Search in sources :

Example 1 with OpenstackAccount

use of com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount in project halyard by spinnaker.

the class OpenstackAccountValidator method validate.

@Override
public void validate(ConfigProblemSetBuilder psBuilder, OpenstackAccount account) {
    DaemonTaskHandler.message("Validating " + account.getNodeName() + " with " + OpenstackAccountValidator.class.getSimpleName());
    String environment = account.getEnvironment();
    String accountType = account.getAccountType();
    String username = account.getUsername();
    String password = account.getPassword();
    String projectName = account.getPassword();
    String domainName = account.getDomainName();
    String authUrl = account.getAuthUrl();
    List<String> regions = account.getRegions();
    Boolean insecure = account.getInsecure();
    String heatTemplateLocation = account.getHeatTemplateLocation();
    OpenstackAccount.OpenstackLbaasOptions lbaas = account.getLbaas();
    ConsulConfig consulConfig = new ConsulConfig();
    String userDataFile = account.getUserDataFile();
    if (StringUtils.isEmpty(environment)) {
        psBuilder.addProblem(Problem.Severity.ERROR, "You must provide an environment name");
    }
    if (StringUtils.isEmpty(password) || StringUtils.isEmpty(username)) {
        psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a both a username and a password");
    }
    if (StringUtils.isEmpty(projectName)) {
        psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a project name");
    }
    if (!StringUtils.endsWith(authUrl, "/v3")) {
        psBuilder.addProblem(Problem.Severity.WARNING, "You must use Keystone v3. The default auth url will be of the format IP:5000/v3.");
    }
    if (StringUtils.isEmpty(domainName)) {
        psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a domain name");
    }
    if (regions.size() == 0 || StringUtils.isEmpty(regions.get(0))) {
        psBuilder.addProblem(Problem.Severity.ERROR, "You must provide one region");
    }
    if (insecure) {
        psBuilder.addProblem(Problem.Severity.WARNING, "You've chosen to not validate SSL connections. This setup is not recommended in production deployments.");
    }
    if (heatTemplateLocation != null && heatTemplateLocation.isEmpty()) {
        psBuilder.addProblem(Problem.Severity.ERROR, "Not a valid Heat template location: ''");
    }
    if (lbaas.getPollInterval() < 0) {
        psBuilder.addProblem(Problem.Severity.ERROR, "Poll interval cannot be less than 0.").setRemediation("Update this value to be reasonable. Default is 5.");
    }
    if (lbaas.getPollTimeout() < 0) {
        psBuilder.addProblem(Problem.Severity.ERROR, "Poll timeout cannot be less than 0.").setRemediation("Update this value to be reasonable. Default is 60.");
    }
    boolean userDataProvided = userDataFile != null && !userDataFile.isEmpty();
    if (userDataProvided) {
        String resolvedUserData = ValidatingFileReader.contents(psBuilder, userDataFile);
        if (resolvedUserData == null) {
            return;
        } else if (resolvedUserData.isEmpty()) {
            psBuilder.addProblem(Problem.Severity.WARNING, "The supplied user data file is empty.").setRemediation("Please provide a non empty file, or remove the user data file.");
        }
        List<String> validTokens = Arrays.asList("account", "accounttype", "env", "region", "group", "autogrp", "cluster", "stack", "detail", "launchconfig");
        List<String> tokens = Arrays.asList(StringUtils.substringsBetween(resolvedUserData, "%%", "%%"));
        List<String> invalidTokens = tokens.stream().filter(t -> !validTokens.contains(t)).collect(Collectors.toList());
        if (invalidTokens.size() != 0) {
            psBuilder.addProblem(Problem.Severity.WARNING, "The supplied user data file contains tokens that won't be replaced. " + "Tokens \"" + StringUtils.join(invalidTokens, ", ") + "\" are not supported.").setRemediation("Please use only the supported tokens \"" + StringUtils.join(validTokens, ", ") + "\".");
        }
    }
    OpenstackConfigurationProperties.LbaasConfig lbaasConfig = new OpenstackConfigurationProperties.LbaasConfig();
    lbaasConfig.setPollInterval(lbaas.getPollInterval());
    lbaasConfig.setPollTimeout(lbaas.getPollTimeout());
    try {
        OpenstackNamedAccountCredentials openstackCredentials = new OpenstackNamedAccountCredentials.Builder().name(account.getName()).environment(environment).accountType(accountType).authUrl(authUrl).username(username).password(password).projectName(projectName).domainName(domainName).regions(regions).insecure(insecure).heatTemplateLocation(heatTemplateLocation).consulConfig(consulConfig).lbaasConfig(lbaasConfig).userDataFile(userDataFile).build();
        credentialsList.add(openstackCredentials);
    // TODO(emjburns) verify that these credentials can connect w/o error to the openstack instance
    } catch (Exception e) {
        psBuilder.addProblem(Problem.Severity.ERROR, "Failed to instantiate openstack credentials for account \"" + account.getName() + "\".");
    }
}
Also used : OpenstackNamedAccountCredentials(com.netflix.spinnaker.clouddriver.openstack.security.OpenstackNamedAccountCredentials) Arrays(java.util.Arrays) OpenstackConfigurationProperties(com.netflix.spinnaker.clouddriver.openstack.config.OpenstackConfigurationProperties) OpenstackAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount) EqualsAndHashCode(lombok.EqualsAndHashCode) ConfigProblemSetBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemSetBuilder) StringUtils(org.apache.commons.lang3.StringUtils) Collectors(java.util.stream.Collectors) DaemonTaskHandler(com.netflix.spinnaker.halyard.core.tasks.v1.DaemonTaskHandler) ConsulConfig(com.netflix.spinnaker.clouddriver.consul.config.ConsulConfig) List(java.util.List) Validator(com.netflix.spinnaker.halyard.config.model.v1.node.Validator) Data(lombok.Data) Problem(com.netflix.spinnaker.halyard.core.problem.v1.Problem) ValidatingFileReader(com.netflix.spinnaker.halyard.config.validate.v1.util.ValidatingFileReader) ConsulConfig(com.netflix.spinnaker.clouddriver.consul.config.ConsulConfig) OpenstackConfigurationProperties(com.netflix.spinnaker.clouddriver.openstack.config.OpenstackConfigurationProperties) OpenstackNamedAccountCredentials(com.netflix.spinnaker.clouddriver.openstack.security.OpenstackNamedAccountCredentials) OpenstackAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount)

