[ceph.git] / ceph / src / pybind / mgr / restful / module.py

"""
A RESTful API for Ceph
"""

import os
import json
import time
import errno
import inspect
import tempfile
import threading
import traceback
import socket

import common

from uuid import uuid4
from pecan import jsonify, make_app
from OpenSSL import crypto
from pecan.rest import RestController
from werkzeug.serving import make_server, make_ssl_devcert

from hooks import ErrorHook
from mgr_module import MgrModule, CommandResult

# Global instance to share
instance = None


class CannotServe(Exception):
    pass


class CommandsRequest(object):
    """
    This class handles parallel as well as sequential execution of
    commands. The class accept a list of iterables that should be
    executed sequentially. Each iterable can contain several commands
    that can be executed in parallel.

    Example:
    [[c1,c2],[c3,c4]]
     - run c1 and c2 in parallel
     - wait for them to finish
     - run c3 and c4 in parallel
     - wait for them to finish
    """


    def __init__(self, commands_arrays):
        self.id = str(id(self))

        # Filter out empty sub-requests
        commands_arrays = filter(
            lambda x: len(x) != 0,
            commands_arrays,
        )

        self.running = []
        self.waiting = commands_arrays[1:]
        self.finished = []
        self.failed = []

        self.lock = threading.RLock()
        if not len(commands_arrays):
            # Nothing to run
            return

        # Process first iteration of commands_arrays in parallel
        results = self.run(commands_arrays[0])

        self.running.extend(results)


    def run(self, commands):
        """
        A static method that will execute the given list of commands in
        parallel and will return the list of command results.
        """

        # Gather the results (in parallel)
        results = []
        for index in range(len(commands)):
            tag = '%s:%d' % (str(self.id), index)

            # Store the result
            result = CommandResult(tag)
            result.command = common.humanify_command(commands[index])
            results.append(result)

            # Run the command
            instance.send_command(result, 'mon', '', json.dumps(commands[index]), tag)

        return results


    def next(self):
        with self.lock:
            if not self.waiting:
                # Nothing to run
                return

            # Run a next iteration of commands
            commands = self.waiting[0]
            self.waiting = self.waiting[1:]

            self.running.extend(self.run(commands))


    def finish(self, tag):
        with self.lock:
            for index in range(len(self.running)):
                if self.running[index].tag == tag:
                    if self.running[index].r == 0:
                        self.finished.append(self.running.pop(index))
                    else:
                        self.failed.append(self.running.pop(index))
                    return True

            # No such tag found
            return False


    def is_running(self, tag):
        for result in self.running:
            if result.tag == tag:
                return True
        return False


    def is_ready(self):
        with self.lock:
            return not self.running and self.waiting


    def is_waiting(self):
        return bool(self.waiting)


    def is_finished(self):
        with self.lock:
            return not self.running and not self.waiting


    def has_failed(self):
        return bool(self.failed)


    def get_state(self):
        with self.lock:
            if not self.is_finished():
                return "pending"

            if self.has_failed():
                return "failed"

            return "success"


    def __json__(self):
        return {
            'id': self.id,
            'running': map(
                lambda x: {
                    'command': x.command,
                    'outs': x.outs,
                    'outb': x.outb,
                },
                self.running
            ),
            'finished': map(
                lambda x: {
                    'command': x.command,
                    'outs': x.outs,
                    'outb': x.outb,
                },
                self.finished
            ),
            'waiting': map(
                lambda x: map(
                    lambda y: common.humanify_command(y),
                    x
                ),
                self.waiting
            ),
            'failed': map(
                lambda x: {
                    'command': x.command,
                    'outs': x.outs,
                    'outb': x.outb,
                },
                self.failed
            ),
            'is_waiting': self.is_waiting(),
            'is_finished': self.is_finished(),
            'has_failed': self.has_failed(),
            'state': self.get_state(),
        }


