def _setup_jumpbox(vcenter, the_vm, username):
"""Configure the Jumpbox for the end user
:Returns: None
:param vcenter: The instantiated connection to vCenter
:type vcenter: vlab_inf_common.vmware.vCenter
:param the_vm: The new gateway
:type the_vm: vim.VirtualMachine
"""
# Add the note about the type & version of Jumpbox being used
spec = vim.vm.ConfigSpec()
spec.annotation = 'ubuntu=18.04'
task = the_vm.ReconfigVM_Task(spec)
consume_task(task)
# Create an admin user with the same username as the end-user
cmd = '/usr/bin/sudo'
# SHA 512 version of the letter 'a' (plus the $6$ to denote SHA 512)
pw = '$6$qM5mj4O0$x8l6R4T4sH1HJgYt9dw3n2pYO8E0Rs/sqlCfts5/p8o8ZK8aBjfHRlh37xnxIfPZBp.ErfBgnSJcauzP2mxBx.'
args = "/usr/sbin/useradd --shell /bin/bash --password '{1}' --create-home --groups sudo --home-dir /home/{0} {0} ".format(
username, pw)
result = virtual_machine.run_command(vcenter,
the_vm,
cmd,
user='******',
password='******',
arguments=args)
if result.exitCode:
error = 'Failed to create user {} in newly deployed jumpbox'.format(
username)
raise RuntimeError(error)
# Make the Ubuntu GNOME desktop the default used by xRDP
# https://www.hiroom2.com/2018/04/29/ubuntu-1804-xrdp-gnome-en/
cmd2 = '/usr/bin/sudo'
args2 = '/bin/cp /etc/xrdp/xsessionrc /home/{}/.xsessionrc'.format(
username)
result2 = virtual_machine.run_command(vcenter,
the_vm,
cmd2,
user='******',
password='******',
arguments=args2)
if result2.exitCode:
error = 'Failed to create .xsessionrc file in {} homedir'.format(
username)
raise RuntimeError(error)
def test_output(self, fake_get_process_info):
"""``virtual_machine`` - run_command returns the output of get_process_info"""
fake_info = MagicMock()
fake_get_process_info.return_value = fake_info
vcenter = MagicMock()
the_vm = MagicMock()
output = virtual_machine.run_command(vcenter, the_vm, '/bin/ls', 'bob',
'iLoveCats')
self.assertTrue(output is fake_info)
def _run_cmd(vcenter, the_vm, cmd, args, logger, timeout=600, one_shot=False):
shell = '/bin/bash'
the_args = "-c '/bin/echo {} | /bin/sudo -S {} {}'".format(const.VLAB_DATAIQ_ADMIN_PW, cmd, args)
result = virtual_machine.run_command(vcenter,
the_vm,
shell,
user=const.VLAB_DATAIQ_ADMIN,
password=const.VLAB_DATAIQ_ADMIN_PW,
arguments=the_args,
timeout=timeout,
one_shot=one_shot,
init_timeout=1200)
if result.exitCode:
logger.error("failed to execute: {} {}".format(shell, the_args))
def test_command_timeout(self, fake_get_process_info, fake_sleep):
"""``virtual_machine`` - run_command raises RuntimeError if the command doesn't complete in time"""
fake_info = MagicMock()
fake_info.endTime = None
fake_get_process_info.return_value = fake_info
vcenter = MagicMock()
the_vm = MagicMock()
with self.assertRaises(RuntimeError):
output = virtual_machine.run_command(vcenter,
the_vm,
'/bin/ls',
'bob',
'iLoveCats',
timeout=1)
def test_command_one_shot(self):
"""``virtual_machine`` - run_command returns ProcessInfo when param one_shot=True"""
fake_vcenter = MagicMock()
fake_vcenter.content.guestOperationsManager.processManager.StartProgramInGuest.return_value = 42
fake_vm = MagicMock()
output = virtual_machine.run_command(fake_vcenter,
fake_vm,
'/bin/ls',
'bob',
'iLoveCats',
one_shot=True)
self.assertTrue(
isinstance(
output,
virtual_machine.vim.vm.guest.ProcessManager.ProcessInfo))
def test_init_timeout(self, fake_get_process_info, fake_sleep):
"""``virtual_machine`` - run_command raises RuntimeError if VMtools isn't available before the timeout"""
fake_info = MagicMock()
fake_get_process_info.return_value = fake_info
vcenter = MagicMock()
vcenter.content.guestOperationsManager.processManager.StartProgramInGuest.side_effect = [
