def main():
for prov in Provider.objects.filter(type__name__icontains='openstack'):
if not prov.is_active():
continue
print "Importing machine membership for %s" % prov
accounts = OSAccounts(prov)
if not accounts:
print "Aborting import: Could not retrieve OSAccounts driver "\
"for Provider %s" % prov
continue
admin_driver = get_admin_driver(prov)
if not admin_driver:
print "Aborting import: Could not retrieve admin_driver "\
"for Provider %s" % prov
continue
private_images = admin_driver.filter_machines(
accounts.list_all_images(is_public=False),
black_list=["eki-", "eri-", "ChromoSnapShot"])
public_images = admin_driver.filter_machines(
accounts.list_all_images(is_public=True),
black_list=["eki-", "eri-", "ChromoSnapShot"])
fix_public_images(public_images, prov, accounts)
fix_private_images(private_images, prov, accounts)
fix_private_images_without_repr(private_images, prov, accounts)
def main():
"""
TODO: Add argparse, --delete : Deletes existing users in openstack (Never use in PROD)
"""
openstack = Provider.objects.filter(
type__name__iexact="openstack").order_by("id")
if not openstack:
raise Provider.DoesNotExist("No OpenStack Provider Found")
openstack = openstack[0]
os_driver = OSAccountDriver(openstack)
found = 0
create = 0
usernames = os_driver.list_usergroup_names()
quota_dict = {
'cpu': 10,
'memory': 20,
'storage': 10,
'storage_count': 10
}
higher_quota = Quota.objects.get_or_create(**quota_dict)[0]
for user in usernames:
# Openstack account exists, but we need the identity.
ident = os_driver.create_account(user)
if is_staff(ident):
im = ident.identity_membership.all()[0]
# Disable time allocation
im.allocation = None
# Raise everybody's quota
im.quota = higher_quota
im.save()
print "Total users added to atmosphere:%s" % len(usernames)
def security_group_init(core_identity):
os_driver = OSAccountDriver(core_identity.provider)
creds = core_identity.get_credentials()
security_group = os_driver.init_security_group(
creds["key"], creds["secret"], creds["ex_tenant_name"], creds["ex_tenant_name"], os_driver.MASTER_RULES_LIST
)
return security_group
def main():
"""
Using the keyname and public_key defined in settings
Ensure that the keypair has been distributed to every identity on the
provider.
It is essential that all users carry the same keypair to allow Deployment
access
"""
keyname = settings.ATMOSPHERE_KEYPAIR_NAME
with open(settings.ATMOSPHERE_KEYPAIR_FILE, 'r') as pub_key_file:
public_key = pub_key_file.read()
print "Adding keypair: %s Contents: %s" % (keyname, public_key)
os_providers = Provider.objects.filter(type__name="OpenStack")
for prov in os_providers:
count = 0
identities = Identity.objects.filter(provider=prov)
os_accounts = OSAccountDriver(prov)
for ident in identities:
creds = os_accounts.parse_identity(ident)
try:
(keypair, created) = os_accounts.get_or_create_keypair(
creds['username'], creds['password'], creds['tenant_name'],
keyname, public_key)
except Unauthorized, exc:
print "Could not create keypair for %s. Error message: %s"\
% (creds['username'], exc.message)
if created:
print "Created keypair %s for user %s"\
% (keypair, creds['username'])
count += 1
print 'Keypairs added for %s accounts on %s' % (count, prov)
def main():
"""
TODO: Add argparse, --delete : Deletes existing users in eucalyptus (Never use in PROD)
"""
euca = Provider.objects.get(location="Eucalyptus (retiring March 4)")
euca_driver = EucaAccountDriver(euca)
openstack = Provider.objects.get(location="iPlant Cloud - Tucson")
os_driver = OSAccountDriver(openstack)
all_users = euca_driver.list_users()
# Sort by users
all_values = sorted(all_users.values(), key=lambda user: user["username"])
total = 0
for user_dict in all_values:
id_exists = Identity.objects.filter(created_by__username=user_dict["username"], provider=euca)
if not id_exists:
euca_driver.create_account(user_dict)
total += 1
print "Added to Eucalyptus: %s" % user_dict["username"]
print "Total users added:%s" % total
if include_openstack:
print "Adding all eucalyptus users to openstack"
total = 0
for user_dict in all_values:
id_exists = Identity.objects.filter(created_by__username=user_dict["username"], provider=openstack)
if not id_exists:
os_driver.create_account(user_dict["username"])
total += 1
print "Added to Openstack: %s" % user_dict["username"]
print "Total users added to openstack:%s" % total
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--provider",
type=int,
help="Atmosphere provider ID"
" to use.")
