diff --git a/fence/agents/cisco_ucs/fence_cisco_ucs.py b/fence/agents/cisco_ucs/fence_cisco_ucs.py
index 701f6900..7102c445 100644
--- a/fence/agents/cisco_ucs/fence_cisco_ucs.py
+++ b/fence/agents/cisco_ucs/fence_cisco_ucs.py
@@ -1,202 +1,202 @@
#!@PYTHON@ -tt
import sys, re
import pycurl, io
import logging
import atexit
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
from fencing import fail, EC_STATUS, EC_LOGIN_DENIED, run_delay
#BEGIN_VERSION_GENERATION
RELEASE_VERSION="New Cisco UCS Agent - test release on steroids"
REDHAT_COPYRIGHT=""
BUILD_DATE="March, 2008"
#END_VERSION_GENERATION
RE_COOKIE = re.compile("", int(options["--shell-timeout"]))
result = RE_GET_PNDN.search(res)
if result == None:
pndn = ""
else:
pndn = result.group(1)
if pndn.strip() == "":
if "--missing-as-off" in options:
return "off"
else:
fail(EC_STATUS)
res = send_command(options, "", int(options["--shell-timeout"]))
result = RE_GET_PRESENCE.search(res)
if result == None:
fail(EC_STATUS)
else:
presence_status = result.group(1)
if presence_status in ["missing", "mismatch"]:
return "off"
else:
result = RE_GET_OPERPOWER.search(res)
if result == None:
fail(EC_STATUS)
else:
power_status = result.group(1)
if power_status == "on":
return "on"
else:
return "off"
def set_power_status(conn, options):
del conn
action = {
'on' : "admin-up",
'off' : "admin-down"
}[options["--action"]]
send_command(options, "" +
"" + "" + "",
int(options["--shell-timeout"]))
return
def get_list(conn, options):
del conn
outlets = {}
try:
res = send_command(options, "", int(options["--shell-timeout"]))
lines = res.split("",
int(options_global["--shell-timeout"]))
except Exception:
pass
def main():
global options_global
device_opt = ["ipaddr", "login", "passwd", "ssl", "notls", "port", "web", "suborg", "missing_as_off"]
atexit.register(atexit_handler)
atexit.register(logout)
define_new_opts()
options_global = check_input(device_opt, process_input(device_opt))
docs = {}
docs["shortdesc"] = "Fence agent for Cisco UCS"
docs["longdesc"] = "fence_cisco_ucs is an I/O Fencing agent which can be \
used with Cisco UCS to fence machines."
docs["vendorurl"] = "http://www.cisco.com"
show_docs(options_global, docs)
run_delay(options_global)
### Login
try:
res = send_command(options_global, "", int(options_global["--login-timeout"]))
result = RE_COOKIE.search(res)
if result == None:
## Cookie is absenting in response
fail(EC_LOGIN_DENIED)
except Exception:
fail(EC_LOGIN_DENIED)
options_global["cookie"] = result.group(1)
##
## Modify suborg to format /suborg
if options_global["--suborg"] != "":
options_global["--suborg"] = "/" + options_global["--suborg"].lstrip("/").rstrip("/")
##
## Fence operations
####
result = fence_action(None, options_global, set_power_status, get_power_status, get_list)
## Logout is done every time at atexit phase
sys.exit(result)
if __name__ == "__main__":
main()
diff --git a/fence/agents/docker/fence_docker.py b/fence/agents/docker/fence_docker.py
index 2705ceb1..2bfa5eae 100644
--- a/fence/agents/docker/fence_docker.py
+++ b/fence/agents/docker/fence_docker.py
@@ -1,164 +1,164 @@
#!@PYTHON@ -tt
import atexit
import sys
import io
import logging
import pycurl
import json
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import fail_usage, all_opt, fence_action, atexit_handler, check_input, process_input, show_docs, run_delay
#BEGIN_VERSION_GENERATION
RELEASE_VERSION = ""
REDHAT_COPYRIGHT = ""
BUILD_DATE = ""
#END_VERSION_GENERATION
def get_power_status(conn, options):
del conn
status = send_cmd(options, "containers/%s/json" % options["--plug"])
if status is None:
return None
return "on" if status["State"]["Running"] else "off"
def set_power_status(conn, options):
del conn
if options["--action"] == "on":
