示例#1
0
 def _create_session(self):
     if not winrm:
         raise CommandExecutionError(
             command='winrm',
             error='winrm not installed'
         )
     winrm_url = '{0}://{1}:{2}/{3}'.format(
         self.session_config['protocol'],
         self.session_config['host'],
         self.session_config['port'],
         self.session_config['uri'])
     if is_kerberos_env():
         # The change is simply setting the transport to kerberos
         # and setting the kerberos_hostname_override parameter
         # to the destination hostname.
         return winrm.Session(
             target=winrm_url,
             auth=(self.session_config['user'], None),
             transport='kerberos',
             kerberos_hostname_override=self.session_config['host'])
     else:
         return winrm.Session(
             target=winrm_url,
             auth=(self.session_config['user'],
                   self.session_config['password']),
             transport=self.session_config['transport'])
 def _create_session(self):
     if not winrm:
         raise CommandExecutionError(
             command='winrm',
             error='winrm not installed'
         )
     winrm_url = '{0}://{1}:{2}/{3}'.format(
         self.session_config['protocol'],
         self.session_config['host'],
         self.session_config['port'],
         self.session_config['uri'])
     if is_kerberos_env():
         # The change is simply setting the transport to kerberos
         # and setting the kerberos_hostname_override parameter
         # to the destination hostname.
         return winrm.Session(
             target=winrm_url,
             auth=(self.session_config['user'], None),
             transport='kerberos',
             kerberos_hostname_override=self.session_config['host'])
     else:
         return winrm.Session(
             target=winrm_url,
             auth=(self.session_config['user'],
                   self.session_config['password']),
             transport=self.session_config['transport'])
示例#3
0
 def _validate_ssh_config(self):
     if not self.host:
         raise exceptions.AgentInstallerConfigurationError('Missing host')
     if not self.user:
         raise exceptions.AgentInstallerConfigurationError('Missing user')
     if not is_kerberos_env() and not self.password and not self.key:
         raise exceptions.AgentInstallerConfigurationError(
             'Must specify either key or password')
 def _validate_ssh_config(self):
     if not self.host:
         raise exceptions.AgentInstallerConfigurationError('Missing host')
     if not self.user:
         raise exceptions.AgentInstallerConfigurationError('Missing user')
     if not is_kerberos_env() and not self.password and not self.key:
         raise exceptions.AgentInstallerConfigurationError(
             'Must specify either key or password')
示例#5
0
def validate(session_config):
    def _validate(prop):
        value = session_config.get(prop)
        if not value:
            raise ValueError('Invalid {0}: {1}'.format(prop, value))

    _validate('host')
    _validate('user')
    if not is_kerberos_env():
        # no need to supply password in Kerberos env
        _validate('password')
示例#6
0
def get_rest_client(client_profile=None,
                    rest_host=None,
                    rest_port=None,
                    rest_protocol=None,
                    rest_cert=None,
                    username=None,
                    password=None,
                    tenant_name=None,
                    trust_all=False,
                    cluster=None,
                    kerberos_env=None):
    if client_profile is None:
        client_profile = profile
    rest_host = rest_host or client_profile.manager_ip
    rest_port = rest_port or client_profile.rest_port
    rest_protocol = rest_protocol or client_profile.rest_protocol
    rest_cert = rest_cert or get_ssl_cert(client_profile)
    username = username or get_username(client_profile)
    password = password or get_password(client_profile)
    tenant_name = tenant_name or get_tenant_name(client_profile)
    trust_all = trust_all or get_ssl_trust_all()
    headers = get_auth_header(username, password)
    headers[constants.CLOUDIFY_TENANT_HEADER] = tenant_name
    cluster = client_profile.cluster if cluster is None else cluster
    kerberos_env = kerberos_env \
        if kerberos_env is not None else client_profile.kerberos_env

    if kerberos_env is False \
            or (kerberos_env is None and not is_kerberos_env()):
        if not username:
            raise CloudifyCliError('Command failed: Missing Username')
        if not password:
            raise CloudifyCliError('Command failed: Missing password')

    if cluster:
        client = CloudifyClusterClient(host=rest_host,
                                       port=rest_port,
                                       protocol=rest_protocol,
                                       headers=headers,
                                       cert=rest_cert,
                                       trust_all=trust_all,
                                       profile=client_profile,
                                       kerberos_env=kerberos_env)
    else:
        client = CloudifyClient(host=rest_host,
                                port=rest_port,
                                protocol=rest_protocol,
                                headers=headers,
                                cert=rest_cert,
                                trust_all=trust_all,
                                kerberos_env=kerberos_env)
    return client
示例#7
0
def get_rest_client(client_profile=None,
                    rest_host=None,
                    rest_port=None,
                    rest_protocol=None,
                    rest_cert=None,
                    username=None,
                    password=None,
                    tenant_name=None,
                    trust_all=False,
                    cluster=None,
                    kerberos_env=None):
    if client_profile is None:
        client_profile = profile
    rest_host = rest_host or client_profile.manager_ip
    rest_port = rest_port or client_profile.rest_port
    rest_protocol = rest_protocol or client_profile.rest_protocol
    rest_cert = rest_cert or get_ssl_cert(client_profile)
    username = username or get_username(client_profile)
    password = password or get_password(client_profile)
    tenant_name = tenant_name or get_tenant_name(client_profile)
    trust_all = trust_all or get_ssl_trust_all()
    headers = get_auth_header(username, password)
    headers[constants.CLOUDIFY_TENANT_HEADER] = tenant_name
    cluster = cluster or is_cluster(client_profile)
    kerberos_env = kerberos_env \
        if kerberos_env is not None else client_profile.kerberos_env

