opennebula 6.4.6 → 6.5.80.pre
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/ActionManager.rb +1 -1
- data/lib/CommandManager.rb +10 -7
- data/lib/DriverExecHelper.rb +2 -2
- data/lib/OpenNebulaDriver.rb +1 -1
- data/lib/VirtualMachineDriver.rb +28 -14
- data/lib/cloud/CloudClient.rb +3 -3
- data/lib/datacenter.rb +25 -21
- data/lib/datastore.rb +4 -4
- data/lib/distributed_firewall.rb +1 -1
- data/lib/file_helper.rb +2 -2
- data/lib/host.rb +3 -3
- data/lib/logical_port.rb +1 -1
- data/lib/logical_switch.rb +1 -1
- data/lib/memoize.rb +1 -1
- data/lib/models/role.rb +116 -70
- data/lib/models/service.rb +58 -58
- data/lib/models.rb +1 -1
- data/lib/network.rb +1 -1
- data/lib/nsx_client.rb +1 -1
- data/lib/nsx_component.rb +1 -1
- data/lib/nsx_constants.rb +2 -2
- data/lib/nsx_driver.rb +1 -1
- data/lib/nsx_error.rb +1 -1
- data/lib/nsx_rule.rb +1 -1
- data/lib/nsxt_client.rb +1 -1
- data/lib/nsxt_dfw.rb +1 -1
- data/lib/nsxt_logical_port.rb +1 -1
- data/lib/nsxt_rule.rb +1 -1
- data/lib/nsxt_tz.rb +1 -1
- data/lib/nsxv_client.rb +1 -1
- data/lib/nsxv_dfw.rb +1 -1
- data/lib/nsxv_logical_port.rb +1 -1
- data/lib/nsxv_rule.rb +1 -1
- data/lib/nsxv_tz.rb +1 -1
- data/lib/opaque_network.rb +1 -1
- data/lib/opennebula/acl.rb +1 -1
- data/lib/opennebula/acl_pool.rb +1 -1
- data/lib/opennebula/client.rb +3 -3
- data/lib/opennebula/cluster.rb +1 -1
- data/lib/opennebula/cluster_pool.rb +1 -1
- data/lib/opennebula/datastore.rb +4 -3
- data/lib/opennebula/datastore_pool.rb +1 -1
- data/lib/opennebula/document.rb +1 -1
- data/lib/opennebula/document_json.rb +1 -1
- data/lib/opennebula/document_pool.rb +1 -1
- data/lib/opennebula/document_pool_json.rb +1 -1
- data/lib/opennebula/error.rb +1 -1
- data/lib/opennebula/flow/grammar.rb +1 -1
- data/lib/opennebula/flow/service_pool.rb +1 -1
- data/lib/opennebula/flow/service_template.rb +22 -22
- data/lib/opennebula/flow/service_template_ext.rb +1 -1
- data/lib/opennebula/flow/service_template_pool.rb +1 -1
- data/lib/opennebula/flow/validator.rb +1 -1
- data/lib/opennebula/flow.rb +1 -1
- data/lib/opennebula/group.rb +1 -1
- data/lib/opennebula/group_pool.rb +1 -1
- data/lib/opennebula/hook.rb +1 -1
- data/lib/opennebula/hook_log.rb +1 -1
- data/lib/opennebula/hook_pool.rb +1 -1
- data/lib/opennebula/host.rb +1 -1
- data/lib/opennebula/host_pool.rb +1 -1
- data/lib/opennebula/image.rb +33 -23
- data/lib/opennebula/image_pool.rb +1 -1
- data/lib/opennebula/ldap_auth.rb +4 -4
- data/lib/opennebula/ldap_auth_spec.rb +1 -1
- data/lib/opennebula/lockable_ext.rb +1 -1
- data/lib/opennebula/marketplace.rb +1 -1
- data/lib/opennebula/marketplace_pool.rb +1 -1
- data/lib/opennebula/marketplaceapp.rb +1 -1
- data/lib/opennebula/marketplaceapp_ext.rb +4 -4
- data/lib/opennebula/marketplaceapp_pool.rb +1 -1
- data/lib/opennebula/oneflow_client.rb +5 -8
- data/lib/opennebula/pool.rb +1 -1
- data/lib/opennebula/pool_element.rb +1 -1
- data/lib/opennebula/security_group.rb +1 -1
- data/lib/opennebula/security_group_pool.rb +1 -1
- data/lib/opennebula/server_cipher_auth.rb +1 -1
