use of com.cloud.user.SSHKeyPairVO in project cloudstack by apache.
the class KubernetesClusterResourceModifierActionWorker method getKubernetesNodeConfig.
private String getKubernetesNodeConfig(final String joinIp, final boolean ejectIso) throws IOException {
String k8sNodeConfig = readResourceFile("/conf/k8s-node.yml");
final String sshPubKey = "{{ k8s.ssh.pub.key }}";
final String joinIpKey = "{{ k8s_control_node.join_ip }}";
final String clusterTokenKey = "{{ k8s_control_node.cluster.token }}";
final String ejectIsoKey = "{{ k8s.eject.iso }}";
String pubKey = "- \"" + configurationDao.getValue("ssh.publickey") + "\"";
String sshKeyPair = kubernetesCluster.getKeyPair();
if (StringUtils.isNotEmpty(sshKeyPair)) {
SSHKeyPairVO sshkp = sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), sshKeyPair);
if (sshkp != null) {
pubKey += "\n - \"" + sshkp.getPublicKey() + "\"";
}
}
k8sNodeConfig = k8sNodeConfig.replace(sshPubKey, pubKey);
k8sNodeConfig = k8sNodeConfig.replace(joinIpKey, joinIp);
k8sNodeConfig = k8sNodeConfig.replace(clusterTokenKey, KubernetesClusterUtil.generateClusterToken(kubernetesCluster));
k8sNodeConfig = k8sNodeConfig.replace(ejectIsoKey, String.valueOf(ejectIso));
k8sNodeConfig = updateKubeConfigWithRegistryDetails(k8sNodeConfig);
return k8sNodeConfig;
}
use of com.cloud.user.SSHKeyPairVO in project cloudstack by apache.
the class KubernetesClusterManagerImpl method validateKubernetesClusterCreateParameters.
private void validateKubernetesClusterCreateParameters(final CreateKubernetesClusterCmd cmd) throws CloudRuntimeException {
validateEndpointUrl();
final String name = cmd.getName();
final Long zoneId = cmd.getZoneId();
final Long kubernetesVersionId = cmd.getKubernetesVersionId();
final Long serviceOfferingId = cmd.getServiceOfferingId();
final Account owner = accountService.getActiveAccountById(cmd.getEntityOwnerId());
final Long networkId = cmd.getNetworkId();
final String sshKeyPair = cmd.getSSHKeyPairName();
final Long controlNodeCount = cmd.getControlNodes();
final Long clusterSize = cmd.getClusterSize();
final long totalNodeCount = controlNodeCount + clusterSize;
final String dockerRegistryUserName = cmd.getDockerRegistryUserName();
final String dockerRegistryPassword = cmd.getDockerRegistryPassword();
final String dockerRegistryUrl = cmd.getDockerRegistryUrl();
final Long nodeRootDiskSize = cmd.getNodeRootDiskSize();
final String externalLoadBalancerIpAddress = cmd.getExternalLoadBalancerIpAddress();
if (name == null || name.isEmpty()) {
throw new InvalidParameterValueException("Invalid name for the Kubernetes cluster name:" + name);
}
if (controlNodeCount < 1) {
throw new InvalidParameterValueException("Invalid cluster control nodes count: " + controlNodeCount);
}
if (clusterSize < 1) {
throw new InvalidParameterValueException("Invalid cluster size: " + clusterSize);
}
int maxClusterSize = KubernetesMaxClusterSize.valueIn(owner.getId());
if (totalNodeCount > maxClusterSize) {
throw new InvalidParameterValueException(String.format("Maximum cluster size can not exceed %d. Please contact your administrator", maxClusterSize));
}
DataCenter zone = dataCenterDao.findById(zoneId);
if (zone == null) {
throw new InvalidParameterValueException("Unable to find zone by ID: " + zoneId);
}
if (Grouping.AllocationState.Disabled == zone.getAllocationState()) {
throw new PermissionDeniedException(String.format("Cannot perform this operation, zone ID: %s is currently disabled", zone.getUuid()));
}
if (!isKubernetesServiceConfigured(zone)) {
throw new CloudRuntimeException("Kubernetes service has not been configured properly to provision Kubernetes clusters");
}
final KubernetesSupportedVersion clusterKubernetesVersion = kubernetesSupportedVersionDao.findById(kubernetesVersionId);
if (clusterKubernetesVersion == null) {
throw new InvalidParameterValueException("Unable to find given Kubernetes version in supported versions");
}
if (!KubernetesSupportedVersion.State.Enabled.equals(clusterKubernetesVersion.getState())) {
throw new InvalidParameterValueException(String.format("Kubernetes version ID: %s is in %s state", clusterKubernetesVersion.getUuid(), clusterKubernetesVersion.getState()));
}
