[ceph.git] / ceph / src / pybind / mgr / restful / module.py

"""
A RESTful API for Ceph
"""
from __future__ import absolute_import

import os
import json
import time
import errno
import inspect
import tempfile
import threading
import traceback
import six
import socket

from . import common
from . import context

from uuid import uuid4
from pecan import jsonify, make_app
from OpenSSL import crypto
from pecan.rest import RestController
from six import iteritems
from werkzeug.serving import make_server, make_ssl_devcert

from .hooks import ErrorHook
from mgr_module import MgrModule, CommandResult


class CannotServe(Exception):
    pass


class CommandsRequest(object):
    """
    This class handles parallel as well as sequential execution of
    commands. The class accept a list of iterables that should be
    executed sequentially. Each iterable can contain several commands
    that can be executed in parallel.

    Example:
    [[c1,c2],[c3,c4]]
     - run c1 and c2 in parallel
     - wait for them to finish
     - run c3 and c4 in parallel
     - wait for them to finish
    """


    def __init__(self, commands_arrays):
        self.id = str(id(self))

        # Filter out empty sub-requests
        commands_arrays = [x for x in commands_arrays
                           if len(x) != 0]

        self.running = []
        self.waiting = commands_arrays[1:]
        self.finished = []
        self.failed = []

        self.lock = threading.RLock()
        if not len(commands_arrays):
            # Nothing to run
            return

        # Process first iteration of commands_arrays in parallel
        results = self.run(commands_arrays[0])

        self.running.extend(results)


    def run(self, commands):
        """
        A static method that will execute the given list of commands in
        parallel and will return the list of command results.
        """

        # Gather the results (in parallel)
        results = []
        for index, command in enumerate(commands):
            tag = '%s:%s:%d' % (__name__, self.id, index)

            # Store the result
            result = CommandResult(tag)
            result.command = common.humanify_command(command)
            results.append(result)

            # Run the command
            context.instance.send_command(result, 'mon', '', json.dumps(command), tag)

        return results


    def next(self):
        with self.lock:
            if not self.waiting:
                # Nothing to run
                return

            # Run a next iteration of commands
            commands = self.waiting[0]
            self.waiting = self.waiting[1:]

            self.running.extend(self.run(commands))


    def finish(self, tag):
        with self.lock:
            for index in range(len(self.running)):
                if self.running[index].tag == tag:
                    if self.running[index].r == 0:
                        self.finished.append(self.running.pop(index))
                    else:
                        self.failed.append(self.running.pop(index))
                    return True

            # No such tag found
            return False


    def is_running(self, tag):
        for result in self.running:
            if result.tag == tag:
                return True
        return False


    def is_ready(self):
        with self.lock:
            return not self.running and self.waiting


    def is_waiting(self):
        return bool(self.waiting)


    def is_finished(self):
        with self.lock:
            return not self.running and not self.waiting


    def has_failed(self):
        return bool(self.failed)


    def get_state(self):
        with self.lock:
            if not self.is_finished():
                return "pending"

            if self.has_failed():
                return "failed"

            return "success"


    def __json__(self):
        return {
            'id': self.id,
            'running': map(
                lambda x: {
                    'command': x.command,
                    'outs': x.outs,
                    'outb': x.outb,
                },
                self.running
            ),
            'finished': map(
                lambda x: {
                    'command': x.command,
                    'outs': x.outs,
                    'outb': x.outb,
                },
                self.finished
            ),
            'waiting': map(
                lambda x: map(
                    lambda y: common.humanify_command(y),
                    x
                ),
                self.waiting
            ),
            'failed': map(
                lambda x: {
                    'command': x.command,
                    'outs': x.outs,
                    'outb': x.outb,
                },
                self.failed
            ),
            'is_waiting': self.is_waiting(),
            'is_finished': self.is_finished(),
            'has_failed': self.has_failed(),
            'state': self.get_state(),
        }


class Module(MgrModule):
    MODULE_OPTIONS = [
        {'name': 'server_addr'},
        {'name': 'server_port'},
        {'name': 'key_file'},
    ]

