X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=modules%2Flibjuju%2Fjuju%2Fcontroller.py;fp=modules%2Flibjuju%2Fjuju%2Fcontroller.py;h=9b452c7c88b0fa3c086d3263217da3973dc08674;hb=68858c1915122c2dbc8999a5cd3229694abf5f3a;hp=0000000000000000000000000000000000000000;hpb=032a71b2a6692b8b4e30f629a1f906d246f06736;p=osm%2FN2VC.git diff --git a/modules/libjuju/juju/controller.py b/modules/libjuju/juju/controller.py new file mode 100644 index 0000000..9b452c7 --- /dev/null +++ b/modules/libjuju/juju/controller.py @@ -0,0 +1,331 @@ +import asyncio +import logging + +from . import tag +from . import utils +from .client import client +from .client import connection +from .model import Model + +log = logging.getLogger(__name__) + + +class Controller(object): + def __init__(self, loop=None, + max_frame_size=connection.Connection.DEFAULT_FRAME_SIZE): + """Instantiate a new Controller. + + One of the connect_* methods will need to be called before this + object can be used for anything interesting. + + :param loop: an asyncio event loop + + """ + self.loop = loop or asyncio.get_event_loop() + self.max_frame_size = None + self.connection = None + self.controller_name = None + + async def connect( + self, endpoint, username, password, cacert=None, macaroons=None): + """Connect to an arbitrary Juju controller. + + """ + self.connection = await connection.Connection.connect( + endpoint, None, username, password, cacert, macaroons, + max_frame_size=self.max_frame_size) + + async def connect_current(self): + """Connect to the current Juju controller. + + """ + self.connection = ( + await connection.Connection.connect_current_controller( + max_frame_size=self.max_frame_size)) + + async def connect_controller(self, controller_name): + """Connect to a Juju controller by name. + + """ + self.connection = ( + await connection.Connection.connect_controller( + controller_name, max_frame_size=self.max_frame_size)) + self.controller_name = controller_name + + async def disconnect(self): + """Shut down the watcher task and close websockets. + + """ + if self.connection and self.connection.is_open: + log.debug('Closing controller connection') + await self.connection.close() + self.connection = None + + async def add_model( + self, model_name, cloud_name=None, credential_name=None, + owner=None, config=None, region=None): + """Add a model to this controller. + + :param str model_name: Name to give the new model. + :param str cloud_name: Name of the cloud in which to create the + model, e.g. 'aws'. Defaults to same cloud as controller. + :param str credential_name: Name of the credential to use when + creating the model. Defaults to current credential. If you + pass a credential_name, you must also pass a cloud_name, + even if it's the default cloud. + :param str owner: Username that will own the model. Defaults to + the current user. + :param dict config: Model configuration. + :param str region: Region in which to create the model. + + """ + model_facade = client.ModelManagerFacade.from_connection( + self.connection) + + owner = owner or self.connection.info['user-info']['identity'] + cloud_name = cloud_name or await self.get_cloud() + + if credential_name: + credential = tag.credential( + cloud_name, + tag.untag('user-', owner), + credential_name + ) + else: + credential = None + + log.debug('Creating model %s', model_name) + + model_info = await model_facade.CreateModel( + tag.cloud(cloud_name), + config, + credential, + model_name, + owner, + region + ) + + # Add our ssh key to the model, to work around + # https://bugs.launchpad.net/juju/+bug/1643076 + try: + ssh_key = await utils.read_ssh_key(loop=self.loop) + + if self.controller_name: + model_name = "{}:{}".format(self.controller_name, model_name) + + cmd = ['juju', 'add-ssh-key', '-m', model_name, ssh_key] + + await utils.execute_process(*cmd, log=log, loop=self.loop) + except Exception: + log.exception( + "Could not add ssh key to model. You will not be able " + "to ssh into machines in this model. " + "Manually running `juju add-ssh-key ` in the cli " + "may fix this problem.") + + model = Model() + await model.connect( + self.connection.endpoint, + model_info.uuid, + self.connection.username, + self.connection.password, + self.connection.cacert, + self.connection.macaroons, + loop=self.loop, + ) + + return model + + async def destroy_models(self, *uuids): + """Destroy one or more models. + + :param str \*uuids: UUIDs of models to destroy + + """ + model_facade = client.ModelManagerFacade.from_connection( + self.connection) + + log.debug( + 'Destroying model%s %s', + '' if len(uuids) == 1 else 's', + ', '.join(uuids) + ) + + await model_facade.DestroyModels([ + client.Entity(tag.model(uuid)) + for uuid in uuids + ]) + destroy_model = destroy_models + + async def add_user(self, username, password=None, display_name=None): + """Add a user to this controller. + + :param str username: Username + :param str display_name: Display name + :param str acl: Access control, e.g. 