class Module(MgrModule):
    COMMANDS = [
        {
            "cmd": "restful create-key name=key_name,type=CephString",
            "desc": "Create an API key with this name",
            "perm": "rw"
        },
        {
            "cmd": "restful delete-key name=key_name,type=CephString",
            "desc": "Delete an API key with this name",
            "perm": "rw"
        },
        {
            "cmd": "restful list-keys",
            "desc": "List all API keys",
            "perm": "rw"
        },
        {
            "cmd": "restful create-self-signed-cert",
            "desc": "Create localized self signed certificate",
            "perm": "rw"
        },
        {
            "cmd": "restful restart",
            "desc": "Restart API server",
            "perm": "rw"
        },
    ]

    def __init__(self, *args, **kwargs):
        super(Module, self).__init__(*args, **kwargs)
        global instance
        instance = self

        self.requests = []
        self.requests_lock = threading.RLock()

        self.keys = {}
        self.disable_auth = False

        self.server = None

        self.stop_server = False
        self.serve_event = threading.Event()


    def serve(self):
        while not self.stop_server:
            try:
                self._serve()
                self.server.socket.close()
            except CannotServe as cs:
                self.log.warn("server not running: {0}".format(cs.message))
            except:
                self.log.error(str(traceback.format_exc()))

            # Wait and clear the threading event
            self.serve_event.wait()
            self.serve_event.clear()

    def refresh_keys(self):
        self.keys = {}
        rawkeys = self.get_config_prefix('keys/') or {}
        for k, v in rawkeys.iteritems():
            self.keys[k[5:]] = v  # strip of keys/ prefix

    def _serve(self):
        # Load stored authentication keys
        self.refresh_keys()

        jsonify._instance = jsonify.GenericJSON(
            sort_keys=True,
            indent=4,
            separators=(',', ': '),
        )

        server_addr = self.get_localized_config('server_addr', '::')
        if server_addr is None:
            raise CannotServe('no server_addr configured; try "ceph config-key set mgr/restful/server_addr <ip>"')

        server_port = int(self.get_localized_config('server_port', '8003'))
        self.log.info('server_addr: %s server_port: %d',
                      server_addr, server_port)

        cert = self.get_localized_config("crt")
        if cert is not None:
            cert_tmp = tempfile.NamedTemporaryFile()
            cert_tmp.write(cert)
            cert_tmp.flush()
            cert_fname = cert_tmp.name
        else:
            cert_fname = self.get_localized_config('crt_file')

        pkey = self.get_localized_config("key")
        if pkey is not None:
            pkey_tmp = tempfile.NamedTemporaryFile()
            pkey_tmp.write(pkey)
            pkey_tmp.flush()
            pkey_fname = pkey_tmp.name
        else:
            pkey_fname = self.get_localized_config('key_file')

        if not cert_fname or not pkey_fname:
            raise CannotServe('no certificate configured')
        if not os.path.isfile(cert_fname):
            raise CannotServe('certificate %s does not exist' % cert_fname)
        if not os.path.isfile(pkey_fname):
            raise CannotServe('private key %s does not exist' % pkey_fname)

        # Publish the URI that others may use to access the service we're
        # about to start serving
        self.set_uri("https://{0}:{1}/".format(
            socket.gethostname() if server_addr == "::" else server_addr,
            server_port
        ))

        # Create the HTTPS werkzeug server serving pecan app
        self.server = make_server(
            host=server_addr,
            port=server_port,
            app=make_app(
                root='restful.api.Root',
                hooks = [ErrorHook()],  # use a callable if pecan >= 0.3.2
            ),
            ssl_context=(cert_fname, pkey_fname),
        )

        self.server.serve_forever()


    def shutdown(self):
        try:
            self.stop_server = True
            if self.server:
                self.server.shutdown()
            self.serve_event.set()
        except:
            self.log.error(str(traceback.format_exc()))
            raise


    def restart(self):
        try:
            if self.server:
                self.server.shutdown()
            self.serve_event.set()
        except:
            self.log.error(str(traceback.format_exc()))


    def notify(self, notify_type, tag):
        try:
            self._notify(notify_type, tag)
        except:
            self.log.error(str(traceback.format_exc()))


    def _notify(self, notify_type, tag):
        if notify_type == "command":
            # we can safely skip all the sequential commands
            if tag == 'seq':
                return

            request = filter(
                lambda x: x.is_running(tag),
                self.requests)

            if len(request) != 1:
                self.log.warn("Unknown request '%s'" % str(tag))
                return

            request = request[0]
            request.finish(tag)
            if request.is_ready():
                request.next()
        else:
            self.log.debug("Unhandled notification type '%s'" % notify_type)


    def create_self_signed_cert(self):
        # create a key pair
        pkey = crypto.PKey()
        pkey.generate_key(crypto.TYPE_RSA, 2048)

