コード例 #1
0
ファイル: jarflyd.py プロジェクト: shannonmitchell/jarfly
def addKey(keyname, keyfile):

    # Read the key in and fail if it can't
    jarlog.logit('INFO', "Checking ssh public key %s" % keyname)
    try:
        keystring = open(keyfile).read()
    except IOError:
        jarlog.logit('ERROR', "Failed reading key from " + keyfile)
        sys.exit()

    # Add the key after verifying it doesn't already exist.  Make sure it
    # matches.
    addkeypair = 1
    csobj = pyrax.cloudservers
    keypairs = csobj.keypairs.list()
    for keypair in keypairs:
        if keypair.name == keyname:
            if keypair.public_key == keystring:
                jarlog.logit('INFO', "SSH public key exists")
                addkeypair = 0
            else:
                jarlog.logit('INFO', "SSH public key exists with \
                             different value. Removing")
                keypair.delete()

    if addkeypair == 1:
        jarlog.logit('INFO', "Adding ssh public key %s" % keyname)
        csobj.keypairs.create(keyname, keystring)
コード例 #2
0
def addRecord(recordname, recordvalue):

    # Start processing the record
    jarlog.logit('INFO', "Checking for record %s" % recordname)

    # Create cloudservers object
    cdnsobj = pyrax.cloud_dns

    # Create the record if needed
    domains = cdnsobj.list()
    addrecord = 0
    for domain in domains:
        if recordname.endswith(domain.name):
            jarlog.logit(
                'INFO',
                "Found domain %s for record %s" % (domain.name, recordname))
            curdomain = domain
            addrecord = 1

    # Skip if domain doesn't exist
    if addrecord == 0:
        jarlog.logit(
            'INFO', "Couldn't find domain for %s, Skipping record creation" %
            recordname)
        return 1

    records = curdomain.list_records()
    addrecord = 1
    for record in records:
        if record.name == recordname:
            addrecord = 0
            # Check its value and fix if needed
            if record.data != recordvalue:
                jarlog.logit(
                    'INFO', "Updating record %s value to %s" %
                    (recordname, recordvalue))
                record.update(data=recordvalue)

    if addrecord == 1:
        insrecord = {
            "type": "A",
            "name": recordname,
            "data": recordvalue,
            "ttl": 300
        }
        jarlog.logit(
            'INFO',
            "Adding record %s with value of %s" % (recordname, recordvalue))
        curdomain.add_records(insrecord)
コード例 #3
0
ファイル: jarflyd.py プロジェクト: shannonmitchell/jarfly
def processJar(confobj, curjar):

    # Start processing the current jar
    jarlog.logit('INFO', "Processing jar %s" % curjar)

    # Set up the jar region
    try:
        globalRegion = confobj.get("global", "region")
        jarRegion = confobj.get(curjar, "region")
        if jarRegion != globalRegion:
            jarlog.logit('INFO', "Setting jar region to: %s" % jarRegion)
            pyrax.connect_to_services(region=jarRegion)
    except ConfigParser.NoOptionError:
        jarlog.logit('INFO', "Jar region not set, keeping global of %s"
                     % globalRegion)

    # Get the current domain and create it if needed
    domainEmail = confobj.get("global", "dns_email")
    try:
        globalDomain = confobj.get("global", "dns_domain")
        jarDomain = confobj.get(curjar, "dns_domain")
        if jarDomain != globalDomain:
            jarlog.logit('INFO', "Setting jar domain to: %s" % jarDomain)
            jardns.checkDomain(jarDomain, domainEmail)
    except ConfigParser.NoOptionError:
        jarlog.logit('INFO', "Jar domain not set, keeping global of %s"
                     % globalDomain)

    jardns.checkDomain(globalDomain, domainEmail)

