def rg(conf, l, r, a, n):
"""
Work with ECS Replication Groups
"""
"""
Work with a collection of ECS abstractions
:param conf: Click object containing the configuration
:param l: list known configurations of this abstraction
:param r: list instances of this abstraction configured on ECS
:param a: add all known configurations of this abstraction
:param n: add a single known configuration of this abstraction
:return: retval
"""
def list_all():
return conf.ecs.get_rg_names()
def get_all():
return conf.api_client.replication_group.list()['data_service_vpool']
def add_rg(rg_name):
o('Creating replication group {}'.format(rg_name))
zone_mappings = []
for vdc_name in conf.ecs.get_rg_members(rg_name):
o('\tGenerating zone mappings for {}/{}'.format(rg_name, vdc_name))
vdc_id = conf.get_vdc_id_by_name(vdc_name)
sp_records = conf.api_client.storage_pool.list(
vdc_id=vdc_id)['varray']
for sp_record in sp_records:
o('\t{}'.format(sp_record['name']))
zone_mappings.append((vdc_id, sp_record['id']))
rg_options = conf.ecs.get_rg_options(rg_name)
o('\tApplying mappings')
resp = conf.api_client.replication_group.create(
rg_name,
zone_mappings=zone_mappings,
description=rg_options['description'],
enable_rebalancing=rg_options['enable_rebalancing'],
allow_all_namespaces=rg_options['allow_all_namespaces'],
is_full_rep=rg_options['is_full_rep'])
return resp
def add_all():
results = []
for rg_name in conf.ecs.get_rg_names():
results.append(add_rg(rg_name))
o('\tOK')
return results
if l:
available_rg_configs = list_all()
if available_rg_configs is not None:
o('Available Replication Group Configurations:')
for name in list_all():
o('\t{}'.format(name))
else:
o('No replication group configurations in deploy.yml')
if r:
try:
o('Replication Groups currently configured:')
for rg_dict in get_all():
o('\t{}'.format(rg_dict['name']))
except ECSClientException as e:
die('')
if a:
n = None
available_rg_configs = list_all()
if available_rg_configs is not None:
results = add_all()
o('Created all Replication Groups')
else:
o('No replication group configurations in deploy.yml')
if n is not None:
result = add_rg(n)
o('Created replication group {}'.format(result['name']))
def trust(conf, l, x, t, c, k):
"""
Work with ECS Certificates
"""
"""
Work with a collection of ECS abstractions
:param conf: Click object containing the configuration
:param l: list current cert installed in ECS
:param x: generate and trust a new self-signed cert in ECS
:param t: Fetch and trust the current ECS cert
:param c: Install custom x509 cert from file into ECS
:param k: (with -c) Private key to use for custom cert
:return: retval
"""
def get_cert():
return conf.api_client.certificate.get_certificate_chain()['chain']
def install_cert(cert_chain=None,
private_key=None,
self_signed=False,
ip_addresses=None):
kwargs = {
'cert_chain': cert_chain,
'private_key': private_key,
'selfsigned': self_signed,
'ip_addresses': ip_addresses
}
return conf.api_client.certificate.set_certificate_chain(
kwargs)['chain']
def generate_self_signed_cert():
return install_cert(self_signed=True,
ip_addresses=conf.ecs.list_all_sp_nodes())
def trust_cert(cert_chain):
if cert_chain is not None:
with open('{0}/ecscert.crt'.format(ssl_root), 'w') as fp:
fp.write(str(cert_chain))
stdout, stderr = get_both('update-ca-certificates')
return stdout + stderr
def install_custom_cert(cert_path, key_path):
with open('{}'.format(cert_path), 'r') as fp:
cert_blob = fp.read()
with open('{}'.format(key_path), 'r') as fp:
key_blob = fp.read()
install_cert(cert_chain=cert_blob, private_key=key_blob)
# Select behavior
if l:
try:
o('Current ECS Certificate:')
o(get_cert())
except ECSClientException as e:
die("Could not get certificate matter from ECS", e)
if x:
t = False
c = None
try:
trust_cert(generate_self_signed_cert())
except ECSClientException as e:
die('Could not generate self-signed cert on ECS', e)
if t:
c = None
o('Trusting current ECS certificate...')
