def build_network_profile(ctx):
"""
Creates a networkProfile object complete with
a list of networkInterface objects
:returns: networkProfile object
:rtype: dict
"""
network_interfaces = list()
net_rels = utils.get_relationships_by_type(
ctx.instance.relationships,
constants.REL_CONNECTED_TO_NIC)
ctx.logger.debug('net_rels: {0}'.format(
[net_rel.target.node.id for net_rel in net_rels]))
for net_rel in net_rels:
# Get the NIC resource ID
nic_id = net_rel.target.instance.runtime_properties.get("resource_id")
primary = net_rel.target.node.properties.get('primary', False)
network_interface = NetworkInterfaceReference(
id=nic_id,
primary=primary)
if primary:
network_interfaces.insert(0, network_interface)
else:
network_interfaces.append(network_interface)
return NetworkProfile(network_interfaces=network_interfaces)
def _build_nic_list(resource_group_name, nic_ids, nic_names):
from azure.mgmt.network import NetworkManagementClient
from azure.mgmt.compute.models import NetworkInterfaceReference
nics = []
if nic_names or nic_ids:
#pylint: disable=no-member
network_client = get_mgmt_service_client(NetworkManagementClient)
for n in nic_names:
nic = network_client.network_interfaces.get(resource_group_name, n)
nics.append(NetworkInterfaceReference(nic.id, False))
for n in nic_ids:
rg, name = _parse_rg_name(n)
nic = network_client.network_interfaces.get(rg, name)
nics.append(NetworkInterfaceReference(nic.id, False))
return nics
def test_add_single_nic_on_vm(self, client_mock, mock_vm_set, mock_vm_get):
#pylint: disable=line-too-long
new_nic_name = 'new_nic'
new_nic_id = '/subscriptions/123/resourceGroups/rg1/providers/Microsoft.Network/networkInterfaces/' + new_nic_name
new_nic = NetworkInterfaceReference(new_nic_id, False)
#stub to get the vm which has no nic
vm = FakedVM()
vm.network_profile = None
mock_vm_get.return_value = vm
#stub to return nic on 'get'
network_client_fake = mock.MagicMock()
network_client_fake.network_interfaces.get.return_value = new_nic
client_mock.return_value = network_client_fake
#execute
vm_add_nics('rg1', 'vm1', [new_nic_id], [])
#assert
self.assertTrue(mock_vm_get.called)
mock_vm_set.assert_called_once_with(vm)
network_client_fake.network_interfaces.get.assert_called_once_with(
'rg1', new_nic_name)
self.assertEqual(len(vm.network_profile.network_interfaces), 1)
self.assertEqual(vm.network_profile.network_interfaces[0].id,
new_nic_id)
self.assertTrue(vm.network_profile.network_interfaces[0].primary)
def create_vm_from_marketplace(self, compute_management_client,
image_offer, image_publisher, image_sku,
image_version, disk_type, vm_credentials,
computer_name, group_name, nic_id, region,
vm_name, tags, vm_size, purchase_plan,
cancellation_context):
"""
:param vm_size: (str) Azure instance type
:param compute_management_client: azure.mgmt.compute.ComputeManagementClient instance
:param image_offer: (str) image offer
:param image_publisher: (str) image publisher
:param image_sku: (str) image SKU
:param image_version: (str) image version
:param str disk_type: Disk type (HDD/SDD)
:param vm_credentials: cloudshell.cp.azure.models.vm_credentials.VMCredentials instance
:param computer_name: computer name
:param group_name: Azure resource group name (reservation id)
:param nic_id: Azure network id
:param region: Azure region
:param vm_name: name for VM
:param tags: Azure tags
:param purchase_plan: PurchasePlan
:param cancellation_context cloudshell.shell.core.driver_context.CancellationContext instance
:rtype: azure.mgmt.compute.models.VirtualMachine
"""
os_profile = self._prepare_os_profile(vm_credentials=vm_credentials,
computer_name=computer_name)
hardware_profile = HardwareProfile(vm_size=vm_size)
network_profile = NetworkProfile(
network_interfaces=[NetworkInterfaceReference(id=nic_id)])
storage_profile = StorageProfile(
os_disk=self._prepare_os_disk(disk_type),
image_reference=ImageReference(publisher=image_publisher,
offer=image_offer,
sku=image_sku,
version=image_version))
vm_plan = None
if purchase_plan is not None:
vm_plan = Plan(name=purchase_plan.name,
publisher=purchase_plan.publisher,
product=purchase_plan.product)
return self._create_vm(
compute_management_client=compute_management_client,
region=region,
group_name=group_name,
vm_name=vm_name,
hardware_profile=hardware_profile,
network_profile=network_profile,
os_profile=os_profile,
storage_profile=storage_profile,
cancellation_context=cancellation_context,
tags=tags,
vm_plan=vm_plan)
def test_update_nics_on_vm(self, client_mock, mock_vm_set, mock_vm_get):
#pylint: disable=line-too-long
existing_nic_name = 'existing_nic'
existing_nic_id = '/subscriptions/123/resourceGroups/rg1/providers/Microsoft.Network/networkInterfaces/' + existing_nic_name
existing_nic = NetworkInterfaceReference(existing_nic_id, True)
existing_nic_name2 = 'existing_nic2'
existing_nic_id2 = '/subscriptions/123/resourceGroups/rg1/providers/Microsoft.Network/networkInterfaces/' + existing_nic_name2
existing_nic2 = NetworkInterfaceReference(existing_nic_id2, False)
new_nic_name = 'existing_nic3'
new_nic_id = '/subscriptions/123/resourceGroups/rg1/providers/Microsoft.Network/networkInterfaces/' + new_nic_name
new_nic = NetworkInterfaceReference(new_nic_id, False)
#stub to get the vm
vm = FakedVM([existing_nic, existing_nic2])
mock_vm_get.return_value = vm
#stub to return nic on 'get'
network_client_fake = mock.MagicMock()
network_client_fake.network_interfaces.get.side_effect = [
existing_nic2, new_nic
]
client_mock.return_value = network_client_fake
#execute
vm_update_nics('rg1', 'vm1', [], [existing_nic_name2, new_nic_name],
new_nic_id)
#assert
self.assertTrue(mock_vm_get.called)
mock_vm_set.assert_called_once_with(vm)
self.assertEqual(network_client_fake.network_interfaces.get.call_count,
2)
self.assertEqual(len(vm.network_profile.network_interfaces), 2)
self.assertEqual(vm.network_profile.network_interfaces[0].id,
existing_nic_id2)
self.assertEqual(vm.network_profile.network_interfaces[1].id,
new_nic_id)
self.assertFalse(vm.network_profile.network_interfaces[0].primary)
self.assertTrue(vm.network_profile.network_interfaces[1].primary)
def create_vm_from_custom_image(self, compute_management_client,
image_name, image_resource_group,
disk_type, vm_credentials, computer_name,
group_name, nic_id, region, vm_name, tags,
vm_size, cancellation_context):
"""Create VM from custom image URN
:param cancellation_context:
:param str vm_size: Azure instance type
:param azure.mgmt.compute.ComputeManagementClient compute_management_client: instance
:param str image_name: Azure custom image name
:param str image_resource_group: Azure resource group
:param str disk_type: Disk type (HDD/SDD)
:param cloudshell.cp.azure.models.vm_credentials.VMCredentials vm_credentials:
:param str computer_name: computer name
:param str group_name: Azure resource group name (reservation id)
:param str nic_id: Azure network id
:param str region: Azure region
:param str vm_name: name for VM
:param tags: Azure tags
:return:
:rtype: azure.mgmt.compute.models.VirtualMachine
"""
os_profile = self._prepare_os_profile(vm_credentials=vm_credentials,
computer_name=computer_name)
hardware_profile = HardwareProfile(vm_size=vm_size)
network_profile = NetworkProfile(
network_interfaces=[NetworkInterfaceReference(id=nic_id)])
image = compute_management_client.images.get(
resource_group_name=image_resource_group, image_name=image_name)
storage_profile = StorageProfile(
os_disk=self._prepare_os_disk(disk_type),
image_reference=ImageReference(id=image.id))
return self._create_vm(
compute_management_client=compute_management_client,
region=region,
group_name=group_name,
vm_name=vm_name,
hardware_profile=hardware_profile,
network_profile=network_profile,
os_profile=os_profile,
storage_profile=storage_profile,
cancellation_context=cancellation_context,
tags=tags)
def test_remediate_success(self):
compute_client = Mock()
nw_profile = NetworkProfile(network_interfaces=[
NetworkInterfaceReference(
id=
"/subscriptions/subscription_id/resourceGroups/resource_group/providers/Microsoft.Network"
"/networkInterfaces/vm_nameVMNic ")
])
compute_client.virtual_machines.get.return_value = VirtualMachine(
id=
"/subscriptions/subscription_id/resourceGroups/resource_group/providers/Microsoft.Compute"
"/virtualMachines/vm_name",
location="eastus",
network_profile=nw_profile,
)
