def test_validate_guest_image(self):
""" Test validation of an encrypted guest image.
"""
image = Image()
image.id = new_id()
old_encryptor_id = new_id()
new_encryptor_id = new_id()
image.tags[encrypt_ami.TAG_ENCRYPTOR] = 'True'
image.tags[encrypt_ami.TAG_ENCRYPTOR_AMI] = old_encryptor_id
aws_svc = test_aws_service.DummyAWSService()
aws_svc.images[image.id] = image
# Missing tag.
with self.assertRaises(ValidationError):
brkt_cli.aws._validate_guest_encrypted_ami(aws_svc, image.id,
new_encryptor_id)
# No missing tag.
image.tags[encrypt_ami.TAG_ENCRYPTOR_SESSION_ID] = new_id()
result = brkt_cli.aws._validate_guest_encrypted_ami(
aws_svc, image.id, new_encryptor_id)
self.assertEquals(image, result)
# Attempting to encrypt with the same encryptor AMI.
with self.assertRaises(ValidationError):
brkt_cli.aws._validate_guest_encrypted_ami(aws_svc, image.id,
old_encryptor_id)
# Invalid image ID.
with self.assertRaises(ValidationError):
brkt_cli.aws._validate_guest_encrypted_ami(aws_svc, 'ami-123456',
new_encryptor_id)
def test_validate_encryptor_ami(self):
""" Test validation of the encryptor AMI.
"""
aws_svc = test_aws_service.DummyAWSService()
image = Image()
image.id = new_id()
image.name = 'brkt-avatar'
aws_svc.images[image.id] = image
# Valid image.
brkt_cli.aws._validate_encryptor_ami(aws_svc, image.id)
# Unexpected name.
image.name = 'foobar'
with self.assertRaises(ValidationError):
brkt_cli.aws._validate_encryptor_ami(aws_svc, image.id)
# Invalid id.
id = new_id()
with self.assertRaises(ValidationError):
brkt_cli.aws._validate_encryptor_ami(aws_svc, id)
# Service returned None. Apparently this can happen when the account
# does not have access to the image.
aws_svc.images[id] = None
with self.assertRaises(ValidationError):
brkt_cli.aws._validate_encryptor_ami(aws_svc, id)
def finish(self, block_device_map=None):
# register the snapshot
# tag the ami and snapshot
if block_device_map is None:
block_device_map = default_block_device_map()
block_device_map[ROOT_BLOCK_DEVICE] = BlockDeviceType(snapshot_id=self.vol.snapshot.id,
delete_on_termination=True)
ami = Image(ec2connection())
ami_name = '{}-ebs'.format(self.name)
ami = register(name=ami_name,
description=self.description,
architecture=self.vol.ami_metadata['arch'],
block_device_map=block_device_map,
root_device_name=ROOT_BLOCK_DEVICE,
kernel_id=self.vol.ami_metadata['aki'],
ramdisk_id=self.vol.ami_metadata['ari'])
if ami is not None:
log.info('AMI registered: %s %s' % (ami.id, ami.name))
self.ami = ami
self.tags['creation_time'] = datetime.utcnow().strftime('%F %T UTC')
self.snapshot_tags['ami-id'] = ami.id
add_tags([ami.id], self.tags)
ami.update()
for k in ami.tags:
log.info('TAG\timage\t%s\t%s\t%s' % (ami.id, k, ami.tags[k]))
add_tags([self.vol.snapshot.id], self.snapshot_tags)
self.vol.snapshot.update()
for k in self.vol.snapshot.tags:
log.debug('TAG\tsnapshot\t%s\t%s\t%s' % (self.vol.snapshot.id, k, self.vol.snapshot.tags[k]))
return self.ami is not None
def test_validate_encryptor_ami(self):
""" Test validation of the encryptor AMI.
"""
aws_svc = test_aws_service.DummyAWSService()
image = Image()
image.id = new_id()
image.name = 'brkt-avatar'
aws_svc.images[image.id] = image
# Valid image.
brkt_cli.aws._validate_encryptor_ami(aws_svc, image.id)
# Unexpected name.
image.name = 'foobar'
with self.assertRaises(ValidationError):
brkt_cli.aws._validate_encryptor_ami(aws_svc, image.id)
# Invalid id.
id = new_id()
with self.assertRaises(ValidationError):
brkt_cli.aws._validate_encryptor_ami(aws_svc, id)
# Service returned None. Apparently this can happen when the account
# does not have access to the image.
aws_svc.images[id] = None
with self.assertRaises(ValidationError):
brkt_cli.aws._validate_encryptor_ami(aws_svc, id)
def test_validate_guest_image(self):
""" Test validation of an encrypted guest image.