parser.add_argument("image_ids",
help="Image ID(s) to be repaired. (Comma-Separated)")
args = parser.parse_args()
if not args.provider:
provider = Provider.objects.get(location='iPlant Cloud - Tucson')
else:
provider = Provider.objects.get(id=args.provider)
images = args.image_ids.split(",")
accounts = OSAccountDriver(provider)
for image_id in images:
mr = MachineRequest.objects.get(new_machine__identifier=image_id)
glance_image = accounts.get_image(image_id)
if not glance_image.properties.has_key('kernel_id')\
or not glance_image.properties.has_key('ramdisk_id'):
print "Image %s (%s) is missing kernel and/or ramdisk ..." % (
image_id, glance_image.name),
fix_image(accounts, glance_image, mr)
def setUp(self):
#Initialize core DB
self.euca_admin_id = create_euca_provider()
self.euca_provider = self.euca_admin_id.provider
self.os_admin_id = create_os_provider()
self.os_provider = self.os_admin_id.provider
#Ensure there is an account created/ready to go
euca_accounts = EucaAccounts(self.euca_provider)
euca_user = euca_accounts.get_user(settings.TEST_RUNNER_USER)
self.euca_id = euca_accounts.create_account(euca_user)
os_accounts = OSAccounts(self.os_provider)
self.os_id = os_accounts.create_account(
settings.TEST_RUNNER_USER,
os_accounts.hashpass(settings.TEST_RUNNER_USER))
#Initialize API
self.api_client = TokenAPIClient()
self.api_client.login(
username=settings.TEST_RUNNER_USER,
password=settings.TEST_RUNNER_PASS)
reverse_link = reverse('api:public_apis:machine-list',
args=[self.os_id.provider.id,
self.os_id.id])
self.os_machine_url = urljoin(settings.SERVER_URL, reverse_link)
reverse_link = reverse('api:public_apis:machine-list',
args=[self.euca_id.provider.id,
self.euca_id.id])
self.euca_machine_url = urljoin(settings.SERVER_URL, reverse_link)
def main():
for prov in Provider.objects.filter(type__name__icontains='openstack'):
if not prov.is_active():
continue
print "Importing machine membership for %s" % prov
accounts = OSAccounts(prov)
if not accounts:
print "Aborting import: Could not retrieve OSAccounts driver "\
"for Provider %s" % prov
continue
admin_driver = get_admin_driver(prov)
if not admin_driver:
print "Aborting import: Could not retrieve admin_driver "\
"for Provider %s" % prov
continue
private_images = admin_driver.filter_machines(
accounts.list_all_images(is_public=False),
black_list=["eki-", "eri-", "ChromoSnapShot"])
public_images = admin_driver.filter_machines(
accounts.list_all_images(is_public=True),
black_list=["eki-", "eri-", "ChromoSnapShot"])
fix_public_images(public_images, prov, accounts)
fix_private_images(private_images, prov, accounts)
fix_private_images_without_repr(private_images, prov, accounts)
def setUp(self):
#Initialize core DB
self.euca_admin_id = create_euca_provider()
self.euca_provider = self.euca_admin_id.provider
self.os_admin_id = create_os_provider()
self.os_provider = self.os_admin_id.provider
#Ensure there is an account created/ready to go
euca_accounts = EucaAccounts(self.euca_provider)
euca_user = euca_accounts.get_user(settings.TEST_RUNNER_USER)
self.euca_id = euca_accounts.create_account(euca_user)
os_accounts = OSAccounts(self.os_provider)
self.os_id = os_accounts.create_account(
settings.TEST_RUNNER_USER,
os_accounts.hashpass(settings.TEST_RUNNER_USER))
#Initialize API
self.api_client = TokenAPIClient()
self.api_client.login(username=settings.TEST_RUNNER_USER,
password=settings.TEST_RUNNER_PASS)
reverse_link = reverse('api:public_apis:machine-list',
args=[self.os_id.provider.id, self.os_id.id])
self.os_machine_url = urljoin(settings.SERVER_URL, reverse_link)
reverse_link = reverse(
'api:public_apis:machine-list',
args=[self.euca_id.provider.id, self.euca_id.id])
self.euca_machine_url = urljoin(settings.SERVER_URL, reverse_link)
def main():
"""
TODO: Add argparse, --delete : Deletes existing users in eucalyptus (Never use in PROD)
"""
euca = Provider.objects.get(location='Eucalyptus (retiring March 4)')
euca_driver = EucaAccountDriver(euca)
openstack = Provider.objects.get(location='iPlant Cloud - Tucson')
os_driver = OSAccountDriver(openstack)
all_users = euca_driver.list_users()
#Sort by users
all_values = sorted(all_users.values(), key=lambda user: user['username'])
total = 0
for user_dict in all_values:
id_exists = Identity.objects.filter(
created_by__username=user_dict['username'],
provider=euca)
if not id_exists:
euca_driver.create_account(user_dict)
total += 1
print "Added to Eucalyptus: %s" % user_dict['username']
print "Total users added:%s" % total
if include_openstack:
print "Adding all eucalyptus users to openstack"
total = 0
for user_dict in all_values:
id_exists = Identity.objects.filter(
created_by__username=user_dict['username'],
provider=openstack)
if not id_exists:
os_driver.create_account(user_dict['username'])
total += 1
print "Added to Openstack: %s" % user_dict['username']
print "Total users added to openstack:%s" % total
def main():
"""
TODO: Add argparse, --delete : Deletes existing users in openstack (Never use in PROD)
"""
openstack = Provider.objects.filter(
type__name__iexact="openstack").order_by("id")
if not openstack:
raise Provider.DoesNotExist("No OpenStack Provider Found")
openstack = openstack[0]
os_driver = OSAccountDriver(openstack)
found = 0
create = 0
usernames = os_driver.list_usergroup_names()
quota_dict = {'cpu': 10, 'memory': 20, 'storage': 10, 'storage_count': 10}
higher_quota = Quota.objects.get_or_create(**quota_dict)[0]
for user in usernames:
# Openstack account exists, but we need the identity.
ident = os_driver.create_account(user)
if is_staff(ident):
im = ident.identity_membership.all()[0]
#Disable time allocation
im.allocation = None
#Raise everybody's quota
im.quota = higher_quota
im.save()
print "Total users added to atmosphere:%s" % len(usernames)
def setUp(self):
#Initialize core DB
#Ensure there is an account created/ready to go
#self.euca_admin_id = create_euca_provider()
#self.euca_provider = self.euca_admin_id.provider
#euca_accounts = EucaAccounts(self.euca_provider)
#euca_user = euca_accounts.get_user(settings.TEST_RUNNER_USER)
#self.euca_id = euca_accounts.create_account(euca_user, max_quota=True)
self.os_admin_id = create_os_provider()
self.os_provider = self.os_admin_id.provider
os_accounts = OSAccounts(self.os_provider)
self.os_id = os_accounts.create_account(settings.TEST_RUNNER_USER,
os_accounts.hashpass(
settings.TEST_RUNNER_USER),
max_quota=True)
user = AtmosphereUser.objects.get(username=settings.TEST_RUNNER_USER)
user.is_staff = True
user.is_superuser = True
user.save()
#Initialize API
self.api_client = TokenAPIClient()
self.api_client.login(username=settings.TEST_RUNNER_USER,
password=settings.TEST_RUNNER_PASS)
reverse_link = reverse('api:public_apis:instance-list',
args=[self.os_id.provider.id, self.os_id.id])
self.os_instance_url = urljoin(settings.SERVER_URL, reverse_link)
reverse_link = reverse('api:public_apis:machine-request-list',
args=[self.os_id.provider.id, self.os_id.id])
self.os_request_url = urljoin(settings.SERVER_URL, reverse_link)
def setUp(self):
#Initialize core DB
#Ensure there is an account created/ready to go
#self.euca_admin_id = create_euca_provider()
#self.euca_provider = self.euca_admin_id.provider
#euca_accounts = EucaAccounts(self.euca_provider)
#euca_user = euca_accounts.get_user(settings.TEST_RUNNER_USER)
#self.euca_id = euca_accounts.create_account(euca_user, max_quota=True)
self.os_admin_id = create_os_provider()
self.os_provider = self.os_admin_id.provider
os_accounts = OSAccounts(self.os_provider)
self.os_id = os_accounts.create_account(
settings.TEST_RUNNER_USER,
os_accounts.hashpass(settings.TEST_RUNNER_USER), max_quota=True)
user = AtmosphereUser.objects.get(username=settings.TEST_RUNNER_USER)
user.is_staff = True
user.is_superuser = True
user.save()
#Initialize API
self.api_client = TokenAPIClient()
self.api_client.login(
username=settings.TEST_RUNNER_USER,
password=settings.TEST_RUNNER_PASS)
reverse_link = reverse('api:v1:instance-list',
args=[self.os_id.provider.id,
self.os_id.id])
self.os_instance_url = urljoin(settings.SERVER_URL, reverse_link)
reverse_link = reverse('api:v1:machine-request-list',
args=[self.os_id.provider.id,
self.os_id.id])
self.os_request_url = urljoin(settings.SERVER_URL, reverse_link)
def main():
"""
Using the keyname and public_key defined in settings
Ensure that the keypair has been distributed to every identity on the
provider.
It is essential that all users carry the same keypair to allow Deployment
access
"""
keyname = settings.ATMOSPHERE_KEYPAIR_NAME
with open(settings.ATMOSPHERE_KEYPAIR_FILE, 'r') as pub_key_file:
public_key = pub_key_file.read()
print "Adding keypair: %s Contents: %s" % (keyname, public_key)
os_providers = Provider.objects.filter(type__name="OpenStack")
for prov in os_providers:
count = 0
identities = Identity.objects.filter(provider=prov)
os_accounts = OSAccountDriver(prov)
for ident in identities:
creds = os_accounts.parse_identity(ident)
try:
(keypair, created) = os_accounts.get_or_create_keypair(
creds['username'], creds['password'], creds['tenant_name'],
keyname, public_key)
except Unauthorized, exc:
print "Could not create keypair for %s. Error message: %s"\
% (creds['username'], exc.message)
if created:
print "Created keypair %s for user %s"\
% (keypair, creds['username'])
count += 1
print 'Keypairs added for %s accounts on %s' % (count, prov)
def setUp(self):
#Initialize core DB
self.euca_admin_id = create_euca_provider()
self.euca_provider = self.euca_admin_id.provider
self.os_admin_id = create_os_provider()
self.os_provider = self.os_admin_id.provider
#Ensure there is an account created/ready to go
euca_accounts = EucaAccounts(self.euca_provider)
euca_user = euca_accounts.get_user(settings.TEST_RUNNER_USER)
self.euca_id = euca_accounts.create_account(euca_user, max_quota=True)
os_accounts = OSAccounts(self.os_provider)
self.os_id = os_accounts.create_account(settings.TEST_RUNNER_USER,
os_accounts.hashpass(
settings.TEST_RUNNER_USER),
max_quota=True)
#user = AtmosphereUser.objects.get(username=settings.TEST_RUNNER_USER)
#user.is_staff = True
#user.is_superuser = True
#user.save()
#Initialize API
self.api_client = TokenAPIClient()
self.api_client.login(username=settings.TEST_RUNNER_USER,
password=settings.TEST_RUNNER_PASS)
reverse_link = reverse('api:public_apis:instance-list',
args=[self.os_id.provider.id, self.os_id.id])
self.os_instance_url = urljoin(settings.SERVER_URL, reverse_link)
reverse_link = reverse('api:public_apis:volume-list',
args=[self.os_id.provider.id, self.os_id.id])
#Prepare Openstack
self.os_volume_url = urljoin(settings.SERVER_URL, reverse_link)
instance_data = {
"size_alias": "2",
"machine_alias": "0f539197-3718-40bc-8a29-c22e0841684f",
"name": "test volume attachment",
"delete_before": False
}
(self.os_instance_id,
self.os_instance_ip) = standup_instance(self, self.os_instance_url,
**instance_data)
#Prepare Eucalyptus
reverse_link = reverse(
'api:public_apis:volume-list',
args=[self.euca_id.provider.id, self.euca_id.id])
self.euca_volume_url = urljoin(settings.SERVER_URL, reverse_link)
reverse_link = reverse(
'api:public_apis:instance-list',
args=[self.euca_id.provider.id, self.euca_id.id])
self.euca_instance_url = urljoin(settings.SERVER_URL, reverse_link)
instance_data = {
"size_alias": "m1.small",
"machine_alias": "emi-E7F8300F",
"name": "test volume attachment",
"delete_before": False
}
(self.euca_instance_id,
self.euca_instance_ip) = standup_instance(self,
self.euca_instance_url,
**instance_data)
def security_group_init(core_identity):
os_driver = OSAccountDriver(core_identity.provider)
creds = core_identity.get_credentials()
