def test_ping(self):
print('\nTesting ping ...')
try:
node_service = self.dbsession.query(models.Node, models.NodeService, models.Service).\
filter(models.Node.node == self.node_ip_address).\
filter(models.Node.id == models.NodeService.id_node).\
filter(models.NodeService.id_service == models.Service.id).\
filter(models.Service.service == 'ping').first()
node_service.NodeService.status = 0
node_service.NodeService.log = ''
command = 'ping %s -c 1 -W 15' % node_service.Node.node
result = local_command.local_command(command)
if result[0] != 0:
node_service.NodeService.status = 1
node_service.NodeService.log = str(result[1].decode()[:250])
self.dbsession.flush()
except Exception as error:
self.dbsession.rollback()
print('Database error for ping test on node: %s - %s' % (self.node_ip_address, error))
def configure_crontab(self):
print('\nConfiguring crontab ...')
try:
node_configuration = self.dbsession.query(models.Node, models.NodeConfiguration, models.Configuration). \
filter(models.Node.node == self.node_ip_address). \
filter(models.Node.id == models.NodeConfiguration.id_node). \
filter(models.NodeConfiguration.id_configuration == models.Configuration.id). \
filter(models.Configuration.configuration == 'crontab').first()
if node_configuration_status(self.dbsession, self.node_ip_address):
home_dir = os.getcwd()
command = 'sudo -u minisecbgpuser bash -c \'echo -e "# Start job every 1 minute (monitor %s)\n' \
'* * * * * minisecbgpuser %s/venv/bin/MiniSecBGP_node_service ' \
'--config-file=%s/minisecbgp.ini ' \
'--execution-type=scheduled ' \
'--node-ip-address=%s" | ' \
'sudo tee /etc/cron.d/MiniSecBGP_node_service_%s\'' % \
(self.node_ip_address, home_dir, home_dir, self.node_ip_address, self.node_ip_address)
result = local_command.local_command(command)
if result[0] == 1:
node_configuration.NodeConfiguration.status = 1
node_configuration.NodeConfiguration.log = str(
result[2].decode())
self.dbsession.flush()
return
node_configuration.NodeConfiguration.status = 0
node_configuration.NodeConfiguration.log = ''
else:
node_configuration.NodeConfiguration.status = 1
node_configuration.NodeConfiguration.log = 'Aborted'
self.dbsession.flush()
except Exception as error:
self.dbsession.rollback()
print('Database error for crontab configuration on node: %s - %s' %
(self.node_ip_address, error))
def configure_ssh(self):
print('\nConfiguring ssh ...')
try:
node_configuration = self.dbsession.query(models.Node, models.NodeConfiguration, models.Configuration). \
filter(models.Node.node == self.node_ip_address). \
filter(models.Node.id == models.NodeConfiguration.id_node). \
filter(models.NodeConfiguration.id_configuration == models.Configuration.id). \
filter(models.Configuration.configuration == 'ssh').first()
if node_configuration_status(self.dbsession, self.node_ip_address):
node_configuration.NodeConfiguration.status = 0
node_configuration.NodeConfiguration.log = ''
commands = [
'ssh-keygen -t rsa -N "" -f /home/minisecbgpuser/.ssh/id_rsa',
'echo "Host *\nStrictHostKeyChecking no" | tee --append /home/minisecbgpuser/.ssh/config',
'chmod 400 /home/minisecbgpuser/.ssh/config'
]
for command in commands:
service_ssh, service_ssh_status, command_output, command_error_warning, command_status = \
ssh.ssh(self.node_ip_address, 'minisecbgpuser', self.password, command)
if service_ssh == 1:
node_configuration.NodeConfiguration.status = 1
node_configuration.NodeConfiguration.log = service_ssh_status[:
250]
self.dbsession.flush()
return
else:
if command_status != 0:
node_configuration.NodeConfiguration.status = 1
node_configuration.NodeConfiguration.log = service_ssh_status[:
62]
# update authorized_keys file on Workers to allow "minisecbgpuser" ssh remote connections without password
command = 'sudo -u minisecbgpuser sshpass -p "%s" scp -o StrictHostKeyChecking=no ' \
'minisecbgpuser@%s:/home/minisecbgpuser/.ssh/id_rsa.pub ' \
'/home/minisecbgpuser/.ssh/authorized_keys.tmp' % (self.password, self.node_ip_address)
result = local_command.local_command(command)
if result[0] == 1:
node_configuration.NodeConfiguration.status = result[0]
node_configuration.NodeConfiguration.log = node_configuration.NodeConfiguration.log + str(
result[2].decode()[:62])
command = 'sudo -u minisecbgpuser cat /home/minisecbgpuser/.ssh/authorized_keys.tmp |' \
'sudo -u minisecbgpuser tee --append /home/minisecbgpuser/.ssh/authorized_keys'
result = local_command.local_command(command)
if result[0] == 1:
node_configuration.NodeConfiguration.status = result[0]
node_configuration.NodeConfiguration.log = node_configuration.NodeConfiguration.log + str(
result[2].decode()[:62])
command = 'sudo -u minisecbgpuser sshpass -p "%s" scp -o StrictHostKeyChecking=no ' \
'/home/minisecbgpuser/.ssh/authorized_keys minisecbgpuser@%s:/home/minisecbgpuser/.ssh/' \
% (self.password, self.node_ip_address)
result = local_command.local_command(command)
if result[0] == 1:
node_configuration.NodeConfiguration.status = result[0]
node_configuration.NodeConfiguration.log = node_configuration.NodeConfiguration.log + str(
result[2].decode()[:62])
else:
node_configuration.NodeConfiguration.status = 1
node_configuration.NodeConfiguration.log = 'Aborted'
self.dbsession.flush()
except Exception as error:
self.dbsession.rollback()
print('Database error for ssh configuration on node: %s - %s' %
(self.node_ip_address, error))
def install_quagga(self):
print('\nInstalling Quagga router ...')
