def create_x509_cert(cert_dir, x509_req):
# Load the CA cert
ca_cert = crypto.load_certificate(crypto.FILETYPE_PEM,
file_get_contents(os.path.join(cert_dir, "ca_cert.pem")))
# Load private key
key = crypto.load_privatekey(crypto.FILETYPE_PEM,
file_get_contents(os.path.join(cert_dir, "ca_key.pem")))
# Create new certificate
newcert = crypto.X509()
# Generate serial number
serial = random.randint(1, 2048)
newcert.set_serial_number(serial)
# Valid for one year starting from now
newcert.gmtime_adj_notAfter(60 * 60 * 24 * 365)
newcert.gmtime_adj_notBefore(0)
# Issuer, subject and public key
newcert.set_issuer(ca_cert.get_subject())
newcert.set_subject(x509_req.get_subject())
newcert.set_pubkey(x509_req.get_pubkey())
# Sign
newcert.sign(key, "md5")
return crypto.dump_certificate(crypto.FILETYPE_PEM, newcert)
def get_cert_cname(cert_dir):
"""Return the CNAME value of director's certificate"""
cert = crypto.load_certificate(crypto.FILETYPE_PEM,
file_get_contents(os.path.join(cert_dir, "cert.pem")))
subject = cert.get_subject()
return [ el[1] for el in subject.get_components() if el[0] == 'CN' ][0]
def get_cert_cname(cert_dir):
"""Return the CNAME value of director's certificate"""
cert = crypto.load_certificate(
crypto.FILETYPE_PEM,
file_get_contents(os.path.join(cert_dir, "cert.pem")))
subject = cert.get_subject()
return [el[1] for el in subject.get_components() if el[0] == 'CN'][0]
def create_x509_cert(cert_dir, x509_req):
# Load the CA cert
ca_cert = crypto.load_certificate(crypto.FILETYPE_PEM,
file_get_contents(os.path.join(cert_dir, "ca_cert.pem")))
# Load private key
key = crypto.load_privatekey(crypto.FILETYPE_PEM,
file_get_contents(os.path.join(cert_dir, "ca_key.pem")))
# Generate serial number
serial = random.randint(1, 2048)
# Valid for one year starting from now
not_before = 0
not_after = 60 * 60 * 24 * 365
newcert = x509.create_cert(x509_req,
ca_cert, key, serial, not_before, not_after)
return crypto.dump_certificate(crypto.FILETYPE_PEM, newcert)
def get_log(self, kwargs):
"""Return the contents of a logfile"""
exp_params = [("filename", is_string, self.LOG_FILE)]
try:
filename = check_arguments(exp_params, kwargs)
except Exception as ex:
return HttpErrorResponse("%s" % ex)
try:
return HttpJsonResponse({"log": file_get_contents(filename)})
except:
return HttpErrorResponse("Failed to read log file: '%s'" % filename)
def get_manager_log(self, kwargs):
"""Return logfile"""
try:
exp_params = []
check_arguments(exp_params, kwargs)
except Exception as ex:
return HttpErrorResponse("%s" % ex)
try:
return HttpJsonResponse({'log': file_get_contents(self.logfile)})
except:
return HttpErrorResponse('Failed to read log')
def create_x509_cert(cert_dir, x509_req):
# Load the CA cert
ca_cert = crypto.load_certificate(
crypto.FILETYPE_PEM,
file_get_contents(os.path.join(cert_dir, "ca_cert.pem")))
# Load private key
key = crypto.load_privatekey(
crypto.FILETYPE_PEM,
file_get_contents(os.path.join(cert_dir, "ca_key.pem")))
# Generate serial number
serial = random.randint(1, 2048)
# Valid for one year starting from now
not_before = 0
not_after = 60 * 60 * 24 * 365
newcert = x509.create_cert(x509_req, ca_cert, key, serial, not_before,
not_after)
return crypto.dump_certificate(crypto.FILETYPE_PEM, newcert)
def updateTomcatCode(host, port, codeVersionId, filetype, filepath):
params = {
'method': 'updateTomcatCode',
'codeVersionId': codeVersionId,
'filetype': filetype
}
if filetype != 'git':
# File-based code uploads
files = [('file', filepath, file_get_contents(filepath))]
return _check(https.client.https_post(host, port, '/', params=params, files=files))
else:
# For git-based code uploads, filepath contains the git revision
params['revision'] = filepath
return _check(https.client.https_post(host, port, '/', params=params))
def get_startup_script(self, kwargs):
"""Return contents of the currently defined startup script, if any"""
exp_params = [('sid', is_in_list(self.httpsserver.instances.keys()))]
try:
service_id = check_arguments(exp_params, kwargs)
except Exception as ex:
return HttpErrorResponse("%s" % ex)
basedir = self.config_parser.get('manager', 'CONPAAS_HOME')
fullpath = os.path.join(basedir, str(service_id), 'startup.sh')
try:
return HttpJsonResponse(file_get_contents(fullpath))
except IOError:
return HttpErrorResponse('No startup script')
def updateTomcatCode(host, port, codeVersionId, filetype, filepath):
params = {
'method': 'updateTomcatCode',
'codeVersionId': codeVersionId,
'filetype': filetype
}
if filetype != 'git':
# File-based code uploads
files = [('file', filepath, file_get_contents(filepath))]
return _check(https.client.https_post(host, port, '/', params, files=files))