Example 2 with OpenstackAccount

use of com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount in project halyard by spinnaker.

the class OpenstackAddAccountCommand method buildAccount.

@Override
protected Account buildAccount(String accountName) {
    OpenstackAccount account = (OpenstackAccount) new OpenstackAccount().setName(accountName);
    OpenstackAccount.OpenstackLbaasOptions lbaas = new OpenstackAccount.OpenstackLbaasOptions();
    if (isSet(lbaasPollInterval)) {
        lbaas.setPollInterval(lbaasPollInterval);
    }
    if (isSet(lbaasPollTimeout)) {
        lbaas.setPollTimeout(lbaasPollTimeout);
    }
    account.setAuthUrl(authUrl).setUsername(username).setPassword(password).setEnvironment(environment).setAccountType(accountType).setHeatTemplateLocation(heatTemplateLocation).setProjectName(projectName).setDomainName(domainName).setRegions(regions).setInsecure(insecure).setUserDataFile(userDataFile).setConsulConfig(consulConfig).setLbaas(lbaas);
    return account;
}
Also used : OpenstackAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount)

Example 3 with OpenstackAccount

use of com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount in project halyard by spinnaker.

the class DeckProfileFactory method setProfile.

@Override
protected void setProfile(Profile profile, DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) {
    StringResource configTemplate = new StringResource(profile.getBaseContents());
    UiSecurity uiSecurity = deploymentConfiguration.getSecurity().getUiSecurity();
    profile.setUser(ApacheSettings.APACHE_USER);
    Features features = deploymentConfiguration.getFeatures();
    Notifications notifications = deploymentConfiguration.getNotifications();
    Map<String, Object> bindings = new HashMap<>();
    String version = deploymentConfiguration.getVersion();
    // Configure global settings
    bindings.put("gate.baseUrl", endpoints.getServices().getGate().getBaseUrl());
    bindings.put("timezone", deploymentConfiguration.getTimezone());
    bindings.put("version", deploymentConfiguration.getVersion());
    Optional<Versions.Version> validatedVersion = versionsService.getVersions().getVersion(version);
    if (validatedVersion.isPresent()) {
        String changelog = validatedVersion.get().getChangelog();
        bindings.put("changelog.gist.id", changelog.substring(changelog.lastIndexOf("/") + 1));
        bindings.put("changelog.gist.name", "changelog.md");
    } else {
        bindings.put("changelog.gist.id", "");
        bindings.put("changelog.gist.name", "");
    }
    // Configure feature-flags
    bindings.put("features.auth", Boolean.toString(features.isAuth(deploymentConfiguration)));
    bindings.put("features.chaos", Boolean.toString(features.isChaos()));
    bindings.put("features.jobs", Boolean.toString(features.isJobs()));
    bindings.put("features.fiat", Boolean.toString(deploymentConfiguration.getSecurity().getAuthz().isEnabled()));
    bindings.put("features.pipelineTemplates", Boolean.toString(features.getPipelineTemplates() != null ? features.getPipelineTemplates() : false));
    bindings.put("features.artifacts", Boolean.toString(features.getArtifacts() != null ? features.getArtifacts() : false));
    bindings.put("features.mineCanary", Boolean.toString(features.getMineCanary() != null ? features.getMineCanary() : false));
    // Configure Kubernetes
    KubernetesProvider kubernetesProvider = deploymentConfiguration.getProviders().getKubernetes();
    bindings.put("kubernetes.default.account", kubernetesProvider.getPrimaryAccount());
    bindings.put("kubernetes.default.namespace", "default");
    bindings.put("kubernetes.default.proxy", "localhost:8001");
    // Configure GCE
    GoogleProvider googleProvider = deploymentConfiguration.getProviders().getGoogle();
    bindings.put("google.default.account", googleProvider.getPrimaryAccount());
    bindings.put("google.default.region", "us-central1");
    bindings.put("google.default.zone", "us-central1-f");