try:
node_install = self.dbsession.query(models.Node, models.NodeInstall, models.Install). \
filter(models.Node.node == self.node_ip_address). \
filter(models.Node.id == models.NodeInstall.id_node). \
filter(models.NodeInstall.id_install == models.Install.id). \
filter(models.Install.install == 'quagga').first()
if node_install_status(self.dbsession, self.node_ip_address):
commands = ['sudo killall -9 -u quagga 2>/dev/null || exit 0',
'sudo userdel -r quagga 2>/dev/null || exit 0',
'sudo groupdel quaggavty 2>/dev/null || exit 0',
'sudo addgroup --system --gid 92 quagga',
'sudo addgroup --system --gid 85 quaggavty',
'sudo adduser --system --ingroup quagga --home /var/run/quagga/ --gecos "Quagga routing suite" --shell /bin/false quagga',
'sudo apt install libreadline-dev pkg-config libc-ares-dev gawk -y',
'rm -f /home/minisecbgpuser/quagga-1.2.4.tar.gz 2>/dev/null || exit 0',
'rm -f /home/minisecbgpuser/quagga-1.2.4.tar 2>/dev/null || exit 0',
'rm -rf /home/minisecbgpuser/quagga-1.2.4 2>/dev/null || exit 0']
for command in commands:
service_ssh, service_ssh_status, command_output, command_error_warning, command_status = \
ssh.ssh(self.node_ip_address, 'minisecbgpuser', self.password, command)
if service_ssh == 1:
node_install.NodeInstall.status = service_ssh
node_install.NodeInstall.log = service_ssh_status[:250]
self.dbsession.flush()
return
else:
if command_status != 0:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = command_error_warning[:250]
self.dbsession.flush()
return
command = 'ssh-keygen -R %s; sshpass -p "%s" scp -o StrictHostKeyChecking=no ./programs/quagga-1.2.4.tar.gz ' \
'minisecbgpuser@%s:/home/minisecbgpuser/' % (self.node_ip_address, self.password, self.node_ip_address)
result = local_command.local_command(command)
if result[0] == 1:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = str(result[2].decode()[:250])
self.dbsession.flush()
return
commands = ['tar -xvzf /home/minisecbgpuser/quagga-1.2.4.tar.gz -C /home/minisecbgpuser;'
'cd /home/minisecbgpuser/quagga-1.2.4/;'
'./configure --prefix=/home/minisecbgpuser/quagga-1.2.4 --localstatedir=/var/run/quagga/ --enable-vtysh;'
'cd /home/minisecbgpuser/quagga-1.2.4/; make;'
'cd /home/minisecbgpuser/quagga-1.2.4/; make install']
for command in commands:
service_ssh, service_ssh_status, command_output, command_error_warning, command_status = \
ssh.ssh(self.node_ip_address, 'minisecbgpuser', self.password, command)
if service_ssh == 1:
node_install.NodeInstall.status = service_ssh
node_install.NodeInstall.log = service_ssh_status[:250]
self.dbsession.flush()
return
else:
if command_status != 0:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = command_error_warning[:250]
self.dbsession.flush()
return
node_install.NodeInstall.status = 0
node_install.NodeInstall.log = ''
else:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = 'Aborted'
self.dbsession.flush()
except Exception as error:
self.dbsession.rollback()
print('Database error for Quagga installation on node: %s - %s' % (self.node_ip_address, error))
def install_maxinet(self):
print('\nInstalling Maxinet ...')