- data/lib/opennebula/server_x509_auth.rb +1 -1
- data/lib/opennebula/ssh_auth.rb +80 -103
- data/lib/opennebula/system.rb +1 -1
- data/lib/opennebula/template.rb +1 -1
- data/lib/opennebula/template_ext.rb +3 -3
- data/lib/opennebula/template_pool.rb +1 -1
- data/lib/opennebula/user.rb +1 -1
- data/lib/opennebula/user_pool.rb +1 -1
- data/lib/opennebula/utils.rb +1 -1
- data/lib/opennebula/vdc.rb +1 -1
- data/lib/opennebula/vdc_pool.rb +1 -1
- data/lib/opennebula/virtual_machine.rb +31 -3
- data/lib/opennebula/virtual_machine_ext.rb +12 -217
- data/lib/opennebula/virtual_machine_pool.rb +1 -1
- data/lib/opennebula/virtual_network.rb +33 -4
- data/lib/opennebula/virtual_network_pool.rb +1 -1
- data/lib/opennebula/virtual_router.rb +1 -1
- data/lib/opennebula/virtual_router_pool.rb +1 -1
- data/lib/opennebula/vm_group.rb +1 -1
- data/lib/opennebula/vm_group_pool.rb +1 -1
- data/lib/opennebula/vntemplate.rb +1 -1
- data/lib/opennebula/vntemplate_pool.rb +1 -1
- data/lib/opennebula/wait_ext.rb +1 -1
- data/lib/opennebula/x509_auth.rb +1 -1
- data/lib/opennebula/xml_element.rb +1 -1
- data/lib/opennebula/xml_pool.rb +1 -1
- data/lib/opennebula/xml_utils.rb +1 -1
- data/lib/opennebula/zone.rb +1 -1
- data/lib/opennebula/zone_pool.rb +1 -1
- data/lib/opennebula.rb +2 -2
- data/lib/rest_client.rb +18 -14
- data/lib/scripts_common.rb +4 -1
- data/lib/transport_zone.rb +1 -1
- data/lib/vcenter_driver.rb +1 -1
- data/lib/vcenter_importer.rb +1 -1
- data/lib/vi_client.rb +73 -65
- data/lib/vi_helper.rb +1 -1
- data/lib/virtual_machine.rb +4 -10
- data/lib/virtual_wire.rb +2 -2
- data/lib/vm_disk.rb +1 -1
- data/lib/vm_folder.rb +1 -1
- data/lib/vm_helper.rb +1 -1
- data/lib/vm_monitor.rb +1 -1
- data/lib/vm_nic.rb +1 -1
- data/lib/vm_template.rb +1 -1
- metadata +4 -4
data/lib/opennebula/hook_pool.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
data/lib/opennebula/host.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
data/lib/opennebula/host_pool.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
data/lib/opennebula/image.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -26,20 +26,21 @@ module OpenNebula
|
|
26
26
|
#######################################################################
|
27
27
|
|
28
28
|
IMAGE_METHODS = {
|
29
|
-
:info
|
30
|
-
:allocate
|
31
|
-
:update
|
32
|
-
:enable
|
33
|
-
:persistent
|
34
|
-
:delete
|
35
|
-
:chown
|
36
|
-
:chmod
|
37
|
-
:chtype
|
38
|
-
:clone
|
39
|
-
:rename
|
40
|
-
:snapshotdelete
|
41
|
-
:snapshotrevert
|
42
|
-
:snapshotflatten=> "image.snapshotflatten",
|
29
|
+
:info => "image.info",
|
30
|
+
:allocate => "image.allocate",
|
31
|
+
:update => "image.update",
|
32
|
+
:enable => "image.enable",
|
33
|
+
:persistent => "image.persistent",
|
34
|
+
:delete => "image.delete",
|
35
|
+
:chown => "image.chown",
|
36
|
+
:chmod => "image.chmod",
|
37
|
+
:chtype => "image.chtype",
|
38
|
+
:clone => "image.clone",
|
39
|
+
:rename => "image.rename",
|
40
|
+
:snapshotdelete => "image.snapshotdelete",
|
41
|
+
:snapshotrevert => "image.snapshotrevert",
|
42
