def create_namespace_agent(self, core_plugin, context, network_id):
"""
:param dst_transport_url: st
:type dst_transport_url: str that represents
oslo.messaging.transportURL
"""
port_data = {
'name': '_svcvm-rpc-namespace-agent-' + network_id,
'network_id': network_id,
'mac_address': attributes.ATTR_NOT_SPECIFIED,
'admin_state_up': True,
'device_id': '_svcvm-rpc-proxy-' + network_id,
'device_owner': 'tacker:' + constants.SERVICEVM,
'fixed_ips': attributes.ATTR_NOT_SPECIFIED,
}
port = core_plugin.create_port(context, {'port': port_data})
for i in xrange(len(port['fixed_ips'])):
ipallocation = port['fixed_ips'][i]
subnet_id = ipallocation['subnet_id']
subnet = core_plugin.get_subnet(context, subnet_id)
ipallocation['subnet'] = subnet
port_id = port['id']
try:
self._call(context, port=port)
except Exception:
with excutils.save_and_reraise_exception():
core_plugin.delete_port(context, port_id)
return port_id
def delete_device(self, context, device_id):
device_dict = self._delete_device_pre(context, device_id)
vim_auth = self.get_vim(context, device_dict)
self._vnf_monitor.delete_hosting_vnf(device_id)
driver_name = self._infra_driver_name(device_dict)
instance_id = self._instance_id(device_dict)
placement_attr = device_dict['placement_attr']
region_name = placement_attr.get('region_name', None)
kwargs = {
mgmt_constants.KEY_ACTION: mgmt_constants.ACTION_DELETE_DEVICE,
mgmt_constants.KEY_KWARGS: {'device': device_dict},
}
try:
self.mgmt_delete_pre(context, device_dict)
self.mgmt_call(context, device_dict, kwargs)
self._device_manager.invoke(driver_name, 'delete', plugin=self,
context=context,
device_id=instance_id,
auth_attr=vim_auth,
region_name=region_name)
except Exception as e:
# TODO(yamahata): when the devaice is already deleted. mask
# the error, and delete row in db
# Other case mark error
with excutils.save_and_reraise_exception():
device_dict['status'] = constants.ERROR
self.mgmt_delete_post(context, device_dict)
self._delete_device_post(context, device_id, e)
self._delete_device_post(context, device_id, None)
self.spawn_n(self._delete_device_wait, context, device_dict, vim_auth)
def _from_xml(self, datastring):
if datastring is None:
return None
plurals = set(self.metadata.get('plurals', {}))
try:
node = self._parseXML(datastring)
root_tag = self._get_key(node.tag)
# Deserialize link node was needed by unit test for verifying
# the request's response
links = self._get_links(root_tag, node)
result = self._from_xml_node(node, plurals)
# root_tag = constants.VIRTUAL_ROOT_KEY and links is not None
# is not possible because of the way data are serialized.
if root_tag == constants.VIRTUAL_ROOT_KEY:
return result
return dict({root_tag: result}, **links)
except Exception as e:
with excutils.save_and_reraise_exception():
parseError = False
# Python2.7
if (hasattr(etree, 'ParseError') and
isinstance(e, getattr(etree, 'ParseError'))):
parseError = True
# Python2.6
elif isinstance(e, expat.ExpatError):
parseError = True
if parseError:
msg = _("Cannot understand XML")
raise exception.MalformedRequestBody(reason=msg)
def _from_xml(self, datastring):
if datastring is None:
return None
plurals = set(self.metadata.get('plurals', {}))
try:
node = self._parseXML(datastring)
root_tag = self._get_key(node.tag)
# Deserialize link node was needed by unit test for verifying
# the request's response
links = self._get_links(root_tag, node)
result = self._from_xml_node(node, plurals)
