Merge pull request #454 from dev4unet/master

키페어 라이센스 이슈 추가 처리
cloud-barista · Aug 12, 2021 · 841d0f0 · 841d0f0
2 parents 74aec8c + a6ff373
commit 841d0f0
Show file tree

Hide file tree

Showing 16 changed files with 88 additions and 2,071 deletions.
diff --git a/cloud-control-manager/cloud-driver/common/common.go b/cloud-control-manager/cloud-driver/common/common.go
@@ -9,60 +9,79 @@
 package common
 
 import (
-        "crypto/rand"
-        "crypto/rsa"
-        "crypto/x509"
-        "encoding/pem"
-        "io/ioutil"
+	"bytes"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
+	"fmt"
+	"io/ioutil"
 
-        "golang.org/x/crypto/ssh"
+	"golang.org/x/crypto/ssh"
 )
 
 // generate a KeyPair with 4KB length
 // returns: privateKeyBytes, publicKeyBytes, error
 func GenKeyPair() ([]byte, []byte, error) {
 
-        // (1) Generate a private Key
-        keyLength := 4096
-        privateKey, err := rsa.GenerateKey(rand.Reader, keyLength)
-        if err != nil {
-                return nil, nil, err
-        }
+	// (1) Generate a private Key
+	keyLength := 4096
+	privateKey, err := rsa.GenerateKey(rand.Reader, keyLength)
+	if err != nil {
+		return nil, nil, err
+	}
 
-        err = privateKey.Validate()
-        if err != nil {
-                return nil, nil, err
-        }
+	err = privateKey.Validate()
+	if err != nil {
+		return nil, nil, err
+	}
 
-        // for ASN.1 DER format
-        DERKey := x509.MarshalPKCS1PrivateKey(privateKey)
-        keyBlock := pem.Block{
-                Type:    "RSA PRIVATE KEY",
-                Headers: nil,
-                Bytes:   DERKey,
-        }
+	// for ASN.1 DER format
+	DERKey := x509.MarshalPKCS1PrivateKey(privateKey)
+	keyBlock := pem.Block{
+		Type:    "RSA PRIVATE KEY",
+		Headers: nil,
+		Bytes:   DERKey,
+	}
 
-        // for PEM format
-        privateKeyBytes := pem.EncodeToMemory(&keyBlock)
+	// for PEM format
+	privateKeyBytes := pem.EncodeToMemory(&keyBlock)
 
-
-        // (2) Generate a public key
+	// (2) Generate a public key
 	publicKey, err := ssh.NewPublicKey(&privateKey.PublicKey)
-        if err != nil {
-                return nil, nil, err
-        }
+	if err != nil {
+		return nil, nil, err
+	}
 
-        publicKeyBytes := ssh.MarshalAuthorizedKey(publicKey)
+	publicKeyBytes := ssh.MarshalAuthorizedKey(publicKey)
 
-        return privateKeyBytes, publicKeyBytes, nil
+	return privateKeyBytes, publicKeyBytes, nil
 }
 
 // save a key to a file
 func SaveKey(keyBytes []byte, targetFile string) error {
-        err := ioutil.WriteFile(targetFile, keyBytes, 0600)
-        if err != nil {
-                return err
-        }
+	err := ioutil.WriteFile(targetFile, keyBytes, 0600)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ParseKey reads the given RSA private key and create a public one for it.
+func MakePublicKeyFromPrivateKey(pem string) (string, error) {
+	key, err := ssh.ParseRawPrivateKey([]byte(pem))
+	if err != nil {
+		return "", err
+	}
+	rsaKey, ok := key.(*rsa.PrivateKey)
+	if !ok {
+		return "", fmt.Errorf("%q is not a RSA key", pem)
+	}
+	pub, err := ssh.NewPublicKey(&rsaKey.PublicKey)
+	if err != nil {
+		return "", err
+	}
 
