def start(nova_client, start_retry_interval, private_key_path, **kwargs): server = get_server_by_context(nova_client) if is_external_resource_not_conditionally_created(ctx): ctx.logger.info('Validating external server is started') if server.status != SERVER_STATUS_ACTIVE: raise NonRecoverableError( 'Expected external resource server {0} to be in ' '"{1}" status'.format(server.id, SERVER_STATUS_ACTIVE)) return if server.status == SERVER_STATUS_ACTIVE: ctx.logger.info('Server is {0}'.format(server.status)) if ctx.node.properties['use_password']: private_key = _get_private_key(private_key_path) ctx.logger.debug('retrieving password for server') password = server.get_password(private_key) if not password: return ctx.operation.retry( message='Waiting for server to post generated password', retry_after=start_retry_interval) ctx.instance.runtime_properties[ADMIN_PASSWORD_PROPERTY] = password ctx.logger.info('Server has been set with a password') _set_network_and_ip_runtime_properties(server) return server_task_state = getattr(server, OS_EXT_STS_TASK_STATE) if server.status == SERVER_STATUS_SHUTOFF and \ server_task_state != SERVER_TASK_STATE_POWERING_ON: ctx.logger.info('Server is in {0} status - starting server...'.format( SERVER_STATUS_SHUTOFF)) server.start() server_task_state = SERVER_TASK_STATE_POWERING_ON if server.status == SERVER_STATUS_BUILD or \ server_task_state == SERVER_TASK_STATE_POWERING_ON: return ctx.operation.retry( message='Waiting for server to be in {0} state but is in {1}:{2} ' 'state. Retrying...'.format(SERVER_STATUS_ACTIVE, server.status, server_task_state), retry_after=start_retry_interval) raise NonRecoverableError( 'Unexpected server state {0}:{1}'.format(server.status, server_task_state))
def _delete_routes(neutron_client): new_router = _prepare_delete_routes_request(neutron_client) if new_router and new_router.get(ROUTER_OPENSTACK_TYPE): router_id = new_router[ROUTER_OPENSTACK_TYPE].pop('id') else: raise NonRecoverableError( 'Failed while trying to retrieve router instance') subject = ctx.source if ctx.type == RELATIONSHIP_INSTANCE else ctx if not is_external_resource_not_conditionally_created(subject): ctx.logger.info('deleting {0}'.format(ROUTES_OPENSTACK_TYPE)) neutron_client.update_router(router_id, new_router) else: ctx.logger.info('not deleting {0} since an external {0} is ' 'being used'.format(ROUTES_OPENSTACK_TYPE))
def start(neutron_client, **kwargs): network_id = ctx.instance.runtime_properties[OPENSTACK_ID_PROPERTY] if is_external_resource_not_conditionally_created(ctx): ctx.logger.info('Validating external network is started') if not neutron_client.show_network( network_id)['network']['admin_state_up']: raise NonRecoverableError( 'Expected external resource network {0} to be in ' '"admin_state_up"=True'.format(network_id)) return neutron_client.update_network(network_id, {'network': { 'admin_state_up': True }})
def start(neutron_client, **kwargs): network_id = get_openstack_id(ctx) if is_external_resource_not_conditionally_created(ctx): ctx.logger.info('Validating external network is started') if not neutron_client.show_network( network_id)[NETWORK_OPENSTACK_TYPE][ADMIN_STATE_UP]: raise NonRecoverableError( 'Expected external resource network {0} to be in ' '"admin_state_up"=True'.format(network_id)) return neutron_client.update_network( network_id, {NETWORK_OPENSTACK_TYPE: { ADMIN_STATE_UP: True }})
def start(neutron_client, **kwargs): network_id = ctx.instance.runtime_properties[OPENSTACK_ID_PROPERTY] if is_external_resource_not_conditionally_created(ctx): ctx.logger.info('Validating external network is started') if not neutron_client.show_network( network_id)['network']['admin_state_up']: raise NonRecoverableError( 'Expected external resource network {0} to be in ' '"admin_state_up"=True'.format(network_id)) return neutron_client.update_network( network_id, { 'network': { 'admin_state_up': True } })
