CloudyScripts 0.0.6 → 0.0.7

data/Rakefile

@@ -12,7 +12,7 @@ require 'rake/testtask'
 
 spec = Gem::Specification.new do |s|
   s.name = 'CloudyScripts'
-  s.version = '0.0.6'
+  s.version = '0.0.7'
   s.has_rdoc = true
   s.extra_rdoc_files = ['README.rdoc', 'LICENSE']
   s.summary = 'Scripts to facilitate programming for infrastructure clouds.'

data/lib/help/dm_crypt_helper.rb

@@ -3,50 +3,18 @@ require 'help/remote_command_handler'
 # This class implements helper methods for Dm Encryption
 # (see #Scripts::EC2::DmEncrypt)
 
-class DmCryptHelper
-  attr_accessor :logger
-
-  def initialize
-    @logger = Logger.new(STDOUT)
-  end
-
-  # Passes an remote command handler object
-  # (see #Help::RemoteCommandHandler)
-  def set_ssh(ssh_session)
-    @ssh_session = ssh_session
-  end
-
-  # Installs the dm-crypt tools (if not yet done)
-  def install()
-    #TODO: dm-crypt seems to be installed automatically
-    true
-  end
-
-  # Checks if the dm-crypt tool is installed (true/false)
-  def tools_installed?()
-    @ssh_session.exec! "which dmsetup" do |ch, stream, data|
-      if stream == :stderr
-        return false
-      end
-    end
-    @ssh_session.exec! "which cryptsetup" do |ch, stream, data|
-      if stream == :stderr
-        return false
-      end
-    end
-    #TODO: check also that "/dev/mapper /dev/mapper/control" exist
-    true
-  end
-
-  # Encrypts the device and mounting it using dm-crypt tools.
+class DmCryptHelper < RemoteCommandHandler
+  
+  # Encrypts the device and mounting it using dm-crypt tools. Uses LVM to
+  # work with virtual devices.
   # Params
   # * name: name of the virtual volume
   # * password: paraphrase to be used for encryption
   # * device: device to be encrypted
   # * path: path to which the encrypted device is mounted
-  def encrypt_storage(name, password, device, path)
+  def encrypt_storage_lvm(name, password, device, path)
     # first: check if a file in /dev/mapper exists
-    if RemoteCommandHandler.file_exists?(@ssh_session, "/dev/mapper/dm-#{name}")
+    if file_exists?("/dev/mapper/dm-#{name}")
       mapper_exists = true
     else
       mapper_exists = false
@@ -138,7 +106,7 @@ class DmCryptHelper
         #raise Exception.new(err)
         #end
       #end
-      if !RemoteCommandHandler.file_exists?(@ssh_session,"/dev/vg-#{name}/lv-#{name}")
+      if !file_exists?("/dev/vg-#{name}/lv-#{name}")
         err = "Missing file: /dev/vg-#{name}/lv-#{name}"
         raise Exception.new(err)
       end
@@ -155,13 +123,8 @@ class DmCryptHelper
     end
   end
 
-  # Check if the storage is encrypted (not yet implemented).
-  def test_storage_encryption(password, mount_point, path)
-    raise Exception.new("not yet implemented")
-  end
-
   # Undo encryption for the volume specified by name and path
-  def undo_encryption(name, path)
+  def undo_encryption_lvm(name, path)
     exec_string = "umount #{path}"
     @logger.debug "going to execute #{exec_string}"
     @ssh_session.exec! exec_string do |ch, stream, data|
@@ -189,4 +152,53 @@ class DmCryptHelper
     end
   end
 