-        return nil
+	return string(bytes.TrimRight(ssh.MarshalAuthorizedKey(pub), "\n")), nil
 }
diff --git a/cloud-control-manager/cloud-driver/drivers/alibaba/main/Test_Resources.go b/cloud-control-manager/cloud-driver/drivers/alibaba/main/Test_Resources.go
@@ -341,7 +341,7 @@ func handleSecurity() {
 
 	securityName := "CB-SecurityTestCidr"
 	securityId := "sg-6wedru4yb4m6qqfvd3sj"
-	vpcId := "vpc-0jl4l19l51gn2exrohgci"
+	vpcId := "vpc-6wed2mg4ox4xphl18461h"
 
 	for {
 		fmt.Println("Security Management")
@@ -383,11 +383,11 @@ func handleSecurity() {
 					SecurityRules: &[]irs.SecurityRuleInfo{ //보안 정책 설정
 						//CIDR 테스트
 						{
-							FromPort:   "30",
-							ToPort:     "30",
+							FromPort:   "20",
+							ToPort:     "22",
 							IPProtocol: "tcp",
 							Direction:  "inbound",
-							CIDR:       "10.13.1.10/32",
+							CIDR:       "0.0.0.0/0",
 						},
 						{
 							FromPort:   "40",
@@ -850,9 +850,9 @@ func handleVM() {
 					ImageIID: irs.IID{SystemId: "ubuntu_18_04_x64_20G_alibase_20210420.vhd"},
 					//VpcIID:    irs.IID{SystemId: "vpc-0jl4l19l51gn2exrohgci"},
 					//SubnetIID: irs.IID{SystemId: "vsw-0jlj155cbwhjumtipnm6d"},
-					SubnetIID: irs.IID{SystemId: "vsw-0jlj177cbwhjumtipnm6d"}, //없는 Subnet 테스트
+					SubnetIID: irs.IID{SystemId: "vsw-6we1o1arx7bivz7iu3o9k"}, //없는 Subnet 테스트
 					//SecurityGroupIIDs: []irs.IID{{SystemId: "sg-6we0rxnoai067qbkdkgw"}, {SystemId: "sg-6weeb9xaodr65g7bq10c"}},
-					SecurityGroupIIDs: []irs.IID{{SystemId: "sg-0jlcxdq9lpyi67vzuft1"}},
+					SecurityGroupIIDs: []irs.IID{{SystemId: "sg-6we1dc6xqy9e7zjtzkkk"}},
 					//VMSpecName:        "ecs.t5-lc2m1.nano",
 					VMSpecName: "ecs.g6.large", //cn-wulanchabu 리전
 					KeyPairIID: irs.IID{SystemId: "CB-KeyPairTest123123"},
@@ -972,11 +972,11 @@ func main() {
 	cblogger.Info("Alibaba Cloud Resource Test")
 	cblogger.Debug("Debug mode")
 
-	//handleVPC() //VPC
+	handleVPC() //VPC
 	//handleVMSpec()
 	//handleImage() //AMI
-	//handleSecurity()
-	//handleKeyPair()
+	handleSecurity()
+	handleKeyPair()
 	handleVM()
 
 	//handlePublicIP() // PublicIP 생성 후 conf

diff --git a/cloud-control-manager/cloud-driver/drivers/alibaba/resources/KeyPairHandler.go b/cloud-control-manager/cloud-driver/drivers/alibaba/resources/KeyPairHandler.go
@@ -11,19 +11,15 @@
 package resources
 
 import (
-	"bytes"
-	"crypto/rsa"
 	"errors"
-	"fmt"
 	"io/ioutil"
-	"log"
 	"os"
 	"strings"
 
 	"github.com/aliyun/alibaba-cloud-sdk-go/services/ecs"
-	"golang.org/x/crypto/ssh"
 
 	call "github.com/cloud-barista/cb-spider/cloud-control-manager/cloud-driver/call-log"
+	keypair "github.com/cloud-barista/cb-spider/cloud-control-manager/cloud-driver/common"
 	idrv "github.com/cloud-barista/cb-spider/cloud-control-manager/cloud-driver/interfaces"
 	irs "github.com/cloud-barista/cb-spider/cloud-control-manager/cloud-driver/interfaces/resources"
 	"github.com/davecgh/go-spew/spew"
@@ -144,7 +140,7 @@ func (keyPairHandler *AlibabaKeyPairHandler) CreateKey(keyPairReqInfo irs.KeyPai
 	spew.Dump(result)
 
 	cblogger.Info("공개키 생성")
-	publicKey, errPub := makePublicKeyFromPrivateKey(result.PrivateKeyBody)
+	publicKey, errPub := keypair.MakePublicKeyFromPrivateKey(result.PrivateKeyBody)
 	if errPub != nil {
 		cblogger.Error(errPub)
 		return irs.KeyPairInfo{}, err
@@ -171,13 +167,13 @@ func (keyPairHandler *AlibabaKeyPairHandler) CreateKey(keyPairReqInfo irs.KeyPai
 	cblogger.Infof("savePublicFileTo : [%s]", savePublicFileTo)
 
