} else {
if ($_REQUEST['openstack_keystone_url']) {
$pars[SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::KEYSTONE_URL] = $_REQUEST['openstack_keystone_url'];
$updateEnv = true;
} else {
$pars[SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::KEYSTONE_URL] = $env->getPlatformConfigValue(SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::KEYSTONE_URL);
}
$pars[SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::USERNAME] = $env->getPlatformConfigValue(SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::USERNAME);
$pars[SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::PASSWORD] = $env->getPlatformConfigValue(SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::PASSWORD);
$pars[SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::TENANT_NAME] = $env->getPlatformConfigValue(SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::TENANT_NAME);
}
if ($updateEnv) {
$env->setPlatformConfig(array(SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::AUTH_TOKEN => false));
}
//var_dump($pars);
$os = new OpenStack(new OpenStackConfig($pars[SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::USERNAME], $pars[SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::KEYSTONE_URL], 'fake-region', null, null, null, $pars[SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::PASSWORD], $pars[SERVER_PLATFORMS::ECS . "." . OpenstackPlatformModule::TENANT_NAME]));
$zones = $os->listZones();
if ($updateEnv) {
$env->enablePlatform(SERVER_PLATFORMS::ECS, true);
$env->setPlatformConfig($pars);
}
unset($env);
$env = Scalr_Environment::init()->loadById($envId);
\Scalr::getContainer()->environment = $env;
$configSet = false;
foreach ($zones as $zone) {
$osClient = $env->openstack(SERVER_PLATFORMS::ECS, $zone->name);
// Check SG Extension
if (!$configSet) {
$pars2 = array();
$pars2[getOpenStackOption('EXT_SECURITYGROUPS_ENABLED')] = (int) $osClient->servers->isExtensionSupported(ServersExtension::securityGroups());
public function xSaveOpenstackAction()
{
$pars = array();
$enabled = false;
$platform = $this->getParam('platform');
$currentCloudCredentials = $this->env->cloudCredentials($platform);
$ccProps = $currentCloudCredentials->properties;
if ($this->getParam("{$platform}_is_enabled")) {
$enabled = true;
$pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL, 'string', 'KeyStone URL required', $platform);
$pars[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_USERNAME, 'string', 'Username required', $platform);
$pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD, 'string', '', $platform);
$pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_API_KEY, 'string', '', $platform);
$pars[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME, 'string', '', $platform);
$pars[Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME, 'string', '', $platform);
$pars[Entity\CloudCredentialsProperty::OPENSTACK_SSL_VERIFYPEER] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_SSL_VERIFYPEER, 'string', '', $platform);
if (empty($this->checkVarError) && empty($pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD]) && empty($pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY])) {
$this->checkVarError['API_KEY'] = 'Either API Key or password must be provided.';
}
}
if (count($this->checkVarError)) {
$this->response->failure();
$this->response->data(array('errors' => $this->checkVarError));
} else {
$ccProps->saveSettings([Entity\CloudCredentialsProperty::OPENSTACK_AUTH_TOKEN => false]);
if ($this->getParam("{$platform}_is_enabled")) {
$os = new OpenStack(new OpenStackConfig($pars[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL], 'fake-region', $pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY], null, null, $pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD], $pars[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME]));