vim.fault.GuestOperationsUnavailable(),
vim.fault.GuestOperationsUnavailable()
]
the_vm = MagicMock()
with self.assertRaises(RuntimeError):
output = virtual_machine.run_command(vcenter,
the_vm,
'/bin/ls',
'bob',
'iLoveCats',
init_timeout=1)
def _setup_gateway(vcenter, the_vm, username, gateway_version, logger):
"""Initialize the new gateway for the user
:Returns: None
:param vcenter: The instantiated connection to vCenter
:type vcenter: vlab_inf_common.vmware.vCenter
:param the_vm: The new gateway
:type the_vm: vim.VirtualMachine
"""
time.sleep(120) # Let the VM fully boot
vlab_ip = resolve_name(
const.VLAB_URL.replace('https://', '').replace('http://', ''))
cmd1 = '/usr/bin/sudo'
args1 = '/usr/bin/hostnamectl set-hostname {}'.format(username)
result1 = virtual_machine.run_command(vcenter,
the_vm,
cmd1,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args1)
if result1.exitCode:
logger.error('Failed to set hostname to {}'.format(username))
# Updating hostname fixes SPAM when SSH into box about "failure to resolve <host>"
cmd2 = '/usr/bin/sudo'
args2 = "/bin/sed -i -e 's/ipam/{}/g' /etc/hosts".format(username)
result2 = virtual_machine.run_command(vcenter,
the_vm,
cmd2,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args2)
if result2.exitCode:
logger.error('Failed to fix hostname SPAM')
# Fix the env var for the log_sender
cmd3 = '/usr/bin/sudo'
args3 = "/bin/sed -i -e 's/VLAB_LOG_TARGET=localhost:9092/VLAB_LOG_TARGET={}/g' /etc/environment".format(
const.VLAB_IPAM_BROKER)
result3 = virtual_machine.run_command(vcenter,
the_vm,
cmd3,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args3)
if result3.exitCode:
logger.error('Failed to set IPAM log-sender address')
# Set the encryption key for log_sender
cmd4 = '/usr/bin/sudo'
args4 = "/bin/sed -i -e 's/changeME/{}/g' /etc/vlab/log_sender.key".format(
const.VLAB_IPAM_KEY)
result4 = virtual_machine.run_command(vcenter,
the_vm,
cmd4,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args4)
if result4.exitCode:
logger.error('Failed to set IPAM encryption key')
logger.error('CMD: {} {}'.format(cmd4, args4))
logger.error('Result: \n{}'.format(result4))
cmd5 = '/usr/bin/sudo'
args5 = "/bin/sed -i -e 's/VLAB_URL=https:\/\/localhost/VLAB_URL={}/g' /etc/environment".format(
const.VLAB_URL.replace('/', '\/'))
result5 = virtual_machine.run_command(vcenter,
the_vm,
cmd5,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args5)
if result5.exitCode:
logger.error('Failed to set VLAB_URL environment variable')
cmd6 = '/usr/bin/sudo'
args6 = "/bin/sed -i -e 's/PRODUCTION=false/PRODUCTION=beta/g' /etc/environment"
result6 = virtual_machine.run_command(vcenter,
the_vm,
cmd6,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args6)
if result6.exitCode:
logger.error('Failed to set PRODUCTION environment variable')
cmd7 = '/usr/bin/sudo'
args7 = "/bin/sed -i -e 's/1.us.pool.ntp.org/{}/g' /etc/chrony/chrony.conf".format(
vlab_ip)
result7 = virtual_machine.run_command(vcenter,
the_vm,
cmd7,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args7)
if result7.exitCode:
logger.error('Failed to set NTP server')
cmd8 = '/usr/bin/sudo'
args8 = "/bin/sed -i -e 's/VLAB_DDNS_KEY=aabbcc/VLAB_DDNS_KEY={}/g' /etc/environment".format(
const.VLAB_DDNS_KEY)
result8 = virtual_machine.run_command(vcenter,
the_vm,
cmd8,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args8)
if result8.exitCode:
logger.error('Failed to configure DDNS settings')
cmd9 = '/usr/bin/sudo'
args9 = "sed -i -e 's/8.8.8.8/{}/g' /etc/bind/named.conf".format(vlab_ip)
result9 = virtual_machine.run_command(vcenter,
the_vm,
