function execute($par)
{
if (!$this->getUser()->isLoggedIn()) {
$this->notLoggedIn();
return;
}
$this->userLDAP = new OpenStackNovaUser();
if (!$this->userLDAP->exists()) {
$this->noCredentials();
return;
}
$this->checkTwoFactor();
$this->userNova = OpenStackNovaController::newFromUser($this->userLDAP);
$action = $this->getRequest()->getVal('action');
if ($action === "delete") {
$this->deleteProject();
} elseif ($action === "addmember") {
$this->addMember();
} elseif ($action === "deletemember") {
$this->deleteMember();
} elseif ($action === "configureproject") {
$this->configureProject();
} elseif ($action === "displayquotas") {
$this->displayQuotas();
} else {
$this->listProjects();
}
}
function execute()
{
$result = $this->getResult();
$this->params = $this->extractRequestParams();
$this->userLDAP = new OpenStackNovaUser();
$this->canExecute();
$this->userNova = OpenStackNovaController::newFromUser($this->userLDAP);
$this->userNova->setProject($this->params['project']);
$this->userNova->setRegion($this->params['region']);
$address = $this->userNova->getAddress($this->params['id']);
if (!$address) {
$this->dieUsage('Address specified does not exist.', 'openstackmanager-nonexistenthost');
}
$ipAddr = $address->getPublicIp();
$instanceId = $address->getInstanceId();
$subaction = $this->params['subaction'];
switch ($subaction) {
case 'disassociate':
$success = $this->userNova->disassociateAddress($instanceId, $ipAddr);
if (!$success) {
$this->dieUsage('Failed to disassociate address', 'openstackmanager-disassociateaddressfailed');
}
$result->addValue(null, $this->getModuleName(), array('addressstate' => 'free'));
break;
}
}
function execute($par)
{
if (!$this->getUser()->isLoggedIn()) {
$this->notLoggedIn();
return;
}
$this->userLDAP = new OpenStackNovaUser();
if (!$this->userLDAP->exists()) {
$this->noCredentials();
return;
}
$this->checkTwoFactor();
$project = $this->getRequest()->getText('project');
$region = $this->getRequest()->getText('region');
$this->userNova = OpenStackNovaController::newFromUser($this->userLDAP);
$this->userNova->setProject($project);
$this->userNova->setRegion($region);
$action = $this->getRequest()->getVal('action');
if ($action === "create") {
$this->createSecurityGroup();
} elseif ($action === "delete") {
$this->deleteSecurityGroup();
} elseif ($action === "addrule") {
$this->addRule();
} elseif ($action === "removerule") {
$this->removeRule();
} else {
$this->listSecurityGroups();
}
}
public function execute()
{
global $wgAuth;
global $wgOpenStackManagerLDAPUsername;
global $wgOpenStackManagerLDAPUserPassword;
$user = new OpenStackNovaUser($wgOpenStackManagerLDAPUsername);
$userNova = OpenStackNovaController::newFromUser($user);
$projects = OpenStackNovaProject::getAllProjects();
