and a comma
This commit is contained in:
@@ -1,3 +1,6 @@
|
|||||||
apache_libcloud==3.7.0
|
apache_libcloud==3.7.0
|
||||||
|
azure-identity==1.12.0
|
||||||
|
azure-mgmt-network==22.2.0
|
||||||
|
azure-mgmt-resource==22.0.0
|
||||||
paramiko==2.11.1
|
paramiko==2.11.1
|
||||||
python-dotenv==1.0.0
|
python-dotenv==1.0.0
|
||||||
|
|||||||
139
secdep.py
139
secdep.py
@@ -29,7 +29,6 @@ from libcloud.compute.types import Provider
|
|||||||
from libcloud.compute.providers import get_driver
|
from libcloud.compute.providers import get_driver
|
||||||
from libcloud.compute.base import NodeAuthSSHKey
|
from libcloud.compute.base import NodeAuthSSHKey
|
||||||
from libcloud.compute.deployment import ScriptDeployment, SSHKeyDeployment, MultiStepDeployment
|
from libcloud.compute.deployment import ScriptDeployment, SSHKeyDeployment, MultiStepDeployment
|
||||||
|
|
||||||
from azure.identity import ClientSecretCredential
|
from azure.identity import ClientSecretCredential
|
||||||
from azure.mgmt.resource import ResourceManagementClient
|
from azure.mgmt.resource import ResourceManagementClient
|
||||||
from azure.mgmt.network import NetworkManagementClient
|
from azure.mgmt.network import NetworkManagementClient
|
||||||
@@ -964,63 +963,53 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi
|
|||||||
exit(0)
|
exit(0)
|
||||||
node = driver.create_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata)
|
node = driver.create_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata)
|
||||||
elif provider == "azure":
|
elif provider == "azure":
|
||||||
sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP)
|
print("Keep in mind azure node creation may take a while because we need to create all the needed resources first")
|
||||||
for sec_group in sec_groups:
|
res_groups = driver.ex_list_resource_groups()
|
||||||
if sec_group.name == name+"-sec_group":
|
for res_group in res_groups:
|
||||||
print("A security group with that name already exists, please try a different virtual machine name to differentiate the security group name")
|
if res_group.name == name+"-res_group":
|
||||||
|
print("A resource group with that name already exists, please try a different virtual machine name to differentiate the resource group name")
|
||||||
exit(0)
|
exit(0)
|
||||||
|
credential = ClientSecretCredential(client_id=SECDEP_AZURE_APP_ID, client_secret=SECDEP_AZURE_PASSWORD, tenant_id=SECDEP_AZURE_TENANT_ID)
|
||||||
# ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)
|
subscription_id = SECDEP_AZURE_SUB_ID
|
||||||
# for ip in ips:
|
resource_client = ResourceManagementClient(credential, subscription_id)
|
||||||
# if ip.name == name+"-ip":
|
network_client = NetworkManagementClient(credential, subscription_id)
|
||||||
# print("An ip with that name already exists, please try a different virtual machine name to differentiate the ip name")
|
# Create Resource group using azure sdk since libcloud does not offer that functionality
|
||||||
# exit(0)
|
res_group = resource_client.resource_groups.create_or_update(name+"-res_group", {"location": location.id})
|
||||||
|
# Create Virtual Network using azure sdk since libcloud does not offer that functionality
|
||||||
driver.ex_create_network_security_group(name=name+"-sec_group", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
|
poller = network_client.virtual_networks.begin_create_or_update(res_group.name, name+"-vir_net", { "location": location.id, "address_space": {"address_prefixes": ["10.0.0.0/16"]},},)
|
||||||
|
vir_net = poller.result()
|
||||||
|
# Create the default subnet using azure sdk since libcloud does not offer that functionality
|
||||||
|
poller = network_client.subnets.begin_create_or_update(res_group.name, vir_net.name, name+"-subnet", { "address_prefix": "10.0.0.0/24"},)
|
||||||
|
subnet = poller.result()
|
||||||
|
# Create Network Security Group
|
||||||
|
driver.ex_create_network_security_group(name=name+"-sec_group", resource_group=res_group.name, location=location)
|
||||||
|
# Get the created Virtual Network
|
||||||
networks = driver.ex_list_networks()
|
networks = driver.ex_list_networks()
|
||||||
for network in networks:
|
for network in networks:
|
||||||
if network.name == SECDEP_AZURE_VIRTUAL_NETWORK:
|
if network.name == vir_net.name:
|
||||||
ex_network = network
|
ex_network = network
|
||||||
break
|
break
|
||||||
else:
|
else:
|
||||||
print("Could not find the virtual network. Maybe it was not created beforehand?")
