Example 1 with SSHKeyPairVO
use of com.cloud.user.SSHKeyPairVO in project cloudstack by apache.
the class KubernetesClusterResourceModifierActionWorker method getKubernetesNodeConfig.
private String getKubernetesNodeConfig(final String joinIp, final boolean ejectIso) throws IOException {
String k8sNodeConfig = readResourceFile("/conf/k8s-node.yml");
final String sshPubKey = "{{ k8s.ssh.pub.key }}";
final String joinIpKey = "{{ k8s_control_node.join_ip }}";
final String clusterTokenKey = "{{ k8s_control_node.cluster.token }}";
final String ejectIsoKey = "{{ k8s.eject.iso }}";
String pubKey = "- \"" + configurationDao.getValue("ssh.publickey") + "\"";
String sshKeyPair = kubernetesCluster.getKeyPair();
if (StringUtils.isNotEmpty(sshKeyPair)) {
SSHKeyPairVO sshkp = sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), sshKeyPair);
if (sshkp != null) {
pubKey += "\n - \"" + sshkp.getPublicKey() + "\"";
}
}
k8sNodeConfig = k8sNodeConfig.replace(sshPubKey, pubKey);
k8sNodeConfig = k8sNodeConfig.replace(joinIpKey, joinIp);
k8sNodeConfig = k8sNodeConfig.replace(clusterTokenKey, KubernetesClusterUtil.generateClusterToken(kubernetesCluster));
k8sNodeConfig = k8sNodeConfig.replace(ejectIsoKey, String.valueOf(ejectIso));
k8sNodeConfig = updateKubeConfigWithRegistryDetails(k8sNodeConfig);
return k8sNodeConfig;
}
Also used :
SSHKeyPairVO(com.cloud.user.SSHKeyPairVO)
Example 2 with SSHKeyPairVO
use of com.cloud.user.SSHKeyPairVO in project cloudstack by apache.
the class KubernetesClusterManagerImpl method validateKubernetesClusterCreateParameters.
private void validateKubernetesClusterCreateParameters(final CreateKubernetesClusterCmd cmd) throws CloudRuntimeException {
validateEndpointUrl();
final String name = cmd.getName();
final Long zoneId = cmd.getZoneId();
final Long kubernetesVersionId = cmd.getKubernetesVersionId();
final Long serviceOfferingId = cmd.getServiceOfferingId();
final Account owner = accountService.getActiveAccountById(cmd.getEntityOwnerId());
final Long networkId = cmd.getNetworkId();
final String sshKeyPair = cmd.getSSHKeyPairName();
final Long controlNodeCount = cmd.getControlNodes();
final Long clusterSize = cmd.getClusterSize();
final long totalNodeCount = controlNodeCount + clusterSize;
final String dockerRegistryUserName = cmd.getDockerRegistryUserName();
final String dockerRegistryPassword = cmd.getDockerRegistryPassword();
final String dockerRegistryUrl = cmd.getDockerRegistryUrl();
final Long nodeRootDiskSize = cmd.getNodeRootDiskSize();
final String externalLoadBalancerIpAddress = cmd.getExternalLoadBalancerIpAddress();
if (name == null || name.isEmpty()) {
throw new InvalidParameterValueException("Invalid name for the Kubernetes cluster name:" + name);
}
if (controlNodeCount < 1) {
throw new InvalidParameterValueException("Invalid cluster control nodes count: " + controlNodeCount);
}
if (clusterSize < 1) {
throw new InvalidParameterValueException("Invalid cluster size: " + clusterSize);
}
int maxClusterSize = KubernetesMaxClusterSize.valueIn(owner.getId());
if (totalNodeCount > maxClusterSize) {
throw new InvalidParameterValueException(String.format("Maximum cluster size can not exceed %d. Please contact your administrator", maxClusterSize));
}
DataCenter zone = dataCenterDao.findById(zoneId);
if (zone == null) {
throw new InvalidParameterValueException("Unable to find zone by ID: " + zoneId);
}
if (Grouping.AllocationState.Disabled == zone.getAllocationState()) {
