def _change_password(server_address, params):
""" Changes the SQL connection pool's password.
"""
params_no_passwords = copy.deepcopy(params)
params_no_passwords["password1"] = "***"
params_no_passwords["password2"] = "***"
logger.info("About to change an SQL connection pool password, server_address=[%s], params=[%s]" % (server_address, params_no_passwords))
config_pub_key = str(params["config_pub_key"])
encrypted_password1 = encrypt(params["password1"], config_pub_key)
encrypted_password2 = encrypt(params["password2"], config_pub_key)
zato_message = Element("{%s}zato_message" % zato_namespace)
zato_message.pool_name = params["pool_name"]
zato_message.password1 = encrypted_password1
zato_message.password2 = encrypted_password2
invoke_admin_service(server_address, "zato:pool.sql.change-password", etree.tostring(zato_message))
def execute(self, args, port=http_plain_server_port, show_output=True):
engine = self._get_engine(args)
session = self._get_session(engine)
cluster = session.query(Cluster).\
filter(Cluster.name == args.cluster_name).\
first()
if not cluster:
msg = "Cluster [{}] doesn't exist in the ODB".format(
args.cluster_name)
self.logger.error(msg)
return self.SYS_ERROR.NO_SUCH_CLUSTER
server = Server()
server.cluster_id = cluster.id
server.name = args.server_name
server.token = self.token
server.last_join_status = SERVER_JOIN_STATUS.ACCEPTED
server.last_join_mod_by = self._get_user_host()
server.last_join_mod_date = datetime.utcnow()
session.add(server)
try:
if not self.dirs_prepared:
self.prepare_directories(show_output)
repo_dir = os.path.join(self.target_dir, 'config', 'repo')
self.copy_server_crypto(repo_dir, args)
priv_key = open(os.path.join(repo_dir,
'zato-server-priv-key.pem')).read()
if show_output:
self.logger.debug(
'Created a Bazaar repo in {}'.format(repo_dir))
self.logger.debug('Creating files..')
for file_name, contents in sorted(files.items()):
file_name = os.path.join(self.target_dir, file_name)
if show_output:
self.logger.debug('Creating {}'.format(file_name))
f = file(file_name, 'w')
f.write(contents)
f.close()
logging_conf_loc = os.path.join(self.target_dir,
'config/repo/logging.conf')
logging_conf = open(logging_conf_loc).read()
open(logging_conf_loc, 'w').write(
logging_conf.format(log_path=os.path.join(
self.target_dir, 'logs', 'zato.log')))
if show_output:
self.logger.debug('Logging configuration stored in {}'.format(
logging_conf_loc))
odb_engine = args.odb_type
if odb_engine.startswith('postgresql'):
odb_engine = 'postgresql+pg8000'
server_conf_loc = os.path.join(self.target_dir,
'config/repo/server.conf')
server_conf = open(server_conf_loc, 'w')
server_conf.write(
server_conf_template.format(
port=port,
gunicorn_workers=1,
odb_db_name=args.odb_db_name or args.sqlite_path,
odb_engine=odb_engine,
odb_host=args.odb_host or '',
odb_port=args.odb_port or '',
odb_password=encrypt(args.odb_password, priv_key)
if args.odb_password else '',
odb_pool_size=default_odb_pool_size,
odb_user=args.odb_user or '',
token=self.token,
kvdb_host=args.kvdb_host,
kvdb_port=args.kvdb_port,
kvdb_password=encrypt(args.kvdb_password, priv_key)
if args.kvdb_password else '',
initial_cluster_name=args.cluster_name,
initial_server_name=args.server_name,
jwt_secret=getattr(args, 'jwt_secret',
Fernet.generate_key()),
))
server_conf.close()
pickup_conf_loc = os.path.join(self.target_dir,
'config/repo/pickup.conf')
pickup_conf_file = open(pickup_conf_loc, 'w')
pickup_conf_file.write(pickup_conf)
pickup_conf_file.close()
user_conf_loc = os.path.join(self.target_dir,
'config/repo/user.conf')
user_conf = open(user_conf_loc, 'w')
user_conf.write(user_conf_contents)
user_conf.close()
if show_output:
self.logger.debug(
'Core configuration stored in {}'.format(server_conf_loc))
# Initial info
self.store_initial_info(self.target_dir,
self.COMPONENTS.SERVER.code)
session.commit()
except IntegrityError, e:
msg = 'Server name [{}] already exists'.format(args.server_name)
if self.verbose:
msg += '. Caught an exception:[{}]'.format(format_exc(e))
self.logger.error(msg)
self.logger.error(msg)
session.rollback()
return self.SYS_ERROR.SERVER_NAME_ALREADY_EXISTS
def execute(self,
args,
show_output=True,
password=None,
needs_admin_created_flag=False):
os.chdir(self.target_dir)
repo_dir = os.path.join(self.target_dir, 'config', 'repo')
web_admin_conf_path = os.path.join(repo_dir, 'web-admin.conf')
initial_data_json_path = os.path.join(repo_dir, 'initial-data.json')
os.mkdir(os.path.join(self.target_dir, 'logs'))
os.mkdir(os.path.join(self.target_dir, 'config'))
os.mkdir(repo_dir)
user_name = 'admin'
password = password if password else generate_password()
self.copy_web_admin_crypto(repo_dir, args)
priv_key = open(os.path.join(repo_dir,
'web-admin-priv-key.pem')).read()
config = {
'host':
web_admin_host,
'port':
web_admin_port,
'db_type':
args.odb_type,
'log_config':
'logging.conf',
'DATABASE_NAME':
args.odb_db_name or args.sqlite_path,
'DATABASE_USER':
args.odb_user or '',
'DATABASE_PASSWORD':
encrypt(args.odb_password, priv_key) if args.odb_password else '',
'DATABASE_HOST':
args.odb_host or '',
'DATABASE_PORT':
args.odb_port or '',
'SITE_ID':
getrandbits(20),
'SECRET_KEY':
encrypt(uuid.uuid4().hex, priv_key),
'ADMIN_INVOKE_NAME':
'admin.invoke',
'ADMIN_INVOKE_PASSWORD':
encrypt(
getattr(args, 'admin_invoke_password', None)
or getattr(args, 'tech_account_password'), priv_key),
}
open(os.path.join(repo_dir, 'logging.conf'), 'w').write(
common_logging_conf_contents.format(
log_path='./logs/web-admin.log'))
open(web_admin_conf_path, 'w').write(config_template.format(**config))
open(initial_data_json_path,
'w').write(initial_data_json.format(**config))
# Initial info
self.store_initial_info(self.target_dir,
self.COMPONENTS.WEB_ADMIN.code)
config = json.loads(
open(os.path.join(repo_dir, 'web-admin.conf')).read())
config['config_dir'] = self.target_dir
update_globals(config, self.target_dir)
os.environ['DJANGO_SETTINGS_MODULE'] = 'zato.admin.settings'
import django
django.setup()
self.reset_logger(args, True)
# Can't import these without DJANGO_SETTINGS_MODULE being set
from django.contrib.auth.models import User
from django.db import connection
from django.db.utils import IntegrityError
call_command('migrate',
run_syncdb=True,
interactive=False,
verbosity=0)
call_command('loaddata', initial_data_json_path, verbosity=0)
try:
call_command('createsuperuser',
interactive=False,
username=user_name,
first_name='admin-first-name',
last_name='admin-last-name',
email='*****@*****.**')
admin_created = True
user = User.objects.get(username=user_name)
user.set_password(password)
user.save()
except IntegrityError, e:
admin_created = False
connection._rollback()
self.logger.info('Ignoring IntegrityError e:[%s]',
format_exc(e).decode('utf-8'))
def execute(self, args, port=http_plain_server_port, show_output=True):
engine = self._get_engine(args)
session = self._get_session(engine)
cluster = session.query(Cluster).\
filter(Cluster.name == args.cluster_name).\
first()
if not cluster:
msg = "Cluster [{}] doesn't exist in the ODB".format(args.cluster_name)
self.logger.error(msg)
return self.SYS_ERROR.NO_SUCH_CLUSTER
server = Server()
server.cluster_id = cluster.id
server.name = args.server_name
server.token = self.token
server.last_join_status = SERVER_JOIN_STATUS.ACCEPTED
server.last_join_mod_by = self._get_user_host()
server.last_join_mod_date = datetime.utcnow()
session.add(server)
try:
if not self.dirs_prepared:
self.prepare_directories(show_output)
repo_dir = os.path.join(self.target_dir, 'config', 'repo')
self.copy_server_crypto(repo_dir, args)
priv_key = open(os.path.join(repo_dir, 'zato-server-priv-key.pem')).read()
if show_output:
self.logger.debug('Created a Bazaar repo in {}'.format(repo_dir))
self.logger.debug('Creating files..')