# git-based code uploads do not need a FileUploadField.
# Pass filepath as a dummy value for the 'file' parameter.
params['file'] = filepath
return _check(https.client.https_post(host, port, '/', params))
def updateTomcatCode(host, port, codeVersionId, filetype, filepath):
params = {
'method': 'updateTomcatCode',
'codeVersionId': codeVersionId,
'filetype': filetype
}
if filetype != 'git':
# File-based code uploads
files = [('file', filepath, file_get_contents(filepath))]
return _check(
https.client.https_post(host, port, '/', params, files=files))
# git-based code uploads do not need a FileUploadField.
# Pass filepath as a dummy value for the 'file' parameter.
params['file'] = filepath
return _check(https.client.https_post(host, port, '/', params))
def generate_certificate(cert_dir, uid, sid, role, email, cn, org):
"""Generates a new x509 certificate for a manager from scratch.
Creates a key, a request and then the certificate."""
# Get CA cert
ca_cert = file_get_contents(os.path.join(cert_dir, "ca_cert.pem"))
# Generate keypair
req_key = gen_rsa_keypair()
# Generate certificate request
x509_req = create_x509_req(req_key, uid, sid, org, email, cn, role)
# Sign the request
certificate = create_x509_cert(cert_dir, x509_req)
return { 'ca_cert': ca_cert,
'key': crypto.dump_privatekey(crypto.FILETYPE_PEM, req_key),
'cert': certificate }
def generate_certificate(cert_dir, uid, sid, role, email, cn, org, ca_cert=None):
"""Generates a new x509 certificate for a manager from scratch.
Creates a key, a request and then the certificate."""
# Get CA cert
if ca_cert is None:
ca_cert = file_get_contents(os.path.join(cert_dir, "ca_cert.pem"))
# Generate keypair
req_key = x509.gen_rsa_keypair()
# Generate certificate request
x509_req = x509.create_x509_req(req_key, userId=uid, serviceLocator=sid,
O=org, emailAddress=email, CN=cn, role=role)
# Sign the request
certificate = create_x509_cert(cert_dir, x509_req)
return { 'ca_cert': ca_cert,
'key': crypto.dump_privatekey(crypto.FILETYPE_PEM, req_key),
'cert': certificate }
def conpaas_init_ssl_ctx(dir, role, uid=None, aid=None):
cert_file = dir + '/cert.pem'
key_file = dir + '/key.pem'
ca_cert_file = dir + '/ca_cert.pem'
if role == 'agent':
verify_callback = _conpaas_callback_agent
elif role == 'manager':
verify_callback = _conpaas_callback_manager
elif role == 'director':
verify_callback = _conpaas_callback_director
elif role == 'user':
verify_callback = _conpaas_callback_user
if uid == None:
# Extract uid from the certificate itself
uid = x509.get_x509_dn_field(file_get_contents(cert_file), 'UID')
global __client_ctx, __uid, __aid
__client_ctx = _init_context(SSL.SSLv23_METHOD, cert_file, key_file,
ca_cert_file, verify_callback)
__uid = uid
__aid = aid
def conpaas_init_ssl_ctx(dir, role, uid=None, sid=None):
cert_file = dir + '/cert.pem'
key_file = dir + '/key.pem'
ca_cert_file = dir + '/ca_cert.pem'
if role == 'agent':
verify_callback = _conpaas_callback_agent
elif role == 'manager':
verify_callback = _conpaas_callback_manager
elif role == 'director':
verify_callback = _conpaas_callback_director
elif role == 'user':
verify_callback = _conpaas_callback_user
if uid == None:
# Extract uid from the certificate itself
uid = x509.get_x509_dn_field(file_get_contents(cert_file), 'UID')
global __client_ctx, __uid, __sid
__client_ctx = _init_context(SSL.SSLv23_METHOD, cert_file, key_file,
ca_cert_file, verify_callback)
__uid = uid
__sid = sid
def generate_certificate(cert_dir,
uid,
sid,
role,
email,
cn,
org,
ca_cert=None):
"""Generates a new x509 certificate for a manager from scratch.
