def clone(self):
"""
create a copy of db, peers, peer creds, and config
save to compressed archive
used to add new nodes to system
"""
try:
# save own credentials in clone's peer folder
ownCert = "data/creds/local/server.crt"
ownPubKey = "data/creds/local/server.pub"
ID = get_ID(self.conf['p_wss'])
certCopy = "data/creds/peers/certs/{}.crt".format(ID)
keyCopy = "data/creds/peers/keys/{}.pub".format(ID)
shell("cp {} {}".format(ownCert, certCopy))
shell("cp {} {}".format(ownPubKey, keyCopy))
# save groups and db to backup_dir
self.state.image_state()
self.cm.save_config()
backupdir = "backup/"
cfile = "config.ini"
command = "cd data/ && tar czf clone.tar.gz {} {} creds/peers".format(cfile,backupdir)
shell(command)
log.info("clone of state successfully created")
except Exception as e:
log.info("clone of state failed")
def startup(self):
"""
startup routine
Loads from cloned state
"""
# clean working dir and extract config, creds, and state
log.info("Cleaning working directory...")
command = "rm config.ini && rm -rf data && rm -rf creds"
shell(command)
log.info("Extracting cloned state...")
command = "tar xzf clone.tar.gz"
shell(command)
# load config
log.info("Loading configuration...")
self.cm = ConfigManager()
self.conf = self.cm.load_config(configFile)
# load state
log.info("Loading state...")
self.state = StateManager(self.conf)
self.state.load_state()
def startup(self):
"""
startup routine
Loads from cloned state
"""
# clean working dir and extract config, creds, and state
log.info("Cleaning working directory...")
command = "rm config.ini && rm -rf data && rm -rf creds"
shell(command)
log.info("Extracting cloned state...")
command = "tar xzf clone.tar.gz"
shell(command)
# load config
log.info("Loading configuration...")
self.cm = ConfigManager()
self.conf = self.cm.load_config(configFile)
# load state
log.info("Loading state...")
self.state = StateManager(self.conf)
self.state.load_state()
def load_config(self, configFile):
log = logging.getLogger()
self.config = configparser.ConfigParser()
self.config.read(configFile)
conf = {}
conf["log"] = log
conf["ip_addr"] = self.config["network"]["ip_addr"]
conf["port"] = int(self.config["network"]["port"])
conf["p_wss"] = "wss://" + conf["ip_addr"] + ":" + str(conf["port"])
conf["c_wss"] = "wss://" + conf["ip_addr"] + ":" + str(conf["port"] + 1)
log.info("adding peers from config")
conf["peerlist"] = []
print(self.config.items("peers"))
for key, val in self.config.items("peers"):
wss = "wss://" + key + ":" + val
conf["peerlist"].append(wss)
log.info("peers added")
conf["peer_certs"] = self.config["creds"]["peer_certs"]
conf["peer_keys"] = self.config["creds"]["peer_keys"]
conf["certfile"] = self.config["creds"]["certfile"]
conf["keyfile"] = self.config["creds"]["keyfile"]
# Logging
log.info("verifying credentials")
# verify credential file tree
if not os.path.exists("data/creds"):
shell("mkdir -p data/creds")
if not os.path.exists("data/creds/peers"):
shell("mkdir -p data/creds/peers/certs")
shell("mkdir -p data/creds/peers/keys")
if not os.path.exists("data/creds/local"):
shell("mkdir data/creds/local")
if not os.path.isfile("data/creds/local/server.key"):
log.info("Generating private key")
shell("openssl genrsa -passout pass:x -out server.pass.key 2048")
shell("openssl rsa -passin pass:x -in server.pass.key -out data/creds/local/server.key")
shell("rm server.pass.key")
shell("openssl rsa -in data/creds/local/server.key -pubout > data/creds/local/server.pub")
if not os.path.isfile("data/creds/local/server.crt"):
log.info("Signing certificate")
shell(
"openssl req -new -subj '/C=SE/ST=XX/L=XX/O=XX/CN=localhost' -key data/creds/local/server.key -out data/creds/local/server.csr"
)
shell(
"openssl x509 -req -days 365 -in data/creds/local/server.csr -signkey data/creds/local/server.key -out data/creds/local/server.crt"
)
conf["use_single_port"] = bool(self.config["system"]["use_single_port"])
conf["config_file"] = self.config["state"]["config_file"]
conf["backup_dir"] = self.config["state"]["backup_dir"]
conf["MAX_GROUP_SIZE"] = int(self.config["vars"]["MAX_GROUP_SIZE"])
ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
ctx.load_cert_chain(certfile=conf["certfile"], keyfile=conf["keyfile"])
conf["ssl"] = ctx
conf["is_client"] = int(self.config["testing"]["is_client"])
return conf
def load_config(self, configFile):
log = logging.getLogger()
self.config = configparser.ConfigParser()
self.config.read(configFile)
conf = {}
conf['log'] = log
