etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1379 from jayapalu/configdriveScripts 

CLOUDSTACK-8324: config drive data set/get scripts for the guest vmAdded the guest vm scripts for set/get the vm data, password and ssh keys

* pr/1379:
  CLOUDSTACK-8324: updated the mount directory name and kvm virt device
  CLOUDSTACK-8324: config drive data set/get scripts for the guest vm

Signed-off-by: Rajani Karuturi <rajani.karuturi@accelerite.com>
This commit is contained in:
Rajani Karuturi 2017-02-23 05:40:13 +05:30
parent 9efd9059ef 6518607885
commit 87f11044c8
4 changed files with 509 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

132
setup/bindir/cloud-get-vm-data-configdrive.in Normal file
View File

@ -0,0 +1,132 @@
#!/bin/bash
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
mountdir=$(mktemp -d)
filepath=$mountdir/cloudstack
user_data=$filepath/userdata/user_data.txt
availability_zone=$filepath/metadata/availability_zone.txt
cloud_identifier=$filepath/metadata/cloud_identifier.txt
instance_id=$filepath/metadata/instance_id.txt
local_hostname=$filepath/metadata/local_hostname.txt
service_offering=$filepath/metadata/service_offering.txt
vm_id=$filepath/metadata/vm_id.txt
public_key=$filepath/metadata/public_keys.txt
vm_password=$filepath/password/vm_password.txt
# If lable name is other than config, please change the below line as required
DefaultDisk=/dev/disk/by-label/config
function usage
{
echo -e "USAGE: cloud-get-vm-data -options"
echo -e " where options include:"
echo -e "\\t-m | --metadata [availability-zone | cloud-identifier | instance-id | local-hostname | service-offering | vm-id | public-key] \\n\\t\\tprint vm metadata"
echo -e "\\t-p | --password \\n\\t\\tprint vm password"
echo -e "\\t-u | --userdata \\n\\t\\tprint vm userdata"
}
function prepare_mount
{
if [ ! -e $mountdir ]; then
mkdir $mountdir
chmod 700 $mountdir
fi
if [ -e $DefaultDisk ]; then
Disk=$DefaultDisk
else
BLOCK_DEVICE=$(blkid -t LABEL='config' /dev/hd? /dev/sd? /dev/xvd? -o device)
if [ -n $BLOCK_DEVICE ]; then
Disk=$BLOCK_DEVICE
else
logger -t "cloud" "Unable to get the VM data: Config drive device not found"
exit 1
fi
fi
mount -r $Disk $mountdir
if [ $? -ne 0 ]; then
echo "Failed mounting $Disk to /mnt/configdrive"
exit 1
fi
}
function remove_mount
{
umount $mountdir
}
prepare_mount
case $1 in
-u | --userdata ) echo -n "USERDATA: "
filename=$user_data
;;
-m | --metadata ) shift
if [ "$1" != "" ]; then
case $1 in
availability-zone ) echo -n "availability zone: "; filename=$availability_zone
;;
cloud-identifier ) echo -n "cloud identifier: "; filename=$cloud_identifier
;;
instance-id ) echo -n "instance-id: "; filename=$instance_id
;;
local-hostname ) echo -n "local-hostname: "; filename=$local_hostname
;;
service-offering ) echo -n "service-offering: "; filename=$service_offering
;;
vm-id ) echo -n "vm-id: "; filename=$vm_id
;;
public-key ) echo -n "public-key: "; filename=$public_key
;;
* ) usage
remove_mount
exit 1
esac
else
echo -e "METADATA\\n"
[ -f $availability_zone ] && echo -e "availability zone:\t" "$(cat $availability_zone)"
[ -f $cloud_identifier ] && echo -e "cloud identifier:\t" "$(cat $cloud_identifier)"
[ -f $instance_id ] && echo -e "instance-id:\t\t" "$(cat $instance_id)"
[ -f $local_hostname ] && echo -e "local-hostname:\t\t" "$(cat $local_hostname)"
[ -f $service_offering ] && echo -e "service-offering:\t" "$(cat $service_offering)"
[ -f $vm_id ] && echo -e "vm-id:\t\t\t" "$(cat $vm_id)"
[ -f $public_key ] && echo -e "public-key:\t\t" "$(cat $public_key)"
fi
;;
-p | --password ) echo -n "PASSWORD: "
filename=$vm_password
;;
-h | --help ) usage
remove_mount
exit 0
;;
* ) usage
remove_mount
exit 1
esac
if [ "$filename" != "" ] && [ -e $filename ]
then
cat $filename
fi
remove_mount
exit 0

