Adding sudo permissions to SSH Driver commands
Added 'sudo' to 'rm', 'mkdir', and 'kill' commands throughout the driver. Co-Authored-By: Brandon Logan <brandon.logan@rackspace.com> Change-Id: Id53490b50ff122b7a95ba5b0182714ab918a4705
This commit is contained in:
parent
0b7f10c84c
commit
0a8f3de403
@ -65,13 +65,13 @@ class HaproxyManager(driver_base.AmphoraLoadBalancerDriver):
|
||||
|
||||
# Build a list of commands to send to the exec method
|
||||
commands = ['chmod 600 {0}/haproxy.cfg'.format(conf_path),
|
||||
'sudo haproxy -f {0}/haproxy.cfg -p {0}/{1}.pid -sf '
|
||||
'haproxy -f {0}/haproxy.cfg -p {0}/{1}.pid -sf '
|
||||
'$(cat {0}/{1}.pid)'.format(conf_path, listener.id)]
|
||||
|
||||
# Exec appropriate commands on all amphorae
|
||||
self._exec_on_amphorae(
|
||||
listener.load_balancer.amphorae, commands,
|
||||
make_dir='mkdir -p {0}'.format(conf_path), data=[config],
|
||||
make_dir=conf_path, data=[config],
|
||||
upload_dir='{0}/haproxy.cfg'.format(conf_path))
|
||||
|
||||
def stop(self, listener, vip):
|
||||
@ -105,7 +105,7 @@ class HaproxyManager(driver_base.AmphoraLoadBalancerDriver):
|
||||
|
||||
# Define commands to execute on the amphorae
|
||||
commands = [
|
||||
'sudo haproxy -f {0}/{1}/haproxy.cfg -p {0}/{1}/{1}.pid'.format(
|
||||
'haproxy -f {0}/{1}/haproxy.cfg -p {0}/{1}/{1}.pid'.format(
|
||||
self.amp_config.base_path, listener.id)]
|
||||
|
||||
# Exec appropriate commands on all amphorae
|
||||
@ -136,12 +136,12 @@ class HaproxyManager(driver_base.AmphoraLoadBalancerDriver):
|
||||
self._connect(hostname=amp.lb_network_ip)
|
||||
|
||||
stdout, _ = self._execute_command(
|
||||
"ip link | grep DOWN -m 1 | awk '{print $2}'",
|
||||
run_as_root=False)
|
||||
"ip link | grep DOWN -m 1 | awk '{print $2}'")
|
||||
iface = stdout[:-2]
|
||||
if not iface:
|
||||
self.client.close()
|
||||
continue
|
||||
|
||||
vip = load_balancer.vip.ip_address
|
||||
sections = vip.split('.')[:3]
|
||||
sections.append('255')
|
||||
@ -151,25 +151,25 @@ class HaproxyManager(driver_base.AmphoraLoadBalancerDriver):
|
||||
"address {1}\nbroadcast {2}\nnetmask {3}\" "
|
||||
">> /etc/network/interfaces'".format(
|
||||
iface, vip, broadcast, '255.255.255.0'))
|
||||
self._execute_command(command)
|
||||
self._execute_command(command, run_as_root=True)
|
||||
# sanity ifdown for interface
|
||||
command = "ifdown {0}".format(iface)
|
||||
self._execute_command(command)
|
||||
self._execute_command(command, run_as_root=True)
|
||||
# sanity ifdown for static ip
|
||||
command = "ifdown {0}:0".format(iface)
|
||||
self._execute_command(command)
|
||||
self._execute_command(command, run_as_root=True)
|
||||
# ifup for interface
|
||||
command = "ifup {0}".format(iface)
|
||||
self._execute_command(command)
|
||||
self._execute_command(command, run_as_root=True)
|
||||
# ifup for static ip
|
||||
command = "ifup {0}:0".format(iface)
|
||||
self._execute_command(command)
|
||||
self._execute_command(command, run_as_root=True)
|
||||
self.client.close()
|
||||
|
||||
def post_network_plug(self, amphora):
|
||||
self._connect(hostname=amphora.lb_network_ip)
|
||||
stdout, _ = self._execute_command(
|
||||
"ip link | grep DOWN -m 1 | awk '{print $2}'", run_as_root=False)
|
||||
"ip link | grep DOWN -m 1 | awk '{print $2}'")
|
||||
iface = stdout[:-2]
|
||||
if not iface:
|
||||
self.client.close()
|
||||
@ -177,16 +177,16 @@ class HaproxyManager(driver_base.AmphoraLoadBalancerDriver):
|
||||
# make interface come up on boot
|
||||
command = ("sh -c 'echo \"\nauto {0}\niface {0} inet dhcp\" "
|
||||
">> /etc/network/interfaces'".format(iface))
|
||||
self._execute_command(command)
|
||||
self._execute_command(command, run_as_root=True)
|
||||
# ifdown for sanity
|
||||
command = "ifdown {0}".format(iface)
|
||||
self._execute_command(command)
|
||||
self._execute_command(command, run_as_root=True)
|
||||
# ifup to bring it up
|
||||
command = "ifup {0}".format(iface)
|
||||
self._execute_command(command)
|
||||
self._execute_command(command, run_as_root=True)
|
||||
self.client.close()
|
||||
|
||||
def _execute_command(self, command, run_as_root=True):
|
||||
def _execute_command(self, command, run_as_root=False):
|
||||
if run_as_root:
|
||||
command = "sudo {0}".format(command)
|
||||
_, stdout, stderr = self.client.exec_command(command)
|
||||
@ -238,10 +238,10 @@ class HaproxyManager(driver_base.AmphoraLoadBalancerDriver):
|
||||
data.append(self._build_pem(bbq_container))
