2015-01-14 01:26:32 +00:00
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
#
|
|
|
|
# Copyright (C) 2015 GNS3 Technologies Inc.
|
|
|
|
#
|
|
|
|
# This program is free software: you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
|
|
# (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
2015-01-23 01:04:24 +00:00
|
|
|
import sys
|
|
|
|
import os
|
|
|
|
import struct
|
|
|
|
import stat
|
2015-01-14 01:26:32 +00:00
|
|
|
import asyncio
|
|
|
|
import aiohttp
|
2015-01-23 01:04:24 +00:00
|
|
|
import socket
|
|
|
|
|
|
|
|
import logging
|
|
|
|
log = logging.getLogger(__name__)
|
2015-01-14 01:26:32 +00:00
|
|
|
|
2015-01-20 01:30:57 +00:00
|
|
|
from uuid import UUID, uuid4
|
2015-01-21 02:02:22 +00:00
|
|
|
from ..config import Config
|
2015-01-20 11:46:15 +00:00
|
|
|
from .project_manager import ProjectManager
|
2015-01-14 01:26:32 +00:00
|
|
|
|
2015-01-23 01:04:24 +00:00
|
|
|
from .nios.nio_udp import NIO_UDP
|
|
|
|
from .nios.nio_tap import NIO_TAP
|
|
|
|
|
2015-01-14 01:26:32 +00:00
|
|
|
|
2015-01-14 17:52:02 +00:00
|
|
|
class BaseManager:
|
2015-01-20 12:24:00 +00:00
|
|
|
|
2015-01-14 01:26:32 +00:00
|
|
|
"""
|
2015-01-14 17:52:02 +00:00
|
|
|
Base class for all Manager.
|
2015-01-14 01:26:32 +00:00
|
|
|
Responsible of management of a VM pool
|
|
|
|
"""
|
|
|
|
|
|
|
|
def __init__(self):
|
2015-01-19 21:43:35 +00:00
|
|
|
|
2015-01-14 01:26:32 +00:00
|
|
|
self._vms = {}
|
2015-01-19 21:43:35 +00:00
|
|
|
self._port_manager = None
|
2015-01-21 02:02:22 +00:00
|
|
|
self._config = Config.instance()
|
2015-01-14 01:26:32 +00:00
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def instance(cls):
|
|
|
|
"""
|
2015-01-18 22:41:53 +00:00
|
|
|
Singleton to return only one instance of BaseManager.
|
2015-01-14 01:26:32 +00:00
|
|
|
|
2015-01-19 21:43:35 +00:00
|
|
|
:returns: instance of BaseManager
|
2015-01-14 01:26:32 +00:00
|
|
|
"""
|
|
|
|
|
2015-01-16 16:09:45 +00:00
|
|
|
if not hasattr(cls, "_instance") or cls._instance is None:
|
2015-01-14 01:26:32 +00:00
|
|
|
cls._instance = cls()
|
|
|
|
return cls._instance
|
|
|
|
|
2015-01-21 22:21:15 +00:00
|
|
|
@property
|
|
|
|
def module_name(self):
|
|
|
|
"""
|
|
|
|
Returns the module name.
|
|
|
|
|
|
|
|
:returns: module name
|
|
|
|
"""
|
|
|
|
|
|
|
|
return self.__class__.__name__
|
|
|
|
|
2015-01-19 10:22:24 +00:00
|
|
|
@property
|
|
|
|
def port_manager(self):
|
|
|
|
"""
|
2015-01-21 02:02:22 +00:00
|
|
|
Returns the port manager.
|
2015-01-19 10:22:24 +00:00
|
|
|
|
|
|
|
:returns: Port manager
|
|
|
|
"""
|
|
|
|
|
|
|
|
return self._port_manager
|
|
|
|
|
|
|
|
@port_manager.setter
|
|
|
|
def port_manager(self, new_port_manager):
|
|
|
|
|
2015-01-19 21:43:35 +00:00
|
|
|
self._port_manager = new_port_manager
|
2015-01-19 10:22:24 +00:00
|
|
|
|
2015-01-21 02:02:22 +00:00
|
|
|
@property
|
|
|
|
def config(self):
|
|
|
|
"""
|
|
|
|
Returns the server config.
|
|
|
|
|
|
|
|
:returns: Config
|
|
|
|
"""
|
|
|
|
|
|
|
|
return self._config
|
|
|
|
|
2015-01-14 01:26:32 +00:00
|
|
|
@classmethod
|
2015-01-19 21:43:35 +00:00
|
|
|
@asyncio.coroutine # FIXME: why coroutine?
|
2015-01-14 01:26:32 +00:00
|
|
|
def destroy(cls):
|
2015-01-20 01:30:57 +00:00
|
|
|
|
2015-01-14 01:26:32 +00:00
|
|
|
cls._instance = None
|
|
|
|
|
2015-01-20 01:30:57 +00:00
|
|
|
def get_vm(self, uuid):
|
2015-01-14 01:26:32 +00:00
|
|
|
"""
|
|
|
|
Returns a VM instance.