|
print("Could not find the virtual network. Maybe it was not created correctly?")
|
||||||
assert ex_network is not None, "In azure you need to manually go and create a virtual network before launching a virtual machine"
|
# Get Virtual Network's default subnet we created
|
||||||
if location.id != ex_network.location:
|
|
||||||
print("Because libcloud currently has no method to automatically create resource group which is tied to a location, the given location must be the same as the one specified when you created the virtual network")
|
|
||||||
print('Current virtual network\'s location: %s' % (ex_network.location))
|
|
||||||
exit(0)
|
|
||||||
subnet = driver.ex_list_subnets(network=ex_network)[0]
|
subnet = driver.ex_list_subnets(network=ex_network)[0]
|
||||||
|
# Create public ip
|
||||||
# public_ip = driver.ex_create_public_ip(name=name+"-ip", resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip_allocation_method="Static")
|
public_ip = driver.ex_create_public_ip(name=name+"-ip", resource_group=res_group.name, location=location, public_ip_allocation_method="Static")
|
||||||
|
# Create a Virtual Network Interface
|
||||||
public_ip = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)[0]
|
network_interface = driver.ex_create_network_interface(name=name+"-nic", subnet=subnet, resource_group=res_group.name, location=location, public_ip=public_ip)
|
||||||
network_interface = driver.ex_create_network_interface(name=name+"-nic", subnet=subnet, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location, public_ip=public_ip)
|
# Get the created Virtual Network Interface
|
||||||
nic = driver.ex_list_nics(resource_group=SECDEP_AZURE_RESOURCE_GROUP)[0]
|
nic = driver.ex_list_nics(resource_group=res_group.name)[0]
|
||||||
sec_group = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP)[0]
|
# Get the created Network Security Group
|
||||||
|
sec_group = driver.ex_list_network_security_groups(res_group.name)[0]
|
||||||
|
# Parameters to associate the Network Security Group to the Virtual Network Interface
|
||||||
params = {"ipConfigurations":[{"name":"myip1","id":nic.id,"type":"Microsoft.Network/networkInterfaces/ipConfigurations","properties":{"provisioningState":"Succeeded","privateIPAddress":"10.0.0.4","privateIPAllocationMethod":"Dynamic","publicIPAddress":{"id":public_ip.id},"subnet":{"id":subnet.id},"primary":"true","privateIPAddressVersion":"IPv4"}}],"dnsSettings":{"dnsServers":[]},"enableAcceleratedNetworking":"false","enableIPForwarding":"false","disableTcpStateTracking":"false","networkSecurityGroup":{"id":sec_group.id},"nicType":"Standard"}
|
params = {"ipConfigurations":[{"name":"myip1","id":nic.id,"type":"Microsoft.Network/networkInterfaces/ipConfigurations","properties":{"provisioningState":"Succeeded","privateIPAddress":"10.0.0.4","privateIPAllocationMethod":"Dynamic","publicIPAddress":{"id":public_ip.id},"subnet":{"id":subnet.id},"primary":"true","privateIPAddressVersion":"IPv4"}}],"dnsSettings":{"dnsServers":[]},"enableAcceleratedNetworking":"false","enableIPForwarding":"false","disableTcpStateTracking":"false","networkSecurityGroup":{"id":sec_group.id},"nicType":"Standard"}
|
||||||
newnic = driver.ex_update_nic_properties(nic, SECDEP_AZURE_RESOURCE_GROUP, params)
|
# New Virtual Network Interface associated with the Network Security Group
|
||||||
node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=SECDEP_AZURE_RESOURCE_GROUP, ex_use_managed_disks=True, ex_nic=newnic, ex_os_disk_delete=True)
|
newnic = driver.ex_update_nic_properties(nic, res_group.name, params)
|
||||||
|
# Update the Network Security Group's rules to accept connections using azure sdk since libcloud does not offer that functionality
|