Creates a key, a request and then the certificate."""
# Get CA cert
if ca_cert is None:
ca_cert = file_get_contents(os.path.join(cert_dir, "ca_cert.pem"))
# Generate keypair
req_key = x509.gen_rsa_keypair()
# Generate certificate request
x509_req = x509.create_x509_req(req_key,
userId=uid,
serviceLocator=sid,
O=org,
emailAddress=email,
CN=cn,
role=role)
# Sign the request
certificate = create_x509_cert(cert_dir, x509_req)
return {
'ca_cert': ca_cert,
'key': crypto.dump_privatekey(crypto.FILETYPE_PEM, req_key),
'cert': certificate
}
def upload_authorized_key(host, port, filepath):
params = {'method': 'upload_authorized_key'}
files = [('key', filepath, file_get_contents(filepath))]
return _check(https.client.https_post(host, port, '/', params, files=files))
def upload_code_version(host, port, filepath):
params = {'method': 'upload_code_version'}
files = [('code', filepath, file_get_contents(filepath))]
return _check(https.client.https_post(host, port, '/', params, files=files))
def _get_context_file(self, service_name, cloud):
"""Override default _get_context_file. Here we generate the context
file for managers rather than for agents."""
conpaas_home = self.config_parser.get('conpaas', 'CONF_DIR')
cloud_scripts_dir = os.path.join(conpaas_home, 'scripts', 'cloud')
mngr_scripts_dir = os.path.join(conpaas_home, 'scripts', 'manager')
mngr_cfg_dir = os.path.join(conpaas_home, 'config', 'manager')
director = self.config_parser.get('director', 'DIRECTOR_URL')
# Values to be passed to the context file template
tmpl_values = {}
# Get contextualization script for the cloud
try:
tmpl_values['cloud_script'] = file_get_contents(
os.path.join(cloud_scripts_dir, cloud))
except IOError:
tmpl_values['cloud_script'] = ''
# Get manager setup file
mngr_setup = file_get_contents(
os.path.join(mngr_scripts_dir, 'manager-setup'))
tmpl_values['mngr_setup'] = mngr_setup.replace('%DIRECTOR_URL%',
director)
# Get cloud config values from director.cfg
cloud_sections = ['iaas']
if self.config_parser.has_option('iaas', 'OTHER_CLOUDS'):
cloud_sections.extend(
[cloud_name for cloud_name
in self.config_parser.get('iaas', 'OTHER_CLOUDS').split(',')
if self.config_parser.has_section(cloud_name)])
def __extract_cloud_cfg(section_name):
tmpl_values['cloud_cfg'] += "["+section_name+"]\n"
for key, value in self.config_parser.items(section_name):
tmpl_values['cloud_cfg'] += key.upper() + " = " + value + "\n"
tmpl_values['cloud_cfg'] = ''
for section_name in cloud_sections:
__extract_cloud_cfg(section_name)
# Get manager config file
mngr_cfg = file_get_contents(
os.path.join(mngr_cfg_dir, 'default-manager.cfg'))
# Add service-specific config file (if any)
mngr_service_cfg = os.path.join(mngr_cfg_dir,
service_name + '-manager.cfg')
if os.path.isfile(mngr_service_cfg):
mngr_cfg += file_get_contents(mngr_service_cfg)
# Modify manager config file setting the required variables
mngr_cfg = mngr_cfg.replace('%DIRECTOR_URL%', director)
mngr_cfg = mngr_cfg.replace('%CONPAAS_SERVICE_TYPE%', service_name)
mngr_cfg = mngr_cfg.replace('%CLOUD_NAME%', self.cloud_name);