# HACK (please fix): Keystone doesn't deliver services and endpoints unless
# a project token is returned, so we need to feed it a project. Ideally this
# should be configurable, and not hardcoded like this.
$userNova->setProject('bastion');
$userNova->authenticate($wgOpenStackManagerLDAPUsername, $wgOpenStackManagerLDAPUserPassword);
$regions = $userNova->getRegions('compute');
foreach ($regions as $region) {
$this->output("Running region : " . $region . "\n");
foreach ($projects as $project) {
$projectName = $project->getProjectName();
$this->output("Running project : " . $projectName . "\n");
$userNova->setProject($projectName);
$userNova->setRegion($region);
$instances = $userNova->getInstances();
if (!$instances) {
$wgAuth->printDebug("No instance, continuing", NONSENSITIVE);
continue;
}
foreach ($instances as $instance) {
$this->output("Updating instance : " . $instance->getInstanceId() . "\n");
$instance->editArticle($userNova);
}
}
}
$this->output("Done.\n");
}
function execute($par)
{
if (!$this->getUser()->isLoggedIn()) {
$this->notLoggedIn();
return;
}
$this->userLDAP = new OpenStackNovaUser();
if (!$this->userLDAP->exists()) {
$this->noCredentials();
return;
}
$this->checkTwoFactor();
$project = $this->getRequest()->getText('project');
$region = $this->getRequest()->getText('region');
$this->userNova = OpenStackNovaController::newFromUser($this->userLDAP);
$this->userNova->setProject($project);
$this->userNova->setRegion($region);
$action = $this->getRequest()->getVal('action');
if ($action === "allocate") {
$this->allocateAddress();
} elseif ($action === "release") {
$this->releaseAddress();
} elseif ($action === "associate") {
$this->associateAddress();
} elseif ($action === "disassociate") {
$this->disassociateAddress();
} elseif ($action === "addhost") {
$this->addHost();
} elseif ($action === "removehost") {
$this->removeHost();
} else {
$this->listAddresses();
}
}
public function execute()
{
global $wgAuth;
global $wgOpenStackManagerLDAPUsername;
global $wgOpenStackManagerLDAPUserPassword;
if ($this->hasOption('all-instances')) {
if ($this->hasOption('region')) {
$this->error("--all-instances cannot be used with --region.\n", true);
}
$instancelist = array();
$user = new OpenStackNovaUser($wgOpenStackManagerLDAPUsername);
$userNova = OpenStackNovaController::newFromUser($user);
$projects = OpenStackNovaProject::getAllProjects();
$userNova->setProject('bastion');
$userNova->authenticate($wgOpenStackManagerLDAPUsername, $wgOpenStackManagerLDAPUserPassword);
$regions = $userNova->getRegions('compute');
foreach ($regions as $region) {
foreach ($projects as $project) {
$projectName = $project->getProjectName();
$userNova->setProject($projectName);
$userNova->setRegion($region);
$instances = $userNova->getInstances();
if ($instances) {
foreach ($instances as $instance) {
$instancelist[] = array($region, $instance->getInstanceName(), $projectName);
}
}
}
}
} elseif ($this->hasOption('name')) {
if (!$this->hasOption('region')) {
$this->error("--name requires --region.\n", true);
}
if (!$this->hasOption('project')) {
$this->error("--name requires --project.\n", true);
}
$instancelist = array(array($this->getOption('region'), $this->getOption('name'), $this->getOption('project')));
} else {
$this->error("Must specify either --name or --all-instances.\n", true);
}
if (!class_exists('OpenStackNovaHost')) {
$this->error("Couldn't find OpenStackNovaHost class.\n", true);
}
OpenStackNovaLdapConnection::connect();
foreach ($instancelist as $instancepair) {
list($instanceregion, $instancename, $instanceproject) = $instancepair;
$host = OpenStackNovaHost::getHostByNameAndProject($instancename, $instanceproject, $instanceregion);
if (!$host) {
print "Skipping {$instancename}.{$instanceproject}.{$instanceregion}; not found.\n";
continue;
}
print "\nFor instance {$instancename} in region {$instanceregion} and project {$instanceproject}:\n\n";
$namefqdn = $instancename . '.' . $instanceproject . '.' . $instanceregion . '.' . 'wmflabs';
$host->addAssociatedDomain($namefqdn);
}
}
function execute($par)
{
if (!$this->getUser()->isLoggedIn()) {
$this->notLoggedIn();
return;
}
$this->userLDAP = new OpenStackNovaUser();
if (!$this->userLDAP->exists()) {
$this->noCredentials();
