async def add_default_models_to_database(c_name, cred_name, username,
juju_username, controller, user_info):
"""Adds the default models, that have been created by new controller, to the
database."""
c_info = datastore.get_controller(c_name)
model_facade = client.ModelManagerFacade.from_connection(
controller.connection)
controller_facade = client.ControllerFacade.from_connection(
controller.connection)
user = tag.user(juju_username)
models = await controller_facade.AllModels()
for model in models.user_models:
if model:
m_key = juju.construct_model_key(c_info['name'], model.model.name)
logger.info(model.model.name)
if username != settings.JUJU_ADMIN_USER:
model_tag = tag.model(model.model.uuid)
changes = client.ModifyModelAccess('admin', 'grant', model_tag,
user)
await model_facade.ModifyModelAccess([changes])
datastore.create_model(m_key,
model.model.name,
state='Model is being deployed',
uuid='')
datastore.add_model_to_controller(c_name, m_key)
datastore.set_model_state(m_key,
'ready',
credential=cred_name,
uuid=model.model.uuid)
datastore.set_model_access(m_key, username, 'admin')
ssh_keys = user_info["ssh_keys"]
if len(ssh_keys) > 0:
juju.update_ssh_keys_model(username, ssh_keys, c_name, m_key)
async def create_controller(c_type, name, region, cred_name):
try:
logger.info('Adding controller to database')
token = JuJu_Token()
datastore.create_controller(name, c_type, region, cred_name)
datastore.add_user_to_controller(name, 'admin', 'superuser')
logger.info('Bootstrapping controller')
credential = juju.get_credential(token.username, cred_name)
logger.info('credential found %s:', credential['credential'])
juju.get_controller_types()[c_type].create_controller(name, region, credential['credential'], 't{}'.format(hashlib.md5(cred_name.encode('utf')).hexdigest()))
pswd = token.password
logger.info('Setting admin password')
check_output(['juju', 'change-user-password', 'admin', '-c', name],
input=bytes('{}\n{}\n'.format(pswd, pswd), 'utf-8'))
logger.info('Updating controller in database')
with open(os.path.join(str(Path.home()), '.local', 'share', 'juju', 'controllers.yaml'), 'r') as data:
con_data = yaml.load(data)
datastore.set_controller_state(
name,
'ready',
con_data['controllers'][name]['api-endpoints'],
con_data['controllers'][name]['uuid'],
con_data['controllers'][name]['ca-cert'])
logger.info('Connecting to controller')
controller = juju.Controller_Connection(token, name)
logger.info('Adding existing credentials and models to database')
credentials = datastore.get_credentials(token.username)
async with controller.connect(token) as juju_con:
for cred in credentials:
if cred['name'] != cred_name:
credential_name = 't{}'.format(hashlib.md5(cred_name.encode('utf')).hexdigest())
cloud_facade = client.CloudFacade.from_connection(juju_con.connection)
credential = juju.generate_cred_file(c_type, credential_name, cred['credential'])
cloud_cred = client.UpdateCloudCredential(
client.CloudCredential(credential['key'], credential['type']),
tag.credential(c_type, token.username, credential_name)
)
await cloud_facade.UpdateCredentials([cloud_cred])
models = await juju_con.get_models()
for model in models.serialize()['user-models']:
model = model.serialize()['model'].serialize()
datastore.add_model_to_controller(name, model['name'])
datastore.set_model_state(name, model['name'], 'ready', credential=cred_name, uuid=model['uuid'])
datastore.set_model_access(name, model['name'], token.username, 'admin')
logger.info('Controller succesfully created!')