def creation_validation(nova_client, **kwargs): def validate_private_key_permissions(private_key_path): ctx.logger.debug('checking whether private key file {0} has the ' 'correct permissions'.format(private_key_path)) if not os.access(private_key_path, os.R_OK): err = 'private key file {0} is not readable'\ .format(private_key_path) ctx.logger.error('VALIDATION ERROR: ' + err) raise NonRecoverableError(err) ctx.logger.debug('OK: private key file {0} has the correct ' 'permissions'.format(private_key_path)) def validate_path_owner(path): ctx.logger.debug('checking whether directory {0} is owned by the ' 'current user'.format(path)) from pwd import getpwnam, getpwuid user = getuser() owner = getpwuid(os.stat(path).st_uid).pw_name current_user_id = str(getpwnam(user).pw_uid) owner_id = str(os.stat(path).st_uid) if not current_user_id == owner_id: err = '{0} is not owned by the current user (it is owned by {1})'\ .format(path, owner) ctx.logger.warning('VALIDATION WARNING: {0}'.format(err)) return ctx.logger.debug('OK: {0} is owned by the current user'.format(path)) validate_resource(ctx, nova_client, KEYPAIR_OPENSTACK_TYPE) private_key_path = _get_private_key_path() pk_exists = _check_private_key_exists(private_key_path) if is_external_resource_not_conditionally_created(ctx): if pk_exists: if platform.system() == 'Linux': validate_private_key_permissions(private_key_path) validate_path_owner(private_key_path) else: err = "can't use external keypair: the public key {0} is " \ "available on Openstack, but the private key could not be " \ "found at {1}".format(ctx.node.properties['resource_id'], private_key_path) ctx.logger.error('VALIDATION ERROR: {0}'.format(err)) raise NonRecoverableError(err) else: if pk_exists: err = 'private key path already exists: {0}'.format( private_key_path) ctx.logger.error('VALIDATION ERROR: {0}'.format(err)) raise NonRecoverableError(err) else: err = 'private key directory {0} is not writable' while private_key_path: if os.path.isdir(private_key_path): if not os.access(private_key_path, os.W_OK | os.X_OK): raise NonRecoverableError(err.format(private_key_path)) else: break private_key_path, _ = os.path.split(private_key_path) ctx.logger.debug('OK: keypair configuration is valid')
def creation_validation(nova_client, **kwargs): def validate_private_key_permissions(private_key_path): ctx.logger.debug('checking whether private key file {0} has the ' 'correct permissions'.format(private_key_path)) if not os.access(private_key_path, os.R_OK): err = 'private key file {0} is not readable'\ .format(private_key_path) ctx.logger.error('VALIDATION ERROR: ' + err) raise NonRecoverableError(err) ctx.logger.debug('OK: private key file {0} has the correct ' 'permissions'.format(private_key_path)) def validate_path_owner(path): ctx.logger.debug('checking whether directory {0} is owned by the ' 'current user'.format(path)) from pwd import getpwnam, getpwuid user = getuser() owner = getpwuid(os.stat(path).st_uid).pw_name current_user_id = str(getpwnam(user).pw_uid) owner_id = str(os.stat(path).st_uid) if not current_user_id == owner_id: err = '{0} is not owned by the current user (it is owned by {1})'\ .format(path, owner) ctx.logger.warning('VALIDATION WARNING: {0}'.format(err)) return ctx.logger.debug('OK: {0} is owned by the current user'.format(path)) validate_resource(ctx, nova_client, KEYPAIR_OPENSTACK_TYPE) private_key_path = _get_private_key_path() pk_exists = _check_private_key_exists(private_key_path) if is_external_resource_not_conditionally_created(ctx): if pk_exists: if os.name == 'posix': validate_private_key_permissions(private_key_path) validate_path_owner(private_key_path) else: err = "can't use external keypair: the public key {0} is " \ "available on Openstack, but the private key could not be " \ "found at {1}".format(ctx.node.properties['resource_id'], private_key_path) ctx.logger.error('VALIDATION ERROR: {0}'.format(err)) raise NonRecoverableError(err) else: if pk_exists: err = 'private key path already exists: {0}'.format( private_key_path) ctx.logger.error('VALIDATION ERROR: {0}'.format(err)) raise NonRecoverableError(err) else: err = 'private key directory {0} is not writable' while private_key_path: if os.path.isdir(private_key_path): if not os.access(private_key_path, os.W_OK | os.X_OK): raise NonRecoverableError(err.format(private_key_path)) else: break private_key_path, _ = os.path.split(private_key_path) ctx.logger.debug('OK: keypair configuration is valid')