def WaitUntilSSHable(self, user, args, instance):
"""Blocks until SSHing to the given host succeeds."""
external_ip_address = GetExternalIPAddress(instance)
ssh_args_for_polling = [self.ssh_executable]
ssh_args_for_polling.extend(self.GetDefaultFlags())
ssh_args_for_polling.extend(self.GetHostKeyArgs(args, instance))
ssh_args_for_polling.append(UserHost(user, external_ip_address))
ssh_args_for_polling.append('true')
ssh_args_for_polling = self.LocalizeCommand(ssh_args_for_polling)
start_sec = time_utils.CurrentTimeSec()
while True:
logging.debug('polling instance for SSHability')
retval = subprocess.call(ssh_args_for_polling)
if retval == 0:
break
if (time_utils.CurrentTimeSec() - start_sec >
_SSH_KEY_PROPAGATION_TIMEOUT_SEC):
raise exceptions.ToolException(
'Could not SSH to the instance. It is possible that '
'your SSH key has not propagated to the instance yet. '
'Try running this command again. If you still cannot connect, '
'verify that the firewall and instance are set to accept '
'ssh traffic.')
time_utils.Sleep(5)
def Run(self, args):
start = time_utils.CurrentTimeSec()
group_ref = self.CreateGroupReference(args)
while True:
responses, errors = self._GetResources(group_ref)
if errors:
utils.RaiseToolException(errors)
if wait_info.IsGroupStable(responses[0]):
break
log.out.Print(wait_info.CreateWaitText(responses[0]))
time_utils.Sleep(WaitUntilStable._TIME_BETWEEN_POLLS_SEC)
if args.timeout and time_utils.CurrentTimeSec() - start > args.timeout:
raise utils.TimeoutError('Timeout while waiting for group to become '
'stable.')
log.out.Print('Group is stable')
def _GetEncryptedPasswordFromSerialPort(self, search_modulus):
"""Returns the decrypted password from the data in the serial port."""
encrypted_password_data = {}
start_time = time_utils.CurrentTimeSec()
count = 1
agent_ready = False
while not encrypted_password_data:
log.debug('Get Serial Port Output, Try {0}'.format(count))
if (time_utils.CurrentTimeSec() >
(start_time + WINDOWS_PASSWORD_TIMEOUT_SEC)):
raise utils.TimeoutError(
TIMEOUT_ERROR.format(time_utils.CurrentDatetimeUtc()))
serial_port_output = self._GetSerialPortOutput(port=4).split('\n')
for line in reversed(serial_port_output):
try:
encrypted_password_dict = json.loads(line)
# Sometimes the serial port output only contains a partial entry.
except ValueError:
continue
modulus = encrypted_password_dict.get('modulus')
if modulus or encrypted_password_dict.get('ready'):
agent_ready = True
# Ignore any output that doesn't contain an encrypted password.
if not encrypted_password_dict.get('encryptedPassword'):
continue
if search_modulus == modulus:
encrypted_password_data = encrypted_password_dict
break
if not agent_ready:
if self.old_metadata_keys:
message = OLD_WINDOWS_BUILD_ERROR.format(
self.ref.Name(), self.ref.zone)
raise utils.WrongInstanceTypeError(message)
else:
message = NOT_READY_ERROR
raise utils.InstanceNotReadyError(message)
time_utils.Sleep(POLLING_SEC)
count += 1
encrypted_password = encrypted_password_data['encryptedPassword']
return encrypted_password
def Run(self, args):
start = time_utils.CurrentTimeSec()
# Set up Encryption utilities.
openssl_executable = files.FindExecutableOnPath('openssl')
if windows_encryption_utils:
crypt = windows_encryption_utils.WinCrypt()
elif openssl_executable:
crypt = openssl_encryption_utils.OpensslCrypt(openssl_executable)
else:
raise utils.MissingDependencyError(
'Your platform does not support OpenSSL.')
# Get Authenticated email address and default username.
email = gaia_utils.GetAuthenticatedGaiaEmail(self.http)
if args.user:
user = args.user
else:
user = gaia_utils.MapGaiaEmailToDefaultAccountName(email)
if args.name == user:
raise utils.InvalidUserError(
MACHINE_USERNAME_SAME_ERROR.format(user, args.name))
# Warn user (This warning doesn't show for non-interactive sessions).
message = RESET_PASSWORD_WARNING.format(user)
prompt_string = (
'Would you like to set or reset the password for [{0}]'.format(
user))
console_io.PromptContinue(message=message,
prompt_string=prompt_string,
cancel_on_no=True)
log.status.Print(
'Resetting and retrieving password for [{0}] on [{1}]'.format(
user, args.name))
# Get Encryption Keys.
key = crypt.GetKeyPair()
modulus, exponent = crypt.GetModulusExponentFromPublicKey(
crypt.GetPublicKey(key))
# Create Windows key entry.
self.windows_key_entry = self._ConstructWindowsKeyEntry(
user, modulus, exponent, email)
