def install_vm(session, urlvhdbz2, sruuid, vmname='CoreOs-%d' % (random.randint(0, 1000)), templatename='CoreOS'): # devmode only log.info("install_vm from url %s to sr %s" % (urlvhdbz2, sruuid)) atempfile = tempfile.mkstemp(suffix='.vhd.bz2')[1] atempfileunpacked = atempfile.replace('.bz2', '') # @todo: pipe instead, so the file never actually touches Dom0 cmd = ['curl', '-o', atempfile, urlvhdbz2] util.runlocal(cmd) try: cmd = ['bzip2', '-d', atempfile] util.runlocal(cmd) vdiref = api_helper.import_disk(session, sruuid, atempfileunpacked, 'vhd', 'Disk') finally: if os.path.exists(atempfile): os.remove(atempfile) if os.path.exists(atempfileunpacked): os.remove(atempfileunpacked) templateref = session.xenapi.VM.get_by_name_label(templatename)[0] vmref = session.xenapi.VM.clone(templateref, vmname) vmuuid = session.xenapi.VM.get_record(vmref)['uuid'] log.info("install_vm created vm %s" % (vmuuid)) remove_disks_in_vm_provisioning(session, vmref) session.xenapi.VM.provision(vmref) api_helper.create_vbd(session, vmref, vdiref, 'rw', True) setup_network_on_lowest_pif(session, vmref) return vmuuid
def create_config_drive_iso(session, userdata_template, vmuuid): log.info("create_config_drive_iso for vm %s" % (vmuuid)) umountrequired = False temptoolsisodir = None userdatafile = None latestfolder = None openstackfolder = None agentfilepaths = [] agentpath = None tempisodir = None try: tempisodir = tempfile.mkdtemp() tempisofile = tempfile.mkstemp()[1] # add the userdata-file openstackfolder = os.path.join(tempisodir, 'openstack') latestfolder = os.path.join(openstackfolder, 'latest') os.makedirs(latestfolder) userdatafile = os.path.join(latestfolder, 'user_data') userdatatemplatefile = "%s.template" % userdatafile template_data = get_template_data(session, vmuuid) userdata = customize_userdata(userdata_template, template_data) util.write_file(userdatafile, userdata) util.write_file(userdatatemplatefile, userdata_template) log.debug("Userdata: %s" % (userdata)) # Also add the Linux guest agent temptoolsisodir = tempfile.mkdtemp() tools_iso_path = find_latest_tools_iso_path() cmd = ['mount', '-o', 'loop', tools_iso_path, temptoolsisodir] util.runlocal(cmd) umountrequired = True agentpath = os.path.join(tempisodir, 'agent') os.makedirs(agentpath) agentfiles = [ 'xe-daemon', 'xe-linux-distribution', 'xe-linux-distribution.service', 'xen-vcpu-hotplug.rules', 'install.sh', 'versions.deb', 'versions.rpm', "versions.tgz" ] for filename in agentfiles: path = os.path.join(temptoolsisodir, 'Linux', filename) shutil.copy(path, agentpath) agentfilepaths.append(os.path.join(agentpath, filename)) # Finally wrap up the iso util.make_iso('config-2', tempisodir, tempisofile) finally: # And tidy if umountrequired: cmd = ['umount', temptoolsisodir] util.runlocal(cmd) for path in [temptoolsisodir, userdatafile, userdatatemplatefile, latestfolder, openstackfolder] + agentfilepaths + \ [agentpath, tempisodir]: if path is not None: if os.path.isdir(path): os.rmdir(path) elif os.path.isfile(path): os.remove(path) else: log.debug("create_config_drive_iso: Not tidying %s because" " it could not be found" % (path)) return tempisofile
def create_config_drive_iso(session, userdata_template, vmuuid): log.info("create_config_drive_iso for vm %s" % (vmuuid)) umountrequired = False temptoolsisodir = None userdatafile = None latestfolder = None openstackfolder = None agentfilepaths = [] agentpath = None tempisodir = None try: tempisodir = tempfile.mkdtemp() tempisofile = tempfile.mkstemp()[1] # add the userdata-file openstackfolder = os.path.join(tempisodir, 'openstack') latestfolder = os.path.join(openstackfolder, 'latest') os.makedirs(latestfolder) userdatafile = os.path.join(latestfolder, 'user_data') userdatatemplatefile = "%s.template" % userdatafile template_data = get_template_data(session, vmuuid) userdata = customize_userdata(userdata_template, template_data) util.write_file(userdatafile, userdata) util.write_file(userdatatemplatefile, userdata_template) log.debug("Userdata: %s" % (userdata)) # Also add the Linux guest agent temptoolsisodir = tempfile.mkdtemp() tools_iso_path = find_latest_tools_iso_path() cmd = ['mount', '-o', 'loop', tools_iso_path, temptoolsisodir] util.runlocal(cmd) umountrequired = True agentpath = os.path.join(tempisodir, 'agent') os.makedirs(agentpath) agentfiles = ['xe-daemon', 'xe-linux-distribution', 'xe-linux-distribution.service', 'xen-vcpu-hotplug.rules', 'install.sh', 'versions.deb', 'versions.rpm', "versions.tgz"] for filename in agentfiles: path = os.path.join(temptoolsisodir, 'Linux', filename) shutil.copy(path, agentpath) agentfilepaths.append(os.path.join(agentpath, filename)) # Finally wrap up the iso util.make_iso('config-2', tempisodir, tempisofile) finally: # And tidy if umountrequired: cmd = ['umount', temptoolsisodir] util.runlocal(cmd) for path in [temptoolsisodir, userdatafile, userdatatemplatefile, latestfolder, openstackfolder] + agentfilepaths + \ [agentpath, tempisodir]: if path is not None: if os.path.isdir(path): os.rmdir(path) elif os.path.isfile(path): os.remove(path) else: log.debug("create_config_drive_iso: Not tidying %s because" " it could not be found" % (path)) return tempisofile
def export_disk(session, vdiuuid): log.info("export_disk vdi %s" % (vdiuuid)) filename = tempfile.mkstemp(suffix='.raw')[1] cmd = ['curl', '-L', '-k', '-o', filename, 'https://localhost/export_raw_vdi?session_id=%s&vdi=%s&format=raw' % (session.handle, vdiuuid)] util.runlocal(cmd) return filename
def export_disk(session, vdiuuid): log.info("export_disk vdi %s" % (vdiuuid)) filename = tempfile.mkstemp(suffix='.raw')[1] cmd = ['curl', '-k', '-o', filename, 'https://localhost/export_raw_vdi?session_id=%s&vdi=%s&format=raw' % (session.handle, vdiuuid)] util.runlocal(cmd) return filename
def _generate_ca(parent_path): util.runlocal(['openssl', 'genrsa', '-out', os.path.join(parent_path, 'ca-key.pem'), '4096']) # ToDo: we may want to ask the user for his organisation? util.runlocal(['openssl', 'req', '-new', '-x509', '-sha256', '-days', "%d" % (CERTIFICATE_DAYSTOBEVALID), '-key', os.path.join(parent_path, 'ca-key.pem'), '-out', os.path.join(parent_path, 'ca.pem'), '-subj', '/O=%s.xscontainer/' % socket.gethostname()])
def import_disk(session, sruuid, filename, fileformat, namelabel, other_config_keys={}): log.info("import_disk file %s on sr %s" % (filename, sruuid)) targetsr = session.xenapi.SR.get_by_uuid(sruuid) sizeinb = None if fileformat == "vhd": cmd = ['vhd-util', 'query', '-n', filename, '-v'] sizeinmb = util.runlocal(cmd)[1] sizeinb = int(sizeinmb) * 1024 * 1024 elif fileformat == "raw": sizeinb = os.path.getsize(filename) # Workaround: can't otherwise import disks that aren't aligned to 2MB newsizeinb = sizeinb + \ ((2 * 1024 * 1024) - sizeinb % (2 * 1024 * 1024)) if sizeinb < newsizeinb: log.info('Resizing raw disk from size %d to %d' % (sizeinb, newsizeinb)) filehandle = open(filename, "r+b") filehandle.seek(newsizeinb - 1) filehandle.write("\0") filehandle.close() sizeinb = os.path.getsize(filename) else: raise Exception('Invalid fileformat: %s ' % fileformat) log.info("Preparing vdi of size %d" % (sizeinb)) vdiconf = { 'SR': targetsr, 'virtual_size': str(sizeinb), 'type': 'system', 'sharable': False, 'read_only': False, 'other_config': {}, 'name_label': namelabel } vdiref = session.xenapi.VDI.create(vdiconf) other_config = session.xenapi.VDI.get_other_config(vdiref) for key, value in other_config_keys.iteritems(): other_config[key] = value session.xenapi.VDI.set_other_config(vdiref, other_config) vdiuuid = session.xenapi.VDI.get_record(vdiref)['uuid'] cmd = [ 'curl', '-k', '--upload', filename, 'https://localhost/import_raw_vdi?session_id=%s&vdi=%s&format=%s' % (session.handle, vdiuuid, fileformat) ] util.runlocal(cmd) return vdiref
