Add files via upload

Author: Warezloder

vsphere_mcp_pro/__init__.py

@@ -0,0 +1,29 @@
+"""
+vSphere-MCP-Pro: A secure MCP server for VMware vCenter 8.0+.
+
+This package provides a Model Context Protocol (MCP) server for VMware vCenter
+operations including VM lifecycle management, snapshots, and inventory discovery.
+"""
+
+from .vsphere_client import VsphereApiError, VsphereClient, VsphereClientPool
+from .config import AppConfig, load_config
+from .authz import Authorizer, TokenBucketLimiter
+from .audit import Auditor, AuditEvent
+
+__version__ = "0.2.0"
+
+__all__ = [
+    # Client
+    "VsphereClient",
+    "VsphereClientPool",
+    "VsphereApiError",
+    # Config
+    "AppConfig",
+    "load_config",
+    # Auth
+    "Authorizer",
+    "TokenBucketLimiter",
+    # Audit
+    "Auditor",
+    "AuditEvent",
+]

vsphere_mcp_pro/server.py

@@ -10,14 +10,7 @@
 from .audit import AuditEvent, Auditor
 from .authz import Authorizer, CallerContext, TokenBucketLimiter, set_caller
 from .config import AppConfig, load_config
-from .vsphere_client import VsphereClient
-
-
-def _choose_host(cfg: AppConfig, hostname: Optional[str]) -> str:
-    host = (hostname or cfg.vsphere.host).strip()
-    if cfg.vsphere.allowed_hosts and host not in cfg.vsphere.allowed_hosts:
-        raise PermissionError(f"Hostname '{host}' not in allowed set")
-    return host
+from .vsphere_client import VsphereClientPool
 
 
 def _with_guard(tool_name: str, destructive: bool = False):
@@ -28,6 +21,7 @@ def wrapper(*args, **kwargs):
             auditor: Auditor = kwargs.pop("_auditor")
             limiter: TokenBucketLimiter = kwargs.pop("_limiter")
             authz: Authorizer = kwargs.pop("_authz")
+            pool: VsphereClientPool = kwargs.pop("_pool")
 
             token = kwargs.pop("token", None)
             confirm = kwargs.get("confirm", False)
@@ -50,7 +44,7 @@ def wrapper(*args, **kwargs):
                 if destructive and not confirm:
                     raise PermissionError("Destructive operation: set confirm=True to proceed")
 
-                result = fn(*args, **kwargs)
+                result = fn(*args, _pool=pool, **kwargs)
                 ok = True
                 if isinstance(result, dict) and "meta" in result and "host" in result["meta"]:
                     host_used = result["meta"]["host"]
@@ -73,128 +67,159 @@ def build_server(cfg: AppConfig) -> FastMCP:
     auditor = Auditor(cfg.server.audit_log_path)
     authz = Authorizer(cfg.auth)
     limiter = TokenBucketLimiter(cfg.ratelimit)
-
-    def inject(fn, name: str, destructive: bool = False):
-        wrapped = _with_guard(name, destructive)(fn)
-        mcp.tool(name=name)(functools.partial(wrapped, _cfg=cfg, _auditor=auditor, _limiter=limiter, _authz=authz))
-
-    def client_for(hostname: Optional[str]) -> VsphereClient:
-        host = _choose_host(cfg, hostname)
-        local_cfg = cfg.model_copy(deep=True)
-        local_cfg.vsphere.host = host
-        c = VsphereClient(local_cfg.vsphere)
-        c.login()
-        return c
-
-    @inject
-    def list_vms(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+    pool = VsphereClientPool(cfg)
+
+    def inject(name: str, destructive: bool = False):
+        """Decorator factory that wraps a tool with auth, rate limiting, and auditing."""
+        def decorator(fn):
+            wrapped = _with_guard(name, destructive)(fn)
+            bound = functools.partial(
+                wrapped,
+                _cfg=cfg,
+                _auditor=auditor,
+                _limiter=limiter,
+                _authz=authz,
+                _pool=pool,
+            )
+            mcp.tool(name=name)(bound)
+            return fn
+        return decorator
+
+    # --- VM Discovery ---
+
+    @inject("list_vms")
+    def list_vms(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                 *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         vms = c.list_vms()
-        return {"ok": True, "meta": {"host": c._cfg.host}, "count": len(vms), "vms": vms}
+        return {"ok": True, "meta": {"host": c.host}, "count": len(vms), "vms": vms}
 
-    @inject
-    def get_vm_details(vm_id: str, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+    @inject("get_vm_details")
+    def get_vm_details(vm_id: str, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                       *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         vm = c.get_vm(vm_id)
-        return {"ok": True, "meta": {"host": c._cfg.host}, "vm": vm}
+        return {"ok": True, "meta": {"host": c.host}, "vm": vm}
+
+    # --- Inventory Discovery ---
 
-    @inject
-    def list_hosts(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+    @inject("list_hosts")
+    def list_hosts(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                   *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         data = c.list_hosts()
-        return {"ok": True, "meta": {"host": c._cfg.host}, "count": len(data), "hosts": data}
+        return {"ok": True, "meta": {"host": c.host}, "count": len(data), "hosts": data}
 
-    @inject
-    def list_datastores(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+    @inject("list_datastores")
+    def list_datastores(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                        *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         data = c.list_datastores()
-        return {"ok": True, "meta": {"host": c._cfg.host}, "count": len(data), "datastores": data}
+        return {"ok": True, "meta": {"host": c.host}, "count": len(data), "datastores": data}
 
-    @inject
-    def list_networks(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+    @inject("list_networks")
+    def list_networks(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                      *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         data = c.list_networks()
-        return {"ok": True, "meta": {"host": c._cfg.host}, "count": len(data), "networks": data}
+        return {"ok": True, "meta": {"host": c.host}, "count": len(data), "networks": data}
 
-    @inject
-    def list_datacenters(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+    @inject("list_datacenters")
+    def list_datacenters(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                         *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         data = c.list_datacenters()
-        return {"ok": True, "meta": {"host": c._cfg.host}, "count": len(data), "datacenters": data}
+        return {"ok": True, "meta": {"host": c.host}, "count": len(data), "datacenters": data}
+
+    @inject("get_datastore_usage")
+    def get_datastore_usage(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                            *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
+        dss = c.list_datastores()
+        return {"ok": True, "meta": {"host": c.host}, "count": len(dss), "datastores": dss}
+
+    @inject("get_resource_utilization_summary")
+    def get_resource_utilization_summary(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                                         *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
+        return {"ok": True, "meta": {"host": c.host}, "summary": {
+            "vms": len(c.list_vms()),
+            "hosts": len(c.list_hosts()),
+            "datastores": len(c.list_datastores()),
+            "networks": len(c.list_networks()),
+            "datacenters": len(c.list_datacenters()),
+        }}
 
-    @inject
-    def power_on_vm(vm_id: str, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+    # --- Power Operations ---
+
+    @inject("power_on_vm")
+    def power_on_vm(vm_id: str, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                    *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         data = c.power_start(vm_id)
-        return {"ok": True, "meta": {"host": c._cfg.host}, "result": data}
+        return {"ok": True, "meta": {"host": c.host}, "result": data}
 
-    @inject
-    def power_off_vm(vm_id: str, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+    @inject("power_off_vm")
+    def power_off_vm(vm_id: str, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                     *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         data = c.power_stop(vm_id)
-        return {"ok": True, "meta": {"host": c._cfg.host}, "result": data}
+        return {"ok": True, "meta": {"host": c.host}, "result": data}
 
-    @inject
-    def restart_vm(vm_id: str, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+    @inject("restart_vm")
+    def restart_vm(vm_id: str, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                   *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         data = c.power_reset(vm_id)
-        return {"ok": True, "meta": {"host": c._cfg.host}, "result": data}
+        return {"ok": True, "meta": {"host": c.host}, "result": data}
+
+    # --- Snapshot Operations ---
 
-    @inject
-    def list_vm_snapshots(vm_id: str, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+    @inject("list_vm_snapshots")
+    def list_vm_snapshots(vm_id: str, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                          *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         data = c.list_snapshots(vm_id)
-        return {"ok": True, "meta": {"host": c._cfg.host}, "count": (len(data) if isinstance(data, list) else None), "snapshots": data}
+        return {"ok": True, "meta": {"host": c.host}, "count": (len(data) if isinstance(data, list) else None), "snapshots": data}
 
-    @inject
+    @inject("create_vm_snapshot")
     def create_vm_snapshot(vm_id: str, snapshot_name: str, description: str = "", memory: bool = False, quiesce: bool = False,
-                           hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+                           hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                           *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         data = c.create_snapshot(vm_id, snapshot_name, description=description, memory=memory, quiesce=quiesce)
-        return {"ok": True, "meta": {"host": c._cfg.host}, "result": data}
+        return {"ok": True, "meta": {"host": c.host}, "result": data}
 
-    @inject
+    @inject("delete_vm_snapshot", destructive=True)
     def delete_vm_snapshot(vm_id: str, snapshot_id: str, confirm: bool = False,
-                           hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+                           hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                           *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         data = c.delete_snapshot(vm_id, snapshot_id)
-        return {"ok": True, "meta": {"host": c._cfg.host}, "result": data}
+        return {"ok": True, "meta": {"host": c.host}, "result": data}
+
+    # --- Destructive Operations (require confirm=True) ---
 
-    @inject
-    def delete_vm(vm_id: str, confirm: bool = False, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
+    @inject("delete_vm", destructive=True)
+    def delete_vm(vm_id: str, confirm: bool = False, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                  *, _pool: VsphereClientPool) -> Dict[str, Any]:
+        c = _pool.get(hostname)
         data = c.delete_vm(vm_id)
-        return {"ok": True, "meta": {"host": c._cfg.host}, "result": data}
+        return {"ok": True, "meta": {"host": c.host}, "result": data}
 
-    @inject
+    @inject("modify_vm_resources", destructive=True)
     def modify_vm_resources(vm_id: str, cpu_count: Optional[int] = None, memory_gb: Optional[int] = None,
-                            confirm: bool = False, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
+                            confirm: bool = False, hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None,
+                            *, _pool: VsphereClientPool) -> Dict[str, Any]:
         if cpu_count is None and memory_gb is None:
             raise ValueError("cpu_count or memory_gb required")
-        c = client_for(hostname)
+        c = _pool.get(hostname)
         res = {}
         if cpu_count is not None:
             res["cpu"] = c.set_cpu(vm_id, cpu_count)
         if memory_gb is not None:
             res["memory"] = c.set_memory(vm_id, int(memory_gb * 1024))
-        return {"ok": True, "meta": {"host": c._cfg.host}, "result": res}
-
-    @inject
-    def get_datastore_usage(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
-        dss = c.list_datastores()
-        return {"ok": True, "meta": {"host": c._cfg.host}, "count": len(dss), "datastores": dss}
-
-    @inject
-    def get_resource_utilization_summary(hostname: Optional[str] = None, verbose: bool = False, token: Optional[str] = None) -> Dict[str, Any]:
-        c = client_for(hostname)
-        return {"ok": True, "meta": {"host": c._cfg.host}, "summary": {
-            "vms": len(c.list_vms()),
-            "hosts": len(c.list_hosts()),
-            "datastores": len(c.list_datastores()),
-            "networks": len(c.list_networks()),
-            "datacenters": len(c.list_datacenters()),
-        }}
+        return {"ok": True, "meta": {"host": c.host}, "result": res}
 
     return mcp