//It throws an exception on failure
$os->listZones();
}
$this->db->BeginTrans();
try {
$this->env->enablePlatform($platform, $enabled);
if ($enabled) {
$this->makeCloudCredentials($platform, $pars);
}
if (!$this->user->getAccount()->getSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED)) {
$this->user->getAccount()->setSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED, time());
}
$this->response->success('Environment saved');
$this->response->data(array('enabled' => $enabled));
} catch (Exception $e) {
$this->db->RollbackTrans();
throw new Exception(_('Failed to save ' . ucfirst($platform) . ' settings'));
}
$this->db->CommitTrans();
}
}
public function xSaveOpenstackAction()
{
$pars = array();
$enabled = false;
$platform = $this->getParam('platform');
if ($this->getParam("{$platform}_is_enabled")) {
$enabled = true;
$pars[$this->getOpenStackOption('KEYSTONE_URL')] = $this->checkVar(OpenstackPlatformModule::KEYSTONE_URL, 'string', 'KeyStone URL required');
$pars[$this->getOpenStackOption('USERNAME')] = $this->checkVar(OpenstackPlatformModule::USERNAME, 'string', 'Username required');
$pars[$this->getOpenStackOption('PASSWORD')] = $this->checkVar(OpenstackPlatformModule::PASSWORD, 'string');
$pars[$this->getOpenStackOption('API_KEY')] = $this->checkVar(OpenstackPlatformModule::API_KEY, 'string');
$pars[$this->getOpenStackOption('TENANT_NAME')] = $this->checkVar(OpenstackPlatformModule::TENANT_NAME, 'string');
$pars[$this->getOpenStackOption('SSL_VERIFYPEER')] = $this->checkVar(OpenstackPlatformModule::SSL_VERIFYPEER, 'string');
if (empty($this->checkVarError) && empty($pars[$this->getOpenStackOption('PASSWORD')]) && empty($pars[$this->getOpenStackOption('API_KEY')])) {
$this->checkVarError['API_KEY'] = 'Either API Key or password must be provided.';
}
}
if (count($this->checkVarError)) {
$this->response->failure();
$this->response->data(array('errors' => $this->checkVarError));
} else {
$this->env->setPlatformConfig(array("{$platform}." . OpenstackPlatformModule::AUTH_TOKEN => false));
if ($this->getParam($platform . "_is_enabled")) {
$os = new OpenStack(new OpenStackConfig($pars[$this->getOpenStackOption('USERNAME')], $pars[$this->getOpenStackOption('KEYSTONE_URL')], 'fake-region', $pars[$this->getOpenStackOption('API_KEY')], null, null, $pars[$this->getOpenStackOption('PASSWORD')], $pars[$this->getOpenStackOption('TENANT_NAME')]));
//It throws an exception on failure
$os->listZones();
}
$this->db->BeginTrans();
try {
$this->env->enablePlatform($platform, $enabled);
if ($enabled) {
$this->env->setPlatformConfig($pars);
}
if (!$this->user->getAccount()->getSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED)) {
$this->user->getAccount()->setSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED, time());
}
$this->response->success('Environment saved');
$this->response->data(array('enabled' => $enabled));
} catch (Exception $e) {
$this->db->RollbackTrans();
throw new Exception(_('Failed to save ' . ucfirst($platform) . ' settings'));
}
$this->db->CommitTrans();
}
}
private function saveOpenstack()
{
$pars = array();
$enabled = false;
$platform = $this->getParam('platform');
$currentCloudCredentials = $this->env->keychain($platform);
$bNew = !$currentCloudCredentials->isEnabled();
if (!$bNew) {
$oldUrl = $currentCloudCredentials->properties[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL];
}
if ($this->getParam("{$platform}_is_enabled")) {
$enabled = true;
$pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL] = trim($this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL, 'string', 'KeyStone URL required', $platform));
