import asyncio
import logging
from . import tag
from . import utils
from .client import client
from .client import connection
from .model import Model
log = logging.getLogger(__name__)
[docs]class Controller(object):
def __init__(self, loop=None,
max_frame_size=connection.Connection.DEFAULT_FRAME_SIZE):
"""Instantiate a new Controller.
One of the connect_* methods will need to be called before this
object can be used for anything interesting.
:param loop: an asyncio event loop
"""
self.loop = loop or asyncio.get_event_loop()
self.max_frame_size = None
self.connection = None
self.controller_name = None
[docs] async def connect(
self, endpoint, username, password, cacert=None, macaroons=None):
"""Connect to an arbitrary Juju controller.
"""
self.connection = await connection.Connection.connect(
endpoint, None, username, password, cacert, macaroons,
max_frame_size=self.max_frame_size)
[docs] async def connect_current(self):
"""Connect to the current Juju controller.
"""
self.connection = (
await connection.Connection.connect_current_controller(
max_frame_size=self.max_frame_size))
[docs] async def connect_controller(self, controller_name):
"""Connect to a Juju controller by name.
"""
self.connection = (
await connection.Connection.connect_controller(
controller_name, max_frame_size=self.max_frame_size))
self.controller_name = controller_name
[docs] async def disconnect(self):
"""Shut down the watcher task and close websockets.
"""
if self.connection and self.connection.is_open:
log.debug('Closing controller connection')
await self.connection.close()
self.connection = None
[docs] async def add_model(
self, model_name, cloud_name=None, credential_name=None,
owner=None, config=None, region=None):
"""Add a model to this controller.
:param str model_name: Name to give the new model.
:param str cloud_name: Name of the cloud in which to create the
model, e.g. 'aws'. Defaults to same cloud as controller.
:param str credential_name: Name of the credential to use when
creating the model. Defaults to current credential. If you
pass a credential_name, you must also pass a cloud_name,
even if it's the default cloud.
:param str owner: Username that will own the model. Defaults to
the current user.
:param dict config: Model configuration.
:param str region: Region in which to create the model.
"""
model_facade = client.ModelManagerFacade.from_connection(
self.connection)
owner = owner or self.connection.info['user-info']['identity']
cloud_name = cloud_name or await self.get_cloud()
if credential_name:
credential = tag.credential(
cloud_name,
tag.untag('user-', owner),
credential_name
)
else:
credential = None
log.debug('Creating model %s', model_name)
model_info = await model_facade.CreateModel(
tag.cloud(cloud_name),
config,
credential,
model_name,
owner,
region
)
# Add our ssh key to the model, to work around
# https://bugs.launchpad.net/juju/+bug/1643076
try:
ssh_key = await utils.read_ssh_key(loop=self.loop)
if self.controller_name:
model_name = "{}:{}".format(self.controller_name, model_name)
cmd = ['juju', 'add-ssh-key', '-m', model_name, ssh_key]
await utils.execute_process(*cmd, log=log, loop=self.loop)
except Exception:
log.exception(
"Could not add ssh key to model. You will not be able "
"to ssh into machines in this model. "
"Manually running `juju add-ssh-key <key>` in the cli "
"may fix this problem.")
model = Model()
await model.connect(
self.connection.endpoint,
model_info.uuid,
self.connection.username,
self.connection.password,
self.connection.cacert,
self.connection.macaroons,
loop=self.loop,
)
return model
[docs] async def destroy_models(self, *uuids):
"""Destroy one or more models.
:param str \*uuids: UUIDs of models to destroy
"""
model_facade = client.ModelManagerFacade.from_connection(
self.connection)
log.debug(
'Destroying model%s %s',
'' if len(uuids) == 1 else 's',
', '.join(uuids)
)
await model_facade.DestroyModels([
client.Entity(tag.model(uuid))
for uuid in uuids
])
destroy_model = destroy_models
[docs] async def add_user(self, username, password=None, display_name=None):
"""Add a user to this controller.