    COMMANDS = [
        {
            "cmd": "restful create-key name=key_name,type=CephString",
            "desc": "Create an API key with this name",
            "perm": "rw"
        },
        {
            "cmd": "restful delete-key name=key_name,type=CephString",
            "desc": "Delete an API key with this name",
            "perm": "rw"
        },
        {
            "cmd": "restful list-keys",
            "desc": "List all API keys",
            "perm": "r"
        },
        {
            "cmd": "restful create-self-signed-cert",
            "desc": "Create localized self signed certificate",
            "perm": "rw"
        },
        {
            "cmd": "restful restart",
            "desc": "Restart API server",
            "perm": "rw"
        },
    ]

    def __init__(self, *args, **kwargs):
        super(Module, self).__init__(*args, **kwargs)
        context.instance = self

        self.requests = []
        self.requests_lock = threading.RLock()

        self.keys = {}
        self.disable_auth = False

        self.server = None

        self.stop_server = False
        self.serve_event = threading.Event()


    def serve(self):
        while not self.stop_server:
            try:
                self._serve()
                self.server.socket.close()
            except CannotServe as cs:
                self.log.warn("server not running: %s", cs)
            except:
                self.log.error(str(traceback.format_exc()))

            # Wait and clear the threading event
            self.serve_event.wait()
            self.serve_event.clear()

    def refresh_keys(self):
        self.keys = {}
        rawkeys = self.get_store_prefix('keys/') or {}
        for k, v in six.iteritems(rawkeys):
            self.keys[k[5:]] = v  # strip of keys/ prefix

    def _serve(self):
        # Load stored authentication keys
        self.refresh_keys()

        jsonify._instance = jsonify.GenericJSON(
            sort_keys=True,
            indent=4,
            separators=(',', ': '),
        )

        server_addr = self.get_localized_module_option('server_addr', '::')
        if server_addr is None:
            raise CannotServe('no server_addr configured; try "ceph config-key set mgr/restful/server_addr <ip>"')

        server_port = int(self.get_localized_module_option('server_port', '8003'))
        self.log.info('server_addr: %s server_port: %d',
                      server_addr, server_port)

        cert = self.get_localized_store("crt")
        if cert is not None:
            cert_tmp = tempfile.NamedTemporaryFile()
            cert_tmp.write(cert.encode('utf-8'))
            cert_tmp.flush()
            cert_fname = cert_tmp.name
        else:
            cert_fname = self.get_localized_store('crt_file')

        pkey = self.get_localized_store("key")
        if pkey is not None:
            pkey_tmp = tempfile.NamedTemporaryFile()
            pkey_tmp.write(pkey.encode('utf-8'))
            pkey_tmp.flush()
            pkey_fname = pkey_tmp.name
        else:
            pkey_fname = self.get_localized_module_option('key_file')

        if not cert_fname or not pkey_fname:
            raise CannotServe('no certificate configured')
        if not os.path.isfile(cert_fname):
            raise CannotServe('certificate %s does not exist' % cert_fname)
        if not os.path.isfile(pkey_fname):
            raise CannotServe('private key %s does not exist' % pkey_fname)

        # Publish the URI that others may use to access the service we're
        # about to start serving
        self.set_uri("https://{0}:{1}/".format(
            socket.gethostname() if server_addr == "::" else server_addr,
            server_port
        ))

        # Create the HTTPS werkzeug server serving pecan app
        self.server = make_server(
            host=server_addr,
            port=server_port,
            app=make_app(
                root='restful.api.Root',
                hooks = [ErrorHook()],  # use a callable if pecan >= 0.3.2
            ),
            ssl_context=(cert_fname, pkey_fname),
        )

        self.server.serve_forever()


    def shutdown(self):
        try:
            self.stop_server = True
            if self.server:
                self.server.shutdown()
            self.serve_event.set()
        except:
            self.log.error(str(traceback.format_exc()))
            raise


    def restart(self):
        try:
            if self.server:
                self.server.shutdown()
            self.serve_event.set()
        except:
            self.log.error(str(traceback.format_exc()))


    def notify(self, notify_type, tag):
        try:
            self._notify(notify_type, tag)
        except:
            self.log.error(str(traceback.format_exc()))


    def _notify(self, notify_type, tag):
        if notify_type != "command":
            self.log.debug("Unhandled notification type '%s'", notify_type)
            return
        # we can safely skip all the sequential commands
        if tag == 'seq':
            return
        try:
            with self.requests_lock:
                request = next(x for x in self.requests if x.is_running(tag))
            request.finish(tag)
            if request.is_ready():
                request.next()
        except StopIteration:
            # the command was not issued by me
            pass


    def create_self_signed_cert(self):
        # create a key pair
        pkey = crypto.PKey()
        pkey.generate_key(crypto.TYPE_RSA, 2048)

