def keyring_present_type(**kwargs): """ Check if keyring exists on disk CLI Example: salt '*' sesceph.keyring_admin_save \\ '[mon.]\n\tkey = AQA/vZ9WyDwsKRAAxQ6wjGJH6WV8fDJeyzxHrg==\n\tcaps mon = \"allow *\"\n' \\ 'cluster_name'='ceph' \\ 'cluster_uuid'='cluster_uuid' Notes: cluster_uuid Set the cluster UUID. Defaults to value found in ceph config file. cluster_name Set the cluster name. Defaults to "ceph". keyring_type Set the keyring type """ keyring_type = kwargs.get("keyring_type") if (keyring_type is None): raise Error("keyring_type is None") m = model.model(**kwargs) u = mdl_updater.model_updater(m) u.hostname_refresh() try: u.defaults_refresh() except: pass keyobj = keyring.keyring_facard(m) keyobj.key_type = keyring_type return keyobj.present()
def auth_add(self, keyring_type): """ Authorise keyring """ keyringobj = keyring.keyring_facard(self.model) keyringobj.key_type = keyring_type if not keyringobj.present(): raise Error("rgw keyring not found") q = mdl_query.mdl_query(self.model) if q.mon_is() and q.mon_quorum() is False: raise Error("mon daemon is not in quorum") arguments = [ "ceph", "auth", "import", "-i", keyringobj.keyring_path_get() ] output = utils.execute_local_command(arguments) if output["retcode"] != 0: raise Error("Failed executing '%s' Error rc=%s, stdout=%s stderr=%s" % ( " ".join(arguments), output["retcode"], output["stdout"], output["stderr"]) ) return True
def connect(self): keyring_obj = keyring.keyring_facard(self.model) for keytype in ["admin", "osd", "mds", "rgw", "mon"]: log.debug("Trying keyring:%s" % (keytype)) keyring_obj.key_type = keytype keyring_path = keyring_obj.keyring_path_get() if not os.path.isfile(keyring_path): log.debug("Skipping keyring %s" % (keyring_path)) continue keyring_identity = keyring_obj.keyring_identity_get() arguments = [ constants._path_ceph, '--connect-timeout', '5', "--keyring", keyring_path, "--name", keyring_identity, "-f", "json-pretty", "status" ] output = utils.execute_local_command(arguments) if output["retcode"] != 0: continue self.model.cluster_status = json.loads(output["stdout"].strip()) self.keyring_type = keytype self.keyring_path = keyring_path self.keyring_identity = keyring_identity return True return False
def auth_del(self, **kwargs): """ Remove Authorised keyring """ keyringobj = keyring.keyring_facard(self.model) keyringobj.key_type = keyring_type q = mdl_query.mdl_query(self.model) if q.mon_is() and q.mon_quorum() is False: raise Error("mon daemon is not in quorum") arguments = ["ceph", "auth", "del", keyringobj.keyring_path_get()] cmd_out = utils.execute_local_command(arguments) return True
def keyring_purge_type(**kwargs): keyring_type = kwargs.get("keyring_type", None) if (keyring_type is None): raise Error("keyring_type is not set") m = model.model(**kwargs) u = mdl_updater.model_updater(m) u.hostname_refresh() u.defaults_refresh() u.load_confg(m.cluster_name) u.mon_members_refresh() keyobj = keyring.keyring_facard(m) keyobj.key_type = keyring_type return keyobj.remove()
def auth_remove(self): keyobj = keyring.keyring_facard(self.model) for keytype in ["mds", "rgw", "osd", "mon", "admin"]: try: keyobj.key_type = keytype except ValueError, E: log.warning(E) continue if keyobj.present() is False: log.info("Already removed '%s' keyring" % (keytype)) continue log.info("Removing '%s' keyring" % (keytype)) keyobj.remove()
def keyring_create_type(**kwargs): keyring_type = kwargs.get("keyring_type") if (keyring_type is None): raise Error("keyring_type is None") secret = kwargs.get("secret") m = model.model(**kwargs) u = mdl_updater.model_updater(m) u.hostname_refresh() u.defaults_refresh() u.load_confg(m.cluster_name) u.mon_members_refresh() keyobj = keyring.keyring_facard(m) keyobj.key_type = keyring_type return keyobj.create(secret=secret)
def auth_del(self, **kwargs): """ Remove Authorised keyring """ keyringobj = keyring.keyring_facard(self.model) keyringobj.key_type = keyring_type q = mdl_query.mdl_query(self.model) if q.mon_is() and q.mon_quorum() is False: raise Error("mon daemon is not in quorum") arguments = [ "ceph", "auth", "del", keyringobj.keyring_path_get() ] cmd_out = utils.execute_local_command(arguments) return True
