def clone(self): """ create a copy of db, peers, peer creds, and config save to compressed archive used to add new nodes to system """ try: # save own credentials in clone's peer folder ownCert = "data/creds/local/server.crt" ownPubKey = "data/creds/local/server.pub" ID = get_ID(self.conf['p_wss']) certCopy = "data/creds/peers/certs/{}.crt".format(ID) keyCopy = "data/creds/peers/keys/{}.pub".format(ID) shell("cp {} {}".format(ownCert, certCopy)) shell("cp {} {}".format(ownPubKey, keyCopy)) # save groups and db to backup_dir self.state.image_state() self.cm.save_config() backupdir = "backup/" cfile = "config.ini" command = "cd data/ && tar czf clone.tar.gz {} {} creds/peers".format(cfile,backupdir) shell(command) log.info("clone of state successfully created") except Exception as e: log.info("clone of state failed")
def startup(self): """ startup routine Loads from cloned state """ # clean working dir and extract config, creds, and state log.info("Cleaning working directory...") command = "rm config.ini && rm -rf data && rm -rf creds" shell(command) log.info("Extracting cloned state...") command = "tar xzf clone.tar.gz" shell(command) # load config log.info("Loading configuration...") self.cm = ConfigManager() self.conf = self.cm.load_config(configFile) # load state log.info("Loading state...") self.state = StateManager(self.conf) self.state.load_state()
def load_config(self, configFile): log = logging.getLogger() self.config = configparser.ConfigParser() self.config.read(configFile) conf = {} conf["log"] = log conf["ip_addr"] = self.config["network"]["ip_addr"] conf["port"] = int(self.config["network"]["port"]) conf["p_wss"] = "wss://" + conf["ip_addr"] + ":" + str(conf["port"]) conf["c_wss"] = "wss://" + conf["ip_addr"] + ":" + str(conf["port"] + 1) log.info("adding peers from config") conf["peerlist"] = [] print(self.config.items("peers")) for key, val in self.config.items("peers"): wss = "wss://" + key + ":" + val conf["peerlist"].append(wss) log.info("peers added") conf["peer_certs"] = self.config["creds"]["peer_certs"] conf["peer_keys"] = self.config["creds"]["peer_keys"] conf["certfile"] = self.config["creds"]["certfile"] conf["keyfile"] = self.config["creds"]["keyfile"] # Logging log.info("verifying credentials") # verify credential file tree if not os.path.exists("data/creds"): shell("mkdir -p data/creds") if not os.path.exists("data/creds/peers"): shell("mkdir -p data/creds/peers/certs") shell("mkdir -p data/creds/peers/keys") if not os.path.exists("data/creds/local"): shell("mkdir data/creds/local") if not os.path.isfile("data/creds/local/server.key"): log.info("Generating private key") shell("openssl genrsa -passout pass:x -out server.pass.key 2048") shell("openssl rsa -passin pass:x -in server.pass.key -out data/creds/local/server.key") shell("rm server.pass.key") shell("openssl rsa -in data/creds/local/server.key -pubout > data/creds/local/server.pub") if not os.path.isfile("data/creds/local/server.crt"): log.info("Signing certificate") shell( "openssl req -new -subj '/C=SE/ST=XX/L=XX/O=XX/CN=localhost' -key data/creds/local/server.key -out data/creds/local/server.csr" ) shell( "openssl x509 -req -days 365 -in data/creds/local/server.csr -signkey data/creds/local/server.key -out data/creds/local/server.crt" ) conf["use_single_port"] = bool(self.config["system"]["use_single_port"]) conf["config_file"] = self.config["state"]["config_file"] conf["backup_dir"] = self.config["state"]["backup_dir"] conf["MAX_GROUP_SIZE"] = int(self.config["vars"]["MAX_GROUP_SIZE"]) ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23) ctx.load_cert_chain(certfile=conf["certfile"], keyfile=conf["keyfile"]) conf["ssl"] = ctx conf["is_client"] = int(self.config["testing"]["is_client"]) return conf
