public static Zone getInstanceExternalZone() {
try {
Name name = getExternalName();
Name host = Name.fromString("root." + name.toString());
Name admin =
Name.fromString(
Internets.localHostInetAddress().getCanonicalHostName() + "." + name.toString());
Name target = Name.fromString(Internets.localHostInetAddress().getCanonicalHostName() + ".");
long serial = 1;
long refresh = 86400;
long retry = ttl;
long expires = 2419200;
// This is the negative cache TTL
long minimum = 600;
Record soarec =
new SOARecord(
name, DClass.IN, ttl, host, admin, serial, refresh, retry, expires, minimum);
long nsTTL = 604800;
Record nsrec = new NSRecord(name, DClass.IN, nsTTL, target);
return new TransientZone(name, new Record[] {soarec, nsrec});
} catch (Exception e) {
LOG.error(e, e);
return null;
}
}
@Override
public EucalyptusConfiguration newInstance(
String partition, String name, String host, Integer port) {
try {
InetAddress.getByName(host);
return new EucalyptusConfiguration(host, host);
} catch (UnknownHostException e) {
return new EucalyptusConfiguration(
Internets.localHostAddress(), Internets.localHostAddress());
}
}
static boolean shouldInitialize() { // GRZE:WARNING:HACKHACKHACK do not duplicate pls thanks.
for (final Host h : Hosts.listActiveDatabases()) {
final String url =
String.format(
"jdbc:%s",
ServiceUris.remote(Database.class, h.getBindAddress(), "eucalyptus_config"));
try {
final Connection conn =
DriverManager.getConnection(url, Databases.getUserName(), Databases.getPassword());
try {
final PreparedStatement statement =
conn.prepareStatement(
"select config_component_hostname from config_component_base where config_component_partition='eucalyptus';");
final ResultSet result = statement.executeQuery();
while (result.next()) {
final Object columnValue = result.getObject(1);
if (Internets.testLocal(columnValue.toString())) {
return true;
}
}
} finally {
conn.close();
}
} catch (final Exception ex) {
LOG.error(ex, ex);
}
}
return false;
}
@Override
public boolean apply(Class arg0) {
EntityTransaction db = Entities.get(StorageControllerConfiguration.class);
try {
// Get local IP addresses or host names
Set<String> localAddresses = Internets.getAllLocalHostNamesIps();
List<StorageControllerConfiguration> entities =
Entities.query(new StorageControllerConfiguration());
for (StorageControllerConfiguration entry : entities) {
// This SC is running on the local machine, upgrade its block storage manager config
if (localAddresses.contains(entry.getHostName())) {
LOG.debug("Upgrading SC config " + entry.getPartition());
entry.setBlockStorageManager(loadLocalBlockStorageManagerConfig());
LOG.debug(
"Set storage manager "
+ entry.getBlockStorageManager()
+ " for SC "
+ entry.getPartition());
break;
}
}
db.commit();
return true;
} catch (Exception ex) {
db.rollback();
throw Exceptions.toUndeclared(ex);
}
}
public static ServiceConfiguration createBogus(
final Class<? extends ComponentId> compIdClass, final Class<?> ownerType) {
ComponentId compId = ComponentIds.lookup(compIdClass);
return new EphemeralConfiguration(
compId,
compId.getPartition(),
ownerType.getCanonicalName(),
ServiceUris.internal(compId, Internets.localHostInetAddress(), ownerType.getSimpleName()));
}
public static Zone getPtrZone(Name queryName) {
try {
String nameString = queryName.toString();
Name name;
int index = nameString.indexOf(".in-addr.arpa.");
if (index > 0) {
String ipString = nameString.substring(0, index);
String[] parts = ipString.split("\\.");
// fix this for v6
if (parts.length == 4) {
nameString = nameString.substring(parts[0].length() + 1);
name = new Name(nameString);
} else {
return null;
}
} else {
return null;
}
long serial = 1;
long refresh = 86400;
long retry = ttl;
long expires = 2419200;
// This is the negative cache TTL