# root_tag = constants.VIRTUAL_ROOT_KEY and links is not None
# is not possible because of the way data are serialized.
if root_tag == constants.VIRTUAL_ROOT_KEY:
return result
return dict({root_tag: result}, **links)
except Exception as e:
with excutils.save_and_reraise_exception():
parseError = False
# Python2.7
if (hasattr(etree, 'ParseError')
and isinstance(e, getattr(etree, 'ParseError'))):
parseError = True
# Python2.6
elif isinstance(e, expat.ExpatError):
parseError = True
if parseError:
msg = _("Cannot understand XML")
raise exception.MalformedRequestBody(reason=msg)
def delete_device(self, context, device_id):
device_dict = self._delete_device_pre(context, device_id)
vim_auth = self.get_vim(context, device_dict)
self._vnf_monitor.delete_hosting_vnf(device_id)
driver_name = self._infra_driver_name(device_dict)
instance_id = self._instance_id(device_dict)
placement_attr = device_dict['placement_attr']
region_name = placement_attr.get('region_name')
kwargs = {
mgmt_constants.KEY_ACTION: mgmt_constants.ACTION_DELETE_DEVICE,
mgmt_constants.KEY_KWARGS: {
'device': device_dict
},
}
try:
self.mgmt_delete_pre(context, device_dict)
self.mgmt_call(context, device_dict, kwargs)
self._device_manager.invoke(driver_name,
'delete',
plugin=self,
context=context,
device_id=instance_id,
auth_attr=vim_auth,
region_name=region_name)
except Exception as e:
# TODO(yamahata): when the devaice is already deleted. mask
# the error, and delete row in db
# Other case mark error
with excutils.save_and_reraise_exception():
device_dict['status'] = constants.ERROR
device_dict['error_reason'] = six.text_type(e)
self.mgmt_delete_post(context, device_dict)
self._delete_device_post(context, device_id, e)
self.spawn_n(self._delete_device_wait, context, device_dict, vim_auth)
def create_namespace_agent(self, core_plugin, context, network_id):
"""
:param dst_transport_url: st
:type dst_transport_url: str that represents
oslo.messaging.transportURL
"""
port_data = {
"name": "_svcvm-rpc-namespace-agent-" + network_id,
"network_id": network_id,
"mac_address": attributes.ATTR_NOT_SPECIFIED,
"admin_state_up": True,
"device_id": "_svcvm-rpc-proxy-" + network_id,
"device_owner": "tacker:" + constants.SERVICEVM,
"fixed_ips": attributes.ATTR_NOT_SPECIFIED,
}
port = core_plugin.create_port(context, {"port": port_data})
for i in xrange(len(port["fixed_ips"])):
ipallocation = port["fixed_ips"][i]
subnet_id = ipallocation["subnet_id"]
subnet = core_plugin.get_subnet(context, subnet_id)
ipallocation["subnet"] = subnet
port_id = port["id"]
try:
self._call(context, port=port)
except Exception:
with excutils.save_and_reraise_exception():
core_plugin.delete_port(context, port_id)
return port_id
def update_device(self, context, device_id, device):
device_dict = self._update_device_pre(context, device_id)
vim_auth = self.get_vim(context, device_dict)
driver_name = self._infra_driver_name(device_dict)
instance_id = self._instance_id(device_dict)
try:
self.mgmt_update_pre(context, device_dict)
self._device_manager.invoke(driver_name,
'update',
plugin=self,
context=context,
device_id=instance_id,
device_dict=device_dict,
device=device,
auth_attr=vim_auth)
except Exception as e:
with excutils.save_and_reraise_exception():
device_dict['status'] = constants.ERROR
self.set_device_error_status_reason(context, device_dict['id'],
six.text_type(e))
self.mgmt_update_post(context, device_dict)
self._update_device_post(context, device_id, constants.ERROR)
self.spawn_n(self._update_device_wait, context, device_dict, vim_auth)
return device_dict
def delete_device(self, context, device_id):
device_dict = self._delete_device_pre(context, device_id)
driver_name = self._device_driver_name(device_dict)
instance_id = self._instance_id(device_dict)
kwargs = {
mgmt_constants.KEY_ACTION: mgmt_constants.ACTION_DELETE_DEVICE,
mgmt_constants.KEY_KWARGS: {
'device': device_dict
},
}
try:
self.mgmt_delete_pre(context, device_dict)
self.mgmt_call(context, device_dict, kwargs)
self._device_manager.invoke(driver_name,
'delete',
plugin=self,
context=context,
device_id=instance_id)
except Exception as e:
# TODO(yamahata): when the devaice is already deleted. mask
# the error, and delete row in db
# Other case mark error
with excutils.save_and_reraise_exception():
device_dict['status'] = constants.ERROR
self.mgmt_delete_post(context, device_dict)
self._delete_device_post(context, device_id, e)
self._delete_device_post(context, device_id, None)
self.spawn_n(self._delete_device_wait, context, device_dict)
def __init__(self, **kwargs):
try:
super(TackerException, self).__init__(self.message % kwargs)
