LXD Provision by Yaml

From UVOO Tech Wiki
Revision as of 19:36, 4 November 2021 by Busk (talk | contribs) (Created page with "``` import yaml # pyyaml from yaml import load, dump from subprocess import Popen, PIPE import time try: from yaml import CLoader as Loader, CDumper as Dumper except Imp...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search 
import yaml  # pyyaml
from yaml import load, dump
from subprocess import Popen, PIPE
import time

try:
    from yaml import CLoader as Loader, CDumper as Dumper
except ImportError:
    from yaml import Loader, Dumper

with open(r'config.yml') as f:
    config = yaml.safe_load(f)


def create_container(c):
    lxd_ipv4 = config['lxd']['ipv4']
    lxd_bridge = config['lxd']['bridge']
    authorized_keys = c['authorized_keys']
    image = c['image']
    name = c['name']
    proxy = c['proxy']
    ipv4 = c['ipv4']
    process = Popen(['lxc', 'init', image, name], stdout=PIPE, stderr=PIPE)
    stdout, stderr = process.communicate()
    # if len(stdout.decode()) != 0:
    #     print(stdout.decode())

    process = Popen(['lxc', 'network', 'attach', lxd_bridge, name, 'eth0', 'eth0'], stdout=PIPE, stderr=PIPE)
    stdout, stderr = process.communicate()
    if len(stdout.decode()) != 0:
        print(stdout.decode())

    process = Popen(['lxc', 'config', 'device', 'set', name, 'eth0', 'ipv4.address', ipv4], stdout=PIPE, stderr=PIPE)
    stdout, stderr = process.communicate()
    if len(stdout.decode()) != 0:
        print(stdout.decode())

    for p in proxy:
        src_port = p.split(':')[0]
        dst_port = p.split(':')[1]
        process = Popen(['lxc', 'config', 'device', 'add', name, f'proxy4_tcp{dst_port}', 'proxy', 'nat=true', f'listen=tcp:{lxd_ipv4}:{src_port}', f'connect=tcp:0.0.0.0:{dst_port}'], stdout=PIPE, stderr=PIPE)
        stdout, stderr = process.communicate()
        if len(stdout.decode()) != 0:
            print(stdout.decode())

    process = Popen(['lxc', 'start', name], stdout=PIPE, stderr=PIPE)
    stdout, stderr = process.communicate()
    if len(stdout.decode()) != 0:
        print(stdout.decode())
    process = Popen(['lxc', 'exec', name, '--', 'bash', '-c', 'while [ ! -d /root ]; do sleep 2; done'], stdout=PIPE, stderr=PIPE)
    stdout, stderr = process.communicate()
    if "centos" in image.lower() or "rhel" in image.lower():
        process = Popen(['lxc', 'exec', name, '--', 'bash', '-c', 'if [ ! -d /root/.ssh ]; then mkdir -p /root/.ssh; fi'], stdout=PIPE, stderr=PIPE)
        stdout, stderr = process.communicate()
        process = Popen(['lxc', 'exec', name, '--', 'bash', '-c', 'if [ ! -f /root/.ssh/authorized_keys ]; then touch /root/.ssh/authorized_keys; fi'], stdout=PIPE, stderr=PIPE)
        stdout, stderr = process.communicate()

    process = Popen(['lxc', 'exec', name, '--', 'bash', '-c', 'while [ ! -f /root/.ssh/authorized_keys ]; do sleep 2; done'], stdout=PIPE, stderr=PIPE)
    stdout, stderr = process.communicate()

    for authorized_key in authorized_keys:
        process = Popen(['lxc', 'exec', name, '--', 'bash', '-c', f'grep \"{authorized_key}\" /root/.ssh/authorized_keys || echo {authorized_key} >> /root/.ssh/authorized_keys'], stdout=PIPE, stderr=PIPE)
        stdout, stderr = process.communicate()
        # print(stdout.decode(), stderr.decode())
    # print(f"Successfully created container {name}.")


def list_containers():
    process = Popen(['lxc', 'list'], stdout=PIPE, stderr=PIPE)
    stdout, stderr = process.communicate()
    print(stdout.decode())


def main():
    for container_name in config['containers']:
        container = config['containers'][container_name]
        create_container(container)
    list_containers()


if __name__ == "__main__":
    main()
Retrieved from "https://tech.uvoo.io/index.php?title=LXD_Provision_by_Yaml&oldid=2403"