:param str username: Username
:param str display_name: Display name
:param str acl: Access control, e.g. 'read'
:param list models: Models to which the user is granted access
"""
if not display_name:
display_name = username
user_facade = client.UserManagerFacade.from_connection(self.connection)
users = [{'display_name': display_name,
'password': password,
'username': username}]
return await user_facade.AddUser(users)
[docs] async def change_user_password(self, username, password):
"""Change the password for a user in this controller.
:param str username: Username
:param str password: New password
"""
user_facade = client.UserManagerFacade.from_connection(self.connection)
entity = client.EntityPassword(password, tag.user(username))
return await user_facade.SetPassword([entity])
[docs] async def destroy(self, destroy_all_models=False):
"""Destroy this controller.
:param bool destroy_all_models: Destroy all hosted models in the
controller.
"""
controller_facade = client.ControllerFacade.from_connection(
self.connection)
return await controller_facade.DestroyController(destroy_all_models)
[docs] async def disable_user(self, username):
"""Disable a user.
:param str username: Username
"""
user_facade = client.UserManagerFacade.from_connection(self.connection)
entity = client.Entity(tag.user(username))
return await user_facade.DisableUser([entity])
[docs] async def enable_user(self, username):
"""Re-enable a previously disabled user.
"""
user_facade = client.UserManagerFacade.from_connection(self.connection)
entity = client.Entity(tag.user(username))
return await user_facade.EnableUser([entity])
[docs] def kill(self):
"""Forcibly terminate all machines and other associated resources for
this controller.
"""
raise NotImplementedError()
[docs] async def get_cloud(self):
"""
Get the name of the cloud that this controller lives on.
"""
cloud_facade = client.CloudFacade.from_connection(self.connection)
result = await cloud_facade.Clouds()
cloud = list(result.clouds.keys())[0] # only lives on one cloud
return tag.untag('cloud-', cloud)
[docs] async def get_models(self, all_=False, username=None):
"""Return list of available models on this controller.
:param bool all_: List all models, regardless of user accessibilty
(admin use only)
:param str username: User for which to list models (admin use only)
"""
controller_facade = client.ControllerFacade.from_connection(
self.connection)
return await controller_facade.AllModels()
[docs] def get_payloads(self, *patterns):
"""Return list of known payloads.
:param str \*patterns: Patterns to match against
Each pattern will be checked against the following info in Juju::
- unit name
- machine id
- payload type
- payload class
- payload id
- payload tag
- payload status
"""
raise NotImplementedError()
[docs] def get_users(self, all_=False):
"""Return list of users that can connect to this controller.
:param bool all_: Include disabled users
"""
raise NotImplementedError()
[docs] def login(self):
"""Log in to this controller.
"""
raise NotImplementedError()
[docs] def logout(self, force=False):
"""Log out of this controller.
:param bool force: Don't fail even if user not previously logged in
with a password
"""
raise NotImplementedError()
[docs] def get_model(self, name):
"""Get a model by name.
:param str name: Model name
"""
raise NotImplementedError()
[docs] async def get_user(self, username, include_disabled=False):
"""Get a user by name.
:param str username: Username
"""
client_facade = client.UserManagerFacade.from_connection(
self.connection)
user = tag.user(username)
return await client_facade.UserInfo([client.Entity(user)],
include_disabled)
[docs] async def grant(self, username, acl='login'):
"""Set access level of the given user on the controller
:param str username: Username
:param str acl: Access control ('login', 'add-model' or 'superuser')
"""
controller_facade = client.ControllerFacade.from_connection(
self.connection)
user = tag.user(username)
await self.revoke(username)
changes = client.ModifyControllerAccess(acl, 'grant', user)
return await controller_facade.ModifyControllerAccess([changes])
[docs] async def revoke(self, username):
"""Removes all access from a controller
:param str username: username
"""
controller_facade = client.ControllerFacade.from_connection(
self.connection)
user = tag.user(username)
changes = client.ModifyControllerAccess('login', 'revoke', user)
return await controller_facade.ModifyControllerAccess([changes])