        # create a self-signed cert
        cert = crypto.X509()
        cert.get_subject().O = "IT"
        cert.get_subject().CN = "ceph-restful"
        cert.set_serial_number(int(uuid4()))
        cert.gmtime_adj_notBefore(0)
        cert.gmtime_adj_notAfter(10*365*24*60*60)
        cert.set_issuer(cert.get_subject())
        cert.set_pubkey(pkey)
        cert.sign(pkey, 'sha512')

        return (
            crypto.dump_certificate(crypto.FILETYPE_PEM, cert),
            crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
        )


    def handle_command(self, command):
        self.log.warn("Handling command: '%s'" % str(command))
        if command['prefix'] == "restful create-key":
            if command['key_name'] in self.keys:
                return 0, self.keys[command['key_name']], ""

            else:
                key = str(uuid4())
                self.keys[command['key_name']] = key
                self.set_config('keys/' + command['key_name'], key)

            return (
                0,
                self.keys[command['key_name']],
                "",
            )

        elif command['prefix'] == "restful delete-key":
            if command['key_name'] in self.keys:
                del self.keys[command['key_name']]
                self.set_config('keys/' + command['key_name'], None)

            return (
                0,
                "",
                "",
            )

        elif command['prefix'] == "restful list-keys":
            self.refresh_keys()
            return (
                0,
                json.dumps(self.keys, indent=2),
                "",
            )

        elif command['prefix'] == "restful create-self-signed-cert":
            cert, pkey = self.create_self_signed_cert()

            self.set_config(self.get_mgr_id() + '/crt', cert)
            self.set_config(self.get_mgr_id() + '/key', pkey)

            self.restart()
            return (
                0,
                "Restarting RESTful API server...",
                ""
            )

        elif command['prefix'] == 'restful restart':
            self.restart();
            return (
                0,
                "Restarting RESTful API server...",
                ""
            )

        else:
            return (
                -errno.EINVAL,
                "",
                "Command not found '{0}'".format(command['prefix'])
            )


    def get_doc_api(self, root, prefix=''):
        doc = {}
        for _obj in dir(root):
            obj = getattr(root, _obj)

            if isinstance(obj, RestController):
                doc.update(self.get_doc_api(obj, prefix + '/' + _obj))

        if getattr(root, '_lookup', None) and isinstance(root._lookup('0')[0], RestController):
            doc.update(self.get_doc_api(root._lookup('0')[0], prefix + '/<arg>'))

        prefix = prefix or '/'

        doc[prefix] = {}
        for method in 'get', 'post', 'patch', 'delete':
            if getattr(root, method, None):
                doc[prefix][method.upper()] = inspect.getdoc(getattr(root, method)).split('\n')

        if len(doc[prefix]) == 0:
            del doc[prefix]

        return doc


    def get_mons(self):
        mon_map_mons = self.get('mon_map')['mons']
        mon_status = json.loads(self.get('mon_status')['json'])

        # Add more information
        for mon in mon_map_mons:
            mon['in_quorum'] = mon['rank'] in mon_status['quorum']
            mon['server'] = self.get_metadata("mon", mon['name'])['hostname']
            mon['leader'] = mon['rank'] == mon_status['quorum'][0]

        return mon_map_mons


    def get_osd_pools(self):
        osds = dict(map(lambda x: (x['osd'], []), self.get('osd_map')['osds']))
        pools = dict(map(lambda x: (x['pool'], x), self.get('osd_map')['pools']))
        crush_rules = self.get('osd_map_crush')['rules']