        # create a self-signed cert
        cert = crypto.X509()
        cert.get_subject().O = "IT"
        cert.get_subject().CN = "ceph-restful"
        cert.set_serial_number(int(uuid4()))
        cert.gmtime_adj_notBefore(0)
        cert.gmtime_adj_notAfter(10*365*24*60*60)
        cert.set_issuer(cert.get_subject())
        cert.set_pubkey(pkey)
        cert.sign(pkey, 'sha512')

        return (
            crypto.dump_certificate(crypto.FILETYPE_PEM, cert),
            crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
        )


    def handle_command(self, inbuf, command):
        self.log.warn("Handling command: '%s'" % str(command))
        if command['prefix'] == "restful create-key":
            if command['key_name'] in self.keys:
                return 0, self.keys[command['key_name']], ""

            else:
                key = str(uuid4())
                self.keys[command['key_name']] = key
                self.set_store('keys/' + command['key_name'], key)

            return (
                0,
                self.keys[command['key_name']],
                "",
            )

        elif command['prefix'] == "restful delete-key":
            if command['key_name'] in self.keys:
                del self.keys[command['key_name']]
                self.set_store('keys/' + command['key_name'], None)

            return (
                0,
                "",
                "",
            )

        elif command['prefix'] == "restful list-keys":
            self.refresh_keys()
            return (
                0,
                json.dumps(self.keys, indent=2),
                "",
            )

        elif command['prefix'] == "restful create-self-signed-cert":
            cert, pkey = self.create_self_signed_cert()
            self.set_store(self.get_mgr_id() + '/crt', cert.decode('utf-8'))
            self.set_store(self.get_mgr_id() + '/key', pkey.decode('utf-8'))

            self.restart()
            return (
                0,
                "Restarting RESTful API server...",
                ""
            )

        elif command['prefix'] == 'restful restart':
            self.restart();
            return (
                0,
                "Restarting RESTful API server...",
                ""
            )

        else:
            return (
                -errno.EINVAL,
                "",
                "Command not found '{0}'".format(command['prefix'])
            )


    def get_doc_api(self, root, prefix=''):
        doc = {}
        for _obj in dir(root):
            obj = getattr(root, _obj)

            if isinstance(obj, RestController):
                doc.update(self.get_doc_api(obj, prefix + '/' + _obj))

        if getattr(root, '_lookup', None) and isinstance(root._lookup('0')[0], RestController):
            doc.update(self.get_doc_api(root._lookup('0')[0], prefix + '/<arg>'))

        prefix = prefix or '/'

        doc[prefix] = {}
        for method in 'get', 'post', 'patch', 'delete':
            if getattr(root, method, None):
                doc[prefix][method.upper()] = inspect.getdoc(getattr(root, method)).split('\n')

        if len(doc[prefix]) == 0:
            del doc[prefix]

        return doc


    def get_mons(self):
        mon_map_mons = self.get('mon_map')['mons']
        mon_status = json.loads(self.get('mon_status')['json'])

        # Add more information
        for mon in mon_map_mons:
            mon['in_quorum'] = mon['rank'] in mon_status['quorum']
            mon['server'] = self.get_metadata("mon", mon['name'])['hostname']
            mon['leader'] = mon['rank'] == mon_status['quorum'][0]

        return mon_map_mons


    def get_osd_pools(self):
        osds = dict(map(lambda x: (x['osd'], []), self.get('osd_map')['osds']))
        pools = dict(map(lambda x: (x['pool'], x), self.get('osd_map')['pools']))
        crush = self.get('osd_map_crush')
        crush_rules = crush['rules']

        osds_by_pool = {}
        for pool_id, pool in pools.items():
            pool_osds = None
            for rule in [r for r in crush_rules if r['rule_id'] == pool['crush_rule']]:
                if rule['min_size'] <= pool['size'] <= rule['max_size']:
                    pool_osds = common.crush_rule_osds(crush['buckets'], rule)

            osds_by_pool[pool_id] = pool_osds

        for pool_id in pools.keys():
            for in_pool_id in osds_by_pool[pool_id]:
                osds[in_pool_id].append(pool_id)

        return osds


    def get_osds(self, pool_id=None, ids=None):
        # Get data
        osd_map = self.get('osd_map')
        osd_metadata = self.get('osd_metadata')

