def test_cleanup_bad_encryption(self): vc_swc = DummyVCenterService() mv_vm = DummyVM("mv_image", 1, 1024) disk = DummyDisk(12*1024*1024, None) mv_vm.add_disk(disk, 0) mv_ovf = DummyOVF(mv_vm, "mv-ovf") vc_swc.ovfs = [mv_ovf] guest_vmdk = "guest-vmdk" guest_vmdk_disk = DummyDisk(16*1024*1024, guest_vmdk) vc_swc.disks[guest_vmdk] = guest_vmdk_disk try: encrypt_vmdk.encrypt_from_s3( vc_swc, FailedEncryptionService, guest_vmdk, vm_name="template-encrypted", create_ovf=False, create_ova=False, target_path=mv_ovf, image_name=None, ovftool_path=None, ovf_name="mv-ovf", download_file_list=[], user_data_str=None ) self.fail('Encryption should have failed') except Exception: self.assertEqual(len(vc_swc.vms), 1) self.assertEqual(len(vc_swc.disks), 4)
def test_smoke(self): vc_swc = DummyVCenterService() mv_vm = DummyVM("mv_image", 1, 1024) disk = DummyDisk(12*1024*1024, None) mv_vm.add_disk(disk, 0) mv_ovf = DummyOVF(mv_vm, "mv-ovf") vc_swc.ovfs = [mv_ovf] guest_vmdk = "guest-vmdk" guest_vmdk_disk = DummyDisk(16*1024*1024, guest_vmdk) vc_swc.disks[guest_vmdk] = guest_vmdk_disk encrypt_vmdk.encrypt_from_s3( vc_swc, DummyEncryptorService, guest_vmdk, vm_name="template-encrypted", create_ovf=False, create_ova=False, target_path=mv_ovf, image_name=None, ovftool_path=None, ovf_name="mv-ovf", download_file_list=[], user_data_str=None ) self.assertEqual(len(vc_swc.vms), 1) self.assertEqual(len(vc_swc.disks), 4) template_vm = (vc_swc.vms.values())[0] self.assertEqual(len(template_vm.disks), 2) self.assertEqual(template_vm.name, "template-encrypted") self.assertEqual(template_vm.disks[0].size, 12*1024*1024) self.assertEqual(template_vm.disks[1].size, 33*1024*1024) self.assertTrue(template_vm.template)
def test_cleanup_bad_mv_image(self): vc_swc = DummyVCenterService() mv_vm = DummyVM("mv_image", 1, 1024) disk = DummyDisk(12*1024*1024, None) mv_vm.add_disk(disk, 0) mv_ovf = DummyOVF(mv_vm, "mv-ovf") vc_swc.ovfs = [] guest_vmdk = "guest-vmdk" with self.assertRaises(Exception): encrypt_vmdk.encrypt_from_s3( vc_swc, DummyEncryptorService, guest_vmdk, vm_name="template-encrypted", create_ovf=False, create_ova=False, target_path=mv_ovf, image_name=None, ovftool_path=None, ovf_name="mv-ovf", download_file_list=[], user_data_str=None ) self.assertEqual(len(vc_swc.vms), 0) self.assertEqual(len(vc_swc.disks), 0)
def run_encrypt(values, parsed_config, log, use_esx=False): session_id = util.make_nonce() if values.create_ovf or values.create_ova: # verify we have a valid output directory if values.target_path is None: raise ValidationError("Missing directory path to store " "final OVF/OVA images") if not os.path.exists(values.target_path): raise ValidationError("Target path %s not present", values.target_path) if values.create_ova: # verify ovftool is present try: cmd = [values.ovftool_path, '-v'] subprocess.check_call(cmd) except: raise ValidationError("OVFtool not present. " "Cannot create OVA") else: if use_esx is False and values.template_vm_name is None: raise ValidationError("Missing template-vm-name for the " "template VM") if (values.source_image_path is not None and values.image_name is None): raise ValidationError("Specify the Metavisor OVF file.") if use_esx: _check_env_vars_set('ESX_USER_NAME') else: _check_env_vars_set('VCENTER_USER_NAME') vcenter_password = _get_vcenter_password(use_esx) brkt_cli.validate_ntp_servers(values.ntp_servers) brkt_env = brkt_cli.brkt_env_from_values(values) if brkt_env is None: _, brkt_env = parsed_config.get_current_env() if not values.token: raise ValidationError('Must provide a token') proxy = None if values.http_proxy: proxy = _parse_proxies(values.http_proxy)[0] # Download images from