for file_name, contents in sorted(files.items()):
file_name = os.path.join(self.target_dir, file_name)
if show_output:
self.logger.debug('Creating {}'.format(file_name))
f = file(file_name, 'w')
f.write(contents)
f.close()
logging_conf_loc = os.path.join(self.target_dir, 'config/repo/logging.conf')
logging_conf = open(logging_conf_loc).read()
open(logging_conf_loc, 'w').write(logging_conf.format(
log_path=os.path.join(self.target_dir, 'logs', 'zato.log')))
if show_output:
self.logger.debug('Logging configuration stored in {}'.format(logging_conf_loc))
server_conf_loc = os.path.join(self.target_dir, 'config/repo/server.conf')
server_conf = open(server_conf_loc, 'w')
server_conf.write(
server_conf_template.format(
port=port,
gunicorn_workers=cpu_count(),
odb_db_name=args.odb_db_name,
odb_engine=args.odb_type,
odb_host=args.odb_host,
odb_port=args.odb_port,
odb_password=encrypt(args.odb_password, priv_key),
odb_pool_size=default_odb_pool_size,
odb_user=args.odb_user,
token=self.token,
kvdb_host=args.kvdb_host,
kvdb_port=args.kvdb_port,
kvdb_password=encrypt(args.kvdb_password, priv_key) if args.kvdb_password else '',
initial_cluster_name=args.cluster_name,
initial_server_name=args.server_name,
))
server_conf.close()
if show_output:
self.logger.debug('Core configuration stored in {}'.format(server_conf_loc))
# Initial info
self.store_initial_info(self.target_dir, self.COMPONENTS.SERVER.code)
session.commit()
except IntegrityError, e:
msg = 'Server name [{}] already exists'.format(args.server_name)
if self.verbose:
msg += '. Caught an exception:[{}]'.format(format_exc(e))
self.logger.error(msg)
self.logger.error(msg)
session.rollback()
return self.SYS_ERROR.SERVER_NAME_ALREADY_EXISTS
def execute(self, args, show_output=True, password=None):
os.chdir(self.target_dir)
repo_dir = os.path.join(self.target_dir, 'config', 'repo')
zato_admin_conf_path = os.path.join(repo_dir, 'zato-admin.conf')
initial_data_json_path = os.path.join(repo_dir, 'initial-data.json')
os.mkdir(os.path.join(self.target_dir, 'logs'))
os.mkdir(os.path.join(self.target_dir, 'config'))
os.mkdir(os.path.join(self.target_dir, 'config', 'zdaemon'))
os.mkdir(repo_dir)
user_name = 'admin'
password = password if password else generate_password()
self.copy_zato_admin_crypto(repo_dir, args)
pub_key = open(os.path.join(repo_dir, 'zato-admin-pub-key.pem')).read()
config = {
'host': zato_admin_host,
'port': zato_admin_port,
'db_type': args.odb_type,
'log_config': 'logging.conf',
'DATABASE_NAME': args.odb_db_name,
'DATABASE_USER': args.odb_user,
'DATABASE_PASSWORD': encrypt(args.odb_password, pub_key),
'DATABASE_HOST': args.odb_host,
'DATABASE_PORT': args.odb_port,
'SITE_ID': getrandbits(20),
'SECRET_KEY': encrypt(uuid.uuid4().hex, pub_key),
'TECH_ACCOUNT_NAME':args.tech_account_name,
'TECH_ACCOUNT_PASSWORD':encrypt(args.tech_account_password, pub_key),
}
open(os.path.join(repo_dir, 'logging.conf'), 'w').write(common_logging_conf_contents.format(log_path='./logs/zato-admin.log'))
open(zato_admin_conf_path, 'w').write(config_template.format(**config))
open(initial_data_json_path, 'w').write(initial_data_json.format(**config))
# Initial info
self.store_initial_info(self.target_dir, self.COMPONENTS.ZATO_ADMIN.code)
config = json.loads(open(os.path.join(repo_dir, 'zato-admin.conf')).read())
config['config_dir'] = self.target_dir
update_globals(config, self.target_dir)
os.environ['DJANGO_SETTINGS_MODULE'] = 'zato.admin.settings'
# Can't import these without DJANGO_SETTINGS_MODULE being set
from django.contrib.auth.models import User
