def _openstack(**config):
"""
Create Cinder and Nova volume managers suitable for use in the creation of
a ``CinderBlockDeviceAPI``. They will be configured to use the region
where the server that is running this code is running.
:param config: Any additional configuration (possibly provider-specific)
necessary to authenticate a session for use with the CinderClient and
NovaClient.
:return: A ``dict`` of keyword arguments for ``cinder_api``.
"""
# The execution context should have set up this environment variable,
# probably by inspecting some cloud-y state to discover where this code is
# running. Since the execution context is probably a stupid shell script,
# fix the casing of the region name here (keystone is very sensitive to
# case) instead of forcing me to figure out how to upper case things in
# bash (I already learned a piece of shell syntax today, once is all I can
# take).
region = environ.get('FLOCKER_FUNCTIONAL_TEST_OPENSTACK_REGION')
if region is not None:
region = region.upper()
auth = _openstack_auth_from_config(**config)
session = Session(auth=auth)
cinder_client = CinderClient(
session=session, region_name=region, version=1
)
nova_client = NovaClient(
session=session, region_name=region, version=2
)
return dict(
cinder_client=cinder_client,
nova_client=nova_client
)
def get_keystone_session(env):
"""Return a keystone session."""
from keystoneclient.auth.identity import v2
from keystoneclient.session import Session
auth = v2.Password(auth_url=env['OS_AUTH_URL'],
username=env['OS_USERNAME'],
password=env['OS_PASSWORD'],
tenant_name=env['OS_TENANT_NAME'])
return Session(auth=auth)
def auth_session(self):
if not self.__auth_session:
log.debug(
"Creating auth session with args {}",
{k: v
for k, v in self.__auth.items() if k != 'password'})
plugin = Password(**self.__auth)
self.__auth_session = Session(auth=plugin,
timeout=self.request_timeout)
return self.__auth_session
def drvCreateCloudClient(self, credentials):
cloudConfig = self.getTargetConfiguration()
server = cloudConfig['name']
port = cloudConfig['nova_port']
projectName = cloudConfig['project_name']
try:
session = KeystoneSession()
def authenticate(self, **kwargs):
secure = kwargs.pop('secure')
authUrl = self._authUrl(server, port, secure=secure)
keystoneCli = KeystoneClient(self.KEYSTONE_API_VERSION,
tenant_name=projectName,
auth_url=authUrl,
username=credentials['username'],
password=credentials['password'],
session=session)
auth = v2_auth.Password(
keystoneCli.auth_url,
username=credentials['username'],
password=credentials['password'])
session.auth = auth
keystoneCli.authenticate()
auth.auth_ref = keystoneCli.auth_ref
return keystoneCli
keystoneCli = self._secureToInsecureFallback(authenticate)
novaCli = self.NovaClientClass(auth_token=keystoneCli.auth_token,
project_id=projectName,
auth_url=keystoneCli.auth_url,
session=session)
endpoint = session.get_endpoint(service_type="image")
glanceCli = GlanceClient(self.GLANCE_CLIENT_VERSION,
endpoint=endpoint,
project_id=projectName,
token=keystoneCli.auth_token,
session=session)
clients = ConsolidatedClient(keystoneCli, novaCli, glanceCli)
except Exception, e:
raise errors.PermissionDenied(message =
"Error initializing client: %s" % (e, ))
def get_keystone_session(**config):
"""
Create a Keystone session from a configuration stanza.
:param dict config: Configuration necessary to authenticate a
session for use with the CinderClient and NovaClient.
:return: keystoneclient.Session
"""
return Session(auth=_openstack_auth_from_config(**config),
verify=_openstack_verify_from_config(**config))
def drvCreateCloudClient(self, credentials):
cloudConfig = self.getTargetConfiguration()
server = cloudConfig['name']
port = cloudConfig['nova_port']
projectName = cloudConfig['project_name']
try:
session = KeystoneSession()
def authenticate(self, **kwargs):
secure = kwargs.pop('secure')
authUrl = self._authUrl(server, port, secure=secure)
keystoneCli = KeystoneClient(self.KEYSTONE_API_VERSION,
tenant_name=projectName,
auth_url=authUrl,
username=credentials['username'],
password=credentials['password'],
session=session)
auth = v2_auth.Password(keystoneCli.auth_url,
username=credentials['username'],
password=credentials['password'])
session.auth = auth
keystoneCli.authenticate()
auth.auth_ref = keystoneCli.auth_ref
return keystoneCli
keystoneCli = self._secureToInsecureFallback(authenticate)
novaCli = self.NovaClientClass(auth_token=keystoneCli.auth_token,
project_id=projectName,
auth_url=keystoneCli.auth_url,
session=session)
endpoint = session.get_endpoint(service_type="image")
glanceCli = GlanceClient(self.GLANCE_CLIENT_VERSION,
endpoint=endpoint,
project_id=projectName,
token=keystoneCli.auth_token,
session=session)
clients = ConsolidatedClient(keystoneCli, novaCli, glanceCli)
except Exception, e:
raise errors.PermissionDenied(
message="Error initializing client: %s" % (e, ))
def cinder_from_configuration(region, cluster_id, **config):
"""
Build a ``CinderBlockDeviceAPI`` using configuration and credentials in
``config``.
:param str region: The region "slug" for which to configure the object.
:param cluster_id: The unique cluster identifier for which to configure the
object.
"""
auth = _openstack_auth_from_config(**config)
session = Session(auth=auth)
cinder_client = CinderClient(session=session,
region_name=region,
version=1)
nova_client = NovaClient(session=session, region_name=region, version=2)
return cinder_api(
cinder_client=cinder_client,
nova_client=nova_client,
cluster_id=cluster_id,
)
'username': username,
}
plugin = v3.Password
# Add trust auth if possible
try:
trust_auth_args = dict(auth_args)
trust_id = environ['OS_TRUST_ID']
trust_auth_args['trust_id'] = trust_id
#conflicts = ['project_domain_name', 'project_name', 'user_domain_name']
conflicts = ['project_name']
for var in conflicts:
del trust_auth_args[var]
trust_auth = plugin(**trust_auth_args)
except KeyError:
trust_auth = None
auth = plugin(**auth_args)
sess = Session(auth=auth)
ks = client.Client(session=sess)
# Use this to ignore warnings
if os.environ.get('IGNORE_SSL_WARNINGS', None):
import urllib3
warnings = (
urllib3.exceptions.InsecurePlatformWarning,
urllib3.exceptions.SNIMissingWarning,
)
urllib3.disable_warnings(warnings)
def init_by_plugin(cls, plugin:BaseIdentityPlugin) -> 'OpenstackClientBase':
return cls(Session(auth=plugin))