nw_client = Mock()
nw_client.network_interfaces.get.return_value = NetworkInterface(
id=
"/subscriptions/subscription_id/resourceGroups/resource_group/providers/Microsoft.Network"
"/networkInterfaces/vm_nameVMNic",
network_security_group=NetworkSecurityGroup(
id=
"/subscriptions/subscription_id/resourceGroups/resource_name/providers/Microsoft.Network"
"/networkSecurityGroups/vm_nameNSG "),
)
nw_client.network_security_groups.get.return_value = NetworkSecurityGroup(
id=
"/subscriptions/subscription_id/resourceGroups/resource_name/providers/Microsoft.Network"
"/networkSecurityGroups/vm_nameNSG",
security_rules=[
SecurityRule(
protocol="All",
access="Allow",
direction="Inbound",
source_address_prefix="*",
destination_port_ranges=["22", "3389"],
),
SecurityRule(
protocol="All",
access="Allow",
direction="Inbound",
source_address_prefix="*",
destination_port_ranges=["20-30", "3389"],
),
SecurityRule(
protocol="All",
access="Allow",
direction="Inbound",
source_address_prefix="*",
destination_port_range="22",
),
],
)
action = VMSecurityGroupClosePort22()
assert (action.remediate(compute_client, nw_client, "resource_name",
"vm_name") == 0)
assert nw_client.network_security_groups.create_or_update.call_count == 1
call_args = nw_client.network_security_groups.create_or_update.call_args
updated_sg = call_args.args[2]
security_rules = updated_sg.security_rules
assert len(security_rules) == 2
assert security_rules[0].destination_port_ranges == ["3389"]
assert security_rules[1].destination_port_ranges == [
"20-21", "23-30", "3389"
]
def create_virtual_machine(self, credentials, network_client, network_id,
parameters, vm_network_name):
""" Creates an Azure virtual machine using the network interface created.
Args:
credentials: A ServicePrincipalCredentials instance, that can be used to
access or create any resources.
network_client: A NetworkManagementClient instance.
network_id: The network id of the network interface created.
parameters: A dict, containing all the parameters necessary to
authenticate this user with Azure.
vm_network_name: The name of the virtual machine to use.
"""
resource_group = parameters[self.PARAM_RESOURCE_GROUP]
storage_account = parameters[self.PARAM_STORAGE_ACCOUNT]
zone = parameters[self.PARAM_ZONE]
utils.log("Creating a Virtual Machine '{}'".format(vm_network_name))
subscription_id = str(parameters[self.PARAM_SUBSCRIBER_ID])
azure_instance_type = parameters[self.PARAM_INSTANCE_TYPE]
compute_client = ComputeManagementClient(credentials, subscription_id)
auth_keys_path = self.AUTHORIZED_KEYS_FILE.format(self.ADMIN_USERNAME)
with open(auth_keys_path, 'r') as pub_ssh_key_fd:
pub_ssh_key = pub_ssh_key_fd.read()
public_keys = [SshPublicKey(path=auth_keys_path, key_data=pub_ssh_key)]
ssh_config = SshConfiguration(public_keys=public_keys)
linux_config = LinuxConfiguration(disable_password_authentication=True,
ssh=ssh_config)
os_profile = OSProfile(admin_username=self.ADMIN_USERNAME,
computer_name=vm_network_name,
linux_configuration=linux_config)
hardware_profile = HardwareProfile(vm_size=azure_instance_type)
network_profile = NetworkProfile(
network_interfaces=[NetworkInterfaceReference(id=network_id)])
virtual_hd = VirtualHardDisk(
uri='https://{0}.blob.core.windows.net/vhds/{1}.vhd'.
format(storage_account, vm_network_name))
image_hd = VirtualHardDisk(uri=parameters[self.PARAM_IMAGE_ID])
os_type = OperatingSystemTypes.linux
os_disk = OSDisk(os_type=os_type, caching=CachingTypes.read_write,
create_option=DiskCreateOptionTypes.from_image,
name=vm_network_name, vhd=virtual_hd, image=image_hd)
compute_client.virtual_machines.create_or_update(
resource_group, vm_network_name, VirtualMachine(
location=zone, os_profile=os_profile,
hardware_profile=hardware_profile,
network_profile=network_profile,
storage_profile=StorageProfile(os_disk=os_disk)))
# Sleep until an IP address gets associated with the VM.
while True:
public_ip_address = network_client.public_ip_addresses.get(resource_group,
vm_network_name)
if public_ip_address.ip_address:
utils.log('Azure VM is available at {}'.
format(public_ip_address.ip_address))
break
utils.log("Waiting {} second(s) for IP address to be available".