# mngr_cfg = mngr_cfg.replace('%CLOUD_TYPE%', cloud_type);
cloud = self.get_cloud_by_name(self.cloud_name)
# OpenNebula, EC2. etc
mngr_cfg = mngr_cfg.replace('%CLOUD_TYPE%',
self.config_parser.get(self.cloud_name, 'DRIVER'))
if self.config_parser.has_option(self.cloud_name, 'INST_TYPE'):
mngr_cfg = mngr_cfg.replace('%CLOUD_MACHINE_TYPE%',
self.config_parser.get(self.cloud_name, 'INST_TYPE'))
if self.config_parser.has_option(self.cloud_name, 'COST_PER_TIME'):
mngr_cfg = mngr_cfg.replace('%CLOUD_COST_PER_TIME%',
self.config_parser.get(self.cloud_name, 'COST_PER_TIME'))
if self.config_parser.has_option(self.cloud_name, 'MAX_VMS'):
mngr_cfg = mngr_cfg.replace('%CLOUD_MAX_VMS%',
self.config_parser.get(self.cloud_name, 'MAX_VMS'))
if self.config_parser.has_option('iaas', 'MAX_VMS_ALL_CLOUDS'):
mngr_cfg = mngr_cfg.replace('%CLOUD_MAX_VMS_ALL_CLOUDS%',
self.config_parser.get('iaas', 'MAX_VMS_ALL_CLOUDS'))
# mngr_cfg = mngr_cfg.replace('%CLOUD_COST_PER_TIME%', cloud_cost_per_time);
for option_name in 'SERVICE_ID', 'USER_ID', 'APP_ID':
mngr_cfg = mngr_cfg.replace('%CONPAAS_' + option_name + '%',
self.config_parser.get("manager",
option_name))
# Check if we want to use IPOP. If so, add IPOP directives to manager
# config file
if self.config_parser.has_option('manager', 'IPOP_SUBNET'):
ipop_subnet = self.config_parser.get('manager', 'IPOP_SUBNET')
mngr_cfg += '\nIPOP_SUBNET = %s' % ipop_subnet
ipop_network = IPNetwork(ipop_subnet).iter_hosts()
# Skip the first IP address. IPOP uses it for internal purposes
ipop_network.next()
mngr_cfg += '\nIPOP_IP_ADDRESS = %s' % ipop_network.next()
mngr_cfg += '\nIPOP_BASE_IP = %s' % self.config_parser.get(
'conpaas', 'VPN_BASE_NETWORK')
mngr_cfg += '\nIPOP_NETMASK = %s' % self.config_parser.get(
'conpaas', 'VPN_NETMASK')
if self.config_parser.has_option('conpaas', 'VPN_BOOTSTRAP_NODES'):
mngr_cfg += '\nIPOP_BOOTSTRAP_NODES = %s' % self.config_parser.get(
'conpaas', 'VPN_BOOTSTRAP_NODES')
tmpl_values['mngr_cfg'] = mngr_cfg
# Add default manager startup script
tmpl_values['mngr_start_script'] = file_get_contents(
os.path.join(mngr_scripts_dir, 'default-manager-start'))
# Or the service-specific one (if any)
mngr_startup_scriptname = os.path.join(
mngr_scripts_dir, service_name + '-manager-start')
if os.path.isfile(mngr_startup_scriptname):
tmpl_values['mngr_start_script'] = file_get_contents(
mngr_startup_scriptname)
# Get key and a certificate from CA
mngr_certs = self._get_certificate(email="*****@*****.**",
cn="ConPaaS",
org="Contrail")
tmpl_values['mngr_certs_cert'] = mngr_certs['cert']
tmpl_values['mngr_certs_key'] = mngr_certs['key']
tmpl_values['mngr_certs_ca_cert'] = mngr_certs['ca_cert']
# Concatenate the files
return """%(cloud_script)s
cat <<EOF > /tmp/cert.pem
%(mngr_certs_cert)s
EOF
cat <<EOF > /tmp/key.pem
%(mngr_certs_key)s
EOF
cat <<EOF > /tmp/ca_cert.pem
%(mngr_certs_ca_cert)s
EOF
%(mngr_setup)s
cat <<EOF > $ROOT_DIR/config.cfg
%(cloud_cfg)s
%(mngr_cfg)s
EOF
%(mngr_start_script)s""" % tmpl_values
def _get_context_file(self, service_name, cloud):
"""Override default _get_context_file. Here we generate the context
file for managers rather than for agents."""