try:
resp = trust_cert(get_cert())
o(resp)
except ECSClientException as e:
die('Could get cert from ECS', e)
except IOError as e:
die('Could not add ECS cert to local store', e)
if c is not None and k is not None:
try:
install_custom_cert(c, k)
except (IOError, ECSClientException) as e:
die("Could not install custom cert matter: {} {}:".format(c, k), e)
def licensing(conf, l, a, c):
"""
Work with ECS Licensing
"""
"""
Work with a collection of ECS abstractions
:param conf: Click object containing the configuration
:param l: list known configurations of this abstraction
:param a: add all known configurations of this abstraction
:param c: add a single custom configuration of this abstraction
:return: retval
"""
def get_license():
return conf.api_client.licensing.get_license()['license_text']
def add_license(license_blob):
# license_text is a global variable from defaults.py which
# can be overridden.
# o(license_blob)
#license_dict = {"license_text": license_blob.rstrip('\n')}
# License has to be uploaded to every VDC's top endpoint
result_list = []
for vdc in conf.ecs.get_vdc_names():
o('Adding licensing to VDC: {}'.format(vdc))
conf.api_endpoint = conf.ecs.get_vdc_endpoint(vdc)
conf.api_reset()
result_list.extend(
conf.api_client.licensing.add_license(license_blob))
o('\tOK')
return result_list
def add_default_license():
o('Using default license')
return add_license(license_text)
def add_custom_license(license_path):
o('Using custom license from {}'.format(license_path))
with open('{}'.format(license_path), 'r') as fp:
license_blob = fp.read()
return add_license(license_blob)
# Select behavior
if l:
c = None
a = False
try:
license_blob = get_license()
o('Current license installed in ECS:')
o(license_blob)
except ECSClientException as e:
die("Could not get license from ECS", e)
if a:
o('Installing licensing in ECS VDC(s)')
c = None
try:
license_blob = add_default_license()
o('Added default license to ECS')
except ECSClientException as e:
die("Could not add default license", e)
if c is not None:
o('Installing licensing in ECS VDC(s)')
try:
license_blob = add_custom_license(c)
o('Added custom license to ECS')
except IOError as e:
die('Could not read custom license file {}:'.format(c), e)
except ECSClientException as e:
die("Could not add custom license", e)
def rg(conf, l, r, a, n):
"""
Work with ECS Replication Groups
"""
"""
Work with a collection of ECS abstractions
:param conf: Click object containing the configuration
:param l: list known configurations of this abstraction
:param r: list instances of this abstraction configured on ECS
:param a: add all known configurations of this abstraction
:param n: add a single known configuration of this abstraction
:return: retval
"""
def list_all():
return conf.ecs.get_rg_names()
def get_all():
return conf.api_client.replication_group.list()['data_service_vpool']
def add_rg(rg_name):
o('Creating replication group {}'.format(rg_name))
zone_mappings = []
for vdc_name in conf.ecs.get_rg_members(rg_name):
o('\tGenerating zone mappings for {}/{}'.format(rg_name, vdc_name))
vdc_id = conf.get_vdc_id_by_name(vdc_name)
sp_records = conf.api_client.storage_pool.list(vdc_id=vdc_id)['varray']
for sp_record in sp_records:
o('\t{}'.format(sp_record['name']))
zone_mappings.append((vdc_id, sp_record['id']))
rg_options = conf.ecs.get_rg_options(rg_name)
o('\tApplying mappings')
resp = conf.api_client.replication_group.create(rg_name,
zone_mappings=zone_mappings,
description=rg_options['description'],
enable_rebalancing=rg_options['enable_rebalancing'],
allow_all_namespaces=rg_options['allow_all_namespaces'],
is_full_rep=rg_options['is_full_rep'])
return resp
def add_all():
results = []
for rg_name in conf.ecs.get_rg_names():
results.append(add_rg(rg_name))
o('\tOK')
return results
if l:
available_rg_configs = list_all()
if available_rg_configs is not None:
o('Available Replication Group Configurations:')
for name in list_all():
o('\t{}'.format(name))
else:
o('No replication group configurations in deploy.yml')
if r:
try:
o('Replication Groups currently configured:')
for rg_dict in get_all():
o('\t{}'.format(rg_dict['name']))
except ECSClientException as e:
die('')
if a:
n = None
available_rg_configs = list_all()
if available_rg_configs is not None:
results = add_all()
o('Created all Replication Groups')
else:
o('No replication group configurations in deploy.yml')
if n is not None:
result = add_rg(n)
o('Created replication group {}'.format(result['name']))
def trust(conf, l, x, t, c, k):
"""
Work with ECS Certificates
"""
"""
Work with a collection of ECS abstractions
:param conf: Click object containing the configuration
:param l: list current cert installed in ECS
:param x: generate and trust a new self-signed cert in ECS
:param t: Fetch and trust the current ECS cert
:param c: Install custom x509 cert from file into ECS
:param k: (with -c) Private key to use for custom cert
:return: retval
"""
def get_cert():
return conf.api_client.certificate.get_certificate_chain()['chain']
def install_cert(cert_chain=None, private_key=None, self_signed=False, ip_addresses=None):
kwargs = {
'cert_chain': cert_chain,
'private_key': private_key,
'selfsigned': self_signed,
'ip_addresses': ip_addresses
}
return conf.api_client.certificate.set_certificate_chain(kwargs)['chain']
def generate_self_signed_cert():
return install_cert(self_signed=True, ip_addresses=conf.ecs.list_all_sp_nodes())
def trust_cert(cert_chain):
if cert_chain is not None:
with open('{0}/ecscert.crt'.format(ssl_root), 'w') as fp:
fp.write(str(cert_chain))
stdout, stderr = get_both('update-ca-certificates')
return stdout + stderr
def install_custom_cert(cert_path, key_path):
with open('{}'.format(cert_path), 'r') as fp:
cert_blob = fp.read()
with open('{}'.format(key_path), 'r') as fp:
key_blob = fp.read()
install_cert(cert_chain=cert_blob, private_key=key_blob)
# Select behavior
if l:
try:
o('Current ECS Certificate:')
o(get_cert())
except ECSClientException as e:
die("Could not get certificate matter from ECS", e)
if x:
t = False
c = None
try:
trust_cert(generate_self_signed_cert())
except ECSClientException as e:
die('Could not generate self-signed cert on ECS', e)
if t:
c = None
o('Trusting current ECS certificate...')
try:
resp = trust_cert(get_cert())
o(resp)
except ECSClientException as e:
die('Could get cert from ECS', e)
except IOError as e:
die('Could not add ECS cert to local store', e)
if c is not None and k is not None:
try:
install_custom_cert(c, k)
except (IOError, ECSClientException) as e:
die("Could not install custom cert matter: {} {}:".format(c, k), e)
def licensing(conf, l, a, c):
"""
Work with ECS Licensing
"""
"""
Work with a collection of ECS abstractions
:param conf: Click object containing the configuration
:param l: list known configurations of this abstraction
:param a: add all known configurations of this abstraction
:param c: add a single custom configuration of this abstraction
:return: retval
"""
def get_license():
return conf.api_client.licensing.get_license()['license_text']
def add_license(license_blob):
# license_text is a global variable from constants.py which
# can be overridden.
# o(license_blob)
#license_dict = {"license_text": license_blob.rstrip('\n')}
# License has to be uploaded to every VDC's top endpoint
result_list = []
for vdc in conf.ecs.get_vdc_names():
o('Adding licensing to VDC: {}'.format(vdc))
conf.api_endpoint = conf.ecs.get_vdc_endpoint(vdc)
conf.api_reset()
result_list.extend(conf.api_client.licensing.add_license(license_blob))
o('\tOK')
return result_list
def add_default_license():
o('Using default license')
return add_license(license_text)
def add_custom_license(license_path):
o('Using custom license from {}'.format(license_path))
with open('{}'.format(license_path), 'r') as fp:
license_blob = fp.read()
return add_license(license_blob)
# Select behavior
if l:
c = None
a = False
try:
license_blob = get_license()
o('Current license installed in ECS:')
o(license_blob)
except ECSClientException as e:
die("Could not get license from ECS", e)
if a:
o('Installing licensing in ECS VDC(s)')
c = None
try:
license_blob = add_default_license()
o('Added default license to ECS')
except ECSClientException as e:
die("Could not add default license", e)
if c is not None:
o('Installing licensing in ECS VDC(s)')
try:
license_blob = add_custom_license(c)
o('Added custom license to ECS')
except IOError as e:
die('Could not read custom license file {}:'.format(c), e)
except ECSClientException as e:
die("Could not add custom license", e)