except Exception: #pylint: disable=W0703
datastore.destroy_controller(name)
exc_type, exc_value, exc_traceback = sys.exc_info()
lines = traceback.format_exception(exc_type, exc_value, exc_traceback)
for l in lines:
logger.error(l)
datastore.set_controller_state(name, 'error')
def create_model(token, controller, model, credentials):
state = datastore.check_model_state(controller, model)
if state in ["ready", "accepted"]:
code, response = errors.already_exists('model')
elif credentials in datastore.get_credential_keys(token.username):
datastore.add_model_to_controller(controller, model)
datastore.set_model_state(controller, model, 'accepted')
datastore.set_model_access(controller, model, token.username, 'admin')
Popen(["python3.6", "{}/scripts/add_model.py".format(settings.SOJOBO_API_DIR), controller,
model, settings.SOJOBO_API_DIR, token.username, token.password, credentials])
code, response = 202, "Model is being deployed"
else:
code, response = 404, "Credentials {} not found!".format(credentials)
return code, response
async def create_model(c_name, m_name, usr, pwd, cred_name):
try:
token = JuJu_Token()
token.username = usr
token.password = pwd
controller = juju.Controller_Connection(token, c_name)
c_type = controller.c_type
credential = 't{}'.format(hashlib.md5(cred_name.encode('utf')).hexdigest())
async with controller.connect(token) as con_juju:
logger.info('%s -> Creating model: %s', m_name, m_name)
model = await con_juju.add_model(
m_name,
cloud_name=c_type,
credential_name=credential,
owner=tag.user(usr)
)
logger.info('%s -> model deployed on juju', m_name)
ds.set_model_access(c_name, m_name, usr, 'admin')
ds.set_model_state(c_name, m_name, 'ready', cred_name, model.info.uuid)
logger.info('%s -> Adding ssh-keys to model: %s', m_name, m_name)
for key in ds.get_ssh_keys(usr):
try:
await model.add_ssh_key(usr, key)
except (JujuAPIError, JujuError):
pass
logger.info('%s -> retrieving users: %s', m_name, ds.get_controller_users(c_name))
for u in ds.get_controller_users(c_name):
if u['access'] == 'superuser' and u['name'] != usr:
await model.grant(u['name'], acl='admin')
ds.set_model_access(c_name, m_name, u['name'], 'admin')
for key in ds.get_ssh_keys(u['name']):
try:
await model.add_ssh_key(u['name'], key['key'])
except (JujuAPIError, JujuError):
pass
logger.info('%s -> succesfully deployed model', m_name)
except Exception as e:
exc_type, exc_value, exc_traceback = sys.exc_info()
lines = traceback.format_exception(exc_type, exc_value, exc_traceback)
for l in lines:
logger.error(l)
if 'model' in locals():
ds.set_model_state(c_name, m_name, 'ready', cred_name, model.info.uuid)
else:
ds.set_model_state(c_name, m_name, 'error: {}'.format(lines))
finally:
if 'model' in locals():
await model.disconnect()
await controller.disconnect()
async def create_controller(c_type, name, region, credentials):
try:
logger.info('Adding controller to database')
datastore.create_controller(name, c_type, region)
datastore.add_user_to_controller(name, 'admin', 'superuser')
logger.info('Bootstrapping controller')
juju.get_controller_types()[c_type].create_controller(
name, region, credentials)
pswd = settings.JUJU_ADMIN_PASSWORD
logger.info('Setting admin password')
check_output(['juju', 'change-user-password', 'admin', '-c', name],
input=bytes('{}\n{}\n'.format(pswd, pswd), 'utf-8'))
logger.info('Updating controller in database')
with open(
os.path.join(str(Path.home()), '.local', 'share', 'juju',
'controllers.yaml'), 'r') as data:
con_data = yaml.load(data)
datastore.set_controller_state(
name, 'ready', con_data['controllers'][name]['api-endpoints'],
con_data['controllers'][name]['uuid'],
con_data['controllers'][name]['ca-cert'])
token = JuJu_Token()
logger.info('Connecting to controller')
controller = juju.Controller_Connection(token, name)
logger.info('Adding credentials to database')
result_cred = await juju.generate_cred_file(c_type, 'admin',