'read' + :param list models: Models to which the user is granted access + + """ + if not display_name: + display_name = username + user_facade = client.UserManagerFacade.from_connection(self.connection) + users = [{'display_name': display_name, + 'password': password, + 'username': username}] + return await user_facade.AddUser(users) + + async def change_user_password(self, username, password): + """Change the password for a user in this controller. + + :param str username: Username + :param str password: New password + + """ + user_facade = client.UserManagerFacade.from_connection(self.connection) + entity = client.EntityPassword(password, tag.user(username)) + return await user_facade.SetPassword([entity]) + + async def destroy(self, destroy_all_models=False): + """Destroy this controller. + + :param bool destroy_all_models: Destroy all hosted models in the + controller. + + """ + controller_facade = client.ControllerFacade.from_connection( + self.connection) + return await controller_facade.DestroyController(destroy_all_models) + + async def disable_user(self, username): + """Disable a user. + + :param str username: Username + + """ + user_facade = client.UserManagerFacade.from_connection(self.connection) + entity = client.Entity(tag.user(username)) + return await user_facade.DisableUser([entity]) + + async def enable_user(self, username): + """Re-enable a previously disabled user. + + """ + user_facade = client.UserManagerFacade.from_connection(self.connection) + entity = client.Entity(tag.user(username)) + return await user_facade.EnableUser([entity]) + + def kill(self): + """Forcibly terminate all machines and other associated resources for + this controller. + + """ + raise NotImplementedError() + + async def get_cloud(self): + """ + Get the name of the cloud that this controller lives on. + """ + cloud_facade = client.CloudFacade.from_connection(self.connection) + + result = await cloud_facade.Clouds() + cloud = list(result.clouds.keys())[0] # only lives on one cloud + return tag.untag('cloud-', cloud) + + async def get_models(self, all_=False, username=None): + """Return list of available models on this controller. + + :param bool all_: List all models, regardless of user accessibilty + (admin use only) + :param str username: User for which to list models (admin use only) + + """ + controller_facade = client.ControllerFacade.from_connection( + self.connection) + return await controller_facade.AllModels() + + def get_payloads(self, *patterns): + """Return list of known payloads. + + :param str \*patterns: Patterns to match against + + Each pattern will be checked against the following info in Juju:: + + - unit name + - machine id + - payload type + - payload class + - payload id + - payload tag + - payload status + + """ + raise NotImplementedError() + + def get_users(self, all_=False): + """Return list of users that can connect to this controller. + + :param bool all_: Include disabled users + + """ + raise NotImplementedError() + + def login(self): + """Log in to this controller. + + """ + raise NotImplementedError() + + def logout(self, force=False): + """Log out of this controller. + + :param bool force: Don't fail even if user not previously logged in + with a password + + """ + raise NotImplementedError() + + def get_model(self, name): + """Get a model by name. + + :param str name: Model name + + """ + raise NotImplementedError() + + async def get_user(self, username, include_disabled=False): + """Get a user by name. + + :param str username: Username + + """ + client_facade = client.UserManagerFacade.from_connection( + self.connection) + user = tag.user(username) + return await client_facade.UserInfo([client.Entity(user)], + include_disabled) + + async def grant(self, username, acl='login'): + """Set access level of the given user on the controller + + :param str username: Username + :param str acl: Access control ('login', 'add-model' or 'superuser') + + """ + controller_facade = client.ControllerFacade.from_connection( + self.connection) + user = tag.user(username) + await self.revoke(username) + changes = client.ModifyControllerAccess(acl, 'grant', user) + return await controller_facade.ModifyControllerAccess([changes]) + + async def revoke(self, username): + """Removes all access from a controller + + :param str username: username + + """ + controller_facade = client.ControllerFacade.from_connection( + self.connection) + user = tag.user(username) + changes = client.ModifyControllerAccess('login', 'revoke', user) + return await controller_facade.ModifyControllerAccess([changes])