S3 try: if (values.encryptor_vmdk is None and values.source_image_path is None): (ovf, file_list) = \ esx_service.download_ovf_from_s3( values.bucket_name, image_name=values.image_name, proxy=proxy ) if ovf is None: raise ValidationError("Did not find MV OVF images") except Exception as e: raise ValidationError("Failed to download MV image from S3: ", e) # Connect to vCenter try: vc_swc = esx_service.initialize_vcenter( host=values.vcenter_host, user=os.getenv('ESX_USER_NAME') if use_esx else os.getenv('VCENTER_USER_NAME'), password=vcenter_password, port=values.vcenter_port, datacenter_name=None if use_esx else values.vcenter_datacenter, datastore_name=values.vcenter_datastore, esx_host=use_esx, cluster_name=None if use_esx else values.vcenter_cluster, no_of_cpus=values.no_of_cpus, memory_gb=values.memory_gb, session_id=session_id, network_name=values.network_name, nic_type=values.nic_type, verify=False if use_esx else values.validate, ) except Exception as e: raise ValidationError("Failed to connect to vCenter: ", e) # Validate that template does not already exist if values.template_vm_name: if vc_swc.find_vm(values.template_vm_name): raise ValidationError("VM with the same name as requested " "template VM name %s already exists" % values.template_vm_name) # Set tear-down vc_swc.set_teardown(values.no_teardown) # Set the disk-type if values.disk_type == "thin": vc_swc.set_thin_disk(True) vc_swc.set_eager_scrub(False) elif values.disk_type == "thick-lazy-zeroed": vc_swc.set_thin_disk(False) vc_swc.set_eager_scrub(False) elif values.disk_type == "thick-eager-zeroed": vc_swc.set_thin_disk(False) vc_swc.set_eager_scrub(True) else: raise ValidationError("Disk Type %s not correct. Can only be " "thin, thick-lazy-zeroed or " "thick-eager-zeroed" % (values.disk_type,)) try: instance_config = instance_config_from_values( values, mode=INSTANCE_CREATOR_MODE, cli_config=parsed_config) user_data_str = vc_swc.create_userdata_str(instance_config, update=False, ssh_key_file=values.ssh_public_key_file) if (values.encryptor_vmdk is not None): # Create from MV VMDK encrypt_vmdk.encrypt_from_vmdk( vc_swc, encryptor_service.EncryptorService, values.vmdk, vm_name=values.template_vm_name, create_ovf=values.create_ovf, create_ova=values.create_ova, target_path=values.target_path, image_name=values.encrypted_ovf_name, ovftool_path=values.ovftool_path, metavisor_vmdk=values.encryptor_vmdk, user_data_str=user_data_str, serial_port_file_name=values.serial_port_file_name, status_port=values.status_port, ) elif (values.source_image_path is not None): # Create from MV OVF in local directory encrypt_vmdk.encrypt_from_local_ovf( vc_swc, encryptor_service.EncryptorService, values.vmdk, vm_name=values.template_vm_name, create_ovf=values.create_ovf, create_ova=values.create_ova, target_path=values.target_path, image_name=values.encrypted_ovf_name, ovftool_path=values.ovftool_path, source_image_path=values.source_image_path, ovf_image_name=values.image_name, user_data_str=user_data_str, serial_port_file_name=values.serial_port_file_name, status_port=values.status_port, ) else: # Create from MV OVF in S3 encrypt_vmdk.encrypt_from_s3( vc_swc, encryptor_service.EncryptorService, values.vmdk, vm_name=values.template_vm_name, create_ovf=values.create_ovf, create_ova=values.create_ova, target_path=values.target_path, image_name=values.encrypted_ovf_name, ovftool_path=values.ovftool_path, ovf_name=ovf, download_file_list=file_list, user_data_str=user_data_str, serial_port_file_name=values.serial_port_file_name, status_port=values.status_port, ) return 0 except Exception as e: log.error("Failed to encrypt the guest VMDK: %s", e) return 1