|
+
:snapshotflatten => "image.snapshotflatten",
|
43
|
+
:restore => "image.restore",
|
43
44
|
:lock => "image.lock",
|
44
45
|
:unlock => "image.unlock"
|
45
46
|
}
|
@@ -61,7 +62,7 @@ module OpenNebula
|
|
61
62
|
"LOCKED_USED_PERS" => "lock"
|
62
63
|
}
|
63
64
|
|
64
|
-
IMAGE_TYPES=%w{OS CDROM DATABLOCK KERNEL RAMDISK CONTEXT}
|
65
|
+
IMAGE_TYPES=%w{OS CDROM DATABLOCK KERNEL RAMDISK CONTEXT BACKUP}
|
65
66
|
|
66
67
|
SHORT_IMAGE_TYPES={
|
67
68
|
"OS" => "OS",
|
@@ -69,7 +70,8 @@ module OpenNebula
|
|
69
70
|
"DATABLOCK" => "DB",
|
70
71
|
"KERNEL" => "KL",
|
71
72
|
"RAMDISK" => "RD",
|
72
|
-
"CONTEXT" => "CX"
|
73
|
+
"CONTEXT" => "CX",
|
74
|
+
"BACKUP" => "BK"
|
73
75
|
}
|
74
76
|
|
75
77
|
DISK_TYPES=%w{FILE CD_ROM BLOCK RBD}
|
@@ -163,8 +165,8 @@ module OpenNebula
|
|
163
165
|
end
|
164
166
|
|
165
167
|
# Deletes the Image
|
166
|
-
def delete()
|
167
|
-
|
168
|
+
def delete(force=false)
|
169
|
+
call(IMAGE_METHODS[:delete], @pe_id, force)
|
168
170
|
end
|
169
171
|
|
170
172
|
# Changes the owner/group
|
@@ -229,7 +231,7 @@ module OpenNebula
|
|
229
231
|
# @return [nil, OpenNebula::Error] nil in case of success, Error
|
230
232
|
# otherwise
|
231
233
|
def rename(name)
|
232
|
-
|
234
|
+
call(IMAGE_METHODS[:rename], @pe_id, name)
|
233
235
|
end
|
234
236
|
|
235
237
|
# Deletes Image from snapshot
|
@@ -238,7 +240,7 @@ module OpenNebula
|
|
238
240
|
#
|
239
241
|
# @return [nil, OpenNebula::Error] nil in case of success or Error
|
240
242
|
def snapshot_delete(snap_id)
|
241
|
-
|
243
|
+
call(IMAGE_METHODS[:snapshotdelete], @pe_id, snap_id)
|
242
244
|
end
|
243
245
|
|
244
246
|
# Reverts Image state to a previous snapshot
|
@@ -247,7 +249,7 @@ module OpenNebula
|
|
247
249
|
#
|
248
250
|
# @return [nil, OpenNebula::Error] nil in case of success or Error
|
249
251
|
def snapshot_revert(snap_id)
|
250
|
-
|
252
|
+
call(IMAGE_METHODS[:snapshotrevert], @pe_id, snap_id)
|
251
253
|
end
|
252
254
|
|
253
255
|
# Flattens an image snapshot
|
@@ -256,7 +258,15 @@ module OpenNebula
|
|
256
258
|
#
|
257
259
|
# @return [nil, OpenNebula::Error] nil in case of success or Error
|
258
260
|
def snapshot_flatten(snap_id)
|
259
|
-
|
261
|
+
call(IMAGE_METHODS[:snapshotflatten], @pe_id, snap_id)
|
262
|
+
end
|
263
|
+
|
264
|
+
# Restore the VM backup stored by the image
|
265
|
+
#
|
266
|
+
# @param dst_id [Integer] Datastore destination ID
|
267
|
+
# @param restore_opts [String] Template with additional restore options
|
268
|
+
def restore(dst_id, restore_opts)
|
269
|
+
@client.call(IMAGE_METHODS[:restore], @pe_id, dst_id, restore_opts)
|
260
270
|
end
|
261
271
|
|
262
272
|
#######################################################################
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
data/lib/opennebula/ldap_auth.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# ---------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -89,7 +89,7 @@ class OpenNebula::LdapAuth
|
|
89
89
|
file=@options[:mapping_file_path]
|
90
90
|
generate = false
|
91
91
|
|
92
|
-
if File.