$pars[Entity\CloudCredentialsProperty::OPENSTACK_SSL_VERIFYPEER] = trim($this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_SSL_VERIFYPEER, 'bool', '', $platform));
$pars[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_USERNAME, 'string', 'Username required', $platform);
$pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD, 'password', '', $platform, false);
$pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_API_KEY, 'string', '', $platform);
$pars[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION] = OpenStackConfig::parseIdentityVersion($pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL]);
$pars[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME, 'string', '', $platform);
$pars[Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME, 'string', '', $platform);
if (empty($this->checkVarError) && empty($pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD]) && empty($pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY])) {
$this->checkVarError['api_key'] = $this->checkVarError['password'] = '******';
}
}
/* @var $config Yaml */
$config = $this->env->getContainer()->config;
if (isset($platform) && $config->defined("scalr.{$platform}.use_proxy") && $config("scalr.{$platform}.use_proxy") && in_array($config('scalr.connections.proxy.use_on'), ['both', 'scalr'])) {
$proxySettings = $config('scalr.connections.proxy');
} else {
$proxySettings = null;
}
if (count($this->checkVarError)) {
$this->response->failure();
$this->response->data(array('errors' => $this->checkVarError));
} else {
if ($this->getParam($platform . "_is_enabled")) {
$os = new OpenStack(new OpenStackConfig($pars[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL], 'fake-region', $pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY], null, null, $pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD], $pars[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION], $proxySettings));
//It throws an exception on failure
$zones = $os->listZones();
$zone = array_shift($zones);
$os = new OpenStack(new OpenStackConfig($pars[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL], $zone->name, $pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY], null, null, $pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD], $pars[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION], $proxySettings));
// Check SG Extension
$pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_SECURITYGROUPS_ENABLED] = (int) $os->servers->isExtensionSupported(ServersExtension::securityGroups());
// Check Floating Ips Extension
$pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_FLOATING_IPS_ENABLED] = (int) $os->servers->isExtensionSupported(ServersExtension::floatingIps());
// Check Cinder Extension
$pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_CINDER_ENABLED] = (int) $os->hasService('volume');
// Check Swift Extension
$pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_SWIFT_ENABLED] = (int) $os->hasService('object-store');
// Check LBaas Extension
$pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_LBAAS_ENABLED] = !in_array($platform, array(SERVER_PLATFORMS::RACKSPACENG_US, SERVER_PLATFORMS::RACKSPACENG_UK)) && $os->hasService('network') ? (int) $os->network->isExtensionSupported('lbaas') : 0;
}
$this->db->BeginTrans();
try {
$this->env->enablePlatform($platform, $enabled);
if ($enabled) {
$this->makeCloudCredentials($platform, $pars);
if ($this->getContainer()->analytics->enabled && ($bNew || $oldUrl !== $pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL])) {
$this->getContainer()->analytics->notifications->onCloudAdd($platform, $this->env, $this->user);
}
}
if (!$this->user->getAccount()->getSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED)) {
$this->user->getAccount()->setSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED, time());