    # Make sure networks exist
    dmznet = jarnets.configureNetwork(confobj,
                                      confobj.get(curjar, "dmznet_name"),
                                      confobj.get(curjar, "dmznet_cidr"))
    appnet = jarnets.configureNetwork(confobj,
                                      confobj.get(curjar, "appnet_name"),
                                      confobj.get(curjar, "appnet_cidr"))
    datanet = jarnets.configureNetwork(confobj,
                                       confobj.get(curjar, "datanet_name"),
                                       confobj.get(curjar, "datanet_cidr"))

    # To keep things simple, we are using a single global ssh key for the javad
    # process.  We can easily add support per jar later if needed.
    keyname = confobj.get("global", "ssh_public_key_name")
    keyfile = confobj.get("global", "ssh_public_key_file")
    addKey(keyname, keyfile)

    # Make sure vyatta server exists and is configured
    vyatta.configureDevice(confobj, curjar, dmznet, appnet, datanet, keyname)
コード例 #4
0
ファイル: jardns.py プロジェクト: shannonmitchell/jarfly
def addRecord(recordname, recordvalue):

    # Start processing the record
    jarlog.logit('INFO', "Checking for record %s" % recordname)

    # Create cloudservers object
    cdnsobj = pyrax.cloud_dns

    # Create the record if needed
    domains = cdnsobj.list()
    addrecord = 0
    for domain in domains:
        if recordname.endswith(domain.name):
            jarlog.logit('INFO', "Found domain %s for record %s"
                         % (domain.name, recordname))
            curdomain = domain
            addrecord = 1

    # Skip if domain doesn't exist
    if addrecord == 0:
        jarlog.logit('INFO', "Couldn't find domain for %s, Skipping record creation" % recordname)
        return 1


    records = curdomain.list_records()
    addrecord = 1
    for record in records:
        if record.name == recordname:
            addrecord = 0
            # Check its value and fix if needed
            if record.data != recordvalue:
                jarlog.logit('INFO', "Updating record %s value to %s"
                             % (recordname, recordvalue))
                record.update(data=recordvalue)

    if addrecord == 1:
        insrecord = {"type": "A",
                     "name": recordname,
                     "data": recordvalue,
                     "ttl": 300}
        jarlog.logit('INFO', "Adding record %s with value of %s"
                     % (recordname, recordvalue))
        curdomain.add_records(insrecord)
コード例 #5
0
ファイル: jarflyd.py プロジェクト: shannonmitchell/jarfly
def main():

    # Log the startup
    jarlog.logit('INFO', "Starting jarflyd")

    # Get the config
    confobj = config.GetConfig()

    # Set up the identity type
    pyrax.set_setting("identity_type", "rackspace")

    # Set up the credentials file
    cred_file = confobj.get("global", "credentials_file")
    jarlog.logit('INFO', "Authenticating using cred file: %s" % cred_file)
    pyrax.set_credential_file(cred_file)

    # Set up the default region
    globalRegion = confobj.get("global", "region")
    jarlog.logit('INFO', "Setting global region to: %s" % globalRegion)
    pyrax.connect_to_services(region=globalRegion)

    # Start reading in the jar sections
    sections = confobj.sections()
    for section in sections:
        if section.startswith("jar-"):
            processJar(confobj, section)
コード例 #6
0
ファイル: vyatta.py プロジェクト: shannonmitchell/jarfly
def configureVyattaLogin(vserver, vpass, keytype, keyval, keyid):

    client = paramiko.SSHClient()
    client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    jarlog.logit("INFO", "host: " + vserver + " pass: "******"vyatta", password=vpass)
    commands = (
        """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper begin
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set system login user vyatta authentication public-keys """
        + keyid
        + """ key """
        + keyval
        + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set system login user vyatta authentication public-keys """
        + keyid
        + """ type """
        + keytype
        + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper end
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper save
    """
    )
    jarlog.logit("INFO", "Running initial viatta login config")
    stdin, stdout, stderr = client.exec_command(commands)
    for line in stdout:
        jarlog.logit("INFO", "... " + line.strip("\n"))