def auth_add(self, keyring_type): """ Authorise keyring """ keyringobj = keyring.keyring_facard(self.model) keyringobj.key_type = keyring_type if not keyringobj.present(): raise Error("rgw keyring not found") q = mdl_query.mdl_query(self.model) if q.mon_is() and q.mon_quorum() is False: raise Error("mon daemon is not in quorum") arguments = [ "ceph", "auth", "import", "-i", keyringobj.keyring_path_get() ] cmd_out = utils.execute_local_command(arguments) return True
def keyring_save_type(**kwargs): keyring_type = kwargs.get("keyring_type") key_content = kwargs.get("key_content") secret = kwargs.get("secret") m = model.model(**kwargs) u = mdl_updater.model_updater(m) u.hostname_refresh() u.defaults_refresh() u.load_confg(m.cluster_name) u.mon_members_refresh() keyobj = keyring.keyring_facard(m) keyobj.key_type = keyring_type if secret is not None: utils.is_valid_base64(secret) return keyobj.write_secret(secret) if key_content is not None: return keyobj.write_content(key_content) raise Error("Set either the key_content or the key `secret`")
def keyring_rgw_auth_del(**kwargs): """ Write rgw keyring for cluster CLI Example: salt '*' sesceph.keyring_rgw_auth_del \ 'cluster_name'='ceph' \ 'cluster_uuid'='cluster_uuid' \ Notes: cluster_uuid Set the cluster UUID. Defaults to value found in ceph config file. cluster_name Set the cluster name. Defaults to "ceph". """ keyobj = keyring.keyring_facard() keyobj.key_type = "rgw" return keyobj.auth_del(**kwargs)
def keyring_mds_create(**kwargs): """ Create mds keyring for cluster CLI Example: salt '*' sesceph.keyring_mds_create 'cluster_name'='ceph' \ 'cluster_uuid'='cluster_uuid' \ Notes: cluster_uuid Set the cluster UUID. Defaults to value found in ceph config file. cluster_name Set the cluster name. Defaults to "ceph". """ keyobj = keyring.keyring_facard() keyobj.key_type = "mds" return keyobj.create(**kwargs)
def keyring_osd_purge(**kwargs): """ Write admin keyring for cluster CLI Example: salt '*' sesceph.keyring_osd_purge \ '[osd.]\n\tkey = AQA/vZ9WyDwsKRAAxQ6wjGJH6WV8fDJeyzxHrg==\n\tcaps osd = \"allow *\"\n' \ 'cluster_name'='ceph' \ 'cluster_uuid'='cluster_uuid' \ Notes: cluster_uuid Set the cluster UUID. Defaults to value found in ceph config file. cluster_name Set the cluster name. Defaults to "ceph". """ keyobj = keyring.keyring_facard() keyobj.key_type = "osd" return keyobj.remove(**kwargs)
def keyring_rgw_auth_add(**kwargs): """ Write rgw keyring for cluster CLI Example: salt '*' sesceph.keyring_rgw_auth_add \ '[rgw.]\n\tkey = AQA/vZ9WyDwsKRAAxQ6wjGJH6WV8fDJeyzxHrg==\n\tcaps rgw = \"allow *\"\n' \ 'cluster_name'='ceph' \ 'cluster_uuid'='cluster_uuid' \ Notes: cluster_uuid Set the cluster UUID. Defaults to value found in ceph config file. cluster_name Set the cluster name. Defaults to "ceph". """ keyobj = keyring.keyring_facard() keyobj.key_type = "rgw" return keyobj.auth_add(**kwargs)
def keyring_mon_save(key_content, **kwargs): """ Write admin keyring for cluster CLI Example: salt '*' sesceph.keyring_mon_save \ '[mon.]\n\tkey = AQA/vZ9WyDwsKRAAxQ6wjGJH6WV8fDJeyzxHrg==\n\tcaps mon = \"allow *\"\n' \ 'cluster_name'='ceph' \ 'cluster_uuid'='cluster_uuid' \ Notes: cluster_uuid Set the cluster UUID. Defaults to value found in ceph config file. cluster_name Set the cluster name. Defaults to "ceph". """ keyobj = keyring.keyring_facard() keyobj.key_type = "mon" return keyobj.write(key_content, **kwargs)
def keyring_auth_del_type(**kwargs): """ Write rgw keyring for cluster CLI Example: salt '*' sesceph.keyring_mds_auth_del \\ 'cluster_name'='ceph' \\ 'cluster_uuid'='cluster_uuid' Notes: cluster_uuid Set the cluster UUID. Defaults to value found in ceph config file. cluster_name Set the cluster name. Defaults to "ceph". """ keyring_type = kwargs.get("keyring_type") if (keyring_type is None): raise Error("keyring_type is None") if (keyring_type in set(["mon","admin"])): raise Error("keyring_type is %s" % (keyring_type)) m = model.model(**kwargs) u = mdl_updater.model_updater(m) u.hostname_refresh() u.defaults_refresh() u.load_confg(m.cluster_name) u.mon_members_refresh() q = mdl_query.mdl_query(m) if q.mon_is(): u.mon_status() keyobj = keyring.keyring_facard(m) keyobj.key_type = keyring_type if not keyobj.present(): raise Error("keyring not present") mur = mdl_updater_remote.model_updater_remote(m) can_connect = mur.connect() if not can_connect: raise Error("Cant connect to cluster.") return mur.auth_del(keyring_type)
