def test_0060_config_valid(config): """Test that configs with valid keys and value types pass validation.""" try: get_validated_config(env.ACTIVE_CONFIG_FILEPATH) except (KeyError, TypeError, ValueError): assert False, f"{env.ACTIVE_CONFIG_FILEPATH} did not pass validation" \ f" when it should have"
def test_0050_config_invalid_value_types(config): """Test that configs with invalid value types don't pass validation.""" bad_values_config1 = testutils.yaml_to_dict(env.ACTIVE_CONFIG_FILEPATH) bad_values_config1['vcd'] = True bad_values_config1['vcs'] = 'a' bad_values_config2 = testutils.yaml_to_dict(env.ACTIVE_CONFIG_FILEPATH) bad_values_config2['vcd']['username'] = True bad_values_config2['vcd']['api_version'] = 123 bad_values_config2['vcd']['port'] = 'a' bad_values_config3 = testutils.yaml_to_dict(env.ACTIVE_CONFIG_FILEPATH) bad_values_config3['vcs'][0]['username'] = True bad_values_config3['vcs'][0]['password'] = 123 bad_values_config3['vcs'][0]['verify'] = 'a' bad_values_config4 = testutils.yaml_to_dict(env.ACTIVE_CONFIG_FILEPATH) bad_values_config4['broker']['remote_template_cookbook_url'] = 1 configs = [ bad_values_config1, bad_values_config2, bad_values_config3, bad_values_config4 ] for config in configs: testutils.dict_to_yaml_file(config, env.ACTIVE_CONFIG_FILEPATH) try: get_validated_config(env.ACTIVE_CONFIG_FILEPATH, skip_config_decryption=True) assert False, f"{env.ACTIVE_CONFIG_FILEPATH} passed validation " \ f"when it should not have" except TypeError: pass
def check(ctx, config, check_install): """Validate CSE config file.""" try: check_python_version(ConsoleMessagePrinter()) except Exception as err: click.secho(str(err), fg='red') sys.exit(1) config_dict = None try: config_dict = get_validated_config( config, msg_update_callback=ConsoleMessagePrinter()) except (NotAcceptableException, VcdException, ValueError, KeyError, TypeError) as err: click.secho(str(err), fg='red') except AmqpConnectionError as err: click.secho(str(err), fg='red') click.secho("check config file amqp section.", fg='red') except requests.exceptions.ConnectionError as err: click.secho(f"Cannot connect to {err.request.url}.", fg='red') except vim.fault.InvalidLogin: click.secho("vCenter login failed (check config file vCenter " "username/password).", fg='red') if check_install and config_dict: try: check_cse_installation( config_dict, msg_update_callback=ConsoleMessagePrinter()) except Exception as err: click.secho(f"Error : {err}") click.secho("CSE installation is invalid", fg='red')
def test_0040_config_missing_keys(config): """Test that config files with missing keys don't pass validation.""" bad_key_config1 = testutils.yaml_to_dict(env.ACTIVE_CONFIG_FILEPATH) del bad_key_config1['amqp'] bad_key_config2 = testutils.yaml_to_dict(env.ACTIVE_CONFIG_FILEPATH) del bad_key_config2['vcs'][0]['username'] configs = [bad_key_config1, bad_key_config2] for config in configs: testutils.dict_to_yaml_file(config, env.ACTIVE_CONFIG_FILEPATH) try: get_validated_config(env.ACTIVE_CONFIG_FILEPATH) assert False, f"{env.ACTIVE_CONFIG_FILEPATH} passed validation " \ f"when it should not have" except KeyError: pass
def check(ctx, config, pks_config, skip_config_decryption, check_install): """Validate CSE config file.""" if skip_config_decryption: password = None else: password = os.getenv('CSE_CONFIG_PASSWORD') or prompt_text( PASSWORD_FOR_CONFIG_DECRYPTION_MSG, color='green', hide_input=True) try: check_python_version(ConsoleMessagePrinter()) except Exception as err: click.secho(str(err), fg='red') sys.exit(1) config_dict = None try: config_dict = get_validated_config( config, pks_config_file_name=pks_config, skip_config_decryption=skip_config_decryption, decryption_password=password, msg_update_callback=ConsoleMessagePrinter()) except (NotAcceptableException, VcdException, ValueError, KeyError, TypeError) as err: click.secho(str(err), fg='red') except AmqpConnectionError as err: click.secho(str(err), fg='red') click.secho("check config file amqp section.", fg='red') except requests.exceptions.ConnectionError as err: click.secho(f"Cannot connect to {err.request.url}.", fg='red') except cryptography.fernet.InvalidToken: click.secho(CONFIG_DECRYPTION_ERROR_MSG, fg='red') except vim.fault.InvalidLogin: click.secho( "vCenter login failed (check config file vCenter " "username/password).", fg='red') if check_install and config_dict: try: check_cse_installation(config_dict, msg_update_callback=ConsoleMessagePrinter()) except Exception as err: click.secho(f"Error : {err}") click.secho("CSE installation is invalid", fg='red')
def run(self, msg_update_callback=utils.NullPrinter()): self.config = get_validated_config( self.config_file, pks_config_file_name=self.pks_config_file, skip_config_decryption=self.skip_config_decryption, decryption_password=self.decryption_password, log_wire_file=logger.SERVER_DEBUG_WIRELOG_FILEPATH, logger_debug=logger.SERVER_LOGGER, msg_update_callback=msg_update_callback) populate_vsphere_list(self.config['vcs']) # Load def entity-type and interface self._load_def_schema(msg_update_callback=msg_update_callback) # Read k8s catalog definition from catalog item metadata and append # the same to to server run-time config self._load_template_definition_from_catalog( msg_update_callback=msg_update_callback) if float(self.config['vcd']['api_version']) < float( vCDApiVersion.VERSION_35.value): # noqa: E501 # Read templates rules from config and update template deinfition # in server run-time config self._process_template_rules( msg_update_callback=msg_update_callback) # Make sure that all vms in templates are compliant with the # compute policy specified in template definition (can be affected # by rules). self._process_template_compute_policy_compliance( msg_update_callback=msg_update_callback) else: msg = "Template rules are not supported by CSE for vCD api " \ "version 35.0 or above. Skipping template rule processing." msg_update_callback.info(msg) logger.SERVER_LOGGER.debug(msg) if self.should_check_config: check_cse_installation(self.config, msg_update_callback=msg_update_callback) if self.config.get('pks_config'): pks_config = self.config.get('pks_config') self.pks_cache = PksCache( pks_servers=pks_config.get('pks_api_servers', []), pks_accounts=pks_config.get('pks_accounts', []), pvdcs=pks_config.get('pvdcs', []), orgs=pks_config.get('orgs', []), nsxt_servers=pks_config.get('nsxt_servers', [])) amqp = self.config['amqp'] num_consumers = self.config['service']['listeners'] for n in range(num_consumers): try: c = MessageConsumer(amqp['host'], amqp['port'], amqp['ssl'], amqp['vhost'], amqp['username'], amqp['password'], amqp['exchange'], amqp['routing_key']) name = 'MessageConsumer-%s' % n t = Thread(name=name, target=consumer_thread, args=(c, )) t.daemon = True t.start() msg = f"Started thread '{name} ({t.ident})'" msg_update_callback.general(msg) logger.SERVER_LOGGER.info(msg) self.threads.append(t) self.consumers.append(c) time.sleep(0.25) except KeyboardInterrupt: break except