Add remote SSH-based command handling

This commit is contained in:
Joshua Boniface 2018-10-27 17:51:03 -04:00
parent 9f87321f10
commit b65472aa83
1 changed files with 31 additions and 0 deletions

View File

@ -24,6 +24,10 @@ import uuid
import lxml
import math
import kazoo.client
import paramiko
import hashlib
import dns.resolver
import dns.flags
import client_lib.zkhandler as zkhandler
@ -298,3 +302,30 @@ def findTargetNodeVMs(zk_conn, dom_uuid):
target_node = node
return target_node
# Connect to the primary host and run a command
def runRemoteCommand(node, command, become=False):
# Support doing SSHFP checks
class DnssecPolicy(paramiko.client.MissingHostKeyPolicy):
def missing_host_key(self, client, hostname, key):
sshfp_expect = hashlib.sha1(key.asbytes()).hexdigest()
ans = dns.resolver.query(hostname, 'SSHFP')
if not ans.response.flags & dns.flags.DO:
raise AssertionError('Answer is not DNSSEC signed')
for answer in ans.response.answer:
for item in answer.items:
if sshfp_expect in item.to_text():
client._log(paramiko.common.DEBUG, 'Found {} in SSHFP for host {}'.format(key.get_name(), hostname))
return
raise AssertionError('SSHFP not published in DNS')
if become:
command = 'sudo ' + command
ssh_client = paramiko.client.SSHClient()
ssh_client.load_system_host_keys()
ssh_client.set_missing_host_key_policy(DnssecPolicy())
#ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh_client.connect(node)
stdin, stdout, stderr = ssh_client.exec_command(command)
return stdout.read().decode('ascii').rstrip(), stderr.read().decode('ascii').rstrip()