def _openstack(**config): """ Create Cinder and Nova volume managers suitable for use in the creation of a ``CinderBlockDeviceAPI``. They will be configured to use the region where the server that is running this code is running. :param config: Any additional configuration (possibly provider-specific) necessary to authenticate a session for use with the CinderClient and NovaClient. :return: A ``dict`` of keyword arguments for ``cinder_api``. """ # The execution context should have set up this environment variable, # probably by inspecting some cloud-y state to discover where this code is # running. Since the execution context is probably a stupid shell script, # fix the casing of the region name here (keystone is very sensitive to # case) instead of forcing me to figure out how to upper case things in # bash (I already learned a piece of shell syntax today, once is all I can # take). region = environ.get('FLOCKER_FUNCTIONAL_TEST_OPENSTACK_REGION') if region is not None: region = region.upper() auth = _openstack_auth_from_config(**config) session = Session(auth=auth) cinder_client = CinderClient( session=session, region_name=region, version=1 ) nova_client = NovaClient( session=session, region_name=region, version=2 ) return dict( cinder_client=cinder_client, nova_client=nova_client )
def get_keystone_session(env): """Return a keystone session.""" from keystoneclient.auth.identity import v2 from keystoneclient.session import Session auth = v2.Password(auth_url=env['OS_AUTH_URL'], username=env['OS_USERNAME'], password=env['OS_PASSWORD'], tenant_name=env['OS_TENANT_NAME']) return Session(auth=auth)
def auth_session(self): if not self.__auth_session: log.debug( "Creating auth session with args {}", {k: v for k, v in self.__auth.items() if k != 'password'}) plugin = Password(**self.__auth) self.__auth_session = Session(auth=plugin, timeout=self.request_timeout) return self.__auth_session
def drvCreateCloudClient(self, credentials): cloudConfig = self.getTargetConfiguration() server = cloudConfig['name'] port = cloudConfig['nova_port'] projectName = cloudConfig['project_name'] try: session = KeystoneSession() def authenticate(self, **kwargs): secure = kwargs.pop('secure') authUrl = self._authUrl(server, port, secure=secure) keystoneCli = KeystoneClient(self.KEYSTONE_API_VERSION, tenant_name=projectName, auth_url=authUrl, username=credentials['username'], password=credentials['password'], session=session) auth = v2_auth.Password( keystoneCli.auth_url, username=credentials['username'], password=credentials['password']) session.auth = auth keystoneCli.authenticate() auth.auth_ref = keystoneCli.auth_ref return keystoneCli keystoneCli = self._secureToInsecureFallback(authenticate) novaCli = self.NovaClientClass(auth_token=keystoneCli.auth_token, project_id=projectName, auth_url=keystoneCli.auth_url, session=session) endpoint = session.get_endpoint(service_type="image") glanceCli = GlanceClient(self.GLANCE_CLIENT_VERSION, endpoint=endpoint, project_id=projectName, token=keystoneCli.auth_token, session=session) clients = ConsolidatedClient(keystoneCli, novaCli, glanceCli) except Exception, e: raise errors.PermissionDenied(message = "Error initializing client: %s" % (e, ))
def get_keystone_session(**config): """ Create a Keystone session from a configuration stanza. :param dict config: Configuration necessary to authenticate a session for use with the CinderClient and NovaClient. :return: keystoneclient.Session """ return Session(auth=_openstack_auth_from_config(**config), verify=_openstack_verify_from_config(**config))
def drvCreateCloudClient(self, credentials): cloudConfig = self.getTargetConfiguration() server = cloudConfig['name'] port = cloudConfig['nova_port'] projectName = cloudConfig['project_name'] try: session = KeystoneSession() def authenticate(self, **kwargs): secure = kwargs.pop('secure') authUrl = self._authUrl(server, port, secure=secure) keystoneCli = KeystoneClient(self.KEYSTONE_API_VERSION, tenant_name=projectName, auth_url=authUrl, username=credentials['username'], password=credentials['password'], session=session) auth = v2_auth.Password(keystoneCli.auth_url, username=credentials['username'], password=credentials['password']) session.auth = auth keystoneCli.authenticate() auth.auth_ref = keystoneCli.auth_ref return keystoneCli keystoneCli = self._secureToInsecureFallback(authenticate) novaCli = self.NovaClientClass(auth_token=keystoneCli.auth_token, project_id=projectName, auth_url=keystoneCli.auth_url, session=session) endpoint = session.get_endpoint(service_type="image") glanceCli = GlanceClient(self.GLANCE_CLIENT_VERSION, endpoint=endpoint, project_id=projectName, token=keystoneCli.auth_token, session=session) clients = ConsolidatedClient(keystoneCli, novaCli, glanceCli) except Exception, e: raise errors.PermissionDenied( message="Error initializing client: %s" % (e, ))
def cinder_from_configuration(region, cluster_id, **config): """ Build a ``CinderBlockDeviceAPI`` using configuration and credentials in ``config``. :param str region: The region "slug" for which to configure the object. :param cluster_id: The unique cluster identifier for which to configure the object. """ auth = _openstack_auth_from_config(**config) session = Session(auth=auth) cinder_client = CinderClient(session=session, region_name=region, version=1) nova_client = NovaClient(session=session, region_name=region, version=2) return cinder_api( cinder_client=cinder_client, nova_client=nova_client, cluster_id=cluster_id, )
'username': username, } plugin = v3.Password # Add trust auth if possible try: trust_auth_args = dict(auth_args) trust_id = environ['OS_TRUST_ID'] trust_auth_args['trust_id'] = trust_id #conflicts = ['project_domain_name', 'project_name', 'user_domain_name'] conflicts = ['project_name'] for var in conflicts: del trust_auth_args[var] trust_auth = plugin(**trust_auth_args) except KeyError: trust_auth = None auth = plugin(**auth_args) sess = Session(auth=auth) ks = client.Client(session=sess) # Use this to ignore warnings if os.environ.get('IGNORE_SSL_WARNINGS', None): import urllib3 warnings = ( urllib3.exceptions.InsecurePlatformWarning, urllib3.exceptions.SNIMissingWarning, ) urllib3.disable_warnings(warnings)
def init_by_plugin(cls, plugin:BaseIdentityPlugin) -> 'OpenstackClientBase': return cls(Session(auth=plugin))