 	// 파일에 private Key를 쓴다
-	err = writeKeyToFile([]byte(keyPairInfo.PrivateKey), savePrivateFileTo)
+	err = keypair.SaveKey([]byte(keyPairInfo.PrivateKey), savePrivateFileTo)
 	if err != nil {
 		return irs.KeyPairInfo{}, err
 	}
 
 	// 파일에 public Key를 쓴다
-	err = writeKeyToFile([]byte(keyPairInfo.PublicKey), savePublicFileTo)
+	err = keypair.SaveKey([]byte(keyPairInfo.PublicKey), savePublicFileTo)
 	if err != nil {
 		return irs.KeyPairInfo{}, err
 	}
@@ -381,33 +377,3 @@ func (keyPairHandler *AlibabaKeyPairHandler) CheckKeyPairFolder(keyPairPath stri
 	}
 	return nil
 }
-
-// ParseKey reads the given RSA private key and create a public one for it.
-func makePublicKeyFromPrivateKey(pem string) (string, error) {
-	key, err := ssh.ParseRawPrivateKey([]byte(pem))
-	if err != nil {
-		cblogger.Error(err)
-		return "", err
-	}
-	rsaKey, ok := key.(*rsa.PrivateKey)
-	if !ok {
-		return "", fmt.Errorf("%q is not a RSA key", pem)
-	}
-	pub, err := ssh.NewPublicKey(&rsaKey.PublicKey)
-	if err != nil {
-		return "", err
-	}
-
-	return string(bytes.TrimRight(ssh.MarshalAuthorizedKey(pub), "\n")), nil
-}
-
-// 파일에 Key를 쓴다
-func writeKeyToFile(keyBytes []byte, saveFileTo string) error {
-	err := ioutil.WriteFile(saveFileTo, keyBytes, 0600)
-	if err != nil {
-		return err
-	}
-
-	log.Printf("Key 저장위치: %s", saveFileTo)
-	return nil
-}
diff --git a/cloud-control-manager/cloud-driver/drivers/aws/main/Test_Resources.go b/cloud-control-manager/cloud-driver/drivers/aws/main/Test_Resources.go
@@ -900,9 +900,10 @@ func handleVM() {
 					IId: irs.IID{NameId: "mcloud-barista-iid-vm-test"},
 					//ImageIID:          irs.IID{SystemId: "ami-001b6f8703b50e077"}, //centos-stable-7.2003.13-ebs-202005201235
 					//ImageIID:          irs.IID{SystemId: "ami-059b6d3840b03d6dd"}, //Ubuntu Server 20.04 LTS (HVM)
+					//ImageIID:          irs.IID{SystemId: "ami-09e67e426f25ce0d7"}, //Ubuntu Server 20.04 LTS (HVM) - 버지니아 북부 리전
 					ImageIID:          irs.IID{SystemId: "ami-059b6d3840b03d6dd"}, //Ubuntu Server 20.04 LTS (HVM)
-					SubnetIID:         irs.IID{SystemId: "subnet-0a6ca346752be1ca4"},
-					SecurityGroupIIDs: []irs.IID{{SystemId: "sg-0556ddbff4cab480e"}},
+					SubnetIID:         irs.IID{SystemId: "subnet-05af5eb87ef3f01c2"},
+					SecurityGroupIIDs: []irs.IID{{SystemId: "sg-02421ce44c38e4deb"}},
 					VMSpecName:        "t2.micro",
 					KeyPairIID:        irs.IID{SystemId: "CB-KeyPairTest123123"},
 				}
@@ -1125,9 +1126,9 @@ func main() {
 	//handleKeyPair()
 	//handlePublicIP() // PublicIP 생성 후 conf
 	//handleSecurity()
-	//handleVM()
+	handleVM()
 
-	handleImage() //AMI
+	//handleImage() //AMI
 	//handleVNic() //Lancard
 	//handleVMSpec()
 }

diff --git a/cloud-control-manager/cloud-driver/drivers/aws/resources/KeyPairHandler.go b/cloud-control-manager/cloud-driver/drivers/aws/resources/KeyPairHandler.go
@@ -1,9 +1,7 @@
 package resources
 
 import (
-	"bytes"
 	"crypto/md5"
-	"crypto/rsa"
 	"errors"
 	"fmt"
 	"io"
@@ -20,7 +18,8 @@ import (
 	irs "github.com/cloud-barista/cb-spider/cloud-control-manager/cloud-driver/interfaces/resources"
 	"github.com/davecgh/go-spew/spew"
 	_ "github.com/davecgh/go-spew/spew"
-	"golang.org/x/crypto/ssh"
+
+	keypair "github.com/cloud-barista/cb-spider/cloud-control-manager/cloud-driver/common"
 )
 