Exception: logger.SERVER_LOGGER.error(traceback.format_exc()) logger.SERVER_LOGGER.info( f"Number of threads started: {len(self.threads)}") # noqa: E501 self._state = ServerState.RUNNING message = f"Container Service Extension for vCloud Director" \ f"\nServer running using config file: {self.config_file}" \ f"\nLog files: {logger.SERVER_INFO_LOG_FILEPATH}, " \ f"{logger.SERVER_DEBUG_LOG_FILEPATH}" \ f"\nwaiting for requests (ctrl+c to close)" signal.signal(signal.SIGINT, signal_handler) msg_update_callback.general_no_color(message) logger.SERVER_LOGGER.info(message) # Record telemetry on user action and details of operation. cse_params = { PayloadKey.WAS_DECRYPTION_SKIPPED: bool(self.skip_config_decryption), # noqa: E501 PayloadKey.WAS_PKS_CONFIG_FILE_PROVIDED: bool(self.pks_config_file), # noqa: E501 PayloadKey.WAS_INSTALLATION_CHECK_SKIPPED: bool(self.should_check_config) # noqa: E501 } record_user_action_details(cse_operation=CseOperation.SERVICE_RUN, cse_params=cse_params) record_user_action(cse_operation=CseOperation.SERVICE_RUN) while True: try: time.sleep(1) if self._state == ServerState.STOPPING and \ self.active_requests_count() == 0: break except KeyboardInterrupt: break except Exception: msg_update_callback.general_no_color(traceback.format_exc()) logger.SERVER_LOGGER.error(traceback.format_exc()) sys.exit(1) logger.SERVER_LOGGER.info("Stop detected") logger.SERVER_LOGGER.info("Closing connections...") for c in self.consumers: try: c.stop() except Exception: logger.SERVER_LOGGER.error(traceback.format_exc()) self._state = ServerState.STOPPED logger.SERVER_LOGGER.info("Done")
def run(self, msg_update_callback=None): configure_server_logger() self.config = get_validated_config( self.config_file, msg_update_callback=msg_update_callback) populate_vsphere_list(self.config['vcs']) # Read k8s catalog definition from catalog item metadata and append # the same to to server run-time config self._load_template_definition_from_catalog( msg_update_callback=msg_update_callback) # Read templates rules from config and update template deinfition in # server run-time config self._process_template_rules(msg_update_callback=msg_update_callback) # Make sure that all vms in templates are compliant with the compute # policy specified in template definition (can be affected by rules). self._process_template_compute_policy_compliance( msg_update_callback=msg_update_callback) if self.should_check_config: check_cse_installation(self.config, msg_update_callback=msg_update_callback) if self.config.get('pks_config'): pks_config = self.config.get('pks_config') self.pks_cache = PksCache( pks_servers=pks_config.get('pks_api_servers', []), pks_accounts=pks_config.get('pks_accounts', []), pvdcs=pks_config.get('pvdcs', []), orgs=pks_config.get('orgs', []), nsxt_servers=pks_config.get('nsxt_servers', [])) amqp = self.config['amqp'] num_consumers = self.config['service']['listeners'] for n in range(num_consumers): try: c = MessageConsumer(amqp['host'], amqp['port'], amqp['ssl'], amqp['vhost'], amqp['username'], amqp['password'], amqp['exchange'], amqp['routing_key']) name = 'MessageConsumer-%s' % n t = Thread(name=name, target=consumer_thread, args=(c, )) t.daemon = True t.start() msg = f"Started thread '{name} ({t.ident})'" if msg_update_callback: msg_update_callback.general(msg) LOGGER.info(msg) self.threads.append(t) self.consumers.append(c) time.sleep(0.25) except KeyboardInterrupt: break except Exception: LOGGER.error(traceback.format_exc()) LOGGER.info(f"Number of threads started: {len(self.threads)}") self._state = ServerState.RUNNING message = f"Container Service Extension for vCloud Director" \ f"\nServer running using config file: {self.config_file}" \ f"\nLog files: {SERVER_INFO_LOG_FILEPATH}, " \ f"{SERVER_DEBUG_LOG_FILEPATH}" \ f"\nwaiting for requests (ctrl+c to close)" signal.signal(signal.SIGINT, signal_handler) if msg_update_callback: msg_update_callback.general_no_color(message) LOGGER.info(message) while True: try: time.sleep(1) if self._state == ServerState.STOPPING and \ self.active_requests_count() == 0: break except KeyboardInterrupt: break except Exception: if msg_update_callback: msg_update_callback.general_no_color( traceback.format_exc()) LOGGER.error(traceback.format_exc()) sys.exit(1) LOGGER.info("Stop detected") LOGGER.info("Closing connections...") for c in self.consumers: try: c.stop() except Exception: LOGGER.error(traceback.format_exc()) self._state = ServerState.STOPPED LOGGER.info("Done")
def install_template(template_name, template_revision, config_file_name, force_create, retain_temp_vapp, ssh_key, skip_config_decryption=False, decryption_password=None, msg_update_callback=None): """Install a particular template in CSE. If template_name and revision are wild carded to *, all templates defined in remote template cookbook will be installed. :param str template_name: :param str template_revision: :param str config_file_name: config file name. :param bool force_create: if True and template already exists in vCD, overwrites existing template. :param str ssh_key: public ssh key to place into template vApp(s). :param bool retain_temp_vapp: if True, temporary vApp will not destroyed, so the user can ssh into and debug the vm. :param bool skip_config_decryption: do not decrypt the config file. :param str decryption_password: password to decrypt the config file. :param utils.ConsoleMessagePrinter msg_update_callback: Callback object that writes messages onto console. """ configure_install_logger() config = get_validated_config( config_file_name, skip_config_decryption=skip_config_decryption, decryption_password=decryption_password, msg_update_callback=msg_update_callback) populate_vsphere_list(config['vcs']) msg = f"Installing template '{template_name}' at revision " \ f"'{template_revision}' on vCloud Director using config file " \ f"'{config_file_name}'" if msg_update_callback: msg_update_callback.info(msg) LOGGER.info(msg) client = None try: log_filename = None log_wire = str_to_bool(config['service'].get('log_wire')) if log_wire: log_filename = INSTALL_WIRELOG_FILEPATH client = Client(config['vcd']['host'], api_version=config['vcd']['api_version'], verify_ssl_certs=config['vcd']['verify'], log_file=log_filename, log_requests=log_wire, log_headers=log_wire, log_bodies=log_wire) credentials = BasicLoginCredentials(config['vcd']['username'], SYSTEM_ORG_NAME, config['vcd']['password']) client.set_credentials(credentials) msg = f"Connected to vCD as system administrator: " \ f"{config['vcd']['host']}:{config['vcd']['port']}" if msg_update_callback: msg_update_callback.general(msg) LOGGER.info(msg) # read remote template cookbook rtm = RemoteTemplateManager( remote_template_cookbook_url=config['broker'] ['remote_template_cookbook_url'], # noqa: E501 logger=LOGGER, msg_update_callback=msg_update_callback) remote_template_cookbook = rtm.get_remote_template_cookbook() found_template = False for template in remote_template_cookbook['templates']: template_name_matched = template_name in ( template[RemoteTemplateKey.NAME], '*') # noqa: E501 template_revision_matched = str(template_revision) in (str( template[RemoteTemplateKey.REVISION]), '*') # noqa: E501 if template_name_matched and template_revision_matched: found_template = True _install_template( client=client, remote_template_manager=rtm, template=template, org_name=config['broker']['org'], vdc_name=config['broker']['vdc'], catalog_name=config['broker']['catalog'], network_name=config['broker']['network'], ip_allocation_mode=config['broker']['ip_allocation_mode'], storage_profile=config['broker']['storage_profile'], force_update=force_create, retain_temp_vapp=retain_temp_vapp, ssh_key=ssh_key, msg_update_callback=msg_update_callback) if not found_template: msg = f"Template '{template_name}' at revision " \ f"'{template_revision}' not found in remote template " \ "cookbook." if msg_update_callback: msg_update_callback.error(msg) LOGGER.error(msg, exc_info=True) except Exception: if msg_update_callback: msg_update_callback.error( "Template Installation Error. Check CSE install logs") LOGGER.error("Template Installation Error", exc_info=True) finally: if client is not None: client.logout()
def install_cse(config_file_name, skip_template_creation, force_update, ssh_key, retain_temp_vapp, pks_config_file_name=None, skip_config_decryption=False, decryption_password=None, msg_update_callback=None): """Handle logistics for CSE installation. Handles decision making for configuring AMQP exchange/settings, extension registration, catalog setup, and template creation. :param str config_file_name: config file name. :param bool skip_template_creation: If True, skip creating the templates. :param bool force_update: if True and templates already exist in vCD, overwrites existing templates. :param str ssh_key: public ssh key to place into template vApp(s). :param bool retain_temp_vapp: if True, temporary vApp will not destroyed, so the user can ssh into and debug the vm. :param str pks_config_file_name: pks config file name. :param bool skip_config_decryption: do not decrypt the config file. :param str decryption_password: password to decrypt the config file. :param utils.ConsoleMessagePrinter msg_update_callback: Callback object that writes messages onto console. :raises AmqpError: if AMQP exchange could not be created. """ configure_install_logger() config = get_validated_config( config_file_name, pks_config_file_name=pks_config_file_name, skip_config_decryption=skip_config_decryption, decryption_password=decryption_password, msg_update_callback=msg_update_callback) populate_vsphere_list(config['vcs']) msg = f"Installing CSE on vCloud Director using config file " \ f"'{config_file_name}'" if msg_update_callback: msg_update_callback.info(msg) LOGGER.info(msg) client = None try: log_filename = None log_wire = str_to_bool(config['service'].get('log_wire')) if log_wire: log_filename = INSTALL_WIRELOG_FILEPATH client = Client(config['vcd']['host'], api_version=config['vcd']['api_version'], verify_ssl_certs=config['vcd']['verify'], log_file=log_filename, log_requests=log_wire, log_headers=log_wire, log_bodies=log_wire) credentials = BasicLoginCredentials(config['vcd']['username'], SYSTEM_ORG_NAME, config['vcd']['password']) client.set_credentials(credentials) msg = f"Connected to vCD as system administrator: " \ f"{config['vcd']['host']}:{config['vcd']['port']}" if msg_update_callback: msg_update_callback.general(msg) LOGGER.info(msg) # create amqp exchange if it doesn't exist amqp = config['amqp'] _create_amqp_exchange(amqp['exchange'], amqp['host'], amqp['port'], amqp['vhost'], amqp['ssl'], amqp['username'], amqp['password'], msg_update_callback=msg_update_callback) # register or update cse on vCD _register_cse(client, amqp['routing_key'], amqp['exchange'], msg_update_callback=msg_update_callback) # register rights to vCD # TODO() should also remove rights when unregistering CSE _register_right(client, right_name=CSE_NATIVE_DEPLOY_RIGHT_NAME, description=CSE_NATIVE_DEPLOY_RIGHT_DESCRIPTION, category=CSE_NATIVE_DEPLOY_RIGHT_CATEGORY, bundle_key=CSE_NATIVE_DEPLOY_RIGHT_BUNDLE_KEY, msg_update_callback=msg_update_callback) _register_right(client, right_name=CSE_PKS_DEPLOY_RIGHT_NAME, description=CSE_PKS_DEPLOY_RIGHT_DESCRIPTION, category=CSE_PKS_DEPLOY_RIGHT_CATEGORY, bundle_key=CSE_PKS_DEPLOY_RIGHT_BUNDLE_KEY, msg_update_callback=msg_update_callback) # set up cse catalog org = get_org(client, org_name=config['broker']['org']) create_and_share_catalog(org, config['broker']['catalog'], catalog_desc='CSE templates', msg_update_callback=msg_update_callback) if skip_template_creation: msg = "Skipping creation of templates." if msg_update_callback: msg_update_callback.info(msg) LOGGER.warning(msg) else: # read remote template cookbook, download all scripts rtm = RemoteTemplateManager( remote_template_cookbook_url=config['broker'] ['remote_template_cookbook_url'], # noqa: E501 logger=LOGGER, msg_update_callback=msg_update_callback) remote_template_cookbook = rtm.get_remote_template_cookbook() # create all templates defined in cookbook for template in remote_template_cookbook['templates']: _install_template( client=client, remote_template_manager=rtm, template=template, org_name=config['broker']['org'], vdc_name=config['broker']['vdc'], catalog_name=config['broker']['catalog'], network_name=config['broker']['network'], ip_allocation_mode=config['broker']['ip_allocation_mode'], storage_profile=config['broker']['storage_profile'], force_update=force_update, retain_temp_vapp=retain_temp_vapp, ssh_key=ssh_key, msg_update_callback=msg_update_callback) # if it's a PKS setup, setup NSX-T constructs if config.get('pks_config'): nsxt_servers = config.get('pks_config')['nsxt_servers'] for nsxt_server in nsxt_servers: msg = f"Configuring NSX-T server ({nsxt_server.get('name')})" \ " for CSE. Please check install logs for details." if msg_update_callback: msg_update_callback.general(msg) LOGGER.info(msg) nsxt_client = NSXTClient(host=nsxt_server.get('host'), username=nsxt_server.get('username'), password=nsxt_server.get('password'), http_proxy=nsxt_server.get('proxy'), https_proxy=nsxt_server.get('proxy'), verify_ssl=nsxt_server.get('verify'), logger_instance=LOGGER, log_requests=True, log_headers=True, log_body=True) setup_nsxt_constructs( nsxt_client=nsxt_client, nodes_ip_block_id=nsxt_server.get('nodes_ip_block_ids'), pods_ip_block_id=nsxt_server.get('pods_ip_block_ids'), ncp_boundary_firewall_section_anchor_id=nsxt_server.get( 'distributed_firewall_section_anchor_id') ) # noqa: E501 except Exception: if msg_update_callback: msg_update_callback.error( "CSE Installation Error. Check CSE install logs") LOGGER.error("CSE Installation Error", exc_info=True) raise # TODO() need installation relevant exceptions for rollback finally: if client is not None: client.logout()