send_cmd(options, "containers/%s/start" % options["--plug"], True)
else:
send_cmd(options, "containers/%s/kill" % options["--plug"], True)
return
def reboot_cycle(conn, options):
del conn
send_cmd(options, "containers/%s/restart" % options["--plug"], True)
return get_power_status(conn, options)
def get_list(conn, options):
del conn
output = send_cmd(options, "containers/json?all=1")
containers = {}
for container in output:
containers[container["Id"]] = (container["Names"][0], {True:"off", False: "on"}[container["Status"][:4].lower() == "exit"])
return containers
def send_cmd(options, cmd, post = False):
url = "http%s://%s:%s/v%s/%s" % ("s" if "--ssl" in options else "", options["--ip"], options["--ipport"], options["--api-version"], cmd)
conn = pycurl.Curl()
output_buffer = io.BytesIO()
if logging.getLogger().getEffectiveLevel() < logging.WARNING:
conn.setopt(pycurl.VERBOSE, True)
conn.setopt(pycurl.HTTPGET, 1)
- conn.setopt(pycurl.URL, str(url))
+ conn.setopt(pycurl.URL, url.encode("ascii"))
if post:
conn.setopt(pycurl.POST, 1)
conn.setopt(pycurl.POSTFIELDSIZE, 0)
conn.setopt(pycurl.WRITEFUNCTION, output_buffer.write)
conn.setopt(pycurl.TIMEOUT, int(options["--shell-timeout"]))
if "--ssl" in options:
if not (set(("--tlscert", "--tlskey", "--tlscacert")) <= set(options)):
fail_usage("Failed. If --ssl option is used, You have to also \
specify: --tlscert, --tlskey and --tlscacert")
conn.setopt(pycurl.SSL_VERIFYPEER, 1)
conn.setopt(pycurl.SSLCERT, options["--tlscert"])
conn.setopt(pycurl.SSLKEY, options["--tlskey"])
conn.setopt(pycurl.CAINFO, options["--tlscacert"])
else:
conn.setopt(pycurl.SSL_VERIFYPEER, 0)
conn.setopt(pycurl.SSL_VERIFYHOST, 0)
logging.debug("URL: " + url)
try:
conn.perform()
result = output_buffer.getvalue().decode()
return_code = conn.getinfo(pycurl.RESPONSE_CODE)
logging.debug("RESULT [" + str(return_code) + \
"]: " + result)
conn.close()
if return_code == 200:
return json.loads(result)
except pycurl.error:
logging.error("Connection failed")
except:
if result is not None:
logging.error(result)
logging.error("Cannot parse json")
return None
def main():
atexit.register(atexit_handler)
all_opt["tlscert"] = {
"getopt" : ":",
"longopt" : "tlscert",
"help" : "--tlscert "
"Path to client certificate for TLS authentication",
"required" : "0",
"shortdesc" : "Path to client certificate (PEM format) \
for TLS authentication. Required if --ssl option is used.",
"order": 2
}
all_opt["tlskey"] = {
"getopt" : ":",
"longopt" : "tlskey",
"help" : "--tlskey "
"Path to client key for TLS authentication",
"required" : "0",
"shortdesc" : "Path to client key (PEM format) for TLS \
authentication. Required if --ssl option is used.",
"order": 2
}
all_opt["tlscacert"] = {
"getopt" : ":",
"longopt" : "tlscacert",
"help" : "--tlscacert "
"Path to CA certificate for TLS authentication",
"required" : "0",
"shortdesc" : "Path to CA certificate (PEM format) for \
TLS authentication. Required if --ssl option is used.",
"order": 2
}
all_opt["api_version"] = {
"getopt" : ":",
"longopt" : "api-version",
"help" : "--api-version "
"Version of Docker Remote API (default: 1.11)",
"required" : "0",
"order" : 2,
"default" : "1.11",
}
device_opt = ["ipaddr", "no_password", "no_login", "port", "method", "web", "tlscert", "tlskey", "tlscacert", "ssl", "api_version"]
options = check_input(device_opt, process_input(device_opt))
docs = { }
docs["shortdesc"] = "Fence agent for Docker"
docs["longdesc"] = "fence_docker is I/O fencing agent which \
can be used with the Docker Engine containers. You can use this \
fence-agent without any authentication, or you can use TLS authentication \
(use --ssl option, more info about TLS authentication in docker: \
http://docs.docker.com/examples/https/)."
