Merge pull request #508 from inno-cloudbarista/feature/azure-cspkey

[Azure] - Local 키페어 관리 로직 제거 (이슈 #480)
cloud-barista · Nov 3, 2021 · 7c096cc · 7c096cc
2 parents 970e009 + a52d83b
commit 7c096cc
Show file tree

Hide file tree

Showing 5 changed files with 222 additions and 184 deletions.
diff --git a/cloud-control-manager/cloud-driver/drivers/azure/AzureDriver.go b/cloud-control-manager/cloud-driver/drivers/azure/AzureDriver.go
@@ -110,6 +110,10 @@ func (driver *AzureDriver) ConnectCloud(connectionInfo idrv.ConnectionInfo) (ico
 	if err != nil {
 		return nil, err
 	}
+	Ctx, sshKeyClient, err := getSshKeyClient(connectionInfo.CredentialInfo)
+	if err != nil {
+		return nil, err
+	}
 
 	iConn := azcon.AzureCloudConnection{
 		CredentialInfo:      connectionInfo.CredentialInfo,
@@ -126,6 +130,7 @@ func (driver *AzureDriver) ConnectCloud(connectionInfo idrv.ConnectionInfo) (ico
 		VMImageClient:       VMImageClient,
 		DiskClient:          DiskClient,
 		VmSpecClient:        VmSpecClient,
+		SshKeyClient:        sshKeyClient,
 	}
 	return &iConn, nil
 }
@@ -269,6 +274,20 @@ func getSubnetClient(credential idrv.CredentialInfo) (context.Context, *network.
 	return ctx, &subnetClient, nil
 }
 
+func getSshKeyClient(credential idrv.CredentialInfo) (context.Context, *compute.SSHPublicKeysClient, error) {
+	config := auth.NewClientCredentialsConfig(credential.ClientId, credential.ClientSecret, credential.TenantId)
+	authorizer, err := config.Authorizer()
+	if err != nil {
+		return nil, nil, err
+	}
+
+	sshClientClient := compute.NewSSHPublicKeysClient(credential.SubscriptionId)
+	sshClientClient.Authorizer = authorizer
+	ctx, _ := context.WithTimeout(context.Background(), cspTimeout*time.Second)
+
+	return ctx, &sshClientClient, nil
+}
+
 func getVMImageClient(credential idrv.CredentialInfo) (context.Context, *compute.VirtualMachineImagesClient, error) {
 	config := auth.NewClientCredentialsConfig(credential.ClientId, credential.ClientSecret, credential.TenantId)
 	authorizer, err := config.Authorizer()
@@ -310,4 +329,3 @@ func getVmSpecClient(credential idrv.CredentialInfo) (context.Context, *compute.
 
 	return ctx, &vmSpecClient, nil
 }
-
diff --git a/cloud-control-manager/cloud-driver/drivers/azure/connect/Azure_CloudConnection.go b/cloud-control-manager/cloud-driver/drivers/azure/connect/Azure_CloudConnection.go
@@ -43,6 +43,7 @@ type AzureCloudConnection struct {
 	SubnetClient        *network.SubnetsClient
 	DiskClient          *compute.DisksClient
 	VmSpecClient        *compute.VirtualMachineSizesClient
+	SshKeyClient        *compute.SSHPublicKeysClient
 }
 
 func (cloudConn *AzureCloudConnection) CreateImageHandler() (irs.ImageHandler, error) {
@@ -71,7 +72,7 @@ func (cloudConn *AzureCloudConnection) CreateSecurityHandler() (irs.SecurityHand
 
 func (cloudConn *AzureCloudConnection) CreateKeyPairHandler() (irs.KeyPairHandler, error) {
 	cblogger.Info("Azure Cloud Driver: called CreateKeyPairHandler()!")
-	keypairHandler := azrs.AzureKeyPairHandler{cloudConn.CredentialInfo, cloudConn.Region}
+	keypairHandler := azrs.AzureKeyPairHandler{cloudConn.CredentialInfo, cloudConn.Region, cloudConn.Ctx, cloudConn.SshKeyClient}
 	return &keypairHandler, nil
 }
 
@@ -98,6 +99,7 @@ func (cloudConn *AzureCloudConnection) CreateVMHandler() (irs.VMHandler, error)
 		NicClient:      cloudConn.VNicClient,
 		PublicIPClient: cloudConn.PublicIPClient,
 		DiskClient:     cloudConn.DiskClient,
+		SshKeyClient:   cloudConn.SshKeyClient,
 	}
 	return &vmHandler, nil
 }

diff --git a/cloud-control-manager/cloud-driver/drivers/azure/resources/CommonAzureFunc.go b/cloud-control-manager/cloud-driver/drivers/azure/resources/CommonAzureFunc.go
@@ -1,11 +1,10 @@
 package resources
 
 import (
-	"crypto/md5"
+	"errors"
 	"fmt"
-	"io"
-	"io/ioutil"
-	"os"
+	irs "github.com/cloud-barista/cb-spider/cloud-control-manager/cloud-driver/interfaces/resources"
+	"strings"
 	"sync"
 	"time"
 
@@ -21,8 +20,6 @@ const (
 	CBVirutalNetworkName = "CB-VNet"
 	CBVnetDefaultCidr    = "130.0.0.0/16"
 	CBVMUser             = "cb-user"
-	// by powerkim, 2019.10.30
-	CBKeyPairPath = "/meta_db/.ssh-azure/"
 )
 
 var once sync.Once
@@ -90,49 +87,6 @@ func GetCallLogScheme(region idrv.RegionInfo, resourceType call.RES_TYPE, resour
 	return &subnetCIDR, nil
 }*/
 
-// KeyPair 해시 생성 함수
-func CreateHashString(credentialInfo idrv.CredentialInfo) (string, error) {
-	keyString := credentialInfo.ClientId + credentialInfo.ClientSecret + credentialInfo.TenantId + credentialInfo.SubscriptionId
-	hasher := md5.New()
-	_, err := io.WriteString(hasher, keyString)
-	if err != nil {
-		return "", err
-	}
-	return fmt.Sprintf("%x", hasher.Sum(nil)), nil
-}
-
-// Public KeyPair 정보 가져오기
-func GetPublicKey(credentialInfo idrv.CredentialInfo, keyPairName string) (string, error) {
-	keyPairPath := os.Getenv("CBSPIDER_ROOT") + CBKeyPairPath
-	hashString, err := CreateHashString(credentialInfo)
-	if err != nil {
-		return "", err
-	}
-
-	publicKeyPath := keyPairPath + hashString + "--" + keyPairName + ".pub"
-	publicKeyBytes, err := ioutil.ReadFile(publicKeyPath)
-	if err != nil {
-		return "", err
-	}
-	return string(publicKeyBytes), nil
-}
-
-// Private KeyPair 정보 가져오기
-/*func GetPrivateKey(credentialInfo idrv.CredentialInfo, keyPairName string) (string, error) {
-	keyPairPath := os.Getenv("CBSPIDER_ROOT") + CBKeyPairPath
-	hashString, err := CreateHashString(credentialInfo)
-	if err != nil {
-		return "", err
-	}
-
-	privateKeyPath := keyPairPath + hashString + "--" + keyPairName + ".ppk"
-	privateKeyBytes, err := ioutil.ReadFile(privateKeyPath)
-	if err != nil {
-		return "", err
-	}
-	return string(privateKeyBytes), nil
-}*/
-
 func GetVNicIdByName(credentialInfo idrv.CredentialInfo, regionInfo idrv.RegionInfo, vNicName string) string {
 	return fmt.Sprintf("/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/networkInterfaces/%s", credentialInfo.SubscriptionId, regionInfo.ResourceGroup, vNicName)
 }
@@ -142,6 +96,27 @@ func GetPublicIPIdByName(credentialInfo idrv.CredentialInfo, regionInfo idrv.Reg
 }
 
 func GetSecGroupIdByName(credentialInfo idrv.CredentialInfo, regionInfo idrv.RegionInfo, secGroupName string) string {
-	//   "SecurityGroupIds": ["/subscriptions/cb592624-b77b-4a8f-bb13-0e5a48cae40f/resourceGroups/CB-GROUP/providers/Microsoft.Network/networkSecurityGroups/CB-SecGroup"],
 	return fmt.Sprintf("/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/networkSecurityGroups/%s", credentialInfo.SubscriptionId, regionInfo.ResourceGroup, secGroupName)
 }
+
+func GetSshKeyIdByName(credentialInfo idrv.CredentialInfo, regionInfo idrv.RegionInfo, keyName string) string{
+	return fmt.Sprintf("/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Compute/sshPublicKeys/%s", credentialInfo.SubscriptionId, regionInfo.ResourceGroup, keyName)
+}
+
+func GetSshKeyNameById(sshId string) (string, error){
+	slice := strings.Split(sshId, "/")
+	sliceLen := len(slice)
+	for index,item := range slice{
+		if item == "sshPublicKeys" && sliceLen > index + 1 {
+			return slice[index + 1], nil
+		}
+	}
+	return "", errors.New(fmt.Sprintf("Invalid ResourceName"))
+}
+
+func CheckIIDValidation(IId irs.IID) bool {
+	if IId.NameId == "" && IId.SystemId == "" {
+		return false
+	}
+	return true
+}