def PreliminarilyVerifyInstance(self, instance_id, remote, identity_file, options): """Verify the instance's identity by connecting and running a command. Args: instance_id: str, id of the compute instance. remote: ssh.Remote, remote to connect to. identity_file: str, optional key file. options: dict, optional ssh options. Raises: ssh.CommandError: The ssh command failed. core_exceptions.NetworkIssueError: The instance id does not match. """ metadata_id_url = ( 'http://metadata.google.internal/computeMetadata/v1/instance/id') # Exit codes 255 and 1 are taken by OpenSSH and PuTTY. # 23 chosen by fair dice roll. remote_command = [ '[ `curl "{}" -H "Metadata-Flavor: Google" -q` = {} ] || exit 23'. format(metadata_id_url, instance_id) ] cmd = ssh.SSHCommand(remote, identity_file=identity_file, options=options, remote_command=remote_command) return_code = cmd.Run(self.env, force_connect=True) # pytype: disable=attribute-error if return_code == 0: return elif return_code == 23: raise core_exceptions.NetworkIssueError( 'Established connection with host {} but was unable to ' 'confirm ID of the instance.'.format(remote.host)) raise ssh.CommandError(cmd, return_code=return_code)
def _PreliminarylyVerifyInstance(self, args, instance, project, user, ip_address): ssh_args = ssh_utils.GetSshArgsForPreliminaryVerification( args, user, instance, ip_address, self.env, self.keys) ssh_return_code = self.ActuallyRun( args, ssh_args, user, instance, project, ip_address, strict_error_checking=False, use_account_service=self._use_accounts_service) if ssh_return_code == 0: return if ssh_return_code == 255: raise core_exceptions.NetworkIssueError( 'Unable to connect to private IP {0}.'.format(ip_address)) if ssh_return_code == 1: raise core_exceptions.NetworkIssueError( 'Established connection with private IP {0} but was unable to ' 'confirm ID of the instance.'.format(ip_address)) raise exceptions.FailedSubCommand(' '.join(ssh_args), ssh_return_code)
def PreliminarilyVerifyInstance(self, instance_id, remote, identity_file, options): """Verify the instance's identity by connecting and running a command. Args: instance_id: str, id of the compute instance. remote: ssh.Remote, remote to connect to. identity_file: str, optional key file. options: dict, optional ssh options. Raises: ssh.CommandError: The ssh command failed. core_exceptions.NetworkIssueError: The instance id does not match. """ if not properties.VALUES.ssh.verify_internal_ip.GetBool(): log.warning( 'Skipping internal IP verification connection and connecting to [{}] ' 'in the current subnet. This may be the wrong host if the instance ' 'is in a different subnet!'.format(remote.host)) return metadata_id_url = ( 'http://metadata.google.internal/computeMetadata/v1/instance/id') # Exit codes 255 and 1 are taken by OpenSSH and PuTTY. # 23 chosen by fair dice roll. remote_command = [ '[ `curl "{}" -H "Metadata-Flavor: Google" -q` = {} ] || exit 23' .format(metadata_id_url, instance_id)] cmd = ssh.SSHCommand(remote, identity_file=identity_file, options=options, remote_command=remote_command) return_code = cmd.Run( self.env, force_connect=properties.VALUES.ssh.putty_force_connect.GetBool()) if return_code == 0: return elif return_code == 23: raise core_exceptions.NetworkIssueError( 'Established connection with host {} but was unable to ' 'confirm ID of the instance.'.format(remote.host)) raise ssh.CommandError(cmd, return_code=return_code)