config_parser = self._Controller__config_parser
conpaas_home = config_parser.get('conpaas', 'ROOT_DIR')
cloud_scripts_dir = os.path.join(conpaas_home, 'scripts', 'cloud')
mngr_scripts_dir = os.path.join(conpaas_home, 'scripts', 'manager')
mngr_cfg_dir = os.path.join(conpaas_home, 'config', 'manager')
frontend = config_parser.get('director', 'DIRECTOR_URL')
# Values to be passed to the context file template
tmpl_values = {}
# Get contextualization script for the cloud
tmpl_values['cloud_script'] = file_get_contents(
os.path.join(cloud_scripts_dir, cloud))
# Get manager setup file
mngr_setup = file_get_contents(
os.path.join(mngr_scripts_dir,'manager-setup'))
tmpl_values['mngr_setup'] = mngr_setup.replace('%FRONTEND_URL%',
frontend)
# Get cloud config values from director.cfg
tmpl_values['cloud_cfg'] = "[iaas]\n"
for key, value in config_parser.items("iaas"):
tmpl_values['cloud_cfg'] += key.upper() + " = " + value + "\n"
# Get manager config file
mngr_cfg = file_get_contents(
os.path.join(mngr_cfg_dir, 'default-manager.cfg'))
# Add service-specific config file (if any)
mngr_service_cfg = os.path.join(mngr_cfg_dir,
service_name + '-manager.cfg')
if os.path.isfile(mngr_service_cfg):
mngr_cfg += file_get_contents(mngr_service_cfg)
# Modify manager config file setting the required variables
mngr_cfg = mngr_cfg.replace('%FRONTEND_URL%', frontend)
mngr_cfg = mngr_cfg.replace('%CONPAAS_SERVICE_TYPE%', service_name)
mngr_cfg = mngr_cfg.replace('%CONPAAS_SERVICE_ID%',
config_parser.get("manager", "FE_SERVICE_ID"))
mngr_cfg = mngr_cfg.replace('%CONPAAS_USER_ID%',
config_parser.get("manager", "FE_USER_ID"))
tmpl_values['mngr_cfg'] = mngr_cfg
# Add default manager startup script
tmpl_values['mngr_start_script'] = file_get_contents(
os.path.join(mngr_scripts_dir, 'default-manager-start'))
# Or the service-specific one (if any)
mngr_startup_scriptname = os.path.join(
mngr_scripts_dir, service_name + '-manager-start')
if os.path.isfile(mngr_startup_scriptname):
tmpl_values['mngr_start_script'] = file_get_contents(
mngr_startup_scriptname)
# Get key and a certificate from CA
mngr_certs = self._get_certificate(email="*****@*****.**",
cn="ConPaaS",
org="Contrail")
tmpl_values['mngr_certs_cert'] = mngr_certs['cert']
tmpl_values['mngr_certs_key'] = mngr_certs['key']
tmpl_values['mngr_certs_ca_cert'] = mngr_certs['ca_cert']
# Concatenate the files
return """%(cloud_script)s
cat <<EOF > /tmp/cert.pem
%(mngr_certs_cert)s
EOF
cat <<EOF > /tmp/key.pem
%(mngr_certs_key)s
EOF
cat <<EOF > /tmp/ca_cert.pem
%(mngr_certs_ca_cert)s
EOF
%(mngr_setup)s
cat <<EOF > $ROOT_DIR/config.cfg
%(cloud_cfg)s
%(mngr_cfg)s
EOF
%(mngr_start_script)s""" % tmpl_values
def _generate_context_file(self, cloud, context_replacement={}, startup_script=None):
"""Override default _get_context_file. Here we generate the context
file for managers rather than for agents."""