self.msg = self.message % kwargs
except Exception:
with excutils.save_and_reraise_exception() as ctxt:
if not self.use_fatal_exceptions():
ctxt.reraise = False
# at least get the core message out if something happened
super(TackerException, self).__init__(self.message)
def __init__(self, **kwargs):
try:
super(TackerException, self).__init__(self.message % kwargs)
self.msg = self.message % kwargs
except Exception:
with excutils.save_and_reraise_exception() as ctxt:
if not self.use_fatal_exceptions():
ctxt.reraise = False
# at least get the core message out if something happened
super(TackerException, self).__init__(self.message)
def serve_wsgi(cls):
try:
service = cls.create()
service.start()
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_('Unrecoverable error: please check log '
'for details.'))
return service
def serve_wsgi(cls):
try:
service = cls.create()
service.start()
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_('Unrecoverable error: please check log '
'for details.'))
return service
def update_vim(self, context, vim_id, vim):
vim_obj = self._get_vim(context, vim_id)
utils.deep_update(vim_obj, vim['vim'])
vim_type = vim_obj['type']
try:
self._vim_drivers.invoke(vim_type, 'register_vim', vim_obj=vim_obj)
return super(NfvoPlugin, self).update_vim(context, vim_id, vim_obj)
except Exception:
with excutils.save_and_reraise_exception():
self._vim_drivers.invoke(vim_type, 'delete_vim_auth',
vim_id=vim_obj['id'])
def update_vim(self, context, vim_id, vim):
vim_obj = self._get_vim(context, vim_id)
utils.deep_update(vim_obj, vim['vim'])
vim_type = vim_obj['type']
try:
self._vim_drivers.invoke(vim_type, 'register_vim', vim_obj=vim_obj)
return super(NfvoPlugin, self).update_vim(context, vim_id, vim_obj)
except Exception:
with excutils.save_and_reraise_exception():
self._vim_drivers.invoke(vim_type,
'delete_vim_auth',
vim_id=vim_obj['id'])
def __call__(self, target, creds):
if self.target_field not in target:
# policy needs a plugin check
# target field is in the form resource:field
# however if they're not separated by a colon, use an underscore
# as a separator for backward compatibility
def do_split(separator):
parent_res, parent_field = self.target_field.split(separator, 1)
return parent_res, parent_field
for separator in (":", "_"):
try:
parent_res, parent_field = do_split(separator)
break
except ValueError:
LOG.debug(_("Unable to find ':' as separator in %s."), self.target_field)
else:
# If we are here split failed with both separators
err_reason = _("Unable to find resource name in %s") % self.target_field
LOG.exception(err_reason)
raise exceptions.PolicyCheckError(policy="%s:%s" % (self.kind, self.match), reason=err_reason)
parent_foreign_key = attributes.RESOURCE_FOREIGN_KEYS.get("%ss" % parent_res, None)
if not parent_foreign_key:
err_reason = _("Unable to verify match:%(match)s as the " "parent resource: %(res)s was not found") % {
"match": self.match,
"res": parent_res,
}
LOG.exception(err_reason)
raise exceptions.PolicyCheckError(policy="%s:%s" % (self.kind, self.match), reason=err_reason)
# NOTE(salv-orlando): This check currently assumes the parent
# resource is handled by the core plugin. It might be worth
# having a way to map resources to plugins so to make this
# check more general
# FIXME(ihrachys): if import is put in global, circular
# import failure occurs
from tacker import manager
f = getattr(manager.TackerManager.get_instance().plugin, "get_%s" % parent_res)
# f *must* exist, if not found it is better to let tacker
# explode. Check will be performed with admin context
context = importutils.import_module("tacker.context")
try:
data = f(context.get_admin_context(), target[parent_foreign_key], fields=[parent_field])
target[self.target_field] = data[parent_field]
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_("Policy check error while calling %s!"), f)
match = self.match % target
if self.kind in creds:
return match == unicode(creds[self.kind])
return False
def create_vim(self, context, vim):
LOG.debug(_('Create vim called with parameters %s'), vim)
vim_obj = vim['vim']
vim_type = vim_obj['type']
vim_obj['id'] = str(uuid.uuid4())
try:
self._vim_drivers.invoke(vim_type, 'register_vim', vim_obj=vim_obj)
res = super(NfvoPlugin, self).create_vim(context, vim_obj)
return res
except Exception:
with excutils.save_and_reraise_exception():
self._vim_drivers.invoke(vim_type, 'delete_vim_auth',
vim_id=vim_obj['id'])
def remove_path_on_error(path, remove=delete_if_exists):
"""Protect code that wants to operate on PATH atomically.