}
$this->response->success('Cloud credentials have been ' . ($enabled ? 'saved' : 'removed from Scalr'));
$this->response->data(array('enabled' => $enabled));
} catch (Exception $e) {
$this->db->RollbackTrans();
throw new Exception(_('Failed to save ' . ucfirst($platform) . ' settings'));
}
$this->db->CommitTrans();
}
}
/**
* @test
*/
public function testGetAvailableServices()
{
$avail = OpenStack::getAvailableServices();
$this->assertNotEmpty($avail);
$this->assertInternalType('array', $avail);
$this->assertArrayHasKey('servers', $avail);
$this->assertArrayNotHasKey('abstract', $avail);
}
private function hasOpenStackNetworkSecurityGroupExtension(OpenStack $openstack)
{
return $openstack->hasService(OpenStack::SERVICE_NETWORK) && $openstack->network->isExtensionSupported(NetworkExtension::securityGroup());
}
private function GetServerSecurityGroupsList(DBServer $DBServer, OpenStack $osClient, \Scalr_Governance $governance = null)
{
$retval = $sgroups = $sgroupIds = $checkGroups = [];
$sgGovernance = false;
$allowAdditionalSgs = true;
if ($governance) {
$sgs = $governance->getValue($DBServer->platform, \Scalr_Governance::OPENSTACK_SECURITY_GROUPS);
if ($sgs !== null) {
$governanceSecurityGroups = @explode(",", $sgs);
if (!empty($governanceSecurityGroups)) {
foreach ($governanceSecurityGroups as $sg) {
if ($sg != '') {
array_push($checkGroups, trim($sg));
}
}
}
if (!empty($checkGroups)) {
$sgGovernance = true;
}
$allowAdditionalSgs = $governance->getValue($DBServer->platform, \Scalr_Governance::OPENSTACK_SECURITY_GROUPS, 'allow_additional_sec_groups');
}
}
if (!$sgGovernance || $allowAdditionalSgs) {
if ($DBServer->farmRoleId != 0) {
$dbFarmRole = $DBServer->GetFarmRoleObject();
if ($dbFarmRole->GetSetting(Entity\FarmRoleSetting::OPENSTACK_SECURITY_GROUPS_LIST) !== null) {
// New SG management
$sgs = @json_decode($dbFarmRole->GetSetting(Entity\FarmRoleSetting::OPENSTACK_SECURITY_GROUPS_LIST));
if (!empty($sgs)) {
foreach ($sgs as $sg) {
array_push($checkGroups, $sg);
}
}
} else {
// Old SG management
array_push($checkGroups, 'default');
array_push($checkGroups, \Scalr::config('scalr.aws.security_group_name'));
}
} else {
array_push($checkGroups, 'scalr-rb-system');
}
}
try {
$list = $osClient->listSecurityGroups();
do {
foreach ($list as $sg) {
$sgroups[strtolower($sg->name)] = $sg;
$sgroupIds[strtolower($sg->id)] = $sg;
}
if ($list instanceof PaginationInterface) {
$list = $list->getNextPage();
} else {
$list = false;
}
} while ($list !== false);
unset($list);
} catch (\Exception $e) {
throw new \Exception("GetServerSecurityGroupsList failed: {$e->getMessage()}");
}
foreach ($checkGroups as $groupName) {
if (preg_match('/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i', $groupName)) {
if (isset($sgroupIds[strtolower($groupName)])) {
$groupName = $sgroupIds[$groupName]->name;
} else {
throw new \Exception(sprintf(_("Security group '%s' is not found (1)"), $groupName));
}
} elseif (preg_match('/^\\d+$/', $groupName)) {
// In openstack IceHouse, SG ID is integer and not UUID
if (isset($sgroupIds[strtolower($groupName)])) {
$groupName = $sgroupIds[$groupName]->name;
} else {
throw new \Exception(sprintf(_("Security group '%s' is not found (1)"), $groupName));
}
}
if ($groupName == 'default') {
// Check default SG
array_push($retval, $groupName);
} elseif ($groupName == 'scalr-rb-system' || $groupName == \Scalr::config('scalr.aws.security_group_name')) {
// Check Roles builder SG
if (!isset($sgroups[strtolower($groupName)])) {
try {
$group = $osClient->createSecurityGroup($groupName, _("Scalr system security group"));
$groupId = $group->id;
} catch (\Exception $e) {
throw new \Exception("GetServerSecurityGroupsList failed on scalr.ip-pool: {$e->getMessage()}");