docs["vendorurl"] = "www.docker.io"
show_docs(options, docs)
run_delay(options)
result = fence_action(None, options, set_power_status, get_power_status, get_list, reboot_cycle)
sys.exit(result)
if __name__ == "__main__":
main()
diff --git a/fence/agents/pve/fence_pve.py b/fence/agents/pve/fence_pve.py
index c2feb0d9..a587dc00 100755
--- a/fence/agents/pve/fence_pve.py
+++ b/fence/agents/pve/fence_pve.py
@@ -1,187 +1,187 @@
#!@PYTHON@ -tt
# This agent uses Proxmox VE API
# Thanks to Frank Brendel (author of original perl fence_pve)
# for help with writing and testing this agent.
import sys
import json
import pycurl
import io
import atexit
import logging
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import fail, EC_LOGIN_DENIED, atexit_handler, all_opt, check_input, process_input, show_docs, fence_action, run_delay
if sys.version_info[0] > 2: import urllib.parse as urllib
else: import urllib
#BEGIN_VERSION_GENERATION
RELEASE_VERSION=""
BUILD_DATE=""
REDHAT_COPYRIGHT=""
#END_VERSION_GENERATION
def get_power_status(conn, options):
del conn
state = {"running" : "on", "stopped" : "off"}
if options["--nodename"] is None:
nodes = send_cmd(options, "nodes")
if type(nodes) is not dict or "data" not in nodes or type(nodes["data"]) is not list:
return None
for node in nodes["data"]: # lookup the node holding the vm
if type(node) is not dict or "node" not in node:
return None
options["--nodename"] = node["node"]
status = get_power_status(None, options)
if status is not None:
logging.info("vm found on node: " + options["--nodename"])
break
else:
options["--nodename"] = None
return status
else:
cmd = "nodes/" + options["--nodename"] + "/qemu/" + options["--plug"] + "/status/current"
result = send_cmd(options, cmd)
if type(result) is dict and "data" in result:
if type(result["data"]) is dict and "status" in result["data"]:
if result["data"]["status"] in state:
return state[result["data"]["status"]]
return None
def set_power_status(conn, options):
del conn
action = {
'on' : "start",
'off': "stop"
}[options["--action"]]
cmd = "nodes/" + options["--nodename"] + "/qemu/" + options["--plug"] + "/status/" + action
send_cmd(options, cmd, post={"skiplock":1})
def get_outlet_list(conn, options):
del conn
nodes = send_cmd(options, "nodes")
outlets = dict()
if type(nodes) is not dict or "data" not in nodes or type(nodes["data"]) is not list:
return None
for node in nodes["data"]:
if type(node) is not dict or "node" not in node:
return None
vms = send_cmd(options, "nodes/" + node["node"] + "/qemu")
if type(vms) is not dict or "data" not in vms or type(vms["data"]) is not list:
return None
for vm in vms["data"]:
outlets[vm["vmid"]] = [vm["name"], vm["status"]]
return outlets
def get_ticket(options):
post = {'username': options["--username"], 'password': options["--password"]}
result = send_cmd(options, "access/ticket", post=post)
if type(result) is dict and "data" in result:
if type(result["data"]) is dict and "ticket" in result["data"] and "CSRFPreventionToken" in result["data"]:
return {
"ticket" : str("PVEAuthCookie=" + result["data"]["ticket"] + "; " + \
"version=0; path=/; domain=" + options["--ip"] + \
"; port=" + str(options["--ipport"]) + "; path_spec=0; secure=1; " + \
"expires=7200; discard=0"),
"CSRF_token" : str("CSRFPreventionToken: " + result["data"]["CSRFPreventionToken"])
}
return None
def send_cmd(options, cmd, post=None):
url = options["url"] + cmd
conn = pycurl.Curl()
output_buffer = io.BytesIO()
if logging.getLogger().getEffectiveLevel() < logging.WARNING:
conn.setopt(pycurl.VERBOSE, True)
conn.setopt(pycurl.HTTPGET, 1)
- conn.setopt(pycurl.URL, str(url))
+ conn.setopt(pycurl.URL, url.encode("ascii"))
if "auth" in options and options["auth"] is not None:
conn.setopt(pycurl.COOKIE, options["auth"]["ticket"])
conn.setopt(pycurl.HTTPHEADER, [options["auth"]["CSRF_token"]])
if post is not None:
if "skiplock" in post:
conn.setopt(conn.CUSTOMREQUEST, 'POST')
else:
conn.setopt(pycurl.POSTFIELDS, urllib.urlencode(post))
conn.setopt(pycurl.WRITEFUNCTION, output_buffer.write)
conn.setopt(pycurl.TIMEOUT, int(options["--shell-timeout"]))
if "--ssl" in options or "--ssl-secure" in options:
conn.setopt(pycurl.SSL_VERIFYPEER, 1)
conn.setopt(pycurl.SSL_VERIFYHOST, 2)
else:
conn.setopt(pycurl.SSL_VERIFYPEER, 0)
conn.setopt(pycurl.SSL_VERIFYHOST, 0)
logging.debug("URL: " + url)
try:
conn.perform()
result = output_buffer.getvalue().decode()
logging.debug("RESULT [" + str(conn.getinfo(pycurl.RESPONSE_CODE)) + \
"]: " + result)
conn.close()
return json.loads(result)
except pycurl.error:
logging.error("Connection failed")
except:
logging.error("Cannot parse json")
return None
def main():
atexit.register(atexit_handler)
all_opt["node_name"] = {
"getopt" : "N:",
"longopt" : "nodename",
"help" : "-N, --nodename "
"Node on which machine is located",
"required" : "0",
"shortdesc" : "Node on which machine is located. "
"(Optional, will be automatically determined)",
"order": 2
}
device_opt = ["ipaddr", "login", "passwd", "web", "port", "node_name"]
all_opt["login"]["required"] = "0"
all_opt["login"]["default"] = "root@pam"
all_opt["ipport"]["default"] = "8006"
all_opt["port"]["shortdesc"] = "Id of the virtual machine."
all_opt["ipaddr"]["shortdesc"] = "IP Address or Hostname of a node " +\
"within the Proxmox cluster."
options = check_input(device_opt, process_input(device_opt))
docs = {}
docs["shortdesc"] = "Fencing agent for the Proxmox Virtual Environment"
docs["longdesc"] = "The fence_pve agent can be used to fence virtual \
machines acting as nodes in a virtualized cluster."
