Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
isaak yansane-sisk
slapos
Commits
ed5703a3
Commit
ed5703a3
authored
May 26, 2015
by
Rafael Monnerat
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
re6stnet: Publish on slapos assigned ipv6 for the token.
parent
fd566b54
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
42 additions
and
6 deletions
+42
-6
slapos/recipe/re6stnet/__init__.py
slapos/recipe/re6stnet/__init__.py
+5
-1
slapos/recipe/re6stnet/re6stnet.py
slapos/recipe/re6stnet/re6stnet.py
+37
-5
No files found.
slapos/recipe/re6stnet/__init__.py
View file @
ed5703a3
...
@@ -253,8 +253,12 @@ class Recipe(GenericBaseRecipe):
...
@@ -253,8 +253,12 @@ class Recipe(GenericBaseRecipe):
msg
=
'Token is ready for use'
msg
=
'Token is ready for use'
elif
status
==
'TOKEN_USED'
:
elif
status
==
'TOKEN_USED'
:
msg
=
'Token not available, it has been used to generate re6stnet certificate.'
msg
=
'Token not available, it has been used to generate re6stnet certificate.'
ipv6_file
=
os
.
path
.
join
(
token_list_path
,
'%s.ipv6'
%
slave_reference
)
ipv6
=
self
.
readFile
(
ipv6_file
)
or
'Not Ready'
computer_partition
.
setConnectionDict
(
computer_partition
.
setConnectionDict
(
{
'token'
:
token
,
'1_info'
:
msg
},
{
'token'
:
token
,
'1_info'
:
msg
,
'ipv6'
:
ipv6
},
slave_reference
)
slave_reference
)
except
Exception
:
except
Exception
:
self
.
logger
.
fatal
(
"Error while sending slave %s informations: %s"
,
self
.
logger
.
fatal
(
"Error while sending slave %s informations: %s"
,
...
...
slapos/recipe/re6stnet/re6stnet.py
View file @
ed5703a3
...
@@ -7,9 +7,10 @@ import sqlite3
...
@@ -7,9 +7,10 @@ import sqlite3
import
slapos
import
slapos
import
traceback
import
traceback
from
re6st
import
registry
,
x509
from
re6st
import
registry
,
utils
,
x509
from
OpenSSL
import
crypto
from
OpenSSL
import
crypto
log
=
logging
.
getLogger
(
'SLAPOS-RE6STNET'
)
log
=
logging
.
getLogger
(
'SLAPOS-RE6STNET'
)
logging
.
basicConfig
(
level
=
logging
.
DEBUG
)
logging
.
basicConfig
(
level
=
logging
.
DEBUG
)
...
@@ -36,7 +37,7 @@ def getDb(db_path):
...
@@ -36,7 +37,7 @@ def getDb(db_path):
db
=
sqlite3
.
connect
(
db_path
,
isolation_level
=
None
,
db
=
sqlite3
.
connect
(
db_path
,
isolation_level
=
None
,
check_same_thread
=
False
)
check_same_thread
=
False
)
db
.
text_factory
=
str
db
.
text_factory
=
str
return
db
.
cursor
()
return
db
.
cursor
()
def
bang
(
args
):
def
bang
(
args
):
...
@@ -90,14 +91,14 @@ def requestAddToken(args, can_bang=True):
...
@@ -90,14 +91,14 @@ def requestAddToken(args, can_bang=True):
call_bang
=
True
call_bang
=
True
else
:
else
:
log
.
debug
(
'Bad token. Request add token fail for %s...'
%
request_file
)
log
.
debug
(
'Bad token. Request add token fail for %s...'
%
request_file
)
if
can_bang
and
call_bang
:
if
can_bang
and
call_bang
:
bang
(
args
)
bang
(
args
)
def
requestRemoveToken
(
args
):
def
requestRemoveToken
(
args
):
base_token_path
=
args
[
'token_base_path'
]
base_token_path
=
args
[
'token_base_path'
]
path_list
=
[
x
for
x
in
os
.
listdir
(
base_token_path
)
if
x
.
endswith
(
'.remove'
)]
path_list
=
[
x
for
x
in
os
.
listdir
(
base_token_path
)
if
x
.
endswith
(
'.remove'
)]
if
not
path_list
:
if
not
path_list
:
log
.
info
(
"No token to delete. Exiting..."
)
log
.
info
(
"No token to delete. Exiting..."
)
return
return
...
@@ -126,6 +127,10 @@ def requestRemoveToken(args):
...
@@ -126,6 +127,10 @@ def requestRemoveToken(args):
status_file
=
os
.
path
.
join
(
base_token_path
,
'%s.status'
%
reference
)
status_file
=
os
.
path
.
join
(
base_token_path
,
'%s.status'
%
reference
)
if
os
.
path
.
exists
(
status_file
):
if
os
.
path
.
exists
(
status_file
):
os
.
unlink
(
status_file
)
os
.
unlink
(
status_file
)
ipv6_file
=
os
.
path
.
join
(
base_token_path
,
'%s.ipv6'
%
reference
)
if
os
.
path
.
exists
(
ipv6_file
):
os
.
unlink
(
ipv6_file
)
else
:
else
:
log
.
debug
(
'Bad token. Request add token fail for %s...'