long minimum = 600;
Record soarec =
new SOARecord(
name,
DClass.IN,
ttl,
name,
Name.fromString("root." + name.toString()),
serial,
refresh,
retry,
expires,
minimum);
long nsTTL = 604800;
Record nsrec =
new NSRecord(
name,
DClass.IN,
nsTTL,
Name.fromString(Internets.localHostInetAddress().getCanonicalHostName() + "."));
return new TransientZone(name, new Record[] {soarec, nsrec});
} catch (Exception e) {
LOG.error(e, e);
return null;
}
}
@Override
public Set<String> get() {
Set<String> hosts = DBHOSTS.get();
Set<String> union = Sets.newHashSet();
Set<String> intersection = Sets.newHashSet(hosts);
Logs.extreme().debug("ActiveHostSet: universe of db hosts: " + hosts);
for (String ctx : PersistenceContexts.list()) {
try {
Set<String> activeDatabases = Databases.lookup(ctx, 0).getactiveDatabases();
if (BootstrapArgs.isCloudController()) {
activeDatabases.add(
Internets
.localHostIdentifier()); // GRZE: use Internets.localHostIdentifier() which is
// static, rather than the Hosts reference as it is
// stateful
}
union.addAll(activeDatabases);
intersection.retainAll(activeDatabases);
} catch (Exception ex) {
}
}
Logs.extreme().debug("ActiveHostSet: union of activated db connections: " + union);
Logs.extreme()
.debug(
"ActiveHostSet: intersection of db hosts and activated db connections: "
+ intersection);
boolean dbVolatile = !hosts.equals(intersection);
String msg =
String.format(
"ActiveHostSet: %-14.14s %s%s%s",
dbVolatile ? "volatile" : "synchronized",
hosts,
dbVolatile ? "!=" : "=",
intersection);
if (dbVolatile) {
if (last.compareAndSet(false, dbVolatile)) {
LOG.warn(msg);
} else {
LOG.debug(msg);
}
} else {
if (last.compareAndSet(true, dbVolatile)) {
LOG.warn(msg);
} else {
Logs.extreme().info(msg);
}
}
return intersection;
}
static boolean disable(final String hostName) {
if (!Bootstrap.isFinished()) {
return false;
} else if (Internets.testLocal(hostName)) {
return true;
} else {
try {
runDbStateChange(DeactivateHostFunction.INSTANCE.apply(hostName));
return true;
} catch (Exception ex) {
Logs.extreme().debug(ex);
return false;
}
}
}
public static ServiceConfiguration createEphemeral(final ComponentId compId) {
return createEphemeral(compId, Internets.localHostInetAddress());
}
private static byte[] getX509Zip(User u) throws Exception {
X509Certificate cloudCert = null;
final X509Certificate x509;
String userAccessKey = null;
String userSecretKey = null;
KeyPair keyPair = null;
try {
for (AccessKey k : u.getKeys()) {
if (k.isActive()) {
userAccessKey = k.getAccessKey();
userSecretKey = k.getSecretKey();
}
}
if (userAccessKey == null) {
AccessKey k = u.createKey();
userAccessKey = k.getAccessKey();
userSecretKey = k.getSecretKey();
}
keyPair = Certs.generateKeyPair();
x509 = Certs.generateCertificate(keyPair, u.getName());
x509.checkValidity();
u.addCertificate(x509);
cloudCert = SystemCredentials.lookup(Eucalyptus.class).getCertificate();
} catch (Exception e) {
LOG.fatal(e, e);
throw e;
}
ByteArrayOutputStream byteOut = new ByteArrayOutputStream();
ZipArchiveOutputStream zipOut = new ZipArchiveOutputStream(byteOut);
ZipArchiveEntry entry = null;
String fingerPrint = Certs.getFingerPrint(keyPair.getPublic());
if (fingerPrint != null) {
String baseName =
X509Download.NAME_SHORT
+ "-"
+ u.getName()
+ "-"
+ fingerPrint.replaceAll(":", "").toLowerCase().substring(0, 8);
zipOut.setComment("To setup the environment run: source /path/to/eucarc");
StringBuilder sb = new StringBuilder();
// TODO:GRZE:FIXME velocity
String userNumber = u.getAccount().getAccountNumber();
sb.append("EUCA_KEY_DIR=$(dirname $(readlink -f ${BASH_SOURCE}))");
if (Topology.isEnabled(Eucalyptus.class)) { // GRZE:NOTE: this is temporary
sb.append(
"\nexport EC2_URL=" + ServiceUris.remotePublicify(Topology.lookup(Eucalyptus.class)));
} else {