return;
}
$this->checkTwoFactor();
$project = $this->getRequest()->getVal('project');
$region = $this->getRequest()->getVal('region');
$this->userNova = OpenStackNovaController::newFromUser($this->userLDAP);
$this->userNova->setProject($project);
$this->userNova->setRegion($region);
# ?action=
$action = $this->getRequest()->getVal('action');
if ($action === "create") {
if (!$this->userLDAP->inProject($project)) {
$this->notInProject($project);
return;
}
$this->createInstance();
} elseif ($action === "delete") {
if (!$this->userLDAP->inProject($project)) {
$this->notInProject($project);
return;
}
$this->deleteInstance();
} elseif ($action === "configure") {
if (!$this->userLDAP->inProject($project)) {
$this->notInProject($project);
return;
}
$this->configureInstance();
} elseif ($action === "reboot") {
if (!$this->userLDAP->inProject($project)) {
$this->notInProject($project);
return;
}
$this->rebootInstance();
} elseif ($action === "consoleoutput") {
if (!$this->userLDAP->inProject($project)) {
$this->notInProject($project);
return;
}
$this->getConsoleOutput();
} else {
# Fall back to listing all instances
$this->listInstances();
}
}
function execute($par)
{
if (!$this->getUser()->isLoggedIn()) {
$this->notLoggedIn();
return;
}
$this->userLDAP = new OpenStackNovaUser();
if (!$this->userLDAP->exists()) {
$this->noCredentials();
return;
}
$this->checkTwoFactor();
$project = $this->getRequest()->getVal('project');
$region = $this->getRequest()->getVal('region');
$this->userNova = OpenStackNovaController::newFromUser($this->userLDAP);
$this->userNova->setProject($project);
$this->userNova->setRegion($region);
$action = $this->getRequest()->getVal('action');
if ($action === "create") {
if (!$this->userLDAP->inProject($project)) {
$this->notInProject($project);
return;
}
$this->createVolume();
} elseif ($action === "delete") {
if (!$this->userLDAP->inProject($project)) {
$this->notInProject($project);
return;
}
$this->deleteVolume();
} elseif ($action === "attach") {
if (!$this->userLDAP->inProject($project)) {
$this->notInProject($project);
return;
}
$this->attachVolume();
} elseif ($action === "detach") {
if (!$this->userLDAP->inProject($project)) {
$this->notInProject($project);
return;
}
$this->detachVolume();
} else {
$this->listVolumes();
}
}
function execute($par)
{
if (!$this->getUser()->isLoggedIn()) {
$this->notLoggedIn();
return;
}
$this->userLDAP = new OpenStackNovaUser();
if (!$this->userLDAP->exists()) {
$this->noCredentials();
return;
}
$this->checkTwoFactor();
$project = $this->getRequest()->getVal('project');
$region = $this->getRequest()->getVal('region');
$this->userNova = OpenStackNovaController::newFromUser($this->userLDAP);
$this->userNova->setProject($project);
$this->userNova->setRegion($region);
$this->listInstances();
}
function execute($par)
{
if (!$this->getUser()->isLoggedIn()) {
$this->notLoggedIn();
return;
}
$this->userLDAP = new OpenStackNovaUser();
if (!$this->userLDAP->exists()) {
$this->noCredentials();
return;
}
$this->checkTwoFactor();
$action = $this->getRequest()->getVal('action');
$this->projectName = $this->getRequest()->getText('project');
$this->project = OpenStackNovaProject::getProjectByName($this->projectName);
$region = $this->getRequest()->getVal('region');
$this->userNova = OpenStackNovaController::newFromUser($this->userLDAP);
$this->userNova->setProject($this->projectName);
$this->userNova->setRegion($region);
if ($action === "create") {
if (!$this->userLDAP->inProject($this->projectName)) {
$this->notInProject($this->projectName);
return;
}
$this->createProxy();
} elseif ($action === "delete") {
if (!$this->userLDAP->inProject($this->projectName)) {
$this->notInProject($this->project);
return;
}
$this->deleteProxy();
} elseif ($action === "modify") {
if (!$this->userLDAP->inProject($this->projectName)) {
$this->notInProject($this->project);
return;
}
$this->modifyProxy();
} else {
$this->listProxies();
}
}
public function execute()
{
global $wgAuth;
global $wgOpenStackManagerLDAPUsername;
global $wgOpenStackManagerLDAPUserPassword;
$user = new OpenStackNovaUser($wgOpenStackManagerLDAPUsername);
$userNova = OpenStackNovaController::newFromUser($user);
$projects = OpenStackNovaProject::getAllProjects();