security_group = os_driver.init_security_group(
creds['key'], creds['secret'],
creds['ex_tenant_name'], creds['ex_tenant_name'],
os_driver.MASTER_RULES_LIST)
return security_group
def setUp(self):
#Initialize core DB
self.euca_admin_id = create_euca_provider()
self.euca_provider = self.euca_admin_id.provider
self.os_admin_id = create_os_provider()
self.os_provider = self.os_admin_id.provider
#Ensure there is an account created/ready to go
euca_accounts = EucaAccounts(self.euca_provider)
euca_user = euca_accounts.get_user(settings.TEST_RUNNER_USER)
self.euca_id = euca_accounts.create_account(euca_user, max_quota=True)
os_accounts = OSAccounts(self.os_provider)
self.os_id = os_accounts.create_account(
settings.TEST_RUNNER_USER,
os_accounts.hashpass(settings.TEST_RUNNER_USER), max_quota=True)
#user = AtmosphereUser.objects.get(username=settings.TEST_RUNNER_USER)
#user.is_staff = True
#user.is_superuser = True
#user.save()
#Initialize API
self.api_client = TokenAPIClient()
self.api_client.login(
username=settings.TEST_RUNNER_USER,
password=settings.TEST_RUNNER_PASS)
reverse_link = reverse('api:public_apis:instance-list',
args=[self.os_id.provider.id,
self.os_id.id])
self.os_instance_url = urljoin(settings.SERVER_URL, reverse_link)
reverse_link = reverse('api:public_apis:volume-list',
args=[self.os_id.provider.id,
self.os_id.id])
#Prepare Openstack
self.os_volume_url = urljoin(settings.SERVER_URL, reverse_link)
instance_data = {
"size_alias":"2",
"machine_alias":"0f539197-3718-40bc-8a29-c22e0841684f",
"name":"test volume attachment",
"delete_before":False
}
(self.os_instance_id, self.os_instance_ip) = standup_instance(
self, self.os_instance_url, **instance_data)
#Prepare Eucalyptus
reverse_link = reverse('api:public_apis:volume-list',
args=[self.euca_id.provider.id,
self.euca_id.id])
self.euca_volume_url = urljoin(settings.SERVER_URL, reverse_link)
reverse_link = reverse('api:public_apis:instance-list',
args=[self.euca_id.provider.id,
self.euca_id.id])
self.euca_instance_url = urljoin(settings.SERVER_URL, reverse_link)
instance_data = {
"size_alias":"m1.small",
"machine_alias":"emi-E7F8300F",
"name":"test volume attachment",
"delete_before":False
}
(self.euca_instance_id, self.euca_instance_ip) = standup_instance(
self, self.euca_instance_url, **instance_data)
def clear_empty_ips():
logger.debug("clear_empty_ips task started at %s." % datetime.now())
from service import instance as instance_service
from rtwo.driver import OSDriver
from api import get_esh_driver
from service.accounts.openstack import AccountDriver as OSAccountDriver
identities = Identity.objects.filter(provider__type__name__iexact="openstack", provider__active=True)
key_sorter = lambda ident: attrgetter(ident.provider.type.name, ident.created_by.username)
identities = sorted(identities, key=key_sorter)
os_acct_driver = None
total = len(identities)
for idx, core_identity in enumerate(identities):
try:
# Initialize the drivers
driver = get_esh_driver(core_identity)
if not isinstance(driver, OSDriver):
continue
if not os_acct_driver or os_acct_driver.core_provider != core_identity.provider:
os_acct_driver = OSAccountDriver(core_identity.provider)
logger.info("Initialized account driver")
# Get useful info
creds = core_identity.get_credentials()
tenant_name = creds["ex_tenant_name"]
logger.info("Checking Identity %s/%s - %s" % (idx + 1, total, tenant_name))
# Attempt to clean floating IPs
num_ips_removed = driver._clean_floating_ip()
if num_ips_removed:
logger.debug("Removed %s ips from OpenStack Tenant %s" % (num_ips_removed, tenant_name))
# Test for active/inactive instances
instances = driver.list_instances()
active = any(driver._is_active_instance(inst) for inst in instances)
inactive = all(driver._is_inactive_instance(inst) for inst in instances)
for instance in instances:
if driver._is_inactive_instance(instance) and instance.ip:
# If an inactive instance has floating/fixed IPs.. Remove them!
instance_service.remove_ips(driver, instance)
if active and not inactive:
# User has >1 active instances AND not all instances inactive
pass
elif os_acct_driver.network_manager.get_network_id(
os_acct_driver.network_manager.neutron, "%s-net" % tenant_name
):
# User has 0 active instances OR all instances are inactive
# Network exists, attempt to dismantle as much as possible
remove_network = not inactive
logger.info("Removing project network %s for %s" % (remove_network, tenant_name))
if remove_network:
# Sec. group can't be deleted if instances are suspended
# when instances are suspended we pass remove_network=False
os_acct_driver.delete_security_group(core_identity)
os_acct_driver.delete_network(core_identity, remove_network=remove_network)
else:
# logger.info("No Network found. Skipping %s" % tenant_name)
pass
except Exception as exc:
logger.exception(exc)
logger.debug("clear_empty_ips task finished at %s." % datetime.now())
def network_init(core_identity):
provider_creds = core_identity.provider.get_credentials()
if 'router_name' not in provider_creds.keys():
logger.warn("ProviderCredential 'router_name' missing:"
"cannot create virtual network")
return
os_driver = OSAccountDriver(core_identity.provider)
(network, subnet) = os_driver.create_network(core_identity)
return (network, subnet)
def main():
"""
TODO: Add argparse, --delete : Deletes existing users in openstack (Never use in PROD)
"""
openstack = Provider.objects.get(location='iPlant Cloud - Tucson')
os_driver = OSAccountDriver(openstack)
found = 0
create = 0
quota_dict = {
'cpu':16,
'memory': 128,
'storage': 10,
'storage_count': 10
}
higher_quota = Quota.objects.get_or_create(**quota_dict)[0]
usernames = os_driver.list_usergroup_names()
staff = get_staff_users()
staff_users = sorted(list(set(staff) & set(usernames)))
non_staff = sorted(list(set(usernames) - set(staff)))
for user in non_staff:
#Raise everybody's quota
#try:
im_list = IdentityMembership.objects.filter(identity__created_by__username=user, identity__provider=openstack)
if not im_list:
print "Missing user:%s" % user
continue
im = im_list[0]
if not im.allocation:
print "User missing Allocation: %s" % user
im.allocation = Allocation.default_allocation()
im.save()
#Ignore the quota set if you are above it..