        # Update the data with the additional info from the osd map
        osds = osd_map['osds']

        # Filter by osd ids
        if ids is not None:
            osds = [x for x in osds if str(x['osd']) in ids]

        # Get list of pools per osd node
        pools_map = self.get_osd_pools()

        # map osd IDs to reweight
        reweight_map = dict([
            (x.get('id'), x.get('reweight', None))
            for x in self.get('osd_map_tree')['nodes']
        ])

        # Build OSD data objects
        for osd in osds:
            osd['pools'] = pools_map[osd['osd']]
            osd['server'] = osd_metadata.get(str(osd['osd']), {}).get('hostname', None)

            osd['reweight'] = reweight_map.get(osd['osd'], 0.0)

            if osd['up']:
                osd['valid_commands'] = common.OSD_IMPLEMENTED_COMMANDS
            else:
                osd['valid_commands'] = []

        # Filter by pool
        if pool_id:
            pool_id = int(pool_id)
            osds = [x for x in osds if pool_id in x['pools']]

        return osds


    def get_osd_by_id(self, osd_id):
        osd = [x for x in self.get('osd_map')['osds']
               if x['osd'] == osd_id]

        if len(osd) != 1:
            return None

        return osd[0]


    def get_pool_by_id(self, pool_id):
        pool = [x for x in self.get('osd_map')['pools']
                if x['pool'] == pool_id]

        if len(pool) != 1:
            return None

        return pool[0]


    def submit_request(self, _request, **kwargs):
        with self.requests_lock:
            request = CommandsRequest(_request)
            self.requests.append(request)
        if kwargs.get('wait', 0):
            while not request.is_finished():
                time.sleep(0.001)
        return request


    def run_command(self, command):
        # tag with 'seq' so that we can ignore these in notify function
        result = CommandResult('seq')