Any exception will cause PATH to be removed.
:param path: File to work with
:param remove: Optional function to remove passed path
"""
try:
yield
except Exception:
with excutils.save_and_reraise_exception():
remove(path)
def remove_path_on_error(path, remove=delete_if_exists):
"""Protect code that wants to operate on PATH atomically.
Any exception will cause PATH to be removed.
:param path: File to work with
:param remove: Optional function to remove passed path
"""
try:
yield
except Exception:
with excutils.save_and_reraise_exception():
remove(path)
def find_child_pids(pid):
"""Retrieve a list of the pids of child processes of the given pid."""
try:
raw_pids = execute(['ps', '--ppid', pid, '-o', 'pid='])
except RuntimeError as e:
# Unexpected errors are the responsibility of the caller
with excutils.save_and_reraise_exception() as ctxt:
# Exception has already been logged by execute
no_children_found = 'Exit code: 1' in str(e)
if no_children_found:
ctxt.reraise = False
return []
return [x.strip() for x in raw_pids.split('\n') if x.strip()]
def find_child_pids(pid):
"""Retrieve a list of the pids of child processes of the given pid."""
try:
raw_pids = execute(['ps', '--ppid', pid, '-o', 'pid='])
except RuntimeError as e:
# Unexpected errors are the responsibility of the caller
with excutils.save_and_reraise_exception() as ctxt:
# Exception has already been logged by execute
no_children_found = 'Exit code: 1' in str(e)
if no_children_found:
ctxt.reraise = False
return []
return [x.strip() for x in raw_pids.split('\n') if x.strip()]
def create_vim(self, context, vim):
LOG.debug(_('Create vim called with parameters %s'), vim)
vim_obj = vim['vim']
vim_type = vim_obj['type']
vim_obj['id'] = str(uuid.uuid4())
try:
self._vim_drivers.invoke(vim_type, 'register_vim', vim_obj=vim_obj)
res = super(NfvoPlugin, self).create_vim(context, vim_obj)
return res
except Exception:
with excutils.save_and_reraise_exception():
self._vim_drivers.invoke(vim_type,
'delete_vim_auth',
vim_id=vim_obj['id'])
def _do_interface(self, context, device_id, port_id, action):
device_dict = self._update_device_pre(context, device_id)
driver_name = self._infra_driver_name(device_dict)
instance_id = self._instance_id(device_dict)
try:
self._device_manager.invoke(driver_name, action, plugin=self,
context=context, device_id=instance_id)
except Exception:
with excutils.save_and_reraise_exception():
device_dict['status'] = constants.ERROR
self._update_device_post(context, device_id, constants.ERROR)
self._update_device_post(context, device_dict['id'], constants.ACTIVE)
def __init__(self, host=None, **kwargs):
conf = kwargs["conf"]
super(ServiceVMAgent, self).__init__(host=host)
self.conf = conf
self.root_helper = agent_config.get_root_helper(self.conf)
self._proxies = {}
try:
vif_driver = importutils.import_object(conf.interface_driver, conf)
except ImportError:
with excutils.save_and_reraise_exception():
msg = _("Error importing interface driver: %s") % conf.interface_driver
LOG.error(msg)
self._vif_driver = vif_driver
self._proxy_agents = {}
self._src_transport = None
self._get_src_transport()
atexit.register(self._atexit)
def update_device(self, context, device_id, device):
device_dict = self._update_device_pre(context, device_id)
driver_name = self._infra_driver_name(device_dict)
instance_id = self._instance_id(device_dict)
try:
self.mgmt_update_pre(context, device_dict)
self._device_manager.invoke(
driver_name, 'update', plugin=self, context=context,
device_id=instance_id, device_dict=device_dict, device=device)
except Exception:
with excutils.save_and_reraise_exception():
device_dict['status'] = constants.ERROR
self.mgmt_update_post(context, device_dict)
self._update_device_post(context, device_id, constants.ERROR)
self.spawn_n(self._update_device_wait, context, device_dict)
return device_dict
def __init__(self, host=None, **kwargs):
conf = kwargs['conf']
super(ServiceVMAgent, self).__init__(host=host)
self.conf = conf
self.root_helper = agent_config.get_root_helper(self.conf)
self._proxies = {}
try:
vif_driver = importutils.import_object(conf.interface_driver, conf)
except ImportError:
with excutils.save_and_reraise_exception():
msg = (_('Error importing interface driver: %s') %
conf.interface_driver)
LOG.error(msg)
self._vif_driver = vif_driver
self._proxy_agents = {}
self._src_transport = None
self._get_src_transport()
atexit.register(self._atexit)
def _create_device(self, context, device, vim_auth):
device_dict = self._create_device_pre(context, device)
device_id = device_dict['id']
driver_name = self._infra_driver_name(device_dict)
LOG.debug(_('device_dict %s'), device_dict)
self.mgmt_create_pre(context, device_dict)
try:
instance_id = self._device_manager.invoke(
driver_name, 'create', plugin=self,
context=context, device=device_dict, auth_attr=vim_auth)
except Exception:
with excutils.save_and_reraise_exception():
self.delete_device(context, device_id)
if instance_id is None:
self._create_device_post(context, device_id, None, None,
device_dict)
return
device_dict['instance_id'] = instance_id
return device_dict
def update_device(self, context, device_id, device):
device_dict = self._update_device_pre(context, device_id)
driver_name = self._device_driver_name(device_dict)
instance_id = self._instance_id(device_dict)
try:
self.mgmt_update_pre(context, device_dict)
self._device_manager.invoke(driver_name,
'update',
plugin=self,
context=context,
device_id=instance_id)
except Exception:
with excutils.save_and_reraise_exception():
device_dict['status'] = constants.ERROR
self.mgmt_update_post(context, device_dict)
self._update_device_post(context, device_id, constants.ERROR)
self.spawn_n(self._update_device_wait, context, device_dict)
return device_dict
def _create_device(self, context, device, vim_auth):
device_dict = self._create_device_pre(context, device)
device_id = device_dict['id']
driver_name = self._infra_driver_name(device_dict)
LOG.debug(_('device_dict %s'), device_dict)
self.mgmt_create_pre(context, device_dict)
try:
instance_id = self._device_manager.invoke(driver_name,
'create',
plugin=self,
context=context,
device=device_dict,
auth_attr=vim_auth)
except Exception:
with excutils.save_and_reraise_exception():
self.delete_device(context, device_id)
if instance_id is None:
self._create_device_post(context, device_id, None, None,
device_dict)
return
device_dict['instance_id'] = instance_id
return device_dict
def deserialize_body(self, request, action):
try:
content_type = request.best_match_content_type()
except exception.InvalidContentType:
LOG.debug(_("Unrecognized Content-Type provided in request"))
return {}
if content_type is None:
LOG.debug(_("No Content-Type provided in request"))
return {}
if not len(request.body) > 0:
LOG.debug(_("Empty body provided in request"))
return {}
try:
deserializer = self.get_body_deserializer(content_type)
except exception.InvalidContentType:
with excutils.save_and_reraise_exception():
LOG.debug(_("Unable to deserialize body as provided "
"Content-Type"))
return deserializer.deserialize(request.body, action)
def deserialize_body(self, request, action):
try:
content_type = request.best_match_content_type()