if im.quota.cpu >= quota_dict["cpu"] \
or im.quota.memory >= quota_dict["memory"]:
continue
print "Existing Quota CPU:%s should be %s" % (im.quota.cpu, quota_dict["cpu"])
im.quota = higher_quota
im.save()
print 'Found non-staff user:%s -- Update quota and add allocation' % user
#for user in staff_users:
# # Openstack account exists, but we need the identity.
# im = IdentityMembership.objects.filter(identity__created_by__username=user, identity__provider=openstack)
# if not im:
# print "Missing user:%s" % user
# continue
# im = im[0]
# if im.quota.cpu == quota_dict["cpu"]:
# continue
# #Disable time allocation
# im.allocation = None
# im.quota = higher_quota
# im.save()
# print 'Found staff user:%s -- Update quota and no allocation' % user
print "Total users added to atmosphere:%s" % len(usernames)
def add_os_project_network(core_identity, *args, **kwargs):
try:
logger.debug("add_os_project_network task started at %s." % datetime.now())
from rtwo.accounts.openstack import AccountDriver as OSAccountDriver
account_driver = OSAccountDriver(core_identity.provider)
account_driver.create_network(core_identity)
logger.debug("add_os_project_network task finished at %s." % datetime.now())
except Exception as exc:
add_os_project_network.retry(exc=exc)
def setUp_openstack():
# Initialize core DB
global os_base_instance_url
os_admin_id = create_os_provider()
os_provider = os_admin_id.provider
os_accounts = OSAccounts(os_provider)
os_id = os_accounts.create_account(
settings.TEST_RUNNER_USER, os_accounts.hashpass(settings.TEST_RUNNER_USER), max_quota=True
)
reverse_link = reverse("instance-list", args=[os_id.provider.id, os_id.id])
os_base_instance_url = urljoin(settings.SERVER_URL, reverse_link)
def add_os_project_network(core_identity, *args, **kwargs):
try:
logger.debug("add_os_project_network task started at %s." %
datetime.now())
from rtwo.accounts.openstack import AccountDriver as OSAccountDriver
account_driver = OSAccountDriver(core_identity.provider)
account_driver.create_network(core_identity)
logger.debug("add_os_project_network task finished at %s." %
datetime.now())
except Exception as exc:
add_os_project_network.retry(exc=exc)
def keypair_init(core_identity):
os_driver = OSAccountDriver(core_identity.provider)
creds = core_identity.get_credentials()
with open(settings.ATMOSPHERE_KEYPAIR_FILE, 'r') as pub_key_file:
public_key = pub_key_file.read()
keypair, created = os_driver.get_or_create_keypair(
creds['key'], creds['secret'], creds['ex_tenant_name'],
settings.ATMOSPHERE_KEYPAIR_NAME, public_key)
if created:
logger.info("Created keypair for %s" % creds['key'])
return keypair
def keypair_init(core_identity):
os_driver = OSAccountDriver(core_identity.provider)
creds = core_identity.get_credentials()
with open(settings.ATMOSPHERE_KEYPAIR_FILE, 'r') as pub_key_file:
public_key = pub_key_file.read()
keypair, created = os_driver.get_or_create_keypair(
creds['key'], creds['secret'], creds['ex_tenant_name'],
settings.ATMOSPHERE_KEYPAIR_NAME, public_key)
if created:
logger.info("Created keypair for %s" % creds['key'])
return keypair
def main():
"""
TODO: Add argparse, --delete : Deletes existing users in openstack (Never use in PROD)
"""
openstack = Provider.objects.get(location='iPlant Cloud - Tucson')
os_driver = OSAccountDriver(openstack)
found = 0
create = 0
quota_dict = {'cpu': 16, 'memory': 128, 'storage': 10, 'storage_count': 10}
higher_quota = Quota.objects.get_or_create(**quota_dict)[0]
usernames = os_driver.list_usergroup_names()
staff = get_staff_users()
staff_users = sorted(list(set(staff) & set(usernames)))
non_staff = sorted(list(set(usernames) - set(staff)))
for user in non_staff:
#Raise everybody's quota
#try:
im_list = IdentityMembership.objects.filter(
identity__created_by__username=user, identity__provider=openstack)
if not im_list:
print "Missing user:%s" % user
continue
im = im_list[0]
if not im.allocation:
print "User missing Allocation: %s" % user
im.allocation = Allocation.default_allocation()
im.save()
#Ignore the quota set if you are above it..
if im.quota.cpu >= quota_dict["cpu"] \
or im.quota.memory >= quota_dict["memory"]:
continue
print "Existing Quota CPU:%s should be %s" % (im.quota.cpu,
quota_dict["cpu"])
im.quota = higher_quota
im.save()
print 'Found non-staff user:%s -- Update quota and add allocation' % user
#for user in staff_users:
# # Openstack account exists, but we need the identity.
# im = IdentityMembership.objects.filter(identity__created_by__username=user, identity__provider=openstack)
# if not im:
# print "Missing user:%s" % user
# continue
# im = im[0]
# if im.quota.cpu == quota_dict["cpu"]:
# continue
# #Disable time allocation
# im.allocation = None
# im.quota = higher_quota
# im.save()
# print 'Found staff user:%s -- Update quota and no allocation' % user
print "Total users added to atmosphere:%s" % len(usernames)
def setUp_openstack():
#Initialize core DB
global os_base_instance_url
os_admin_id = create_os_provider()
os_provider = os_admin_id.provider
os_accounts = OSAccounts(os_provider)
os_id = os_accounts.create_account(settings.TEST_RUNNER_USER,
os_accounts.hashpass(
settings.TEST_RUNNER_USER),
max_quota=True)
reverse_link = reverse('api:public_apis:instance-list',
args=[os_id.provider.id, os_id.id])
os_base_instance_url = urljoin(settings.SERVER_URL, reverse_link)
def main():
"""
Generate openstack users then add them to the DB
"""
driver = AccountDriver(secrets.OPENSTACK_ARGS)
#Build the admin driver for openstack first.