# HACK (please fix): Keystone doesn't deliver services and endpoints unless
# a project token is returned, so we need to feed it a project. Ideally this
# should be configurable, and not hardcoded like this.
$userNova->setProject('bastion');
$userNova->authenticate($wgOpenStackManagerLDAPUsername, $wgOpenStackManagerLDAPUserPassword);
$regions = $userNova->getRegions('compute');
foreach ($regions as $region) {
$this->output("Running region: " . $region . "\n");
foreach ($projects as $project) {
$projectName = $project->getProjectName();
$this->output("Running project: " . $projectName . "\n");
$userNova->setProject($projectName);
$userNova->setRegion($region);
$instances = $userNova->getInstances();
if (!$instances) {
$wgAuth->printDebug("No instance, continuing", NONSENSITIVE);
continue;
}
foreach ($instances as $instance) {
$host = $instance->getHost();
if (!$host) {
$this->output("Skipping instance due to missing host entry: " . $instance->getInstanceId() . "\n");
continue;
}
$this->output("Renaming instance: " . $instance->getInstanceId() . "\n");
$ot = Title::newFromText($instance->getInstanceId(), NS_NOVA_RESOURCE);
$nt = Title::newFromText($host->getFullyQualifiedHostName(), NS_NOVA_RESOURCE);
$ot->moveTo($nt, false, 'Maintenance script move from id to fqdn.');
}
}
}
$this->output("Done.\n");
}
public function run()
{
global $wgOpenStackManagerLDAPUsername;
global $wgOpenStackManagerLDAPUserPassword;
global $wgMemc;
$params = $this->extractRequestParams();
$project = OpenStackNovaProject::getProjectByName($params['project']);
if (!$project) {
// This shouldn't be possible since the API should enforce valid names
$this->dieUsage('Invalid project specified.', 'badproject');
}
$key = wfMemcKey('openstackmanager', 'apilistnovainstances', $params['region'], $params['project']);
$instancesInfo = $wgMemc->get($key);
if ($instancesInfo === false) {
$user = new OpenStackNovaUser($wgOpenStackManagerLDAPUsername);
$userNova = OpenStackNovaController::newFromUser($user);
$userNova->authenticate($wgOpenStackManagerLDAPUsername, $wgOpenStackManagerLDAPUserPassword);
$userNova->setProject($project->getName());
$userNova->setRegion($params['region']);
// validated by API
$instances = $userNova->getInstances();
$instancesInfo = array();
foreach ($instances as $instance) {
$instancesInfo[] = array('name' => $instance->getInstanceName(), 'state' => $instance->getInstanceState(), 'ip' => $instance->getInstancePrivateIPs(), 'id' => $instance->getInstanceId(), 'floatingip' => $instance->getInstancePublicIPs(), 'securitygroups' => $instance->getSecurityGroups(), 'imageid' => $instance->getImageId());
}
}
// Cache info for 1 minute, not caching for longer since we do not invalidate
$wgMemc->set($key, $instancesInfo, 1 * 60);
foreach ($instancesInfo as $info) {
// UGH I hate XML
$this->getResult()->setIndexedTagName($info['securitygroups'], 'group');
$this->getResult()->setIndexedTagName($info['ip'], 'ip');
$this->getResult()->setIndexedTagName($info['floatingip'], 'floatingip');
$this->getResult()->addValue(array('query', $this->getModuleName()), null, $info);
}
if (defined('ApiResult::META_CONTENT')) {
$this->getResult()->addIndexedTagName(array('query', $this->getModuleName()), 'instance');
} else {
$this->getResult()->setIndexedTagName_internal(array('query', $this->getModuleName()), 'instance');
}
}
function execute()
{
global $wgUser;
$this->params = $this->extractRequestParams();
$this->userLDAP = new OpenStackNovaUser();
$this->canExecute();
$this->userNova = OpenStackNovaController::newFromUser($this->userLDAP);
$this->userNova->setProject($this->params['project']);
$this->userNova->setRegion($this->params['region']);
switch ($this->params['subaction']) {
case 'reboot':
$success = $this->userNova->rebootInstance($this->params['instanceid']);
if (!$success) {
$this->dieUsage('Failed to reboot instance.', 'openstackmanager-rebootinstancefailed');
}
$instance = $this->userNova->getInstance($this->params['instanceid']);
if ($instance) {
$this->getResult()->addValue(null, $this->getModuleName(), array('instancestate' => $instance->getInstanceState()));
}
break;
case 'consoleoutput':
$output = $this->userNova->getConsoleOutput($this->params['instanceid']);
$this->getResult()->addValue(null, $this->getModuleName(), array('consoleoutput' => $output));
break;
case 'delete':
$instanceOSID = $this->params['instanceid'];
$instance = $this->userNova->getInstance($instanceOSID);
if (!$instance) {
$this->dieUsage('The instance requested does not exist.', 'openstackmanager-nonexistanthost');
}
$result = $instance->deleteInstance($this->userNova);
if (!$result) {
$this->dieUsage('Failed to delete the instance.', 'openstackmanager-deleteinstancefailed');
}
break;
}
}
/**
* @param $username string
* @param $password string
* @param $result bool
* @return bool
*/
static function ChainAuth($username, $password, &$result)
{
global $wgOpenStackManagerLDAPUseUidAsNamingAttribute;
$user = new OpenStackNovaUser($username);
$userNova = OpenStackNovaController::newFromUser($user);
if ($wgOpenStackManagerLDAPUseUidAsNamingAttribute) {
$username = $user->getUid();
}
$token = $userNova->authenticate($username, $password);
if ($token) {
$result = true;
# Add token to session, so that it can be referenced later
$_SESSION['wsOpenStackToken'] = $token;
} else {
$result = false;
}
return $result;
}
