|
|
4822a5 |
diff -uNr a/configure.ac b/configure.ac
|
|
|
4822a5 |
--- a/configure.ac 2017-10-05 10:21:12.966801280 +0200
|
|
|
4822a5 |
+++ b/configure.ac 2017-10-05 10:22:01.993319558 +0200
|
|
|
4822a5 |
@@ -267,6 +267,7 @@
|
|
|
4822a5 |
fence/agents/apc_snmp/Makefile
|
|
|
4822a5 |
fence/agents/amt/Makefile
|
|
|
4822a5 |
fence/agents/amt_ws/Makefile
|
|
|
4822a5 |
+ fence/agents/aws/Makefile
|
|
|
4822a5 |
fence/agents/bladecenter/Makefile
|
|
|
4822a5 |
fence/agents/brocade/Makefile
|
|
|
4822a5 |
fence/agents/cisco_mds/Makefile
|
|
|
4822a5 |
diff -uNr a/fence/agents/aws/fence_aws.py b/fence/agents/aws/fence_aws.py
|
|
|
4822a5 |
--- a/fence/agents/aws/fence_aws.py 1970-01-01 01:00:00.000000000 +0100
|
|
|
4822a5 |
+++ b/fence/agents/aws/fence_aws.py 2017-08-29 12:01:39.187348926 +0200
|
|
|
4822a5 |
@@ -0,0 +1,139 @@
|
|
|
4822a5 |
+#!/usr/bin/python -tt
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+import sys, re
|
|
|
4822a5 |
+import logging
|
|
|
4822a5 |
+import atexit
|
|
|
4822a5 |
+sys.path.append("/usr/share/fence")
|
|
|
4822a5 |
+from fencing import *
|
|
|
4822a5 |
+from fencing import fail, fail_usage, EC_TIMED_OUT, run_delay
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+try:
|
|
|
4822a5 |
+ import boto3
|
|
|
4822a5 |
+ from botocore.exceptions import ClientError, EndpointConnectionError, NoRegionError
|
|
|
4822a5 |
+except:
|
|
|
4822a5 |
+ pass
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+#BEGIN_VERSION_GENERATION
|
|
|
4822a5 |
+RELEASE_VERSION="Fence agent for AWS (Amazon Web Services)"
|
|
|
4822a5 |
+REDHAT_COPYRIGHT=""
|
|
|
4822a5 |
+BUILD_DATE=""
|
|
|
4822a5 |
+#END_VERSION_GENERATION
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+def get_nodes_list(conn, options):
|
|
|
4822a5 |
+ result = {}
|
|
|
4822a5 |
+ try:
|
|
|
4822a5 |
+ for instance in conn.instances.all():
|
|
|
4822a5 |
+ result[instance.id] = ("", None)
|
|
|
4822a5 |
+ except ClientError:
|
|
|
4822a5 |
+ fail_usage("Failed: Incorrect Access Key or Secret Key.")
|
|
|
4822a5 |
+ except EndpointConnectionError:
|
|
|
4822a5 |
+ fail_usage("Failed: Incorrect Region.")
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+ return result
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+def get_power_status(conn, options):
|
|
|
4822a5 |
+ try:
|
|
|
4822a5 |
+ instance = conn.instances.filter(Filters=[{"Name": "instance-id", "Values": [options["--plug"]]}])
|
|
|
4822a5 |
+ state = list(instance)[0].state["Name"]
|
|
|
4822a5 |
+ if state == "running":
|
|
|
4822a5 |
+ return "on"
|
|
|
4822a5 |
+ elif state == "stopped":
|
|
|
4822a5 |
+ return "off"
|
|
|
4822a5 |
+ else:
|
|
|
4822a5 |
+ return "unknown"
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+ except ClientError:
|
|
|
4822a5 |
+ fail_usage("Failed: Incorrect Access Key or Secret Key.")
|
|
|
4822a5 |
+ except EndpointConnectionError:
|
|
|
4822a5 |
+ fail_usage("Failed: Incorrect Region.")
|
|
|
4822a5 |
+ except IndexError:
|
|
|
4822a5 |
+ return "fail"
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+def set_power_status(conn, options):
|
|
|
4822a5 |
+ if (options["--action"]=="off"):
|
|
|
4822a5 |
+ conn.instances.filter(InstanceIds=[options["--plug"]]).stop(Force=True)
|
|
|
4822a5 |
+ elif (options["--action"]=="on"):
|
|
|
4822a5 |
+ conn.instances.filter(InstanceIds=[options["--plug"]]).start()
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+def define_new_opts():
|
|
|
4822a5 |
+ all_opt["region"] = {
|
|
|
4822a5 |
+ "getopt" : "r:",
|
|
|
4822a5 |
+ "longopt" : "region",
|
|
|
4822a5 |
+ "help" : "-r, --region=[name] Region, e.g. us-east-1",
|
|
|
4822a5 |
+ "shortdesc" : "Region.",
|
|
|
4822a5 |
+ "required" : "0",
|
|
|
4822a5 |
+ "order" : 2
|
|
|
4822a5 |
+ }
|
|
|
4822a5 |
+ all_opt["access_key"] = {
|
|
|
4822a5 |
+ "getopt" : "a:",
|
|
|
4822a5 |
+ "longopt" : "access-key",
|
|
|
4822a5 |
+ "help" : "-a, --access-key=[name] Access Key",
|
|
|
4822a5 |
+ "shortdesc" : "Access Key.",
|
|
|
4822a5 |
+ "required" : "0",
|
|
|
4822a5 |
+ "order" : 3
|
|
|
4822a5 |
+ }
|
|
|
4822a5 |
+ all_opt["secret_key"] = {
|
|
|
4822a5 |
+ "getopt" : "s:",
|
|
|
4822a5 |
+ "longopt" : "secret-key",
|
|
|
4822a5 |
+ "help" : "-s, --secret-key=[name] Secret Key",
|
|
|
4822a5 |
+ "shortdesc" : "Secret Key.",
|
|
|
4822a5 |
+ "required" : "0",
|
|
|
4822a5 |
+ "order" : 4
|
|
|
4822a5 |
+ }
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+# Main agent method
|
|
|
4822a5 |
+def main():
|
|
|
4822a5 |
+ conn = None
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+ device_opt = ["port", "no_password", "region", "access_key", "secret_key"]
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+ atexit.register(atexit_handler)
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+ define_new_opts()
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+ all_opt["power_timeout"]["default"] = "60"
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+ options = check_input(device_opt, process_input(device_opt))
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+ docs = {}
|
|
|
4822a5 |
+ docs["shortdesc"] = "Fence agent for AWS (Amazon Web Services)"
|
|
|
4822a5 |
+ docs["longdesc"] = "fence_aws is an I/O Fencing agent for AWS (Amazon Web\
|
|
|
4822a5 |
+Services). It uses the boto3 library to connect to AWS.\
|
|
|
4822a5 |
+\n.P\n\
|
|
|
4822a5 |
+boto3 can be configured with AWS CLI or by creating ~/.aws/credentials.\n\
|
|
|
4822a5 |
+For instructions see: https://boto3.readthedocs.io/en/latest/guide/quickstart.html#configuration"
|
|
|
4822a5 |
+ docs["vendorurl"] = "http://www.amazon.com"
|
|
|
4822a5 |
+ show_docs(options, docs)
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+ run_delay(options)
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+ if "--region" in options and "--access-key" in options and "--secret-key" in options:
|
|
|
4822a5 |
+ region = options["--region"]
|
|
|
4822a5 |
+ access_key = options["--access-key"]
|
|
|
4822a5 |
+ secret_key = options["--secret-key"]
|
|
|
4822a5 |
+ try:
|
|
|
4822a5 |
+ conn = boto3.resource('ec2', region_name=region,
|
|
|
4822a5 |
+ aws_access_key_id=access_key,
|
|
|
4822a5 |
+ aws_secret_access_key=secret_key)
|
|
|
4822a5 |
+ except NameError:
|
|
|
4822a5 |
+ fail_usage("Failed: boto3 Python library not available")
|
|
|
4822a5 |
+ except:
|
|
|
4822a5 |
+ fail_usage("Failed: Unable to connect to AWS. Check your configuration.")