|
92
|
+
if File.exists?(file)
|
93
93
|
stat = File.stat(file)
|
94
94
|
age = Time.now.to_i - stat.mtime.to_i
|
95
95
|
generate = true if age > @options[:mapping_timeout]
|
@@ -124,7 +124,7 @@ class OpenNebula::LdapAuth
|
|
124
124
|
|
125
125
|
@mapping = {}
|
126
126
|
|
127
|
-
if File.
|
127
|
+
if File.exists?(file)
|
128
128
|
@mapping = YAML.load(File.read(file))
|
129
129
|
end
|
130
130
|
|
@@ -213,7 +213,7 @@ class OpenNebula::LdapAuth
|
|
213
213
|
groups = []
|
214
214
|
ldap_groups.each do |group|
|
215
215
|
if (g = in_hash_ignore_case?(@mapping, group))
|
216
|
-
if
|
216
|
+
if ldap_groups.any? {
|
217
217
|
|s| s.casecmp(@options[:group_admin_group_dn])==0
|
218
218
|
}
|
219
219
|
groups << "*#{@mapping[g]}"
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# ---------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -314,9 +314,9 @@ module OpenNebula::MarketPlaceAppExt
|
|
314
314
|
# @param image [OpenNebula::Image] Image information
|
315
315
|
def create_vcenter_template(ds, options, template, image = nil)
|
316
316
|
ret = {}
|
317
|
-
keys = [
|
318
|
-
|
319
|
-
|
317
|
+
keys = %w[VCENTER_TEMPLATE_REF
|
318
|
+
VCENTER_CCR_REF
|
319
|
+
VCENTER_INSTANCE_ID]
|
320
320
|
|
321
321
|
if ds['//VCENTER_TEMPLATE_REF']
|
322
322
|
keys.each do |key|
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -339,9 +339,9 @@ module Service
|
|
339
339
|
url = opts[:url]
|
340
340
|
elsif ENV['ONEFLOW_URL']
|
341
341
|
url = ENV['ONEFLOW_URL']
|
342
|
-
elsif ENV['HOME'] && File.
|
342
|
+
elsif ENV['HOME'] && File.exists?(ENV['HOME'] + endpoint)
|
343
343
|
url = File.read(ENV['HOME'] + endpoint).strip
|
344
|
-
elsif File.
|
344
|
+
elsif File.exists?('/var/lib/one/.one/oneflow_endpoint')
|
345
345
|
url = File.read('/var/lib/one/.one/oneflow_endpoint').strip
|
346
346
|
else
|
347
347
|
url = 'http://localhost:2474'
|
@@ -454,14 +454,11 @@ module Service
|
|
454
454
|
|
455
455
|
req['User-Agent'] = @user_agent
|
456
456
|
|
457
|
-
|
458
|
-
req.instance_variable_set(:@path, @uri.path + req.path)
|
459
|
-
end
|
460
|
-
|
461
|
-
CloudClient.http_start(@uri, @timeout) do |http|
|
457
|
+
res = CloudClient::http_start(@uri, @timeout) do |http|
|
462
458
|
http.request(req)
|
463
459
|
end
|
464
460
|
|
461
|
+
res
|
465
462
|
end
|
466
463
|
end
|
467
464
|
end
|
data/lib/opennebula/pool.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
data/lib/opennebula/ssh_auth.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -14,127 +14,104 @@
|
|
14
14
|
# limitations under the License. #
|
15
15
|
#--------------------------------------------------------------------------- #
|
16
16
|
|
17
|
+
|
18
|
+
require 'pp'
|
17
19
|
require 'openssl'
|
18
20
|
require 'base64'
|
19
21
|
require 'fileutils'
|
20
|
-
require 'open3'
|
21
|
-
require 'tempfile'
