def list():
"""Get a list of projects."""
client = p9admin.OpenStackClient()
projects = client.projects()
for project in projects:
print(project.name)
def ensure_ldap(name, group_cn, uid, password):
"""Ensure a project exists based on an LDAP group."""
if not uid:
sys.exit("You must specify --uid USER to connect to LDAP")
if group_cn is None:
group_cn = name
client = p9admin.OpenStackClient()
client.logger.info("Ensuring actual project exists")
project = p9admin.project.ensure_project(client, name)
client.logger.info("Ensuring all users exist and have their own projects")
users = p9admin.user.get_ldap_group_users(group_cn, uid, password)
if not users:
sys.exit("LDAP group {} doesn't contain any users".format(group_cn))
client.ensure_users(users)
user_ids = [user.user.id for user in users]
client.ensure_project_members(project, user_ids, keep_others=False)
print('Project "{}" [{}]'.format(project.name, project.id))
def ensure_ldap(name, group_cn, uid, password):
"""Ensure a project exists based on an LDAP group"""
if not uid:
sys.exit("You must specify --uid USER to connect to LDAP")
if group_cn is None:
group_cn = name
client = p9admin.OpenStackClient()
client.logger.info("Ensuring all users exist and have their own projects")
### FIXME this is common code with user.ensure_users
p9Users = p9admin.user.get_ldap_group_users(group_cn, uid, password)
if not p9Users:
sys.exit("LDAP group {} doesn't contain any users".format(group_cn))
for p9User in p9Users:
project = p9admin.project.ensure_project(client, p9User.name)
client.ensure_user(p9User, default_project=project)
client.grant_project_access(project, user=p9User.user)
client.logger.info("Ensuring group exists and has the correct members")
group = client.ensure_group(name)
users = [p9User.user for p9User in p9Users]
client.ensure_group_members(group, users, keep_others=False)
client.logger.info("Ensuring actual project exists")
project = p9admin.project.ensure_project(client, name)
client.grant_project_access(project, group=group)
print('Project "{}" [{}]'.format(project.name, project.id))
def repl():
"""Drop into interactive Python REPL"""
client = p9admin.OpenStackClient()
import code
vars = globals().copy()
vars.update(locals())
code.interact(local=vars)
def get_quota(project_name):
"""Get a list of quotas for a project."""
if "OS_NOVA_URL" not in os.environ:
sys.exit("OS_NOVA_URL environment variable must be set. Check README.rst")
client = p9admin.OpenStackClient()
project = client.project_by_name(project_name)
pprint.pprint(p9admin.project.get_quota(client, project.id))
def ensure_ldap_users(filter, uid, password):
"""Ensure that users are set up based on an LDAP filter."""
if not uid:
sys.exit("You must specify --uid USER to connect to LDAP")
client = p9admin.OpenStackClient()
users = p9admin.user.get_ldap_users(filter, uid, password)
client.ensure_users(users)
def ensure_user(name, email):
"""Ensure that an SAML user is all set up"""
client = p9admin.OpenStackClient()
user = p9admin.User(name, email)
client.saml().ensure_group(user)
client.saml().ensure_mappings([user])
project = p9admin.project.ensure_project(client, user.name)
client.grant_project_access(project, group=user.group)
def list():
"""List hosts"""
hosts = p9admin.OpenStackClient().openstack().list_hypervisors()
hosts = sorted(hosts, key=operator.itemgetter("hypervisor_hostname"))
for host in hosts:
print("{host_id} {hypervisor_hostname:<55} {state:10} {status:10}" \
.format(
host_id=host['OS-EXT-PF9-HYP-ATTR:host_id'],
**host.toDict()))
def revoke_user(email, project, admin):
"""Revoke a user's access to a project."""
client = p9admin.OpenStackClient()
user = client.find_user(email)
if not user:
sys.exit('User "{}" not found'.format(email))
client.revoke_project_access(
client.find_project(project), user=user, role_name=role_name(admin))
def ensure(name):
"""
Ensure a project exists.
This will also ensure that the networks and other objects that should exist
within the project do actually exist.
"""
client = p9admin.OpenStackClient()
project = p9admin.project.ensure_project(client, name, assume_complete=False)
print('Project "{}" [{}]'.format(project.name, project.id))
def repl():
"""
Drop into interactive Python REPL.
An instance of p9admin.OpenStackClient() will be available as "client".
"""
client = p9admin.OpenStackClient()
import code
vars = globals().copy()
vars.update(locals())
code.interact(local=vars)
def apply_quota_all(quota_name, quota_value, force=False, defaults=False):
"""
Apply a quota to all projects in the environment.