throw new PermissionDeniedException(String.format("Cannot perform this operation, zone ID: %s is currently disabled", zone.getUuid()));
}
if (!isKubernetesServiceConfigured(zone)) {
throw new CloudRuntimeException("Kubernetes service has not been configured properly to provision Kubernetes clusters");
}
final KubernetesSupportedVersion clusterKubernetesVersion = kubernetesSupportedVersionDao.findById(kubernetesVersionId);
if (clusterKubernetesVersion == null) {
throw new InvalidParameterValueException("Unable to find given Kubernetes version in supported versions");
}
if (!KubernetesSupportedVersion.State.Enabled.equals(clusterKubernetesVersion.getState())) {
throw new InvalidParameterValueException(String.format("Kubernetes version ID: %s is in %s state", clusterKubernetesVersion.getUuid(), clusterKubernetesVersion.getState()));
}
if (clusterKubernetesVersion.getZoneId() != null && !clusterKubernetesVersion.getZoneId().equals(zone.getId())) {
throw new InvalidParameterValueException(String.format("Kubernetes version ID: %s is not available for zone ID: %s", clusterKubernetesVersion.getUuid(), zone.getUuid()));
}
if (controlNodeCount > 1) {
try {
if (KubernetesVersionManagerImpl.compareSemanticVersions(clusterKubernetesVersion.getSemanticVersion(), MIN_KUBERNETES_VERSION_HA_SUPPORT) < 0) {
throw new InvalidParameterValueException(String.format("HA support is available only for Kubernetes version %s and above. Given version ID: %s is %s", MIN_KUBERNETES_VERSION_HA_SUPPORT, clusterKubernetesVersion.getUuid(), clusterKubernetesVersion.getSemanticVersion()));
}
} catch (IllegalArgumentException e) {
logAndThrow(Level.WARN, String.format("Unable to compare Kubernetes version for given version ID: %s with %s", clusterKubernetesVersion.getUuid(), MIN_KUBERNETES_VERSION_HA_SUPPORT), e);
}
}
if (clusterKubernetesVersion.getZoneId() != null && clusterKubernetesVersion.getZoneId() != zone.getId()) {
throw new InvalidParameterValueException(String.format("Kubernetes version ID: %s is not available for zone ID: %s", clusterKubernetesVersion.getUuid(), zone.getUuid()));
}
VMTemplateVO iso = templateDao.findById(clusterKubernetesVersion.getIsoId());
if (iso == null) {
throw new InvalidParameterValueException(String.format("Invalid ISO associated with version ID: %s", clusterKubernetesVersion.getUuid()));
}
if (CollectionUtils.isEmpty(templateJoinDao.newTemplateView(iso, zone.getId(), true))) {
throw new InvalidParameterValueException(String.format("ISO associated with version ID: %s is not in Ready state for datacenter ID: %s", clusterKubernetesVersion.getUuid(), zone.getUuid()));
}
ServiceOffering serviceOffering = serviceOfferingDao.findById(serviceOfferingId);
if (serviceOffering == null) {
throw new InvalidParameterValueException("No service offering with ID: " + serviceOfferingId);
}
if (sshKeyPair != null && !sshKeyPair.isEmpty()) {
SSHKeyPairVO sshKeyPairVO = sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), sshKeyPair);
if (sshKeyPairVO == null) {
throw new InvalidParameterValueException(String.format("Given SSH key pair with name: %s was not found for the account %s", sshKeyPair, owner.getAccountName()));
}
}
if (nodeRootDiskSize != null && nodeRootDiskSize <= 0) {
throw new InvalidParameterValueException(String.format("Invalid value for %s", ApiConstants.NODE_ROOT_DISK_SIZE));
}
if (!validateServiceOffering(serviceOffering, clusterKubernetesVersion)) {
throw new InvalidParameterValueException("Given service offering ID: %s is not suitable for Kubernetes cluster");