# Call ReadWriteCommad.Run() which will fetch the instance and update
# the metadata (using the data in self.windows_key_entry).
objects = super(ResetWindowsPassword, self).Run(args)
updated_instance = list(objects)[0]
# Retrieve and Decrypt the password from the serial console.
enc_password = self._GetEncryptedPasswordFromSerialPort(modulus)
password = crypt.DecryptMessage(key, enc_password)
# Get External IP address.
try:
access_configs = updated_instance['networkInterfaces'][0][
'accessConfigs']
external_ip_address = access_configs[0]['natIP']
except KeyError:
log.warn(NO_IP_WARNING.format(updated_instance['name']))
external_ip_address = None
# Check for old Windows credentials.
if self.old_metadata_keys:
log.warn(
OLD_KEYS_WARNING.format(self.ref.Name(), self.ref.Name(),
self.ref.zone,
','.join(self.old_metadata_keys)))
log.info('Total Elapsed Time: {0}'.format(time_utils.CurrentTimeSec() -
start))
# The connection info resource.
connection_info = {
'username': user,
'password': password,
'ip_address': external_ip_address
}
return connection_info
def WaitForOperations(operations,
project,
operation_service,
resource_service,
http,
batch_url,
warnings,
errors,
custom_get_requests=None,
timeout=None):
"""Blocks until the given operations are done or until a timeout is reached.
Args:
operations: A list of Operation objects to poll.
project: The project to which the resources belog.
operation_service: The service that can be used to get operation
objects.
resource_service: The service of the collection being mutated by
the operations. If the operation type is not delete, this service
is used to fetch the mutated objects after the operations are done.
http: An HTTP object.
batch_url: The URL to which batch requests should be sent.
warnings: An output parameter for capturing warnings.
errors: An output parameter for capturing errors.
custom_get_requests: A mapping of resource names to requests. If
this is provided, when an operation is DONE, instead of performing
a get on the targetLink, this function will consult custom_get_requests
and perform the request dictated by custom_get_requests.
timeout: The maximum amount of time, in seconds, to wait for the
operations to reach the DONE state.
Yields:
The resources pointed to by the operations' targetLink fields if
the operation type is not delete. Only resources whose
corresponding operations reach done are yielded.
"""
timeout = timeout or _POLLING_TIMEOUT_SEC
operation_type = operation_service.GetResponseType('Get')
responses = []
start = time_utils.CurrentTimeSec()
sleep_sec = 0
while operations:
resource_requests = []
operation_requests = []
log.debug('Operations to inspect: %s', operations)
for operation in operations:
if operation.status == operation_type.StatusValueValuesEnum.DONE:
# The operation has reached the DONE state, so we record any
# problems it contains (if any) and proceed to get the target
# resource if there were no problems and the operation is not
# a deletion.
_RecordProblems(operation, warnings, errors)
# We shouldn't attempt to get the target resource if there was
# anything wrong with the operation. Note that
# httpErrorStatusCode is set only when the operation is not
# successful.
if (operation.httpErrorStatusCode
and operation.httpErrorStatusCode != httplib.OK):
continue
# Just in case the server did not set httpErrorStatusCode but
# the operation did fail, we check the "error" field.
if operation.error:
continue
target_link = operation.targetLink
if custom_get_requests:
target_link, service, request_protobuf = (
custom_get_requests[operation.targetLink])
resource_requests.append(
(service, 'Get', request_protobuf))
# We shouldn't get the target resource if the operation type
# is delete because there will be no resource left.
elif not _IsDeleteOp(operation.operationType):
request = resource_service.GetRequestType('Get')(
project=project)
if operation.zone:
request.zone = path_simplifier.Name(operation.zone)
elif operation.region:
request.region = path_simplifier.Name(operation.region)
name_field = resource_service.GetMethodConfig(
'Get').ordered_params[-1]
setattr(request, name_field,
path_simplifier.Name(operation.targetLink))
resource_requests.append(
(resource_service, 'Get', request))
log.status.write('{0} [{1}].\n'.format(
_HumanFrieldlyNameForOpPastTense(
operation.operationType).capitalize(), target_link))
else:
# The operation has not reached the DONE state, so we add a
# get request to poll the operation.
request = operation_service.GetRequestType('Get')(
operation=operation.name, project=project)
if operation.zone:
request.zone = path_simplifier.Name(operation.zone)
elif operation.region:
request.region = path_simplifier.Name(operation.region)
operation_requests.append((operation_service, 'Get', request))
requests = resource_requests + operation_requests
if not requests:
break
responses, request_errors = batch_helper.MakeRequests(
requests=requests, http=http, batch_url=batch_url)
errors.extend(request_errors)
operations = []
for response in responses:
if isinstance(response, operation_type):
operations.append(response)
else:
yield response
# If there are no more operations, we are done.
if not operations:
break
# Did we time out? If so, record the operations that timed out so
# they can be reported to the user.
if time_utils.CurrentTimeSec() - start > timeout:
log.debug('Timeout of %ss reached.', timeout)
_RecordUnfinishedOperations(operations, errors)
break
# Sleeps before trying to poll the operations again.
sleep_sec += 1
log.debug('Sleeping for %ss.', sleep_sec)
time_utils.Sleep(min(sleep_sec, _MAX_TIME_BETWEEN_POLLS_SEC))