    if kerberos_env is False \
            or (kerberos_env is None and not is_kerberos_env()):
        if not username:
            raise CloudifyCliError('Command failed: Missing Username')
        if not password:
            raise CloudifyCliError('Command failed: Missing password')

    if cluster:
        client = CloudifyClusterClient(host=rest_host,
                                       port=rest_port,
                                       protocol=rest_protocol,
                                       headers=headers,
                                       cert=rest_cert,
                                       trust_all=trust_all,
                                       profile=client_profile,
                                       kerberos_env=kerberos_env)
    else:
        client = CloudifyClient(host=rest_host,
                                port=rest_port,
                                protocol=rest_protocol,
                                headers=headers,
                                cert=rest_cert,
                                trust_all=trust_all,
                                kerberos_env=kerberos_env)
    return client
def validate(session_config):

    def _validate(prop):
        value = session_config.get(prop)
        if not value:
            raise ValueError('Invalid {0}: {1}'
                             .format(prop, value))

    _validate('host')
    _validate('user')
    if not is_kerberos_env():
        # no need to supply password in Kerberos env
        _validate('password')
    def _set_env(self):
        env = {'host_string': self.host, 'port': self.port, 'user': self.user}
        if self.key:
            if self.key.startswith(RSA_PRIVATE_KEY_PREFIX):
                env['key'] = self.key
            else:
                env['key_filename'] = self.key
        if self.password:
            env['password'] = self.password
        if is_kerberos_env():
            # For GSSAPI, the fabric env just needs to have
            # gss_auth and gss_kex set to True
            env['gss_auth'] = True
            env['gss_kex'] = True

        env.update(COMMON_ENV)
        return env
    def _set_env(self):
        env = {
            'host_string': self.host,
            'port': self.port,
            'user': self.user
        }
        if self.key:
            if self.key.startswith(RSA_PRIVATE_KEY_PREFIX):
                env['key'] = self.key
            else:
                env['key_filename'] = self.key
        if self.password:
            env['password'] = self.password
        if is_kerberos_env():
            # For GSSAPI, the fabric env just needs to have
            # gss_auth and gss_kex set to True
            env['gss_auth'] = True
            env['gss_kex'] = True

        env.update(COMMON_ENV)
        return env
示例#11
0
    def _set_env(self):
        env = {
            'host': self.host,
            'port': self.port,
            'user': self.user,
            'connect_kwargs': {}
        }
        if self.key:
            if self.key.startswith(PRIVATE_KEY_PREFIX):
                env['connect_kwargs']['pkey'] = \
                    self._load_private_key(self.key)
            else:
                env['connect_kwargs']['key_filename'] = self.key
        if self.password:
            env['connect_kwargs']['password'] = self.password
        if is_kerberos_env():
            # For GSSAPI, the fabric env just needs to have
            # gss_auth and gss_kex set to True
            env['gss_auth'] = True
            env['gss_kex'] = True

        env.update(COMMON_ENV)
        return env
示例#12
0
def get_rest_client(client_profile=None,
                    rest_host=None,
                    rest_port=None,
                    rest_protocol=None,
                    rest_cert=None,
                    username=None,
                    password=None,
                    tenant_name=None,
                    trust_all=False,
                    skip_version_check=False,
                    cluster=None):
    if client_profile is None:
        client_profile = profile
    rest_host = rest_host or client_profile.manager_ip
    rest_port = rest_port or client_profile.rest_port
    rest_protocol = rest_protocol or client_profile.rest_protocol
    rest_cert = rest_cert or get_ssl_cert(client_profile)
    username = username or get_username(client_profile)
    password = password or get_password(client_profile)
    tenant_name = tenant_name or get_tenant_name(client_profile)
    trust_all = trust_all or get_ssl_trust_all()
    headers = get_auth_header(username, password)
    headers[constants.CLOUDIFY_TENANT_HEADER] = tenant_name
    cluster = cluster or client_profile.cluster

    if not is_kerberos_env():
        if not username:
            raise CloudifyCliError('Command failed: Missing Username')
        if not password:
            raise CloudifyCliError('Command failed: Missing password')

    if cluster:
        client = CloudifyClusterClient(
            host=rest_host,
            port=rest_port,
            protocol=rest_protocol,
            headers=headers,
            cert=rest_cert,
            trust_all=trust_all,
            profile=client_profile)

    else:
        client = CloudifyClient(
            host=rest_host,
            port=rest_port,
            protocol=rest_protocol,
            headers=headers,
            cert=rest_cert,
            trust_all=trust_all)

    # TODO: Put back version check after we've solved the problem where
    # a new CLI is used with an older manager on `cfy upgrade`.
    if skip_version_check or True:
        return client

    cli_version, manager_version = get_cli_manager_versions(client)

    if cli_version == manager_version:
        return client
    elif not manager_version:
        return client
    else:
        raise CloudifyCliError(
            'CLI and manager versions do not match\n'
            'CLI Version: {0}\n'
            'Manager Version: {1}'.format(cli_version, manager_version))