        osds_by_pool = {}
        for pool_id, pool in pools.items():
            pool_osds = None
            for rule in [r for r in crush_rules if r['rule_id'] == pool['crush_rule']]:
                if rule['min_size'] <= pool['size'] <= rule['max_size']:
                    pool_osds = common.crush_rule_osds(self.get('osd_map_tree')['nodes'], rule)

            osds_by_pool[pool_id] = pool_osds

        for pool_id in pools.keys():
            for in_pool_id in osds_by_pool[pool_id]:
                osds[in_pool_id].append(pool_id)

        return osds


    def get_osds(self, pool_id=None, ids=None):
        # Get data
        osd_map = self.get('osd_map')
        osd_metadata = self.get('osd_metadata')

        # Update the data with the additional info from the osd map
        osds = osd_map['osds']

        # Filter by osd ids
        if ids is not None:
            osds = filter(
                lambda x: str(x['osd']) in ids,
                osds
            )

        # Get list of pools per osd node
        pools_map = self.get_osd_pools()

        # map osd IDs to reweight
        reweight_map = dict([
            (x.get('id'), x.get('reweight', None))
            for x in self.get('osd_map_tree')['nodes']
        ])

        # Build OSD data objects
        for osd in osds:
            osd['pools'] = pools_map[osd['osd']]
            osd['server'] = osd_metadata.get(str(osd['osd']), {}).get('hostname', None)

            osd['reweight'] = reweight_map.get(osd['osd'], 0.0)

            if osd['up']:
                osd['valid_commands'] = common.OSD_IMPLEMENTED_COMMANDS
            else:
                osd['valid_commands'] = []

        # Filter by pool
        if pool_id:
            pool_id = int(pool_id)
            osds = filter(
                lambda x: pool_id in x['pools'],
                osds
            )

        return osds


    def get_osd_by_id(self, osd_id):
        osd = filter(
            lambda x: x['osd'] == osd_id,
            self.get('osd_map')['osds']
        )

        if len(osd) != 1:
            return None

        return osd[0]


    def get_pool_by_id(self, pool_id):
        pool = filter(
            lambda x: x['pool'] == pool_id,
            self.get('osd_map')['pools'],
        )

        if len(pool) != 1:
            return None

        return pool[0]


    def submit_request(self, _request, **kwargs):
        request = CommandsRequest(_request)
        with self.requests_lock:
            self.requests.append(request)
        if kwargs.get('wait', 0):
            while not request.is_finished():
                time.sleep(0.001)
        return request


    def run_command(self, command):
        # tag with 'seq' so that we can ingore these in notify function
        result = CommandResult('seq')