credentials)
datastore.add_credential('admin', result_cred)
logger.info('Adding existing models to database')
async with controller.connect(token) as juju_con:
models = await juju_con.get_models()
for model in models.serialize()['user-models']:
model = model.serialize()['model'].serialize()
datastore.add_model_to_controller(name, model['name'])
datastore.set_model_state(name, model['name'], 'ready',
model['uuid'])
datastore.set_model_access(name, model['name'], token.username,
'admin')
except Exception: #pylint: disable=W0703
exc_type, exc_value, exc_traceback = sys.exc_info()
lines = traceback.format_exception(exc_type, exc_value, exc_traceback)
for l in lines:
logger.error(l)
datastore.set_controller_state(name, 'error')
async def set_model_acc(username, password, user, access, controller):
try:
logger.info('Starting process to set model access')
token = JuJu_Token
token.username = username
token.password = password
access_list = ast.literal_eval(access)
ssh_keys = datastore.get_ssh_keys(user)
for mod in access_list:
logger.info('setting Model Access for %s on %s!', user,
mod['name'])
model = juju.Model_Connection(token, controller, mod['name'])
async with model.connect(token) as mod_con:
current_access = datastore.get_model_access(
controller, mod['name'], user)
logger.info('Current Access level: %s', current_access)
if current_access:
await mod_con.revoke(user)
await mod_con.grant(user, acl=mod['access'])
if mod['access'] in ['admin', 'write']:
for key in ssh_keys:
try:
logger.info('Adding ssh-key: %s', key)
mod_con.add_ssh_key(user, key)
except (JujuAPIError, JujuError):
exc_type, exc_value, exc_traceback = sys.exc_info()
lines = traceback.format_exception(
exc_type, exc_value, exc_traceback)
for l in lines:
logger.error(l)
datastore.set_model_access(controller, mod['name'], user,
mod['access'])
logger.info('Model Access set for %s on %s!', user, mod['name'])
except Exception:
exc_type, exc_value, exc_traceback = sys.exc_info()
lines = traceback.format_exception(exc_type, exc_value, exc_traceback)
for l in lines:
logger.error(l)
async def set_controller_acc(c_name, access, user):
try:
token = JuJu_Token()
con = datastore.get_controller(c_name)
usr = datastore.get_user(user)
logger.info('Connecting to controller %s', c_name)
controller = juju.Controller_Connection(token, c_name)
async with controller.connect(token) as con_juju:
logger.info('Connected to controller %s ', c_name)
await con_juju.grant(user, acl=access)
datastore.set_controller_access(c_name, user, access)
logger.info('Controller access set for %s ', c_name)
if access == 'superuser':
for mod in con['models']:
model = juju.Model_Connection(token, con['name'], mod['name'])
async with model.connect(token) as mod_con:
logger.info('Setting up connection for model: %s',
mod['name'])
current_access = datastore.get_model_access(
c_name, mod['name'], user)
logger.info('Current Access level: %s', current_access)
if current_access:
await mod_con.revoke(user)
await mod_con.grant(user, acl='admin')
datastore.set_model_access(c_name, mod['name'], user,
'admin')
logger.info('Admin Access granted for for %s:%s', c_name,
mod['name'])
for key in usr['ssh-keys']:
logger.info('SSh key found... adding SSH key %s', key)
await mod_con.add_ssh_key(user, key)
except Exception:
exc_type, exc_value, exc_traceback = sys.exc_info()
lines = traceback.format_exception(exc_type, exc_value, exc_traceback)
for l in lines:
logger.error(l)
async def bootstrap_aws_controller(c_name, region, cred_name, username,
password): #pylint: disable=E0001
try:
# Check if the credential is valid.
tengu_username = settings.JUJU_ADMIN_USER
tengu_password = settings.JUJU_ADMIN_PASSWORD
valid_cred_name = 't{}'.format(
hashlib.md5(cred_name.encode('utf')).hexdigest())
credential = juju.get_credential(username, cred_name)
logger.info(credential)
juju.get_controller_types()['aws'].check_valid_credentials(credential)