def _generate_ca(parent_path): util.runlocal([ 'openssl', 'genrsa', '-out', os.path.join(parent_path, 'ca-key.pem'), '4096' ]) # ToDo: we may want to ask the user for his organisation? util.runlocal([ 'openssl', 'req', '-new', '-x509', '-sha256', '-days', "%d" % (CERTIFICATE_DAYSTOBEVALID), '-key', os.path.join(parent_path, 'ca-key.pem'), '-out', os.path.join(parent_path, 'ca.pem'), '-subj', '/O=%s.xscontainer/' % socket.gethostname() ])
def import_disk(session, sruuid, filename, fileformat, namelabel, other_config_keys={}): log.info("import_disk file %s on sr %s" % (filename, sruuid)) targetsr = session.xenapi.SR.get_by_uuid(sruuid) sizeinb = None if fileformat == "vhd": cmd = ['vhd-util', 'query', '-n', filename, '-v'] sizeinmb = util.runlocal(cmd)[1] sizeinb = int(sizeinmb) * 1024 * 1024 elif fileformat == "raw": sizeinb = os.path.getsize(filename) # Workaround: can't otherwise import disks that aren't aligned to 2MB newsizeinb = sizeinb + \ ((2 * 1024 * 1024) - sizeinb % (2 * 1024 * 1024)) if sizeinb < newsizeinb: log.info('Resizing raw disk from size %d to %d' % (sizeinb, newsizeinb)) filehandle = open(filename, "r+b") filehandle.seek(newsizeinb - 1) filehandle.write("\0") filehandle.close() sizeinb = os.path.getsize(filename) else: raise Exception('Invalid fileformat: %s ' % fileformat) log.info("Preparing vdi of size %d" % (sizeinb)) vdiconf = {'SR': targetsr, 'virtual_size': str(sizeinb), 'type': 'system', 'sharable': False, 'read_only': False, 'other_config': {}, 'name_label': namelabel} vdiref = session.xenapi.VDI.create(vdiconf) other_config = session.xenapi.VDI.get_other_config(vdiref) for key, value in other_config_keys.iteritems(): other_config[key] = value session.xenapi.VDI.set_other_config(vdiref, other_config) vdiuuid = session.xenapi.VDI.get_record(vdiref)['uuid'] cmd = ['curl', '-k', '--upload', filename, 'https://localhost/import_raw_vdi?session_id=%s&vdi=%s&format=%s' % (session.handle, vdiuuid, fileformat)] util.runlocal(cmd) return vdiref
def get_config_drive_configuration(session, vdiuuid): log.info("get_config_drive_configuration from vdi %s" % (vdiuuid)) tempdir = None umountrequired = False filename = api_helper.export_disk(session, vdiuuid) try: tempdir = tempfile.mkdtemp() cmd = ['mount', '-o', 'loop', '-t', 'iso9660', filename, tempdir] util.runlocal(cmd) umountrequired = True userdatapath_template = os.path.join(tempdir, 'openstack', 'latest', 'user_data.template') content = util.read_file(userdatapath_template) finally: os.remove(filename) if umountrequired: cmd = ['umount', tempdir] util.runlocal(cmd) if tempdir: os.rmdir(tempdir) return content
def get_config_drive_configuration(session, vdiuuid): log.info("get_config_drive_configuration from vdi %s" % (vdiuuid)) tempdir = None umountrequired = False filename = api_helper.export_disk(session, vdiuuid) try: tempdir = tempfile.mkdtemp() cmd = ['mount', '-o', 'loop', '-t', 'iso9660', filename, tempdir] util.runlocal(cmd) umountrequired = True userdatapath_template = os.path.join( tempdir, 'openstack', 'latest', 'user_data.template') content = util.read_file(userdatapath_template) finally: os.remove(filename) if umountrequired: cmd = ['umount', tempdir] util.runlocal(cmd) if tempdir: os.rmdir(tempdir) return content