        self.send_command(result, 'mon', '', json.dumps(command), 'seq')
        return result.wait()
Commit	Line	Data
31f18b77 FG	1	"""
	2	A RESTful API for Ceph
	3	"""
11fdf7f2	4	from __future__ import absolute_import
31f18b77 FG	5
	6	import os
	7	import json
	8	import time
	9	import errno
	10	import inspect
	11	import tempfile
	12	import threading
	13	import traceback
1adf2230	14	import six
3efd9988	15	import socket
31f18b77	16
11fdf7f2 TL	17	from . import common
11fdf7f2 TL	18	from . import context
31f18b77 FG	19
	20	from uuid import uuid4
	21	from pecan import jsonify, make_app
	22	from OpenSSL import crypto
	23	from pecan.rest import RestController
11fdf7f2	24	from six import iteritems
31f18b77 FG	25	from werkzeug.serving import make_server, make_ssl_devcert
31f18b77 FG	26
11fdf7f2	27	from .hooks import ErrorHook
31f18b77 FG	28	from mgr_module import MgrModule, CommandResult
31f18b77 FG	29
1adf2230	30
3efd9988 FG	31	class CannotServe(Exception):
	32	pass
	33
31f18b77 FG	34
	35	class CommandsRequest(object):
	36	"""
	37	This class handles parallel as well as sequential execution of
	38	commands. The class accept a list of iterables that should be
	39	executed sequentially. Each iterable can contain several commands
	40	that can be executed in parallel.
	41
	42	Example:
	43	[[c1,c2],[c3,c4]]
	44	- run c1 and c2 in parallel
	45	- wait for them to finish
	46	- run c3 and c4 in parallel
	47	- wait for them to finish
	48	"""
	49
	50
	51	def __init__(self, commands_arrays):
	52	self.id = str(id(self))
	53
	54	# Filter out empty sub-requests
1adf2230 AA	55	commands_arrays = [x for x in commands_arrays
1adf2230 AA	56	if len(x) != 0]
31f18b77 FG	57
	58	self.running = []
	59	self.waiting = commands_arrays[1:]
	60	self.finished = []
	61	self.failed = []
	62
	63	self.lock = threading.RLock()
	64	if not len(commands_arrays):
	65	# Nothing to run
	66	return
	67
	68	# Process first iteration of commands_arrays in parallel
	69	results = self.run(commands_arrays[0])
	70
	71	self.running.extend(results)
	72
	73
	74	def run(self, commands):
	75	"""
	76	A static method that will execute the given list of commands in
	77	parallel and will return the list of command results.
	78	"""
	79
	80	# Gather the results (in parallel)
	81	results = []
81eedcae	82	for index, command in enumerate(commands):
11fdf7f2	83	tag = '%s:%s:%d' % (__name__, self.id, index)
31f18b77 FG	84
	85	# Store the result
	86	result = CommandResult(tag)
81eedcae	87	result.command = common.humanify_command(command)
31f18b77 FG	88	results.append(result)
	89
	90	# Run the command
81eedcae	91	context.instance.send_command(result, 'mon', '', json.dumps(command), tag)
31f18b77 FG	92
	93	return results
	94
	95
	96	def next(self):
	97	with self.lock:
	98	if not self.waiting:
	99	# Nothing to run
	100	return
	101
	102	# Run a next iteration of commands
	103	commands = self.waiting[0]
	104	self.waiting = self.waiting[1:]
	105
	106	self.running.extend(self.run(commands))
	107
	108
	109	def finish(self, tag):
	110	with self.lock:
	111	for index in range(len(self.running)):
	112	if self.running[index].tag == tag:
	113	if self.running[index].r == 0:
	114	self.finished.append(self.running.pop(index))
	115	else:
	116	self.failed.append(self.running.pop(index))
	117	return True
	118
	119	# No such tag found
	120	return False
	121
	122
	123	def is_running(self, tag):
	124	for result in self.running:
	125	if result.tag == tag:
	126	return True
	127	return False
	128
	129
	130	def is_ready(self):
	131	with self.lock:
	132	return not self.running and self.waiting
	133
	134
	135	def is_waiting(self):
	136	return bool(self.waiting)
	137
	138
	139	def is_finished(self):
	140	with self.lock:
	141	return not self.running and not self.waiting
	142
	143
	144	def has_failed(self):
	145	return bool(self.failed)
	146
	147
	148	def get_state(self):
	149	with self.lock:
	150	if not self.is_finished():
	151	return "pending"
	152
	153	if self.has_failed():
	154	return "failed"
	155
156	return "success"
157
158
159	def __json__(self):
160	return {
161	'id': self.id,
162	'running': map(
163	lambda x: {
164	'command': x.command,
165	'outs': x.outs,