format(self.SLEEP_TIME))
time.sleep(self.SLEEP_TIME)
def request_instance(call=None, kwargs=None): # pylint: disable=unused-argument
'''
Request that Azure spin up a new instance
'''
global compconn # pylint: disable=global-statement,invalid-name
if not compconn:
compconn = get_conn()
vm_ = kwargs
if vm_.get('driver') is None:
vm_['driver'] = 'azurearm'
if vm_.get('location') is None:
vm_['location'] = get_location()
if vm_.get('resource_group') is None:
vm_['resource_group'] = config.get_cloud_config_value(
'resource_group', vm_, __opts__, search_global=True)
if vm_.get('name') is None:
vm_['name'] = config.get_cloud_config_value('name',
vm_,
__opts__,
search_global=True)
os_kwargs = {}
userdata = None
userdata_file = config.get_cloud_config_value('userdata_file',
vm_,
__opts__,
search_global=False,
default=None)
if userdata_file is None:
userdata = config.get_cloud_config_value('userdata',
vm_,
__opts__,
search_global=False,
default=None)
else:
if os.path.exists(userdata_file):
with salt.utils.fopen(userdata_file, 'r') as fh_:
userdata = fh_.read()
if userdata is not None:
os_kwargs['custom_data'] = base64.b64encode(userdata)
iface_data = create_interface(kwargs=vm_)
vm_['iface_id'] = iface_data['id']
disk_name = '{0}-vol0'.format(vm_['name'])
vm_username = config.get_cloud_config_value(
'ssh_username',
vm_,
__opts__,
search_global=True,
default=config.get_cloud_config_value('win_username',
vm_,
__opts__,
search_global=True))
vm_password = config.get_cloud_config_value(
'ssh_password',
vm_,
__opts__,
search_global=True,
default=config.get_cloud_config_value('win_password',
vm_,
__opts__,
search_global=True))
win_installer = config.get_cloud_config_value('win_installer',
vm_,
__opts__,
search_global=True)
if vm_['image'].startswith('http'):
# https://{storage_account}.blob.core.windows.net/{path}/{vhd}
source_image = VirtualHardDisk(uri=vm_['image'])
img_ref = None
if win_installer:
os_type = 'Windows'
else:
os_type = 'Linux'
else:
img_pub, img_off, img_sku, img_ver = vm_['image'].split('|')
source_image = None
os_type = None
img_ref = ImageReference(
publisher=img_pub,
offer=img_off,
sku=img_sku,
version=img_ver,
)
params = VirtualMachine(
name=vm_['name'],
location=vm_['location'],
plan=None,
hardware_profile=HardwareProfile(vm_size=getattr(
VirtualMachineSizeTypes, vm_['size'].lower()), ),
storage_profile=StorageProfile(
os_disk=OSDisk(
caching=CachingTypes.none,
create_option=DiskCreateOptionTypes.from_image,
name=disk_name,
vhd=VirtualHardDisk(
uri='https://{0}.blob.core.windows.net/vhds/{1}.vhd'.
format(
vm_['storage_account'],
disk_name,
), ),
os_type=os_type,
image=source_image,
),
image_reference=img_ref,
),
os_profile=OSProfile(admin_username=vm_username,
admin_password=vm_password,
computer_name=vm_['name'],
**os_kwargs),
network_profile=NetworkProfile(network_interfaces=[
NetworkInterfaceReference(vm_['iface_id']),
], ),
)
poller = compconn.virtual_machines.create_or_update(
vm_['resource_group'], vm_['name'], params)
poller.wait()
try:
return show_instance(vm_['name'], call='action')
except CloudError:
return {}
def temp_vm():
# Generate random value to avoid duplicate resource group
hash = random.getrandbits(16)
# Defining vars
base_name = 'rescue' + str(hash)
storage_name = base_name
group_name = base_name
vm_name = base_name
vnet_name = base_name
subnet_name = base_name
nic_name = base_name
os_disk_name = base_name
pub_ip_name = base_name
computer_name = base_name
admin_username='******'
admin_password='******'
region = orig_vm_location
image_publisher = 'Canonical'
image_offer = 'UbuntuServer'
image_sku = '16.04.0-LTS'
image_version = 'latest'
# Helper function to create a network interface and vnet
def create_network_interface(network_client, region, group_name, interface_name,
network_name, subnet_name, ip_name):
result = network_client.virtual_networks.create_or_update(
group_name,
network_name,
VirtualNetwork(
location=region,
address_space=AddressSpace(
address_prefixes=[
'10.1.0.0/16',
],
),
subnets=[
Subnet(
name=subnet_name,
address_prefix='10.1.0.0/24',
),
],
),
)
print('Creating Virtual Network...')