|
22
|
-
|
23
|
-
module OpenNebula
|
24
|
-
|
25
|
-
# SSH key authentication class. It can be used as a driver for auth_mad
|
26
|
-
# as auth method is defined. It also holds some helper methods to be used
|
27
|
-
# by oneauth command
|
28
|
-
class SshAuth
|
29
|
-
|
30
|
-
# Initialize SshAuth object
|
31
|
-
#
|
32
|
-
# @param [Hash] default options for path
|
33
|
-
# @option options [String] :public_key public key for the user
|
34
|
-
# @option options [String] :private_key key private key for the user.
|
35
|
-
def initialize(options = {})
|
36
|
-
@private_key = nil
|
37
|
-
@public_key = nil
|
38
|
-
|
39
|
-
# Initialize the private key
|
40
|
-
if options[:private_key]
|
41
|
-
begin
|
42
|
-
@private_key = File.read(options[:private_key])
|
43
|
-
rescue StandardError => e
|
44
|
-
raise "Cannot read #{options[:private_key]}\n #{e}"
|
45
|
-
end
|
46
|
-
|
47
|
-
begin
|
48
|
-
@private_key_rsa = OpenSSL::PKey::RSA.new(@private_key)
|
49
|
-
rescue OpenSSL::PKey::RSAError
|
50
|
-
private_key_pem = openssh_to_pem(@private_key)
|
51
|
-
@private_key_rsa = OpenSSL::PKey::RSA.new(private_key_pem)
|
52
|
-
end
|
53
|
-
end
|
54
|
-
|
55
|
-
# Initialize the public key
|
56
|
-
if options[:public_key]
|
57
|
-
@public_key = options[:public_key]
|
58
|
-
elsif !@private_key.nil?
|
59
|
-
# Init ssh keys using private key. public key is extracted in a
|
60
|
-
# format compatible with openssl. The public key does not contain
|
61
|
-
# "---- BEGIN/END PUBLIC KEY ----" and is in a single line
|
62
|
-
@public_key = @private_key_rsa.public_key.to_pem.split("\n")
|
63
|
-
@public_key = @public_key.reject {|l| l.match(/PUBLIC KEY/) }.join('')
|
64
|
-
end
|
65
22
|
|
66
|
-
|
67
|
-
|
23
|
+
module OpenNebula; end
|
24
|
+
|
25
|
+
# SSH key authentication class. It can be used as a driver for auth_mad
|
26
|
+
# as auth method is defined. It also holds some helper methods to be used
|
27
|
+
# by oneauth command
|
28
|
+
class OpenNebula::SshAuth
|
29
|
+
# Initialize SshAuth object
|
30
|
+
#
|
31
|
+
# @param [Hash] default options for path
|
32
|
+
# @option options [String] :public_key public key for the user
|
33
|
+
# @option options [String] :private_key key private key for the user.
|
34
|
+
def initialize(options={})
|
35
|
+
@private_key = nil
|
36
|
+
@public_key = nil
|
37
|
+
|
38
|
+
# Initialize the private key
|
39
|
+
if options[:private_key]
|
40
|
+
begin
|
41
|
+
@private_key = File.read(options[:private_key])
|
42
|
+
rescue Exception => e
|
43
|
+
raise "Cannot read #{options[:private_key]}"
|
68
44
|
end
|
69
45
|
|
70
|
-
@
|
46
|
+
@private_key_rsa = OpenSSL::PKey::RSA.new(@private_key)
|
71
47
|
end
|
72
48
|
|
73
|
-
#
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
49
|
+
# Initialize the public key
|
50
|
+
if options[:public_key]
|
51
|
+
@public_key = options[:public_key]
|
52
|
+
elsif @private_key != nil
|
53
|
+
# Init ssh keys using private key. public key is extracted in a
|
54
|
+
# format compatible with openssl. The public key does not contain
|
55
|
+
# "---- BEGIN/END PUBLIC KEY ----" and is in a single line
|
56
|
+
@public_key = @private_key_rsa.public_key.to_pem.split("\n")
|
57
|
+
@public_key = @public_key.reject {|l| l.match(/PUBLIC KEY/) }.join('')
|
80
58
|
end
|
81
59
|
|
82
|
-
|
83
|
-
|
84
|
-
def password
|
85
|
-
@public_key
|
60
|
+
if @private_key.nil? && @public_key.nil?
|
61
|
+
raise "You have to define at least one of the keys"
|
86
62
|
end
|
87
63
|
|
88
|
-
|
89
|
-
|
90
|
-
begin
|
91
|
-
token_plain = decrypt(token)
|
92
|
-
t_user, time = token_plain.split(':')
|
93
|
-
|
94
|
-
return 'invalid credentials' unless user == t_user
|
95
|
-
return 'ssh proxy expired, login again to renew it' if Time.now.to_i >= time.to_i
|
96
|
-
|
97
|
-
return true
|
98
|
-
rescue StandardError
|
99
|
-
return 'error'
|
100
|
-
end
|
101
|
-
end
|
102
|
-
|
103
|
-
private
|
104
|
-
|
105
|
-
def openssh_to_pem(private_key)
|
106
|
-
temp_file = Tempfile.new('private_key')
|
107
|
-
|
108
|
-
File.write(temp_file.path, private_key)
|
109
|
-
|
110
|
-
# Use ssh-keygen to convert the key
|
111
|
-
command = "ssh-keygen -p -N '' -m PEM -f #{temp_file.path}"
|
64
|
+
@public_key_rsa = OpenSSL::PKey::RSA.new(Base64::decode64(@public_key))
