def delete_node(job): """ this method will be called from the node.zero-os to remove the node from zerotier """ from zerotier import client node = job.service.aysrepo.serviceGet(role='node', instance=job.model.args['node_name']) service = job.service token = service.model.data.zerotierToken netid = service.model.data.zerotierNetID zerotier = client.Client() zerotier.set_auth_header('bearer {}'.format(token)) resp = zerotier.network.listMembers(netid) members = resp.json() for member in members: if node.model.data.redisAddr in member['config']['ipAssignments']: try: zerotier.network.deleteMember(member['nodeId'], netid) except Exception as err: job.logger.error(str(err)) break
def bootstrap(job): from zerotier import client service = job.service token = service.model.data.zerotierToken netid = service.model.data.zerotierNetID zerotier = client.Client() zerotier.set_auth_header('bearer {}'.format(token)) resp = zerotier.network.listMembers(netid) members = resp.json() job.logger.info("Received %s members" % len(members)) # First make sure all members that need to be authorzed anyway, are authorized to_process = list() for member in members: if member['nodeId'] in service.model.data.authorizedZerotierMembers: if not member['config']['authorized']: job.logger.info("Authorizing %s" % member['nodeId']) member['config']['authorized'] = True zerotier.network.updateMember(member, member['nodeId'], netid) else: to_process.append(member) # In a second pass process all the others for member in to_process: try: try_authorize(job, job.logger, netid, member, zerotier) except Exception as err: job.logger.error(str(err)) member['config']['authorized'] = False zerotier.network.updateMember(member, member['nodeId'], netid)
def main(): token = 'xs9kKSrhHHqcgCqymjAxj9e69tktPDbJ' # fill it with your zerotier token # create client and set the authentication header client = ztclient.Client() client.set_auth_header("Bearer " + token) # print network status resp = client.status.getStatus() print("NETWORK STATUS \n", resp.text) # print name of first network networks = client.network.listNetworks().json() if len(networks) <= 0: return net1 = networks[0] print("network name = ", net1['config']['name']) # modify network name net1['config']['name'] = net1['config'][ 'name'][::-1] # reverse the network name print(client.network.updateNetwork(net1, net1['id'])) # get the modified network new_net = client.network.getNetwork(net1['id']).json() print("new network name=", new_net['config']['name'])
def zerotier_get(uri=None, data=None, params=None): authkey = get_authkey() client = ztclient.Client('http://127.0.0.1:9993') headers = {"X-ZT1-Auth": authkey} resp = client.get(uri, data, headers, params, 'json') return resp.text
def zerotier_nic_config(service, logger, container, nic): from zerotier import client wait_for_interface(container) service.model.data.zerotiernodeid = container.client.zerotier.info()['address'] if nic.token: zerotier = client.Client() zerotier.set_auth_header('bearer {}'.format(nic.token)) member = get_member(zerotier, service.model.data.zerotiernodeid, nic.id) if not member['config']['authorized']: # authorized new member logger.info("authorize new member {} to network {}".format(member['nodeId'], nic.id)) member['config']['authorized'] = True zerotier.network.updateMember(member, member['nodeId'], nic.id)
def start(job): import time from zerotier import client from zeroos.orchestrator.sal.Container import Container service = job.service container = Container.from_ays(service, job.context['token']) container.start() if container.is_running(): service.model.data.status = "running" else: raise j.exceptions.RuntimeError("container didn't started") def get_member(): start = time.time() while start + 60 > time.time(): resp = zerotier.network.getMember(service.model.data.zerotiernodeid, nic.id) if resp.content: return resp.json() time.sleep(0.5) raise j.exceptions.RuntimeError('Could not find member on zerotier network') def wait_for_interface(): start = time.time() while start + 60 > time.time(): for link in container.client.ip.link.list(): if