driver.create_identity(secrets.OPENSTACK_ADMIN_KEY,
secrets.OPENSTACK_ADMIN_SECRET,
secrets.OPENSTACK_ADMIN_TENANT, True)
success = 1
#Add the others
core_services = ['atmo_test'
] #'sgregory', 'jmatt', 'edwins', 'cjlarose','mlent']
for username in core_services:
try:
password = driver.hashpass(username)
user = driver.get_user(username)
if not user:
user = driver.create_user(username, usergroup=True)
print 'New OStack User - %s Pass - %s' % (user.name, password)
else:
print 'Found OStack User - %s Pass - %s' % (user.name,
password)
#ASSERT: User exists on openstack, create an identity for them.
ident = driver.create_identity(user.name,
password,
project_name=username)
success += 1
print 'New OStack Identity - %s:%s' % (ident.id, ident)
except Exception as e:
print "Problem adding username: %s" % username
print e
raise
print "Total users created:%s/%s" % (success, len(core_services))
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--provider",
type=int,
help="Atmosphere provider ID"
" to use when importing users.")
parser.add_argument("--users",
help="LDAP usernames to import. (comma separated)")
parser.add_argument("--admin",
action="store_true",
help="Users addded as admin and staff users.")
args = parser.parse_args()
users = None
added = 0
if args.provider:
provider = Provider.objects.get(id=args.provider)
else:
provider = Provider.objects.get(location='iPlant Cloud - Tucson')
print "Using Provider: %s" % provider
type_name = provider.type.name.lower()
if type_name == 'openstack':
acct_driver = OSAccountDriver(provider)
elif type_name == 'eucalyptus':
acct_driver = EucaAccountDriver(provider)
else:
raise Exception("Could not find an account driver for Provider with"
" type:%s" % type_name)
if not args.users:
print "Retrieving all 'atmo-user' members in LDAP."
users = get_members('atmo-user')
else:
users = args.users.split(",")
for user in users:
# Then add the Openstack Identity
try:
id_exists = Identity.objects.filter(
created_by__username__iexact=user, provider=provider)
if id_exists:
continue
acct_driver.create_account(user, max_quota=args.admin)
added += 1
if args.admin:
make_admin(user)
print "%s added as admin." % (user)
else:
print "%s added." % (user)
except Exception as e:
print "Problem adding %s." % (user)
print e.message
print "Total users added:%s" % (added)
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--provider", type=int,
help="Atmosphere provider ID"
" to use when importing users.")
parser.add_argument("--users",
help="LDAP usernames to import. (comma separated)")
parser.add_argument("--admin", action="store_true",
help="Users addded as admin and staff users.")
args = parser.parse_args()
users = None
added = 0
if args.provider:
provider = Provider.objects.get(id=args.provider)
else:
provider = Provider.objects.get(location='iPlant Cloud - Tucson')
print "Using Provider: %s" % provider
type_name = provider.type.name.lower()
if type_name == 'openstack':
acct_driver = OSAccountDriver(provider)
elif type_name == 'eucalyptus':
acct_driver = EucaAccountDriver(provider)
else:
raise Exception("Could not find an account driver for Provider with"
" type:%s" % type_name)
if not args.users:
print "Retrieving all 'atmo-user' members in LDAP."
users = get_members('atmo-user')
else:
users = args.users.split(",")
for user in users:
# Then add the Openstack Identity
try:
id_exists = Identity.objects.filter(
created_by__username__iexact=user,
provider=provider)
if id_exists:
continue
acct_driver.create_account(user, max_quota=args.admin)
added += 1
if args.admin:
make_admin(user)
print "%s added as admin." % (user)
else:
print "%s added." % (user)
except Exception as e:
print "Problem adding %s." % (user)
print e.message
print "Total users added:%s" % (added)
def _create_and_attach_port(provider, driver, instance, core_identity):
accounts = OSAccountDriver(core_identity.provider)
tenant_id = instance.extra['tenantId']
network_resources = accounts.network_manager.find_tenant_resources(tenant_id)
network = network_resources['networks']
if not network:
network, subnet = accounts.create_network(core_identity)
else:
network = network[0]
subnet = network_resources['subnets'][0]
#new_fixed_ip = _get_next_fixed_ip(network_resources['ports'])
#admin = accounts.admin_driver
#port = accounts.network_manager.create_port(
# instance.id, network['id'], subnet['id'], new_fixed_ip, tenant_id)
attached_intf = driver._connection.ex_attach_interface(instance.id, network['id'])
return attached_intf
def _create_and_attach_port(provider, driver, instance, core_identity):
accounts = OSAccountDriver(core_identity.provider)
tenant_id = instance.extra['tenantId']
network_resources = accounts.network_manager.find_tenant_resources(tenant_id)
network = network_resources['networks']
if not network:
network, subnet = accounts.create_network(core_identity)
else:
network = network[0]
subnet = network_resources['subnets'][0]
#new_fixed_ip = _get_next_fixed_ip(network_resources['ports'])
#admin = accounts.admin_driver
#port = accounts.network_manager.create_port(
# instance.id, network['id'], subnet['id'], new_fixed_ip, tenant_id)
attached_intf = driver._connection.ex_attach_interface(instance.id, network['id'])
return attached_intf
def set_provider_quota(identity_uuid, limit_dict=None):
"""
"""
identity = Identity.objects.get(uuid=identity_uuid)
if not identity.credential_set.all():
#Can't update quota if credentials arent set
return
if not limit_dict:
limit_dict = _get_hard_limits(identity.provider)
if identity.provider.get_type_name().lower() == 'openstack':
driver = get_cached_driver(identity=identity)
username = identity.created_by.username
user_id = driver._connection._get_user_id()
tenant_id = driver._connection._get_tenant_id()
membership = IdentityMembership.objects.get(
identity__uuid=identity_uuid, member__name=username)
user_quota = membership.quota
if user_quota:
#Don't go above the hard-set limits per provider.