 type AwsKeyPairHandler struct {
@@ -145,7 +144,7 @@ func (keyPairHandler *AwsKeyPairHandler) CreateKey(keyPairReqInfo irs.KeyPairReq
 	cblogger.Infof("Created key pair %q %s\n%s\n", *result.KeyName, *result.KeyFingerprint, *result.KeyMaterial)
 
 	cblogger.Info("공개키 생성")
-	publicKey, errPub := makePublicKeyFromPrivateKey(*result.KeyMaterial)
+	publicKey, errPub := keypair.MakePublicKeyFromPrivateKey(*result.KeyMaterial)
 	if errPub != nil {
 		cblogger.Error(errPub)
 		return irs.KeyPairInfo{}, err
@@ -186,13 +185,13 @@ func (keyPairHandler *AwsKeyPairHandler) CreateKey(keyPairReqInfo irs.KeyPairReq
 	cblogger.Infof("savePublicFileTo : [%s]", savePublicFileTo)
 
 	// 파일에 private Key를 쓴다
-	err = writeKeyToFile([]byte(keyPairInfo.PrivateKey), savePrivateFileTo)
+	err = keypair.SaveKey([]byte(keyPairInfo.PrivateKey), savePrivateFileTo)
 	if err != nil {
 		return irs.KeyPairInfo{}, err
 	}
 
 	// 파일에 public Key를 쓴다
-	err = writeKeyToFile([]byte(keyPairInfo.PublicKey), savePublicFileTo)
+	err = keypair.SaveKey([]byte(keyPairInfo.PublicKey), savePublicFileTo)
 	if err != nil {
 		return irs.KeyPairInfo{}, err
 	}
@@ -410,35 +409,6 @@ func (keyPairHandler *AwsKeyPairHandler) CheckKeyPairFolder(keyPairPath string)
 	return nil
 }
 
-// ParseKey reads the given RSA private key and create a public one for it.
-func makePublicKeyFromPrivateKey(pem string) (string, error) {
-	key, err := ssh.ParseRawPrivateKey([]byte(pem))
-	if err != nil {
-		return "", err
-	}
-	rsaKey, ok := key.(*rsa.PrivateKey)
-	if !ok {
-		return "", fmt.Errorf("%q is not a RSA key", pem)
-	}
-	pub, err := ssh.NewPublicKey(&rsaKey.PublicKey)
-	if err != nil {
-		return "", err
-	}
-
-	return string(bytes.TrimRight(ssh.MarshalAuthorizedKey(pub), "\n")), nil
-}
-
-// 파일에 Key를 쓴다
-func writeKeyToFile(keyBytes []byte, saveFileTo string) error {
-	err := ioutil.WriteFile(saveFileTo, keyBytes, 0600)
-	if err != nil {
-		return err
-	}
-
-	log.Printf("Key 저장위치: %s", saveFileTo)
-	return nil
-}
-
 // @TODO - PK 이슈 처리해야 함. (A User / B User / User 하위의 IAM 계정간의 호환성에 이슈가 없어야 하는데 현재는 안 됨.)
 //       - 따라서 AWS는 대안으로 KeyPair의 FingerPrint를 이용하도록 변경 - 필요시 리전및 키 이름과 혼용해서 만들어야할 듯.
 // KeyPair 해시 생성 함수 (PK 이슈로 현재는 사용하지 않음)

diff --git a/cloud-control-manager/cloud-driver/drivers/aws/resources/VMHandler.go b/cloud-control-manager/cloud-driver/drivers/aws/resources/VMHandler.go
@@ -57,7 +57,7 @@ func Connect(region string) *ec2.EC2 {
 	return svc
 }
 
-// 1개의 VM만 생성되도록 수정 (MinCount / MaxCount 이용 안 함)
+//1개의 VM만 생성되도록 수정 (MinCount / MaxCount 이용 안 함)
 //키페어 이름(예:mcloud-barista)은 아래 URL에 나오는 목록 중 "키페어 이름"의 값을 적으면 됨.
 //https://ap-northeast-2.console.aws.amazon.com/ec2/v2/home?region=ap-northeast-2#KeyPairs:sort=keyName
 func (vmHandler *AwsVMHandler) StartVM(vmReqInfo irs.VMReqInfo) (irs.VMInfo, error) {