link['type'] == 'tun': return time.sleep(0.5) raise j.exceptions.RuntimeError("Could not find zerotier network interface") for nic in service.model.data.nics: if nic.type == 'zerotier': wait_for_interface() service.model.data.zerotiernodeid = container.client.zerotier.info()['address'] if nic.token: zerotier = client.Client() zerotier.set_auth_header('bearer {}'.format(nic.token)) member = get_member() if not member['config']['authorized']: # authorized new member job.logger.info("authorize new member {} to network {}".format(member['nodeId'], nic.id)) member['config']['authorized'] = True zerotier.network.updateMember(member, member['nodeId'], nic.id) service.saveAll()
def bootstrap(job): from zerotier import client service = job.service token = service.model.data.zerotierToken netid = service.model.data.zerotierNetID zerotier = client.Client() zerotier.set_auth_header('bearer {}'.format(token)) resp = zerotier.network.listMembers(netid) members = resp.json() for member in members: try: try_authorize(job, job.logger, netid, member, zerotier) except Exception as err: job.logger.error(str(err)) member['config']['authorized'] = False zerotier.network.updateMember(member, member['nodeId'], netid)
def install(job): import time from zerotier import client as ztclient client = _get_client(job, job.context['token']) client.zerotier.join(job.service.model.data.nwid) def get_member(): start = time.time() while start + 60 > time.time(): resp = zerotier.network.getMember(address, job.service.model.data.nwid) if resp.content: return resp.json() time.sleep(0.5) raise j.exceptions.RuntimeError( 'Could not find member on zerotier network') token = job.service.model.data.token if token: address = client.zerotier.info()['address'] zerotier = ztclient.Client() zerotier.set_auth_header('bearer {}'.format(token)) member = get_member() if not member['config']['authorized']: # authorized new member job.logger.info("authorize new member {} to network {}".format( member['nodeId'], job.service.model.data.nwid)) member['config']['authorized'] = True zerotier.network.updateMember(member, member['nodeId'], job.service.model.data.nwid) while True: net = _get_network(job, job.context['token']) if (token and net['status'] == 'OK') or (not token and net['status'] in ['OK', 'ACCESS_DENIED']): break time.sleep(1) _update_model(job, net)
def setup_zerotierbridges(job): from zeroos.orchestrator.sal.Container import Container from zeroos.orchestrator.configuration import get_jwt_token from zerotier import client import time job.context['token'] = get_jwt_token(job.service.aysrepo) service = job.service container = service.producers.get('container')[0] containerobj = Container.from_ays(container, job.context['token'], logger=service.logger) # get dict version of nics nics = service.model.data.to_dict()['nics'] def wait_for_interface(): start = time.time() while start + 60 > time.time(): for link in containerobj.client.ip.link.list(): if link['type'] == 'tun': return time.sleep(0.5) raise j.exceptions.RuntimeError( "Could not find zerotier network interface") ip = containerobj.client.ip for nic in nics: zerotierbridge = nic.pop('zerotierbridge', None) if zerotierbridge: nicname = nic['name'] linkname = 'l-{}'.format(nicname)[:15] wait_for_interface() zerotiername = get_zerotier_nic(zerotierbridge['id'], containerobj) token = zerotierbridge.get('token') if token: zerotier = client.Client() zerotier.set_auth_header('bearer {}'.format(token)) resp = zerotier.network.getMember( container.model.data.zerotiernodeid, zerotierbridge['id']) member = resp.json() job.logger.info( "Enable bridge in member {} on network {}".format( member['nodeId'], zerotierbridge['id'])) member['config']['activeBridge'] = True zerotier.network.updateMember(member, member['nodeId'], zerotierbridge['id']) # check if configuration is already done linkmap = {link['name']: link for link in ip.link.list()} if linkmap[nicname]['type'] == 'bridge': continue # bring related interfaces down ip.link.down(nicname) ip.link.down(zerotiername) # remove IP and rename ipaddresses = ip.addr.list(nicname) for ipaddress in ipaddresses: ip.addr.delete(nicname, ipaddress) ip.link.name(nicname, linkname) # create bridge and add interface and IP ip.bridge.add(nicname) ip.bridge.addif(nicname, linkname) ip.bridge.addif(nicname, zerotiername) # readd IP and bring interfaces up for ipaddress in ipaddresses: ip.addr.add(nicname, ipaddress) ip.link.up(nicname) ip.link.up(linkname) ip.link.up(zerotiername) service.model.data.zerotiernodeid = container.model.data.zerotiernodeid service.saveAll()