    // Configure Azure
    AzureProvider azureProvider = deploymentConfiguration.getProviders().getAzure();
    bindings.put("azure.default.account", azureProvider.getPrimaryAccount());
    bindings.put("azure.default.region", "westus");
    // Configure Appengine
    AppengineProvider appengineProvider = deploymentConfiguration.getProviders().getAppengine();
    bindings.put("appengine.default.account", appengineProvider.getPrimaryAccount());
    bindings.put("appengine.enabled", Boolean.toString(appengineProvider.getPrimaryAccount() != null));
    // Configure DC/OS
    final DCOSProvider dcosProvider = deploymentConfiguration.getProviders().getDcos();
    bindings.put("dcos.default.account", dcosProvider.getPrimaryAccount());
    // TODO(willgorman) need to set the proxy url somehow
    // Configure Openstack
    OpenstackProvider openstackProvider = deploymentConfiguration.getProviders().getOpenstack();
    bindings.put("openstack.default.account", openstackProvider.getPrimaryAccount());
    if (openstackProvider.getPrimaryAccount() != null) {
        OpenstackAccount openstackAccount = (OpenstackAccount) accountService.getProviderAccount(deploymentConfiguration.getName(), "openstack", openstackProvider.getPrimaryAccount());
        String firstRegion = openstackAccount.getRegions().get(0);
        bindings.put("openstack.default.region", firstRegion);
    }
    // Configure notifications
    bindings.put("notifications.enabled", notifications.isEnabled() + "");
    SlackNotification slackNotification = notifications.getSlack();
    bindings.put("notifications.slack.enabled", slackNotification.isEnabled() + "");
    bindings.put("notifications.slack.botName", slackNotification.getBotName());
    // Configure canary
    Canary canary = deploymentConfiguration.getCanary();
    bindings.put("canary.atlasWebComponentsUrl", canary.getAtlasWebComponentsUrl());
    bindings.put("canary.featureEnabled", Boolean.toString(canary.isEnabled()));
    if (canary.isEnabled()) {
        // TODO(duftler): Automatically choose the first metrics/storage/judge here if unspecified?
        bindings.put("canary.reduxLogger", canary.isReduxLoggerEnabled());
        bindings.put("canary.defaultMetricsAccount", canary.getDefaultMetricsAccount());
        bindings.put("canary.defaultStorageAccount", canary.getDefaultStorageAccount());
        bindings.put("canary.defaultJudge", canary.getDefaultJudge());
        bindings.put("canary.defaultMetricsStore", canary.getDefaultMetricsStore());
        bindings.put("canary.stages", canary.isStagesEnabled());
        bindings.put("canary.templatesEnabled", canary.isTemplatesEnabled());
        bindings.put("canary.showAllCanaryConfigs", canary.isShowAllConfigsEnabled());
    }
    profile.appendContents(configTemplate.setBindings(bindings).toString()).setRequiredFiles(backupRequiredFiles(uiSecurity, deploymentConfiguration.getName()));
}
Also used : HashMap(java.util.HashMap) AzureProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.azure.AzureProvider) AppengineProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.appengine.AppengineProvider) Canary(com.netflix.spinnaker.halyard.config.model.v1.canary.Canary) StringResource(com.netflix.spinnaker.halyard.core.resource.v1.StringResource) KubernetesProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.kubernetes.KubernetesProvider) OpenstackProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackProvider) UiSecurity(com.netflix.spinnaker.halyard.config.model.v1.security.UiSecurity) SlackNotification(com.netflix.spinnaker.halyard.config.model.v1.notifications.SlackNotification) DCOSProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.dcos.DCOSProvider) Features(com.netflix.spinnaker.halyard.config.model.v1.node.Features) Notifications(com.netflix.spinnaker.halyard.config.model.v1.node.Notifications) GoogleProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.google.GoogleProvider) OpenstackAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount)