try:
node_install = self.dbsession.query(models.Node, models.NodeInstall, models.Install). \
filter(models.Node.node == self.node_ip_address). \
filter(models.Node.id == models.NodeInstall.id_node). \
filter(models.NodeInstall.id_install == models.Install.id). \
filter(models.Install.install == 'maxinet').first()
nodes = self.dbsession.query(models.Node).all()
if node_install_status(self.dbsession, self.node_ip_address):
# install MaxiNet on all cluster nodes
commands = ['git clone git://github.com/MaxiNet/MaxiNet.git',
'cd /home/minisecbgpuser/MaxiNet;'
'git checkout v1.2;'
'sudo make install']
for command in commands:
service_ssh, service_ssh_status, command_output, command_error_warning, command_status = \
ssh.ssh(self.node_ip_address, 'minisecbgpuser', self.password, command)
if service_ssh == 1:
node_install.NodeInstall.status = service_ssh
node_install.NodeInstall.log = service_ssh_status[:250]
self.dbsession.flush()
return
else:
if command_status != 0:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = command_error_warning[:250]
self.dbsession.flush()
return
# create MaxiNetFrontendServer and MaxiNetWorker services (on Master)
if node_install.Node.master:
command = 'sudo -u minisecbgpuser bash -c \'' \
'echo "[Unit]\n' \
'Description=Pox Controller\n' \
'After=syslog.target network.target\n\n' \
'[Service]\n' \
'ExecStart=/home/minisecbgpuser/pox/pox.py forwarding.l2_learning\n\n' \
'[Install]\n' \
'WantedBy=default.target\n" | sudo tee /etc/systemd/system/pox.service; \'; ' \
'sudo -u minisecbgpuser bash -c \'' \
'echo "[Unit]\n' \
'Description=MaxiNetFrontendServer\n' \
'After=syslog.target network.target\n\n' \
'[Service]\n' \
'ExecStart=/usr/local/bin/MaxiNetFrontendServer\n\n' \
'[Install]\n' \
'WantedBy=default.target\n" | sudo tee /etc/systemd/system/MaxiNetFrontendServer.service; \'; ' \
'sudo -u minisecbgpuser bash -c \'' \
'echo "[Unit]\n' \
'Description=MaxiNetWorker\n' \
'After=syslog.target network.target MaxiNetFrontendServer.service\n\n' \
'[Service]\n' \
'ExecStart=/usr/local/bin/MaxiNetWorker\n\n' \
'[Install]\n' \
'WantedBy=default.target\n" | sudo tee /etc/systemd/system/MaxiNetWorker.service; \'; ' \
'sudo -u minisecbgpuser bash -c \'' \
'sudo systemctl daemon-reload; ' \
'sudo systemctl enable MaxiNetFrontendServer; \''
result = local_command.local_command(command)
if result[0] == 1:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = str(result[2].decode()[:250])
self.dbsession.flush()
return
# configure MaxiNet.cfg
for node in nodes:
if node.master:
command = 'sudo -u minisecbgpuser bash -c \'' \
'echo "[all]\n' \
'password = MiniSecBGP\n' \
'controller = %s:6633\n' \
'logLevel = ERROR\n' \
'port_ns = 9090\n' \
'port_sshd = 5345\n' \
'runWith1500MTU = False\n' \
'useMultipleIPs = 0\n' \
'deactivateTSO = True\n' \
'sshuser = minisecbgpuser\n' \
'usesudo = True\n' \
'useSTT = False\n\n' \
'[FrontendServer]\n' \
'ip = %s\n' \
'threadpool = 256\n" | sudo tee /etc/MaxiNet.cfg; \'' % \
(node.node, node.node)
result = local_command.local_command(command)
if result[0] == 1:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = str(result[2].decode()[:250])
self.dbsession.flush()
return
command = 'sudo -u minisecbgpuser bash -c \'' \
'echo "[%s]\n' \
'ip = %s\n' \
'share = 1\n" | sudo tee --append /etc/MaxiNet.cfg; \'' % \
(node.hostname, node.node)
result = local_command.local_command(command)
if result[0] == 1:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = str(result[2].decode()[:250])
self.dbsession.flush()
return
# send MaxiNet.cfg and MaxiNetWorker.service files to all Workers cluster nodes
for node in nodes:
if not node.master:
command = 'sudo -u minisecbgpuser bash -c \'' \
'scp -o StrictHostKeyChecking=no /etc/MaxiNet.cfg minisecbgpuser@%s:/home/minisecbgpuser; ' \
'scp -o StrictHostKeyChecking=no /etc/systemd/system/MaxiNetWorker.service minisecbgpuser@%s:/home/minisecbgpuser; ' \
'ssh %s sudo mv /home/minisecbgpuser/MaxiNet.cfg /etc/MaxiNet.cfg; ' \
'ssh %s sudo mv /home/minisecbgpuser/MaxiNetWorker.service /etc/systemd/system/MaxiNetWorker.service; \'' \
% (node.node, node.node, node.node, node.node)
result = local_command.local_command(command)
if result[0] == 1:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = str(result[2].decode()[:250])
self.dbsession.flush()
return