|
|
|
|
|
2015-01-20 01:30:57 +00:00
|
|
|
:param uuid: VM UUID
|
2015-01-14 01:26:32 +00:00
|
|
|
|
|
|
|
:returns: VM instance
|
|
|
|
"""
|
|
|
|
|
2015-01-20 01:30:57 +00:00
|
|
|
try:
|
|
|
|
UUID(uuid, version=4)
|
|
|
|
except ValueError:
|
|
|
|
raise aiohttp.web.HTTPBadRequest(text="{} is not a valid UUID".format(uuid))
|
|
|
|
|
|
|
|
if uuid not in self._vms:
|
|
|
|
raise aiohttp.web.HTTPNotFound(text="UUID {} doesn't exist".format(uuid))
|
|
|
|
return self._vms[uuid]
|
2015-01-14 01:26:32 +00:00
|
|
|
|
|
|
|
@asyncio.coroutine
|
2015-01-21 02:02:22 +00:00
|
|
|
def create_vm(self, name, project_uuid, uuid, *args, **kwargs):
|
2015-01-20 11:46:15 +00:00
|
|
|
"""
|
|
|
|
Create a new VM
|
|
|
|
|
2015-01-21 02:02:22 +00:00
|
|
|
:param name: VM name
|
|
|
|
:param project_uuid: UUID of Project
|
|
|
|
:param uuid: restore a VM UUID
|
2015-01-20 11:46:15 +00:00
|
|
|
"""
|
2015-01-20 22:28:40 +00:00
|
|
|
|
2015-01-21 02:02:22 +00:00
|
|
|
project = ProjectManager.instance().get_project(project_uuid)
|
2015-01-20 01:30:57 +00:00
|
|
|
|
2015-01-20 12:04:20 +00:00
|
|
|
# TODO: support for old projects VM with normal IDs.
|
2015-01-20 01:30:57 +00:00
|
|
|
|
|
|
|
if not uuid:
|
|
|
|
uuid = str(uuid4())
|
|
|
|
|
2015-01-21 02:02:22 +00:00
|
|
|
vm = self._VM_CLASS(name, uuid, project, self, *args, **kwargs)
|
2015-01-22 00:41:35 +00:00
|
|
|
if asyncio.iscoroutinefunction(vm.create):
|
|
|
|
yield from vm.create()
|
|
|
|
else:
|
|
|
|
vm.create()
|
2015-01-20 01:30:57 +00:00
|
|
|
self._vms[vm.uuid] = vm
|
2015-01-14 01:26:32 +00:00
|
|
|
return vm
|
2015-01-22 10:34:10 +00:00
|
|
|
|
|
|
|
@asyncio.coroutine
|
|
|
|
def delete_vm(self, uuid):
|
|
|
|
"""
|
|
|
|
Delete a VM
|
|
|
|
|
|
|
|
:param uuid: VM UUID
|
|
|
|
"""
|
|
|
|
|
|
|
|
vm = self.get_vm(uuid)
|
|
|
|
if asyncio.iscoroutinefunction(vm.destroy):
|
|
|
|
yield from vm.destroy()
|
|
|
|
else:
|
|
|
|
vm.destroy()
|
|
|
|
del self._vms[vm.uuid]
|
2015-01-23 01:04:24 +00:00
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
def _has_privileged_access(executable):
|
|
|
|
"""
|
|
|
|
Check if an executable can access Ethernet and TAP devices in
|
|
|
|
RAW mode.
|
|
|
|
|
|
|
|
:param executable: executable path
|
|
|
|
|
|
|
|
:returns: True or False
|
|
|
|
"""
|
|
|
|
|
|
|
|
if sys.platform.startswith("win"):
|
|
|
|
# do not check anything on Windows
|
|
|
|
return True
|
|
|
|
|
|
|
|
if os.geteuid() == 0:
|
|
|
|
# we are root, so we should have privileged access.
|
|
|
|
return True
|
|
|
|
if os.stat(executable).st_mode & stat.S_ISUID or os.stat(executable).st_mode & stat.S_ISGID:
|
|
|
|
# the executable has set UID bit.
|
|
|
|
return True
|
|
|
|
|
|
|
|
# test if the executable has the CAP_NET_RAW capability (Linux only)
|
|
|
|
if sys.platform.startswith("linux") and "security.capability" in os.listxattr(executable):
|
|
|
|
try:
|
|
|
|
caps = os.getxattr(executable, "security.capability")
|
|
|
|
# test the 2nd byte and check if the 13th bit (CAP_NET_RAW) is set
|
|
|
|
if struct.unpack("<IIIII", caps)[1] & 1 << 13:
|
|
|
|
return True
|
|
|
|
except Exception as e:
|
|
|
|
log.error("could not determine if CAP_NET_RAW capability is set for {}: {}".format(executable, e))
|
|
|
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
def create_nio(self, executable, nio_settings):
|
|
|
|
"""
|
|
|
|
Creates a new NIO.
|
|
|
|
|
|
|
|
:param nio_settings: information to create the NIO
|
|
|
|
|
|
|
|
:returns: a NIO object
|
|
|
|
"""
|
|
|
|
|
|
|
|
nio = None
|
|
|
|
if nio_settings["type"] == "nio_udp":
|
|
|
|
lport = nio_settings["lport"]
|
|
|
|
rhost = nio_settings["rhost"]
|
|
|
|
rport = nio_settings["rport"]
|
|
|
|
try:
|
|
|
|
# TODO: handle IPv6
|
|
|
|
with socket.socket(socket.AF_INET, socket.SOCK_DGRAM) as sock:
|
|
|
|
sock.connect((rhost, rport))
|
|
|
|
except OSError as e:
|
|
|
|
raise aiohttp.web.HTTPInternalServerError(text="Could not create an UDP connection to {}:{}: {}".format(rhost, rport, e))
|
|
|
|
nio = NIO_UDP(lport, rhost, rport)
|
|
|
|
elif nio_settings["type"] == "nio_tap":
|
|
|
|
tap_device = nio_settings["tap_device"]
|
|
|
|
if not self._has_privileged_access(executable):
|
|
|
|
raise aiohttp.web.HTTPForbidden(text="{} has no privileged access to {}.".format(executable, tap_device))
|
|
|
|
nio = NIO_TAP(tap_device)
|
|
|
|
assert nio is not None
|
|
|
|
return nio
|