||||||
# subscription_id = SECDEP_AZURE_SUB_ID
|
network_client.security_rules.begin_create_or_update(res_group.name, sec_group.name,"allowAllInbound", SecurityRule(protocol='*', source_address_prefix='*', destination_address_prefix='*', access='Allow', direction='Inbound', description='Allow all', source_port_range='*', destination_port_range='*', priority=4096, name="allowAll"))
|
||||||
# credentials = ServicePrincipalCredentials(
|
network_client.security_rules.begin_create_or_update(res_group.name, sec_group.name,"allowAllOutbound", SecurityRule(protocol='*', source_address_prefix='*', destination_address_prefix='*', access='Allow', direction='Outbound', description='Allow all', source_port_range='*', destination_port_range='*', priority=4096, name="allowAll"))
|
||||||
# client_id = SECDEP_AZURE_APP_ID,
|
# Create the node
|
||||||
# secret = SECDEP_AZURE_PASSWORD,
|
node = driver.create_node(name=name, size=size, image=image, location=location, auth=auth, ex_user_name="secdep", ex_resource_group=res_group.name, ex_use_managed_disks=True, ex_nic=newnic, ex_os_disk_delete=True)
|
||||||
# tenant = SECDEP_AZURE_TENANT_ID
|
|
||||||
# )
|
|
||||||
#
|
|
||||||
# network_client = NetworkManagementClient(
|
|
||||||
# credentials,
|
|
||||||
# subscription_id
|
|
||||||
# )
|
|
||||||
#
|
|
||||||
# network_client.security_rules.begin_create_or_update(SECDEP_AZURE_RESOURCE_GROUP,sec_group.name,"allowAllInbound",SecurityRule(
|
|
||||||
# protocol='*',
|
|
||||||
# source_address_prefix='*',
|
|
||||||
# destination_address_prefix='*',
|
|
||||||
# access='Allow',
|
|
||||||
# direction='Inbound', description='Allow all',source_port_range='*',
|
|
||||||
# destination_port_range='*',
|
|
||||||
# priority=4096, name="allowAll"))
|
|
||||||
else:
|
else:
|
||||||
keys = driver.list_key_pairs()
|
keys = driver.list_key_pairs()
|
||||||
for key in keys:
|
for key in keys:
|
||||||
@@ -1059,18 +1048,19 @@ def create_node(provider, name=None, location=None, size=None, image=None, confi
|
|||||||
exit(0)
|
exit(0)
|
||||||
node = driver.create_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata)
|
node = driver.create_node(name=name, image=image, size=size, location=location, ex_service_accounts=sa_scopes, ex_metadata=metadata)
|
||||||
elif provider == "azure":
|
elif provider == "azure":
|
||||||
|
print("Keep in mind azure node creation may take a while because we need to create all the needed resources first")
|
||||||
res_groups = driver.ex_list_resource_groups()
|
res_groups = driver.ex_list_resource_groups()
|
||||||
for res_group in res_groups:
|
for res_group in res_groups:
|
||||||
if res_group.name == name+"-res_group":
|
if res_group.name == name+"-res_group":
|
||||||
print("A resource group with that name already exists, please try a different virtual machine name to differentiate the resource group name")
|
print("A resource group with that name already exists, please try a different virtual machine name to differentiate the resource group name")
|
||||||
exit(0)
|
exit(0)
|
||||||
# Create Resource group using azure sdk since libcloud does not offer that functionality
|
|
||||||
credential = ClientSecretCredential(client_id=SECDEP_AZURE_APP_ID, client_secret=SECDEP_AZURE_PASSWORD, tenant_id=SECDEP_AZURE_TENANT_ID)
|
credential = ClientSecretCredential(client_id=SECDEP_AZURE_APP_ID, client_secret=SECDEP_AZURE_PASSWORD, tenant_id=SECDEP_AZURE_TENANT_ID)
|
||||||
subscription_id = SECDEP_AZURE_SUB_ID
|
subscription_id = SECDEP_AZURE_SUB_ID
|
||||||
resource_client = ResourceManagementClient(credential, subscription_id)
|
resource_client = ResourceManagementClient(credential, subscription_id)
|
||||||
|