conf['ip_addr'] = self.config['network']['ip_addr']
conf['port'] = int(self.config['network']['port'])
conf['p_wss'] = "wss://"+conf['ip_addr'] +":"+ str(conf['port'])
conf['c_wss'] = "wss://"+conf['ip_addr'] +":"+ str(conf['port']+1)
# log.info("adding peers from config")
# conf['peerlist'] = []
# for key,val in self.config.items('peers'):
# wss = "wss://"+key+":"+val
# conf['peerlist'].append(wss)
# log.info("peers added")
conf['peerlist'] = [] # empty for clean start
conf['peer_certs'] = self.config['creds']['peer_certs']
conf['certfile'] = self.config['creds']['certfile']
conf['keyfile'] = self.config['creds']['keyfile']
conf['peer_keys'] = self.config['creds']['peer_keys']
# Logging
log.info("verifying credentials")
# verify credential file tree
if not os.path.exists('creds'):
shell("mkdir creds")
if not os.path.exists('creds/peers'):
shell("mkdir -p creds/peers/certs")
shell("mkdir -p creds/peers/pubkeys")
if not os.path.exists('creds/local'):
shell("mkdir creds/local")
if not os.path.isfile('creds/local/server.key'):
log.info("Generating private key")
shell("openssl genrsa -passout pass:x -out server.pass.key 2048")
shell("openssl rsa -passin pass:x -in server.pass.key -out creds/local/server.key")
shell("rm server.pass.key")
shell("openssl rsa -in creds/local/server.key -pubout > creds/local/server.pub")
if not os.path.isfile('creds/local/server.crt'):
log.info("Signing certificate")
shell("openssl req -new -subj '/C=SE/ST=XX/L=XX/O=XX/CN=localhost' -key creds/local/server.key -out creds/local/server.csr")
shell("openssl x509 -req -days 365 -in creds/local/server.csr -signkey creds/local/server.key -out creds/local/server.crt")
conf['use_single_port'] = bool(self.config['system']['use_single_port'])
conf['config_file'] = self.config['state']['config_file']
conf['backup_file'] = self.config['state']['backup_file']
conf['MAX_GROUP_SIZE'] = int(self.config['vars']['MAX_GROUP_SIZE'])
ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
ctx.load_cert_chain(certfile=conf['certfile'], keyfile=conf['keyfile'])
conf['ssl'] = ctx
conf['is_client'] = int(self.config['testing']['is_client'])
return conf
def load_config(self, configFile):
log = logging.getLogger()
self.config = configparser.ConfigParser()
self.config.read(configFile)
conf = {}
conf['log'] = log
conf['ip_addr'] = self.config['network']['ip_addr']
conf['port'] = int(self.config['network']['port'])
conf['p_wss'] = "wss://" + conf['ip_addr'] + ":" + str(conf['port'])
conf['c_wss'] = "wss://" + conf['ip_addr'] + ":" + str(conf['port'] +
1)
# log.info("adding peers from config")
# conf['peerlist'] = []
# for key,val in self.config.items('peers'):
# wss = "wss://"+key+":"+val
# conf['peerlist'].append(wss)
# log.info("peers added")
conf['peerlist'] = [] # empty for clean start
conf['peer_certs'] = self.config['creds']['peer_certs']
conf['certfile'] = self.config['creds']['certfile']
conf['keyfile'] = self.config['creds']['keyfile']
conf['peer_keys'] = self.config['creds']['peer_keys']
# Logging
log.info("verifying credentials")
# verify credential file tree
if not os.path.exists('creds'):
shell("mkdir creds")
if not os.path.exists('creds/peers'):
shell("mkdir -p creds/peers/certs")
shell("mkdir -p creds/peers/pubkeys")
if not os.path.exists('creds/local'):
shell("mkdir creds/local")
if not os.path.isfile('creds/local/server.key'):
log.info("Generating private key")
shell("openssl genrsa -passout pass:x -out server.pass.key 2048")
shell(
"openssl rsa -passin pass:x -in server.pass.key -out creds/local/server.key"
)
shell("rm server.pass.key")
shell(
"openssl rsa -in creds/local/server.key -pubout > creds/local/server.pub"
)
if not os.path.isfile('creds/local/server.crt'):
log.info("Signing certificate")
shell(
"openssl req -new -subj '/C=SE/ST=XX/L=XX/O=XX/CN=localhost' -key creds/local/server.key -out creds/local/server.csr"
)
shell(
"openssl x509 -req -days 365 -in creds/local/server.csr -signkey creds/local/server.key -out creds/local/server.crt"
)
conf['use_single_port'] = bool(
self.config['system']['use_single_port'])
conf['config_file'] = self.config['state']['config_file']
conf['backup_file'] = self.config['state']['backup_file']
conf['MAX_GROUP_SIZE'] = int(self.config['vars']['MAX_GROUP_SIZE'])
ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
ctx.load_cert_chain(certfile=conf['certfile'], keyfile=conf['keyfile'])
conf['ssl'] = ctx
conf['is_client'] = int(self.config['testing']['is_client'])
return conf