+  # Encrypts the device and mounting it using dm-crypt tools.
+  # Params
+  # * name: name of the virtual volume
+  # * password: paraphrase to be used for encryption
+  # * device: device to be encrypted
+  # * path: path to which the encrypted device is mounted
+  def encrypt_storage(name, password, device, path)
+    if !RemoteCommandHandler.remote_execute(@ssh_session, @logger, "cryptsetup isLuks #{device}")
+      raise Exception.new("device #{device} is already used differently")
+    end
+    if file_exists?(device)
+      if !file_exists?("/dev/mapper/#{name}")
+        @logger.debug("mapper device #{name} not yet existing")
+        #device not configured, go ahead
+        RemoteCommandHandler.remote_execute(@ssh_session, @logger, "cryptsetup luksFormat  -q #{device}", password)
+        @logger.debug("device #{device} formatted as #{name}")
+        RemoteCommandHandler.remote_execute(@ssh_session, @logger, "cryptsetup luksOpen #{device} #{name}",password)
+        @logger.debug("device #{device} / #{name} opened")
+        self.create_filesystem("ext3", "/dev/mapper/#{name}")
+        @logger.debug("filesystem created on /dev/mapper/#{name}")
+        self.mkdir(path)
+        self.mount("/dev/mapper/#{name}", path)
+        #TODO: make a final check that everything worked? ?
+      else
+        #device already exists, just re-activate it
+        @logger.debug("mapper device #{name} is existing")
+        RemoteCommandHandler.remote_execute(@ssh_session, @logger, "cryptsetup luksOpen #{device} #{name}")
+        @logger.debug("device #{device} /dev/mapper/#{name} opened")
+        self.mkdir(path) unless file_exists?(path)
+        self.mount("/dev/mapper/#{name}", path) unless drive_mounted_as?("/dev/mapper/#{name}", path)
+      end
+    else
+      #device does not even exist
+      raise Exception.new("device #{device} does not exist")
+    end
+
+  end
+
+  # Check if the storage is encrypted (not yet implemented).
+  def test_storage_encryption(password, mount_point, path)
+  end
+
+  def undo_encryption(name, path)
+    RemoteCommandHandler.remote_execute(@ssh_session, @logger, "umount #{path}", nil, true)
+    @logger.debug("drive #{path} unmounted")
+    RemoteCommandHandler.remote_execute(@ssh_session, @logger, "cryptsetup luksClose /dev/mapper/#{name}", nil, true)
+    @logger.debug("closed /dev/mapper/#{name} unmounted")
+  end
+
 end

data/lib/help/remote_command_handler.rb

@@ -1,33 +1,19 @@
 require 'rubygems'
 require 'net/ssh'
-require 'help/dm_crypt_helper'
 
 # Provides methods to be executed via ssh to remote instances.
 class RemoteCommandHandler
-  attr_accessor :logger
+  attr_accessor :logger, :ssh_session
   def initialize
-    @crypto = DmCryptHelper.new #TODO: instantiate helpers for different tools
     @logger = Logger.new(STDOUT)
   end
 
-  # Check if the path/file specified exists
-  def self.file_exists?(ssh_session, path)
-    result = true
-    ssh_session.exec!("ls #{path}") do |ch, stream, data|
-      if stream == :stderr
-        result = false
-      end
-    end
-    result
-  end
-
   # Connect to the machine as root using a keyfile.
   # Params:
   # * ip: ip address of the machine to connect to
   # * keyfile: path of the keyfile to be used for authentication
   def connect_with_keyfile(ip, keyfile)
     @ssh_session = Net::SSH.start(ip, 'root', :keys => [keyfile])
-    @crypto.set_ssh(@ssh_session)
   end
 
   # Connect to the machine as root using keydata from a keyfile.
@@ -37,7 +23,6 @@ class RemoteCommandHandler
   # * key_data: key_data to be used for authentication
   def connect(ip, user, key_data)
     @ssh_session = Net::SSH.start(ip, user, :key_data => [key_data])
-    @crypto.set_ssh(@ssh_session)
   end
 
   # Disconnect the current handler
@@ -45,64 +30,49 @@ class RemoteCommandHandler
     @ssh_session.close
   end
 
+  # Check if the path/file specified exists
+  def file_exists?(path)
+    RemoteCommandHandler.remote_execute(@ssh_session, @logger, "ls #{path}")
+  end
+
+  # Returns the result of uname -a (Linux)
+  def retrieve_os()
+    RemoteCommandHandler.get_output(@ssh_session, "uname -r").strip
+  end
+  
   # Installs the software package specified.
   def install(software_package)
-    @crypto.install()
+    e = "yum -yq install #{software_package}; apt-get -yq install #{software_package}"
+    RemoteCommandHandler.remote_execute(@ssh_session, @logger, e)
   end
 