|
|
|
4822a5 |
+ else:
|
|
|
4822a5 |
+ # If setup with "aws configure" or manually in
|
|
|
4822a5 |
+ # ~/.aws/credentials
|
|
|
4822a5 |
+ try:
|
|
|
4822a5 |
+ conn = boto3.resource('ec2')
|
|
|
4822a5 |
+ except NameError:
|
|
|
4822a5 |
+ fail_usage("Failed: boto3 Python library not available")
|
|
|
4822a5 |
+ except:
|
|
|
4822a5 |
+ # If any of region/access/secret are missing
|
|
|
4822a5 |
+ fail_usage("Failed: Unable to connect to AWS. Check your configuration.")
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+ # Operate the fencing device
|
|
|
4822a5 |
+ result = fence_action(conn, options, set_power_status, get_power_status, get_nodes_list)
|
|
|
4822a5 |
+ sys.exit(result)
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+if __name__ == "__main__":
|
|
|
4822a5 |
+ main()
|
|
|
4822a5 |
diff -uNr a/fence/agents/aws/Makefile.am b/fence/agents/aws/Makefile.am
|
|
|
4822a5 |
--- a/fence/agents/aws/Makefile.am 1970-01-01 01:00:00.000000000 +0100
|
|
|
4822a5 |
+++ b/fence/agents/aws/Makefile.am 2017-08-29 10:57:41.315547575 +0200
|
|
|
4822a5 |
@@ -0,0 +1,17 @@
|
|
|
4822a5 |
+MAINTAINERCLEANFILES = Makefile.in
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+TARGET = fence_aws
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+SRC = $(TARGET).py
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+EXTRA_DIST = $(SRC)
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+sbin_SCRIPTS = $(TARGET)
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+man_MANS = $(TARGET).8
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+FENCE_TEST_ARGS = -r test -a test -s test -n 1
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+include $(top_srcdir)/make/fencebuild.mk
|
|
|
4822a5 |
+include $(top_srcdir)/make/fenceman.mk
|
|
|
4822a5 |
+include $(top_srcdir)/make/agentpycheck.mk
|
|
|
4822a5 |
diff -uNr a/tests/data/metadata/fence_aws.xml b/tests/data/metadata/fence_aws.xml
|
|
|
4822a5 |
--- a/tests/data/metadata/fence_aws.xml 1970-01-01 01:00:00.000000000 +0100
|
|
|
4822a5 |
+++ b/tests/data/metadata/fence_aws.xml 2017-08-29 10:52:48.250543883 +0200
|
|
|
4822a5 |
@@ -0,0 +1,111 @@
|
|
|
4822a5 |
+
|
|
|
4822a5 |
+<resource-agent name="fence_aws" shortdesc="Fence agent for AWS (Amazon Web Services)" >
|
|
|
4822a5 |
+<longdesc>fence_aws is an I/O Fencing agent for AWS (Amazon WebServices). It uses the boto3 library to connect to AWS.
|
|
|
4822a5 |
+.P
|
|
|
4822a5 |
+boto3 can be configured with AWS CLI or by creating ~/.aws/credentials.