def keyring_auth_del_type(**kwargs): """ Write rgw keyring for cluster CLI Example: salt '*' sesceph.keyring_mds_auth_del \\ 'cluster_name'='ceph' \\ 'cluster_uuid'='cluster_uuid' Notes: cluster_uuid Set the cluster UUID. Defaults to value found in ceph config file. cluster_name Set the cluster name. Defaults to "ceph". """ keyring_type = kwargs.get("keyring_type") if (keyring_type is None): raise Error("keyring_type is None") if (keyring_type in set(["mon", "admin"])): raise Error("keyring_type is %s" % (keyring_type)) m = model.model(**kwargs) u = mdl_updater.model_updater(m) u.hostname_refresh() u.defaults_refresh() u.load_confg(m.cluster_name) u.mon_members_refresh() q = mdl_query.mdl_query(m) if q.mon_is(): u.mon_status() keyobj = keyring.keyring_facard(m) keyobj.key_type = keyring_type if not keyobj.present(): raise Error("keyring not present") mur = mdl_updater_remote.model_updater_remote(m) can_connect = mur.connect() if not can_connect: raise Error("Cant connect to cluster.") return mur.auth_del(keyring_type)
def keyring_rgw_purge(**kwargs): """ Delete rgw keyring for cluster CLI Example: salt '*' sesceph.keyring_rgw_purge \ '[rgw.]\n\tkey = AQA/vZ9WyDwsKRAAxQ6wjGJH6WV8fDJeyzxHrg==\n\tcaps rgw = \"allow *\"\n' \ 'cluster_name'='ceph' \ 'cluster_uuid'='cluster_uuid' \ Notes: cluster_uuid Set the cluster UUID. Defaults to value found in ceph config file. cluster_name Set the cluster name. Defaults to "ceph". If no ceph config file is found, this command will fail. """ keyobj = keyring.keyring_facard() return keyobj.remove(**kwargs)
def keyring_rgw_save(key_content, **kwargs): """ Write rgw keyring for cluster CLI Example: salt '*' sesceph.keyring_rgw_save \ '[rgw.]\n\tkey = AQA/vZ9WyDwsKRAAxQ6wjGJH6WV8fDJeyzxHrg==\n\tcaps rgw = \"allow *\"\n' \ 'cluster_name'='ceph' \ 'cluster_uuid'='cluster_uuid' \ Notes: cluster_uuid Set the cluster UUID. Defaults to value found in ceph config file. cluster_name Set the cluster name. Defaults to "ceph". If the value is set, it will not be changed untill the keyring is deleted. """ keyobj = keyring.keyring_facard() keyobj.key_type = "rgw" return keyobj.write(key_content, **kwargs)
def keyring_auth_add_type(**kwargs): keyring_type = kwargs.get("keyring_type") if (keyring_type is None): raise Error("keyring_type is None") if (keyring_type in set(["mon","admin"])): raise Error("keyring_type is %s" % (keyring_type)) m = model.model(**kwargs) u = mdl_updater.model_updater(m) u.hostname_refresh() u.defaults_refresh() u.load_confg(m.cluster_name) u.mon_members_refresh() q = mdl_query.mdl_query(m) if q.mon_is(): u.mon_status() keyobj = keyring.keyring_facard(m) keyobj.key_type = keyring_type if not keyobj.present(): raise Error("keyring not present") mur = mdl_updater_remote.model_updater_remote(m) can_connect = mur.connect() if not can_connect: raise Error("Cant connect to cluster.") return mur.auth_add(keyring_type)
def keyring_auth_add_type(**kwargs): keyring_type = kwargs.get("keyring_type") if (keyring_type is None): raise Error("keyring_type is None") if (keyring_type in set(["mon", "admin"])): raise Error("keyring_type is %s" % (keyring_type)) m = model.model(**kwargs) u = mdl_updater.model_updater(m) u.hostname_refresh() u.defaults_refresh() u.load_confg(m.cluster_name) u.mon_members_refresh() q = mdl_query.mdl_query(m) if q.mon_is(): u.mon_status() keyobj = keyring.keyring_facard(m) keyobj.key_type = keyring_type if not keyobj.present(): raise Error("keyring not present") mur = mdl_updater_remote.model_updater_remote(m) can_connect = mur.connect() if not can_connect: raise Error("Cant connect to cluster.") return mur.auth_add(keyring_type)