   # Checks if the software package specified is installed.
   def tools_installed?(software_package)
-    @crypto.tools_installed?
-  end
-
-  # Encrypt the storage (using the crypto-helper used, e.g. #Help::DmCryptHelper)
-  def encrypt_storage(name, password, device, path)
-    @crypto.encrypt_storage(name, password, device, path)
-  end
-
-  # Check if the storage is encrypted (using the crypto-helper used, e.g. #Help::DmCryptHelper)
-  def storage_encrypted?(password, device, path)
-    drive_mounted?(path) #TODO: must at least also check the name
+    e = "which #{software_package}"
+    RemoteCommandHandler.remote_execute(@ssh_session, @logger, e)
   end
 
   def create_filesystem(fs_type, volume)
-    e = "echo y >tmp.txt; mkfs -t #{fs_type} #{volume} <tmp.txt; rm -f tmp.txt"
-    @logger.debug "exec #{e}"
-    @ssh_session.exec! e do |ch, stream, data|
-      @logger.debug "#{e}: output on #{stream.inspect}: #{data}"
-    end
+    e = "mkfs -t #{fs_type} #{volume}"
+    RemoteCommandHandler.remote_execute(@ssh_session, @logger, e, "y") #TODO: quiet mode?
   end
 
   def mkdir(path)
     e = "mkdir #{path}"
-    @logger.debug "exec #{e}"
-    @ssh_session.exec! e do |ch, stream, data|
-      @logger.debug "#{e}: output on #{stream.inspect}: #{data}"
-    end
+    RemoteCommandHandler.remote_execute(@ssh_session, @logger, e, nil, true)
   end
 
   def mount(device, path)
     e = "mount #{device} #{path}"
-    @logger.debug "exec #{e}"
-    @ssh_session.exec! e do |ch, stream, data|
-      @logger.debug "#{e}: output on #{stream.inspect}: #{data}"
-    end
+    RemoteCommandHandler.remote_execute(@ssh_session, @logger, e, nil, true)
   end
 
   # Checks if the drive on path is mounted
   def drive_mounted?(path)
     #check if drive mounted
-    drive_found = false
-    @ssh_session.exec! "mount" do |ch, stream, data|
-      if stream == :stdout
-        @logger.debug "mount command produces the following data: #{data}\n---------------"
-        if data.include?("on #{path} type")
-          drive_found = true
-        end
-      end
-    end
+    drive_found = RemoteCommandHandler.stdout_contains?(@ssh_session, @logger, "mount", "on #{path} type")
     if drive_found
-      return RemoteCommandHandler.file_exists?(@ssh_session, path)
+      return file_exists?(path)
     else
       @logger.debug "not mounted (since #{path} non-existing)"
       false
@@ -112,49 +82,88 @@ class RemoteCommandHandler
   # Checks if the drive on path is mounted with the specific device
   def drive_mounted_as?(device, path)
     #check if drive mounted
-    drive_mounted = false
-    @ssh_session.exec! "mount" do |ch, stream, data|
-      if stream == :stdout
-        if data.include?("#{device} on #{path} type")
-          drive_mounted = true
-        end
-      end
-    end
-    drive_mounted
-  end
-
-  # Activates the encrypted volume, i.e. mounts it if not yet done.
-  def activate_encrypted_volume(name, path)
-    drive_mounted = drive_mounted?(path)
-    @logger.debug "drive #{path} mounted? #{drive_mounted}"
-    if !drive_mounted
-      mkdir(path)
-      mount("/dev/vg-#{name}/lv-#{name}", "#{path}")
-    end
-  end
-
-  # Unconfigure the storage (using the crypto-helper used, e.g. #Help::DmCryptHelper)
-  def undo_encryption(name, path)
-    @crypto.undo_encryption(name, path)
+    RemoteCommandHandler.stdout_contains?(@ssh_session, @logger, "mount", "#{device} on #{path} type")
   end
 
   # Unmount the specified path.
   def umount(path)
     exec_string = "umount #{path}"
-    @logger.debug "going to execute #{exec_string}"
-    @ssh_session.exec! exec_string do |ch, stream, data|
-      @logger.debug "ssh_api.umount: returns #{data}"
-    end
+    RemoteCommandHandler.remote_execute(@ssh_session, @logger, exec_string)
     !drive_mounted?(path)
   end
   