|
||||
|
||||
if data:
|
||||
self._exec_on_amphorae(listener.load_balancer.amphorae,
|
||||
['chmod 600 {0}/*.pem'.format(cert_dir)],
|
||||
make_dir=cert_dir, data=data,
|
||||
upload_dir=cert_dir)
|
||||
self._exec_on_amphorae(
|
||||
listener.load_balancer.amphorae, [
|
||||
'chmod 600 {0}/*.pem'.format(cert_dir)],
|
||||
make_dir=cert_dir, data=data, upload_dir=cert_dir)
|
||||
|
||||
return {'tls_cert': tls_cert, 'sni_certs': sni_certs}
|
||||
|
||||
@ -284,7 +284,11 @@ class HaproxyManager(driver_base.AmphoraLoadBalancerDriver):
|
||||
|
||||
# Setup for file upload
|
||||
if make_dir:
|
||||
self.client.exec_command(make_dir)
|
||||
mkdir_cmd = 'mkdir -p {0}'.format(make_dir)
|
||||
self._execute_command(mkdir_cmd, run_as_root=True)
|
||||
chown_cmd = 'chown -R {0} {1}'.format(
|
||||
self.amp_config.username, make_dir)
|
||||
self._execute_command(chown_cmd, run_as_root=True)
|
||||
|
||||
# Upload files to location
|
||||
if temps:
|
||||
@ -294,7 +298,7 @@ class HaproxyManager(driver_base.AmphoraLoadBalancerDriver):
|
||||
|
||||
# Execute remaining commands
|
||||
for command in commands:
|
||||
self.client.exec_command(command)
|
||||
self._execute_command(command, run_as_root=True)
|
||||
self.client.close()
|
||||
|
||||
# Close the temp file
|
||||
|
@ -41,12 +41,10 @@ class TestSshDriver(base.TestCase):
|
||||
self.driver.barbican_client = mock.Mock(
|
||||
spec=barbican.BarbicanCertManager)
|
||||
self.driver.client = mock.Mock(spec=paramiko.SSHClient)
|
||||
self.driver.client.exec_command.return_value = (
|
||||
mock.Mock(), mock.Mock(), mock.Mock())
|
||||
self.driver.amp_config = mock.MagicMock()
|
||||
|
||||
def test_get_logger(self):
|
||||
self.skip('Will complete later')
|
||||
self.assertEqual(LOG, self.driver.get_logger)
|
||||
|
||||
def test_update(self):
|
||||
with mock.patch.object(
|
||||
self.driver, '_process_tls_certificates') as process_tls_patch:
|
||||
@ -71,12 +69,11 @@ class TestSshDriver(base.TestCase):
|
||||
build_conf.assert_called_once_with(
|
||||
listener, listener.default_tls_container,
|
||||
listener.sni_containers)
|
||||
self.driver.client.connect(
|
||||
mock.ANY, mock.ANY).assert_called_once()
|
||||
self.driver.client.connect.assert_called_once()
|
||||
self.driver.client.open_sftp().assert_called_once()
|
||||
self.driver.client.open_sftp().put().assert_called_once()
|
||||
self.driver.client.exec_command(mock.ANY).assert_called_once()
|
||||
self.driver.client.close().assert_called_once()
|
||||
self.driver.client.exec_command.assert_called_once()
|
||||
self.driver.client.close.assert_called_once()
|
||||
|
||||
def test_stop(self):
|
||||
# Build sample Listener and VIP configs
|
||||
@ -86,9 +83,9 @@ class TestSshDriver(base.TestCase):
|
||||
|
||||
# Execute driver method
|
||||
self.driver.start(listener, vip)
|
||||
self.driver.client.connect(mock.ANY).assert_called_once()
|
||||
self.driver.client.exec_command(mock.ANY).assert_called_once()
|
||||
self.driver.client.close().assert_called_once()
|
||||
self.driver.client.connect.assert_called_once()
|
||||
self.driver.client.exec_command.assert_called_once()
|
||||
self.driver.client.close.assert_called_once()
|
||||
|
||||
def test_start(self):
|
||||
# Build sample Listener and VIP configs
|
||||
@ -98,9 +95,9 @@ class TestSshDriver(base.TestCase):
|
||||
|
||||
# Execute driver method
|
||||
self.driver.start(listener, vip)
|
||||
self.driver.client.connect(mock.ANY).assert_called_once()
|
||||
self.driver.client.exec_command(mock.ANY).assert_called_once()
|
||||
self.driver.client.close().assert_called_once()
|
||||
self.driver.client.connect.assert_called_once()
|
||||
self.driver.client.exec_command.assert_called_once()
|
||||
self.driver.client.close.assert_called_once()
|
||||
|
||||
def test_delete(self):
|
||||
# Build sample Listener and VIP configs
|
||||
@ -112,9 +109,9 @@ class TestSshDriver(base.TestCase):
|
||||
self.driver.delete(listener, vip)
|
||||
|
||||
# Verify call
|
||||
self.driver.client.connect(mock.ANY, mock.ANY).assert_called_once()
|
||||
self.driver.client.exec_command(mock.ANY).assert_called_once()
|
||||
self.driver.client.close().assert_called_once()
|
||||
self.driver.client.connect.assert_called_once()
|
||||
self.driver.client.exec_command.assert_called_once()
|
||||
self.driver.client.close.assert_called_once()
|
||||
|
||||
def test_get_info(self):
|
||||
pass
|
||||
|
Loading…
Reference in New Issue
Block a user