network_client = NetworkManagementClient(credential, subscription_id)
|
||||||
|
# Create Resource group using azure sdk since libcloud does not offer that functionality
|
||||||
res_group = resource_client.resource_groups.create_or_update(name+"-res_group", {"location": location.id})
|
res_group = resource_client.resource_groups.create_or_update(name+"-res_group", {"location": location.id})
|
||||||
# Create Virtual Network using azure sdk since libcloud does not offer that functionality
|
# Create Virtual Network using azure sdk since libcloud does not offer that functionality
|
||||||
network_client = NetworkManagementClient(credential, subscription_id)
|
|
||||||
poller = network_client.virtual_networks.begin_create_or_update(res_group.name, name+"-vir_net", { "location": location.id, "address_space": {"address_prefixes": ["10.0.0.0/16"]},},)
|
poller = network_client.virtual_networks.begin_create_or_update(res_group.name, name+"-vir_net", { "location": location.id, "address_space": {"address_prefixes": ["10.0.0.0/16"]},},)
|
||||||
vir_net = poller.result()
|
vir_net = poller.result()
|
||||||
# Create the default subnet using azure sdk since libcloud does not offer that functionality
|
# Create the default subnet using azure sdk since libcloud does not offer that functionality
|
||||||
@@ -1240,6 +1230,10 @@ def node_action(action, provider):
|
|||||||
elif providerName == "azure":
|
elif providerName == "azure":
|
||||||
driver = get_corresponding_driver("azure")
|
driver = get_corresponding_driver("azure")
|
||||||
node_name = node.name
|
node_name = node.name
|
||||||
|
credential = ClientSecretCredential(client_id=SECDEP_AZURE_APP_ID, client_secret=SECDEP_AZURE_PASSWORD, tenant_id=SECDEP_AZURE_TENANT_ID)
|
||||||
|
subscription_id = SECDEP_AZURE_SUB_ID
|
||||||
|
resource_client = ResourceManagementClient(credential, subscription_id)
|
||||||
|
network_client = NetworkManagementClient(credential, subscription_id)
|
||||||
elif providerName == "aws":
|
elif providerName == "aws":
|
||||||
driver = get_corresponding_driver("aws")
|
driver = get_corresponding_driver("aws")
|
||||||
assert driver is not None, "Driver is not set up correctly"
|
assert driver is not None, "Driver is not set up correctly"
|
||||||
@@ -1262,26 +1256,13 @@ def node_action(action, provider):
|
|||||||
else:
|
else:
|
||||||
print("%s node %s -> failed" % (providerName.upper(), action))
|
print("%s node %s -> failed" % (providerName.upper(), action))
|
||||||
if providerName == "azure" and action == "delete":
|
if providerName == "azure" and action == "delete":
|
||||||
|
print("Deleting the corresponding resource group may take a while")
|
||||||
poller = resource_client.resource_groups.begin_delete(node_name+"-res_group")
|
poller = resource_client.resource_groups.begin_delete(node_name+"-res_group")
|
||||||
result = poller.result()
|
result = poller.result()
|
||||||
# node_location = node.extra['location']
|
|
||||||
# locations = driver.list_locations()
|
|
||||||
# for loc in locations:
|
|
||||||
# if loc.id == node_location:
|
|
||||||
# location = loc
|
|
||||||
# break
|
|
||||||
# sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP)
|
|
||||||
# for sec_group in sec_groups:
|
|
||||||
# # driver.ex_delete_resource(sec_group)
|
|
||||||
# if sec_group.name == node.name+"-sec_group":
|
|
||||||
# driver.ex_delete_network_security_group(name=sec_group.name, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
|
|
||||||
# ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)
|
|
||||||
# for ip in ips:
|
|
||||||
# if ip.name == node.name+"-ip":
|
|
||||||
# driver.ex_delete_public_ip(ip)
|
|
||||||
|
|
||||||
def node_action_all(action, provider):
|
def node_action_all(action, provider):