cloud_type = cloud.get_cloud_type()
conpaas_home = self.config_parser.get('conpaas', 'CONF_DIR')
cloud_scripts_dir = os.path.join(conpaas_home, 'scripts', 'cloud')
mngr_scripts_dir = os.path.join(conpaas_home, 'scripts', 'manager')
director = self.config_parser.get('director', 'DIRECTOR_URL')
# Values to be passed to the context file template
tmpl_values = {}
# Get contextualization script for the cloud
try:
tmpl_values['cloud_script'] = file_get_contents(os.path.join(cloud_scripts_dir, cloud_type))
except IOError:
tmpl_values['cloud_script'] = ''
# Get manager setup file
mngr_setup = file_get_contents(os.path.join(mngr_scripts_dir, 'manager-setup'))
mngr_setup = mngr_setup.replace('%DIRECTOR_URL%',director)
tmpl_values['mngr_setup'] = mngr_setup
tmpl_values['config'] = self.generate_config_file()
# self.config
# Add default manager startup script
tmpl_values['mngr_start_script'] = file_get_contents(os.path.join(mngr_scripts_dir, 'default-manager-start'))
# tmpl_values['mngr_vars_script'] = file_get_contents(os.path.join(mngr_scripts_dir, 'default-manager-vars'))
# Get key and a certificate from CA
mngr_certs = self._get_certificate(role="manager",
email="*****@*****.**",
cn="ConPaaS",
org="Contrail")
tmpl_values['mngr_certs_cert'] = mngr_certs['cert']
tmpl_values['mngr_certs_key'] = mngr_certs['key']
tmpl_values['mngr_certs_ca_cert'] = mngr_certs['ca_cert']
# Concatenate the files
return """%(cloud_script)s
cat <<EOF > /tmp/cert.pem
%(mngr_certs_cert)s
EOF
cat <<EOF > /tmp/key.pem
%(mngr_certs_key)s
EOF
cat <<EOF > /tmp/ca_cert.pem
%(mngr_certs_ca_cert)s
EOF
%(mngr_setup)s
cat <<EOF > $ROOT_DIR/config.cfg
%(config)s
EOF
%(mngr_start_script)s
""" % tmpl_values
def load_dump(host, port, mysqldump_path):
params = {'method': 'load_dump'}
files = [('mysqldump_file', mysqldump_path, file_get_contents(mysqldump_path))]
return _check(https.client.https_post(host, port, '/', params, files=files))
def upload_authorized_key(host, port, filepath):
params = {'method': 'upload_authorized_key'}
files = [('key', filepath, file_get_contents(filepath))]
return _check(https.client.https_post(host, port, '/', params,
files=files))
def upload_code_version(host, port, filepath):
params = {'method': 'upload_code_version'}
files = [('code', filepath, file_get_contents(filepath))]
return _check(https.client.https_post(host, port, '/', params,
files=files))
def generate_config_file(self):
# cloud_name = cloud.get_cloud_name()
conpaas_home = self.config_parser.get('conpaas', 'CONF_DIR')
mngr_cfg_dir = os.path.join(conpaas_home, 'config', 'manager')
if self.config_parser.has_option('conpaas', 'DEPLOYMENT_NAME'):
conpaas_deployment_name = self.config_parser.get('conpaas', 'DEPLOYMENT_NAME')
else:
conpaas_deployment_name = 'conpaas'
# Get manager config file
# TODO (genc): Don't forget about having two default manager files (delete one when done)
# mngr_cfg = file_get_contents(os.path.join(mngr_cfg_dir, 'default-manager.cfg'))
mngr_cfg = file_get_contents(os.path.join(mngr_cfg_dir, 'default-manager-new.cfg'))
# Modify manager config file setting the required variables
mngr_cfg = mngr_cfg.replace('%CONPAAS_DEPLOYMENT_NAME%', conpaas_deployment_name)
# for option_name in 'SERVICE_ID', 'USER_ID', 'APP_ID':
for option_name in 'USER_ID', 'APP_ID':
mngr_cfg = mngr_cfg.replace('%CONPAAS_' + option_name + '%', self.config_parser.get("manager", option_name))