}
validateDockerRegistryParams(dockerRegistryUserName, dockerRegistryPassword, dockerRegistryUrl);
Network network = null;
if (networkId != null) {
network = networkService.getNetwork(networkId);
if (network == null) {
throw new InvalidParameterValueException("Unable to find network with given ID");
}
}
if (StringUtils.isNotEmpty(externalLoadBalancerIpAddress)) {
if (!NetUtils.isValidIp4(externalLoadBalancerIpAddress) && !NetUtils.isValidIp6(externalLoadBalancerIpAddress)) {
throw new InvalidParameterValueException("Invalid external load balancer IP address");
}
if (network == null) {
throw new InvalidParameterValueException(String.format("%s parameter must be specified along with %s parameter", ApiConstants.EXTERNAL_LOAD_BALANCER_IP_ADDRESS, ApiConstants.NETWORK_ID));
}
if (Network.GuestType.Shared.equals(network.getGuestType())) {
throw new InvalidParameterValueException(String.format("%s parameter must be specified along with %s type of network", ApiConstants.EXTERNAL_LOAD_BALANCER_IP_ADDRESS, Network.GuestType.Shared.toString()));
}
}
if (!KubernetesClusterExperimentalFeaturesEnabled.value() && !StringUtils.isAllEmpty(dockerRegistryUrl, dockerRegistryUserName, dockerRegistryPassword)) {
throw new CloudRuntimeException(String.format("Private registry for the Kubernetes cluster is an experimental feature. Use %s configuration for enabling experimental features", KubernetesClusterExperimentalFeaturesEnabled.key()));
}
}
Also used :
KubernetesSupportedVersion(com.cloud.kubernetes.version.KubernetesSupportedVersion)
UserAccount(com.cloud.user.UserAccount)
Account(com.cloud.user.Account)
ServiceOffering(com.cloud.offering.ServiceOffering)
VMTemplateVO(com.cloud.storage.VMTemplateVO)
SSHKeyPairVO(com.cloud.user.SSHKeyPairVO)
DataCenter(com.cloud.dc.DataCenter)
InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
Network(com.cloud.network.Network)
PhysicalNetwork(com.cloud.network.PhysicalNetwork)
PermissionDeniedException(com.cloud.exception.PermissionDeniedException)
Example 3 with SSHKeyPairVO
use of com.cloud.user.SSHKeyPairVO in project cloudstack by apache.
the class ManagementServerImpl method createSSHKeyPair.
@Override
public SSHKeyPair createSSHKeyPair(final CreateSSHKeyPairCmd cmd) {
final Account caller = getCaller();
final String accountName = cmd.getAccountName();
final Long domainId = cmd.getDomainId();
final Long projectId = cmd.getProjectId();
final String name = cmd.getName();
if (StringUtils.isBlank(name)) {
throw new InvalidParameterValueException("Please specify a valid name for the key pair. The key name can't be empty");
}
final Account owner = _accountMgr.finalizeOwner(caller, accountName, domainId, projectId);
final SSHKeyPairVO s = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
if (s != null) {
throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists.");
}
final SSHKeysHelper keys = new SSHKeysHelper(sshKeyLength.value());
final String publicKey = keys.getPublicKey();
final String fingerprint = keys.getPublicKeyFingerPrint();
final String privateKey = keys.getPrivateKey();
return createAndSaveSSHKeyPair(name, fingerprint, publicKey, privateKey, owner);
}
Also used :
Account(com.cloud.user.Account)
InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException)
SSHKeysHelper(com.cloud.utils.ssh.SSHKeysHelper)
SSHKeyPairVO(com.cloud.user.SSHKeyPairVO)
Example 4 with SSHKeyPairVO
use of com.cloud.user.SSHKeyPairVO in project cloudstack by apache.