if user_quota.cpu > limit_dict['cpu']:
user_quota.cpu = limit_dict['cpu']
if user_quota.memory > limit_dict['ram']:
user_quota.memory = limit_dict['ram']
#Use THESE values...
values = {'cores': user_quota.cpu, 'ram': user_quota.memory * 1024}
logger.info("Updating quota for %s to %s" % (username, values))
ad = AccountDriver(identity.provider)
admin_driver = ad.admin_driver
admin_driver._connection.ex_update_quota_for_user(
tenant_id, user_id, values)
return True
def main():
"""
TODO: Add argparse, --delete : Deletes existing users in openstack
(Never use in PROD)
"""
euca_driver = EucaAccountDriver(
Provider.objects.get(location='EUCALYPTUS'))
os_driver = OSAccountDriver(Provider.objects.get(location='iPlant Cloud - Tucson'))
found = 0
create = 0
core_services = ['estevetest03', ] # get_core_services()
for user in core_services:
euca_driver.create_account(user, max_quota=True)
# Then add the Openstack Identity
os_driver.create_account(user, max_quota=True)
make_admin(user)
print "Total core-service/admins added:%s" % len(core_services)
def main():
"""
TODO: Add argparse, --delete : Deletes existing users in openstack
(Never use in PROD)
"""
euca_driver = EucaAccountDriver(
Provider.objects.get(location='EUCALYPTUS'))
os_driver = OSAccountDriver(Provider.objects.get(location='OpenStack-Tucson (BETA)'))
found = 0
create = 0
core_services = ['estevetest03', ] # get_core_services()
for user in core_services:
euca_driver.create_account(user, max_quota=True)
# Then add the Openstack Identity
os_driver.create_account(user, max_quota=True)
make_admin(user)
print "Total core-service/admins added:%s" % len(core_services)
def remove_empty_network(
driverCls, provider, identity,
core_identity_id,
*args, **kwargs):
try:
#For testing ONLY.. Test cases ignore countdown..
if app.conf.CELERY_ALWAYS_EAGER:
logger.debug("Eager task waiting 1 minute")
time.sleep(60)
logger.debug("remove_empty_network task started at %s." %
datetime.now())
logger.debug("CoreIdentity(id=%s)" % core_identity_id)
core_identity = Identity.objects.get(id=core_identity_id)
driver = get_driver(driverCls, provider, identity)
instances = driver.list_instances()
active_instances = False
#TODO: Replace with any()
for instance in instances:
if driver._is_active_instance(instance):
active_instances = True
break
if not active_instances:
inactive_instances = all(driver._is_inactive_instance(
instance) for instance in instances)
#Inactive instances, True: Remove network, False
remove_network = not inactive_instances
#Check for project network
from service.accounts.openstack import AccountDriver as\
OSAccountDriver
os_acct_driver = OSAccountDriver(core_identity.provider)
logger.info("No active instances. Removing project network"
"from %s" % core_identity)
os_acct_driver.delete_network(core_identity,
remove_network=remove_network)
if remove_network:
#Sec. group can't be deleted if instances are suspended
# when instances are suspended we pass remove_network=False
os_acct_driver.delete_security_group(core_identity)
return True
logger.debug("remove_empty_network task finished at %s." %
datetime.now())
return False
except Exception as exc:
logger.exception("Failed to check if project network is empty")
remove_empty_network.retry(exc=exc)
def remove_empty_network(
driverCls, provider, identity,
core_identity_id,
*args, **kwargs):
try:
#For testing ONLY.. Test cases ignore countdown..
if app.conf.CELERY_ALWAYS_EAGER:
logger.debug("Eager task waiting 1 minute")
time.sleep(60)
logger.debug("remove_empty_network task started at %s." %
datetime.now())
logger.debug("CoreIdentity(id=%s)" % core_identity_id)
core_identity = Identity.objects.get(id=core_identity_id)
driver = get_driver(driverCls, provider, identity)
instances = driver.list_instances()
active_instances = False
for instance in instances:
if driver._is_active_instance(instance):
active_instances = True
break
if not active_instances:
inactive_instances = all(driver._is_inactive_instance(
instance) for instance in instances)
#Inactive instances, True: Remove network, False
remove_network = not inactive_instances
#Check for project network
from service.accounts.openstack import AccountDriver as\
OSAccountDriver
os_acct_driver = OSAccountDriver(core_identity.provider)
logger.info("No active instances. Removing project network"
"from %s" % core_identity)
os_acct_driver.delete_network(core_identity,
remove_network=remove_network)
if remove_network:
#Sec. group can't be deleted if instances are suspended
# when instances are suspended we pass remove_network=False
os_acct_driver.delete_security_group(core_identity)
return True
logger.debug("remove_empty_network task finished at %s." %
datetime.now())
return False
except Exception as exc:
logger.exception("Failed to check if project network is empty")
remove_empty_network.retry(exc=exc)
def main():
"""
Generate openstack users then add them to the DB
"""
driver = AccountDriver(secrets.OPENSTACK_ARGS)
#Build the admin driver for openstack first.
driver.create_identity(secrets.OPENSTACK_ADMIN_KEY,
secrets.OPENSTACK_ADMIN_SECRET, secrets.OPENSTACK_ADMIN_TENANT,
True)
success = 1
#Add the others
core_services = ['atmo_test']#'sgregory', 'jmatt', 'edwins', 'cjlarose','mlent']
for username in core_services:
try:
password = driver.hashpass(username)
user = driver.get_user(username)
if not user:
user = driver.create_user(username, usergroup=True)
print 'New OStack User - %s Pass - %s' % (user.name,password)
else:
print 'Found OStack User - %s Pass - %s' % (user.name,password)
#ASSERT: User exists on openstack, create an identity for them.
ident = driver.create_identity(user.name, password, project_name=username)
success += 1
print 'New OStack Identity - %s:%s' % (ident.id, ident)
except Exception as e:
print "Problem adding username: %s" % username
print e
raise
print "Total users created:%s/%s" % (success,len(core_services))
def security_group_init(core_identity, max_attempts = 3):
os_driver = OSAccountDriver(core_identity.provider)
creds = core_identity.get_credentials()
#TODO: Remove kludge when openstack connections can be
#Deemed reliable. Otherwise generalize this pattern so it
#can be arbitrarilly applied to any call that is deemed 'unstable'.