from django.db import connection
from django.db.utils import IntegrityError
call_command('syncdb', interactive=False, verbosity=0)
call_command('loaddata', initial_data_json_path, verbosity=0)
try:
call_command('createsuperuser', interactive=False, username=user_name, first_name='admin-first-name',
last_name='admin-last-name', email='*****@*****.**')
admin_created = True
except IntegrityError, e:
admin_created = False
connection._rollback()
msg = 'Ignoring IntegrityError e:[{}]'.format(format_exc(e))
self.logger.info(msg)
def execute(self, args, show_output=True, password=None, needs_admin_created_flag=False):
os.chdir(self.target_dir)
repo_dir = os.path.join(self.target_dir, 'config', 'repo')
web_admin_conf_path = os.path.join(repo_dir, 'web-admin.conf')
initial_data_json_path = os.path.join(repo_dir, 'initial-data.json')
os.mkdir(os.path.join(self.target_dir, 'logs'))
os.mkdir(os.path.join(self.target_dir, 'config'))
os.mkdir(repo_dir)
user_name = 'admin'
password = password if password else generate_password()
self.copy_web_admin_crypto(repo_dir, args)
priv_key = open(os.path.join(repo_dir, 'web-admin-priv-key.pem')).read()
config = {
'host': web_admin_host,
'port': web_admin_port,
'db_type': args.odb_type,
'log_config': 'logging.conf',
'DATABASE_NAME': args.odb_db_name or args.sqlite_path,
'DATABASE_USER': args.odb_user or '',
'DATABASE_PASSWORD': encrypt(args.odb_password, priv_key) if args.odb_password else '',
'DATABASE_HOST': args.odb_host or '',
'DATABASE_PORT': args.odb_port or '',
'SITE_ID': getrandbits(20),
'SECRET_KEY': encrypt(uuid.uuid4().hex, priv_key),
'ADMIN_INVOKE_NAME':'admin.invoke',
'ADMIN_INVOKE_PASSWORD':encrypt(getattr(args, 'admin_invoke_password', None) or getattr(args, 'tech_account_password'), priv_key),
}
open(os.path.join(repo_dir, 'logging.conf'), 'w').write(common_logging_conf_contents.format(log_path='./logs/web-admin.log'))
open(web_admin_conf_path, 'w').write(config_template.format(**config))
open(initial_data_json_path, 'w').write(initial_data_json.format(**config))
# Initial info
self.store_initial_info(self.target_dir, self.COMPONENTS.WEB_ADMIN.code)
config = json.loads(open(os.path.join(repo_dir, 'web-admin.conf')).read())
config['config_dir'] = self.target_dir
update_globals(config, self.target_dir)
os.environ['DJANGO_SETTINGS_MODULE'] = 'zato.admin.settings'
# Can't import these without DJANGO_SETTINGS_MODULE being set
from django.contrib.auth.models import User
from django.db import connection
from django.db.utils import IntegrityError
call_command('syncdb', interactive=False, verbosity=0)
call_command('loaddata', initial_data_json_path, verbosity=0)
try:
call_command(
'createsuperuser', interactive=False, username=user_name, first_name='admin-first-name',
last_name='admin-last-name', email='*****@*****.**')
admin_created = True
user = User.objects.get(username=user_name)
user.set_password(password)
user.save()
except IntegrityError, e:
admin_created = False
connection._rollback()
self.logger.info('Ignoring IntegrityError e:[%s]', format_exc(e).decode('utf-8'))
def execute(self,
args,
show_output=True,
password=None,
needs_admin_created_flag=False):
os.chdir(self.target_dir)
repo_dir = os.path.join(self.target_dir, 'config', 'repo')
web_admin_conf_path = os.path.join(repo_dir, 'web-admin.conf')
initial_data_json_path = os.path.join(repo_dir, 'initial-data.json')
os.mkdir(os.path.join(self.target_dir, 'logs'))
os.mkdir(os.path.join(self.target_dir, 'config'))
os.mkdir(repo_dir)
user_name = 'admin'
