def test_verify_and_store_serverssh_pubkey(self):
self.mockwaitfor_console.side_effect = lambda *args: defer.succeed(
'NONMATCHING FINGERPRINT_FROM_CONSOLE')
self.mockwaitfor_keyscan.side_effect = lambda *args: defer.succeed(
('NONMATCHING FINGERPRINT_FROM_KEYSCAN', 'HASHED_PUBKEY') )
mismatchfailure = Failure(PublicKeyMismatch)
argtuple = ('ec2accesskeyid', 'ec2secretkey', 'endpoint_uri', 'pub_ipaddress', .1, 600,
sys.stdout, sys.stderr, 'instance_id')
d = self.failUnlessFailure(verify_and_store_serverssh_pubkey(*argtuple),
mismatchfailure.value)
return d
def _got_addresses(addresses):
assert len(addresses) == 1, addresses
(publichost, privatehost) = addresses[0]
print >>stdout, "The server's public address is %r." % (publichost,)
d3 = verify_and_store_serverssh_pubkey(ec2accesskeyid, ec2secretkey, EC2_ENDPOINT,
publichost, VERIFY_POLL_TIME, VERIFY_TOTAL_WAIT,
stdout, stderr, instance.instance_id)
def _got_sshfp(ignored):
retries = LISTEN_RETRIES
while True:
try:
install_server(publichost, admin_privkey_path, monitor_pubkey,
monitor_privkey_path, stdout, stderr)
break
except NotListeningError:
retries -= 1
if retries <= 0:
print >>stdout, "Timed out waiting for EC2 instance to listen for ssh connections."
raise TimeoutError()
print >>stdout, "Waiting another %d seconds..." % (LISTEN_POLL_TIME)
time.sleep(LISTEN_POLL_TIME)
continue
furl = bounce_server(publichost, admin_privkey_path, privatehost, useraccesskeyid,
usersecretkey, usertoken, producttoken, bucketname, oldsecrets,
stdout, stderr, secretsfile)
# Disabled for now.
#initialize_statmover_source(publichost, monitor_privkey_path, admin_privkey_path,
# sinkname_suffix, [instance.instance_id, 'SSEC2s'])
# XXX We probably need to rethink this:
append_record(FilePath(serverinfopath), instance.launch_time, instance.instance_id,
publichost)
print >>stderr, "Signup done."
d4 = defer.succeed(None)
if not oldsecrets:
d4.addCallback(lambda ign: send_signup_confirmation(publichost, customer_name,
customer_email, furl,
customer_keyinfo,
stdout, stderr) )
return d4
d3.addCallback(_got_sshfp)
return d3
# Configuration which may be specific to the infrastructure server
EC2_ENDPOINT = "https://ec2.us-east-1.amazonaws.com/"
# delay between starting an instance and setting its tags
POLLING_INTERVAL = 5
WAIT_TIME = 15
def eb(f):
print >> sys.stderr, "Error returned from verify_and_store_serverssh_pubkey invocation!"
print >> sys.stderr, f
d = verify_and_store_serverssh_pubkey(
ec2accesskeyid,
ec2secretkey,
EC2_ENDPOINT,
AddressParser(),
POLLING_INTERVAL,
WAIT_TIME,
sys.stdout,
sys.stderr,
instance_id,
)
d.addErrback(eb)
d.addCallbacks(lambda ign: os._exit(0), lambda ign: os._exit(1))
from twisted.internet import reactor
reactor.run()
ec2secretpath = '../secret_config/ec2secret'
# Configuration which is necessarily shared with other Least Authority EC2s (like SSEC2s)
ec2accesskeyid = str(config.other['ec2_access_key_id'])
ec2secretkey = FilePath(ec2secretpath).getContent().strip()
# Configuration which may be specific to the infrastructure server
EC2_ENDPOINT = 'https://ec2.us-east-1.amazonaws.com/'
# delay between starting an instance and setting its tags
POLLING_INTERVAL = 5
WAIT_TIME = 15
def eb(f):
print >> sys.stderr, "Error returned from verify_and_store_serverssh_pubkey invocation!"
print >> sys.stderr, f
d = verify_and_store_serverssh_pubkey(ec2accesskeyid,
ec2secretkey, EC2_ENDPOINT,
AddressParser(), POLLING_INTERVAL,
WAIT_TIME, sys.stdout, sys.stderr,
instance_id)
d.addErrback(eb)
d.addCallbacks(lambda ign: os._exit(0), lambda ign: os._exit(1))
from twisted.internet import reactor
reactor.run()