def install_template(template_name, template_revision, config_file_name, force_create, retain_temp_vapp, ssh_key, skip_config_decryption=False, decryption_password=None, msg_update_callback=utils.NullPrinter()): """Install a particular template in CSE. If template_name and revision are wild carded to *, all templates defined in remote template cookbook will be installed. :param str template_name: :param str template_revision: :param str config_file_name: config file name. :param bool force_create: if True and template already exists in vCD, overwrites existing template. :param str ssh_key: public ssh key to place into template vApp(s). :param bool retain_temp_vapp: if True, temporary vApp will not destroyed, so the user can ssh into and debug the vm. :param bool skip_config_decryption: do not decrypt the config file. :param str decryption_password: password to decrypt the config file. :param utils.ConsoleMessagePrinter msg_update_callback: Callback object. """ config = get_validated_config( config_file_name, skip_config_decryption=skip_config_decryption, decryption_password=decryption_password, log_wire_file=INSTALL_WIRELOG_FILEPATH, logger_debug=INSTALL_LOGGER, msg_update_callback=msg_update_callback) populate_vsphere_list(config['vcs']) msg = f"Installing template '{template_name}' at revision " \ f"'{template_revision}' on vCloud Director using config file " \ f"'{config_file_name}'" msg_update_callback.info(msg) INSTALL_LOGGER.info(msg) client = None try: # Telemetry data construction cse_params = { PayloadKey.TEMPLATE_NAME: template_name, PayloadKey.TEMPLATE_REVISION: template_revision, PayloadKey.WAS_DECRYPTION_SKIPPED: bool(skip_config_decryption), PayloadKey.WERE_TEMPLATES_FORCE_UPDATED: bool(force_create), PayloadKey.WAS_TEMP_VAPP_RETAINED: bool(retain_temp_vapp), PayloadKey.WAS_SSH_KEY_SPECIFIED: bool(ssh_key) } # Record telemetry data record_user_action_details( cse_operation=CseOperation.TEMPLATE_INSTALL, cse_params=cse_params, telemetry_settings=config['service']['telemetry']) log_filename = None log_wire = utils.str_to_bool(config['service'].get('log_wire')) if log_wire: log_filename = INSTALL_WIRELOG_FILEPATH client = Client(config['vcd']['host'], api_version=config['vcd']['api_version'], verify_ssl_certs=config['vcd']['verify'], log_file=log_filename, log_requests=log_wire, log_headers=log_wire, log_bodies=log_wire) credentials = BasicLoginCredentials(config['vcd']['username'], server_constants.SYSTEM_ORG_NAME, config['vcd']['password']) client.set_credentials(credentials) msg = f"Connected to vCD as system administrator: " \ f"{config['vcd']['host']}:{config['vcd']['port']}" msg_update_callback.general(msg) INSTALL_LOGGER.info(msg) # read remote template cookbook rtm = RemoteTemplateManager( remote_template_cookbook_url=config['broker'] ['remote_template_cookbook_url'], # noqa: E501 logger=INSTALL_LOGGER, msg_update_callback=msg_update_callback) remote_template_cookbook = rtm.get_remote_template_cookbook() found_template = False for template in remote_template_cookbook['templates']: template_name_matched = template_name in ( template[server_constants.RemoteTemplateKey.NAME], '*' ) # noqa: E501 template_revision_matched = \ str(template_revision) in (str(template[server_constants.RemoteTemplateKey.REVISION]), '*') # noqa: E501 if template_name_matched and template_revision_matched: found_template = True _install_template( client=client, remote_template_manager=rtm, template=template, org_name=config['broker']['org'], vdc_name=config['broker']['vdc'], catalog_name=config['broker']['catalog'], network_name=config['broker']['network'], ip_allocation_mode=config['broker']['ip_allocation_mode'], storage_profile=config['broker']['storage_profile'], force_update=force_create, retain_temp_vapp=retain_temp_vapp, ssh_key=ssh_key, msg_update_callback=msg_update_callback) if not found_template: msg = f"Template '{template_name}' at revision " \ f"'{template_revision}' not found in remote template " \ "cookbook." msg_update_callback.error(msg) INSTALL_LOGGER.error(msg, exc_info=True) raise Exception(msg) # Record telemetry data on successful template install record_user_action( cse_operation=CseOperation.TEMPLATE_INSTALL, status=OperationStatus.SUCCESS, telemetry_settings=config['service']['telemetry']) # noqa: E501 except Exception: msg_update_callback.error( "Template Installation Error. Check CSE install logs") INSTALL_LOGGER.error("Template Installation Error", exc_info=True) # Record telemetry data on template install failure record_user_action(cse_operation=CseOperation.TEMPLATE_INSTALL, status=OperationStatus.FAILED, telemetry_settings=config['service']['telemetry']) finally: if client is not None: client.logout()
def install_cse(config_file_name, skip_template_creation, force_update, ssh_key, retain_temp_vapp, pks_config_file_name=None, skip_config_decryption=False, decryption_password=None, msg_update_callback=utils.NullPrinter()): """Handle logistics for CSE installation. Handles decision making for configuring AMQP exchange/settings, defined entity schema registration for vCD api version >= 35, extension registration, catalog setup and template creation. Also records telemetry data on installation details. :param str config_file_name: config file name. :param bool skip_template_creation: If True, skip creating the templates. :param bool force_update: if True and templates already exist in vCD, overwrites existing templates. :param str ssh_key: public ssh key to place into template vApp(s). :param bool retain_temp_vapp: if True, temporary vApp will not destroyed, so the user can ssh into and debug the vm. :param str pks_config_file_name: pks config file name. :param bool skip_config_decryption: do not decrypt the config file. :param str decryption_password: password to decrypt the config file. :param utils.ConsoleMessagePrinter msg_update_callback: Callback object. :raises cse_exception.AmqpError: if AMQP exchange could not be created. """ config = get_validated_config( config_file_name, pks_config_file_name=pks_config_file_name, skip_config_decryption=skip_config_decryption, decryption_password=decryption_password, log_wire_file=INSTALL_WIRELOG_FILEPATH, logger_debug=INSTALL_LOGGER, msg_update_callback=msg_update_callback) populate_vsphere_list(config['vcs']) msg = f"Installing CSE on vCloud Director using config file " \ f"'{config_file_name}'" msg_update_callback.info(msg) INSTALL_LOGGER.info(msg) client = None try: # Telemetry - Construct telemetry data telemetry_data = { PayloadKey.WAS_DECRYPTION_SKIPPED: bool(skip_config_decryption), # noqa: E501 PayloadKey.WAS_PKS_CONFIG_FILE_PROVIDED: bool(pks_config_file_name), # noqa: E501 PayloadKey.WERE_TEMPLATES_SKIPPED: bool(skip_template_creation), # noqa: E501 PayloadKey.WERE_TEMPLATES_FORCE_UPDATED: bool(force_update), # noqa: E501 PayloadKey.WAS_TEMP_VAPP_RETAINED: bool(retain_temp_vapp), # noqa: E501 PayloadKey.WAS_SSH_KEY_SPECIFIED: bool(ssh_key) # noqa: E501 } # Telemetry - Record detailed telemetry data on install record_user_action_details( CseOperation.SERVICE_INSTALL, telemetry_data, telemetry_settings=config['service']['telemetry']) # noqa: E501 log_filename = None log_wire = utils.str_to_bool(config['service'].get('log_wire')) if log_wire: log_filename = INSTALL_WIRELOG_FILEPATH client = Client(config['vcd']['host'], api_version=config['vcd']['api_version'], verify_ssl_certs=config['vcd']['verify'], log_file=log_filename, log_requests=log_wire, log_headers=log_wire, log_bodies=log_wire) credentials = BasicLoginCredentials(config['vcd']['username'], server_constants.SYSTEM_ORG_NAME, config['vcd']['password']) client.set_credentials(credentials) msg = f"Connected to vCD as system administrator: " \ f"{config['vcd']['host']}:{config['vcd']['port']}" msg_update_callback.general(msg) INSTALL_LOGGER.info(msg) # create amqp exchange if it doesn't exist amqp = config['amqp'] _create_amqp_exchange(amqp['exchange'], amqp['host'], amqp['port'], amqp['vhost'], amqp['ssl'], amqp['username'], amqp['password'], msg_update_callback=msg_update_callback) # register or update cse on vCD _register_cse(client, amqp['routing_key'], amqp['exchange'], msg_update_callback=msg_update_callback) # register cse def schema on VCD # schema should be located at # ~/.cse-schema/api-v<API VERSION>/schema.json _register_def_schema(client, msg_update_callback=msg_update_callback, log_wire=log_wire) # Since we use CSE extension id as our telemetry instance_id, the # validated config won't have the instance_id yet. Now that CSE has # been registered as an extension, we should update the telemetry # config with the correct instance_id if config['service']['telemetry']['enable']: store_telemetry_settings(config) # register rights to vCD # TODO() should also remove rights when unregistering CSE _register_right( client, right_name=server_constants. CSE_NATIVE_DEPLOY_RIGHT_NAME, # noqa: E501 description=server_constants. CSE_NATIVE_DEPLOY_RIGHT_DESCRIPTION, # noqa: E501 category=server_constants. CSE_NATIVE_DEPLOY_RIGHT_CATEGORY, # noqa: E501 bundle_key=server_constants. CSE_NATIVE_DEPLOY_RIGHT_BUNDLE_KEY, # noqa: E501 msg_update_callback=msg_update_callback) _register_right( client, right_name=server_constants. CSE_PKS_DEPLOY_RIGHT_NAME, # noqa: E501 description=server_constants. CSE_PKS_DEPLOY_RIGHT_DESCRIPTION, # noqa: E501 category=server_constants. CSE_PKS_DEPLOY_RIGHT_CATEGORY, # noqa: E501 bundle_key=server_constants. CSE_PKS_DEPLOY_RIGHT_BUNDLE_KEY, # noqa: E501 msg_update_callback=msg_update_callback) # set up placement policies for all types of clusters _setup_placement_policies( client, policy_list=server_constants. CLUSTER_PLACEMENT_POLICIES, # noqa: E501 msg_update_callback=msg_update_callback, log_wire=log_wire) # set up cse catalog org = vcd_utils.get_org(client, org_name=config['broker']['org']) vcd_utils.create_and_share_catalog( org, config['broker']['catalog'], catalog_desc='CSE templates', logger=INSTALL_LOGGER, msg_update_callback=msg_update_callback) if skip_template_creation: msg = "Skipping creation of templates." msg_update_callback.info(msg) INSTALL_LOGGER.warning(msg) else: # read remote template cookbook, download all scripts rtm = RemoteTemplateManager( remote_template_cookbook_url=config['broker'] ['remote_template_cookbook_url'], # noqa: E501 logger=INSTALL_LOGGER, msg_update_callback=msg_update_callback) remote_template_cookbook = rtm.get_remote_template_cookbook() # create all templates defined in cookbook for template in remote_template_cookbook['templates']: # TODO tag created templates with placement policies _install_template( client=client, remote_template_manager=rtm, template=template, org_name=config['broker']['org'], vdc_name=config['broker']['vdc'], catalog_name=config['broker']['catalog'], network_name=config['broker']['network'], ip_allocation_mode=config['broker']['ip_allocation_mode'], storage_profile=config['broker']['storage_profile'], force_update=force_update, retain_temp_vapp=retain_temp_vapp, ssh_key=ssh_key, msg_update_callback=msg_update_callback) # if it's a PKS setup, setup NSX-T constructs if config.get('pks_config'): nsxt_servers = config['pks_config']['nsxt_servers'] wire_logger = NULL_LOGGER if log_wire: wire_logger = SERVER_NSXT_WIRE_LOGGER for nsxt_server in nsxt_servers: msg = f"Configuring NSX-T server ({nsxt_server.get('name')})" \ " for CSE. Please check install logs for details." msg_update_callback.general(msg) INSTALL_LOGGER.info(msg) nsxt_client = NSXTClient(host=nsxt_server.get('host'), username=nsxt_server.get('username'), password=nsxt_server.get('password'), logger_debug=INSTALL_LOGGER, logger_wire=wire_logger, http_proxy=nsxt_server.get('proxy'), https_proxy=nsxt_server.get('proxy'), verify_ssl=nsxt_server.get('verify')) setup_nsxt_constructs( nsxt_client=nsxt_client, nodes_ip_block_id=nsxt_server.get('nodes_ip_block_ids'), pods_ip_block_id=nsxt_server.get('pods_ip_block_ids'), ncp_boundary_firewall_section_anchor_id=nsxt_server.get( 'distributed_firewall_section_anchor_id') ) # noqa: E501 # Telemetry - Record successful install action record_user_action(CseOperation.SERVICE_INSTALL, telemetry_settings=config['service']['telemetry']) except Exception: msg_update_callback.error( "CSE Installation Error. Check CSE install logs") INSTALL_LOGGER.error("CSE Installation Error", exc_info=True) # Telemetry - Record failed install action record_user_action(CseOperation.SERVICE_INSTALL, status=OperationStatus.FAILED, telemetry_settings=config['service']['telemetry']) raise # TODO() need installation relevant exceptions for rollback finally: if client is not None: client.logout()
def convert_cluster(ctx, config_file_name, skip_config_decryption, cluster_name, admin_password, org_name, vdc_name, skip_wait_for_gc): if skip_config_decryption: decryption_password = None else: decryption_password = os.getenv('CSE_CONFIG_PASSWORD') or prompt_text( PASSWORD_FOR_CONFIG_DECRYPTION_MSG, color='green', hide_input=True) try: check_python_version() except Exception as err: click.secho(str(err), fg='red') sys.exit(1) client = None try: console_message_printer = ConsoleMessagePrinter() config = get_validated_config( config_file_name, skip_config_decryption=skip_config_decryption, decryption_password=decryption_password, msg_update_callback=console_message_printer) log_filename = None log_wire = str_to_bool(config['service'].get('log_wire')) if log_wire: log_filename = 'cluster_convert_wire.log' client = Client(config['vcd']['host'], api_version=config['vcd']['api_version'], verify_ssl_certs=config['vcd']['verify'], log_file=log_filename, log_requests=log_wire, log_headers=log_wire, log_bodies=log_wire) credentials = BasicLoginCredentials(config['vcd']['username'], SYSTEM_ORG_NAME, config['vcd']['password']) client.set_credentials(credentials) msg = f"Connected to vCD as system administrator: " \ f"{config['vcd']['host']}:{config['vcd']['port']}" console_message_printer.general(msg) cluster_records = get_all_clusters(client=client, cluster_name=cluster_name, org_name=org_name, ovdc_name=vdc_name) if len(cluster_records) == 0: console_message_printer.info(f"No