cmd9,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args9)
if result9.exitCode:
logger.error('Failed to configure DNS forwarder')
# *MUST* happen after setting up the hostname otherwise the salt-minion will
# use the default hostname when registering with the salt-master
cmd10 = '/usr/bin/sudo'
args10 = "/bin/systemctl enable salt-minion.service"
result10 = virtual_machine.run_command(vcenter,
the_vm,
cmd10,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args10)
if result10.exitCode:
logger.error('Failed to enable Config Mgmt Software')
cmd11 = '/usr/bin/sudo'
args11 = "/bin/sed -i -e 's/#master: salt/master: {}/g' /etc/salt/minion".format(
vlab_ip)
result11 = virtual_machine.run_command(vcenter,
the_vm,
cmd11,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args11)
if result11.exitCode:
logger.error('Failed to configure Config Mgmt Software')
cmd12 = '/usr/bin/sudo'
args12 = "/bin/sed -i -e 's/$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat/#$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat/g' /etc/rsyslog.conf"
result12 = virtual_machine.run_command(vcenter,
the_vm,
cmd12,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args12)
if result12.exitCode:
logger.error('Failed to set kern.log timestamp format')
cmd13 = '/usr/bin/sudo'
args13 = '/sbin/reboot'
result13 = virtual_machine.run_command(vcenter,
the_vm,
cmd13,
user=const.VLAB_IPAM_ADMIN,
password=const.VLAB_IPAM_ADMIN_PW,
arguments=args13,
one_shot=True)
if result13.exitCode:
logger.error('Failed to reboot IPAM server')
meta_data = {
'component': 'defaultGateway',
'created': time.time(),
'version': gateway_version,
'configured': True,
'generation': 1
}
virtual_machine.set_meta(the_vm, meta_data)
time.sleep(60) # Give the box time to power cycles
def _finish_bind_config(vcenter, the_vm, static_ip, logger):
"""The records for Bind need to be adjust for the user's specific hostname and IP
:Returns: None
:param vcenter: The vCenter object
:type vcenter: vlab_inf_common.vmware.vcenter.vCenter
:param the_vm: The pyVmomi Virtual machine object
:type the_vm: vim.VirtualMachine
:param static_ip: The IP of the DNS server
:type static_ip: String
:param logger: An object for logging messages
:type logger: logging.LoggerAdapter
"""
sed = '/usr/bin/sed'
args = "-i 's/{}/{}/g' {}"
forward_zone_file = '/var/named/vlab.local.db'
reverse_zone_file = '/var/named/vlab.local.rev'
forward_args1 = args.format('CHANGEME', static_ip, forward_zone_file)
forward_args2 = args.format('4\t', '5\t',
forward_zone_file) # change the serial value
reverse_args1 = args.format('CHANGEME', static_ip, reverse_zone_file)
reverse_args2 = args.format('4\t', '5\t',
reverse_zone_file) # change the serial value
systemctl = '/usr/bin/systemctl'
restart = 'restart named'
logger.info("Adjusting the Forward Lookup records for BIND")
virtual_machine.run_command(vcenter,
the_vm,
sed,
arguments=forward_args1,
user=const.VLAB_DNS_BIND9_ADMIN,
password=const.VLAB_DNS_BIND9_PW)
virtual_machine.run_command(vcenter,
the_vm,
sed,
arguments=forward_args2,
user=const.VLAB_DNS_BIND9_ADMIN,
password=const.VLAB_DNS_BIND9_PW)
logger.info("Adjusting the Reverse Lookup records for BIND")
virtual_machine.run_command(vcenter,
the_vm,
sed,
arguments=reverse_args1,
user=const.VLAB_DNS_BIND9_ADMIN,
password=const.VLAB_DNS_BIND9_PW)
virtual_machine.run_command(vcenter,
the_vm,
sed,
arguments=reverse_args2,
user=const.VLAB_DNS_BIND9_ADMIN,
password=const.VLAB_DNS_BIND9_PW)
logger.info("Restarting named service")
virtual_machine.run_command(vcenter,
the_vm,
systemctl,
arguments=restart,
user=const.VLAB_DNS_BIND9_ADMIN,
password=const.VLAB_DNS_BIND9_PW)