def provisioner_lxc_create(self): cmd = ['lxc-create', '--name', self.name, "--dir", self.rootfs] if self.cf: cmd += ['-f', self.cf] if self.lxcpath: makedirs(self.lxcpath) cmd += self.lxcpath_args if not self.cf: cmd += ["-f", os.path.join(self.lxcpath, self.name, "config")] if self.template: cmd += ['--template', self.template] if self.template_options: cmd += ["--"] + self.template_options env = { "DEBIAN_FRONTEND": "noninteractive", "DEBIAN_PRIORITY": "critical", } for key in ("http_proxy", "https_proxy", "ftp_proxy", "rsync_proxy"): if key in os.environ: env[key] = os.environ[key] key = key.upper() if key in os.environ: env[key] = os.environ[key] if self.mirror: env["MIRROR"] = self.mirror env["SECURITY_MIRROR"] = self.mirror if self.security_mirror: env["SECURITY_MIRROR"] = self.security_mirror self.log.info(" ".join(cmd)) ret = self.lcall(cmd, env=env) if ret != 0: raise ex.Error
def install_dir_key(self, data, path, uid=None, gid=None, mode=None, dirmode=None): """ Install a key decoded data in the host's volatile storage. """ if path.endswith("/"): dirname = os.path.basename(data["path"]) dirpath = os.path.join(path.rstrip("/"), dirname, "") else: dirpath = path + "/" makedirs(dirpath, uid=uid, gid=gid, mode=dirmode) changed = False for key in data["keys"]: changed |= self.install_key(key, dirpath, uid=uid, gid=uid, mode=mode, dirmode=dirmode) return changed
def __init__(self, logfile): logdir = os.path.dirname(logfile) makedirs(logdir) logging.handlers.RotatingFileHandler.__init__(self, logfile, maxBytes=1 * 5242880, backupCount=1)
def install_file_key(self, key, vpath, uid=None, gid=None, mode=None, dirmode=None): """ Install a key decoded data in the host's volatile storage. """ # paranoid checks before rmtree()/unlink() if ".." in vpath: return data = self.decode_key(key) if data is None: raise ex.Error("no data in key %s" % key) if os.path.isdir(vpath): self.log.info("remove %s key %s directory at location %s", self.desc, key, vpath) shutil.rmtree(vpath) vdir = os.path.dirname(vpath) if os.path.isfile(vdir) or os.path.islink(vdir): self.log.info("remove %s key %s file at parent location %s", self.desc, key, vdir) os.unlink(vdir) makedirs(vdir, uid=uid, gid=gid, mode=dirmode) self.write_key(vpath, data, key=key, uid=uid, gid=gid, mode=mode)
def getaddr_cache_set(name, addr): cache_d = os.path.join(Env.paths.pathvar, "cache", "addrinfo") makedirs(cache_d) cache_f = os.path.join(cache_d, name) with open(cache_f, 'w') as f: f.write(addr) return addr
def network_create_bridge_config(self, name="default", nets=None): cf = os.path.join(self.cni_config, name + ".conf") if os.path.exists(cf): return self.log.info("create %s", cf) conf = { "cniVersion": "0.3.0", "name": name, "type": "bridge", "bridge": "obr_" + name, "isGateway": True, "ipMasq": True, "ipam": { "type": "host-local", "routes": [{ "dst": "0.0.0.0/0" }] } } makedirs(self.cni_config) data = self.network_data(name, nets=nets) network = data["config"]["network"] conf["ipam"]["subnet"] = network with open(cf, "w") as ofile: json.dump(conf, ofile, indent=4)
def network_create_routed_bridge_config(self, name="default", nets=None): config = self.network_data(name, nets=nets)["config"] subnet = str(self.node_subnet(name, config=config)) network = config["network"] brip = self.network_bridge_ip(name, config=config).split("/")[0] cf = os.path.join(self.cni_config, name + ".conf") if os.path.exists(cf): return self.log.info("create %s", cf) conf = { "cniVersion": "0.3.0", "name": name, "type": "bridge", "bridge": "obr_" + name, "isGateway": True, "ipMasq": False, "ipam": { "type": "host-local", "subnet": subnet, "routes": [ { "dst": "0.0.0.0/0" }, { "dst": network, "gw": brip }, ] } } makedirs(self.cni_config) with open(cf, "w") as ofile: json.dump(conf, ofile, indent=4)
def install_client_config(self): buff = self.registry_creds_sec.decode_key("config.json") makedirs(os.path.dirname(self.registry_creds_path), uid=0, gid=0, mode=0o600) self.registry_creds_sec.write_key(self.registry_creds_path, buff, uid=0, gid=0, mode=0o600)
def gen_cert(log=None, **data): for k in ("key", "crt"): d = os.path.dirname(data[k]) if not os.path.isdir(d): makedirs(d) data["subject"] = format_subject(**data) data["alt_names"] = format_alt_names(**data) gen_csr(log=log, **data) if data.get("cakey") is None: gen_self_signed_cert(log=log, **data) else: gen_ca_signed_cert(log=log, **data)
