// Bootstrap bootstraps the given environment. The supplied constraints are // used to provision the instance, and are also set within the bootstrapped // environment. func Bootstrap(ctx environs.BootstrapContext, environ environs.Environ, args environs.BootstrapParams) error { cfg := environ.Config() if secret := cfg.AdminSecret(); secret == "" { return fmt.Errorf("environment configuration has no admin-secret") } if authKeys := ssh.SplitAuthorisedKeys(cfg.AuthorizedKeys()); len(authKeys) == 0 { // Apparently this can never happen, so it's not tested. But, one day, // Config will act differently (it's pretty crazy that, AFAICT, the // authorized-keys are optional config settings... but it's impossible // to actually *create* a config without them)... and when it does, // we'll be here to catch this problem early. return fmt.Errorf("environment configuration has no authorized-keys") } if _, hasCACert := cfg.CACert(); !hasCACert { return fmt.Errorf("environment configuration has no ca-cert") } if _, hasCAKey := cfg.CAPrivateKey(); !hasCAKey { return fmt.Errorf("environment configuration has no ca-private-key") } // Write out the bootstrap-init file, and confirm storage is writeable. if err := environs.VerifyStorage(environ.Storage()); err != nil { return err } logger.Debugf("environment %q supports service/machine networks: %v", environ.Name(), environ.SupportNetworks()) logger.Infof("bootstrapping environment %q", environ.Name()) return environ.Bootstrap(ctx, args) }
// handleBootstrapError cleans up after a failed bootstrap. func handleBootstrapError(err error, ctx environs.BootstrapContext, inst instance.Instance, env environs.Environ) { if err == nil { return } logger.Errorf("bootstrap failed: %v", err) ch := make(chan os.Signal, 1) ctx.InterruptNotify(ch) defer ctx.StopInterruptNotify(ch) defer close(ch) go func() { for _ = range ch { fmt.Fprintln(ctx.GetStderr(), "Cleaning up failed bootstrap") } }() if inst != nil { fmt.Fprintln(ctx.GetStderr(), "Stopping instance...") if stoperr := env.StopInstances([]instance.Instance{inst}); stoperr != nil { logger.Errorf("cannot stop failed bootstrap instance %q: %v", inst.Id(), stoperr) } else { // set to nil so we know we can safely delete the state file inst = nil } } // We only delete the bootstrap state file if either we didn't // start an instance, or we managed to cleanly stop it. if inst == nil { if rmerr := bootstrap.DeleteStateFile(env.Storage()); rmerr != nil { logger.Errorf("cannot delete bootstrap state file: %v", rmerr) } } }
func (s *localJujuTestSuite) makeFakeUpstartScripts(c *gc.C, env environs.Environ, ) (mongoService *upstart.Service, machineAgent *upstart.Service) { upstartDir := c.MkDir() s.PatchValue(&upstart.InitDir, upstartDir) s.MakeTool(c, "start", `echo "some-service start/running, process 123"`) namespace := env.Config().AllAttrs()["namespace"].(string) mongoService = upstart.NewService(mongo.ServiceName(namespace)) mongoConf := upstart.Conf{ Service: *mongoService, Desc: "fake mongo", Cmd: "echo FAKE", } err := mongoConf.Install() c.Assert(err, gc.IsNil) c.Assert(mongoService.Installed(), jc.IsTrue) machineAgent = upstart.NewService(fmt.Sprintf("juju-agent-%s", namespace)) agentConf := upstart.Conf{ Service: *machineAgent, Desc: "fake agent", Cmd: "echo FAKE", } err = agentConf.Install() c.Assert(err, gc.IsNil) c.Assert(machineAgent.Installed(), jc.IsTrue) return mongoService, machineAgent }
func assertEnvironDestroyed(c *gc.C, env environs.Environ, store configstore.Storage) { _, err := store.ReadInfo(env.Name()) c.Assert(err, jc.Satisfies, errors.IsNotFound) _, err = env.Instances([]instance.Id{"invalid"}) c.Assert(err, gc.ErrorMatches, "environment has been destroyed") }
func assertEnvironNotDestroyed(c *gc.C, env environs.Environ, store configstore.Storage) { info, err := store.ReadInfo(env.Name()) c.Assert(err, gc.IsNil) c.Assert(info.Initialized(), jc.IsTrue) _, err = environs.NewFromName(env.Name(), store) c.Assert(err, gc.IsNil) }
func makeTestMetadata(c *gc.C, env environs.Environ, series, location string, im []*imagemetadata.ImageMetadata) { cloudSpec := simplestreams.CloudSpec{ Region: location, Endpoint: "https://management.core.windows.net/", } err := imagemetadata.MergeAndWriteMetadata(series, im, &cloudSpec, env.Storage()) c.Assert(err, gc.IsNil) }
func findInstanceTools(env environs.Environ, series, arch string) (*tools.Tools, error) { agentVersion, ok := env.Config().AgentVersion() if !ok { return nil, fmt.Errorf("no agent version set in environment configuration") } possibleTools, err := envtools.FindInstanceTools(env, agentVersion, series, &arch) if err != nil { return nil, err } return possibleTools[0], nil }
// EnsureNotBootstrapped returns nil if the environment is not // bootstrapped, and an error if it is or if the function was not able // to tell. func EnsureNotBootstrapped(env environs.Environ) error { _, err := LoadState(env.Storage()) // If there is no error loading the bootstrap state, then we are // bootstrapped. if err == nil { return fmt.Errorf("environment is already bootstrapped") } if err == environs.ErrNotBootstrapped { return nil } return err }
func publicAttrs(e environs.Environ) map[string]interface{} { cfg := e.Config() secrets, err := e.Provider().SecretAttrs(cfg) if err != nil { panic(err) } attrs := cfg.AllAttrs() for attr := range secrets { delete(attrs, attr) } return attrs }
// NewConn returns a new Conn that uses the // given environment. The environment must have already // been bootstrapped. func NewConn(environ environs.Environ) (*Conn, error) { info, _, err := environ.StateInfo() if err != nil { return nil, err } password := environ.Config().AdminSecret() if password == "" { return nil, fmt.Errorf("cannot connect without admin-secret") } err = environs.CheckEnvironment(environ) if err != nil { return nil, err } info.Password = password opts := state.DefaultDialOpts() st, err := state.Open(info, opts, environs.NewStatePolicy()) if errors.IsUnauthorized(err) { logger.Infof("authorization error while connecting to state server; retrying") // We can't connect with the administrator password,; // perhaps this was the first connection and the // password has not been changed yet. info.Password = utils.UserPasswordHash(password, utils.CompatSalt) // We try for a while because we might succeed in // connecting to mongo before the state has been // initialized and the initial password set. for a := redialStrategy.Start(); a.Next(); { st, err = state.Open(info, opts, environs.NewStatePolicy()) if !errors.IsUnauthorized(err) { break } } if err != nil { return nil, err } if err := st.SetAdminMongoPassword(password); err != nil { return nil, err } } else if err != nil { return nil, err } conn := &Conn{ Environ: environ, State: st, } if err := conn.updateSecrets(); err != nil { conn.Close() return nil, fmt.Errorf("unable to push secrets: %v", err) } return conn, nil }
func environAPIInfo(environ environs.Environ) (*api.Info, error) { _, info, err := environ.StateInfo() if err != nil { return nil, err } info.Tag = "user-admin" password := environ.Config().AdminSecret() if password == "" { return nil, fmt.Errorf("cannot connect without admin-secret") } info.Password = password return info, nil }
// validateUploadAllowed returns an error if an attempt to upload tools should // not be allowed. func validateUploadAllowed(env environs.Environ, toolsArch *string, forceVersion bool) error { if !forceVersion { // First, check that there isn't already an agent version specified. if _, hasAgentVersion := env.Config().AgentVersion(); hasAgentVersion { return fmt.Errorf(noToolsNoUploadMessage) } } // Now check that the architecture for which we are setting up an // environment matches that from which we are bootstrapping. hostArch := arch.HostArch() // We can't build tools for a different architecture if one is specified. if toolsArch != nil && *toolsArch != hostArch { return fmt.Errorf("cannot build tools for %q using a machine running on %q", *toolsArch, hostArch) } // If no architecture is specified, ensure the target provider supports instances matching our architecture. supportedArchitectures, err := env.SupportedArchitectures() if err != nil { return fmt.Errorf( "no packaged tools available and cannot determine environment's supported architectures: %v", err) } archSupported := false for _, arch := range supportedArchitectures { if hostArch == arch { archSupported = true break } } if !archSupported { envType := env.Config().Type() return fmt.Errorf( "environment %q of type %s does not support instances running on %q", env.Name(), envType, hostArch) } return nil }