except exception.InvalidContentType:
LOG.debug(_("Unrecognized Content-Type provided in request"))
return {}
if content_type is None:
LOG.debug(_("No Content-Type provided in request"))
return {}
if not len(request.body) > 0:
LOG.debug(_("Empty body provided in request"))
return {}
try:
deserializer = self.get_body_deserializer(content_type)
except exception.InvalidContentType:
with excutils.save_and_reraise_exception():
LOG.debug(
_("Unable to deserialize body as provided "
"Content-Type"))
return deserializer.deserialize(request.body, action)
def __call__(self, target, creds):
if self.target_field not in target:
# policy needs a plugin check
# target field is in the form resource:field
# however if they're not separated by a colon, use an underscore
# as a separator for backward compatibility
def do_split(separator):
parent_res, parent_field = self.target_field.split(
separator, 1)
return parent_res, parent_field
for separator in (':', '_'):
try:
parent_res, parent_field = do_split(separator)
break
except ValueError:
LOG.debug(_("Unable to find ':' as separator in %s."),
self.target_field)
else:
# If we are here split failed with both separators
err_reason = (_("Unable to find resource name in %s") %
self.target_field)
LOG.exception(err_reason)
raise exceptions.PolicyCheckError(policy="%s:%s" %
(self.kind, self.match),
reason=err_reason)
parent_foreign_key = attributes.RESOURCE_FOREIGN_KEYS.get(
"%ss" % parent_res, None)
if not parent_foreign_key:
err_reason = (_("Unable to verify match:%(match)s as the "
"parent resource: %(res)s was not found") % {
'match': self.match,
'res': parent_res
})
LOG.exception(err_reason)
raise exceptions.PolicyCheckError(policy="%s:%s" %
(self.kind, self.match),
reason=err_reason)
# NOTE(salv-orlando): This check currently assumes the parent
# resource is handled by the core plugin. It might be worth
# having a way to map resources to plugins so to make this
# check more general
# FIXME(ihrachys): if import is put in global, circular
# import failure occurs
from tacker import manager
f = getattr(manager.TackerManager.get_instance().plugin,
'get_%s' % parent_res)
# f *must* exist, if not found it is better to let tacker
# explode. Check will be performed with admin context
context = importutils.import_module('tacker.context')
try:
data = f(context.get_admin_context(),
target[parent_foreign_key],
fields=[parent_field])
target[self.target_field] = data[parent_field]
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_('Policy check error while calling %s!'), f)
match = self.match % target
if self.kind in creds:
return match == six.text_type(creds[self.kind])
return False
def _get_socket(self, host, port, backlog):
bind_addr = (host, port)
# TODO(dims): eventlet's green dns/socket module does not actually
# support IPv6 in getaddrinfo(). We need to get around this in the
# future or monitor upstream for a fix
try:
info = socket.getaddrinfo(bind_addr[0], bind_addr[1],
socket.AF_UNSPEC, socket.SOCK_STREAM)[0]
family = info[0]
bind_addr = info[-1]
except Exception:
LOG.exception(_("Unable to listen on %(host)s:%(port)s"), {
'host': host,
'port': port
})
sys.exit(1)
if CONF.use_ssl:
if not os.path.exists(CONF.ssl_cert_file):
raise RuntimeError(
_("Unable to find ssl_cert_file "
": %s") % CONF.ssl_cert_file)
# ssl_key_file is optional because the key may be embedded in the
# certificate file
if CONF.ssl_key_file and not os.path.exists(CONF.ssl_key_file):
raise RuntimeError(
_("Unable to find "
"ssl_key_file : %s") % CONF.ssl_key_file)
# ssl_ca_file is optional
if CONF.ssl_ca_file and not os.path.exists(CONF.ssl_ca_file):
