def validate(self, **kwargs):
'''Validate device group state among given devices.
:param kwargs: dict -- keyword args of device group information
:raises: UnexpectedDeviceGroupType, UnexpectedDeviceGroupDevices
'''
self._set_attributes(**kwargs)
self._check_type()
self.dev_group_uri_res = self._get_device_group(self.devices[0])
if self.dev_group_uri_res.type != self.type:
msg = 'Device group type found: %r does not match expected ' \
'device group type: %r' % (
self.dev_group_uri_res.type, self.type
)
raise UnexpectedDeviceGroupType(msg)
queried_device_names = self._get_device_names_in_group()
given_device_names = []
for device in self.devices:
device_name = get_device_info(device).name
given_device_names.append(device_name)
if sorted(queried_device_names) != sorted(given_device_names):
msg = 'Given devices does not match queried devices.'
raise UnexpectedDeviceGroupDevices(msg)
self.ensure_all_devices_in_sync()
def _add_device_to_device_group(self, device):
'''Add device to device service cluster group.
:param device: bigip object -- device to add to group
'''
device_name = get_device_info(device).name
dg = pollster(self._get_device_group)(device)
dg.devices_s.devices.create(name=device_name, partition=self.partition)
pollster(self._check_device_exists_in_device_group)(device_name)
def _add_trustee(self, device):
'''Add a single trusted device to the trust domain.
:param device: ManagementRoot object -- device to add to trust domain
'''
device_name = get_device_info(device).name
if device_name in self.domain:
msg = 'Device: %r is already in this trust domain.' % device_name
raise DeviceAlreadyInTrustDomain(msg)
self._modify_trust(self.devices[0], self._get_add_trustee_cmd, device)
def _delete_device_from_device_group(self, device):
'''Remove device from device service cluster group.
:param device: ManagementRoot object -- device to delete from group
'''
device_name = get_device_info(device).name
dg = pollster(self._get_device_group)(device)
device_to_remove = dg.devices_s.devices.load(
name=device_name, partition=self.partition
)
device_to_remove.delete()
def _ensure_device_active(self, device):
'''Ensure a single device is in an active state
:param device: ManagementRoot object -- device to inspect
:raises: UnexpectedClusterState
'''
act = device.tm.cm.devices.device.load(
name=get_device_info(device).name,
partition=self.partition
)
if act.failoverState != 'active':
msg = "A device in the cluster was not in the 'Active' state."
raise UnexpectedDeviceGroupState(msg)
def _get_devices_by_activation_state(self, state):
'''Get a list of bigips by activation statue.
:param state: str -- state to filter the returned list of devices
:returns: list -- list of devices that are in the given state
'''
devices_with_state = []
for device in self.devices:
act = device.tm.cm.devices.device.load(
name=get_device_info(device).name,
partition=self.partition
)
if act.failoverState == state:
devices_with_state.append(device)
return devices_with_state
def _populate_domain(self):
'''Populate TrustDomain's domain attribute.
This entails an inspection of each device's certificate-authority
devices in its trust domain and recording them. After which, we
get a dictionary of who trusts who in the domain.
'''
self.domain = {}
for device in self.devices:
device_name = get_device_info(device).name
ca_devices = \
device.tm.cm.trust_domains.trust_domain.load(
name='Root'
).caDevices
self.domain[device_name] = [
d.replace('/%s/' % self.partition, '') for d in ca_devices
]
def _remove_trustee(self, device):
'''Remove a trustee from the trust domain.
:param device: MangementRoot object -- device to remove
'''
trustee_name = get_device_info(device).name
name_object_map = get_device_names_to_objects(self.devices)
delete_func = self._get_delete_trustee_cmd
for truster in self.domain:
if trustee_name in self.domain[truster] and \
truster != trustee_name:
truster_obj = name_object_map[truster]
self._modify_trust(truster_obj, delete_func, trustee_name)
self._populate_domain()
for trustee in self.domain[trustee_name]:
if trustee_name != trustee:
self._modify_trust(device, delete_func, trustee)
self.devices.remove(name_object_map[trustee_name])