def new_system_user(user_full_name, username, raw_password, joomla_password, access_level, email, project_group, organisation, approved_by, created_by, massive_account, vm_id, vm_ip): """ Create a new user (in Joomla) *and* add them to a given VM. FIXME Is there no way to create a user without assigning them to a VM? """ # Create an SSH keypair for the new user. temp_dir = tempfile.mkdtemp() private_key_filename = username public_key_filename = username + '.pub' private_key_path = os.path.join(temp_dir, private_key_filename) public_key_path = os.path.join(temp_dir, public_key_filename) exit_code, stdout, stderr = run_shell_command("ssh-keygen -f {private_key_path} -N ''".format(private_key_path=private_key_path)) private_key = b64encode(open(private_key_path, 'r').read()) public_key = b64encode(open(public_key_path, 'r').read()) os.remove(private_key_path) os.remove(public_key_path) if access_level == enums.UserAccess.Administrator: group_access_id = Cvl_usergroups.select(sqlobject.AND(Cvl_usergroups.q.title=='Administrator', Cvl_usergroups.q.parentID==2)).getOne().id # FIXME magic value 2? else: group_access_id = Cvl_usergroups.select(sqlobject.AND(Cvl_usergroups.q.title=='User', Cvl_usergroups.q.parentID==2)).getOne().id # FIXME magic value 2? encrypted_unix_password = crypt.crypt(raw_password, 'CvlEncryption') driver_id = 0 # FIXME this is not supported activation = '0' send_email = 0 register_date = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S') logging.debug('Create VM user account .....') # FIXME Is OperationState used? # FIXME all public and private keys have the same name - this is ok? user_record, user_vm_record, user_group_map_record = cvlsql.sql_add_user(user_full_name, username, joomla_password, email, enums.OperationState.Idle, public_key, cvl_config.PUBLIC_KEY_NAME, private_key, cvl_config.PRIVATE_KEY_NAME, massive_account, project_group, group_access_id, approved_by, created_by, driver_id, activation, send_email, register_date, organisation, encrypted_unix_password) # FIXME This ought to be a celery task, otherwise a dead VM will stop the process? cvlfabric.env.hosts = [vm_ip] cvlfabric.execute(cvlfabric.new_user, username=username, password=encrypted_unix_password, public_key=public_key) cvlsql.add_user_to_vm(user_record, Cvl_cvl_vm.select(Cvl_cvl_vm.q.vmIp==vm_ip).getOne()) return user_record.id
from utils import nova_client, get_vm_info from cvlsql import Cvl_cvl_vm nc = nova_client() db_vms = list(Cvl_cvl_vm.select()) nova_vms = nc.servers.list() db_ips = [x.vmIp for x in db_vms] nova_ips = [get_vm_info(x.name)['ip'] for x in nova_vms] # VMs with the same name? duplicate_db_names = [x.vmServerName for x in db_vms if len([y for y in db_vms if y.vmServerName == x]) > 1] duplicate_nova_names = [x.name for x in nova_vms if len([y for y in nova_vms if y.name == x]) > 1] if len(duplicate_db_names) > 0: print 'Multiple VMs exist in the database with the following names:', duplicate_db_names if len(duplicate_nova_names) > 0: print 'Multiple VMs exist in Nectar with the following names:', duplicate_nova_names # Unmanaged VMs? unmanaged_vms = [x for x in nova_vms if get_vm_info(x.name)['ip'] not in db_ips] if len(unmanaged_vms) > 0: print 'VMs in Nectar tenancy %s that are not managed by by the User Management system:' % (nc.project_id,) for x in unmanaged_vms: print get_vm_info(x.name)['ip'], x.name print # Orphaned VM records?