if (clusterKubernetesVersion.getZoneId() != null && !clusterKubernetesVersion.getZoneId().equals(zone.getId())) {
throw new InvalidParameterValueException(String.format("Kubernetes version ID: %s is not available for zone ID: %s", clusterKubernetesVersion.getUuid(), zone.getUuid()));
}
if (controlNodeCount > 1) {
try {
if (KubernetesVersionManagerImpl.compareSemanticVersions(clusterKubernetesVersion.getSemanticVersion(), MIN_KUBERNETES_VERSION_HA_SUPPORT) < 0) {
throw new InvalidParameterValueException(String.format("HA support is available only for Kubernetes version %s and above. Given version ID: %s is %s", MIN_KUBERNETES_VERSION_HA_SUPPORT, clusterKubernetesVersion.getUuid(), clusterKubernetesVersion.getSemanticVersion()));
}
} catch (IllegalArgumentException e) {
logAndThrow(Level.WARN, String.format("Unable to compare Kubernetes version for given version ID: %s with %s", clusterKubernetesVersion.getUuid(), MIN_KUBERNETES_VERSION_HA_SUPPORT), e);
}
}
if (clusterKubernetesVersion.getZoneId() != null && clusterKubernetesVersion.getZoneId() != zone.getId()) {
throw new InvalidParameterValueException(String.format("Kubernetes version ID: %s is not available for zone ID: %s", clusterKubernetesVersion.getUuid(), zone.getUuid()));
}
VMTemplateVO iso = templateDao.findById(clusterKubernetesVersion.getIsoId());
if (iso == null) {
throw new InvalidParameterValueException(String.format("Invalid ISO associated with version ID: %s", clusterKubernetesVersion.getUuid()));
}
if (CollectionUtils.isEmpty(templateJoinDao.newTemplateView(iso, zone.getId(), true))) {
throw new InvalidParameterValueException(String.format("ISO associated with version ID: %s is not in Ready state for datacenter ID: %s", clusterKubernetesVersion.getUuid(), zone.getUuid()));
}
ServiceOffering serviceOffering = serviceOfferingDao.findById(serviceOfferingId);
if (serviceOffering == null) {
throw new InvalidParameterValueException("No service offering with ID: " + serviceOfferingId);
}
if (sshKeyPair != null && !sshKeyPair.isEmpty()) {
SSHKeyPairVO sshKeyPairVO = sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), sshKeyPair);
if (sshKeyPairVO == null) {
throw new InvalidParameterValueException(String.format("Given SSH key pair with name: %s was not found for the account %s", sshKeyPair, owner.getAccountName()));
}
}
if (nodeRootDiskSize != null && nodeRootDiskSize <= 0) {
throw new InvalidParameterValueException(String.format("Invalid value for %s", ApiConstants.NODE_ROOT_DISK_SIZE));
}
if (!validateServiceOffering(serviceOffering, clusterKubernetesVersion)) {
throw new InvalidParameterValueException("Given service offering ID: %s is not suitable for Kubernetes cluster");
}
validateDockerRegistryParams(dockerRegistryUserName, dockerRegistryPassword, dockerRegistryUrl);
Network network = null;
if (networkId != null) {
network = networkService.getNetwork(networkId);
if (network == null) {
throw new InvalidParameterValueException("Unable to find network with given ID");
}
}
if (StringUtils.isNotEmpty(externalLoadBalancerIpAddress)) {
if (!NetUtils.isValidIp4(externalLoadBalancerIpAddress) && !NetUtils.isValidIp6(externalLoadBalancerIpAddress)) {
throw new InvalidParameterValueException("Invalid external load balancer IP address");
}
if (network == null) {
throw new InvalidParameterValueException(String.format("%s parameter must be specified along with %s parameter", ApiConstants.EXTERNAL_LOAD_BALANCER_IP_ADDRESS, ApiConstants.NETWORK_ID));
}
if (Network.GuestType.Shared.equals(network.getGuestType())) {
throw new InvalidParameterValueException(String.format("%s parameter must be specified along with %s type of network", ApiConstants.EXTERNAL_LOAD_BALANCER_IP_ADDRESS, Network.GuestType.Shared.toString()));
}
}
if (!KubernetesClusterExperimentalFeaturesEnabled.value() && !StringUtils.isAllEmpty(dockerRegistryUrl, dockerRegistryUserName, dockerRegistryPassword)) {
throw new CloudRuntimeException(String.format("Private registry for the Kubernetes cluster is an experimental feature. Use %s configuration for enabling experimental features", KubernetesClusterExperimentalFeaturesEnabled.key()));
}
}
use of com.cloud.user.SSHKeyPairVO in project cloudstack by apache.
the class ManagementServerImpl method createSSHKeyPair.
@Override
public SSHKeyPair createSSHKeyPair(final CreateSSHKeyPairCmd cmd) {
final Account caller = getCaller();
final String accountName = cmd.getAccountName();
final Long domainId = cmd.getDomainId();
final Long projectId = cmd.getProjectId();
final String name = cmd.getName();
if (StringUtils.isBlank(name)) {
throw new InvalidParameterValueException("Please specify a valid name for the key pair. The key name can't be empty");
}
final Account owner = _accountMgr.finalizeOwner(caller, accountName, domainId, projectId);
final SSHKeyPairVO s = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
if (s != null) {
throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists.");
}
final SSHKeysHelper keys = new SSHKeysHelper(sshKeyLength.value());
final String publicKey = keys.getPublicKey();
final String fingerprint = keys.getPublicKeyFingerPrint();
final String privateKey = keys.getPrivateKey();
return createAndSaveSSHKeyPair(name, fingerprint, publicKey, privateKey, owner);
}
use of com.cloud.user.SSHKeyPairVO in project cloudstack by apache.
the class ManagementServerImpl method createAndSaveSSHKeyPair.
private SSHKeyPair createAndSaveSSHKeyPair(final String name, final String fingerprint, final String publicKey, final String privateKey, final Account owner) {
final SSHKeyPairVO newPair = new SSHKeyPairVO();
newPair.setAccountId(owner.getAccountId());
newPair.setDomainId(owner.getDomainId());
newPair.setName(name);
newPair.setFingerprint(fingerprint);
newPair.setPublicKey(publicKey);
// transient; not saved.
newPair.setPrivateKey(privateKey);
_sshKeyPairDao.persist(newPair);
return newPair;
}
use of com.cloud.user.SSHKeyPairVO in project cloudstack by apache.
the class ManagementServerImpl method deleteSSHKeyPair.
@Override
public boolean deleteSSHKeyPair(final DeleteSSHKeyPairCmd cmd) {
final Account caller = getCaller();
final String accountName = cmd.getAccountName();
final Long domainId = cmd.getDomainId();
final Long projectId = cmd.getProjectId();
Account owner = null;
try {
owner = _accountMgr.finalizeOwner(caller, accountName, domainId, projectId);
} catch (InvalidParameterValueException ex) {
if (caller.getType() == Account.ACCOUNT_TYPE_ADMIN && accountName != null && domainId != null) {
owner = _accountDao.findAccountIncludingRemoved(accountName, domainId);
}
if (owner == null) {
throw ex;
}
}
final SSHKeyPairVO s = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
if (s == null) {
final InvalidParameterValueException ex = new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' does not exist for account " + owner.getAccountName() + " in specified domain id");
final DomainVO domain = ApiDBUtils.findDomainById(owner.getDomainId());
String domainUuid = String.valueOf(owner.getDomainId());
if (domain != null) {
domainUuid = domain.getUuid();
}
ex.addProxyObject(domainUuid, "domainId");
throw ex;
}
annotationDao.removeByEntityType(AnnotationService.EntityType.SSH_KEYPAIR.name(), s.getUuid());
return _sshKeyPairDao.deleteByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
}
Aggregations