MAAS

src/provisioningserver/drivers/power/proxmox.py (+194/-0)
src/provisioningserver/drivers/power/registry.py (+3/-1)
src/provisioningserver/drivers/power/tests/test_proxmox.py (+419/-0)

Wishlist

Fix Released

Link a bug report

Reviewer	Review Type	Status
Lee Trager (community)		Approve on 2021-01-20
MAAS Lander	unittests	Pending
Review via email: mp+396618@code.launchpad.net

Commit message

LP: #1805799 - Add Proxmox power driver

Backport of 07ce9a2

Revision history for this message

Lee Trager (ltrager) on 2021-01-20:

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Lee Trager

MAAS Committers

Matvej Jurbin

Shane Holloman

 diff --git a/src/provisioningserver/drivers/power/proxmox.py b/src/provisioningserver/drivers/power/proxmox.py
 new file mode 100644
 index 0000000..c0e6ca1
 --- /dev/null
 +++ b/src/provisioningserver/drivers/power/proxmox.py
@@ -0,0 +1,194 @@
++# Copyright 2021 Canonical Ltd.  This software is licensed under the
++# GNU Affero General Public License version 3 (see the file LICENSE).
++
++"""Generic Proxmox Power Driver."""
++
++from io import BytesIO
++import json
++
++from twisted.internet.defer import inlineCallbacks, succeed
++from twisted.web.client import FileBodyProducer
++
++from provisioningserver.drivers import (
++    make_ip_extractor,
++    make_setting_field,
++    SETTING_SCOPE,
++)
++from provisioningserver.drivers.power import PowerActionError
++from provisioningserver.drivers.power.webhook import (
++    SSL_INSECURE_CHOICES,
++    SSL_INSECURE_NO,
++    WebhookPowerDriver,
++)
++from provisioningserver.utils.twisted import asynchronous
++
++
++class ProxmoxPowerDriver(WebhookPowerDriver):
++
++    name = "proxmox"
++    chassis = False
++    # XXX ltrager - 2021-01-11 - Support for probing and Pods could be added.
++    can_probe = False
++    description = "Proxmox"
++    settings = [
++        make_setting_field(
++            "power_address", "Proxmox host name or IP", required=True
++        ),
++        make_setting_field(
++            "power_user", "Proxmox username, including realm", required=True
++        ),
++        make_setting_field(
++            "power_pass",
++            "Proxmox password, required if a token name and secret aren't "
++            "given",
++            field_type="password",
++        ),
++        make_setting_field("power_token_name", "Proxmox API token name"),
++        make_setting_field(
++            "power_token_secret",
++            "Proxmox API token secret",
++            field_type="password",
++        ),
++        make_setting_field(
++            "power_vm_name", "Node ID", scope=SETTING_SCOPE.NODE
++        ),
++        make_setting_field(
++            "power_verify_ssl",
++            "Verify SSL connections with system CA certificates",
++            field_type="choice",
++            required=True,
++            choices=SSL_INSECURE_CHOICES,
++            default=SSL_INSECURE_NO,
++        ),
++    ]
++
++    ip_extractor = make_ip_extractor("power_address")
++
++    def _get_url(self, context, endpoint, params=None):
++        uri = f"https://{context['power_address']}:8006/api2/json/{endpoint}"
++        if params:
++            uri = "%s?%s" % (
++                uri,
++                "&".join([f"{key}={value}" for key, value in params.items()]),
++            )
++        return uri.encode()
++
++    def _login(self, system_id, context):
++        power_token_name = context.get("power_token_name")
++        if power_token_name:
++            if "!" not in power_token_name:
++                # The username must be included with the token name. Proxmox
++                # docs doesn't make this obvious and the UI includes it.
++                power_token_name = (
++                    f"{context['power_user']}!{power_token_name}"
++                )
++            return succeed(
++                {
++                    b"Authorization": [
++                        f"PVEAPIToken={power_token_name}="
++                        f"{context['power_token_secret']}".encode()
++                    ]
++                }
++            )
++
++        d = self._webhook_request(
++            b"POST",
++            self._get_url(context, "access/ticket"),
++            # Proxmox doesn't support basic HTTP authentication. Don't pass
++            # the context so an authorization header isn't created.
++            self._make_auth_headers(
++                system_id,
++                {},
++                {b"Content-Type": [b"application/json; charset=utf-8"]},
++            ),
++            context.get("power_verify_ssl") is True,
++            FileBodyProducer(
++                BytesIO(
++                    json.dumps(
++                        {
++                            "username": context["power_user"],
++                            "password": context["power_pass"],
++                        }
++                    ).encode()
++                )
++            ),
++        )
++