result.wait() # async operation
subnet = network_client.subnets.get(group_name, network_name, subnet_name)
result = network_client.public_ip_addresses.create_or_update(
group_name,
ip_name,
PublicIPAddress(
location=region,
public_ip_allocation_method=IPAllocationMethod.dynamic,
idle_timeout_in_minutes=4,
),
)
print('Creating Subnet...')
result.wait() # async operation
# Creating Public IP
public_ip_address = network_client.public_ip_addresses.get(group_name, ip_name)
public_ip_id = public_ip_address.id
print('Creating Public IP...')
result.wait() # async operation
result = network_client.network_interfaces.create_or_update(
group_name,
interface_name,
NetworkInterface(
location=region,
ip_configurations=[
NetworkInterfaceIPConfiguration(
name='default',
private_ip_allocation_method=IPAllocationMethod.dynamic,
subnet=subnet,
public_ip_address=PublicIPAddress(
id=public_ip_id,
),
),
],
),
)
print('Creating Network Interface...')
result.wait() # async operation
network_interface = network_client.network_interfaces.get(
group_name,
interface_name,
)
return network_interface.id
# 1. Create a resource group
print('Creating resource group ' + base_name + '...')
result = res_client.resource_groups.create_or_update(
group_name,
ResourceGroup(
location=region,
),
)
# 2. Create a storage account
print('Creating storage group ' + base_name + '...')
result = storage_client.storage_accounts.create(
group_name,
storage_name,
StorageAccountCreateParameters(
location=region,
sku=Sku(SkuName.premium_lrs),
kind=Kind.storage,
),
)
result.result()
# 3. Create the network interface using a helper function (defined below)
nic_id = create_network_interface(
network_client,
region,
group_name,
nic_name,
vnet_name,
subnet_name,
pub_ip_name,
)
# 4. Create the virtual machine
print('Creating temporary VM ' + vm_name + '...')
result = compute_client.virtual_machines.create_or_update(
group_name,
vm_name,
VirtualMachine(
location=region,
os_profile=OSProfile(
admin_username=admin_username,
admin_password=admin_password,
computer_name=computer_name,
),
hardware_profile=HardwareProfile(
vm_size='Standard_DS1_v2'
),
network_profile=NetworkProfile(
network_interfaces=[
NetworkInterfaceReference(
id=nic_id,
),
],
),
storage_profile=StorageProfile(
os_disk=OSDisk(
caching=CachingTypes.none,
create_option=DiskCreateOptionTypes.from_image,
name=os_disk_name,
vhd=VirtualHardDisk(
uri='https://{0}.blob.core.windows.net/vhds/{1}.vhd'.format(
storage_name,
os_disk_name,
),
),
),
image_reference = ImageReference(
publisher=image_publisher,
offer=image_offer,
sku=image_sku,
version=image_version,
),
),
),
)
result.wait() # async operation
# Display the public ip address
# You can now connect to the machine using SSH
public_ip_address = network_client.public_ip_addresses.get(group_name, pub_ip_name)
print('\n' + vm_name + ' has started.')
print('VM\'s public IP is {}'.format(public_ip_address.ip_address))
print('SSH Username: '******'SSH Password ' + admin_password)
print('ssh ' + admin_username + '@' + public_ip_address.ip_address)
# The process of shutting down the VM, deleting it, then removing/attaching OS disk to the temp
def disk_attach():
# Delete VM
print('Deleting VM and freeing OS disk from ' + orig_vm_name)
print('OS Disk Location ' + orig_vm_os_disk)
result = compute_client.virtual_machines.delete(sys.argv[2], orig_vm_name)
result.wait()
# Ensures no lingering lease issues
time.sleep(5)
# Attach OS disk to temporary VM
print('Attaching original OS disk to {0}'.format(vm_name))
result = compute_client.virtual_machines.create_or_update(
group_name,
vm_name,
VirtualMachine(
location=orig_vm_location,
storage_profile=StorageProfile(
data_disks=[DataDisk(
lun=0,
caching=CachingTypes.none,
create_option=DiskCreateOptionTypes.attach,
name=orig_vm_name,
vhd=VirtualHardDisk(
uri=orig_vm_os_disk
)
)]
)
)
)
result.wait()
disk_attach()
def get_network(self, nic_id):
""" Get Network Object for given Network ID"""
return NetworkProfile(network_interfaces=[
NetworkInterfaceReference(id=str(nic_id), primary=True)
])