# COMMENT (genc): this part is commented because it is being used only by htc, not useful for the moment
# mngr_cfg = mngr_cfg.replace('%CLOUD_NAME%', cloud_name);
# # OpenNebula, EC2. etc
# mngr_cfg = mngr_cfg.replace('%CLOUD_TYPE%', self.config_parser.get(cloud_name, 'DRIVER'))
# if self.config_parser.has_option(cloud_name, 'INST_TYPE'):
# mngr_cfg = mngr_cfg.replace('%CLOUD_MACHINE_TYPE%', self.config_parser.get(cloud_name, 'INST_TYPE'))
# if self.config_parser.has_option(cloud_name, 'COST_PER_TIME'):
# mngr_cfg = mngr_cfg.replace('%CLOUD_COST_PER_TIME%', self.config_parser.get(cloud_name, 'COST_PER_TIME'))
# if self.config_parser.has_option(cloud_name, 'MAX_VMS'):
# mngr_cfg = mngr_cfg.replace('%CLOUD_MAX_VMS%', self.config_parser.get(cloud_name, 'MAX_VMS'))
# if self.config_parser.has_option('iaas', 'MAX_VMS_ALL_CLOUDS'):
# mngr_cfg = mngr_cfg.replace('%CLOUD_MAX_VMS_ALL_CLOUDS%', self.config_parser.get('iaas', 'MAX_VMS_ALL_CLOUDS'))
# # mngr_cfg = mngr_cfg.replace('%CLOUD_COST_PER_TIME%', cloud_cost_per_time);
# COMMENT (genc): the IPOP part is commented until we have a working IPOP
# # Check if we want to use IPOP. If so, add IPOP directives to manager
# # config file
# if self.config_parser.has_option('manager', 'IPOP_SUBNET'):
# ipop_subnet = self.config_parser.get('manager', 'IPOP_SUBNET')
# mngr_cfg += '\nIPOP_SUBNET = %s' % ipop_subnet
# ipop_network = IPNetwork(ipop_subnet).iter_hosts()
# # Skip the first IP address. IPOP uses it for internal purposes
# ipop_network.next()
# mngr_cfg += '\nIPOP_IP_ADDRESS = %s' % ipop_network.next()
# mngr_cfg += '\nIPOP_BASE_IP = %s' % self.config_parser.get('conpaas', 'VPN_BASE_NETWORK')
# mngr_cfg += '\nIPOP_NETMASK = %s' % self.config_parser.get('conpaas', 'VPN_NETMASK')
# if self.config_parser.has_option('conpaas', 'VPN_BOOTSTRAP_NODES'):
# mngr_cfg += '\nIPOP_BOOTSTRAP_NODES = %s' % self.config_parser.get('conpaas', 'VPN_BOOTSTRAP_NODES')
return mngr_cfg
def _get_context_file(self, service_name, cloud):
"""Override default _get_context_file. Here we generate the context
file for managers rather than for agents."""
conpaas_home = self.config_parser.get('conpaas', 'CONF_DIR')
cloud_scripts_dir = os.path.join(conpaas_home, 'scripts', 'cloud')
mngr_scripts_dir = os.path.join(conpaas_home, 'scripts', 'manager')
mngr_cfg_dir = os.path.join(conpaas_home, 'config', 'manager')
director = self.config_parser.get('director', 'DIRECTOR_URL')
# Values to be passed to the context file template
tmpl_values = {}
# Get contextualization script for the cloud
try:
tmpl_values['cloud_script'] = file_get_contents(
os.path.join(cloud_scripts_dir, cloud))
except IOError:
tmpl_values['cloud_script'] = ''
# Get manager setup file
mngr_setup = file_get_contents(
os.path.join(mngr_scripts_dir, 'manager-setup'))
tmpl_values['mngr_setup'] = mngr_setup.replace('%DIRECTOR_URL%',
director)
# Get cloud config values from director.cfg
cloud_sections = ['iaas']
if self.config_parser.has_option('iaas', 'OTHER_CLOUDS'):
cloud_sections.extend([
cloud_name for cloud_name in self.config_parser.get(
'iaas', 'OTHER_CLOUDS').split(',')
if self.config_parser.has_section(cloud_name)
])
def __extract_cloud_cfg(section_name):
tmpl_values['cloud_cfg'] += "[" + section_name + "]\n"
for key, value in self.config_parser.items(section_name):
tmpl_values['cloud_cfg'] += key.upper() + " = " + value + "\n"
tmpl_values['cloud_cfg'] = ''
for section_name in cloud_sections:
__extract_cloud_cfg(section_name)
# Get manager config file
mngr_cfg = file_get_contents(
os.path.join(mngr_cfg_dir, 'default-manager.cfg'))
# Add service-specific config file (if any)
mngr_service_cfg = os.path.join(mngr_cfg_dir,
service_name + '-manager.cfg')