|
|
|
4822a5 |
+For instructions see: https://boto3.readthedocs.io/en/latest/guide/quickstart.html#configuration</longdesc>
|
|
|
4822a5 |
+<vendor-url>http://www.amazon.com</vendor-url>
|
|
|
4822a5 |
+<parameters>
|
|
|
4822a5 |
+ <parameter name="action" unique="0" required="1">
|
|
|
4822a5 |
+ <getopt mixed="-o, --action=[action]" />
|
|
|
4822a5 |
+ <content type="string" default="reboot" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Fencing Action</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="port" unique="0" required="1" deprecated="1">
|
|
|
4822a5 |
+ <getopt mixed="-n, --plug=[id]" />
|
|
|
4822a5 |
+ <content type="string" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Physical plug number, name of virtual machine or UUID</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="plug" unique="0" required="1" obsoletes="port">
|
|
|
4822a5 |
+ <getopt mixed="-n, --plug=[id]" />
|
|
|
4822a5 |
+ <content type="string" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Physical plug number, name of virtual machine or UUID</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="region" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="-r, --region=[name]" />
|
|
|
4822a5 |
+ <content type="string" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Region.</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="access_key" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="-a, --access-key=[name]" />
|
|
|
4822a5 |
+ <content type="string" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Access Key.</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="secret_key" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="-s, --secret-key=[name]" />
|
|
|
4822a5 |
+ <content type="string" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Secret Key.</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="verbose" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="-v, --verbose" />
|
|
|
4822a5 |
+ <content type="boolean" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Verbose mode</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="debug" unique="0" required="0" deprecated="1">
|
|
|
4822a5 |
+ <getopt mixed="-D, --debug-file=[debugfile]" />
|
|
|
4822a5 |
+ <content type="string" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Write debug information to given file</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="debug_file" unique="0" required="0" obsoletes="debug">
|
|
|
4822a5 |
+ <getopt mixed="-D, --debug-file=[debugfile]" />
|
|
|
4822a5 |
+ <content type="string" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Write debug information to given file</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="version" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="-V, --version" />
|
|
|
4822a5 |
+ <content type="boolean" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Display version information and exit</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="help" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="-h, --help" />
|
|
|
4822a5 |
+ <content type="boolean" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Display help and exit</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="separator" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="-C, --separator=[char]" />
|
|
|
4822a5 |
+ <content type="string" default="," />
|
|
|
4822a5 |
+ <shortdesc lang="en">Separator for CSV created by operation list</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="power_timeout" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="--power-timeout=[seconds]" />
|
|
|
4822a5 |
+ <content type="second" default="60" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Test X seconds for status change after ON/OFF</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="power_wait" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="--power-wait=[seconds]" />
|
|
|
4822a5 |
+ <content type="second" default="0" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Wait X seconds after issuing ON/OFF</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="shell_timeout" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="--shell-timeout=[seconds]" />
|
|
|
4822a5 |
+ <content type="second" default="3" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Wait X seconds for cmd prompt after issuing command</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="delay" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="--delay=[seconds]" />
|
|
|
4822a5 |
+ <content type="second" default="0" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Wait X seconds before fencing is started</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="login_timeout" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="--login-timeout=[seconds]" />
|
|
|
4822a5 |
+ <content type="second" default="5" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Wait X seconds for cmd prompt after login</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+ <parameter name="retry_on" unique="0" required="0">
|
|
|
4822a5 |
+ <getopt mixed="--retry-on=[attempts]" />
|
|
|
4822a5 |
+ <content type="integer" default="1" />
|
|
|
4822a5 |
+ <shortdesc lang="en">Count of attempts to retry power on</shortdesc>
|
|
|
4822a5 |
+ </parameter>
|
|
|
4822a5 |
+</parameters>
|
|
|
4822a5 |
+<actions>
|
|
|
4822a5 |
+ <action name="on" automatic="0"/>
|
|
|
4822a5 |
+ <action name="off" />
|
|
|
4822a5 |
+ <action name="reboot" />
|
|
|
4822a5 |
+ <action name="status" />
|
|
|
4822a5 |
+ <action name="list" />
|
|
|
4822a5 |
+ <action name="list-status" />
|
|
|
4822a5 |
+ <action name="monitor" />
|
|
|
4822a5 |
+ <action name="metadata" />
|
|
|
4822a5 |
+ <action name="validate-all" />
|
|
|
4822a5 |
+</actions>
|
|
|
4822a5 |
+</resource-agent>
|