Aggregations

OpenstackAccount (com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount)3 ConsulConfig (com.netflix.spinnaker.clouddriver.consul.config.ConsulConfig)1 OpenstackConfigurationProperties (com.netflix.spinnaker.clouddriver.openstack.config.OpenstackConfigurationProperties)1 OpenstackNamedAccountCredentials (com.netflix.spinnaker.clouddriver.openstack.security.OpenstackNamedAccountCredentials)1 Canary (com.netflix.spinnaker.halyard.config.model.v1.canary.Canary)1 Features (com.netflix.spinnaker.halyard.config.model.v1.node.Features)1 Notifications (com.netflix.spinnaker.halyard.config.model.v1.node.Notifications)1 Validator (com.netflix.spinnaker.halyard.config.model.v1.node.Validator)1 SlackNotification (com.netflix.spinnaker.halyard.config.model.v1.notifications.SlackNotification)1 AppengineProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.appengine.AppengineProvider)1 AzureProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.azure.AzureProvider)1 DCOSProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.dcos.DCOSProvider)1 GoogleProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.google.GoogleProvider)1 KubernetesProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.kubernetes.KubernetesProvider)1 OpenstackProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackProvider)1 UiSecurity (com.netflix.spinnaker.halyard.config.model.v1.security.UiSecurity)1 ConfigProblemSetBuilder (com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemSetBuilder)1 ValidatingFileReader (com.netflix.spinnaker.halyard.config.validate.v1.util.ValidatingFileReader)1 Problem (com.netflix.spinnaker.halyard.core.problem.v1.Problem)1 StringResource (com.netflix.spinnaker.halyard.core.resource.v1.StringResource)1