166	'outb': x.outb,
167	},
168	self.running
169	),
170	'finished': map(
171	lambda x: {
172	'command': x.command,
173	'outs': x.outs,
174	'outb': x.outb,
175	},
176	self.finished
177	),
178	'waiting': map(
28e407b8 AA	179	lambda x: map(
	180	lambda y: common.humanify_command(y),
	181	x
	182	),
31f18b77 FG	183	self.waiting
	184	),
	185	'failed': map(
	186	lambda x: {
	187	'command': x.command,
	188	'outs': x.outs,
	189	'outb': x.outb,
	190	},
	191	self.failed
	192	),
	193	'is_waiting': self.is_waiting(),
	194	'is_finished': self.is_finished(),
	195	'has_failed': self.has_failed(),
	196	'state': self.get_state(),
	197	}
	198
	199
	200
	201	class Module(MgrModule):
11fdf7f2 TL	202	MODULE_OPTIONS = [
	203	{'name': 'server_addr'},
	204	{'name': 'server_port'},
	205	{'name': 'key_file'},
	206	]
	207
31f18b77 FG	208	COMMANDS = [
	209	{
	210	"cmd": "restful create-key name=key_name,type=CephString",
	211	"desc": "Create an API key with this name",
	212	"perm": "rw"
	213	},
	214	{
	215	"cmd": "restful delete-key name=key_name,type=CephString",
	216	"desc": "Delete an API key with this name",
	217	"perm": "rw"
	218	},
	219	{
	220	"cmd": "restful list-keys",
	221	"desc": "List all API keys",
a8e16298	222	"perm": "r"
31f18b77 FG	223	},
	224	{
	225	"cmd": "restful create-self-signed-cert",
	226	"desc": "Create localized self signed certificate",
	227	"perm": "rw"
	228	},
	229	{
	230	"cmd": "restful restart",
	231	"desc": "Restart API server",
	232	"perm": "rw"
	233	},
	234	]
	235
	236	def __init__(self, args, *kwargs):
	237	super(Module, self).__init__(args, *kwargs)
11fdf7f2	238	context.instance = self
31f18b77 FG	239
	240	self.requests = []
	241	self.requests_lock = threading.RLock()
	242
	243	self.keys = {}
	244	self.disable_auth = False
	245
	246	self.server = None
	247
	248	self.stop_server = False
	249	self.serve_event = threading.Event()
	250
	251
	252	def serve(self):
	253	while not self.stop_server:
	254	try:
	255	self._serve()
	256	self.server.socket.close()
3efd9988	257	except CannotServe as cs:
1adf2230	258	self.log.warn("server not running: %s", cs)
31f18b77 FG	259	except:
	260	self.log.error(str(traceback.format_exc()))
	261
	262	# Wait and clear the threading event
	263	self.serve_event.wait()
	264	self.serve_event.clear()
	265
31f18b77 FG	266	def refresh_keys(self):
31f18b77 FG	267	self.keys = {}
11fdf7f2	268	rawkeys = self.get_store_prefix('keys/') or {}
1adf2230	269	for k, v in six.iteritems(rawkeys):
31f18b77 FG	270	self.keys[k[5:]] = v # strip of keys/ prefix
	271
	272	def _serve(self):
	273	# Load stored authentication keys
	274	self.refresh_keys()
	275
	276	jsonify._instance = jsonify.GenericJSON(
	277	sort_keys=True,
	278	indent=4,
	279	separators=(',', ': '),
	280	)
	281
11fdf7f2	282	server_addr = self.get_localized_module_option('server_addr', '::')
31f18b77	283	if server_addr is None:
3efd9988 FG	284	raise CannotServe('no server_addr configured; try "ceph config-key set mgr/restful/server_addr <ip>"')
3efd9988 FG	285
11fdf7f2	286	server_port = int(self.get_localized_module_option('server_port', '8003'))
31f18b77 FG	287	self.log.info('server_addr: %s server_port: %d',
	288	server_addr, server_port)
	289
11fdf7f2	290	cert = self.get_localized_store("crt")
31f18b77 FG	291	if cert is not None:
31f18b77 FG	292	cert_tmp = tempfile.NamedTemporaryFile()
1adf2230	293	cert_tmp.write(cert.encode('utf-8'))
31f18b77 FG	294	cert_tmp.flush()
	295	cert_fname = cert_tmp.name
	296	else:
11fdf7f2	297	cert_fname = self.get_localized_store('crt_file')
31f18b77	298
11fdf7f2	299	pkey = self.get_localized_store("key")
31f18b77 FG	300	if pkey is not None:
31f18b77 FG	301	pkey_tmp = tempfile.NamedTemporaryFile()
1adf2230	302	pkey_tmp.write(pkey.encode('utf-8'))
31f18b77 FG	303	pkey_tmp.flush()
	304	pkey_fname = pkey_tmp.name
	305	else:
11fdf7f2	306	pkey_fname = self.get_localized_module_option('key_file')
31f18b77 FG	307
31f18b77 FG	308	if not cert_fname or not pkey_fname:
3efd9988	309	raise CannotServe('no certificate configured')
31f18b77	310	if not os.path.isfile(cert_fname):
3efd9988	311	raise CannotServe('certificate %s does not exist' % cert_fname)