clusters were found.") return vms = [] for cluster in cluster_records: console_message_printer.info( f"Processing cluster '{cluster['name']}'.") vapp_href = cluster['vapp_href'] vapp = VApp(client, href=vapp_href) # this step removes the old 'cse.template' metadata and adds # cse.template.name and cse.template.revision metadata # using hard-coded values taken from github history console_message_printer.info("Processing metadata of cluster.") metadata_dict = metadata_to_dict(vapp.get_metadata()) old_template_name = metadata_dict.get( ClusterMetadataKey.BACKWARD_COMPATIBILE_TEMPLATE_NAME ) # noqa: E501 new_template_name = None cse_version = metadata_dict.get(ClusterMetadataKey.CSE_VERSION) if old_template_name: console_message_printer.info( "Determining k8s version on cluster.") if 'photon' in old_template_name: new_template_name = 'photon-v2' if cse_version in ('1.0.0'): new_template_name += '_k8s-1.8_weave-2.0.5' elif cse_version in ('1.1.0', '1.2.0', '1.2.1', '1.2.2', '1.2.3', '1.2.4'): # noqa: E501 new_template_name += '_k8s-1.9_weave-2.3.0' elif cse_version in ( '1.2.5', '1.2.6', '1.2.7', ): # noqa: E501 new_template_name += '_k8s-1.10_weave-2.3.0' elif cse_version in ('2.0.0'): new_template_name += '_k8s-1.12_weave-2.3.0' elif 'ubuntu' in old_template_name: new_template_name = 'ubuntu-16.04' if cse_version in ('1.0.0'): new_template_name += '_k8s-1.9_weave-2.1.3' elif cse_version in ('1.1.0', '1.2.0', '1.2.1', '1.2.2', '1.2.3', '1.2.4', '1.2.5', '1.2.6', '1.2.7'): # noqa: E501 new_template_name += '_k8s-1.10_weave-2.3.0' elif cse_version in ('2.0.0'): new_template_name += '_k8s-1.13_weave-2.3.0' if new_template_name: console_message_printer.info("Updating metadata of cluster.") task = vapp.remove_metadata( ClusterMetadataKey.BACKWARD_COMPATIBILE_TEMPLATE_NAME ) # noqa: E501 client.get_task_monitor().wait_for_success(task) new_metadata_to_add = { ClusterMetadataKey.TEMPLATE_NAME: new_template_name, ClusterMetadataKey.TEMPLATE_REVISION: 0 } task = vapp.set_multiple_metadata(new_metadata_to_add) client.get_task_monitor().wait_for_success(task) # this step uses hard-coded data from the newly updated # cse.template.name and cse.template.revision metadata fields as # well as github history to add [cse.os, cse.docker.version, # cse.kubernetes, cse.kubernetes.version, cse.cni, cse.cni.version] # to the clusters vapp.reload() metadata_dict = metadata_to_dict(vapp.get_metadata()) template_name = metadata_dict.get(ClusterMetadataKey.TEMPLATE_NAME) template_revision = str( metadata_dict.get(ClusterMetadataKey.TEMPLATE_REVISION, '0')) # noqa: E501 if template_name: k8s_version, docker_version = get_k8s_and_docker_versions( template_name, template_revision=template_revision, cse_version=cse_version) # noqa: E501 tokens = template_name.split('_') new_metadata = { ClusterMetadataKey.OS: tokens[0], ClusterMetadataKey.DOCKER_VERSION: docker_version, ClusterMetadataKey.KUBERNETES: 'upstream', ClusterMetadataKey.KUBERNETES_VERSION: k8s_version, ClusterMetadataKey.CNI: tokens[2].split('-')[0], ClusterMetadataKey.CNI_VERSION: tokens[2].split('-')[1], } task = vapp.set_multiple_metadata(new_metadata) client.get_task_monitor().wait_for_success(task) console_message_printer.general( "Finished processing metadata of cluster.") reset_admin_pw = False vm_resources = vapp.get_all_vms() for vm_resource in vm_resources: try: vapp.get_admin_password(vm_resource.get('name')) except EntityNotFoundException: reset_admin_pw = True break if reset_admin_pw: try: console_message_printer.info( f"Undeploying the vApp '{cluster['name']}'") task = vapp.undeploy() client.get_task_monitor().wait_for_success(task) console_message_printer.general( "Successfully undeployed the vApp.") except Exception as err: console_message_printer.error(str(err)) for vm_resource in vm_resources: console_message_printer.info( f"Processing vm '{vm_resource.get('name')}'.") vm = VM(client, href=vm_resource.get('href')) vms.append(vm) console_message_printer.info("Updating vm admin password") task = vm.update_guest_customization_section( enabled=True, admin_password_enabled=True, admin_password_auto=not admin_password, admin_password=admin_password, ) client.get_task_monitor().wait_for_success(task) console_message_printer.general("Successfully updated vm") console_message_printer.info("Deploying vm.") task = vm.power_on_and_force_recustomization() client.get_task_monitor().wait_for_success(task) console_message_printer.general("Successfully deployed vm") console_message_printer.info("Deploying cluster") task = vapp.deploy(power_on=True) client.get_task_monitor().wait_for_success(task) console_message_printer.general( "Successfully deployed cluster") # noqa: E501 console_message_printer.general( f"Successfully processed cluster '{cluster['name']}'") if skip_wait_for_gc: return while True: to_remove = [] for vm in vms: status = vm.get_guest_customization_status() if status != 'GC_PENDING': to_remove.append(vm) for vm in to_remove: vms.remove(vm) console_message_printer.info( f"Waiting on guest customization to finish on {len(vms)} vms.") if not len(vms) == 0: time.sleep(5) else: break except cryptography.fernet.InvalidToken: click.secho(CONFIG_DECRYPTION_ERROR_MSG, fg='red') except Exception as err: click.secho(str(err), fg='red') finally: if client: client.logout()
def install_cse(ctx, config_file_name='config.yaml', skip_template_creation=True, force_update=False, ssh_key=None, retain_temp_vapp=False, msg_update_callback=None): """Handle logistics for CSE installation. Handles decision making for configuring AMQP exchange/settings, extension registration, catalog setup, and template creation. :param click.core.Context ctx: :param str config_file_name: config file name. :param bool skip_template_creation: If True, skip creating the templates. :param bool force_update: if True and templates already exist in vCD, overwrites existing templates. :param str ssh_key: public ssh key to place into template vApp(s). :param bool retain_temp_vapp: if True, temporary vApp will not destroyed, so the user can ssh into and debug the vm. :param utils.ConsoleMessagePrinter msg_update_callback: Callback object that writes messages onto console. :raises AmqpError: if AMQP exchange could not be created. """ configure_install_logger() config = get_validated_config(config_file_name, msg_update_callback=msg_update_callback) populate_vsphere_list(config['vcs']) msg = f"Installing CSE on vCloud Director using config file " \ f"'{config_file_name}'" if msg_update_callback: msg_update_callback.info(msg) LOGGER.info(msg) client = None try: client = Client(config['vcd']['host'], api_version=config['vcd']['api_version'], verify_ssl_certs=config['vcd']['verify'], log_file=INSTALL_WIRELOG_FILEPATH, log_requests=True, log_headers=True, log_bodies=True) credentials = BasicLoginCredentials(config['vcd']['username'], SYSTEM_ORG_NAME, config['vcd']['password']) client.set_credentials(credentials) msg = f"Connected to vCD as system administrator: " \ f"{config['vcd']['host']}:{config['vcd']['port']}" if msg_update_callback: msg_update_callback.general(msg) LOGGER.info(msg) # create amqp exchange if it doesn't exist amqp = config['amqp'] _create_amqp_exchange(amqp['exchange'], amqp['host'], amqp['port'], amqp['vhost'], amqp['ssl'], amqp['username'], amqp['password'], msg_update_callback=msg_update_callback) # register or update cse on vCD _register_cse(client, amqp['routing_key'], amqp['exchange'], msg_update_callback=msg_update_callback) # register rights to vCD # TODO() should also remove rights when unregistering CSE _register_right(client, right_name=CSE_NATIVE_DEPLOY_RIGHT_NAME, description=CSE_NATIVE_DEPLOY_RIGHT_DESCRIPTION, category=CSE_NATIVE_DEPLOY_RIGHT_CATEGORY, bundle_key=CSE_NATIVE_DEPLOY_RIGHT_BUNDLE_KEY, msg_update_callback=msg_update_callback) _register_right(client, right_name=CSE_PKS_DEPLOY_RIGHT_NAME, description=CSE_PKS_DEPLOY_RIGHT_DESCRIPTION, category=CSE_PKS_DEPLOY_RIGHT_CATEGORY, bundle_key=CSE_PKS_DEPLOY_RIGHT_BUNDLE_KEY, msg_update_callback=msg_update_callback) org_name = config['broker']['org'] catalog_name = config['broker']['catalog'] # set up cse catalog org = get_org(client, org_name=org_name) create_and_share_catalog(org, catalog_name, catalog_desc='CSE templates', msg_update_callback=msg_update_callback) if skip_template_creation: msg = "Skipping creation of templates." if msg_update_callback: msg_update_callback.info(msg) LOGGER.warning(msg) else: # read remote template cookbook, download all scripts rtm = RemoteTemplateManager( remote_template_cookbook_url=config['broker'] ['remote_template_cookbook_url'], # noqa: E501 logger=LOGGER, msg_update_callback=ConsoleMessagePrinter()) remote_template_cookbook = rtm.get_remote_template_cookbook() # create all templates defined in cookbook for template in remote_template_cookbook['templates']: rtm.download_template_scripts( template_name=template[RemoteTemplateKey.NAME], revision=template[RemoteTemplateKey.REVISION], force_overwrite=force_update) catalog_item_name = get_revisioned_template_name( template[RemoteTemplateKey.NAME], template[RemoteTemplateKey.REVISION]) build_params = { 'template_name': template[RemoteTemplateKey.NAME], 'template_revision': template[RemoteTemplateKey.REVISION], 'source_ova_name': template[RemoteTemplateKey.SOURCE_OVA_NAME], # noqa: E501 'source_ova_href': template[RemoteTemplateKey.SOURCE_OVA_HREF], # noqa: E501 'source_ova_sha256': template[ RemoteTemplateKey.SOURCE_OVA_SHA256], # noqa: E501 'org_name': org_name, 'vdc_name': config['broker']['vdc'], 'catalog_name': catalog_name, 'catalog_item_name': catalog_item_name, 'catalog_item_description': template[RemoteTemplateKey.DESCRIPTION], # noqa: E501 'temp_vapp_name': template[RemoteTemplateKey.NAME] + '_temp', # noqa: E501 'cpu': template[RemoteTemplateKey.CPU], 'memory': template[RemoteTemplateKey.MEMORY], 'network_name': config['broker']['network'], 'ip_allocation_mode': config['broker']['ip_allocation_mode'], # noqa: E501 'storage_profile': config['broker']['storage_profile'] } builder = TemplateBuilder( client, client, build_params, ssh_key=ssh_key, logger=LOGGER, msg_update_callback=ConsoleMessagePrinter()) builder.build(force_recreate=force_update, retain_temp_vapp=retain_temp_vapp) # remote definition is a super set of local definition, barring # the key 'catalog_item_name' template_definition = dict(template) template_definition['catalog_item_name'] = catalog_item_name save_k8s_local_template_definition_as_metadata( client=client, catalog_name=catalog_name, catalog_item_name=catalog_item_name, template_definition=template_definition, org_name=org_name) # if it's a PKS setup, setup NSX-T constructs if config.get('pks_config'): nsxt_servers = config.get('pks_config')['nsxt_servers'] for nsxt_server in nsxt_servers: msg = f"Configuring NSX-T server ({nsxt_server.get('name')})" \ " for CSE. Please check install logs for details." if msg_update_callback: msg_update_callback.general(msg) LOGGER.info(msg) nsxt_client = NSXTClient(host=nsxt_server.get('host'), username=nsxt_server.get('username'), password=nsxt_server.get('password'), http_proxy=nsxt_server.get('proxy'), https_proxy=nsxt_server.get('proxy'), verify_ssl=nsxt_server.get('verify'), logger_instance=LOGGER, log_requests=True, log_headers=True, log_body=True) setup_nsxt_constructs( nsxt_client=nsxt_client, nodes_ip_block_id=nsxt_server.get('nodes_ip_block_ids'), pods_ip_block_id=nsxt_server.get('pods_ip_block_ids'), ncp_boundary_firewall_section_anchor_id=nsxt_server.get( 'distributed_firewall_section_anchor_id') ) # noqa: E501 except Exception: if msg_update_callback: msg_update_callback.error( "CSE Installation Error. Check CSE install logs") LOGGER.error("CSE Installation Error", exc_info=True) raise # TODO() need installation relevant exceptions for rollback finally: if client is not None: client.logout()
def run(self, msg_update_callback=None): configure_server_logger() self.config = get_validated_config( self.config_file, msg_update_callback=msg_update_callback) populate_vsphere_list(self.config['vcs']) # Read K8 catalog definition from catalog item metadata and append # to server config client = None try: client = Client(self.config['vcd']['host'], api_version=self.config['vcd']['api_version'], verify_ssl_certs=self.config['vcd']['verify'], log_file=SERVER_DEBUG_WIRELOG_FILEPATH, log_requests=True, log_headers=True, log_bodies=True) credentials = BasicLoginCredentials(self.config['vcd']['username'], SYSTEM_ORG_NAME, self.config['vcd']['password']) client.set_credentials(credentials) org_name = self.config['broker']['org'] catalog_name = self.config['broker']['catalog'] k8_templates = get_all_k8s_local_template_definition( client=client, catalog_name=catalog_name, org_name=org_name) if not k8_templates: msg = "No valid K8 templates were found in catalog " \ f"'{catalog_name}'. Unable to start CSE server." if msg_update_callback: msg_update_callback.error(msg) LOGGER.error(msg) sys.exit(1) # Check that deafult K8 template exists in vCD at the correct # revision default_template_name = \ self.config['broker']['default_template_name'] default_template_revision = \ str(self.config['broker']['default_template_revision']) found_default_template = False for template in k8_templates: if str(template['revision']) == default_template_revision \ and template['name'] == default_template_name: found_default_template = True msg = f"Found K8 template '{template['name']}' at revision " \ f"{template['revision']} in catalog '{catalog_name}'" if msg_update_callback: msg_update_callback.general(msg) LOGGER.info(msg) if not found_default_template: msg = f"Default template {default_template_name} with " \ f"revision {default_template_revision} not found." \ " Unable to start CSE server." if msg_update_callback: msg_update_callback.error(msg) LOGGER.error(msg) sys.exit(1) self.config['broker']['templates'] = k8_templates finally: if client: client.logout() # TODO Rule framework, update config with rules if