def test_verify_and_store_serverssh_pubkey(self): self.mockwaitfor_console.side_effect = lambda *args: defer.succeed( 'NONMATCHING FINGERPRINT_FROM_CONSOLE') self.mockwaitfor_keyscan.side_effect = lambda *args: defer.succeed( ('NONMATCHING FINGERPRINT_FROM_KEYSCAN', 'HASHED_PUBKEY') ) mismatchfailure = Failure(PublicKeyMismatch) argtuple = ('ec2accesskeyid', 'ec2secretkey', 'endpoint_uri', 'pub_ipaddress', .1, 600, sys.stdout, sys.stderr, 'instance_id') d = self.failUnlessFailure(verify_and_store_serverssh_pubkey(*argtuple), mismatchfailure.value) return d
def _got_addresses(addresses): assert len(addresses) == 1, addresses (publichost, privatehost) = addresses[0] print >>stdout, "The server's public address is %r." % (publichost,) d3 = verify_and_store_serverssh_pubkey(ec2accesskeyid, ec2secretkey, EC2_ENDPOINT, publichost, VERIFY_POLL_TIME, VERIFY_TOTAL_WAIT, stdout, stderr, instance.instance_id) def _got_sshfp(ignored): retries = LISTEN_RETRIES while True: try: install_server(publichost, admin_privkey_path, monitor_pubkey, monitor_privkey_path, stdout, stderr) break except NotListeningError: retries -= 1 if retries <= 0: print >>stdout, "Timed out waiting for EC2 instance to listen for ssh connections." raise TimeoutError() print >>stdout, "Waiting another %d seconds..." % (LISTEN_POLL_TIME) time.sleep(LISTEN_POLL_TIME) continue furl = bounce_server(publichost, admin_privkey_path, privatehost, useraccesskeyid, usersecretkey, usertoken, producttoken, bucketname, oldsecrets, stdout, stderr, secretsfile) # Disabled for now. #initialize_statmover_source(publichost, monitor_privkey_path, admin_privkey_path, # sinkname_suffix, [instance.instance_id, 'SSEC2s']) # XXX We probably need to rethink this: append_record(FilePath(serverinfopath), instance.launch_time, instance.instance_id, publichost) print >>stderr, "Signup done." d4 = defer.succeed(None) if not oldsecrets: d4.addCallback(lambda ign: send_signup_confirmation(publichost, customer_name, customer_email, furl, customer_keyinfo, stdout, stderr) ) return d4 d3.addCallback(_got_sshfp) return d3
# Configuration which may be specific to the infrastructure server EC2_ENDPOINT = "https://ec2.us-east-1.amazonaws.com/" # delay between starting an instance and setting its tags POLLING_INTERVAL = 5 WAIT_TIME = 15 def eb(f): print >> sys.stderr, "Error returned from verify_and_store_serverssh_pubkey invocation!" print >> sys.stderr, f d = verify_and_store_serverssh_pubkey( ec2accesskeyid, ec2secretkey, EC2_ENDPOINT, AddressParser(), POLLING_INTERVAL, WAIT_TIME, sys.stdout, sys.stderr, instance_id, ) d.addErrback(eb) d.addCallbacks(lambda ign: os._exit(0), lambda ign: os._exit(1)) from twisted.internet import reactor reactor.run()
ec2secretpath = '../secret_config/ec2secret' # Configuration which is necessarily shared with other Least Authority EC2s (like SSEC2s) ec2accesskeyid = str(config.other['ec2_access_key_id']) ec2secretkey = FilePath(ec2secretpath).getContent().strip() # Configuration which may be specific to the infrastructure server EC2_ENDPOINT = 'https://ec2.us-east-1.amazonaws.com/' # delay between starting an instance and setting its tags POLLING_INTERVAL = 5 WAIT_TIME = 15 def eb(f): print >> sys.stderr, "Error returned from verify_and_store_serverssh_pubkey invocation!" print >> sys.stderr, f d = verify_and_store_serverssh_pubkey(ec2accesskeyid, ec2secretkey, EC2_ENDPOINT, AddressParser(), POLLING_INTERVAL, WAIT_TIME, sys.stdout, sys.stderr, instance_id) d.addErrback(eb) d.addCallbacks(lambda ign: os._exit(0), lambda ign: os._exit(1)) from twisted.internet import reactor reactor.run()