def do_connect(self):
try:
conf_api = ConfigAPI()
# Get which ceph user is using this function #
# ========================================== #
users = Users()
user_name = users.get_current_system_user().strip()
if user_name == "root":
user_name = "admin"
# Get ceph user's keyring file path #
# ================================= #
ceph_auth = CephAuthenticator()
cluster_name = configuration().get_cluster_name()
cluster = rados.Rados(conffile=conf_api.get_ceph_conf_path(cluster_name),
conf=dict(keyring=ceph_auth.get_keyring_path()), rados_id=user_name)
cluster.connect()
return cluster
except Exception as e:
logger.error("do_connect() Cannot connect to ceph cluster.")
logger.exception(e.message)
try:
cluster.shutdown()
except Exception as e:
pass
return -1
def get_keyring_path(self):
cluster_name = configuration().get_cluster_name()
users = Users()
user_name = users.get_current_system_user().strip()
if user_name == "root":
user_name = "admin"
path = "/etc/ceph/" + cluster_name + ".client." + user_name + ".keyring"
return path
def get_authentication_string(self):
cluster_name = configuration().get_cluster_name()
users = Users()
user_name = users.get_current_system_user().strip()
if user_name == "root":
return ""
auth_string = " -n client." + user_name + " --keyring=/etc/ceph/" + cluster_name +".client." + user_name + ".keyring"
return auth_string
def update_auth_pools(self, user_name, auth_pools):
user = Users()
status = user.update_auth_pools(user_name, auth_pools)
if status:
replication_user = ConsulAPI().get_replication_user(user_name)
replication_user.auth_pools = auth_pools
ConsulAPI().update_replication_user(replication_user)
nodes_list = ManageNode().get_node_list()
for node_info in nodes_list:
if node_info.is_backup:
stat = self.sync_users(node_info.name)
return status
def delete_replication_user(self, user_name):
user = Users()
stat = user.delete_ceph_user(user_name)
if stat:
consul = ConsulAPI()
consul.delete_replication_user(user_name)
nodes_list = ManageNode().get_node_list()
for node_info in nodes_list:
if node_info.is_backup:
stat = self.sync_users(node_info.name)
return True
else:
return False
def reset_prv_key(self, user_name):
replication_user = self.get_replication_user(user_name)
prv_key_value = replication_user.ssh_prv_key
user = Users()
pub_file = ConfigAPI().get_replication_user_pubkey_file_path()
prv_file = ConfigAPI().get_replication_user_prvkey_file_path()
stat = user.generate_tmp_ssh_keys(pub_file, prv_file)
if stat:
pub_key_value = self.get_file_content(pub_file)
prv_key_value = self.get_file_content(prv_file)
rsa_encrypt = RSAEncryption()
rsa_pub_key = rsa_encrypt.get_key(rsa_encrypt.pub_key_path)
enc_prv_key = rsa_encrypt.encrypt_public(prv_key_value,
rsa_pub_key)
enc_ceph_keyring = rsa_encrypt.encrypt_public(
replication_user.ceph_keyring, rsa_pub_key)
replication_user.ssh_prv_key = enc_prv_key
replication_user.ssh_pub_key = pub_key_value
replication_user.ceph_keyring = enc_ceph_keyring
result = ConsulAPI().update_replication_user(replication_user)
if result:
mng_file = ManageTmpFile()
mng_file.delete_tmp_file(pub_file)
mng_file.delete_tmp_file(prv_file)
nodes_list = ManageNode().get_node_list()
for node_info in nodes_list:
if node_info.is_backup:
stat = self.sync_users(node_info.name)
return prv_key_value
def add_user(self, user_name, auth_pools):
backup_nodes_list = []
nodes_list = ManageNode().get_node_list()
for node_info in nodes_list:
if node_info.is_backup:
backup_nodes_list.append(node_info.name)
user_info = ConsulAPI().get_replication_user(user_name)
if user_info and len(user_info.user_name) > 0:
raise ReplicationException(
ReplicationException.SYSTEM_USER_EXIST,
'ThisSystemUserAlreadyExistsInNodes:{}'.format(
backup_nodes_list))
user = Users()
ceph_usr_stat = user.is_ceph_user_exist(user_name)
if ceph_usr_stat:
raise ReplicationException(ReplicationException.CEPH_USER_EXIST,
'ThisCephUserAlreadyExists')
cluster_name = configuration().get_cluster_name()
ceph_keyring_path = '/etc/ceph/{}.client.{}.keyring'.format(
cluster_name, user_name)
replication_user = ReplicationUser()
replication_user.user_name = user_name
replication_user.auth_pools = auth_pools
rsa_encrypt = RSAEncryption()
rsa_pub_key = rsa_encrypt.get_key(rsa_encrypt.pub_key_path)
user.add_ceph_user(user_name, auth_pools)
ceph_keyring_value = self.get_file_content(ceph_keyring_path)
enc_ceph_keyring = rsa_encrypt.encrypt_public(ceph_keyring_value,
rsa_pub_key)
replication_user.ceph_keyring = enc_ceph_keyring
pub_file = ConfigAPI().get_replication_user_pubkey_file_path()
prv_file = ConfigAPI().get_replication_user_prvkey_file_path()
rep_path = ConfigAPI().get_replication_tmp_file_path()
if not os.path.exists(rep_path):
os.mkdir(rep_path)
user.generate_tmp_ssh_keys(pub_file, prv_file)
pub_key_value = self.get_file_content(pub_file)
replication_user.ssh_pub_key = pub_key_value
prv_key_value = self.get_file_content(prv_file)
enc_prv_key = rsa_encrypt.encrypt_public(prv_key_value, rsa_pub_key)
replication_user.ssh_prv_key = enc_prv_key
mng_file = ManageTmpFile()
mng_file.delete_tmp_file(pub_file)
mng_file.delete_tmp_file(prv_file)
consul = ConsulAPI()
consul.update_replication_user(replication_user)
for node in backup_nodes_list:
stat = self.sync_users(node)
if not stat:
logger.error("error sync users on the node {}".format(node))
def get_auth_pools(self, user_name):
user = Users()
auth_pools = user.get_auth_pools(user_name)
return auth_pools