• Search by Module
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• ansible-module-chaperone-master
  • vcenter_vro_config.py
  • vcsa
    • psc_ha_pairing.py
    • psc_load_balancer_update_url.py
    • repoint_lb_url.py
    • vcenter_addvmk.py
  • os_check_heat.py
  • get_vcenter_id.py
  • set_vcsa_sh.py
  • configure_vra_appliance_mod.py
  • configure_vra_sso.py
  • LICENSE
  • os_heat_status.py
  • nsxt
    • nsxt_selfsigned.py
    • nsxt_edge_details.py
    • nsxt_controller_details.py
    • nsxt_transport_node_edge_details.py
    • nsxt_transport_node_details.py
    • nsxt_vcenter_moids.py
    • nsxt_ssh_details.py
    • nsxt_fabric_details.py
    • nsxt_superuser.py
  • vra_configure.py
  • ova_deploy.py
  • vcenter_query.py
  • README.md
  • .gitreview
  • NOTICE
  • .gitignore

#!/usr/bin/env python
# coding=utf-8
#
# Copyright (c) 2015 VMware, Inc. All Rights Reserved.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
# documentation files (the "Software"), to deal in the Software without restriction, including without limitation
# the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and
# to permit persons to whom the Software is furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all copies or substantial portions
# of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
# TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
# CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.

import os
import paramiko
import time

def create_psc_session(module, psc_ip, password):
    try:
        #Transport connection to the PSC
        transport = paramiko.Transport(psc_ip, 22)
        transport.connect(username='root', password=password)
        sftp = paramiko.SFTPClient.from_transport(transport)
    except:
        module.fail_json(msg='Transport connection to the PSC failed.')
    try:
        # SSH connect to PSC
        ssh = paramiko.SSHClient()
        ssh.load_system_host_keys()
        ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
        ssh.connect(psc_ip, 22, 'root', password)
    except:
        module.fail_json(msg='SSH connection to the PSC failed.')
    return sftp, ssh

def copy_ha_scripts_first_psc(module):
    sftp, ssh = create_psc_session(module, module.params['psc_1_ip'],
                                   module.params['psc_password'])
    #psc_dirs = sftp.listdir('/')
    sftp.mkdir('/ha')
    sftp.mkdir('/ha/keys')

    script_path='/opt/chaperone-ansible/roles/vcloud-nfv-ra/files/psc-ha-script'
    ha_files = os.listdir(script_path)
    for f in ha_files:
        sftp.put(os.path.join(script_path, f), '/ha/'+f)

def generate_lb_certificate_first_psc(module):
    sftp, ssh = create_psc_session(module, module.params['psc_1_ip'],
                                   module.params['psc_password'])
    cert_gen_cmd = 'cd /ha \n python gen-lb-cert.py --primary-node --lb-fqdn={}'.format(module.params['lb_fqdn'])
    stdout = ssh.exec_command(cert_gen_cmd)
    max=400
    count = 0
    while True:
        stdout_line = str(stdout[0].readline)
        if stdout_line.find('active; 1') != -1:
            count = count + 15
            time.sleep(15)
            if count == max:
                module.fail_json(msg='PSC HA pairing failed, please check manually')
        elif stdout_line.find('active; 0') != -1:
            break

def copy_keys_directory(module):
    sftp, ssh = create_psc_session(module, module.params['psc_1_ip'], 
                                   module.params['psc_password'])
    # copy keys to HA folder
    ssh.exec_command('cp -r /etc/vmware-sso/keys/* /ha/keys')

def copy_ha_directory(module):
    '''Copy Ha directory to Second PSC
    '''
    sftp, ssh = create_psc_session(module, module.params['psc_1_ip'], 
                                   module.params['psc_password'])
    # Copy whole Ha folder to Second PSC
    scp_cmd = 'sshpass -p "VMware1!" scp  -o StrictHostKeyChecking=no -r /ha root@{}:/'.format(module.params['psc_2_ip'])
    ssh.exec_command(scp_cmd)

def generate_cert_on_second_psc(module):
    sftp, ssh = create_psc_session(module, module.params['psc_2_ip'], 
                                   module.params['psc_password'])
    gen_cert_cmd='echo "" | python /ha/gen-lb-cert.py --secondary-node --lb-fqdn={} --lb-cert-folder=/ha --sso-serversign-folder=/ha/keys'.format(module.params['lb_fqdn'])
    stdout = ssh.exec_command(gen_cert_cmd)
    max=400
    count = 0
    while True:
        stdout_line = str(stdout[0].readline)
        if stdout_line.find('active; 1') != -1:
            count = count + 15
            time.sleep(15)
            if count == max:
                module.fail_json(msg='PSC HA pairing failed, please check manually')
        elif stdout_line.find('active; 0') != -1:
            break

def main():
    module = AnsibleModule(
        argument_spec=dict(
            state=dict(default='present', choices=['present', 'absent']),
            psc_1_ip=dict(required=True),
            psc_2_ip=dict(required=True),
            psc_password=dict(required=True),
            virtual_ip=dict(required=True),
            lb_fqdn=dict(required=True),
            ),
        supports_check_mode=False
    )
    copy_ha_scripts_first_psc(module)
    generate_lb_certificate_first_psc(module)
    copy_keys_directory(module)
    copy_ha_directory(module)
    generate_cert_on_second_psc(module)
    module.exit_json(changed=True, argument_spec=module.params['state'])

from ansible.module_utils.basic import *
if __name__ == '__main__':
    main()