130
setup/bindir/cloud-set-guest-password-configdrive.in Normal file
View File

@ -0,0 +1,130 @@
#!/bin/bash
#
# Init file for Password Download Client
#
# chkconfig: 345 98 02
# description: Password Download Client
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# Modify this line to specify the user (default is root)
user=root
mountdir=$(mktemp -d)
# If lable name is other than config, please change the below line as required
DefaultDisk=/dev/disk/by-label/config
Password_File=$mountdir/cloudstack/password/vm_password.txt
password_received=0
function prepare_mount
{
if [ ! -e $mountdir ]; then
mkdir $mountdir
chmod 700 $mountdir
fi
if [ -e $DefaultDisk ]; then
Disk=$DefaultDisk
else
BLOCK_DEVICE=$(blkid -t LABEL='config' /dev/hd? /dev/sd? /dev/xvd? /dev/vd? -o device)
if [ -n $BLOCK_DEVICE ]; then
Disk=$BLOCK_DEVICE
else
logger -t "cloud" "Unable to set password to VM: Config drive not found"
exit 1
fi
fi
mount -r $Disk $mountdir
if [ $? -ne 0 ]; then
echo "Failed mounting $Disk to /mnt/configdrive"
exit 1
fi
}
function remove_mount
{
umount $mountdir
}
prepare_mount
if [ -f $Password_File ]
then
password=$(cat $Password_File)
password=$(echo $password | tr -d '\r')
remove_mount
case $password in
"") logger -t "cloud" "Config drive did not have any password for the VM"
exit 0
;;
"saved_password") logger -t "cloud" "VM has already saved a password"
exit 0
;;
*) logger -t "cloud" "VM got a valid password"
password_received=1
;;
esac
else
remove_mount
logger -t "cloud" "Password set failed on VM: password file not found in config drive"
exit 0
fi
if [ "$password_received" = "1" ]; then
newmd5sum=$(echo $password | md5sum | awk '{print $1}')
if [ -f /var/vmpasswordmd5sum ]
then
oldsum=$(cat /var/vmpasswordmd5sum)
if [ "$newmd5sum" == "$oldsum" ]
then
logger -t "cloud" "There is no update of VM password from cloudstack, returning true"
exit 0
fi
fi
logger -t "cloud" "Changing password ..."
echo $user:$password | chpasswd
if [ $? -gt 0 ]
then
usermod -p `mkpasswd -m SHA-512 $password` $user
if [ $? -gt 0 ]
then
logger -t "cloud" "Failed to change password for user $user"
exit 1
else
logger -t "cloud" "Successfully changed password for user $user"
fi
fi
fi
echo $newmd5sum > /var/vmpasswordmd5sum
exit 0

107
setup/bindir/cloud-set-guest-sshkey-configdrive.in Normal file
View File

@ -0,0 +1,107 @@
#!/bin/bash
#
# Init file for SSH Public Keys Download Client
#
# chkconfig: 345 98 02
# description: SSH Public Keys Download Client
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# Modify this line to specify the user (default is root)
user=root
mountdir=$(mktemp -d)
# If lable name is other than config, please change the below line as required
DefaultDisk=/dev/disk/by-label/config
SSHKey_File=$mountdir/cloudstack/metadata/public_keys.txt
keys_received=0
function prepare_mount
{
if [ ! -e $mountdir ]; then
mkdir $mountdir
chmod 700 $mountdir
fi
if [ -e $DefaultDisk ]; then
Disk=$DefaultDisk
else
BLOCK_DEVICE=$(blkid -t LABEL='config' /dev/hd? /dev/sd? /dev/xvd? /dev/vd? -o device)
if [ -n $BLOCK_DEVICE ]; then
Disk=$BLOCK_DEVICE
else
logger -t "cloud" "Unable to get SSH public key: Config drive not found"
exit 1
fi
fi
mount -r $Disk $mountdir
if [ $? -ne 0 ]; then
echo "Failed mounting $Disk to /mnt/configdrive"
exit 1
fi
}
function remove_mount
{
umount $mountdir
}
prepare_mount
if [ -f $SSHKey_File ]
then
publickey=$(cat $SSHKey_File)
publickey=$(echo $publickey | tr -d '\r')
remove_mount
if [ -z "$publickey" ]; then
logger -t "cloud" "Did not receive any keys"
exit 1
fi
else
remove_mount
logger -t "cloud" "Did not receive any keys"
exit 1
fi
homedir=$(grep ^$user /etc/passwd|awk -F ":" '{print $6}')
sshdir=$homedir/.ssh
authorized=$sshdir/authorized_keys
if [ ! -e $sshdir ]; then
mkdir $sshdir
chmod 700 $sshdir
fi
if [ ! -e $authorized ]; then
touch $authorized
chmod 600 $authorized
fi
cat $authorized|grep -v "$publickey"|tee $authorized > /dev/null
echo "$publickey" >> $authorized
which restorecon && restorecon -R -v $sshdir
exit 0