This will not lower quotas, only raise them. Use --force to force all
quotas to the new setting, even if that would mean lowering a quota.
quota_name is one of:
instances
ram
cores
fixed_ips
floating_ips
injected_file_content_bytes
injected_file_path_bytes
injected_files
key_pairs
metadata_items
security_groups
security_group_rules
server_groups
server_group_members
networks
subnets
routers
root_gb
quota_value is a number, -1 for unlimited
"""
client = p9admin.OpenStackClient()
projects = client.projects()
if "OS_NOVA_URL" not in os.environ:
sys.exit(
"OS_NOVA_URL environment variable must be set. Check README.md")
client.logger.info("Starting application of quotas to all projects")
if defaults:
for project in projects:
p9admin.project.verified_apply_quota_defaults(client, project)
sys.exit()
validators.quota_name(quota_name)
validators.quota_value(quota_name, quota_value)
for project in projects:
p9admin.project.verified_apply_quota(client, project, quota_name,
quota_value)
def apply_quota(project_name, quota_name, quota_value, defaults):
"""
Apply a quota to a project.
quota_name is one of:
instances
ram
cores
fixed_ips
floating_ips
injected_file_content_bytes
injected_file_path_bytes
injected_files
key_pairs
metadata_items
security_groups
security_group_rules
server_groups
server_group_members
networks
subnets
routers
root_gb
quota_value is a number, -1 for unlimited
"""
client = p9admin.OpenStackClient()
if "OS_NOVA_URL" not in os.environ:
sys.exit(
"OS_NOVA_URL environment variable must be set. Check README.md")
project = client.project_by_name(project_name)
if defaults:
if quota_name or quota_value:
sys.exit("Can't use defaults with quota_name or quota_value")
pprint.pprint(p9admin.project.apply_quota_defaults(client, project.id))
sys.exit()
validators.quota_name(quota_name)
validators.quota_value(quota_name, quota_value)
pprint.pprint(
p9admin.project.apply_quota(client, project.id, quota_name,
quota_value))
def ensure_ldap_users(filter, uid, password):
"""Ensure that SAML users are set up based on an LDAP filter"""
if not uid:
sys.exit("You must specify --uid USER to connect to LDAP")
users = p9admin.user.get_ldap_users(filter, uid, password)
if not users:
return
client = p9admin.OpenStackClient()
for user in users:
client.saml().ensure_group(user)
client.saml().ensure_mappings(users)
for user in users:
project = p9admin.project.ensure_project(client, user.name)
client.grant_project_access(project, group=user.group)
def fix_provider_location(id=None, all=False):
"""
Fix the provider_location property of an image.
Setting the provider_location property correctly allows the Tintri to do the
clone of the image instead of having OpenStack download the image and then
re-upload it via Cinder.
"""
logger = logging.getLogger(__name__)
glance = p9admin.OpenStackClient().glance()
if all and id is not None:
sys.exit("ID and --all cannot both be specified.")
if not all and id is None:
sys.exit("Either ID or --all must be specified.")
if all:
for image in glance.images.list():
_fix_provider_location(logger, glance, image)
else:
image = glance.images.get(id)
_fix_provider_location(logger, glance, image)
def list(format):
"""List hosts."""
hosts = p9admin.OpenStackClient().openstack().list_hypervisors()
hosts = sorted(hosts, key=operator.itemgetter("hypervisor_hostname"))
if format == "csv":
writer = csv.writer(sys.stdout)
writer.writerow(["host_id", "hostname", "state", "status"])
for host in hosts:
writer.writerow([
host['OS-EXT-PF9-HYP-ATTR:host_id'],
host['hypervisor_hostname'],
host['state'],
host['status'],
])
elif format == "table":
for host in hosts:
print("{host_id} {hypervisor_hostname:<55} {state:10} {status:10}" \
.format(
host_id=host['OS-EXT-PF9-HYP-ATTR:host_id'],
**host.toDict()))
else:
sys.exit("Format must be csv or table")
def stats():
"""
Get information about usage of all projects.
This outputs CSV.
"""
client = p9admin.OpenStackClient()
projects = client.projects()
writer = csv.writer(sys.stdout)
writer.writerow([
"project_id",
"project_name",
"count_servers",
"count_servers_on",
"count_volumes",
"size_volumes",
"count_volumes_inuse",
"size_volumes_inuse",
])
for project in projects:
stats = p9admin.project.get_stats(client, project)
writer.writerow([project.id, project.name] + stats)
def delete(name):
"""Delete a project and the objects within"""
p9admin.project.delete_project(p9admin.OpenStackClient(), name)
def ensure_user(name, email):
"""Ensure that a user is all set up."""
client = p9admin.OpenStackClient()
client.ensure_users([p9admin.User(name, email)])
def show(name):
"""Show a project and the objects within."""
p9admin.project.show_project(p9admin.OpenStackClient(), name)
def delete(names):
"""Delete project(s) and the objects within."""
client = p9admin.OpenStackClient()
for name in names:
p9admin.project.delete_project(client, name)
def show_group(email):
"""Show a group"""
p9admin.OpenStackClient().saml().show_group(email)
def ensure(name):
"""Ensure a project exists"""
client = p9admin.OpenStackClient()
project = p9admin.project.ensure_project(client, name)
print('Project "{}" [{}]'.format(project.name, project.id))
def delete_groups(emails):
"""Delete groups"""
p9admin.OpenStackClient().saml().delete_groups(emails)