sb.append("\necho WARN: Eucalyptus URL is not configured. >&2");
ServiceBuilder<? extends ServiceConfiguration> builder =
ServiceBuilders.lookup(Eucalyptus.class);
ServiceConfiguration localConfig =
builder.newInstance(
Internets.localHostAddress(),
Internets.localHostAddress(),
Internets.localHostAddress(),
Eucalyptus.INSTANCE.getPort());
sb.append("\nexport EC2_URL=" + ServiceUris.remotePublicify(localConfig));
}
if (Topology.isEnabled(Walrus.class)) {
ServiceConfiguration walrusConfig = Topology.lookup(Walrus.class);
try {
String uri = ServiceUris.remotePublicify(walrusConfig).toASCIIString();
LOG.debug("Found walrus uri/configuration: uri=" + uri + " config=" + walrusConfig);
sb.append("\nexport S3_URL=" + uri);
} catch (Exception e) {
LOG.error("Failed to set Walrus URL: " + walrusConfig, e);
}
} else {
sb.append("\necho WARN: Walrus URL is not configured. >&2");
}
// Disable notifications for now
// sb.append( "\nexport AWS_SNS_URL=" + ServiceUris.remote( Notifications.class ) );
if (Topology.isEnabled(Euare.class)) { // GRZE:NOTE: this is temporary
sb.append("\nexport EUARE_URL=" + ServiceUris.remotePublicify(Euare.class));
} else {
sb.append("\necho WARN: EUARE URL is not configured. >&2");
}
sb.append("\nexport EC2_PRIVATE_KEY=${EUCA_KEY_DIR}/" + baseName + "-pk.pem");
sb.append("\nexport EC2_CERT=${EUCA_KEY_DIR}/" + baseName + "-cert.pem");
sb.append("\nexport EC2_JVM_ARGS=-Djavax.net.ssl.trustStore=${EUCA_KEY_DIR}/jssecacerts");
sb.append("\nexport EUCALYPTUS_CERT=${EUCA_KEY_DIR}/cloud-cert.pem");
sb.append("\nexport EC2_ACCOUNT_NUMBER='" + u.getAccount().getAccountNumber() + "'");
sb.append("\nexport EC2_ACCESS_KEY='" + userAccessKey + "'");
sb.append("\nexport EC2_SECRET_KEY='" + userSecretKey + "'");
sb.append("\nexport AWS_CREDENTIAL_FILE=${EUCA_KEY_DIR}/iamrc");
sb.append("\nexport EC2_USER_ID='" + userNumber + "'");
sb.append(
"\nalias ec2-bundle-image=\"ec2-bundle-image --cert ${EC2_CERT} --privatekey ${EC2_PRIVATE_KEY} --user ${EC2_ACCOUNT_NUMBER} --ec2cert ${EUCALYPTUS_CERT}\"");
sb.append(
"\nalias ec2-upload-bundle=\"ec2-upload-bundle -a ${EC2_ACCESS_KEY} -s ${EC2_SECRET_KEY} --url ${S3_URL}\"");
sb.append("\n");
zipOut.putArchiveEntry(entry = new ZipArchiveEntry("eucarc"));
entry.setUnixMode(0600);
zipOut.write(sb.toString().getBytes("UTF-8"));
zipOut.closeArchiveEntry();
sb = new StringBuilder();
sb.append("AWSAccessKeyId=").append(userAccessKey).append('\n');
sb.append("AWSSecretKey=").append(userSecretKey);
zipOut.putArchiveEntry(entry = new ZipArchiveEntry("iamrc"));
entry.setUnixMode(0600);
zipOut.write(sb.toString().getBytes("UTF-8"));
zipOut.closeArchiveEntry();
/** write the private key to the zip stream * */
zipOut.putArchiveEntry(entry = new ZipArchiveEntry("cloud-cert.pem"));
entry.setUnixMode(0600);
zipOut.write(PEMFiles.getBytes(cloudCert));
zipOut.closeArchiveEntry();
zipOut.putArchiveEntry(entry = new ZipArchiveEntry("jssecacerts"));
entry.setUnixMode(0600);
KeyStore tempKs = KeyStore.getInstance("jks");
tempKs.load(null);
tempKs.setCertificateEntry("eucalyptus", cloudCert);
ByteArrayOutputStream bos = new ByteArrayOutputStream();
tempKs.store(bos, "changeit".toCharArray());
zipOut.write(bos.toByteArray());
zipOut.closeArchiveEntry();
/** write the private key to the zip stream * */
zipOut.putArchiveEntry(entry = new ZipArchiveEntry(baseName + "-pk.pem"));
entry.setUnixMode(0600);
zipOut.write(PEMFiles.getBytes(keyPair.getPrivate()));
zipOut.closeArchiveEntry();
/** write the X509 certificate to the zip stream * */
zipOut.putArchiveEntry(entry = new ZipArchiveEntry(baseName + "-cert.pem"));
entry.setUnixMode(0600);
zipOut.write(PEMFiles.getBytes(x509));
zipOut.closeArchiveEntry();
}
/** close the zip output stream and return the bytes * */
zipOut.close();
return byteOut.toByteArray();
}