CP-52074: Add start and stop ssh API on host

Signed-off-by: Bengang Yuan <[email protected]>
xapi-project · Jan 9, 2025 · 7fe282e · 7fe282e
1 parent 5894036
commit 7fe282e
Show file tree

Hide file tree

Showing 8 changed files with 97 additions and 0 deletions.
diff --git a/ocaml/idl/datamodel_errors.ml b/ocaml/idl/datamodel_errors.ml
@@ -2010,6 +2010,12 @@ let _ =
 
   error Api_errors.too_many_groups [] ~doc:"VM can only belong to one group." () ;
 
+  error Api_errors.start_ssh_failed ["host"] ~doc:"Failed to start ssh service."
+    () ;
+
+  error Api_errors.stop_ssh_failed ["host"] ~doc:"Failed to stop ssh service."
+    () ;
+
   message
     (fst Api_messages.ha_pool_overcommitted)
     ~doc:

diff --git a/ocaml/idl/datamodel_host.ml b/ocaml/idl/datamodel_host.ml
@@ -2338,6 +2338,16 @@ let emergency_clear_mandatory_guidance =
     ~doc:"Clear the pending mandatory guidance on this host"
     ~allowed_roles:_R_LOCAL_ROOT_ONLY ()
 
+let start_ssh =
+  call ~name:"start_ssh" ~doc:"Start and enable ssh service" ~lifecycle:[]
+    ~params:[(Ref _host, "self", "The host")]
+    ~allowed_roles:_R_POOL_ADMIN ()
+
+let stop_ssh =
+  call ~name:"stop_ssh" ~doc:"Stop and disable ssh service" ~lifecycle:[]
+    ~params:[(Ref _host, "self", "The host")]
+    ~allowed_roles:_R_POOL_ADMIN ()
+
 let latest_synced_updates_applied_state =
   Enum
     ( "latest_synced_updates_applied_state"
@@ -2494,6 +2504,8 @@ let t =
       ; set_https_only
       ; apply_recommended_guidances
       ; emergency_clear_mandatory_guidance
+      ; start_ssh
+      ; stop_ssh
       ]
     ~contents:
       ([

diff --git a/ocaml/xapi-cli-server/cli_frontend.ml b/ocaml/xapi-cli-server/cli_frontend.ml
@@ -1048,6 +1048,24 @@ let rec cmdtable_data : (string * cmd_spec) list =
       ; flags= [Host_selectors]
       }
     )
+  ; ( "host-start-ssh"
+    , {
+        reqd= []
+      ; optn= []
+      ; help= "Start and enable ssh service"
+      ; implementation= No_fd Cli_operations.host_start_ssh
+      ; flags= [Host_selectors]
+      }
+    )
+  ; ( "host-stop-ssh"
+    , {
+        reqd= []
+      ; optn= []
+      ; help= "Stop and disable ssh service"
+      ; implementation= No_fd Cli_operations.host_stop_ssh
+      ; flags= [Host_selectors]
+      }
+    )
   ; ( "host-emergency-clear-mandatory-guidance"
     , {
         reqd= []

diff --git a/ocaml/xapi-cli-server/cli_operations.ml b/ocaml/xapi-cli-server/cli_operations.ml
@@ -7729,6 +7729,26 @@ let host_apply_updates _printer rpc session_id params =
        params ["hash"]
     )
 
+let host_start_ssh _printer rpc session_id params =
+  ignore
+    (do_host_op rpc session_id
+       (fun _ host ->
+         let host = host.getref () in
+         Client.Host.start_ssh ~rpc ~session_id ~self:host
+       )
+       params []
+    )
+
+let host_stop_ssh _printer rpc session_id params =
+  ignore
+    (do_host_op rpc session_id
+       (fun _ host ->
+         let host = host.getref () in
+         Client.Host.stop_ssh ~rpc ~session_id ~self:host
+       )
+       params []
+    )
+
 module SDN_controller = struct
   let introduce printer rpc session_id params =
     let port =

diff --git a/ocaml/xapi-consts/api_errors.ml b/ocaml/xapi-consts/api_errors.ml
@@ -1403,3 +1403,7 @@ let telemetry_next_collection_too_late =
 let illegal_in_fips_mode = add_error "ILLEGAL_IN_FIPS_MODE"
 
 let too_many_groups = add_error "TOO_MANY_GROUPS"
+
+let start_ssh_failed = add_error "START_SSH_FAILED"
+
+let stop_ssh_failed = add_error "STOP_SSH_FAILED"
diff --git a/ocaml/xapi/message_forwarding.ml b/ocaml/xapi/message_forwarding.ml
@@ -4154,6 +4154,20 @@ functor
       let emergency_clear_mandatory_guidance ~__context =
         info "Host.emergency_clear_mandatory_guidance" ;
         Local.Host.emergency_clear_mandatory_guidance ~__context
+
+      let start_ssh ~__context ~self =
+        info "%s: host = '%s'" __FUNCTION__ (host_uuid ~__context self) ;
+        let local_fn = Local.Host.start_ssh ~self in
+        do_op_on ~local_fn ~__context ~host:self (fun session_id rpc ->
+            Client.Host.start_ssh ~rpc ~session_id ~self
+        )
+
+      let stop_ssh ~__context ~self =
+        info "%s: host = '%s'" __FUNCTION__ (host_uuid ~__context self) ;
+        let local_fn = Local.Host.stop_ssh ~self in
+        do_op_on ~local_fn ~__context ~host:self (fun session_id rpc ->
+            Client.Host.stop_ssh ~rpc ~session_id ~self
+        )
     end
 
     module Host_crashdump = struct

diff --git a/ocaml/xapi/xapi_host.ml b/ocaml/xapi/xapi_host.ml
@@ -3127,3 +3127,22 @@ let emergency_clear_mandatory_guidance ~__context =
          info "%s: %s is cleared" __FUNCTION__ s
      ) ;
   Db.Host.set_pending_guidances ~__context ~self ~value:[]
+
+let start_ssh ~__context ~self =
+  try
+    Xapi_systemctl.enable ~wait_until_success:false "sshd" ;
+    Xapi_systemctl.start ~wait_until_success:false "sshd"
+  with _ ->
+    raise
+      (Api_errors.Server_error
+         (Api_errors.start_ssh_failed, [Ref.string_of self])
+      )
+
+let stop_ssh ~__context ~self =
+  try
+    Xapi_systemctl.disable ~wait_until_success:false "sshd" ;
+    Xapi_systemctl.stop ~wait_until_success:false "sshd"
+  with _ ->
+    raise
+      (Api_errors.Server_error (Api_errors.stop_ssh_failed, [Ref.string_of self])
+      )
diff --git a/ocaml/xapi/xapi_host.mli b/ocaml/xapi/xapi_host.mli
@@ -561,3 +561,7 @@ val set_https_only :
   __context:Context.t -> self:API.ref_host -> value:bool -> unit
 
 val emergency_clear_mandatory_guidance : __context:Context.t -> unit
+
+val start_ssh : __context:Context.t -> self:API.ref_host -> unit
+
+val stop_ssh : __context:Context.t -> self:API.ref_host -> unit