password = password if password else generate_password()
self.copy_web_admin_crypto(repo_dir, args)
priv_key = open(os.path.join(repo_dir,
'web-admin-priv-key.pem')).read()
config = {
'host':
web_admin_host,
'port':
web_admin_port,
'db_type':
args.odb_type,
'log_config':
'logging.conf',
'DATABASE_NAME':
args.odb_db_name or args.sqlite_path,
'DATABASE_USER':
args.odb_user or '',
'DATABASE_PASSWORD':
encrypt(args.odb_password, priv_key) if args.odb_password else '',
'DATABASE_HOST':
args.odb_host or '',
'DATABASE_PORT':
args.odb_port or '',
'SITE_ID':
getrandbits(20),
'SECRET_KEY':
encrypt(uuid.uuid4().hex, priv_key),
'ADMIN_INVOKE_NAME':
'admin.invoke',
'ADMIN_INVOKE_PASSWORD':
encrypt(
getattr(args, 'admin_invoke_password', None)
or getattr(args, 'tech_account_password'), priv_key),
}
open(os.path.join(repo_dir, 'logging.conf'), 'w').write(
common_logging_conf_contents.format(
log_path='./logs/web-admin.log'))
open(web_admin_conf_path, 'w').write(config_template.format(**config))
open(initial_data_json_path,
'w').write(initial_data_json.format(**config))
# Initial info
self.store_initial_info(self.target_dir,
self.COMPONENTS.WEB_ADMIN.code)
config = json.loads(
open(os.path.join(repo_dir, 'web-admin.conf')).read())
config['config_dir'] = self.target_dir
update_globals(config, self.target_dir)
os.environ['DJANGO_SETTINGS_MODULE'] = 'zato.admin.settings'
import django
django.setup()
self.reset_logger(args, True)
# Can't import these without DJANGO_SETTINGS_MODULE being set
from django.contrib.auth.models import User
from django.db import connection
from django.db.utils import IntegrityError
call_command('migrate',
run_syncdb=True,
interactive=False,
verbosity=0)
call_command('loaddata', initial_data_json_path, verbosity=0)
try:
call_command('createsuperuser',
interactive=False,
username=user_name,
first_name='admin-first-name',
last_name='admin-last-name',
email='*****@*****.**')
admin_created = True
user = User.objects.get(username=user_name)
user.set_password(password)
user.save()
except IntegrityError:
# This will happen if user 'admin' already exists, e.g. if this is not the first cluster in this database
admin_created = False
connection._rollback()
# Needed because Django took over our logging config
self.reset_logger(args, True)
if show_output:
if self.verbose:
msg = """Successfully created a web admin instance.
You can start it with the 'zato start {path}' command.""".format(
path=os.path.abspath(
os.path.join(os.getcwd(), self.target_dir)))
self.logger.debug(msg)
else:
self.logger.info('OK')
# We return it only when told to explicitly so when the command runs from CLI
# it doesn't return a non-zero exit code.
if needs_admin_created_flag:
return admin_created
def execute(self, args, server_pub_key=None):
# Service list 1)
# We need to check if we're the first server to join the cluster. If we
# are then we need to populate the ODB with a list of internal services
# available in the server. At this point we only check what
# the command-line parameters were and later on, in point 2),
# the actual list gets added to the ODB.
cluster_name = args.cluster if 'cluster' in args else self.cluster_name
if not self.dirs_prepared:
self.prepare_directories()
repo_dir = os.path.join(self.target_dir, 'config/repo')
pub_key = open(os.path.join(repo_dir, 'zs-pub-key.pem')).read()
repo_manager = RepoManager(repo_dir)
repo_manager.ensure_repo_consistency()
print('\nCreated a Bazaar repo in {repo_dir}'.format(repo_dir=repo_dir))
print('')
print('Creating files..')