}
$r = new CreateSecurityGroupRule($groupId);
$r->direction = 'ingress';
$r->protocol = 'tcp';
$r->port_range_min = 1;
$r->port_range_max = 65535;
$r->remote_ip_prefix = "0.0.0.0/0";
$res = $osClient->createSecurityGroupRule($r);
$r = new CreateSecurityGroupRule($groupId);
$r->direction = 'ingress';
$r->protocol = 'udp';
$r->port_range_min = 1;
$r->port_range_max = 65535;
$r->remote_ip_prefix = "0.0.0.0/0";
$res = $osClient->createSecurityGroupRule($r);
}
array_push($retval, $groupName);
} else {
if (!isset($sgroups[strtolower($groupName)])) {
throw new \Exception(sprintf(_("Security group '%s' is not found (2)"), $groupName));
} else {
array_push($retval, $groupName);
}
}
}
return $retval;
}
/**
* Gets the query string for the fields
*
* @param array $fields The fields list looks like (fild1, field2, .. or fieldN => uriParameterAlias)
* @return string Returns the query string
*/
protected function _getQueryStringForFields(array $fields = null)
{
$str = '';
$reflProperties = $this->_getReflectionProperties();
if ($fields === null) {
//Trying to determine fields from reflection class
$fields = array();
foreach ($reflProperties as $prop) {
$fields[$prop->getName()] = OpenStack::decamelize($prop->getName());
}
}
foreach ($fields as $index => $prop) {
if (!is_numeric($index)) {
$uriProp = $prop;
$prop = $index;
} else {
$uriProp = $prop;
}
if (!isset($reflProperties[$prop])) {
continue;
}
$refProp = $reflProperties[$prop];
$value = $refProp->getValue($this);
if ($value !== null) {
if (is_array($value) || $value instanceof \Traversable) {
foreach ($value as $v) {
if ($v instanceof \DateTime) {
$v = $v->format('c');
}
$str .= '&' . $uriProp . '=' . rawurlencode((string) $v);
}
} else {
if ($value instanceof \DateTime) {
$value = $value->format('c');
}
$str .= '&' . $uriProp . '=' . rawurlencode((string) $value);
}
}
unset($uriProp);
}
return $str;
}
/**
* @param Entity\CloudCredentials $entity
* @param Entity\CloudCredentials $prevConfig
*/
public function validateEntity($entity, $prevConfig = null)
{
parent::validateEntity($entity, $prevConfig);
$ccProps = $entity->properties;
$prevCcProps = isset($prevConfig) ? $prevConfig->properties : null;
if ($this->needValidation($ccProps, $prevCcProps)) {
if (empty($ccProps[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL])) {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_VALUE, "Missed property keystoneUrl");
}
/* @var $config Yaml */
$config = $this->controller->getContainer()->config;
if ($config->defined("scalr.{$entity->cloud}.use_proxy") && $config("scalr.{$entity->cloud}.use_proxy") && in_array($config('scalr.connections.proxy.use_on'), ['both', 'scalr'])) {
$proxySettings = $config('scalr.connections.proxy');
} else {
$proxySettings = null;
}
try {
$os = new OpenStack(new OpenStackConfig($ccProps[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME], $ccProps[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL], 'fake-region', $ccProps[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY], null, null, $ccProps[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD], $ccProps[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME], $ccProps[Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME], $ccProps[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION], $proxySettings));
//It throws an exception on failure
$zones = $os->listZones();
$zone = array_shift($zones);
$os = new OpenStack(new OpenStackConfig($ccProps[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME], $ccProps[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL], $zone->name, $ccProps[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY], null, null, $ccProps[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD], $ccProps[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME], $ccProps[Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME], $ccProps[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION], $proxySettings));