# configure /etc/hosts on all cluster nodes
for node in nodes:
command = 'sudo -u minisecbgpuser bash -c \'' \
'ssh %s "sudo sed --i \\"/# MiniSecBGP cluster node/d\\" /etc/hosts | sudo tee --append /etc/hosts;"; \'' % node.node
result = local_command.local_command(command)
if result[0] == 1:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = str(result[2].decode()[:250])
self.dbsession.flush()
return
for host in nodes:
command = 'sudo -u minisecbgpuser bash -c \'' \
'ssh %s "echo %s %s \# MiniSecBGP cluster node | sudo tee --append /etc/hosts"; \'' \
% (node.node, host.node, host.hostname)
result = local_command.local_command(command)
if result[0] == 1:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = str(result[2].decode()[:250])
self.dbsession.flush()
return
# restart MaxiNet services (MaxiNetFrontendServer and MaxiNetWorker) on all cluster nodes
for node in nodes:
if node.master:
command = 'sudo -u minisecbgpuser bash -c \'' \
'sudo systemctl restart MaxiNetFrontendServer; ' \
'sleep 5; \''
result = local_command.local_command(command)
if result[0] == 1:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = str(result[2].decode()[:250])
self.dbsession.flush()
return
command = 'sudo -u minisecbgpuser bash -c \'' \
'ssh %s sudo systemctl daemon-reload; ' \
'ssh %s sudo systemctl enable pox; ' \
'ssh %s sudo systemctl restart pox; ' \
'ssh %s sudo systemctl enable MaxiNetWorker; ' \
'ssh %s sudo systemctl restart MaxiNetWorker; \'' % \
(node.node, node.node, node.node, node.node, node.node)
result = local_command.local_command(command)
if result[0] == 1:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = str(result[2].decode()[:250])
self.dbsession.flush()
return
node_install.NodeInstall.status = 0
node_install.NodeInstall.log = ''
else:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = 'Aborted'
self.dbsession.flush()
except Exception as error:
self.dbsession.rollback()
print('Database error for MaxiNet installation on node: %s - %s' % (self.node_ip_address, error))
def install_metis(self):
print('\nInstalling Metis ...')
try:
node_install = self.dbsession.query(models.Node, models.NodeInstall, models.Install). \
filter(models.Node.node == self.node_ip_address). \
filter(models.Node.id == models.NodeInstall.id_node). \
filter(models.NodeInstall.id_install == models.Install.id). \
filter(models.Install.install == 'metis').first()
if node_install_status(self.dbsession, self.node_ip_address):
if node_install.Node.master: # install Metis only on master node
try:
command = 'sshpass -p "%s" scp -o StrictHostKeyChecking=no ./programs/metis-5.1.0.tar.gz ' \
'minisecbgpuser@%s:/home/minisecbgpuser/' % (self.password, self.node_ip_address)
result = local_command.local_command(command)
if result[0] == 1:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = str(result[2].decode()[:250])
self.dbsession.flush()
return
commands = ['tar -xvzf /home/minisecbgpuser/metis-5.1.0.tar.gz -C /home/minisecbgpuser',
'cd /home/minisecbgpuser/metis-5.1.0;'
'sudo make config shared=1;'
'sudo make;'
'sudo make install;'
'sudo ldconfig']
for command in commands:
service_ssh, service_ssh_status, command_output, command_error_warning, command_status = \
ssh.ssh(self.node_ip_address, 'minisecbgpuser', self.password, command)
if service_ssh == 1:
node_install.NodeInstall.status = service_ssh
node_install.NodeInstall.log = service_ssh_status[:250]
self.dbsession.flush()
return
else:
if command_status != 0:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = command_error_warning[:250]
self.dbsession.flush()
return
node_install.NodeInstall.status = 0
node_install.NodeInstall.log = ''
self.dbsession.flush()
except Exception as error:
self.dbsession.rollback()
print('Database error for Metis installation on node: %s - %s' % (self.node_ip_address, error))
else:
try:
node_install.NodeInstall.status = 0
node_install.NodeInstall.log = 'Metis installation is not necessary on Workers'
self.dbsession.flush()
except Exception as error:
self.dbsession.rollback()
print('Database error for Metis installation on node: %s - %s' % (self.node_ip_address, error))
else:
node_install.NodeInstall.status = 1
node_install.NodeInstall.log = 'Aborted'
self.dbsession.flush()
except Exception as error:
self.dbsession.rollback()
print('Database error for Metis installation on node: %s - %s' % (self.node_ip_address, error))