++        def cb(response_data):
++            parsed_data = json.loads(response_data)
++            return {
++                b"Cookie": [
++                    f"PVEAuthCookie={parsed_data['data']['ticket']}".encode()
++                ],
++                b"CSRFPreventionToken": [
++                    parsed_data["data"]["CSRFPreventionToken"].encode()
++                ],
++            }
++
++        d.addCallback(cb)
++        return d
++
++    def _find_vm(self, system_id, context, extra_headers):
++        power_vm_name = context["power_vm_name"]
++        d = self._webhook_request(
++            b"GET",
++            self._get_url(context, "cluster/resources", {"type": "vm"}),
++            self._make_auth_headers(system_id, {}, extra_headers),
++            context.get("power_verify_ssl") is True,
++        )
++
++        def cb(response_data):
++            parsed_data = json.loads(response_data)
++            for vm in parsed_data["data"]:
++                if power_vm_name in (str(vm.get("vmid")), vm.get("name")):
++                    return vm
++            raise PowerActionError("Unable to find virtual machine")
++
++        d.addCallback(cb)
++        return d
++
++    @asynchronous
++    @inlineCallbacks
++    def power_on(self, system_id, context):
++        extra_headers = yield self._login(system_id, context)
++        vm = yield self._find_vm(system_id, context, extra_headers)
++        if vm["status"] != "running":
++            yield self._webhook_request(
++                b"POST",
++                self._get_url(
++                    context,
++                    f"nodes/{vm['node']}/{vm['type']}/{vm['vmid']}/"
++                    "status/start",
++                ),
++                self._make_auth_headers(system_id, {}, extra_headers),
++                context.get("power_verify_ssl") is True,
++            )
++
++    @asynchronous
++    @inlineCallbacks
++    def power_off(self, system_id, context):
++        extra_headers = yield self._login(system_id, context)
++        vm = yield self._find_vm(system_id, context, extra_headers)
++        if vm["status"] != "stopped":
++            yield self._webhook_request(
++                b"POST",
++                self._get_url(
++                    context,
++                    f"nodes/{vm['node']}/{vm['type']}/{vm['vmid']}/"
++                    "status/stop",
++                ),
++                self._make_auth_headers(system_id, {}, extra_headers),
++                context.get("power_verify_ssl") is True,
++            )
++
++    @asynchronous
++    @inlineCallbacks
++    def power_query(self, system_id, context):
++        extra_headers = yield self._login(system_id, context)
++        vm = yield self._find_vm(system_id, context, extra_headers)
++        if vm["status"] == "running":
++            return "on"
++        elif vm["status"] == "stopped":
++            return "off"
++        else:
++            return "unknown"
 diff --git a/src/provisioningserver/drivers/power/registry.py b/src/provisioningserver/drivers/power/registry.py
 index 91baa68..5eb0b66 100644
 --- a/src/provisioningserver/drivers/power/registry.py
 +++ b/src/provisioningserver/drivers/power/registry.py
@@ -1,4 +1,4 @@
--# Copyright 2017-2020 Canonical Ltd.  This software is licensed under the
++# Copyright 2017-2021 Canonical Ltd.  This software is licensed under the
  # GNU Affero General Public License version 3 (see the file LICENSE).
  """Load all power drivers."""
@@ -20,6 +20,7 @@ from provisioningserver.drivers.power.mscm import MSCMPowerDriver
  from provisioningserver.drivers.power.msftocs import MicrosoftOCSPowerDriver
  from provisioningserver.drivers.power.nova import NovaPowerDriver
  from provisioningserver.drivers.power.openbmc import OpenBMCPowerDriver
++from provisioningserver.drivers.power.proxmox import ProxmoxPowerDriver
  from provisioningserver.drivers.power.recs import RECSPowerDriver
  from provisioningserver.drivers.power.redfish import RedfishPowerDriver
  from provisioningserver.drivers.power.seamicro import SeaMicroPowerDriver
@@ -61,6 +62,7 @@ power_drivers = [
      MicrosoftOCSPowerDriver(),
      NovaPowerDriver(),
      OpenBMCPowerDriver(),
++    ProxmoxPowerDriver(),
      RECSPowerDriver(),
      RedfishPowerDriver(),
      SeaMicroPowerDriver(),
 diff --git a/src/provisioningserver/drivers/power/tests/test_proxmox.py b/src/provisioningserver/drivers/power/tests/test_proxmox.py
 new file mode 100644
 index 0000000..7c32b78
 --- /dev/null
 +++ b/src/provisioningserver/drivers/power/tests/test_proxmox.py
@@ -0,0 +1,419 @@
++# Copyright 2021 Canonical Ltd.  This software is licensed under the
++# GNU Affero General Public License version 3 (see the file LICENSE).
++
++"""Tests for `provisioningserver.drivers.power.proxmox`."""
++import json
++import random
++from unittest.mock import ANY
++
++from testtools import ExpectedException
++from twisted.internet.defer import inlineCallbacks, succeed
++