// Check SG Extension
$ccProps[Entity\CloudCredentialsProperty::OPENSTACK_EXT_SECURITYGROUPS_ENABLED] = (int) $os->servers->isExtensionSupported(ServersExtension::securityGroups());
// Check Floating Ips Extension
$ccProps[Entity\CloudCredentialsProperty::OPENSTACK_EXT_FLOATING_IPS_ENABLED] = (int) $os->servers->isExtensionSupported(ServersExtension::floatingIps());
// Check Cinder Extension
$ccProps[Entity\CloudCredentialsProperty::OPENSTACK_EXT_CINDER_ENABLED] = (int) $os->hasService('volume');
// Check Swift Extension
$ccProps[Entity\CloudCredentialsProperty::OPENSTACK_EXT_SWIFT_ENABLED] = (int) $os->hasService('object-store');
// Check LBaas Extension
$ccProps[Entity\CloudCredentialsProperty::OPENSTACK_EXT_LBAAS_ENABLED] = !in_array($entity->cloud, array(SERVER_PLATFORMS::RACKSPACENG_US, SERVER_PLATFORMS::RACKSPACENG_UK)) && $os->hasService('network') ? (int) $os->network->isExtensionSupported('lbaas') : 0;
} catch (Exception $e) {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_VALUE, "Failed to verify your Openstack credentials: {$e->getMessage()}");
}
$entity->status = Entity\CloudCredentials::STATUS_ENABLED;
}
}
$account->setSetting($k, $v);
}
try {
$db->Execute("INSERT INTO default_records SELECT null, '{$account->id}', type, ttl, priority, value, name FROM default_records WHERE clientid='0'");
} catch (Exception $e) {
$err['db'] = $e->getMessage();
}
try {
$retval = array('success' => true, 'account' => array('id' => $account->id, 'userId' => $user->id, 'password' => $password, 'envId' => $env->id, 'api_access_key' => $user->getSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY), 'api_secret_key' => $user->getSetting(Scalr_Account_User::SETTING_API_SECRET_KEY)));
//CONFIGURE OPENSTACK:
$pars[SERVER_PLATFORMS::ECS . "." . Modules_Platforms_Openstack::KEYSTONE_URL] = $_REQUEST['openstack_keystone_url'];
$pars[SERVER_PLATFORMS::ECS . "." . Modules_Platforms_Openstack::USERNAME] = $_REQUEST['openstack_username'];
$pars[SERVER_PLATFORMS::ECS . "." . Modules_Platforms_Openstack::PASSWORD] = $_REQUEST['openstack_password'];
$pars[SERVER_PLATFORMS::ECS . "." . Modules_Platforms_Openstack::TENANT_NAME] = $_REQUEST['openstack_tenant_name'];
$env->setPlatformConfig(array(SERVER_PLATFORMS::ECS . "." . Modules_Platforms_Openstack::AUTH_TOKEN => false));
$os = new OpenStack(new OpenStackConfig($pars[SERVER_PLATFORMS::ECS . "." . Modules_Platforms_Openstack::USERNAME], $pars[SERVER_PLATFORMS::ECS . "." . Modules_Platforms_Openstack::KEYSTONE_URL], 'fake-region', null, null, null, $pars[SERVER_PLATFORMS::ECS . "." . Modules_Platforms_Openstack::PASSWORD], $pars[SERVER_PLATFORMS::ECS . "." . Modules_Platforms_Openstack::TENANT_NAME]));
$os->listZones();
$env->enablePlatform(SERVER_PLATFORMS::ECS, true);
$env->setPlatformConfig($pars);
unset($env);
$env = Scalr_Environment::init()->loadById($envId);
\Scalr::getContainer()->environment = $env;
$osClient = $env->openstack(SERVER_PLATFORMS::ECS, 'ItalyMilano1');
// Get Public network
$networks = $osClient->network->listNetworks();
foreach ($networks as $network) {
if ($network->{"router:external"} == true) {
$publicNetworkId = $network->id;
}
}
if (!$publicNetworkId) {
private function saveOpenstack()
{
$pars = array();
$enabled = false;
$platform = $this->getParam('platform');
$bNew = !$this->env->isPlatformEnabled($platform);
if (!$bNew) {
$oldUrl = $this->env->getPlatformConfigValue($this->getOpenStackOption('KEYSTONE_URL'));
}
if ($this->getParam("{$platform}_is_enabled")) {
$enabled = true;