def _generate_client(parent_path): prefix = os.path.join(parent_path, "client") os.makedirs(prefix) util.runlocal( ['openssl', 'genrsa', '-out', os.path.join(prefix, 'key.pem'), '4096']) try: util.runlocal([ 'openssl', 'req', '-subj', '/CN=client', '-new', '-key', os.path.join(prefix, 'key.pem'), '-out', os.path.join(prefix, 'client.csr') ]) util.write_file(os.path.join(prefix, './extfile.cnf'), 'extendedKeyUsage = clientAuth') util.runlocal([ 'openssl', 'x509', '-req', '-sha256', '-days', "%d" % (CERTIFICATE_DAYSTOBEVALID), '-in', os.path.join(prefix, 'client.csr'), '-CA', os.path.join(parent_path, 'ca.pem'), '-CAkey', os.path.join(parent_path, 'ca-key.pem'), '-CAcreateserial', '-out', os.path.join(prefix, 'cert.pem'), '-extfile', os.path.join(prefix, 'extfile.cnf') ]) finally: _delete_if_exists(prefix, ['extfile.cnf', 'client.csr']) shutil.copyfile(os.path.join(parent_path, 'ca.pem'), os.path.join(prefix, 'ca.pem'))
def _generate_server(parent_path, ips): prefix = os.path.join(parent_path, "server") os.makedirs(prefix) util.runlocal(['openssl', 'genrsa', '-out', os.path.join(prefix, 'server-key.pem'), '4096']) # hostname is ignored as XS will connect using the IPs hostname = "_ignored_" util.runlocal(['openssl', 'req', '-subj', '/CN=%s' % (hostname), '-days', "%d" % (CERTIFICATE_DAYSTOBEVALID), '-sha256', '-new', '-key', os.path.join( prefix, 'server-key.pem'), '-out', os.path.join(prefix, 'server.csr')]) ipstring = "" for ip in ips: ipstring = ipstring + "IP:" + ip + "," # remove trailing comma ipstring = ipstring[:-1] try: util.write_file( os.path.join(prefix, './extfile.cnf'), 'subjectAltName = ' + (ipstring)) util.runlocal(['openssl', 'x509', '-req', '-sha256', '-in', os.path.join(prefix, 'server.csr'), '-CA', os.path.join(parent_path, 'ca.pem'), '-CAkey', os.path.join(parent_path, 'ca-key.pem'), '-CAcreateserial', '-out', os.path.join(prefix, 'server-cert.pem'), '-extfile', os.path.join(prefix, 'extfile.cnf')]) finally: _delete_if_exists(prefix, ['extfile.cnf', 'server.csr']) _delete_if_exists(parent_path, ['ca.srl']) shutil.copyfile( os.path.join(parent_path, 'ca.pem'), os.path.join(prefix, 'ca.pem'))
def _generate_client(parent_path): prefix = os.path.join(parent_path, "client") os.makedirs(prefix) util.runlocal(['openssl', 'genrsa', '-out', os.path.join(prefix, 'key.pem'), '4096']) try: util.runlocal(['openssl', 'req', '-subj', '/CN=client', '-new', '-key', os.path.join(prefix, 'key.pem'), '-out', os.path.join(prefix, 'client.csr')]) util.write_file(os.path.join(prefix, './extfile.cnf'), 'extendedKeyUsage = clientAuth') util.runlocal(['openssl', 'x509', '-req', '-sha256', '-days', "%d" % (CERTIFICATE_DAYSTOBEVALID), '-in', os.path.join(prefix, 'client.csr'), '-CA', os.path.join(parent_path, 'ca.pem'), '-CAkey', os.path.join(parent_path, 'ca-key.pem'), '-CAcreateserial', '-out', os.path.join(prefix, 'cert.pem'), '-extfile', os.path.join(prefix, 'extfile.cnf')]) finally: _delete_if_exists(prefix, ['extfile.cnf', 'client.csr']) shutil.copyfile( os.path.join(parent_path, 'ca.pem'), os.path.join(prefix, 'ca.pem'))
def _generate_server(parent_path, ips): prefix = os.path.join(parent_path, "server") os.makedirs(prefix) util.runlocal([ 'openssl', 'genrsa', '-out', os.path.join(prefix, 'server-key.pem'), '4096' ]) # hostname is ignored as XS will connect using the IPs hostname = "_ignored_" util.runlocal([ 'openssl', 'req', '-subj', '/CN=%s' % (hostname), '-days', "%d" % (CERTIFICATE_DAYSTOBEVALID), '-sha256', '-new', '-key', os.path.join(prefix, 'server-key.pem'), '-out', os.path.join(prefix, 'server.csr') ]) ipstring = "" for ip in ips: ipstring = ipstring + "IP:" + ip + "," # remove trailing comma ipstring = ipstring[:-1] try: util.write_file(os.path.join(prefix, './extfile.cnf'), 'subjectAltName = ' + (ipstring)) util.runlocal([ 'openssl', 'x509', '-req', '-sha256', '-in', os.path.join(prefix, 'server.csr'), '-CA', os.path.join(parent_path, 'ca.pem'), '-CAkey', os.path.join(parent_path, 'ca-key.pem'), '-CAcreateserial', '-out', os.path.join(prefix, 'server-cert.pem'), '-extfile', os.path.join(prefix, 'extfile.cnf') ]) finally: _delete_if_exists(prefix, ['extfile.cnf', 'server.csr']) _delete_if_exists(parent_path, ['ca.srl']) shutil.copyfile(os.path.join(parent_path, 'ca.pem'), os.path.join(prefix, 'ca.pem'))