def __init__(self, api_token: str) -> None: self._client = ztclient.Client() self._client.set_auth_header("Bearer " + api_token) self._status = self.get_status()
def start(job): from zeroos.orchestrator.sal.Container import Container import time from zerotier import client service = job.service container = service.producers.get('container')[0] if str(container.model.data.status) == 'halted': j.tools.async.wrappers.sync(container.executeAction('start', context=job.context)) # setup zerotiers bridges containerobj = Container.from_ays(container, job.context['token']) nics = service.model.data.to_dict()['nics'] # get dict version of nics # setup resolv.conf containerobj.upload_content('/etc/resolv.conf', 'nameserver 127.0.0.1\n') def get_zerotier_nic(zerotierid): for zt in containerobj.client.zerotier.list(): if zt['id'] == zerotierid: return zt['portDeviceName'] else: raise j.exceptions.RuntimeError("Failed to get zerotier network device") def wait_for_interface(): start = time.time() while start + 60 > time.time(): for link in containerobj.client.ip.link.list(): if link['type'] == 'tun': return time.sleep(0.5) raise j.exceptions.RuntimeError("Could not find zerotier network interface") ip = containerobj.client.ip for nic in nics: zerotierbridge = nic.pop('zerotierbridge', None) if zerotierbridge: nicname = nic['name'] linkname = 'l-{}'.format(nicname)[:15] wait_for_interface() zerotiername = get_zerotier_nic(zerotierbridge['id']) token = zerotierbridge.get('token') if token: zerotier = client.Client() zerotier.set_auth_header('bearer {}'.format(token)) resp = zerotier.network.getMember(container.model.data.zerotiernodeid, zerotierbridge['id']) member = resp.json() job.logger.info("Enable bridge in member {} on network {}".format(member['nodeId'], zerotierbridge['id'])) member['config']['activeBridge'] = True zerotier.network.updateMember(member, member['nodeId'], zerotierbridge['id']) # check if configuration is already done linkmap = {link['name']: link for link in ip.link.list()} if linkmap[nicname]['type'] == 'bridge': continue # bring related interfaces down ip.link.down(nicname) ip.link.down(zerotiername) # remove IP and rename ipaddresses = ip.addr.list(nicname) for ipaddress in ipaddresses: ip.addr.delete(nicname, ipaddress) ip.link.name(nicname, linkname) # create bridge and add interface and IP ip.bridge.add(nicname) ip.bridge.addif(nicname, linkname) ip.bridge.addif(nicname, zerotiername) # readd IP and bring interfaces up for ipaddress in ipaddresses: ip.addr.add(nicname, ipaddress) ip.link.up(nicname) ip.link.up(linkname) ip.link.up(zerotiername) service.model.data.zerotiernodeid = container.model.data.zerotiernodeid service.saveAll() # setup cloud-init magical ip loaddresses = ip.addr.list('lo') magicip = '169.254.169.254/32' if magicip not in loaddresses: ip.addr.add('lo', magicip) # start services http = container.consumers.get('http')[0] dhcp = container.consumers.get('dhcp')[0] cloudinit = container.consumers.get('cloudinit')[0] firewall = container.consumers.get('firewall')[0] j.tools.async.wrappers.sync(container.executeAction('start', context=job.context)) j.tools.async.wrappers.sync(dhcp.executeAction('start', context=job.context)) j.tools.async.wrappers.sync(http.executeAction('start', context=job.context)) j.tools.async.wrappers.sync(firewall.executeAction('start', context=job.context)) j.tools.async.wrappers.sync(cloudinit.executeAction('start', context=job.context)) service.model.data.status = "running"
def __init__(self, token): self.client = ztclient.Client() self.client.set_auth_header("Bearer " + token)