140
setup/bindir/cloud-set-windows-guest-password-configdrive.bat.in Normal file
View File

@ -0,0 +1,140 @@
@echo off
REM Licensed to the Apache Software Foundation (ASF) under one
REM or more contributor license agreements. See the NOTICE file
REM distributed with this work for additional information
REM regarding copyright ownership. The ASF licenses this file
REM to you under the Apache License, Version 2.0 (the
REM "License"); you may not use this file except in compliance
REM with the License. You may obtain a copy of the License at
REM
REM http://www.apache.org/licenses/LICENSE-2.0
REM
REM Unless required by applicable law or agreed to in writing,
REM software distributed under the License is distributed on an
REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
REM KIND, either express or implied. See the License for the
REM specific language governing permissions and limitations
REM under the License.
rem ----------------------------------------------------------------------------------------------------------------
set PasswordReset_Script=cloud-set-guest-password-configdrive.vbs
echo Set owshNet = CreateObject^("WScript.Network"^) > %PasswordReset_Script%
echo strComputer = owshNet.ComputerName >> %PasswordReset_Script%
echo Const HKEY_CURRENT_USER = ^&H80000001 >> %PasswordReset_Script%
echo registryKeyPath = "SOFTWARE\CLOUDSTACKmd5Checksum\" >> %PasswordReset_Script%
echo registryKeyName = "PasswordMd5Checksum" >> %PasswordReset_Script%
echo CDPath = "" >> %PasswordReset_Script%
echo configLabelName = "config" >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo Set fso = CreateObject ^("Scripting.FileSystemobject"^) >> %PasswordReset_Script%
echo For Each drive In fso.Drives >> %PasswordReset_Script%
echo If drive.DriveType = 4 And drive.IsReady Then >> %PasswordReset_Script%
echo If drive.VolumeName = configLabelName Then >> %PasswordReset_Script%
echo CDPath = drive.Path >> %PasswordReset_Script%
echo End If >> %PasswordReset_Script%
echo Exit For >> %PasswordReset_Script%
echo End If >> %PasswordReset_Script%
echo Next >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo IF CDPath = "" Then >> %PasswordReset_Script%
echo WScript.Echo "Config Drive not found to set the password to VM" >> %PasswordReset_Script%
echo WScript.Quit >> %PasswordReset_Script%
echo End If >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo PasswordFileName = "\VM_PASSWORD.txt" >> %PasswordReset_Script%
echo PasswordFilePath = CDPath ^& "\CLOUDSTACK\PASSWORD" ^& PasswordFileName >> %PasswordReset_Script%
echo Set ObjFile = fso.OpenTextFile^(PasswordFilePath^) >> %PasswordReset_Script%
echo If Err.Number ^<^> 0 Then >> %PasswordReset_Script%
echo WScript.Echo "Error: " ^& PasswordFilePath ^& " --- " ^& Err.Description >> %PasswordReset_Script%
echo WScript.Quit >> %PasswordReset_Script%
echo End If >> %PasswordReset_Script%
echo Password = ObjFile.ReadLine >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo PasswordMd5checsumFileName = "\VM_PASSWORD_MD5CHECKSUM.txt" >> %PasswordReset_Script%
echo PasswordMd5checsumFilePath = CDPath ^& "\CLOUDSTACK\PASSWORD" ^& PasswordMd5checsumFileName >> %PasswordReset_Script%
echo Set ObjFile2 = fso.OpenTextFile^(PasswordMd5checsumFilePath^) >> %PasswordReset_Script%
echo If Err.Number ^<^> 0 Then >> %PasswordReset_Script%
echo WScript.Echo "Error: " ^& PasswordMd5checsumFilePath ^& " --- " ^& Err.Description >> %PasswordReset_Script%
echo WScript.Quit >> %PasswordReset_Script%
echo End If >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo registryKeyValue = ObjFile2.ReadLine >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo ' The below logic is to make sure script sets the password to VM only when new password appears in config drive >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo Set registryObject=GetObject^("winmgmts:{impersonationLevel=impersonate}!\\" ^& strComputer ^& "\root\default:StdRegProv"^) >> %PasswordReset_Script%