|
||||||
nodes = list_all_nodes(provider, action)
|
nodes = list_all_nodes(provider, action)
|
||||||
|
node_name = ""
|
||||||
for node in nodes:
|
for node in nodes:
|
||||||
providerName = node.name.split("-")[0]
|
providerName = node.name.split("-")[0]
|
||||||
if providerName == "gce":
|
if providerName == "gce":
|
||||||
@@ -1289,6 +1270,10 @@ def node_action_all(action, provider):
|
|||||||
elif providerName == "azure":
|
elif providerName == "azure":
|
||||||
driver = get_corresponding_driver("azure")
|
driver = get_corresponding_driver("azure")
|
||||||
node_name = node.name
|
node_name = node.name
|
||||||
|
credential = ClientSecretCredential(client_id=SECDEP_AZURE_APP_ID, client_secret=SECDEP_AZURE_PASSWORD, tenant_id=SECDEP_AZURE_TENANT_ID)
|
||||||
|
subscription_id = SECDEP_AZURE_SUB_ID
|
||||||
|
resource_client = ResourceManagementClient(credential, subscription_id)
|
||||||
|
network_client = NetworkManagementClient(credential, subscription_id)
|
||||||
elif providerName == "aws":
|
elif providerName == "aws":
|
||||||
driver = get_corresponding_driver("aws")
|
driver = get_corresponding_driver("aws")
|
||||||
assert driver is not None, "Driver is not set up correctly"
|
assert driver is not None, "Driver is not set up correctly"
|
||||||
@@ -1312,24 +1297,9 @@ def node_action_all(action, provider):
|
|||||||
else:
|
else:
|
||||||
print("%s node %s -> failed" % (node.name, string))
|
print("%s node %s -> failed" % (node.name, string))
|
||||||
if providerName == "azure" and action == "delete":
|
if providerName == "azure" and action == "delete":
|
||||||
|
print("Deleting the corresponding resource group may take a while")
|
||||||
poller = resource_client.resource_groups.begin_delete(node_name+"-res_group")
|
poller = resource_client.resource_groups.begin_delete(node_name+"-res_group")
|
||||||
result = poller.result()
|
result = poller.result()
|
||||||
# driver = get_corresponding_driver("azure")
|
|
||||||
# node_location = node.extra['location']
|
|
||||||
# locations = driver.list_locations()
|
|
||||||
# for loc in locations:
|
|
||||||
# if loc.id == node_location:
|
|
||||||
# location = loc
|
|
||||||
# break
|
|
||||||
# sec_groups = driver.ex_list_network_security_groups(SECDEP_AZURE_RESOURCE_GROUP)
|
|
||||||
# for sec_group in sec_groups:
|
|
||||||
# # driver.ex_delete_resource(sec_group)
|
|
||||||
# if sec_group.name == node.name+"-sec_group":
|
|
||||||
# driver.ex_delete_network_security_group(name=sec_group.name, resource_group=SECDEP_AZURE_RESOURCE_GROUP, location=location)
|
|
||||||
# ips = driver.ex_list_public_ips(SECDEP_AZURE_RESOURCE_GROUP)
|
|
||||||
# for ip in ips:
|
|
||||||
# if ip.name == node.name+"-ip":
|
|
||||||
# driver.ex_delete_public_ip(ip)
|
|
||||||
|
|
||||||
def ssh(provider):
|
def ssh(provider):
|
||||||
node = choose_from_list(list_all_nodes(provider), "node")
|
node = choose_from_list(list_all_nodes(provider), "node")
|
||||||
@@ -1413,6 +1383,3 @@ if args.image or args.size or args.name or args.region or args.yes and not args.
|
|||||||
exit(0)
|
exit(0)
|
||||||
if args.print and not args.list or args.listimages or args.listsizes or args.listlocations:
|
if args.print and not args.list or args.listimages or args.listsizes or args.listlocations:
|
||||||
print("The print flag only goes together with the list, list images, list sizes or list locations")
|
print("The print flag only goes together with the list, list images, list sizes or list locations")
|
||||||
# if args.create and not args.provider:
|
|
||||||
# print("Provider must be specified in oder to use the create action")
|
|
||||||
# exit(0)
|
|
||||||
|
|||||||
Reference in New Issue
Block a user