        self.send_command(result, 'mon', '', json.dumps(command), 'seq')
        return result.wait()
Commit	Line	Data
31f18b77 FG	1	"""
	2	A RESTful API for Ceph
	3	"""
	4
	5	import os
	6	import json
	7	import time
	8	import errno
	9	import inspect
	10	import tempfile
	11	import threading
	12	import traceback
3efd9988	13	import socket
31f18b77 FG	14
	15	import common
	16
	17	from uuid import uuid4
	18	from pecan import jsonify, make_app
	19	from OpenSSL import crypto
	20	from pecan.rest import RestController
	21	from werkzeug.serving import make_server, make_ssl_devcert
	22
	23	from hooks import ErrorHook
	24	from mgr_module import MgrModule, CommandResult
	25
	26	# Global instance to share
	27	instance = None
	28
	29
3efd9988 FG	30	class CannotServe(Exception):
	31	pass
	32
31f18b77 FG	33
	34	class CommandsRequest(object):
	35	"""
	36	This class handles parallel as well as sequential execution of
	37	commands. The class accept a list of iterables that should be
	38	executed sequentially. Each iterable can contain several commands
	39	that can be executed in parallel.
	40
	41	Example:
	42	[[c1,c2],[c3,c4]]
	43	- run c1 and c2 in parallel
	44	- wait for them to finish
	45	- run c3 and c4 in parallel
	46	- wait for them to finish
	47	"""
	48
	49
	50	def __init__(self, commands_arrays):
	51	self.id = str(id(self))
	52
	53	# Filter out empty sub-requests
	54	commands_arrays = filter(
	55	lambda x: len(x) != 0,
	56	commands_arrays,
	57	)
	58
	59	self.running = []
	60	self.waiting = commands_arrays[1:]
	61	self.finished = []
	62	self.failed = []
	63
	64	self.lock = threading.RLock()
	65	if not len(commands_arrays):
	66	# Nothing to run
	67	return
	68
	69	# Process first iteration of commands_arrays in parallel
	70	results = self.run(commands_arrays[0])
	71
	72	self.running.extend(results)
	73
	74
	75	def run(self, commands):
	76	"""
	77	A static method that will execute the given list of commands in
	78	parallel and will return the list of command results.
	79	"""
	80
	81	# Gather the results (in parallel)
	82	results = []
	83	for index in range(len(commands)):
	84	tag = '%s:%d' % (str(self.id), index)
	85
	86	# Store the result
	87	result = CommandResult(tag)
	88	result.command = common.humanify_command(commands[index])
	89	results.append(result)
	90
	91	# Run the command
	92	instance.send_command(result, 'mon', '', json.dumps(commands[index]), tag)
	93
	94	return results
	95
	96
97	def next(self):
98	with self.lock:
99	if not self.waiting:
100	# Nothing to run
101	return
102
103	# Run a next iteration of commands
104	commands = self.waiting[0]
105	self.waiting = self.waiting[1:]
106
107	self.running.extend(self.run(commands))
108
109
110	def finish(self, tag):
111	with self.lock:
112	for index in range(len(self.running)):
113	if self.running[index].tag == tag:
114	if self.running[index].r == 0:
115	self.finished.append(self.running.pop(index))
116	else:
117	self.failed.append(self.running.pop(index))
118	return True
119
120	# No such tag found
121	return False
122
123
124	def is_running(self, tag):
125	for result in self.running:
126	if result.tag == tag:
127	return True
128	return False
129
130
131	def is_ready(self):
132	with self.lock:
133	return not self.running and self.waiting
134
135
136	def is_waiting(self):
137	return bool(self.waiting)
138
139
140	def is_finished(self):
141	with self.lock:
142	return not self.running and not self.waiting
143
144
145	def has_failed(self):
146	return bool(self.failed)
147
148
149	def get_state(self):
150	with self.lock:
151	if not self.is_finished():
152	return "pending"
153
154	if self.has_failed():
155	return "failed"
156
157	return "success"
158
159
160	def __json__(self):
161	return {
162	'id': self.id,
163	'running': map(
164	lambda x: {
165	'command': x.command,
166	'outs': x.outs,
167	'outb': x.outb,
168	},