    client.close()
コード例 #7
0
ファイル: vyatta.py プロジェクト: shannonmitchell/jarfly
def configureVyattaVPN(vserver, vpass, vpnshared_pass, vpnuser, vpnpass, range_start, range_end):

    client = paramiko.SSHClient()
    client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    jarlog.logit("INFO", "host: " + vserver + " pass: "******"vyatta", password=vpass)
    commands = (
        """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper begin
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn ipsec ipsec-interfaces interface eth0
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set vpn ipsec nat-traversal enable
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn ipsec nat-networks allowed-network 0.0.0.0/0
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access outside-address """
        + vserver
        + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access client-ip-pool start """
        + range_start
        + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access client-ip-pool stop """
        + range_end
        + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access ipsec-settings authentication \
            mode pre-shared-secret
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access ipsec-settings authentication \
            pre-shared-secret """
        + vpnshared_pass
        + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access authentication mode local
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access authentication local-users \
            username """
        + vpnuser
        + """ password """
        + vpnpass
        + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper save
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper end
    """
    )
    jarlog.logit("INFO", "Running initial viatta app config" + commands)
    stdin, stdout, stderr = client.exec_command(commands)
    for line in stdout:
        jarlog.logit("INFO", "... " + line.strip("\n"))

    client.close()
コード例 #8
0
ファイル: jarnets.py プロジェクト: shannonmitchell/jarfly
def configureNetwork(confobj, name, subnet):

    # Start processing the current jar
    jarlog.logit('INFO', "Checking for network %s(%s)" % (name, subnet))

    # Create cloudservers object
    cnobj = pyrax.cloud_networks

    # Return the network if it exists
    networks = cnobj.list()
    for network in networks:
        if network.label == name:
            if network.cidr != subnet:
                network.delete()
                jarlog.logit('INFO', "No cidr match removing net %s" % name)
            else:
                jarlog.logit('INFO', "Network %s exists" % name)
                return network

    # Create a new network and return it
    jarlog.logit('INFO', "Creating network %s with subnet of %s" % (name, subnet))
    newnetwork = cnobj.create(name, cidr=subnet)
    return newnetwork
コード例 #9
0
ファイル: jarnets.py プロジェクト: shannonmitchell/jarfly
def configureNetwork(confobj, name, subnet):

    # Start processing the current jar
    jarlog.logit('INFO', "Checking for network %s(%s)" % (name, subnet))

    # Create cloudservers object
    cnobj = pyrax.cloud_networks

    # Return the network if it exists
    networks = cnobj.list()
    for network in networks:
        if network.label == name:
            if network.cidr != subnet:
                network.delete()
                jarlog.logit('INFO', "No cidr match removing net %s" % name)
            else:
                jarlog.logit('INFO', "Network %s exists" % name)
                return network

    # Create a new network and return it
    jarlog.logit('INFO',
                 "Creating network %s with subnet of %s" % (name, subnet))
    newnetwork = cnobj.create(name, cidr=subnet)
    return newnetwork
コード例 #10
0
ファイル: vyatta.py プロジェクト: shannonmitchell/jarfly
def configureVyattaNats(vserver, vpass, dmznet, appnet, datanet):

    client = paramiko.SSHClient()
    client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    jarlog.logit("INFO", "host: " + vserver + " pass: "******"vyatta", password=vpass)
    commands = (
        """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper begin
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 10 source address """
        + dmznet
        + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 10 outbound-interface eth0
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 10 translation address masquerade
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 20 source address """
        + appnet
        + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 20 outbound-interface eth0
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 20 translation address masquerade
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 30 source address """
        + datanet
        + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 30 outbound-interface eth0
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 30 translation address masquerade
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper save
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper end
    """
    )
    jarlog.logit("INFO", "Running initial viatta app config" + commands)
    stdin, stdout, stderr = client.exec_command(commands)
    for line in stdout:
        jarlog.logit("INFO", "... " + line.strip("\n"))

    client.close()
コード例 #11
0
ファイル: jardns.py プロジェクト: shannonmitchell/jarfly
def checkDomain(domainname, domainemail):