echo If registryObject.EnumKey^(HKEY_CURRENT_USER, registryKeyPath, "", ""^) = 0 Then >> %PasswordReset_Script%
echo registryObject.GetStringValue HKEY_CURRENT_USER, registryKeyPath, registryKeyName, previousRegistryKeyValue >> %PasswordReset_Script%
echo If ^(previousRegistryKeyValue ^<^> registryKeyValue^) Then >> %PasswordReset_Script%
echo SavePasswordChecksum^(^) >> %PasswordReset_Script%
echo SetPasswordToVM^(^) >> %PasswordReset_Script%
echo End If >> %PasswordReset_Script%
echo Else >> %PasswordReset_Script%
echo Return = registryObject.CreateKey^(HKEY_CURRENT_USER, registryKeyPath^) >> %PasswordReset_Script%
echo If ^(Return = 0^) And ^(Err.Number = 0^) Then >> %PasswordReset_Script%
echo SavePasswordChecksum^(^) >> %PasswordReset_Script%
echo SetPasswordToVM^(^) >> %PasswordReset_Script%
echo Else >> %PasswordReset_Script%
echo Wscript.Echo Now ^& vbTab ^& "Create Registry Key failed while setting the password to VM. Error = " ^& Err.Number >> %PasswordReset_Script%
echo End If >> %PasswordReset_Script%
echo End If >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo ' >> %PasswordReset_Script%
echo ' Procedure to set the password to the VM >> %PasswordReset_Script%
echo ' >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo Sub SetPasswordToVM^(^) >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo Set objUser = GetObject^("WinNT://" ^& strComputer ^& "/administrator"^) >> %PasswordReset_Script%
echo If Err.Number ^<^> 0 Then >> %PasswordReset_Script%
echo WScript.Echo Now ^& vbTab ^& "Error connecting to " ^& strComputer ^& " --- " ^& Err.Description >> %PasswordReset_Script%
echo Err.Clear >> %PasswordReset_Script%
echo WScript.Quit >> %PasswordReset_Script%
echo Else >> %PasswordReset_Script%
echo Select Case Password >> %PasswordReset_Script%
echo Case "" >> %PasswordReset_Script%
echo WScript.Echo Now ^& vbTab ^& "Config drive did not have any password for the VM" >> %PasswordReset_Script%
echo WScript.Quit >> %PasswordReset_Script%
echo Case "saved_password" >> %PasswordReset_Script%
echo WScript.Echo Now ^& vbTab ^& "VM has already saved the password" >> %PasswordReset_Script%
echo WScript.Quit >> %PasswordReset_Script%
echo Case else >> %PasswordReset_Script%
echo objUser.Setpassword Password >> %PasswordReset_Script%
echo objUser.Setinfo >> %PasswordReset_Script%
echo If Err.Number ^<^> 0 Then >> %PasswordReset_Script%
echo wscript.Echo Now ^& vbTab ^& "Error setting password for " ^& strComputer ^& "\Administrator" ^& " --- " ^& Err.Description >> %PasswordReset_Script%
echo Err.Clear >> %PasswordReset_Script%
echo WScript.Quit >> %PasswordReset_Script%
echo Else >> %PasswordReset_Script%
echo WScript.Echo Now ^& vbTab ^& "Password set for " ^& strComputer ^& "\Administrator" >> %PasswordReset_Script%
echo End If >> %PasswordReset_Script%
echo End Select >> %PasswordReset_Script%
echo End If >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo End Sub >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo Sub SavePasswordChecksum^(^) >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo Return = registryObject.SetStringValue^(HKEY_CURRENT_USER, registryKeyPath, registryKeyName, registryKeyValue^) >> %PasswordReset_Script%
echo If ^(Return ^<^> 0^) Or ^(Err.Number ^<^> 0^) Then >> %PasswordReset_Script%
echo Wscript.Echo Now ^& vbTab ^& "SetStringValue to Registry Key failed while setting the password to VM. Error = " ^& Err.Number >> %PasswordReset_Script%
echo End If >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
echo End Sub >> %PasswordReset_Script%
echo. >> %PasswordReset_Script%
rem -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
cscript //Nologo %PasswordReset_Script%