"""
image = Image()
image.id = new_id()
old_encryptor_id = new_id()
new_encryptor_id = new_id()
image.tags[encrypt_ami.TAG_ENCRYPTOR] = 'True'
image.tags[encrypt_ami.TAG_ENCRYPTOR_AMI] = old_encryptor_id
aws_svc = test_aws_service.DummyAWSService()
aws_svc.images[image.id] = image
# Missing tag.
with self.assertRaises(ValidationError):
brkt_cli.aws._validate_guest_encrypted_ami(
aws_svc, image.id, new_encryptor_id)
# No missing tag.
image.tags[encrypt_ami.TAG_ENCRYPTOR_SESSION_ID] = new_id()
result = brkt_cli.aws._validate_guest_encrypted_ami(
aws_svc, image.id, new_encryptor_id)
self.assertEquals(image, result)
# Attempting to encrypt with the same encryptor AMI.
with self.assertRaises(ValidationError):
brkt_cli.aws._validate_guest_encrypted_ami(
aws_svc, image.id, old_encryptor_id)
# Invalid image ID.
with self.assertRaises(ValidationError):
brkt_cli.aws._validate_guest_encrypted_ami(
aws_svc, 'ami-123456', new_encryptor_id
)
def create_image(self, instance_id, name, **kwargs):
image = Image()
image.id = instance_id
image.block_device_mapping = kwargs['block_device_mapping']
image.state = 'available'
image.name = name
image.description = 'This is a test'
image.virtualization_type = 'paravirtual'
image.root_device_name = '/dev/sda1'
i = self.get_instance(instance_id)
rdn = image.root_device_name
# create_image creates this implicitly
image.block_device_mapping[rdn] = i.block_device_mapping[rdn]
self.images[image.id] = image
return image.id
def register_image(self,
kernel_id,
block_device_map,
name=None,
description=None):
image = Image()
image.id = 'ami-' + new_id()
image.block_device_mapping = block_device_map
image.state = 'available'
image.name = name
image.description = description
image.virtualization_type = 'paravirtual'
image.root_device_type = 'ebs'
image.hypervisor = 'xen'
self.images[image.id] = image
return image.id
def register_image(self,
block_device_map,
name=None,
description=None):
image = Image()
image.id = 'ami-' + new_id()
image.block_device_mapping = block_device_map
image.state = 'available'
image.name = name
image.description = description
image.virtualization_type = 'hvm'
image.root_device_type = 'ebs'
image.hypervisor = 'xen'
self.images[image.id] = image
return image.id
def test_use_pv_metavisor(self):
values = DummyValues()
guest_image = Image()
values.pv = None
guest_image.virtualization_type = 'paravirtual'
self.assertTrue(brkt_cli.aws._use_pv_metavisor(values, guest_image))
values.pv = True
self.assertTrue(brkt_cli.aws._use_pv_metavisor(values, guest_image))
values.pv = None
guest_image.virtualization_type = 'hvm'
self.assertFalse(brkt_cli.aws._use_pv_metavisor(values, guest_image))
values.pv = True
guest_image.virtualizaiton_type = 'hvm'
self.assertTrue(brkt_cli.aws._use_pv_metavisor(values, guest_image))
def test_use_pv_metavisor(self):
values = DummyValues()
guest_image = Image()
values.pv = None
guest_image.virtualization_type = 'paravirtual'
self.assertTrue(brkt_cli.aws._use_pv_metavisor(values, guest_image))
values.pv = True
self.assertTrue(brkt_cli.aws._use_pv_metavisor(values, guest_image))
values.pv = None
guest_image.virtualization_type = 'hvm'
self.assertFalse(brkt_cli.aws._use_pv_metavisor(values, guest_image))
values.pv = True
guest_image.virtualizaiton_type = 'hvm'
self.assertTrue(brkt_cli.aws._use_pv_metavisor(values, guest_image))
def register_image(self, kernel_id, block_device_map, name=None, description=None):
image = Image()
image.id = _new_id()
image.block_device_mapping = block_device_map
image.state = "available"
image.name = name
image.description = description
self.images[image.id] = image
return image.id
def register_image(self,
kernel_id,
block_device_map,
name=None,
description=None):
image = Image()
image.id = 'ami-' + _new_id()
image.block_device_mapping = block_device_map
image.state = 'available'
image.name = name
image.description = description
image.virtualization_type = 'paravirtual'
self.images[image.id] = image
return image.id
def handle_instance_being_bundled(self, instance, do_not_finish=False):
bundling_tag = instance.tags.get('ec_bundling') or None
if bundling_tag is None:
return None
bucket, bundle_id = bundling_tag.split('/')
s3_conn = self.get_connection(conn_type='s3')
k = Key(s3_conn.get_bucket(bucket))
k.key = bundle_id
metadata = json.loads(k.get_contents_as_string())
tasks = self.conn.get_all_bundle_tasks([bundle_id])
image_id = None
if do_not_finish and len(tasks) > 0:
tasks[0].state = 'pending'
if len(tasks) == 0 or tasks[0].state == 'complete':
# handle registration
if metadata['version'] != curr_version:
self.log_request(
_(u"Bundle operation {0} from previous software version will be ignored."