the class ManagementServerImpl method createAndSaveSSHKeyPair.
private SSHKeyPair createAndSaveSSHKeyPair(final String name, final String fingerprint, final String publicKey, final String privateKey, final Account owner) {
final SSHKeyPairVO newPair = new SSHKeyPairVO();
newPair.setAccountId(owner.getAccountId());
newPair.setDomainId(owner.getDomainId());
newPair.setName(name);
newPair.setFingerprint(fingerprint);
newPair.setPublicKey(publicKey);
// transient; not saved.
newPair.setPrivateKey(privateKey);
_sshKeyPairDao.persist(newPair);
return newPair;
}
Also used :
SSHKeyPairVO(com.cloud.user.SSHKeyPairVO)
Example 5 with SSHKeyPairVO
use of com.cloud.user.SSHKeyPairVO in project cloudstack by apache.
the class ManagementServerImpl method deleteSSHKeyPair.
@Override
public boolean deleteSSHKeyPair(final DeleteSSHKeyPairCmd cmd) {
final Account caller = getCaller();
final String accountName = cmd.getAccountName();
final Long domainId = cmd.getDomainId();
final Long projectId = cmd.getProjectId();
Account owner = null;
try {
owner = _accountMgr.finalizeOwner(caller, accountName, domainId, projectId);
} catch (InvalidParameterValueException ex) {
if (caller.getType() == Account.ACCOUNT_TYPE_ADMIN && accountName != null && domainId != null) {
owner = _accountDao.findAccountIncludingRemoved(accountName, domainId);
}
if (owner == null) {
throw ex;
}
}
final SSHKeyPairVO s = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
if (s == null) {
final InvalidParameterValueException ex = new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' does not exist for account " + owner.getAccountName() + " in specified domain id");
final DomainVO domain = ApiDBUtils.findDomainById(owner.getDomainId());
String domainUuid = String.valueOf(owner.getDomainId());
if (domain != null) {
domainUuid = domain.getUuid();
}
ex.addProxyObject(domainUuid, "domainId");
throw ex;
}
annotationDao.removeByEntityType(AnnotationService.EntityType.SSH_KEYPAIR.name(), s.getUuid());
return _sshKeyPairDao.deleteByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
}
Also used :
Account(com.cloud.user.Account)
NetworkDomainVO(com.cloud.network.dao.NetworkDomainVO)
DomainVO(com.cloud.domain.DomainVO)
InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException)
SSHKeyPairVO(com.cloud.user.SSHKeyPairVO)
Aggregations
SSHKeyPairVO (com.cloud.user.SSHKeyPairVO)16
Account (com.cloud.user.Account)9
InvalidParameterValueException (com.cloud.exception.InvalidParameterValueException)4
VMTemplateVO (com.cloud.storage.VMTemplateVO)3
CloudRuntimeException (com.cloud.utils.exception.CloudRuntimeException)3
InvalidParameterValueException (com.cloud.utils.exception.InvalidParameterValueException)3
ArrayList (java.util.ArrayList)3
ExcludeList (com.cloud.deploy.DeploymentPlanner.ExcludeList)2
DomainVO (com.cloud.domain.DomainVO)2
ActionEvent (com.cloud.event.ActionEvent)2
ListProjectResourcesCriteria (com.cloud.projects.Project.ListProjectResourcesCriteria)2
SSHKeyPair (com.cloud.user.SSHKeyPair)2
Pair (com.cloud.utils.Pair)2
Ternary (com.cloud.utils.Ternary)2
Filter (com.cloud.utils.db.Filter)2
SSHKeysHelper (com.cloud.utils.ssh.SSHKeysHelper)2
List (java.util.List)2
DataCenter (com.cloud.dc.DataCenter)1
PermissionDeniedException (com.cloud.exception.PermissionDeniedException)1
KubernetesSupportedVersion (com.cloud.kubernetes.version.KubernetesSupportedVersion)1