    # Start processing the current jar
    jarlog.logit('INFO', "Checking for domain %s" % domainname)

    # Create cloudservers object
    cdnsobj = pyrax.cloud_dns

    # Return the network if it exists
    createdomain = 1
    domains = cdnsobj.list()
    for domain in domains:
        if domain.name == domainname:
            createdomain = 0
            jarlog.logit('INFO', "Domain %s exists" % domainname)

    if createdomain == 1:
        jarlog.logit('INFO', "Creating Domain %s" % domainname)
        cdnsobj.create(name=domainname, emailAddress=domainemail)
コード例 #12
0
def checkDomain(domainname, domainemail):

    # Start processing the current jar
    jarlog.logit('INFO', "Checking for domain %s" % domainname)

    # Create cloudservers object
    cdnsobj = pyrax.cloud_dns

    # Return the network if it exists
    createdomain = 1
    domains = cdnsobj.list()
    for domain in domains:
        if domain.name == domainname:
            createdomain = 0
            jarlog.logit('INFO', "Domain %s exists" % domainname)

    if createdomain == 1:
        jarlog.logit('INFO', "Creating Domain %s" % domainname)
        cdnsobj.create(name=domainname, emailAddress=domainemail)
コード例 #13
0
def configureVyattaVPN(vserver, vpass, vpnshared_pass, vpnuser, vpnpass,
                       range_start, range_end):

    client = paramiko.SSHClient()
    client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    jarlog.logit('INFO', "host: " + vserver + " pass: "******"""
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper begin
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn ipsec ipsec-interfaces interface eth0
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set vpn ipsec nat-traversal enable
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn ipsec nat-networks allowed-network 0.0.0.0/0
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access outside-address """ + vserver + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access client-ip-pool start """ \
            + range_start + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access client-ip-pool stop """ \
            + range_end + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access ipsec-settings authentication \
            mode pre-shared-secret
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access ipsec-settings authentication \
            pre-shared-secret """ + vpnshared_pass + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access authentication mode local
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set vpn l2tp remote-access authentication local-users \
            username """ + vpnuser + """ password """ + vpnpass + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper save
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper end
    """
    jarlog.logit('INFO', "Running initial viatta app config" + commands)
    stdin, stdout, stderr = client.exec_command(commands)
    for line in stdout:
        jarlog.logit('INFO', '... ' + line.strip('\n'))

    client.close()
コード例 #14
0
def configureVyattaLogin(vserver, vpass, keytype, keyval, keyid):

    client = paramiko.SSHClient()
    client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    jarlog.logit('INFO', "host: " + vserver + " pass: "******"""
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper begin
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set system login user vyatta authentication public-keys """ \
            + keyid + """ key """ + keyval + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set system login user vyatta authentication public-keys """ \
            + keyid + """ type """ + keytype + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper end
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper save
    """
    jarlog.logit('INFO', "Running initial viatta login config")
    stdin, stdout, stderr = client.exec_command(commands)
    for line in stdout:
        jarlog.logit('INFO', '... ' + line.strip('\n'))

    client.close()
コード例 #15
0
def configureVyattaNats(vserver, vpass, dmznet, appnet, datanet):

    client = paramiko.SSHClient()
    client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    jarlog.logit('INFO', "host: " + vserver + " pass: "******"""
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper begin
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 10 source address """ + dmznet + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 10 outbound-interface eth0
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 10 translation address masquerade
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 20 source address """ + appnet + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 20 outbound-interface eth0
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 20 translation address masquerade
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 30 source address """ + datanet + """
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 30 outbound-interface eth0
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper \
            set nat source rule 30 translation address masquerade
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper save
    /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper end
    """
    jarlog.logit('INFO', "Running initial viatta app config" + commands)
    stdin, stdout, stderr = client.exec_command(commands)
    for line in stdout:
        jarlog.logit('INFO', '... ' + line.strip('\n'))

    client.close()
コード例 #16
0
ファイル: vyatta.py プロジェクト: shannonmitchell/jarfly
def configureDevice(confobj, curjar, dmznet, appnet, datanet, keyname):