// EnsureToolsAvailability verifies the tools are available. If no tools are // found, it will automatically synchronize them. func EnsureToolsAvailability(ctx environs.BootstrapContext, env environs.Environ, series string, toolsArch *string) (coretools.List, error) { cfg := env.Config() var vers *version.Number if agentVersion, ok := cfg.AgentVersion(); ok { vers = &agentVersion } logger.Debugf( "looking for bootstrap tools: series=%q, arch=%v, version=%v", series, toolsArch, vers, ) params := envtools.BootstrapToolsParams{ Version: vers, Arch: toolsArch, Series: series, // If vers.Build>0, the tools may have been uploaded in this session. // Allow retries, so we wait until the storage has caught up. AllowRetry: vers != nil && vers.Build > 0, } toolsList, err := envtools.FindBootstrapTools(env, params) if err == nil { return toolsList, nil } else if !errors.IsNotFound(err) { return nil, err } // Only automatically upload tools for dev versions. if !version.Current.IsDev() { return nil, fmt.Errorf("cannot upload bootstrap tools: %v", noToolsNoUploadMessage) } // No tools available so our only hope is to build locally and upload. logger.Warningf("no prepackaged tools available") uploadSeries := SeriesToUpload(cfg, nil) if series != "" { uploadSeries = append(uploadSeries, series) } if err := UploadTools(ctx, env, toolsArch, false, uploadSeries...); err != nil { logger.Errorf("%s", noToolsMessage) return nil, fmt.Errorf("cannot upload bootstrap tools: %v", err) } // TODO(axw) have uploadTools return the list of tools in the target, and use that. params.AllowRetry = true if toolsList, err = envtools.FindBootstrapTools(env, params); err != nil { return nil, fmt.Errorf("cannot find bootstrap tools: %v", err) } return toolsList, nil }
// Destroy is a common implementation of the Destroy method defined on // environs.Environ; we strongly recommend that this implementation be // used when writing a new provider. func Destroy(env environs.Environ) error { logger.Infof("destroying environment %q", env.Name()) instances, err := env.AllInstances() switch err { case nil: if err := env.StopInstances(instances); err != nil { return err } fallthrough case environs.ErrNoInstances: return env.Storage().RemoveAll() } return err }
// StartInstanceWithConstraintsAndNetworks is a test helper function that // starts an instance with the given networks, and a plausible but invalid // configuration, and returns the result of Environ.StartInstance. func StartInstanceWithConstraintsAndNetworks( env environs.Environ, machineId string, cons constraints.Value, includeNetworks, excludeNetworks []string, ) ( instance.Instance, *instance.HardwareCharacteristics, []network.Info, error, ) { series := config.PreferredSeries(env.Config()) agentVersion, ok := env.Config().AgentVersion() if !ok { return nil, nil, nil, fmt.Errorf("missing agent version in environment config") } possibleTools, err := tools.FindInstanceTools(env, agentVersion, series, cons.Arch) if err != nil { return nil, nil, nil, err } machineNonce := "fake_nonce" stateInfo := FakeStateInfo(machineId) apiInfo := FakeAPIInfo(machineId) machineConfig := environs.NewMachineConfig( machineId, machineNonce, includeNetworks, excludeNetworks, stateInfo, apiInfo) return env.StartInstance(environs.StartInstanceParams{ Constraints: cons, Tools: possibleTools, MachineConfig: machineConfig, }) }
// StateInfo is a reusable implementation of Environ.StateInfo, available to // providers that also use the other functionality from this file. func StateInfo(env environs.Environ) (*state.Info, *api.Info, error) { st, err := bootstrap.LoadState(env.Storage()) if err != nil { return nil, nil, err } config := env.Config() if _, hasCert := config.CACert(); !hasCert { return nil, nil, fmt.Errorf("no CA certificate in environment configuration") } // Wait for the DNS names of any of the instances // to become available. logger.Debugf("waiting for DNS name(s) of state server instances %v", st.StateInstances) var hostnames []string for a := LongAttempt.Start(); len(hostnames) == 0 && a.Next(); { insts, err := env.Instances(st.StateInstances) if err != nil && err != environs.ErrPartialInstances { logger.Debugf("error getting state instances: %v", err.Error()) return nil, nil, err } hostnames = getDNSNames(insts) } if len(hostnames) == 0 { return nil, nil, fmt.Errorf("timed out waiting for mgo address from %v", st.StateInstances) } stateInfo, apiInfo := getStateInfo(config, hostnames) return stateInfo, apiInfo, nil }
// SetBootstrapTools returns the newest tools from the given tools list, // and updates the agent-version configuration attribute. func SetBootstrapTools(environ environs.Environ, possibleTools coretools.List) (coretools.List, error) { if len(possibleTools) == 0 { return nil, fmt.Errorf("no bootstrap tools available") } var newVersion version.Number newVersion, toolsList := possibleTools.Newest() logger.Infof("newest version: %s", newVersion) cfg := environ.Config() if agentVersion, _ := cfg.AgentVersion(); agentVersion != newVersion { cfg, err := cfg.Apply(map[string]interface{}{ "agent-version": newVersion.String(), }) if err == nil { err = environ.SetConfig(cfg) } if err != nil { return nil, fmt.Errorf("failed to update environment configuration: %v", err) } } bootstrapVersion := newVersion // We should only ever bootstrap the exact same version as the client, // or we risk bootstrap incompatibility. We still set agent-version to // the newest version, so the agent will immediately upgrade itself. if !isCompatibleVersion(newVersion, version.Current.Number) { compatibleVersion, compatibleTools := findCompatibleTools(possibleTools, version.Current.Number) if len(compatibleTools) == 0 { logger.Warningf( "failed to find %s tools, will attempt to use %s", version.Current.Number, newVersion, ) } else { bootstrapVersion, toolsList = compatibleVersion, compatibleTools } } logger.Infof("picked bootstrap tools version: %s", bootstrapVersion) return toolsList, nil }
// Bootstrap is a common implementation of the Bootstrap method defined on // environs.Environ; we strongly recommend that this implementation be used // when writing a new provider. func Bootstrap(ctx environs.BootstrapContext, env environs.Environ, args environs.BootstrapParams) (err error) { // TODO make safe in the case of racing Bootstraps // If two Bootstraps are called concurrently, there's // no way to make sure that only one succeeds. var inst instance.Instance defer func() { handleBootstrapError(err, ctx, inst, env) }() // First thing, ensure we have tools otherwise there's no point. selectedTools, err := EnsureBootstrapTools(ctx, env, config.PreferredSeries(env.Config()), args.Constraints.Arch) if err != nil { return err } // Get the bootstrap SSH client. Do this early, so we know // not to bother with any of the below if we can't finish the job. client := ssh.DefaultClient if client == nil { // This should never happen: if we don't have OpenSSH, then // go.crypto/ssh should be used with an auto-generated key. return fmt.Errorf("no SSH client available") } privateKey, err := GenerateSystemSSHKey(env) if err != nil { return err } machineConfig := environs.NewBootstrapMachineConfig(privateKey) fmt.Fprintln(ctx.GetStderr(), "Launching instance") inst, hw, _, err := env.StartInstance(environs.StartInstanceParams{ Constraints: args.Constraints, Tools: selectedTools, MachineConfig: machineConfig, Placement: args.Placement, }) if err != nil { return fmt.Errorf("cannot start bootstrap instance: %v", err) } fmt.Fprintf(ctx.GetStderr(), " - %s\n", inst.Id()) machineConfig.InstanceId = inst.Id() machineConfig.HardwareCharacteristics = hw err = bootstrap.SaveState( env.Storage(), &bootstrap.BootstrapState{ StateInstances: []instance.Id{inst.Id()}, }) if err != nil { return fmt.Errorf("cannot save state: %v", err) } return FinishBootstrap(ctx, client, inst, machineConfig) }
// UploadTools uploads tools for the specified series and any other relevant series to // the environment storage, after which it sets the agent-version. If forceVersion is true, // we allow uploading even when the agent-version is already set in the environment. func UploadTools(ctx environs.BootstrapContext, env environs.Environ, toolsArch *string, forceVersion bool, bootstrapSeries ...string) error { logger.Infof("checking that upload is possible") // Check the series are valid. for _, series := range bootstrapSeries { if _, err := ubuntu.SeriesVersion(series); err != nil { return err } } // See that we are allowed to upload the tools. if err := validateUploadAllowed(env, toolsArch, forceVersion); err != nil { return err } // Make storage interruptible. interrupted := make(chan os.Signal, 1) interruptStorage := make(chan struct{}) ctx.InterruptNotify(interrupted) defer ctx.StopInterruptNotify(interrupted) defer close(interrupted) go func() { defer close(interruptStorage) // closing interrupts all uploads if _, ok := <-interrupted; ok { ctx.Infof("cancelling tools upload") } }() stor := newInterruptibleStorage(env.Storage(), interruptStorage) cfg := env.Config() explicitVersion := uploadVersion(version.Current.Number, nil) uploadSeries := SeriesToUpload(cfg, bootstrapSeries) ctx.Infof("uploading tools for series %s", uploadSeries) tools, err := sync.Upload(stor, &explicitVersion, uploadSeries...) if err != nil { return err } cfg, err = cfg.Apply(map[string]interface{}{ "agent-version": tools.Version.Number.String(), }) if err == nil { err = env.SetConfig(cfg) } if err != nil { return fmt.Errorf("failed to update environment configuration: %v", err) } return nil }
// GenerateSystemSSHKey creates a new key for the system identity. The // authorized_keys in the environment config is updated to include the public // key for the generated key. func GenerateSystemSSHKey(env environs.Environ) (privateKey string, err error) { logger.Debugf("generate a system ssh key") // Create a new system ssh key and add that to the authorized keys. privateKey, publicKey, err := ssh.GenerateKey(config.JujuSystemKey) if err != nil { return "", fmt.Errorf("failed to create system key: %v", err) } authorized_keys := config.ConcatAuthKeys(env.Config().AuthorizedKeys(), publicKey) newConfig, err := env.Config().Apply(map[string]interface{}{ config.AuthKeysConfig: authorized_keys, }) if err != nil { return "", fmt.Errorf("failed to create new config: %v", err) } if err = env.SetConfig(newConfig); err != nil { return "", fmt.Errorf("failed to set new config: %v", err) } return privateKey, nil }
// setParams sets parameters based on the environment configuration // for those which have not been explicitly specified. func (c *ImageMetadataCommand) setParams(context *cmd.Context) error { c.privateStorage = "<private storage name>" var environ environs.Environ if store, err := configstore.Default(); err == nil { if environ, err = environs.PrepareFromName(c.EnvName, context, store); err == nil { logger.Infof("creating image metadata for environment %q", environ.Name()) // If the user has not specified region and endpoint, try and get it from the environment. if c.Region == "" || c.Endpoint == "" { var cloudSpec simplestreams.CloudSpec if inst, ok := environ.(simplestreams.HasRegion); ok { if cloudSpec, err = inst.Region(); err != nil { return err } } else { return fmt.Errorf("environment %q cannot provide region and endpoint", environ.Name()) } // If only one of region or endpoint is provided, that is a problem. if cloudSpec.Region != cloudSpec.Endpoint && (cloudSpec.Region == "" || cloudSpec.Endpoint == "") { return fmt.Errorf("cannot generate metadata without a complete cloud configuration") } if c.Region == "" { c.Region = cloudSpec.Region } if c.Endpoint == "" { c.Endpoint = cloudSpec.Endpoint } } cfg := environ.Config() if c.Series == "" { c.Series = config.PreferredSeries(cfg) } if v, ok := cfg.AllAttrs()["control-bucket"]; ok { c.privateStorage = v.(string) } } else { logger.Warningf("environment %q could not be opened: %v", c.EnvName, err) } } if environ == nil { logger.Infof("no environment found, creating image metadata using user supplied data") } if c.Series == "" { c.Series = config.LatestLtsSeries() } if c.ImageId == "" { return fmt.Errorf("image id must be specified") } if c.Region == "" { return fmt.Errorf("image region must be specified") } if c.Endpoint == "" { return fmt.Errorf("cloud endpoint URL must be specified") } if c.Dir == "" { logger.Infof("no destination directory specified, using current directory") var err error if c.Dir, err = os.Getwd(); err != nil { return err } } return nil }
func (s *localJujuTestSuite) makeAgentsDir(c *gc.C, env environs.Environ) { rootDir := env.Config().AllAttrs()["root-dir"].(string) agentsDir := filepath.Join(rootDir, "agents") err := os.Mkdir(agentsDir, 0755) c.Assert(err, gc.IsNil) }
// RemoveAllTools deletes all tools from the supplied environment. func RemoveAllTools(c *gc.C, env environs.Environ) { c.Logf("clearing private storage") RemoveTools(c, env.Storage()) }
func uploadTools(c *gc.C, env environs.Environ) { usefulVersion := version.Current usefulVersion.Series = config.PreferredSeries(env.Config()) envtesting.AssertUploadFakeToolsVersions(c, env.Storage(), usefulVersion) }