|
65
|
+
end
|
112
66
|
|
113
|
-
|
67
|
+
# Creates a login token for ssh authentication.
|
68
|
+
# By default it is valid for 1 hour but it can be changed to any number
|
69
|
+
# of seconds with expire parameter (in seconds)
|
70
|
+
def login_token(user, expire=3600)
|
71
|
+
expire ||= 3600
|
114
72
|
|
115
|
-
|
73
|
+
return encrypt("#{user}:#{Time.now.to_i + expire.to_i}")
|
74
|
+
end
|
116
75
|
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
end
|
76
|
+
# Returns a valid password string to create a user using this auth driver.
|
77
|
+
# In this case the ssh public key.
|
78
|
+
def password
|
79
|
+
@public_key
|
80
|
+
end
|
123
81
|
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
82
|
+
# Checks the proxy created with the login method
|
83
|
+
def authenticate(user, token)
|
84
|
+
begin
|
85
|
+
token_plain = decrypt(token)
|
86
|
+
_user, time = token_plain.split(':')
|
87
|
+
|
88
|
+
if user == _user
|
89
|
+
if Time.now.to_i >= time.to_i
|
90
|
+
return "ssh proxy expired, login again to renew it"
|
91
|
+
else
|
92
|
+
return true
|
93
|
+
end
|
94
|
+
else
|
95
|
+
return "invalid credentials"
|
96
|
+
end
|
97
|
+
rescue
|
98
|
+
return "error"
|
131
99
|
end
|
100
|
+
end
|
132
101
|
|
133
|
-
|
134
|
-
def decrypt(data)
|
135
|
-
@public_key_rsa.public_decrypt(Base64.decode64(data))
|
136
|
-
end
|
102
|
+
private
|
137
103
|
|
104
|
+
###########################################################################
|
105
|
+
# Methods to handle ssh keys
|
106
|
+
###########################################################################
|
107
|
+
# Encrypts data with the private key of the user and returns
|
108
|
+
# base 64 encoded output in a single line
|
109
|
+
def encrypt(data)
|
110
|
+
Base64::encode64(@private_key_rsa.private_encrypt(data)).gsub!(/\n/, '').strip
|
138
111
|
end
|
139
112
|
|
113
|
+
# Decrypts base 64 encoded data with pub_key (public key)
|
114
|
+
def decrypt(data)
|
115
|
+
@public_key_rsa.public_decrypt(Base64::decode64(data))
|
116
|
+
end
|
140
117
|
end
|
data/lib/opennebula/system.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
data/lib/opennebula/template.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
@@ -79,7 +79,7 @@ module OpenNebula::TemplateExt
|
|
79
79
|
image['STATE'].to_i
|
80
80
|
]
|
81
81
|
|
82
|
-
unless [
|
82
|
+
unless %w[LOCKED READY USED].include?(i_state)
|
83
83
|
logger.fatal "Wrong image state #{i_state}" if logger
|
84
84
|
|
85
85
|
rollback(ids)
|
@@ -204,7 +204,7 @@ module OpenNebula::TemplateExt
|
|
204
204
|
# @param nic [XMLElement] to delete attributes from
|
205
205
|
#-------------------------------------------------------------------
|
206
206
|
def delete_nic_attributes(nic)
|
207
|
-
[
|
207
|
+
%w[NETWORK NETWORK_ID NETWORK_UNAME SECURITY_GROUPS].each do |a|
|
208
208
|
nic.delete_element(a)
|
209
209
|
end
|
210
210
|
end
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
data/lib/opennebula/user.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
data/lib/opennebula/user_pool.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
data/lib/opennebula/utils.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|
data/lib/opennebula/vdc.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -------------------------------------------------------------------------- #
|
2
|
-
# Copyright 2002-
|
2
|
+
# Copyright 2002-2022, OpenNebula Project, OpenNebula Systems #
|
3
3
|
# #
|
4
4
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
|
5
5
|
# not use this file except in compliance with the License. You may obtain #
|