    # Start processing the current jar
    jarlog.logit("INFO", "Checking vyatta config for: %s" % curjar)

    # Create cloudservers object
    csobj = pyrax.cloudservers

    # Check for image
    images = csobj.list_images()
    for image in images:
        if image.name == confobj.get(curjar, "vyatta_image"):
            jarlog.logit("INFO", "Found image: %s" % image.name)
            vimage = image

    # Check for flavor
    flavors = csobj.list_flavors()
    for flavor in flavors:
        if flavor.name == confobj.get(curjar, "vyatta_flavor"):
            jarlog.logit("INFO", "Found flavor: %s" % flavor.name)
            vflavor = flavor

    # Configure nics argument
    nics_list = [
        {"net-id": "00000000-0000-0000-0000-000000000000"},
        {"net-id": "11111111-1111-1111-1111-111111111111"},
        {"net-id": dmznet.id},
        {"net-id": appnet.id},
        {"net-id": datanet.id},
    ]

    # Vyatta doesn't respect the ssh keys set via openstack.  Setting it
    # manually here.
    jarlog.logit("INFO", "Setting up vyatta user ssh auth file")
    keyfile = confobj.get("global", "ssh_public_key_file")
    try:
        keystring = open(keyfile).read()
        keytype = keystring.split()[0]
        keyval = keystring.split()[1]
        keyid = keystring.split()[2]

    except IOError:
        jarlog.logit("INFO", "Error opening: %s" % keyfile)
        sys.exit()

    # Create the vyatta server
    addserver = 1
    vyatta_name = confobj.get(curjar, "vyatta_name")
    servers = csobj.servers.list()
    for server in servers:
        if server.name == vyatta_name:
            jarlog.logit("INFO", "Server " + server.name + " already exists.  Skipping creation")
            addserver = 0
            curserver = server

    if addserver == 1:

        # Create the vyatta device
        origserver = csobj.servers.create(vyatta_name, vimage.id, vflavor.id, key_name=keyname, nics=nics_list)

        # Wait for it to finish
        curserver = pyrax.utils.wait_until(origserver, "status", ["ACTIVE", "ERROR"])
        print "Server Password "
        print curserver.adminPass

        # Add domain entry for the vyatta device
        jardns.addRecord(vyatta_name, curserver.accessIPv4)

        # print the network & pass info
        print "Server Networks: "
        print curserver.accessIPv4

        # Sleep for a few seconds to wait for things to process before
        # configuration
        time.sleep(10)

        # Configure the Vyatta Login
        configureVyattaLogin(curserver.accessIPv4, curserver.adminPass, keytype, keyval, keyid)

        # Configure the Vyatta Networking
        dmznet = confobj.get(curjar, "dmznet_cidr")
        appnet = confobj.get(curjar, "appnet_cidr")
        datanet = confobj.get(curjar, "datanet_cidr")
        configureVyattaNats(curserver.accessIPv4, curserver.adminPass, dmznet, appnet, datanet)

        # Configure a Vyatta VPN
        vpn_shared_pass = confobj.get(curjar, "vpn_shared_pass")
        vpn_username = confobj.get(curjar, "vpn_username")
        vpn_password = confobj.get(curjar, "vpn_password")
        vpn_client_ip_range_start = confobj.get(curjar, "vpn_client_ip_range_start")
        vpn_client_ip_range_end = confobj.get(curjar, "vpn_client_ip_range_end")
        configureVyattaVPN(
            curserver.accessIPv4,
            curserver.adminPass,
            vpn_shared_pass,
            vpn_username,
            vpn_password,
            vpn_client_ip_range_start,
            vpn_client_ip_range_end,
        )
コード例 #17
0
def configureDevice(confobj, curjar, dmznet, appnet, datanet, keyname):