++from maastesting.factory import factory
++from maastesting.matchers import MockCalledOnceWith, MockNotCalled
++from maastesting.testcase import MAASTestCase, MAASTwistedRunTest
++from provisioningserver.drivers.power import PowerActionError
++import provisioningserver.drivers.power.proxmox as proxmox_module
++
++
++class TestProxmoxPowerDriver(MAASTestCase):
++
++    run_tests_with = MAASTwistedRunTest.make_factory(timeout=5)
++
++    def setUp(self):
++        super().setUp()
++        self.proxmox = proxmox_module.ProxmoxPowerDriver()
++        self.mock_webhook_request = self.patch(
++            self.proxmox, "_webhook_request"
++        )
++
++    def test_get_url(self):
++        power_address = factory.make_name("power_address")
++        endpoint = factory.make_name("endpoint")
++        self.assertEqual(
++            f"https://{power_address}:8006/api2/json/{endpoint}".encode(),
++            self.proxmox._get_url({"power_address": power_address}, endpoint),
++        )
++
++    def test_get_url_params(self):
++        power_address = factory.make_name("power_address")
++        endpoint = factory.make_name("endpoint")
++        params = {
++            factory.make_name("key"): factory.make_name("value")
++            for _ in range(3)
++        }
++        params_str = "&".join(
++            [f"{key}={value}" for key, value in params.items()]
++        )
++        self.assertEqual(
++            f"https://{power_address}:8006/api2/json/{endpoint}?{params_str}".encode(),
++            self.proxmox._get_url(
++                {"power_address": power_address}, endpoint, params
++            ),
++        )
++
++    @inlineCallbacks
++    def test_login(self):
++        system_id = factory.make_name("system_id")
++        context = {
++            "power_address": factory.make_name("power_address"),
++            "power_user": factory.make_name("power_user"),
++            "power_pass": factory.make_name("power_pass"),
++        }
++        ticket = factory.make_name("ticket")
++        token = factory.make_name("token")
++        self.mock_webhook_request.return_value = succeed(
++            json.dumps(
++                {
++                    "data": {
++                        "ticket": ticket,
++                        "CSRFPreventionToken": token,
++                    }
++                }
++            )
++        )
++
++        extra_headers = yield self.proxmox._login(system_id, context)
++
++        self.assertEqual(
++            {
++                b"Cookie": [f"PVEAuthCookie={ticket}".encode()],
++                b"CSRFPreventionToken": [token.encode()],
++            },
++            extra_headers,
++        )
++        self.assertThat(
++            self.mock_webhook_request,
++            MockCalledOnceWith(
++                b"POST",
++                self.proxmox._get_url(context, "access/ticket"),
++                self.proxmox._make_auth_headers(
++                    system_id,
++                    {},
++                    {b"Content-Type": [b"application/json; charset=utf-8"]},
++                ),
++                False,
++                # unittest doesn't know how to compare FileBodyProducer
++                ANY,
++            ),
++        )
++
++    @inlineCallbacks
++    def test_login_uses_api_token(self):
++        system_id = factory.make_name("system_id")
++        power_user = factory.make_name("power_user")
++        context = {
++            "power_address": factory.make_name("power_address"),
++            "power_user": power_user,
++            "power_pass": factory.make_name("power_pass"),
++            "power_token_name": f"{power_user}!{factory.make_name('power_token_name')}",
++            "power_token_secret": factory.make_name("power_token_secret"),
++        }
++
++        extra_headers = yield self.proxmox._login(system_id, context)
++
++        self.assertEqual(
++            {
++                b"Authorization": [
++                    f"PVEAPIToken={context['power_token_name']}="
++                    f"{context['power_token_secret']}".encode()
++                ]
++            },
++            extra_headers,
++        )
++        self.assertThat(self.mock_webhook_request, MockNotCalled())
++
++    @inlineCallbacks
++    def test_login_uses_api_token_adds_username(self):
++        system_id = factory.make_name("system_id")
++        context = {
++            "power_address": factory.make_name("power_address"),
++            "power_user": factory.make_name("power_user"),
++            "power_pass": factory.make_name("power_pass"),
++            "power_token_name": factory.make_name("power_token_name"),
++            "power_token_secret": factory.make_name("power_token_secret"),
++        }
++
++        extra_headers = yield self.proxmox._login(system_id, context)
++
++        self.assertEqual(
++            {
++                b"Authorization": [
++                    f"PVEAPIToken={context['power_user']}!"
++                    f"{context['power_token_name']}="
++                    f"{context['power_token_secret']}".encode()
++                ]
++            },
++            extra_headers,
++        )
++        self.assertThat(self.mock_webhook_request, MockNotCalled())
++
++    @inlineCallbacks
++    def test_find_vm(self):
++        system_id = factory.make_name("system_id")
++        context = {
++            "power_address": factory.make_name("power_address"),
++            "power_vm_name": factory.make_name("power_vm_name"),
++        }
++        vm = {random.choice(["vmid", "name"]): context["power_vm_name"]}
++        extra_headers = {
++            factory.make_name("key").encode(): [
++                factory.make_name("value").encode()
++            ]
++            for _ in range(3)
++        }
++        self.mock_webhook_request.return_value = succeed(
++            json.dumps({"data": [vm]})
++        )
++
++        found_vm = yield self.proxmox._find_vm(
++            system_id, context, extra_headers
++        )
++
++        self.assertEqual(vm, found_vm)
++        self.assertThat(
++            self.mock_webhook_request,
++            MockCalledOnceWith(
++                b"GET",
++                self.proxmox._get_url(
++                    context, "cluster/resources", {"type": "vm"}
++                ),
++                self.proxmox._make_auth_headers(system_id, {}, extra_headers),
++                False,
++            ),
++        )
++
++    @inlineCallbacks
++    def test_find_vm_doesnt_find_vm(self):
++        system_id = factory.make_name("system_id")
++        context = {
++            "power_address": factory.make_name("power_address"),
++            "power_vm_name": factory.make_name("power_vm_name"),
++        }
++        vm = {
++            random.choice(["vmid", "name"]): factory.make_name(
++                "another_power_vm_name"
++            )
++        }
++        extra_headers = {
++            factory.make_name("key").encode(): [
++                factory.make_name("value").encode()
++            ]
++            for _ in range(3)
++        }
++        self.mock_webhook_request.return_value = succeed(
++            json.dumps({"data": [vm]})
++        )
++
++        with ExpectedException(PowerActionError):
++            yield self.proxmox._find_vm(system_id, context, extra_headers)
++        self.assertThat(
++            self.mock_webhook_request,
++            MockCalledOnceWith(
++                b"GET",
++                self.proxmox._get_url(
++                    context, "cluster/resources", {"type": "vm"}
++                ),
++                self.proxmox._make_auth_headers(system_id, {}, extra_headers),
++                False,
++            ),
++        )
++
++    @inlineCallbacks
++    def test_power_on(self):
++        system_id = factory.make_name("system_id")
++        context = {"power_address": factory.make_name("power_address")}
++        extra_headers = {
++            factory.make_name("key").encode(): [
++                factory.make_name("value").encode()
++            ]
++            for _ in range(3)
++        }
++        vm = {
++            "node": factory.make_name("node"),
++            "type": factory.make_name("type"),
++            "vmid": factory.make_name("vmid"),
++            "status": "stopped",
++        }
++        self.patch(self.proxmox, "_login").return_value = succeed(
++            extra_headers
++        )
++        self.patch(self.proxmox, "_find_vm").return_value = succeed(vm)
++
++        yield self.proxmox.power_on(system_id, context)
++
++        self.assertThat(
++            self.mock_webhook_request,
++            MockCalledOnceWith(
++                b"POST",
++                self.proxmox._get_url(
++                    context,
++                    f"nodes/{vm['node']}/{vm['type']}/{vm['vmid']}/"
++                    "status/start",
++                ),
++                self.proxmox._make_auth_headers(system_id, {}, extra_headers),
++                False,
++            ),
++        )
++
++    @inlineCallbacks
++    def test_power_on_not_called_if_on(self):
++        system_id = factory.make_name("system_id")
++        context = {"power_address": factory.make_name("power_address")}
++        extra_headers = {
++            factory.make_name("key").encode(): [
++                factory.make_name("value").encode()
++            ]
++            for _ in range(3)
++        }
++        vm = {
++            "node": factory.make_name("node"),
++            "type": factory.make_name("type"),
++            "vmid": factory.make_name("vmid"),
++            "status": "running",
++        }
++        self.patch(self.proxmox, "_login").return_value = succeed(
++            extra_headers
++        )
++        self.patch(self.proxmox, "_find_vm").return_value = succeed(vm)
++
++        yield self.proxmox.power_on(system_id, context)
++
++        self.assertThat(self.mock_webhook_request, MockNotCalled())
++
++    @inlineCallbacks
++    def test_power_off(self):
++        system_id = factory.make_name("system_id")
++        context = {"power_address": factory.make_name("power_address")}
++        extra_headers = {
++            factory.make_name("key").encode(): [
++                factory.make_name("value").encode()
++            ]
++            for _ in range(3)
++        }
++        vm = {
++            "node": factory.make_name("node"),
++            "type": factory.make_name("type"),
++            "vmid": factory.make_name("vmid"),
++            "status": "running",
++        }
++        self.patch(self.proxmox, "_login").return_value = succeed(
++            extra_headers
++        )
++        self.patch(self.proxmox, "_find_vm").return_value = succeed(vm)
++
++        yield self.proxmox.power_off(system_id, context)
++
++        self.assertThat(
++            self.mock_webhook_request,
++            MockCalledOnceWith(
++                b"POST",
++                self.proxmox._get_url(
++                    context,
++                    f"nodes/{vm['node']}/{vm['type']}/{vm['vmid']}/"
++                    "status/stop",
++                ),
++                self.proxmox._make_auth_headers(system_id, {}, extra_headers),
++                False,
++            ),
++        )
++
++    @inlineCallbacks
++    def test_power_off_not_called_if_off(self):
++        system_id = factory.make_name("system_id")
++        context = {"power_address": factory.make_name("power_address")}
++        extra_headers = {
++            factory.make_name("key").encode(): [
++                factory.make_name("value").encode()
++            ]
++            for _ in range(3)
++        }
++        vm = {
++            "node": factory.make_name("node"),
++            "type": factory.make_name("type"),
++            "vmid": factory.make_name("vmid"),
++            "status": "stopped",
++        }
++        self.patch(self.proxmox, "_login").return_value = succeed(
++            extra_headers
++        )
++        self.patch(self.proxmox, "_find_vm").return_value = succeed(vm)
++
++        yield self.proxmox.power_off(system_id, context)
++
++        self.assertThat(self.mock_webhook_request, MockNotCalled())
++
++    @inlineCallbacks
++    def test_power_query_on(self):
++        system_id = factory.make_name("system_id")
++        context = {"power_address": factory.make_name("power_address")}
++        extra_headers = {
++            factory.make_name("key").encode(): [
++                factory.make_name("value").encode()
++            ]
++            for _ in range(3)
++        }
++        vm = {
++            "node": factory.make_name("node"),
++            "type": factory.make_name("type"),
++            "vmid": factory.make_name("vmid"),
++            "status": "running",
++        }
++        self.patch(self.proxmox, "_login").return_value = succeed(
++            extra_headers
++        )
++        self.patch(self.proxmox, "_find_vm").return_value = succeed(vm)
++
++        status = yield self.proxmox.power_query(system_id, context)
++
++        self.assertEqual("on", status)
++
++    @inlineCallbacks
++    def test_power_query_off(self):
++        system_id = factory.make_name("system_id")
++        context = {"power_address": factory.make_name("power_address")}
++        extra_headers = {
++            factory.make_name("key").encode(): [
++                factory.make_name("value").encode()
++            ]
++            for _ in range(3)
++        }
++        vm = {
++            "node": factory.make_name("node"),
++            "type": factory.make_name("type"),
++            "vmid": factory.make_name("vmid"),
++            "status": "stopped",
++        }
++        self.patch(self.proxmox, "_login").return_value = succeed(
++            extra_headers
++        )
++        self.patch(self.proxmox, "_find_vm").return_value = succeed(vm)
++
++        status = yield self.proxmox.power_query(system_id, context)
++
++        self.assertEqual("off", status)
++
++    @inlineCallbacks
++    def test_power_query_unknown(self):
++        system_id = factory.make_name("system_id")
++        context = {"power_address": factory.make_name("power_address")}
++        extra_headers = {
++            factory.make_name("key").encode(): [
++                factory.make_name("value").encode()
++            ]
++            for _ in range(3)
++        }
++        vm = {
++            "node": factory.make_name("node"),
++            "type": factory.make_name("type"),
++            "vmid": factory.make_name("vmid"),
++            "status": factory.make_name("status"),
++        }
++        self.patch(self.proxmox, "_login").return_value = succeed(
++            extra_headers
++        )
++        self.patch(self.proxmox, "_find_vm").return_value = succeed(vm)
++
++        status = yield self.proxmox.power_query(system_id, context)
++
++        self.assertEqual("unknown", status)

MAAS

Merge ~ltrager/maas:proxmox_2.9 into maas:2.9

Commit message

Description of the change

Preview Diff

Subscribers