$pars[$this->getOpenStackOption('KEYSTONE_URL')] = trim($this->checkVar(OpenstackPlatformModule::KEYSTONE_URL, 'string', 'KeyStone URL required'));
$pars[$this->getOpenStackOption('SSL_VERIFYPEER')] = trim($this->checkVar(OpenstackPlatformModule::SSL_VERIFYPEER, 'int'));
$pars[$this->getOpenStackOption('USERNAME')] = $this->checkVar(OpenstackPlatformModule::USERNAME, 'string', 'Username required');
$pars[$this->getOpenStackOption('PASSWORD')] = $this->checkVar(OpenstackPlatformModule::PASSWORD, 'password', '', '', false, $platform);
$pars[$this->getOpenStackOption('API_KEY')] = $this->checkVar(OpenstackPlatformModule::API_KEY, 'string');
if ($platform == SERVER_PLATFORMS::ECS) {
$pars[$this->getOpenStackOption('TENANT_NAME')] = $this->checkVar(OpenstackPlatformModule::TENANT_NAME, 'password', '', '', false, $platform);
} else {
$pars[$this->getOpenStackOption('TENANT_NAME')] = $this->checkVar(OpenstackPlatformModule::TENANT_NAME, 'string');
}
if (empty($this->checkVarError) && empty($pars[$this->getOpenStackOption('PASSWORD')]) && empty($pars[$this->getOpenStackOption('API_KEY')])) {
$this->checkVarError['api_key'] = $this->checkVarError['password'] = '******';
}
}
if (count($this->checkVarError)) {
$this->response->failure();
$this->response->data(array('errors' => $this->checkVarError));
} else {
if ($this->getParam($platform . "_is_enabled")) {
$os = new OpenStack(new OpenStackConfig($pars[$this->getOpenStackOption('USERNAME')], $pars[$this->getOpenStackOption('KEYSTONE_URL')], 'fake-region', $pars[$this->getOpenStackOption('API_KEY')], null, null, $pars[$this->getOpenStackOption('PASSWORD')], $pars[$this->getOpenStackOption('TENANT_NAME')]));
//It throws an exception on failure
$zones = $os->listZones();
$zone = array_shift($zones);
$os = new OpenStack(new OpenStackConfig($pars[$this->getOpenStackOption('USERNAME')], $pars[$this->getOpenStackOption('KEYSTONE_URL')], $zone->name, $pars[$this->getOpenStackOption('API_KEY')], null, null, $pars[$this->getOpenStackOption('PASSWORD')], $pars[$this->getOpenStackOption('TENANT_NAME')]));
// Check SG Extension
$pars[$this->getOpenStackOption('EXT_SECURITYGROUPS_ENABLED')] = (int) $os->servers->isExtensionSupported(ServersExtension::securityGroups());
// Check Floating Ips Extension
$pars[$this->getOpenStackOption('EXT_FLOATING_IPS_ENABLED')] = (int) $os->servers->isExtensionSupported(ServersExtension::floatingIps());
// Check Cinder Extension
$pars[$this->getOpenStackOption('EXT_CINDER_ENABLED')] = (int) $os->hasService('volume');
// Check Swift Extension
$pars[$this->getOpenStackOption('EXT_SWIFT_ENABLED')] = (int) $os->hasService('object-store');
// Check LBaas Extension
$pars[$this->getOpenStackOption('EXT_LBAAS_ENABLED')] = $os->hasService('network') ? (int) $os->network->isExtensionSupported('lbaas') : 0;
}
$this->db->BeginTrans();
try {
$this->env->enablePlatform($platform, $enabled);
if ($enabled) {
$this->env->setPlatformConfig($pars);
if ($this->getContainer()->analytics->enabled && ($bNew || $oldUrl !== $pars[$this->getOpenStackOption('KEYSTONE_URL')])) {
$this->getContainer()->analytics->notifications->onCloudAdd($platform, $this->env, $this->user);
}
} else {
$this->env->setPlatformConfig(array("{$platform}." . OpenstackPlatformModule::AUTH_TOKEN => false));
}
if (!$this->user->getAccount()->getSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED)) {
$this->user->getAccount()->setSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED, time());
}
$this->response->success('Cloud credentials have been ' . ($enabled ? 'saved' : 'removed from Scalr'));
$this->response->data(array('enabled' => $enabled));
} catch (Exception $e) {
$this->db->RollbackTrans();
throw new Exception(_('Failed to save ' . ucfirst($platform) . ' settings'));
}
$this->db->CommitTrans();
}
}
