brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ahgittin <...@git.apache.org>
Subject [GitHub] incubator-brooklyn pull request: Adds CreateUserPolicy
Date Wed, 15 Apr 2015 05:09:56 GMT
Github user ahgittin commented on a diff in the pull request:

    https://github.com/apache/incubator-brooklyn/pull/598#discussion_r28393735
  
    --- Diff: locations/jclouds/src/main/java/brooklyn/policy/vmcustomization/CreateUserPolicy.java
---
    @@ -0,0 +1,161 @@
    +/*
    + * Licensed to the Apache Software Foundation (ASF) under one
    + * or more contributor license agreements.  See the NOTICE file
    + * distributed with this work for additional information
    + * regarding copyright ownership.  The ASF licenses this file
    + * to you under the Apache License, Version 2.0 (the
    + * "License"); you may not use this file except in compliance
    + * with the License.  You may obtain a copy of the License at
    + *
    + *     http://www.apache.org/licenses/LICENSE-2.0
    + *
    + * Unless required by applicable law or agreed to in writing,
    + * software distributed under the License is distributed on an
    + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
    + * KIND, either express or implied.  See the License for the
    + * specific language governing permissions and limitations
    + * under the License.
    + */
    +package brooklyn.policy.vmcustomization;
    +
    +import java.util.List;
    +
    +import org.jclouds.compute.config.AdminAccessConfiguration;
    +import org.jclouds.scriptbuilder.functions.InitAdminAccess;
    +import org.jclouds.scriptbuilder.statements.login.AdminAccess;
    +import org.jclouds.scriptbuilder.statements.ssh.SshdConfig;
    +import org.slf4j.Logger;
    +import org.slf4j.LoggerFactory;
    +
    +import brooklyn.config.ConfigKey;
    +import brooklyn.entity.Entity;
    +import brooklyn.entity.basic.AbstractEntity;
    +import brooklyn.entity.basic.ConfigKeys;
    +import brooklyn.entity.basic.EntityInternal;
    +import brooklyn.entity.basic.EntityLocal;
    +import brooklyn.event.AttributeSensor;
    +import brooklyn.event.SensorEvent;
    +import brooklyn.event.SensorEventListener;
    +import brooklyn.event.basic.Sensors;
    +import brooklyn.location.Location;
    +import brooklyn.location.basic.SshMachineLocation;
    +import brooklyn.policy.basic.AbstractPolicy;
    +import brooklyn.util.flags.SetFromFlag;
    +import brooklyn.util.internal.ssh.SshTool;
    +import brooklyn.util.text.Identifiers;
    +
    +import com.google.common.collect.ImmutableList;
    +import com.google.common.collect.ImmutableMap;
    +
    +/**
    + * When attached to an entity, this will monitor for when an {@link SshMachineLocation}
is added to that entity
    + * (e.g. when a VM has been provisioned for it).
    + * 
    + * The policy will then (asynchronously) add a new user to the VM, with a randomly generated
password.
    + * The ssh details will be set as a sensor on the entity.
    + * 
    + * If this is used, it is strongly encouraged to tell users to change the password on
first login.
    + * 
    + * A preferred mechanism would be for an external key-management tool to generate ssh
key-pairs for
    + * the user, and for the public key to be passed to Brooklyn. However, there is not a
customer 
    + * requirement for that yet, so focusing on the password-approach.
    + */
    +public class CreateUserPolicy extends AbstractPolicy implements SensorEventListener<Location>
{
    +
    +    private static final Logger LOG = LoggerFactory.getLogger(CreateUserPolicy.class);
    +
    +    @SetFromFlag("user")
    +    public static final ConfigKey<String> VM_USERNAME = ConfigKeys.newStringConfigKey("createuser.vm.user.name");
    +
    +    @SetFromFlag("grantSudo")
    +    public static final ConfigKey<Boolean> GRANT_SUDO = ConfigKeys.newBooleanConfigKey(
    +            "createuser.vm.user.grantSudo",
    +            "Whether to give the new user sudo rights",
    +            false);
    +
    +    public static final AttributeSensor<String> VM_USER_CREDENTIALS = Sensors.newStringSensor("createuser.vm.user.credentials");
    --- End diff --
    
    aha it's the password, and for now nothing is configurable and keys not supported, though
those are an obvious functionality to add in the future.  suggest those as TODO items?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message