def smart_config(conf):
# list existing compute nodes
json_conf = jsonutils.load(open(conf))
compute_nodes = json_conf['compute']
network_controllers = json_conf['network']
for c in compute_nodes:
print("[+]\tFound Compute {}".format(c))
for c in network_controllers:
print("[+]\tFound Network {}".format(c))
# create a role and user per compute node and per network node
for compute_node, param in compute_nodes.items():
rolename = param['role']
username = param['username']
password = param['password']
create_role(rolename)
create_user(username, password)
set_user_role(username, rolename)
print("[+] creating user '{}', role '{}'".format(
username, rolename))
# PERMISSIONS
set_role_permission(
rolename,
"/networking-vpp/nodes/{}/*".format(compute_node), "read")
set_role_permission(
rolename,
"/networking-vpp/state/{}/*".format(compute_node), "readwrite")
for network_controller, param in network_controllers.items():
rolename = param['role']
username = param['username']
password = param['password']
create_role(rolename)
create_user(username, password)
print("[+] creating user '{}', role '{}'".format(
username, rolename))
set_user_role(username, rolename)
# PERMISSION
set_role_permission(
rolename,
"/networking-vpp/nodes/*", "readwrite")
set_role_permission(
rolename,
"/networking-vpp/state/*", "read")
if click.confirm('Enable ETCD authentication ?'):
print("[*] Enabling ETCD authentication")
enable_authentication()
评论列表
文章目录