    # Start processing the current jar
    jarlog.logit('INFO', "Checking vyatta config for: %s" % curjar)

    # Create cloudservers object
    csobj = pyrax.cloudservers

    # Check for image
    images = csobj.list_images()
    for image in images:
        if image.name == confobj.get(curjar, "vyatta_image"):
            jarlog.logit('INFO', "Found image: %s" % image.name)
            vimage = image

    # Check for flavor
    flavors = csobj.list_flavors()
    for flavor in flavors:
        if flavor.name == confobj.get(curjar, "vyatta_flavor"):
            jarlog.logit('INFO', "Found flavor: %s" % flavor.name)
            vflavor = flavor

    # Configure nics argument
    nics_list = [{
        'net-id': '00000000-0000-0000-0000-000000000000'
    }, {
        'net-id': '11111111-1111-1111-1111-111111111111'
    }, {
        'net-id': dmznet.id
    }, {
        'net-id': appnet.id
    }, {
        'net-id': datanet.id
    }]

    # Vyatta doesn't respect the ssh keys set via openstack.  Setting it
    # manually here.
    jarlog.logit('INFO', "Setting up vyatta user ssh auth file")
    keyfile = confobj.get("global", "ssh_public_key_file")
    try:
        keystring = open(keyfile).read()
        keytype = keystring.split()[0]
        keyval = keystring.split()[1]
        keyid = keystring.split()[2]

    except IOError:
        jarlog.logit('INFO', "Error opening: %s" % keyfile)
        sys.exit()

    # Create the vyatta server
    addserver = 1
    vyatta_name = confobj.get(curjar, 'vyatta_name')
    servers = csobj.servers.list()
    for server in servers:
        if server.name == vyatta_name:
            jarlog.logit(
                'INFO', "Server " + server.name +
                " already exists.  Skipping creation")
            addserver = 0
            curserver = server

    if addserver == 1:

        # Create the vyatta device
        origserver = csobj.servers.create(vyatta_name,
                                          vimage.id,
                                          vflavor.id,
                                          key_name=keyname,
                                          nics=nics_list)

        # Wait for it to finish
        curserver = pyrax.utils.wait_until(origserver, "status",
                                           ["ACTIVE", "ERROR"])
        print "Server Password "
        print curserver.adminPass

        # Add domain entry for the vyatta device
        jardns.addRecord(vyatta_name, curserver.accessIPv4)

        # print the network & pass info
        print "Server Networks: "
        print curserver.accessIPv4

        # Sleep for a few seconds to wait for things to process before
        # configuration
        time.sleep(10)

        # Configure the Vyatta Login
        configureVyattaLogin(curserver.accessIPv4, curserver.adminPass,
                             keytype, keyval, keyid)

        # Configure the Vyatta Networking
        dmznet = confobj.get(curjar, "dmznet_cidr")
        appnet = confobj.get(curjar, "appnet_cidr")
        datanet = confobj.get(curjar, "datanet_cidr")
        configureVyattaNats(curserver.accessIPv4, curserver.adminPass, dmznet,
                            appnet, datanet)

        # Configure a Vyatta VPN
        vpn_shared_pass = confobj.get(curjar, "vpn_shared_pass")
        vpn_username = confobj.get(curjar, "vpn_username")
        vpn_password = confobj.get(curjar, "vpn_password")
        vpn_client_ip_range_start = confobj.get(curjar,
                                                "vpn_client_ip_range_start")
        vpn_client_ip_range_end = confobj.get(curjar,
                                              "vpn_client_ip_range_end")
        configureVyattaVPN(curserver.accessIPv4, curserver.adminPass,
                           vpn_shared_pass, vpn_username, vpn_password,
                           vpn_client_ip_range_start, vpn_client_ip_range_end)