raise RuntimeError(
_("Unable to find ssl_ca_file "
": %s") % CONF.ssl_ca_file)
def wrap_ssl(sock):
ssl_kwargs = {
'server_side': True,
'certfile': CONF.ssl_cert_file,
'keyfile': CONF.ssl_key_file,
'cert_reqs': ssl.CERT_NONE,
}
if CONF.ssl_ca_file:
ssl_kwargs['ca_certs'] = CONF.ssl_ca_file
ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED
return ssl.wrap_socket(sock, **ssl_kwargs)
sock = None
retry_until = time.time() + CONF.retry_until_window
while not sock and time.time() < retry_until:
try:
sock = eventlet.listen(bind_addr,
backlog=backlog,
family=family)
if CONF.use_ssl:
sock = wrap_ssl(sock)
except socket.error as err:
with excutils.save_and_reraise_exception() as ctxt:
if err.errno == errno.EADDRINUSE:
ctxt.reraise = False
eventlet.sleep(0.1)
if not sock:
raise RuntimeError(
_("Could not bind to %(host)s:%(port)s "
"after trying for %(time)d seconds") % {
'host': host,
'port': port,
'time': CONF.retry_until_window
})
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
# sockets can hang around forever without keepalive
sock.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
# This option isn't available in the OS X version of eventlet
if hasattr(socket, 'TCP_KEEPIDLE'):
sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE,
CONF.tcp_keepidle)
return sock
def _get_socket(self, host, port, backlog):
bind_addr = (host, port)
# TODO(dims): eventlet's green dns/socket module does not actually
# support IPv6 in getaddrinfo(). We need to get around this in the
# future or monitor upstream for a fix
try:
info = socket.getaddrinfo(bind_addr[0],
bind_addr[1],
socket.AF_UNSPEC,
socket.SOCK_STREAM)[0]
family = info[0]
bind_addr = info[-1]
except Exception:
LOG.exception(_("Unable to listen on %(host)s:%(port)s"),
{'host': host, 'port': port})
sys.exit(1)
if CONF.use_ssl:
if not os.path.exists(CONF.ssl_cert_file):
raise RuntimeError(_("Unable to find ssl_cert_file "
": %s") % CONF.ssl_cert_file)
# ssl_key_file is optional because the key may be embedded in the
# certificate file
if CONF.ssl_key_file and not os.path.exists(CONF.ssl_key_file):
raise RuntimeError(_("Unable to find "
"ssl_key_file : %s") % CONF.ssl_key_file)
# ssl_ca_file is optional
if CONF.ssl_ca_file and not os.path.exists(CONF.ssl_ca_file):
raise RuntimeError(_("Unable to find ssl_ca_file "
": %s") % CONF.ssl_ca_file)
def wrap_ssl(sock):
ssl_kwargs = {
'server_side': True,
'certfile': CONF.ssl_cert_file,
'keyfile': CONF.ssl_key_file,
'cert_reqs': ssl.CERT_NONE,
}
if CONF.ssl_ca_file:
ssl_kwargs['ca_certs'] = CONF.ssl_ca_file
ssl_kwargs['cert_reqs'] = ssl.CERT_REQUIRED
return ssl.wrap_socket(sock, **ssl_kwargs)
sock = None
retry_until = time.time() + CONF.retry_until_window
while not sock and time.time() < retry_until:
try:
sock = eventlet.listen(bind_addr,
backlog=backlog,
family=family)
if CONF.use_ssl:
sock = wrap_ssl(sock)
except socket.error as err:
with excutils.save_and_reraise_exception() as ctxt:
if err.errno == errno.EADDRINUSE:
ctxt.reraise = False
eventlet.sleep(0.1)
if not sock:
raise RuntimeError(_("Could not bind to %(host)s:%(port)s "
"after trying for %(time)d seconds") %
{'host': host,
'port': port,
'time': CONF.retry_until_window})
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
# sockets can hang around forever without keepalive
sock.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
# This option isn't available in the OS X version of eventlet
if hasattr(socket, 'TCP_KEEPIDLE'):
sock.setsockopt(socket.IPPROTO_TCP,
socket.TCP_KEEPIDLE,
CONF.tcp_keepidle)
return sock