31f18b77	312	if not os.path.isfile(pkey_fname):
3efd9988 FG	313	raise CannotServe('private key %s does not exist' % pkey_fname)
	314
	315	# Publish the URI that others may use to access the service we're
	316	# about to start serving
	317	self.set_uri("https://{0}:{1}/".format(
	318	socket.gethostname() if server_addr == "::" else server_addr,
	319	server_port
	320	))
31f18b77 FG	321
	322	# Create the HTTPS werkzeug server serving pecan app
	323	self.server = make_server(
	324	host=server_addr,
	325	port=server_port,
	326	app=make_app(
	327	root='restful.api.Root',
	328	hooks = [ErrorHook()], # use a callable if pecan >= 0.3.2
	329	),
	330	ssl_context=(cert_fname, pkey_fname),
	331	)
	332
	333	self.server.serve_forever()
	334
	335
	336	def shutdown(self):
	337	try:
	338	self.stop_server = True
	339	if self.server:
	340	self.server.shutdown()
	341	self.serve_event.set()
	342	except:
	343	self.log.error(str(traceback.format_exc()))
	344	raise
	345
	346
	347	def restart(self):
	348	try:
	349	if self.server:
	350	self.server.shutdown()
	351	self.serve_event.set()
	352	except:
	353	self.log.error(str(traceback.format_exc()))
	354
	355
	356	def notify(self, notify_type, tag):
	357	try:
	358	self._notify(notify_type, tag)
	359	except:
	360	self.log.error(str(traceback.format_exc()))
	361
	362
	363	def _notify(self, notify_type, tag):
11fdf7f2 TL	364	if notify_type != "command":
	365	self.log.debug("Unhandled notification type '%s'", notify_type)
	366	return
	367	# we can safely skip all the sequential commands
	368	if tag == 'seq':
	369	return
	370	try:
f64942e4	371	with self.requests_lock:
11fdf7f2	372	request = next(x for x in self.requests if x.is_running(tag))
31f18b77 FG	373	request.finish(tag)
	374	if request.is_ready():
	375	request.next()
11fdf7f2 TL	376	except StopIteration:
	377	# the command was not issued by me
	378	pass
31f18b77 FG	379
	380
	381	def create_self_signed_cert(self):
	382	# create a key pair
	383	pkey = crypto.PKey()
	384	pkey.generate_key(crypto.TYPE_RSA, 2048)
	385
	386	# create a self-signed cert
	387	cert = crypto.X509()
	388	cert.get_subject().O = "IT"
	389	cert.get_subject().CN = "ceph-restful"
	390	cert.set_serial_number(int(uuid4()))
	391	cert.gmtime_adj_notBefore(0)
	392	cert.gmtime_adj_notAfter(10365246060)
	393	cert.set_issuer(cert.get_subject())
	394	cert.set_pubkey(pkey)
	395	cert.sign(pkey, 'sha512')
	396
	397	return (
	398	crypto.dump_certificate(crypto.FILETYPE_PEM, cert),
	399	crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
	400	)
	401
	402
11fdf7f2	403	def handle_command(self, inbuf, command):
31f18b77 FG	404	self.log.warn("Handling command: '%s'" % str(command))
	405	if command['prefix'] == "restful create-key":
	406	if command['key_name'] in self.keys:
	407	return 0, self.keys[command['key_name']], ""
	408
	409	else:
	410	key = str(uuid4())
	411	self.keys[command['key_name']] = key
11fdf7f2	412	self.set_store('keys/' + command['key_name'], key)
31f18b77 FG	413
	414	return (
	415	0,
	416	self.keys[command['key_name']],
	417	"",
	418	)
	419
	420	elif command['prefix'] == "restful delete-key":
	421	if command['key_name'] in self.keys:
	422	del self.keys[command['key_name']]
11fdf7f2	423	self.set_store('keys/' + command['key_name'], None)
31f18b77 FG	424
	425	return (
	426	0,
	427	"",
	428	"",
	429	)
	430
	431	elif command['prefix'] == "restful list-keys":
	432	self.refresh_keys()
	433	return (
	434	0,
	435	json.dumps(self.keys, indent=2),
	436	"",
	437	)
	438
	439	elif command['prefix'] == "restful create-self-signed-cert":
	440	cert, pkey = self.create_self_signed_cert()
11fdf7f2 TL	441	self.set_store(self.get_mgr_id() + '/crt', cert.decode('utf-8'))
11fdf7f2 TL	442	self.set_store(self.get_mgr_id() + '/key', pkey.decode('utf-8'))
31f18b77 FG	443
	444	self.restart()
	445	return (
	446	0,
	447	"Restarting RESTful API server...",
	448	""
	449	)
	450
	451	elif command['prefix'] == 'restful restart':
	452	self.restart();
	453	return (
	454	0,
	455	"Restarting RESTful API server...",
	456	""
	457	)
	458
	459	else:
	460	return (
	461	-errno.EINVAL,
	462	"",
	463	"Command not found '{0}'".format(command['prefix'])
	464	)
	465
	466