def load_config(self, configFile): log = logging.getLogger() self.config = configparser.ConfigParser() self.config.read(configFile) conf = {} conf['log'] = log conf['ip_addr'] = self.config['network']['ip_addr'] conf['port'] = int(self.config['network']['port']) conf['p_wss'] = "wss://"+conf['ip_addr'] +":"+ str(conf['port']) conf['c_wss'] = "wss://"+conf['ip_addr'] +":"+ str(conf['port']+1) # log.info("adding peers from config") # conf['peerlist'] = [] # for key,val in self.config.items('peers'): # wss = "wss://"+key+":"+val # conf['peerlist'].append(wss) # log.info("peers added") conf['peerlist'] = [] # empty for clean start conf['peer_certs'] = self.config['creds']['peer_certs'] conf['certfile'] = self.config['creds']['certfile'] conf['keyfile'] = self.config['creds']['keyfile'] conf['peer_keys'] = self.config['creds']['peer_keys'] # Logging log.info("verifying credentials") # verify credential file tree if not os.path.exists('creds'): shell("mkdir creds") if not os.path.exists('creds/peers'): shell("mkdir -p creds/peers/certs") shell("mkdir -p creds/peers/pubkeys") if not os.path.exists('creds/local'): shell("mkdir creds/local") if not os.path.isfile('creds/local/server.key'): log.info("Generating private key") shell("openssl genrsa -passout pass:x -out server.pass.key 2048") shell("openssl rsa -passin pass:x -in server.pass.key -out creds/local/server.key") shell("rm server.pass.key") shell("openssl rsa -in creds/local/server.key -pubout > creds/local/server.pub") if not os.path.isfile('creds/local/server.crt'): log.info("Signing certificate") shell("openssl req -new -subj '/C=SE/ST=XX/L=XX/O=XX/CN=localhost' -key creds/local/server.key -out creds/local/server.csr") shell("openssl x509 -req -days 365 -in creds/local/server.csr -signkey creds/local/server.key -out creds/local/server.crt") conf['use_single_port'] = bool(self.config['system']['use_single_port']) conf['config_file'] = self.config['state']['config_file'] conf['backup_file'] = self.config['state']['backup_file'] conf['MAX_GROUP_SIZE'] = int(self.config['vars']['MAX_GROUP_SIZE']) ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23) ctx.load_cert_chain(certfile=conf['certfile'], keyfile=conf['keyfile']) conf['ssl'] = ctx conf['is_client'] = int(self.config['testing']['is_client']) return conf
def load_config(self, configFile): log = logging.getLogger() self.config = configparser.ConfigParser() self.config.read(configFile) conf = {} conf['log'] = log conf['ip_addr'] = self.config['network']['ip_addr'] conf['port'] = int(self.config['network']['port']) conf['p_wss'] = "wss://" + conf['ip_addr'] + ":" + str(conf['port']) conf['c_wss'] = "wss://" + conf['ip_addr'] + ":" + str(conf['port'] + 1) # log.info("adding peers from config") # conf['peerlist'] = [] # for key,val in self.config.items('peers'): # wss = "wss://"+key+":"+val # conf['peerlist'].append(wss) # log.info("peers added") conf['peerlist'] = [] # empty for clean start conf['peer_certs'] = self.config['creds']['peer_certs'] conf['certfile'] = self.config['creds']['certfile'] conf['keyfile'] = self.config['creds']['keyfile'] conf['peer_keys'] = self.config['creds']['peer_keys'] # Logging log.info("verifying credentials") # verify credential file tree if not os.path.exists('creds'): shell("mkdir creds") if not os.path.exists('creds/peers'): shell("mkdir -p creds/peers/certs") shell("mkdir -p creds/peers/pubkeys") if not os.path.exists('creds/local'): shell("mkdir creds/local") if not os.path.isfile('creds/local/server.key'): log.info("Generating private key") shell("openssl genrsa -passout pass:x -out server.pass.key 2048") shell( "openssl rsa -passin pass:x -in server.pass.key -out creds/local/server.key" ) shell("rm server.pass.key") shell( "openssl rsa -in creds/local/server.key -pubout > creds/local/server.pub" ) if not os.path.isfile('creds/local/server.crt'): log.info("Signing certificate") shell( "openssl req -new -subj '/C=SE/ST=XX/L=XX/O=XX/CN=localhost' -key creds/local/server.key -out creds/local/server.csr" ) shell( "openssl x509 -req -days 365 -in creds/local/server.csr -signkey creds/local/server.key -out creds/local/server.crt" ) conf['use_single_port'] = bool( self.config['system']['use_single_port']) conf['config_file'] = self.config['state']['config_file'] conf['backup_file'] = self.config['state']['backup_file'] conf['MAX_GROUP_SIZE'] = int(self.config['vars']['MAX_GROUP_SIZE']) ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23) ctx.load_cert_chain(certfile=conf['certfile'], keyfile=conf['keyfile']) conf['ssl'] = ctx conf['is_client'] = int(self.config['testing']['is_client']) return conf