169	self.running
170	),
171	'finished': map(
172	lambda x: {
173	'command': x.command,
174	'outs': x.outs,
175	'outb': x.outb,
176	},
177	self.finished
178	),
179	'waiting': map(
28e407b8 AA	180	lambda x: map(
	181	lambda y: common.humanify_command(y),
	182	x
	183	),
31f18b77 FG	184	self.waiting
	185	),
	186	'failed': map(
	187	lambda x: {
	188	'command': x.command,
	189	'outs': x.outs,
	190	'outb': x.outb,
	191	},
	192	self.failed
	193	),
	194	'is_waiting': self.is_waiting(),
	195	'is_finished': self.is_finished(),
	196	'has_failed': self.has_failed(),
	197	'state': self.get_state(),
	198	}
	199
	200
	201
	202	class Module(MgrModule):
	203	COMMANDS = [
	204	{
	205	"cmd": "restful create-key name=key_name,type=CephString",
	206	"desc": "Create an API key with this name",
	207	"perm": "rw"
	208	},
	209	{
	210	"cmd": "restful delete-key name=key_name,type=CephString",
	211	"desc": "Delete an API key with this name",
	212	"perm": "rw"
	213	},
	214	{
	215	"cmd": "restful list-keys",
	216	"desc": "List all API keys",
	217	"perm": "rw"
	218	},
	219	{
	220	"cmd": "restful create-self-signed-cert",
	221	"desc": "Create localized self signed certificate",
	222	"perm": "rw"
	223	},
	224	{
	225	"cmd": "restful restart",
	226	"desc": "Restart API server",
	227	"perm": "rw"
	228	},
	229	]
	230
	231	def __init__(self, args, *kwargs):
	232	super(Module, self).__init__(args, *kwargs)
	233	global instance
	234	instance = self
	235
	236	self.requests = []
	237	self.requests_lock = threading.RLock()
	238
	239	self.keys = {}
	240	self.disable_auth = False
	241
	242	self.server = None
	243
	244	self.stop_server = False
	245	self.serve_event = threading.Event()
	246
	247
248	def serve(self):
249	while not self.stop_server:
250	try:
251	self._serve()
252	self.server.socket.close()
3efd9988 FG	253	except CannotServe as cs:
3efd9988 FG	254	self.log.warn("server not running: {0}".format(cs.message))
31f18b77 FG	255	except:
	256	self.log.error(str(traceback.format_exc()))
	257
	258	# Wait and clear the threading event
	259	self.serve_event.wait()
	260	self.serve_event.clear()
	261
31f18b77 FG	262	def refresh_keys(self):
	263	self.keys = {}
	264	rawkeys = self.get_config_prefix('keys/') or {}
	265	for k, v in rawkeys.iteritems():
	266	self.keys[k[5:]] = v # strip of keys/ prefix
	267
	268	def _serve(self):
	269	# Load stored authentication keys
	270	self.refresh_keys()
	271
	272	jsonify._instance = jsonify.GenericJSON(
	273	sort_keys=True,
	274	indent=4,
	275	separators=(',', ': '),
	276	)
	277
224ce89b	278	server_addr = self.get_localized_config('server_addr', '::')
31f18b77	279	if server_addr is None:
3efd9988 FG	280	raise CannotServe('no server_addr configured; try "ceph config-key set mgr/restful/server_addr <ip>"')
3efd9988 FG	281
224ce89b	282	server_port = int(self.get_localized_config('server_port', '8003'))
31f18b77 FG	283	self.log.info('server_addr: %s server_port: %d',
	284	server_addr, server_port)
	285
	286	cert = self.get_localized_config("crt")
	287	if cert is not None:
	288	cert_tmp = tempfile.NamedTemporaryFile()
	289	cert_tmp.write(cert)
	290	cert_tmp.flush()
	291	cert_fname = cert_tmp.name
	292	else:
	293	cert_fname = self.get_localized_config('crt_file')
	294
	295	pkey = self.get_localized_config("key")
	296	if pkey is not None:
	297	pkey_tmp = tempfile.NamedTemporaryFile()
	298	pkey_tmp.write(pkey)
	299	pkey_tmp.flush()
	300	pkey_fname = pkey_tmp.name
	301	else:
	302	pkey_fname = self.get_localized_config('key_file')
	303
	304	if not cert_fname or not pkey_fname:
3efd9988	305	raise CannotServe('no certificate configured')
31f18b77	306	if not os.path.isfile(cert_fname):
3efd9988	307	raise CannotServe('certificate %s does not exist' % cert_fname)
31f18b77	308	if not os.path.isfile(pkey_fname):
3efd9988 FG	309	raise CannotServe('private key %s does not exist' % pkey_fname)