   # Copy directory using options -avHx
   def rsync(source_path, dest_path)
     e = "rsync -avHx #{source_path} #{dest_path}"
-    @logger.debug "going to execute #{e}"
-    @ssh_session.exec! e do |ch, stream, data|
-      @logger.debug "#{e}: output on #{stream.inspect}: #{data}"
+    RemoteCommandHandler.remote_execute(@ssh_session, @logger, e, nil, true)
+  end
+
+  # Executes the specified #exec_string on a remote session specified as #ssh_session
+  # and logs the command-output into the specified #logger. When #push_data is
+  # specified, the data will be used as input for the command and thus allows
+  # to respond in advance to commands that ask the user something.
+  # The method will return true if nothing was written into stderr, otherwise false.
+  # When #raise_exception is set, an exception will be raised instead of
+  # returning false.
+  def self.remote_execute(ssh_session, logger, exec_string, push_data = nil, raise_exception = false)
+    logger.debug("RemoteCommandHandler: going to execute #{exec_string}")
+    result = true
+    exec_string = "echo #{push_data} >tmp.txt; #{exec_string} <tmp.txt; rm -f tmp.txt" unless push_data == nil
+    output = ""
+    ssh_session.exec(exec_string) do |ch, stream, data|
+      output += data unless data == nil
+      if stream == :stderr && data != nil
+        result = false
+      end
     end
+    ssh_session.loop
+    logger.info output unless logger == nil
+    raise Exception.new("RemoteCommandHandler: #{exec_string} lead to stderr message: #{output}") unless result == true || raise_exception == false
+    result
+  end
+
+  # Executes the specified #exec_string on a remote session specified as #ssh_session
+  # and logs the command-output into the specified #logger. When #push_data is
+  # specified, the data will be used as input for the command and thus allows
+  # to respond in advance to commands that ask the user something. If the output
+  # in stdout contains the specified #search_string, the method returns true
+  # otherwise false. Output to stderr will be logged.
+  def self.stdout_contains?(ssh_session, logger, exec_string, search_string = "", push_data = nil)
+    logger.debug("RemoteCommandHandler: going to execute #{exec_string}")
+    stdout = []
+    stderr = []
+    exec_string = "echo #{push_data} >tmp.txt; #{exec_string} <tmp.txt; rm -f tmp.txt" unless push_data == nil
+    ssh_session.exec(exec_string) do |ch, stream, data|
+      if stream == :stdout && data != nil
+        stdout << data
+      end
+      if stream == :stderr && data != nil
+        stderr << data
+      end
+    end
+    ssh_session.loop
+    logger.info("RemoteCommandHandler: #{exec_string} lead to stderr message: #{stderr.join("\n")}") unless stderr.size == 0
+    stdout.join("\n").include?(search_string)
+  end
+
+  # Executes the specified #exec_string on a remote session specified as #ssh_session.
+  # When #push_data is specified, the data will be used as input for the command and thus allows
+  # to respond in advance to commands that ask the user something. It returns
+  # stdout. When #stdout or #stderr is specified as arrays, the respective output is
+  # also written into those arrays.
+  def self.get_output(ssh_session, exec_string, push_data = nil, stdout = [], stderr = [])
+    exec_string = "echo #{push_data} >tmp.txt; #{exec_string} <tmp.txt; rm -f tmp.txt" unless push_data == nil
+    ssh_session.exec(exec_string) do |ch, stream, data|
+      if stream == :stdout && data != nil
+        stdout << data
+      end
+      if stream == :stderr && data != nil
+        stderr << data
+      end
+    end
+    ssh_session.loop
+    stdout.join("\n")
   end
 
