def configure_instance_security(self, parameters): """ Creates a GCE network and firewall with the specified name, and opens the ports on that firewall as needed for AppScale. We expect both the network and the firewall to not exist before this point, to avoid accidentally placing AppScale instances from different deployments in the same network and firewall (thus enabling them to see each other's web traffic). Args: parameters: A dict with keys for each parameter needed to connect to Google Compute Engine, and an additional key indicating the name of the network and firewall that we should create in GCE. Returns: True, if the named network and firewall was created successfully. Raises: AgentRuntimeException: If the named network or firewall already exist in GCE. """ AppScaleLogger.log("Verifying that SSH key exists locally") keyname = parameters[self.PARAM_KEYNAME] private_key = LocalState.LOCAL_APPSCALE_PATH + keyname public_key = private_key + ".pub" if os.path.exists(private_key) or os.path.exists(public_key): raise AgentRuntimeException( "SSH key already found locally - please " + "use a different keyname") LocalState.generate_rsa_key(keyname, parameters[self.PARAM_VERBOSE]) ssh_key_exists, all_ssh_keys = self.does_ssh_key_exist(parameters) if not ssh_key_exists: self.create_ssh_key(parameters, all_ssh_keys) if self.does_network_exist(parameters): raise AgentRuntimeException("Network already exists - please use a " + \ "different group name.") if self.does_firewall_exist(parameters): raise AgentRuntimeException("Firewall already exists - please use a " + \ "different group name.") network_url = self.create_network(parameters) self.create_firewall(parameters, network_url)
def add_keypair(cls, options): """Sets up passwordless SSH login to the machines used in a virtualized cluster deployment. Args: options: A Namespace that has fields for each parameter that can be passed in via the command-line interface. Raises: AppScaleException: If any of the machines named in the ips_layout are not running, or do not have the SSH daemon running. """ LocalState.require_ssh_commands(options.auto, options.verbose) LocalState.make_appscale_directory() path = LocalState.LOCAL_APPSCALE_PATH + options.keyname if options.add_to_existing: public_key = path + ".pub" private_key = path else: public_key, private_key = LocalState.generate_rsa_key(options.keyname, options.verbose) if options.auto: if 'root_password' in options: AppScaleLogger.log("Using the provided root password to log into " + \ "your VMs.") password = options.root_password else: AppScaleLogger.log("Please enter the password for the root user on" + \ " your VMs:") password = getpass.getpass() node_layout = NodeLayout(options) if not node_layout.is_valid(): raise BadConfigurationException("There were problems with your " + \ "placement strategy: " + str(node_layout.errors())) all_ips = [node.public_ip for node in node_layout.nodes] for ip in all_ips: # first, make sure ssh is actually running on the host machine if not RemoteHelper.is_port_open(ip, RemoteHelper.SSH_PORT, options.verbose): raise AppScaleException("SSH does not appear to be running at {0}. " \ "Is the machine at {0} up and running? Make sure your IPs are " \ "correct!".format(ip)) # next, set up passwordless ssh AppScaleLogger.log("Executing ssh-copy-id for host: {0}".format(ip)) if options.auto: LocalState.shell("{0} root@{1} {2} {3}".format(cls.EXPECT_SCRIPT, ip, private_key, password), options.verbose) else: LocalState.shell("ssh-copy-id -i {0} root@{1}".format(private_key, ip), options.verbose) AppScaleLogger.success("Generated a new SSH key for this deployment " + \ "at {0}".format(private_key))
def add_keypair(cls, options): """Sets up passwordless SSH login to the machines used in a virtualized cluster deployment. Args: options: A Namespace that has fields for each parameter that can be passed in via the command-line interface. """ LocalState.require_ssh_commands(options.auto, options.verbose) LocalState.make_appscale_directory() path = LocalState.LOCAL_APPSCALE_PATH + options.keyname if options.add_to_existing: public_key = path + ".pub" private_key = path else: public_key, private_key = LocalState.generate_rsa_key( options.keyname, options.verbose) if options.auto: if 'root_password' in options: AppScaleLogger.log("Using the provided root password to log into " + \ "your VMs.") password = options.root_password else: AppScaleLogger.log("Please enter the password for the root user on" + \ " your VMs:") password = getpass.getpass() node_layout = NodeLayout(options) if not node_layout.is_valid(): raise BadConfigurationException("There were problems with your " + \ "placement strategy: " + str(node_layout.errors())) all_ips = [node.public_ip for node in node_layout.nodes] for ip in all_ips: # first, set up passwordless ssh AppScaleLogger.log( "Executing ssh-copy-id for host: {0}".format(ip)) if options.auto: LocalState.shell( "{0} root@{1} {2} {3}".format(cls.EXPECT_SCRIPT, ip, private_key, password), options.verbose) else: LocalState.shell( "ssh-copy-id -i {0} root@{1}".format(private_key, ip), options.verbose) # next, copy over the ssh keypair we generate RemoteHelper.scp(ip, options.keyname, public_key, '/root/.ssh/id_rsa.pub', options.verbose) RemoteHelper.scp(ip, options.keyname, private_key, '/root/.ssh/id_rsa', options.verbose) AppScaleLogger.success("Generated a new SSH key for this deployment " + \ "at {0}".format(private_key))
def add_keypair(cls, options): """Sets up passwordless SSH login to the machines used in a virtualized cluster deployment. Args: options: A Namespace that has fields for each parameter that can be passed in via the command-line interface. """ LocalState.require_ssh_commands(options.auto, options.verbose) LocalState.make_appscale_directory() path = LocalState.LOCAL_APPSCALE_PATH + options.keyname if options.add_to_existing: public_key = path + ".pub" private_key = path else: public_key, private_key = LocalState.generate_rsa_key(options.keyname, options.verbose) if options.auto: if 'root_password' in options: AppScaleLogger.log("Using the provided root password to log into " + \ "your VMs.") password = options.root_password else: AppScaleLogger.log("Please enter the password for the root user on" + \ " your VMs:") password = getpass.getpass() node_layout = NodeLayout(options) if not node_layout.is_valid(): raise BadConfigurationException("There were problems with your " + \ "placement strategy: " + str(node_layout.errors())) all_ips = [node.public_ip for node in node_layout.nodes] for ip in all_ips: # first, set up passwordless ssh AppScaleLogger.log("Executing ssh-copy-id for host: {0}".format(ip)) if options.auto: LocalState.shell("{0} root@{1} {2} {3}".format(cls.EXPECT_SCRIPT, ip, private_key, password), options.verbose) else: LocalState.shell("ssh-copy-id -i {0} root@{1}".format(private_key, ip), options.verbose) # next, copy over the ssh keypair we generate RemoteHelper.scp(ip, options.keyname, public_key, '/root/.ssh/id_rsa.pub', options.verbose) RemoteHelper.scp(ip, options.keyname, private_key, '/root/.ssh/id_rsa', options.verbose) AppScaleLogger.success("Generated a new SSH key for this deployment " + \ "at {0}".format(private_key))