	310
	311	# Publish the URI that others may use to access the service we're
	312	# about to start serving
	313	self.set_uri("https://{0}:{1}/".format(
	314	socket.gethostname() if server_addr == "::" else server_addr,
	315	server_port
	316	))
31f18b77 FG	317
	318	# Create the HTTPS werkzeug server serving pecan app
	319	self.server = make_server(
	320	host=server_addr,
	321	port=server_port,
	322	app=make_app(
	323	root='restful.api.Root',
	324	hooks = [ErrorHook()], # use a callable if pecan >= 0.3.2
	325	),
	326	ssl_context=(cert_fname, pkey_fname),
	327	)
	328
	329	self.server.serve_forever()
	330
	331
	332	def shutdown(self):
	333	try:
	334	self.stop_server = True
	335	if self.server:
	336	self.server.shutdown()
	337	self.serve_event.set()
	338	except:
	339	self.log.error(str(traceback.format_exc()))
	340	raise
	341
	342
	343	def restart(self):
	344	try:
	345	if self.server:
	346	self.server.shutdown()
	347	self.serve_event.set()
	348	except:
	349	self.log.error(str(traceback.format_exc()))
	350
	351
	352	def notify(self, notify_type, tag):
	353	try:
	354	self._notify(notify_type, tag)
	355	except:
	356	self.log.error(str(traceback.format_exc()))
	357
	358
	359	def _notify(self, notify_type, tag):
	360	if notify_type == "command":
	361	# we can safely skip all the sequential commands
	362	if tag == 'seq':
	363	return
	364
	365	request = filter(
	366	lambda x: x.is_running(tag),
	367	self.requests)
	368
	369	if len(request) != 1:
	370	self.log.warn("Unknown request '%s'" % str(tag))
	371	return
	372
	373	request = request[0]
	374	request.finish(tag)
	375	if request.is_ready():
	376	request.next()
	377	else:
	378	self.log.debug("Unhandled notification type '%s'" % notify_type)
	379
	380
381	def create_self_signed_cert(self):
382	# create a key pair
383	pkey = crypto.PKey()
384	pkey.generate_key(crypto.TYPE_RSA, 2048)
385
386	# create a self-signed cert
387	cert = crypto.X509()
388	cert.get_subject().O = "IT"
389	cert.get_subject().CN = "ceph-restful"
390	cert.set_serial_number(int(uuid4()))
391	cert.gmtime_adj_notBefore(0)
392	cert.gmtime_adj_notAfter(10365246060)
393	cert.set_issuer(cert.get_subject())
394	cert.set_pubkey(pkey)
395	cert.sign(pkey, 'sha512')
396
397	return (
398	crypto.dump_certificate(crypto.FILETYPE_PEM, cert),
399	crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)
400	)
401
402
403	def handle_command(self, command):
404	self.log.warn("Handling command: '%s'" % str(command))
405	if command['prefix'] == "restful create-key":
406	if command['key_name'] in self.keys:
407	return 0, self.keys[command['key_name']], ""
408
409	else:
410	key = str(uuid4())
411	self.keys[command['key_name']] = key
412	self.set_config('keys/' + command['key_name'], key)
413
414	return (
415	0,
416	self.keys[command['key_name']],
417	"",
418	)
419
420	elif command['prefix'] == "restful delete-key":
421	if command['key_name'] in self.keys:
422	del self.keys[command['key_name']]
423	self.set_config('keys/' + command['key_name'], None)
424
425	return (
426	0,
427	"",
428	"",
429	)
430
431	elif command['prefix'] == "restful list-keys":
432	self.refresh_keys()
433	return (
434	0,
435	json.dumps(self.keys, indent=2),
436	"",
437	)
438
439	elif command['prefix'] == "restful create-self-signed-cert":
440	cert, pkey = self.create_self_signed_cert()
441
442	self.set_config(self.get_mgr_id() + '/crt', cert)
443	self.set_config(self.get_mgr_id() + '/key', pkey)
444
445	self.restart()
446	return (
447	0,
448	"Restarting RESTful API server...",
449	""
450	)
451
452	elif command['prefix'] == 'restful restart':
453	self.restart();
454	return (
455	0,
456	"Restarting RESTful API server...",
457	""
458	)
459
460	else:
461	return (
462	-errno.EINVAL,
463	"",
464	"Command not found '{0}'".format(command['prefix'])
465	)
466
467
468	def get_doc_api(self, root, prefix=''):