%
request_file
)
log
.
debug
(
'Bad token. Request add token fail for %s...'
%
request_file
)
...
@@ -162,6 +167,28 @@ def requestRevoqueCertificate(args):
...
@@ -162,6 +167,28 @@ def requestRevoqueCertificate(args):
os
.
unlink
(
os
.
path
.
join
(
base_token_path
,
reference_key
))
os
.
unlink
(
os
.
path
.
join
(
base_token_path
,
reference_key
))
log
.
info
(
"Certificate revoked for slave instance %s."
%
reference
)
log
.
info
(
"Certificate revoked for slave instance %s."
%
reference
)
def
dumpIPv6Network
(
slave_reference
,
db
,
network
,
ipv6_file
):
email
=
'%s@slapos'
%
slave_reference
.
lower
()
try
:
cert_string
,
=
db
.
execute
(
"SELECT cert FROM cert WHERE email = ?"
,
(
email
,)).
next
()
except
StopIteration
:
# Certificate was not generated yet !!!
pass
try
:
if
cert_string
:
cert
=
crypto
.
load_certificate
(
crypto
.
FILETYPE_PEM
,
cert_string
)
cn
=
x509
.
subnetFromCert
(
cert
)
subnet
=
network
+
utils
.
binFromSubnet
(
cn
)
ipv6
=
utils
.
ipFromBin
(
subnet
)
writeFile
(
ipv6_file
,
ipv6
)
except
Exception
:
log
.
debug
(
'XXX for %s...
\
n
%s'
%
(
slave_reference
,
traceback
.
format_exc
()))
def
checkService
(
args
,
can_bang
=
True
):
def
checkService
(
args
,
can_bang
=
True
):
base_token_path
=
args
[
'token_base_path'
]
base_token_path
=
args
[
'token_base_path'
]
token_dict
=
loadJsonFile
(
args
[
'token_json'
])
token_dict
=
loadJsonFile
(
args
[
'token_json'
])
...
@@ -175,16 +202,21 @@ def checkService(args, can_bang=True):
...
@@ -175,16 +202,21 @@ def checkService(args, can_bang=True):
computer_guid
=
args
[
'computer_id'
]
computer_guid
=
args
[
'computer_id'
]
partition_id
=
args
[
'partition_id'
]
partition_id
=
args
[
'partition_id'
]
slap
=
slapos
.
slap
.
slap
()
slap
=
slapos
.
slap
.
slap
()
client
=
registry
.
RegistryClient
(
args
[
'registry_url'
])
ca
=
client
.
getCa
()
network
=
x509
.
networkFromCa
(
crypto
.
load_certificate
(
crypto
.
FILETYPE_PEM
,
ca
))
# Check token status
# Check token status
for
slave_reference
,
token
in
token_dict
.
iteritems
():
for
slave_reference
,
token
in
token_dict
.
iteritems
():
status_file
=
os
.
path
.
join
(
base_token_path
,
'%s.status'
%
slave_reference
)
status_file
=
os
.
path
.
join
(
base_token_path
,
'%s.status'
%
slave_reference
)
ipv6_file
=
os
.
path
.
join
(
base_token_path
,
'%s.ipv6'
%
slave_reference
)
if
not
os
.
path
.
exists
(
status_file
):
if
not
os
.
path
.
exists
(
status_file
):
# This token is not added yet!
# This token is not added yet!
continue
continue
msg
=
readFile
(
status_file
)
msg
=
readFile
(
status_file
)
if
msg
==
'TOKEN_USED'
:
if
msg
==
'TOKEN_USED'
:
dumpIPv6Network
(
slave_reference
,
db
,
network
,
ipv6_file
)
continue
continue
# Check if token is not in the database
# Check if token is not in the database
...
@@ -200,8 +232,8 @@ def checkService(args, can_bang=True):
...
@@ -200,8 +232,8 @@ def checkService(args, can_bang=True):
# Token is used to register client
# Token is used to register client
call_bang
=
True
call_bang
=
True
try
:
try
:
time
.
sleep
(
1
)
writeFile
(
status_file
,
'TOKEN_USED'
)
writeFile
(
status_file
,
'TOKEN_USED'
)
dumpIPv6Network
(
slave_reference
,
db
,
network
,
ipv6_file
)
log
.
info
(
"Token status of %s updated to 'used'."
%
slave_reference
)
log
.
info
(
"Token status of %s updated to 'used'."
%
slave_reference
)
except
IOError
:
except
IOError
:
# XXX- this file should always exists
# XXX- this file should always exists
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment