CERTIFICATE_DAYSTOBEVALID),
'-sha256', '-new', '-key', os.path.join(
prefix, 'server-key.pem'),
'-out', os.path.join(prefix, 'server.csr')])
ipstring = ""
for ip in ips:
ipstring = ipstring + "IP:" + ip + ","
# remove trailing comma
ipstring = ipstring[:-1]
try:
util.write_file(
os.path.join(prefix, './extfile.cnf'),
'subjectAltName = ' + (ipstring))
util.runlocal(['openssl', 'x509', '-req', '-sha256',
'-in', os.path.join(prefix, 'server.csr'),
'-CA', os.path.join(parent_path, 'ca.pem'),
'-CAkey', os.path.join(parent_path, 'ca-key.pem'),
'-CAcreateserial',
'-out', os.path.join(prefix, 'server-cert.pem'),
'-extfile', os.path.join(prefix, 'extfile.cnf')])
finally:
_delete_if_exists(prefix, ['extfile.cnf', 'server.csr'])
_delete_if_exists(parent_path, ['ca.srl'])
shutil.copyfile(
os.path.join(parent_path, 'ca.pem'), os.path.join(prefix, 'ca.pem'))
def _generate_client(parent_path):
prefix = os.path.join(parent_path, "client")
os.makedirs(prefix)
util.runlocal(['openssl', 'genrsa',
'-out', os.path.join(prefix, 'key.pem'), '4096'])
try:
util.runlocal(['openssl', 'req', '-subj', '/CN=client',
'-new', '-key', os.path.join(prefix, 'key.pem'),
'-out', os.path.join(prefix, 'client.csr')])
util.write_file(os.path.join(prefix, './extfile.cnf'),
'extendedKeyUsage = clientAuth')
util.runlocal(['openssl', 'x509', '-req', '-sha256',
'-days', "%d" % (CERTIFICATE_DAYSTOBEVALID),
'-in', os.path.join(prefix, 'client.csr'),
'-CA', os.path.join(parent_path, 'ca.pem'),
'-CAkey', os.path.join(parent_path, 'ca-key.pem'),
'-CAcreateserial',
'-out', os.path.join(prefix, 'cert.pem'),
'-extfile', os.path.join(prefix, 'extfile.cnf')])
finally:
_delete_if_exists(prefix, ['extfile.cnf', 'client.csr'])
shutil.copyfile(
os.path.join(parent_path, 'ca.pem'), os.path.join(prefix, 'ca.pem'))
def _generate_server(parent_path, ips):
prefix = os.path.join(parent_path, "server")
os.makedirs(prefix)
util.runlocal([
'openssl', 'genrsa', '-out',
os.path.join(prefix, 'server-key.pem'), '4096'
])
# hostname is ignored as XS will connect using the IPs
hostname = "_ignored_"
util.runlocal([
'openssl', 'req', '-subj',
'/CN=%s' % (hostname), '-days',
"%d" % (CERTIFICATE_DAYSTOBEVALID), '-sha256', '-new', '-key',
os.path.join(prefix, 'server-key.pem'), '-out',
os.path.join(prefix, 'server.csr')
])
ipstring = ""
for ip in ips:
ipstring = ipstring + "IP:" + ip + ","
# remove trailing comma
ipstring = ipstring[:-1]
try:
util.write_file(os.path.join(prefix, './extfile.cnf'),
'subjectAltName = ' + (ipstring))
util.runlocal([
'openssl', 'x509', '-req', '-sha256', '-in',
os.path.join(prefix, 'server.csr'), '-CA',
os.path.join(parent_path, 'ca.pem'), '-CAkey',
os.path.join(parent_path, 'ca-key.pem'), '-CAcreateserial', '-out',
os.path.join(prefix, 'server-cert.pem'), '-extfile',
os.path.join(prefix, 'extfile.cnf')
])
finally:
_delete_if_exists(prefix, ['extfile.cnf', 'server.csr'])
_delete_if_exists(parent_path, ['ca.srl'])
shutil.copyfile(os.path.join(parent_path, 'ca.pem'),
os.path.join(prefix, 'ca.pem'))