469	doc = {}
470	for _obj in dir(root):
471	obj = getattr(root, _obj)
472
473	if isinstance(obj, RestController):
474	doc.update(self.get_doc_api(obj, prefix + '/' + _obj))
475
476	if getattr(root, '_lookup', None) and isinstance(root._lookup('0')[0], RestController):
477	doc.update(self.get_doc_api(root._lookup('0')[0], prefix + '/<arg>'))
478
479	prefix = prefix or '/'
480
481	doc[prefix] = {}
482	for method in 'get', 'post', 'patch', 'delete':
483	if getattr(root, method, None):
484	doc[prefix][method.upper()] = inspect.getdoc(getattr(root, method)).split('\n')
485
486	if len(doc[prefix]) == 0:
487	del doc[prefix]
488
489	return doc
490
491
492	def get_mons(self):
493	mon_map_mons = self.get('mon_map')['mons']
494	mon_status = json.loads(self.get('mon_status')['json'])
495
496	# Add more information
497	for mon in mon_map_mons:
498	mon['in_quorum'] = mon['rank'] in mon_status['quorum']
499	mon['server'] = self.get_metadata("mon", mon['name'])['hostname']
500	mon['leader'] = mon['rank'] == mon_status['quorum'][0]
501
502	return mon_map_mons
503
504
505	def get_osd_pools(self):
506	osds = dict(map(lambda x: (x['osd'], []), self.get('osd_map')['osds']))
507	pools = dict(map(lambda x: (x['pool'], x), self.get('osd_map')['pools']))
508	crush_rules = self.get('osd_map_crush')['rules']
509
510	osds_by_pool = {}
511	for pool_id, pool in pools.items():
512	pool_osds = None
513	for rule in [r for r in crush_rules if r['rule_id'] == pool['crush_rule']]:
514	if rule['min_size'] <= pool['size'] <= rule['max_size']:
515	pool_osds = common.crush_rule_osds(self.get('osd_map_tree')['nodes'], rule)
516
517	osds_by_pool[pool_id] = pool_osds
518
519	for pool_id in pools.keys():
520	for in_pool_id in osds_by_pool[pool_id]:
521	osds[in_pool_id].append(pool_id)
522
523	return osds
524
525
526	def get_osds(self, pool_id=None, ids=None):
527	# Get data
528	osd_map = self.get('osd_map')
529	osd_metadata = self.get('osd_metadata')
530
531	# Update the data with the additional info from the osd map
532	osds = osd_map['osds']
533
534	# Filter by osd ids
535	if ids is not None:
536	osds = filter(
537	lambda x: str(x['osd']) in ids,
538	osds
539	)
540
541	# Get list of pools per osd node
542	pools_map = self.get_osd_pools()
543
544	# map osd IDs to reweight
545	reweight_map = dict([
546	(x.get('id'), x.get('reweight', None))
547	for x in self.get('osd_map_tree')['nodes']
548	])
549
550	# Build OSD data objects
551	for osd in osds:
552	osd['pools'] = pools_map[osd['osd']]
553	osd['server'] = osd_metadata.get(str(osd['osd']), {}).get('hostname', None)
554
555	osd['reweight'] = reweight_map.get(osd['osd'], 0.0)
556
557	if osd['up']:
558	osd['valid_commands'] = common.OSD_IMPLEMENTED_COMMANDS
559	else:
560	osd['valid_commands'] = []
561
562	# Filter by pool
563	if pool_id:
564	pool_id = int(pool_id)
565	osds = filter(
566	lambda x: pool_id in x['pools'],
567	osds
568	)
569
570	return osds
571
572
573	def get_osd_by_id(self, osd_id):
574	osd = filter(
575	lambda x: x['osd'] == osd_id,
576	self.get('osd_map')['osds']
577	)
578
579	if len(osd) != 1:
580	return None
581
582	return osd[0]
583
584
585	def get_pool_by_id(self, pool_id):
586	pool = filter(
587	lambda x: x['pool'] == pool_id,
588	self.get('osd_map')['pools'],
589	)
590
591	if len(pool) != 1:
592	return None
593
594	return pool[0]
595
596
597	def submit_request(self, _request, **kwargs):
598	request = CommandsRequest(_request)
599	with self.requests_lock:
600	self.requests.append(request)
601	if kwargs.get('wait', 0):
602	while not request.is_finished():
603	time.sleep(0.001)
604	return request
605
606
607	def run_command(self, command):
608	# tag with 'seq' so that we can ingore these in notify function
609	result = CommandResult('seq')
610
611	self.send_command(result, 'mon', '', json.dumps(command), 'seq')
612	return result.wait()