	467	def get_doc_api(self, root, prefix=''):
	468	doc = {}
	469	for _obj in dir(root):
	470	obj = getattr(root, _obj)
	471
	472	if isinstance(obj, RestController):
	473	doc.update(self.get_doc_api(obj, prefix + '/' + _obj))
	474
	475	if getattr(root, '_lookup', None) and isinstance(root._lookup('0')[0], RestController):
	476	doc.update(self.get_doc_api(root._lookup('0')[0], prefix + '/<arg>'))
	477
	478	prefix = prefix or '/'
	479
	480	doc[prefix] = {}
	481	for method in 'get', 'post', 'patch', 'delete':
	482	if getattr(root, method, None):
	483	doc[prefix][method.upper()] = inspect.getdoc(getattr(root, method)).split('\n')
	484
	485	if len(doc[prefix]) == 0:
	486	del doc[prefix]
	487
	488	return doc
	489
	490
	491	def get_mons(self):
	492	mon_map_mons = self.get('mon_map')['mons']
	493	mon_status = json.loads(self.get('mon_status')['json'])
	494
	495	# Add more information
	496	for mon in mon_map_mons:
	497	mon['in_quorum'] = mon['rank'] in mon_status['quorum']
	498	mon['server'] = self.get_metadata("mon", mon['name'])['hostname']
	499	mon['leader'] = mon['rank'] == mon_status['quorum'][0]
	500
	501	return mon_map_mons
	502
	503
	504	def get_osd_pools(self):
	505	osds = dict(map(lambda x: (x['osd'], []), self.get('osd_map')['osds']))
	506	pools = dict(map(lambda x: (x['pool'], x), self.get('osd_map')['pools']))
a8e16298 TL	507	crush = self.get('osd_map_crush')
a8e16298 TL	508	crush_rules = crush['rules']
31f18b77 FG	509
	510	osds_by_pool = {}
	511	for pool_id, pool in pools.items():
	512	pool_osds = None
	513	for rule in [r for r in crush_rules if r['rule_id'] == pool['crush_rule']]:
	514	if rule['min_size'] <= pool['size'] <= rule['max_size']:
a8e16298	515	pool_osds = common.crush_rule_osds(crush['buckets'], rule)
31f18b77 FG	516
	517	osds_by_pool[pool_id] = pool_osds
	518
	519	for pool_id in pools.keys():
	520	for in_pool_id in osds_by_pool[pool_id]:
	521	osds[in_pool_id].append(pool_id)
	522
	523	return osds
	524
	525
	526	def get_osds(self, pool_id=None, ids=None):
	527	# Get data
	528	osd_map = self.get('osd_map')
	529	osd_metadata = self.get('osd_metadata')
	530
	531	# Update the data with the additional info from the osd map
	532	osds = osd_map['osds']
	533
	534	# Filter by osd ids
	535	if ids is not None:
1adf2230	536	osds = [x for x in osds if str(x['osd']) in ids]
31f18b77 FG	537
	538	# Get list of pools per osd node
	539	pools_map = self.get_osd_pools()
	540
	541	# map osd IDs to reweight
	542	reweight_map = dict([
	543	(x.get('id'), x.get('reweight', None))
	544	for x in self.get('osd_map_tree')['nodes']
	545	])
	546
	547	# Build OSD data objects
	548	for osd in osds:
	549	osd['pools'] = pools_map[osd['osd']]
	550	osd['server'] = osd_metadata.get(str(osd['osd']), {}).get('hostname', None)
	551
	552	osd['reweight'] = reweight_map.get(osd['osd'], 0.0)
	553
	554	if osd['up']:
	555	osd['valid_commands'] = common.OSD_IMPLEMENTED_COMMANDS
	556	else:
	557	osd['valid_commands'] = []
	558
	559	# Filter by pool
	560	if pool_id:
	561	pool_id = int(pool_id)
1adf2230	562	osds = [x for x in osds if pool_id in x['pools']]
31f18b77 FG	563
	564	return osds
	565
	566
	567	def get_osd_by_id(self, osd_id):
1adf2230 AA	568	osd = [x for x in self.get('osd_map')['osds']
1adf2230 AA	569	if x['osd'] == osd_id]
31f18b77 FG	570
	571	if len(osd) != 1:
	572	return None
	573
	574	return osd[0]
	575
	576
	577	def get_pool_by_id(self, pool_id):
1adf2230 AA	578	pool = [x for x in self.get('osd_map')['pools']
1adf2230 AA	579	if x['pool'] == pool_id]
31f18b77 FG	580
	581	if len(pool) != 1:
	582	return None
	583
	584	return pool[0]
	585
	586
	587	def submit_request(self, _request, **kwargs):
31f18b77	588	with self.requests_lock:
f64942e4	589	request = CommandsRequest(_request)
31f18b77 FG	590	self.requests.append(request)
	591	if kwargs.get('wait', 0):
	592	while not request.is_finished():
	593	time.sleep(0.001)
	594	return request
	595
	596
	597	def run_command(self, command):
11fdf7f2	598	# tag with 'seq' so that we can ignore these in notify function
31f18b77 FG	599	result = CommandResult('seq')
	600
	601	self.send_command(result, 'mon', '', json.dumps(command), 'seq')
	602	return result.wait()