for file_name, contents in sorted(files.items()):
file_name = os.path.join(self.target_dir, file_name)
print('Creating {file_name}'.format(file_name=file_name))
f = file(file_name, 'w')
f.write(contents)
f.close()
logging_conf_loc = os.path.join(self.target_dir, 'config/repo/logging.conf')
logging_conf = open(logging_conf_loc).read()
open(logging_conf_loc, 'w').write(logging_conf.format(
log_path=os.path.join(self.target_dir, 'logs', 'zato.log')))
print('')
print('Logging configuration stored in {logging_conf_loc}'.format(logging_conf_loc=logging_conf_loc))
server_conf_loc = os.path.join(self.target_dir, 'config/repo/server.conf')
server_conf = open(server_conf_loc, 'w')
server_conf.write(server_conf_template.format(odb_db_name=args.odb_dbname,
odb_engine=args.odb_type,
odb_host=args.odb_host,
odb_password=encrypt(args.odb_password, pub_key),
odb_pool_size=default_odb_pool_size,
odb_user=args.odb_user,
odb_token=self.odb_token))
server_conf.close()
print('Core configuration stored in {server_conf_loc}'.format(server_conf_loc=server_conf_loc))
# Service list 2)
# We'll need to add the list of services to the ODB depending on just
# how many active servers there are in the cluster.
engine = self._get_engine(args)
session = self._get_session(engine)
cluster = session.query(Cluster).filter(Cluster.name==cluster_name).first()
if not cluster:
should_add = True # A new cluster so it can't have any services yet.
else:
# .Need to add the list if there aren't any servers yet.
should_add = not session.query(Server).\
filter(Server.cluster_id==cluster.id).\
filter(Server.last_join_status==ZATO_JOIN_REQUEST_ACCEPTED+'a').\
count()
#if should_add
msg = """\nSuccessfully created a new server.
You can now start it with the 'zato start {path}' command.
""".format(path=os.path.abspath(os.path.join(os.getcwd(), self.target_dir)))
print(msg)
def execute(self,
args,
show_output=True,
password=None,
needs_created_flag=False):
os.chdir(self.target_dir)
repo_dir = os.path.join(self.target_dir, 'config', 'repo')
conf_path = os.path.join(repo_dir, 'scheduler.conf')
startup_jobs_conf_path = os.path.join(repo_dir, 'startup_jobs.conf')
sql_conf_path = os.path.join(repo_dir, 'sql.conf')
os.mkdir(os.path.join(self.target_dir, 'logs'))
os.mkdir(os.path.join(self.target_dir, 'config'))
os.mkdir(repo_dir)
self.copy_scheduler_crypto(repo_dir, args)
priv_key = open(os.path.join(repo_dir,
'zato-scheduler-priv-key.pem')).read()
config = {
'odb_db_name':
args.odb_db_name or args.sqlite_path,
'odb_engine':
args.odb_type,
'odb_host':
args.odb_host or '',
'odb_port':
args.odb_port or '',
'odb_password':
encrypt(args.odb_password, priv_key) if args.odb_password else '',
'odb_username':
args.odb_user or '',
'broker_host':
args.kvdb_host,
'broker_port':
args.kvdb_port,
'broker_password':
encrypt(args.kvdb_password, priv_key)
if args.kvdb_password else '',
'user1_password':
generate_password(),
'cluster_id':
args.cluster_id,
}
open(os.path.join(repo_dir, 'logging.conf'), 'w').write(
common_logging_conf_contents.format(
log_path='./logs/scheduler.log'))
open(conf_path, 'w').write(config_template.format(**config))
open(startup_jobs_conf_path, 'w').write(startup_jobs)
open(sql_conf_path, 'w').write(sql_conf_contents)
# Initial info
self.store_initial_info(self.target_dir,
self.COMPONENTS.SCHEDULER.code)
if show_output:
if self.verbose:
msg = """Successfully created a scheduler instance.
You can start it with the 'zato start {path}' command.""".format(
path=os.path.abspath(
os.path.join(os.getcwd(), self.target_dir)))
self.logger.debug(msg)
else:
self.logger.info('OK')
# We return it only when told to explicitly so when the command runs from CLI
# it doesn't return a non-zero exit code.
if needs_created_flag:
return True