def setup_lxc(self): if self.check_lxc(): self.log.info("container is already created") return self.setup_lxc_config() with open( os.path.join(Env.paths.pathlog, "%s.console.log" % self.name), "a+") as f: f.write("") cmd = ['lxc-create', '-n', self.name, '-f', self.config] if self.lxcpath: makedirs(self.lxcpath) cmd += self.lxcpath_args ret, out, err = self.vcall(cmd) if ret != 0: raise ex.Error
def getaddr_cache_get(name): cache_d = os.path.join(Env.paths.pathvar, "cache", "addrinfo") makedirs(cache_d) cache_f = os.path.join(cache_d, name) if not os.path.exists(cache_f): raise Exception("addrinfo cache empty for name %s" % name) cache_mtime = datetime.datetime.fromtimestamp(os.stat(cache_f).st_mtime) limit_mtime = datetime.datetime.now() - datetime.timedelta(minutes=16) if cache_mtime < limit_mtime: raise Exception("addrinfo cache expired for name %s (%s)" % (name, cache_mtime.strftime("%Y-%m-%d %H:%M:%S"))) with open(cache_f, 'r') as f: addr = f.read() if addr.count(".") != 3 and ":" not in addr: raise Exception("addrinfo cache corrupted for name %s: %s" % (name, addr)) return addr
def network_create_weave_config(self, name="default", nets=None): cf = os.path.join(self.cni_config, name + ".conf") if os.path.exists(cf): return self.log.info("create %s", cf) data = self.network_data(name, nets=nets) network = data["config"]["network"] conf = { "cniVersion": "0.3.0", "name": name, "type": "weave-net", "ipam": { "subnet": network, }, } makedirs(self.cni_config) with open(cf, "w") as ofile: json.dump(conf, ofile, indent=4)
def network_create_loopback_config(self, name="lo", nets=None): cf = os.path.join(self.cni_config, name + ".conf") if os.path.exists(cf): return self.log.info("create %s", cf) conf = { "cniVersion": "0.3.0", "name": name, "type": "loopback", } makedirs(self.cni_config) data = self.network_data(name, nets=nets) try: network = data["config"]["network"] conf["ipam"]["subnet"] = network except KeyError: pass with open(cf, "w") as ofile: json.dump(conf, ofile, indent=4)
def lxc(self, action): self.find_cf() outf = None if action == 'start': outf = '/var/tmp/svc_' + self.name + '_lxc_' + action + '.log' if self.capable("cgroup_dir"): cmd = [ "lxc-start", "-d", "-n", self.name, "-o", outf, "-s", "lxc.cgroup.dir=" + self.cgroup_dir ] else: cmd = ["lxc-start", "-d", "-n", self.name, "-o", outf] if self.cf: cmd += ['-f', self.cf] if self.lxcpath: makedirs(self.lxcpath) cmd += self.lxcpath_args elif action == 'stop': cmd = ['lxc-stop', '-n', self.name] cmd += self.lxcpath_args elif action == 'kill': cmd = ['lxc-stop', '--kill', '--name', self.name] cmd += self.lxcpath_args else: raise ex.Error("unsupported lxc action: %s" % action) def prex(): os.umask(0o022) begin = datetime.now() ret, _, _ = self.vcall(cmd, preexec_fn=prex) duration = datetime.now() - begin loginfo = '%s done in %s - ret %i' % (action, duration, ret) if outf is not None: loginfo += ' - logs in %s' % outf self.log.info(loginfo) if ret != 0: raise ex.Error
def find_cf(self): if self.cf is not None: self.cf, vol = self.replace_volname(self.cf, strict=False) return if self.lxcpath: d_lxc = self.lxcpath self.cf = os.path.join(d_lxc, self.name, 'config') return d_lxc = os.path.join('var', 'lib', 'lxc') # seen on debian squeeze : prefix is /usr, but containers' # config files paths are /var/lib/lxc/$name/config # try prefix first, fallback to other know prefixes prefixes = [ os.path.join(os.sep), os.path.join(os.sep, 'usr'), os.path.join(os.sep, 'usr', 'local') ] for prefix in [self.prefix ] + [p for p in prefixes if p != self.prefix]: cfg = os.path.join(prefix, d_lxc, self.name, 'config') if os.path.exists(cfg): cfg_d = os.path.dirname(cfg) makedirs(cfg_d) self.cf = cfg return # on Oracle Linux, config is in /etc/lxc cfg = os.path.join(os.sep, 'etc', 'lxc', self.name, 'config') if os.path.exists(cfg): self.cf = cfg return self.cf = None raise ex.Error("unable to find the container configuration file")
def start(self): if not self.has_it(): self.log.info("create flag %s", self.flag_f) makedirs(self.flag_d, mode=0o700) self.touch(self.flag_f) self.can_rollback = True
def install_flag(self): makedirs(os.path.dirname(self.flag_path)) with open(self.flag_path, "w"): pass
def cache_fpath(sig): cache_d = get_cache_d() makedirs(cache_d) sig = sig.replace("/", "(slash)") fpath = os.path.join(cache_d, sig) return fpath