# Create credential file that can be used to bootstrap controller.
cred_path = '/home/{}/credentials'.format(settings.SOJOBO_USER)
if not os.path.exists(cred_path):
os.mkdir(cred_path)
filepath = '{}/aws-{}.json'.format(cred_path, valid_cred_name)
with open(filepath, 'w+') as credfile:
json.dump(credential['credential'], credfile)
path = '/tmp/credentials.yaml'
data = {
'credentials': {
'aws': {
valid_cred_name: {
'auth-type': 'access-key',
'access-key': credential['credential']['access-key'],
'secret-key': credential['credential']['secret-key']
}
}
}
}
with open(path, 'w') as dest:
yaml.dump(data, dest, default_flow_style=True)
logger.info(valid_cred_name)
logger.info(data)
check_call(['juju', 'add-credential', 'aws', '-f', path, '--replace'])
logger.info(path)
check_call([
'juju', 'bootstrap', '--agent-version=2.3.0',
'aws/{}'.format(region), c_name, '--credential', valid_cred_name
])
os.remove(path)
logger.info('Setting admin password')
check_output(['juju', 'change-user-password', 'admin', '-c', c_name],
input=bytes(
'{}\n{}\n'.format(tengu_password, tengu_password),
'utf-8'))
con_data = {}
logger.info('Updating controller in database')
with open(
os.path.join(str(Path.home()), '.local', 'share', 'juju',
'controllers.yaml'), 'r') as data:
con_data = yaml.load(data)
datastore.set_controller_state(
c_name,
'ready',
endpoints=con_data['controllers'][c_name]['api-endpoints'],
uuid=con_data['controllers'][c_name]['uuid'],
ca_cert=con_data['controllers'][c_name]['ca-cert'])
logger.info('Connecting to controller')
controller = Controller()
logger.info(
'Adding existing credentials and default models to database...')
credentials = datastore.get_cloud_credentials('aws', username)
logger.info(credentials)
await controller.connect(
endpoint=con_data['controllers'][c_name]['api-endpoints'][0],
username=tengu_username,
password=tengu_password,
cacert=con_data['controllers'][c_name]['ca-cert'])
user_info = datastore.get_user(username)
juju_username = user_info["juju_username"]
for cred in credentials:
if username != tengu_username:
await juju.update_cloud(controller, 'aws', cred['name'],
juju_username, username)
logger.info('Added credential %s to controller %s',
cred['name'], c_name)
elif cred['name'] != cred_name:
await juju.update_cloud(controller, 'aws', cred['name'],
juju_username, username)
user = tag.user(juju_username)
model_facade = client.ModelManagerFacade.from_connection(
controller.connection)
controller_facade = client.ControllerFacade.from_connection(
controller.connection)
if username != tengu_username:
user_facade = client.UserManagerFacade.from_connection(
controller.connection)
users = [
client.AddUser(display_name=juju_username,
username=juju_username,
password=password)
]
await user_facade.AddUser(users)
changes = client.ModifyControllerAccess('superuser', 'grant', user)
await controller_facade.ModifyControllerAccess([changes])
c_info = datastore.get_controller(c_name)
models = await controller_facade.AllModels()
for model in models.user_models:
if model:
m_key = juju.construct_model_key(c_info['name'],
model.model.name)
logger.info(model.model.name)
if username != tengu_username:
model_tag = tag.model(model.model.uuid)
changes = client.ModifyModelAccess('admin', 'grant',
model_tag, user)
await model_facade.ModifyModelAccess([changes])
datastore.create_model(m_key,
model.model.name,
state='Model is being deployed',
uuid='')
datastore.add_model_to_controller(c_name, m_key)
datastore.set_model_state(m_key,
'ready',
credential=cred_name,
uuid=model.model.uuid)
datastore.set_model_access(m_key, username, 'admin')
ssh_keys = user_info["ssh_keys"]
if len(ssh_keys) > 0:
juju.update_ssh_keys_model(username, ssh_keys, c_name,
m_key)
logger.info('Controller succesfully created!')
except Exception: #pylint: disable=W0703
exc_type, exc_value, exc_traceback = sys.exc_info()
lines = traceback.format_exception(exc_type, exc_value, exc_traceback)
for l in lines:
logger.error(l)
datastore.set_controller_state(c_name, 'error')
finally:
if 'controller' in locals():
await juju.disconnect(controller)