if os.path.isfile(mngr_service_cfg):
mngr_cfg += file_get_contents(mngr_service_cfg)
# Modify manager config file setting the required variables
mngr_cfg = mngr_cfg.replace('%DIRECTOR_URL%', director)
mngr_cfg = mngr_cfg.replace('%CONPAAS_SERVICE_TYPE%', service_name)
mngr_cfg = mngr_cfg.replace('%CLOUD_NAME%', self.cloud_name)
# mngr_cfg = mngr_cfg.replace('%CLOUD_TYPE%', cloud_type);
cloud = self.get_cloud_by_name(self.cloud_name)
# OpenNebula, EC2. etc
mngr_cfg = mngr_cfg.replace(
'%CLOUD_TYPE%', self.config_parser.get(self.cloud_name, 'DRIVER'))
if self.config_parser.has_option(self.cloud_name, 'INST_TYPE'):
mngr_cfg = mngr_cfg.replace(
'%CLOUD_MACHINE_TYPE%',
self.config_parser.get(self.cloud_name, 'INST_TYPE'))
if self.config_parser.has_option(self.cloud_name, 'COST_PER_TIME'):
mngr_cfg = mngr_cfg.replace(
'%CLOUD_COST_PER_TIME%',
self.config_parser.get(self.cloud_name, 'COST_PER_TIME'))
if self.config_parser.has_option(self.cloud_name, 'MAX_VMS'):
mngr_cfg = mngr_cfg.replace(
'%CLOUD_MAX_VMS%',
self.config_parser.get(self.cloud_name, 'MAX_VMS'))
if self.config_parser.has_option('iaas', 'MAX_VMS_ALL_CLOUDS'):
mngr_cfg = mngr_cfg.replace(
'%CLOUD_MAX_VMS_ALL_CLOUDS%',
self.config_parser.get('iaas', 'MAX_VMS_ALL_CLOUDS'))
# mngr_cfg = mngr_cfg.replace('%CLOUD_COST_PER_TIME%', cloud_cost_per_time);
for option_name in 'SERVICE_ID', 'USER_ID', 'APP_ID':
mngr_cfg = mngr_cfg.replace(
'%CONPAAS_' + option_name + '%',
self.config_parser.get("manager", option_name))
# Check if we want to use IPOP. If so, add IPOP directives to manager
# config file
if self.config_parser.has_option('manager', 'IPOP_SUBNET'):
ipop_subnet = self.config_parser.get('manager', 'IPOP_SUBNET')
mngr_cfg += '\nIPOP_SUBNET = %s' % ipop_subnet
ipop_network = IPNetwork(ipop_subnet).iter_hosts()
# Skip the first IP address. IPOP uses it for internal purposes
ipop_network.next()
mngr_cfg += '\nIPOP_IP_ADDRESS = %s' % ipop_network.next()
mngr_cfg += '\nIPOP_BASE_IP = %s' % self.config_parser.get(
'conpaas', 'VPN_BASE_NETWORK')
mngr_cfg += '\nIPOP_NETMASK = %s' % self.config_parser.get(
'conpaas', 'VPN_NETMASK')
if self.config_parser.has_option('conpaas', 'VPN_BOOTSTRAP_NODES'):
mngr_cfg += '\nIPOP_BOOTSTRAP_NODES = %s' % self.config_parser.get(
'conpaas', 'VPN_BOOTSTRAP_NODES')
tmpl_values['mngr_cfg'] = mngr_cfg
# Add default manager startup script
tmpl_values['mngr_start_script'] = file_get_contents(
os.path.join(mngr_scripts_dir, 'default-manager-start'))
# Or the service-specific one (if any)
mngr_startup_scriptname = os.path.join(mngr_scripts_dir,
service_name + '-manager-start')
if os.path.isfile(mngr_startup_scriptname):
tmpl_values['mngr_start_script'] = file_get_contents(
mngr_startup_scriptname)
# Get key and a certificate from CA
mngr_certs = self._get_certificate(email="*****@*****.**",
cn="ConPaaS",
org="Contrail")
tmpl_values['mngr_certs_cert'] = mngr_certs['cert']
tmpl_values['mngr_certs_key'] = mngr_certs['key']
tmpl_values['mngr_certs_ca_cert'] = mngr_certs['ca_cert']
# Concatenate the files
return """%(cloud_script)s
cat <<EOF > /tmp/cert.pem
%(mngr_certs_cert)s
EOF
cat <<EOF > /tmp/key.pem
%(mngr_certs_key)s
EOF
cat <<EOF > /tmp/ca_cert.pem
%(mngr_certs_ca_cert)s
EOF
%(mngr_setup)s
cat <<EOF > $ROOT_DIR/config.cfg
%(cloud_cfg)s
%(mngr_cfg)s
EOF
%(mngr_start_script)s""" % tmpl_values
def load_dump(host, port, mysqldump_path):
params = {'method': 'load_dump'}
files = [('mysqldump_file', mysqldump_path,
file_get_contents(mysqldump_path))]
return _check(https.client.https_post(host, port, '/', params,
files=files))