).format(bundle_id))
else:
self.log_request(
_(u"Registering image from bundle operation {0}").format(
bundle_id))
bdm = self.get_block_device_map(metadata['bdm'])
image_id = self.conn.register_image(
name=metadata['name'],
description=metadata['description'],
image_location="%s/%s.manifest.xml" %
(bucket, metadata['prefix']),
virtualization_type=metadata['virt_type'],
block_device_map=bdm,
kernel_id=metadata['kernel_id'],
ramdisk_id=metadata['ramdisk_id'])
tags = json.loads(metadata['tags'])
self.conn.create_tags(image_id, tags)
self.invalidate_images_cache()
# cleanup metadata
k.delete()
self.conn.delete_tags(instance.id, ['ec_bundling'])
if metadata['version'] != curr_version:
return None
else:
return self.conn.get_all_images(image_ids=[image_id])[0]
elif tasks[0].state == 'failed':
# generate error message, need to let user know somehow
logging.warn("bundle task failed! ")
# cleanup metadata
k.delete()
self.conn.delete_tags(instance.id, ['ec_bundling'])
return None
elif tasks[0].state in ['pending', 'bundling', 'storing']:
# add this into image list
fakeimage = Image()
fakeimage.id = _(u'Pending')
fakeimage.fake_id = 'p' + instance.id
fakeimage.location = "%s/%s.manifest.xml" % (bucket,
metadata['prefix'])
fakeimage.owner_id = '' # do we need this?
fakeimage.state = tasks[0].state
fakeimage.progress = tasks[0].progress
fakeimage.is_public = False
fakeimage.name = metadata['name']
fakeimage.description = metadata['description']
fakeimage.architecture = metadata['arch']
fakeimage.platform = 'windows' if metadata[
'platform'] == 'windows' else None
fakeimage.type = 'machine'
fakeimage.root_device_type = 'instance-store'
fakeimage.root_device_name = '/dev/sda'
fakeimage.block_device_mapping = {}
fakeimage.tags = json.loads(metadata['tags'])
return fakeimage
def handle_instance_being_bundled(self, instance, do_not_finish=False):
bundling_tag = instance.tags.get('ec_bundling') or None
if bundling_tag is None:
return None
bucket, bundle_id = bundling_tag.split('/')
s3_conn = self.get_connection(conn_type='s3')
k = Key(s3_conn.get_bucket(bucket))
k.key = bundle_id
metadata = json.loads(k.get_contents_as_string())
tasks = self.conn.get_all_bundle_tasks([bundle_id])
image_id = None
if do_not_finish and len(tasks) > 0:
tasks[0].state = 'pending'
if len(tasks) == 0 or tasks[0].state == 'complete':
# handle registration
if metadata['version'] != curr_version:
self.log_request(
_(u"Bundle operation {0} from previous software version will be ignored.").format(bundle_id))
else:
self.log_request(_(u"Registering image from bundle operation {0}").format(bundle_id))
bdm = self.get_block_device_map(metadata['bdm'])
image_id = self.conn.register_image(
name=metadata['name'],
description=metadata['description'],
image_location="%s/%s.manifest.xml" % (bucket, metadata['prefix']),
virtualization_type=metadata['virt_type'],
block_device_map=bdm,
kernel_id=metadata['kernel_id'],
ramdisk_id=metadata['ramdisk_id']
)
tags = json.loads(metadata['tags'])
self.conn.create_tags(image_id, tags)
self.invalidate_images_cache()
# cleanup metadata
k.delete()
self.conn.delete_tags(instance.id, ['ec_bundling'])
if metadata['version'] != curr_version:
return None
else:
return self.conn.get_all_images(image_ids=[image_id])[0]
elif tasks[0].state == 'failed':
# generate error message, need to let user know somehow
logging.warn("bundle task failed! ")
# cleanup metadata
k.delete()
self.conn.delete_tags(instance.id, ['ec_bundling'])
return None
elif tasks[0].state in ['pending', 'bundling', 'storing']:
# add this into image list
fakeimage = Image()
fakeimage.id = _(u'Pending')
fakeimage.fake_id = 'p' + instance.id
fakeimage.location = "%s/%s.manifest.xml" % (bucket, metadata['prefix'])
fakeimage.owner_id = '' # do we need this?
fakeimage.state = tasks[0].state
fakeimage.progress = tasks[0].progress
fakeimage.is_public = False
fakeimage.name = metadata['name']
fakeimage.description = metadata['description']
fakeimage.architecture = metadata['arch']
fakeimage.platform = 'windows' if metadata['platform'] == 'windows' else None
fakeimage.type = 'machine'
fakeimage.root_device_type = 'instance-store'
fakeimage.root_device_name = '/dev/sda'
fakeimage.block_device_mapping = {}
fakeimage.tags = json.loads(metadata['tags'])
return fakeimage