self.should_check_config: check_cse_installation(self.config, msg_update_callback=msg_update_callback) if self.config.get('pks_config'): pks_config = self.config.get('pks_config') self.pks_cache = PksCache( pks_servers=pks_config.get('pks_api_servers', []), pks_accounts=pks_config.get('pks_accounts', []), pvdcs=pks_config.get('pvdcs', []), orgs=pks_config.get('orgs', []), nsxt_servers=pks_config.get('nsxt_servers', [])) amqp = self.config['amqp'] num_consumers = self.config['service']['listeners'] for n in range(num_consumers): try: c = MessageConsumer(amqp['host'], amqp['port'], amqp['ssl'], amqp['vhost'], amqp['username'], amqp['password'], amqp['exchange'], amqp['routing_key']) name = 'MessageConsumer-%s' % n t = Thread(name=name, target=consumer_thread, args=(c, )) t.daemon = True t.start() msg = f"Started thread '{name} ({t.ident})'" if msg_update_callback: msg_update_callback.general(msg) LOGGER.info(msg) self.threads.append(t) self.consumers.append(c) time.sleep(0.25) except KeyboardInterrupt: break except Exception: LOGGER.error(traceback.format_exc()) LOGGER.info(f"Number of threads started: {len(self.threads)}") self._state = ServerState.RUNNING message = f"Container Service Extension for vCloud Director" \ f"\nServer running using config file: {self.config_file}" \ f"\nLog files: {SERVER_INFO_LOG_FILEPATH}, " \ f"{SERVER_DEBUG_LOG_FILEPATH}" \ f"\nwaiting for requests (ctrl+c to close)" signal.signal(signal.SIGINT, signal_handler) if msg_update_callback: msg_update_callback.general_no_color(message) LOGGER.info(message) while True: try: time.sleep(1) if self._state == ServerState.STOPPING and \ self.active_requests_count() == 0: break except KeyboardInterrupt: break except Exception: if msg_update_callback: msg_update_callback.general_no_color( traceback.format_exc()) LOGGER.error(traceback.format_exc()) sys.exit(1) LOGGER.info("Stop detected") LOGGER.info("Closing connections...") for c in self.consumers: try: c.stop() except Exception: pass self._state = ServerState.STOPPED LOGGER.info("Done")
def convert_cluster(ctx, config_file_name, cluster_name, password, org_name, vdc_name, skip_wait_for_gc): try: check_python_version() except Exception as err: click.secho(str(err), fg='red') sys.exit(1) client = None try: console_message_printer = ConsoleMessagePrinter() config = get_validated_config( config_file_name, msg_update_callback=console_message_printer) log_filename = None log_wire = str_to_bool(config['service'].get('log_wire')) if log_wire: log_filename = 'cluster_convert_wire.log' client = Client(config['vcd']['host'], api_version=config['vcd']['api_version'], verify_ssl_certs=config['vcd']['verify'], log_file=log_filename, log_requests=log_wire, log_headers=log_wire, log_bodies=log_wire) credentials = BasicLoginCredentials(config['vcd']['username'], SYSTEM_ORG_NAME, config['vcd']['password']) client.set_credentials(credentials) msg = f"Connected to vCD as system administrator: " \ f"{config['vcd']['host']}:{config['vcd']['port']}" console_message_printer.general(msg) cluster_records = get_all_clusters(client=client, cluster_name=cluster_name, org_name=org_name, ovdc_name=vdc_name) if len(cluster_records) == 0: console_message_printer.info(f"No clusters were found.") return vms = [] for cluster in cluster_records: console_message_printer.info( f"Processing cluster '{cluster['name']}'.") vapp_href = cluster['vapp_href'] vapp = VApp(client, href=vapp_href) console_message_printer.info("Processing metadata of cluster.") metadata = metadata_to_dict(vapp.get_metadata()) old_template_name = None new_template_name = None if ClusterMetadataKey.BACKWARD_COMPATIBILE_TEMPLATE_NAME in metadata: # noqa: E501 old_template_name = metadata.pop(ClusterMetadataKey.BACKWARD_COMPATIBILE_TEMPLATE_NAME) # noqa: E501 version = metadata.get(ClusterMetadataKey.CSE_VERSION) if old_template_name: console_message_printer.info( "Determining k8s version on cluster.") if 'photon' in old_template_name: new_template_name = 'photon-v2' if '1.0.0' in version: new_template_name += '_k8s-1.8_weave-2.0.5' elif any(ver in version for ver in ('1.1.0', '1.2.0', '1.2.1', '1.2.2', '1.2.3', '1.2.4',)): # noqa: E501 new_template_name += '_k8s-1.9_weave-2.3.0' elif any(ver in version for ver in ('1.2.5', '1.2.6', '1.2.7',)): # noqa: E501 new_template_name += '_k8s-1.10_weave-2.3.0' elif '2.0.0' in version: new_template_name += '_k8s-1.12_weave-2.3.0' elif 'ubuntu' in old_template_name: new_template_name = 'ubuntu-16.04' if '1.0.0' in version: new_template_name += '_k8s-1.9_weave-2.1.3' elif any(ver in version for ver in ('1.1.0', '1.2.0', '1.2.1', '1.2.2', '1.2.3', '1.2.4', '1.2.5', '1.2.6', '1.2.7')): # noqa: E501 new_template_name += '_k8s-1.10_weave-2.3.0' elif '2.0.0' in version: new_template_name += '_k8s-1.13_weave-2.3.0' if new_template_name: console_message_printer.info("Updating metadata of cluster.") task = vapp.remove_metadata(ClusterMetadataKey.BACKWARD_COMPATIBILE_TEMPLATE_NAME) # noqa: E501 client.get_task_monitor().wait_for_success(task) new_metadata_to_add = { ClusterMetadataKey.TEMPLATE_NAME: new_template_name, ClusterMetadataKey.TEMPLATE_REVISION: 0 } task = vapp.set_multiple_metadata(new_metadata_to_add) client.get_task_monitor().wait_for_success(task) console_message_printer.general( "Finished processing metadata of cluster.") try: console_message_printer.info( f"Undeploying the vApp '{cluster['name']}'") task = vapp.undeploy() client.get_task_monitor().wait_for_success(task) console_message_printer.general( "Successfully undeployed the vApp.") except Exception as err: console_message_printer.error(str(err)) vm_resources = vapp.get_all_vms() for vm_resource in vm_resources: console_message_printer.info( f"Processing vm '{vm_resource.get('name')}'.") vm = VM(client, href=vm_resource.get('href')) vms.append(vm) console_message_printer.info("Updating vm admin password.") task = vm.update_guest_customization_section( enabled=True, admin_password_enabled=True, admin_password_auto=not password, admin_password=password, ) client.get_task_monitor().wait_for_success(task) console_message_printer.general("Successfully updated vm .") console_message_printer.info("Deploying vm.") task = vm.power_on_and_force_recustomization() client.get_task_monitor().wait_for_success(task) console_message_printer.general("Successfully deployed vm.") console_message_printer.info("Deploying cluster") task = vapp.deploy(power_on=True) client.get_task_monitor().wait_for_success(task) console_message_printer.general("Successfully deployed cluster.") console_message_printer.general( f"Successfully processed cluster '{cluster['name']}'.") if skip_wait_for_gc: return while True: for vm in vms: status = vm.get_guest_customization_status() if status != 'GC_PENDING': vms.remove(vm) console_message_printer.info( f"Waiting on guest customization to finish on {len(vms)} vms.") if not len(vms) == 0: time.sleep(5) else: break except Exception as err: click.secho(str(err), fg='red') finally: if client: client.logout()