docs["vendorurl"] = "http://www.proxmox.com/"
show_docs(options, docs)
run_delay(options)
if "--nodename" not in options or not options["--nodename"]:
options["--nodename"] = None
options["url"] = "https://" + options["--ip"] + ":" + str(options["--ipport"]) + "/api2/json/"
options["auth"] = get_ticket(options)
if options["auth"] is None:
fail(EC_LOGIN_DENIED)
result = fence_action(None, options, set_power_status, get_power_status, get_outlet_list)
sys.exit(result)
if __name__ == "__main__":
main()
diff --git a/fence/agents/rhevm/fence_rhevm.py b/fence/agents/rhevm/fence_rhevm.py
index 1fca9e09..1b5d2761 100644
--- a/fence/agents/rhevm/fence_rhevm.py
+++ b/fence/agents/rhevm/fence_rhevm.py
@@ -1,194 +1,194 @@
#!@PYTHON@ -tt
import sys, re
import pycurl, io
import logging
import atexit
sys.path.append("@FENCEAGENTSLIBDIR@")
from fencing import *
from fencing import fail, EC_STATUS, run_delay
#BEGIN_VERSION_GENERATION
RELEASE_VERSION="New RHEV-M Agent - test release on steroids"
REDHAT_COPYRIGHT=""
BUILD_DATE="March, 2008"
#END_VERSION_GENERATION
RE_GET_ID = re.compile("(.*?)", re.IGNORECASE)
RE_GET_NAME = re.compile("(.*?)", re.IGNORECASE)
def get_power_status(conn, options):
del conn
### Obtain real ID from name
res = send_command(options, "vms/?search=name%3D" + options["--plug"])
result = RE_GET_ID.search(res)
if result == None:
# Unable to obtain ID needed to access virtual machine
fail(EC_STATUS)
options["id"] = result.group(2)
result = RE_STATUS.search(res)
if result == None:
# We were able to parse ID so output is correct
# in some cases it is possible that RHEV-M output does not
# contain line. We can assume machine is OFF then
return "off"
else:
status = result.group(1)
if status.lower() == "down":
return "off"
else:
return "on"
def set_power_status(conn, options):
del conn
action = {
'on' : "start",
'off' : "stop"
}[options["--action"]]
url = "vms/" + options["id"] + "/" + action
send_command(options, url, "POST")
def get_list(conn, options):
del conn
outlets = {}
try:
res = send_command(options, "vms")
lines = res.split("")
conn.setopt(pycurl.WRITEFUNCTION, web_buffer.write)
conn.perform()
if "cookie" not in opt and "--use-cookies" in opt:
cookie = ""
for c in conn.getinfo(pycurl.INFO_COOKIELIST):
tokens = c.split("\t",7)
cookie = cookie + tokens[5] + "=" + tokens[6] + ";"
opt["cookie"] = cookie
result = web_buffer.getvalue().decode()
logging.debug("%s\n", command)
logging.debug("%s\n", result)
return result
def define_new_opts():
all_opt["use_cookies"] = {
"getopt" : "",
"longopt" : "use-cookies",
"help" : "--use-cookies Reuse cookies for authentication",
"required" : "0",
"shortdesc" : "Reuse cookies for authentication",
"order" : 1}
all_opt["api_path"] = {
"getopt" : "",
"longopt" : "api-path",
"help" : "--api-path The path part of the API URL",
"default" : "/ovirt-engine/api",
"required" : "0",
"shortdesc" : "The path part of the API URL",
"order" : 2}
def main():
device_opt = [
"ipaddr",
"api_path",
"login",
"passwd",
"ssl",
"notls",
"web",
"port",
"use_cookies",
]
atexit.register(atexit_handler)
define_new_opts()
all_opt["power_wait"]["default"] = "1"
options = check_input(device_opt, process_input(device_opt))
docs = {}
docs["shortdesc"] = "Fence agent for RHEV-M REST API"
docs["longdesc"] = "fence_rhevm is an I/O Fencing agent which can be \
used with RHEV-M REST API to fence virtual machines."
docs["vendorurl"] = "http://www.redhat.com"
show_docs(options, docs)
##
## Fence operations
####
run_delay(options)
result = fence_action(None, options, set_power_status, get_power_status, get_list)
sys.exit(result)
if __name__ == "__main__":
main()