+
 end

data/lib/help/script_execution_state.rb

@@ -32,6 +32,7 @@ class ScriptExecutionState
         @current_state = @current_state.enter()
         notify_state_change_listeners(@current_state)
       rescue Exception => e
+        @context[:details] = e
         @current_state = FailedState.new(@context, e.to_s, @current_state)
         notify_state_change_listeners(@current_state)
         @logger.warn "Exception: #{e}"

data/lib/scripts/ec2/dm_encrypt.rb

@@ -7,6 +7,9 @@ require "AWS"
 # Script to Encrypt an EC2 Storage (aka Elastic Block Storage)
 # 
 class DmEncrypt < Ec2Script
+  # dependencies: tools that need to be installed to make things work
+  TOOLS = ["cryptsetup","lvm"]
+
   # Input parameters
   # * aws_access_key => the Amazon AWS Access Key (see Your Account -> Security Credentials)
   # * aws_secret_key => the Amazon AWS Secret Key
@@ -21,9 +24,9 @@ class DmEncrypt < Ec2Script
   # * ec2_api_handler => object that allows to access the EC2 API (optional)
   # * ec2_api_server => server to connect to (option, default is us-east-1.ec2.amazonaws.com)
   #
+
   def initialize(input_params)
     super(input_params)
-    @result = {:done => false}
   end
 
   # Executes the script.
@@ -106,6 +109,7 @@ class DmEncrypt < Ec2Script
       else
         raise Exception.new("no key information specified")
       end
+      @context[:result][:os] = @context[:remote_command_handler].retrieve_os()
       ConnectedState.new(@context)
     end
   end
@@ -120,7 +124,9 @@ class DmEncrypt < Ec2Script
     def install_tools
       @logger.debug "ConnectedState.install_tools"
       if !tools_installed?
-        @context[:remote_command_handler].install("dm-crypt") #TODO: constant somewhere? admin parameter?
+        TOOLS.each() {|tool|
+          @context[:remote_command_handler].install(tool)
+        }
       end
       if tools_installed?
         @logger.debug "system says that tools are installed"
@@ -131,11 +137,12 @@ class DmEncrypt < Ec2Script
     end
 
     def tools_installed?
-      if @context[:remote_command_handler].tools_installed?("dm-crypt")
-        true
-      else
-        false
-      end
+      TOOLS.each() {|tool|
+        if !@context[:remote_command_handler].tools_installed?(tool)
+          return false
+        end
+      }
+      true
     end
   end
 
@@ -148,16 +155,9 @@ class DmEncrypt < Ec2Script
     private
     def create_encrypted_volume
       @logger.debug "ToolInstalledState.create_encrypted_volume"
-      #first check if the drive is not yet mounted by someone else
-      if @context[:remote_command_handler].drive_mounted?(@context[:storage_path])
-        if !@context[:remote_command_handler].drive_mounted_as?(calc_device_name(), @context[:storage_path])
-          raise Exception.new("Drive is already used by another device")
-        end
-      end
-      #
       @context[:remote_command_handler].encrypt_storage(@context[:device_name],
       @context[:paraphrase], @context[:device], @context[:storage_path])
-      VolumeCreatedState.new(@context)
+      MountedAndActivatedState.new(@context)
     end
 
     def calc_device_name
@@ -167,21 +167,7 @@ class DmEncrypt < Ec2Script
 
   end
 
-  # The encrypted Volume is created. Going to mount it.
-  class VolumeCreatedState < DmEncryptState
-    def enter
-      mount_and_activate()
-    end
-
-    private
-    def mount_and_activate
-      @logger.debug "VolumeCreatedState.mount_and_activate"
-      @context[:remote_command_handler].activate_encrypted_volume(@context[:device_name],@context[:storage_path])
-      MountedAndActivatedState.new(@context)
-    end
-  end
-
-  # The encrypted storages is mounted. Cleanup and done.
+  # The encrypted storages is mounted and activated. Cleanup and done.
   class MountedAndActivatedState < DmEncryptState
     def enter
       cleanup()

data/lib/scripts/ec2/ec2_script.rb

@@ -14,6 +14,8 @@ class Ec2Script
       @logger .level = Logger::WARN
       input_params[:logger] = @logger
     end
+    @result = {:done => false}
+    @input_params[:result] = @result
   end
 
   def register_state_change_listener(listener)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: CloudyScripts
 version: !ruby/object:Gem::Version 
-  version: 0.0.6
+  version: 0.0.7
 platform: ruby
 authors: 
 - Matthias Jung
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-01-11 00:00:00 +01:00
+date: 2010-01-15 00:00:00 +01:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency