New ibmcloud type and volume auth instance plugin (#704)

Signed-off-by: Steven Kaufer <[email protected]>

Author: kaufers

cmd/infrakit/main.go

@@ -46,6 +46,7 @@ import (
 	_ "github.com/docker/infrakit/pkg/run/v0/file"
 	_ "github.com/docker/infrakit/pkg/run/v0/group"
 	_ "github.com/docker/infrakit/pkg/run/v0/hyperkit"
+	_ "github.com/docker/infrakit/pkg/run/v0/ibmcloud"
 	_ "github.com/docker/infrakit/pkg/run/v0/ingress"
 	_ "github.com/docker/infrakit/pkg/run/v0/kubernetes"
 	_ "github.com/docker/infrakit/pkg/run/v0/manager"

pkg/provider/ibmcloud/client/softlayerclient.go

@@ -0,0 +1,48 @@
+package client
+
+import (
+	"github.com/softlayer/softlayer-go/services"
+	"github.com/softlayer/softlayer-go/session"
+)
+
+// SoftlayerClient for all SL API calls
+type SoftlayerClient struct {
+	sess    *session.Session
+	account services.Account
+}
+
+// GetClient returns a SoftlayerClient instance
+func GetClient(user, apiKey string) *SoftlayerClient {
+	client := &SoftlayerClient{
+		sess: session.New(user, apiKey),
+	}
+	client.account = services.GetAccountService(client.sess)
+	return client
+}
+
+// AuthorizeToStorage authorizes a VM to a storage volume
+func (c *SoftlayerClient) AuthorizeToStorage(storageID, guestID int) error {
+	resType := "SoftLayer_Virtual_Guest"
+	_, err := services.GetNetworkStorageService(c.sess).Id(storageID).AllowAccessFromHost(&resType, &guestID)
+	return err
+}
+
+// DeauthorizeFromStorage removes the VM authorization for a storage volume
+func (c *SoftlayerClient) DeauthorizeFromStorage(storageID, guestID int) error {
+	resType := "SoftLayer_Virtual_Guest"
+	_, err := services.GetNetworkStorageService(c.sess).Id(storageID).RemoveAccessFromHost(&resType, &guestID)
+	return err
+}
+
+// GetAllowedStorageVirtualGuests gets all VM IDs that are authorized to the storage volume
+func (c *SoftlayerClient) GetAllowedStorageVirtualGuests(storageID int) ([]int, error) {
+	resp, err := services.GetNetworkStorageService(c.sess).Id(storageID).GetAllowedVirtualGuests()
+	if err != nil {
+		return []int{}, err
+	}
+	result := []int{}
+	for _, r := range resp {
+		result = append(result, *r.Id)
+	}
+	return result, nil
+}

pkg/provider/ibmcloud/plugin/instance/volumeauthplugin.go

@@ -0,0 +1,82 @@
+package instance
+
+import (
+	"strconv"
+
+	log "github.com/Sirupsen/logrus"
+	"github.com/docker/infrakit/pkg/provider/ibmcloud/client"
+	"github.com/docker/infrakit/pkg/spi/instance"
+	"github.com/docker/infrakit/pkg/types"
+)
+
+type plugin struct {
+	SoftlayerClient *client.SoftlayerClient
+	VolumeID        int
+}
+
+type propertyID struct {
+	// Resource matches the resource structure of the tf.json resource section
+	ID string `json:"id"`
+}
+
+// NewVolumeAuthPlugin creates a new plugin that manages VM authorizations to the given volume
+func NewVolumeAuthPlugin(username, apiKey string, volumeID int) instance.Plugin {
+	log.Infof("NewVolumeAuthPlugin, volumeID: %v", volumeID)
+	return &plugin{
+		SoftlayerClient: client.GetClient(username, apiKey),
+		VolumeID:        volumeID,
+	}
+}
+
+func (p *plugin) Validate(req *types.Any) error {
+	return nil
+}
+
+func (p *plugin) Label(instance instance.ID, labels map[string]string) error {
+	return nil
+}
+
+func (p *plugin) Provision(spec instance.Spec) (*instance.ID, error) {
+	props := propertyID{}
+	err := spec.Properties.Decode(&props)
+	if err != nil {
+		return nil, err
+	}
+	if err != nil {
+		return nil, err
+	}
+	log.Infof("Authorizing volume %v to instance %v", p.VolumeID, props.ID)
+	vmID, err := strconv.Atoi(props.ID)
+	if err != nil {
+		return nil, err
+	}
+	err = p.SoftlayerClient.AuthorizeToStorage(p.VolumeID, vmID)
+	return nil, err
+}
+
+func (p *plugin) Destroy(id instance.ID, ctx instance.Context) error {
+	log.Infof("Deauthorizing volume %v from instance %v", p.VolumeID, string(id))
+	vmID, err := strconv.Atoi(string(id))
+	if err != nil {
+		return nil
+	}
+	return p.SoftlayerClient.DeauthorizeFromStorage(p.VolumeID, vmID)
+}
+
+func (p *plugin) DescribeInstances(tags map[string]string, properties bool) ([]instance.Description, error) {
+	log.Infof("Describing authorized VMs for volume %v with tags %v", p.VolumeID, tags)
+	vmIDs, err := p.SoftlayerClient.GetAllowedStorageVirtualGuests(p.VolumeID)
+	if err != nil {
+		return []instance.Description{}, nil
+	}
+	result := []instance.Description{}
+	for _, vmID := range vmIDs {
+		result = append(result,
+			instance.Description{
+				ID: instance.ID(strconv.Itoa(vmID)),
+			},
+		)
+	}
+	log.Infof("%v authorized VMs for volume %v: %v", len(result), p.VolumeID, result)
+	return result, nil
+}

pkg/run/v0/ibmcloud/ibmcloud.go

@@ -0,0 +1,86 @@
+package ibmcloud
+
+import (
+	"fmt"
+
+	"github.com/docker/infrakit/pkg/discovery"
+	"github.com/docker/infrakit/pkg/launch/inproc"
+	logutil "github.com/docker/infrakit/pkg/log"
+	"github.com/docker/infrakit/pkg/plugin"
+	ibmcloud_auth_inst "github.com/docker/infrakit/pkg/provider/ibmcloud/plugin/instance"
+	"github.com/docker/infrakit/pkg/run"
+	"github.com/docker/infrakit/pkg/run/local"
+	"github.com/docker/infrakit/pkg/spi/instance"
+	"github.com/docker/infrakit/pkg/types"
+)
+
+const (
+	// Kind is the canonical name of the plugin for starting up, etc.
+	Kind = "ibmcloud"
+
+	// EnvIBMCloudUsername is the name of the LB ENV variable name for the IBM Cloud Username.
+	EnvIBMCloudUsername = "INFRAKIT_IBMCLOUD_USERNAME"
+
+	// EnvIBMCloudAPIKey is the name of the LB ENV variable name for the IBM Cloud API Key.
+	EnvIBMCloudAPIKey = "INFRAKIT_IBMCLOUD_APIKEY"
+)
+
+var (
+	log = logutil.New("module", "run/v0/ibmcloud")
+)
+
+func init() {
+	inproc.Register(Kind, Run, DefaultOptions)
+}
+
+// VolumeAuth is the type that contains the volume information to authorize
+type VolumeAuth struct {
+	// VolumeID is the volume to authorize to the group members
+	VolumeID int
+}
+
+// Options capture the options for starting up the plugin.
+type Options struct {
+	Username   string
+	APIKey     string
+	VolumeAuth VolumeAuth
+}
+
+// DefaultOptions return an Options with default values filled in.
+var DefaultOptions = Options{
+	Username: local.Getenv(EnvIBMCloudUsername, ""),
+	APIKey:   local.Getenv(EnvIBMCloudAPIKey, ""),
+	VolumeAuth: VolumeAuth{
+		VolumeID: 0,
+	},
+}
+
+// Run runs the plugin, blocking the current thread.  Error is returned immediately
+// if the plugin cannot be started.
+func Run(plugins func() discovery.Plugins, name plugin.Name,
+	config *types.Any) (transport plugin.Transport, impls map[run.PluginCode]interface{}, onStop func(), err error) {
+	log.Debug("Run", "Name", name)
+
+	options := Options{}
+	err = config.Decode(&options)
+	if err != nil {
+		return
+	}
+	if options.Username == "" || options.APIKey == "" {
+		err = fmt.Errorf("IBM Cloud username and APIKey required")
+		return
+	}
+
+	var authInstPlugin instance.Plugin
+	if options.VolumeAuth.VolumeID != 0 {
+		authInstPlugin = ibmcloud_auth_inst.NewVolumeAuthPlugin(options.Username, options.APIKey, options.VolumeAuth.VolumeID)
+	}
+
+	transport.Name = name
+	impls = map[run.PluginCode]interface{}{}
+	if authInstPlugin != nil {
+		impls[run.Instance] = map[string]instance.Plugin{"instance-vol-auth": authInstPlugin}
+	}
+
+	return
+}

vendor.conf

@@ -52,7 +52,7 @@ github.com/go-openapi/jsonreference                     36d33bf
 github.com/go-openapi/loads                             ad6217c
 github.com/go-openapi/runtime                           bf2ff8f
 github.com/go-openapi/spec                              e51c28f
-github.com/go-openapi/validate                          dc8a684  
+github.com/go-openapi/validate                          dc8a684
 github.com/go-openapi/strfmt                            93a31ef
 github.com/go-openapi/swag                              24ebf76
 github.com/gogo/protobuf                                v0.4
@@ -104,9 +104,11 @@ github.com/prometheus/client_golang/prometheus          v0.8.0
 github.com/prometheus/client_model                      6f38060
 github.com/prometheus/common                            49fee29
 github.com/prometheus/procfs                            a1dba9c
+github.com/renier/xmlrpc                                ce4a1a4
 github.com/rneugeba/iso9660wrap                         ecec696
 github.com/satori/go.uuid                               v1.1.0
 github.com/sergi/go-diff/diffmatchpatch                 feef008
+github.com/softlayer/softlayer-go                       ba0eaed
 github.com/spiegela/gorackhd                            de12976d778d18841ab3b16899af215fb277e96b
 github.com/spf13/afero                                  06b7e5f
 github.com/spf13/cobra                                  6e91dde
@@ -152,16 +154,17 @@ k8s.io/apimachinery                                     release-1.7
 k8s.io/client-go                                        v4.0.0
 k8s.io/kubernetes/cmd/kubeadm                           v1.7.5
 k8s.io/kubernetes/pkg                                   v1.7.5
-cloud.google.com/go					v0.6.0-81-g5e7b3ea
-github.com/aokoli/goutils				1.0.0-1-g9c37978
-github.com/golang/protobuf				69b215d
-github.com/googleapis/gax-go				da06d19
-github.com/gorilla/context				v1.1-7-g08b5f42
-golang.org/x/crypto					453249f
-golang.org/x/oauth2					810daf0
-google.golang.org/api					48e49d16
-google.golang.org/appengine				v1.0.0-29-g3a452f9
-github.com/krolaw/dhcp4					4de04cc
-github.com/krolaw/dhcp4/conn				4de04cc
-github.com/thebsdbox/go-tftp/server			b3e1ec2
-github.com/whyrusleeping/go-tftp/packet 	        454ade9
+cloud.google.com/go                                     v0.6.0-81-g5e7b3ea
+github.com/aokoli/goutils                               1.0.0-1-g9c37978
+github.com/golang/protobuf                              69b215d
+github.com/googleapis/gax-go                            da06d19
+github.com/gorilla/context                              v1.1-7-g08b5f42
+golang.org/x/crypto                                     453249f
+golang.org/x/oauth2                                     810daf0
+golang.org/x/text                                       e113a52
+google.golang.org/api                                   48e49d16
+google.golang.org/appengine                             v1.0.0-29-g3a452f9
+github.com/krolaw/dhcp4                                 4de04cc
+github.com/krolaw/dhcp4/conn                            4de04cc
+github.com/thebsdbox/go-tftp/server                     b3e1ec2
+github.com/whyrusleeping/go-tftp/packet                 454ade9