# -Steve
attempt = 0
while attempt < max_attempts:
attempt += 1
security_group = os_driver.init_security_group(
creds['key'], creds['secret'],
creds['ex_tenant_name'], creds['ex_tenant_name'],
os_driver.MASTER_RULES_LIST)
if security_group:
return security_group
time.sleep(2**attempt)
raise SecurityGroupNotCreated()
def security_group_init(core_identity, max_attempts = 3):
os_driver = OSAccountDriver(core_identity.provider)
creds = core_identity.get_credentials()
#TODO: Remove kludge when openstack connections can be
#Deemed reliable. Otherwise generalize this pattern so it
#can be arbitrarilly applied to any call that is deemed 'unstable'.
# -Steve
attempt = 0
while attempt < max_attempts:
attempt += 1
security_group = os_driver.init_security_group(
creds['key'], creds['secret'],
creds['ex_tenant_name'], creds['ex_tenant_name'],
os_driver.MASTER_RULES_LIST)
if security_group:
return security_group
time.sleep(2**attempt)
raise SecurityGroupNotCreated()
def main():
"""
TODO: Add argparse, --delete : Deletes existing users in openstack
(Never use in PROD)
"""
euca_driver = EucaAccountDriver(
Provider.objects.get(location='EUCALYPTUS'))
os_driver = OSAccountDriver(Provider.objects.get(location='iPlant Cloud - Tucson'))
found = 0
create = 0
raise Exception("Must manually set core_services!! See Line 30.")
core_services = ['jchansen', ] # get_core_services() # ['estevetest03', ]
for user in core_services:
euca_driver.create_account(user, max_quota=True)
# Then add the Openstack Identity
os_driver.create_account(user, max_quota=True)
make_admin(user)
print "Total core-service/admins added:%s" % len(core_services)
def update_membership():
from core.models import ApplicationMembership, Provider, ProviderMachine
from service.accounts.openstack import AccountDriver as OSAcctDriver
from service.accounts.eucalyptus import AccountDriver as EucaAcctDriver
for provider in Provider.objects.all():
if not provider.is_active():
return []
if provider.type.name.lower() == 'openstack':
driver = OSAcctDriver(provider)
else:
logger.warn("Encountered unknown ProviderType:%s, expected"
" [Openstack]")
continue
images = driver.list_all_images()
changes = 0
for img in images:
pm = ProviderMachine.objects.filter(identifier=img.id,
provider=provider)
if not pm or len(pm) > 1:
logger.debug("pm filter is bad!")
logger.debug(pm)
continue
else:
pm = pm[0]
app_manager = pm.application.applicationmembership_set
if not img.is_public:
#Lookup members
image_members = accts.image_manager.shared_images_for(
image_id=img.id)
#add machine to each member
#(Who owns the cred:ex_project_name) in MachineMembership
#for member in image_members:
else:
members = app_manager.all()
if members:
logger.info("Application for PM:%s used to be private."
" %s Users membership has been revoked. "
% (img.id, len(members)))
changes += len(members)
members.delete()
#if MachineMembership exists, remove it (No longer private)
logger.info("Total Updates to machine membership:%s" % changes)
return changes
def update_membership():
from core.models import ApplicationMembership, Provider, ProviderMachine
from service.accounts.openstack import AccountDriver as OSAcctDriver
from service.accounts.eucalyptus import AccountDriver as EucaAcctDriver
for provider in Provider.objects.all():
if not provider.is_active():
return []
if provider.type.name.lower() == 'openstack':
driver = OSAcctDriver(provider)
else:
logger.warn("Encountered unknown ProviderType:%s, expected"
" [Openstack] " % (provider.type.name, ))
continue
images = driver.list_all_images()
changes = 0
for img in images:
pm = ProviderMachine.objects.filter(identifier=img.id,
provider=provider)
if not pm or len(pm) > 1:
logger.debug("pm filter is bad!")
logger.debug(pm)
continue
else:
pm = pm[0]
app_manager = pm.application.applicationmembership_set
if not img.is_public:
#Lookup members
image_members = accts.image_manager.shared_images_for(
image_id=img.id)
#add machine to each member
#(Who owns the cred:ex_project_name) in MachineMembership
#for member in image_members:
else:
members = app_manager.all()
if members:
logger.info("Application for PM:%s used to be private."
" %s Users membership has been revoked. " %
(img.id, len(members)))
changes += len(members)
members.delete()
#if MachineMembership exists, remove it (No longer private)
logger.info("Total Updates to machine membership:%s" % changes)
return changes
def main():
"""
Add a user to openstack.
"""
parser = argparse.ArgumentParser()
parser.add_argument('users', type=str, nargs='+')
args = parser.parse_args()
openstack_prov = Provider.objects.get(location='iPlant Cloud - Tucson')
driver = AccountDriver(openstack_prov)
success = 0
for username in args.users:
print "Adding username... %s" % username
try:
if not is_atmo_user(username):
print "User is not in the atmo-user group.\n"\
+ "User does not exist in Atmosphere."
raise Exception("User does not exist in Atmosphere.")
user = driver.get_user(username)
if not user:
identity = driver.create_account(username)
credentials = identity.credential_set.all()
print 'New OStack User - Credentials: %s ' % (credentials)
send_new_provider_email(username, "Openstack")
else:
password = driver.hashpass(username)
identity = driver.create_identity(user.name,
password,
project_name=username)
credentials = identity.credential_set.all()
print 'Found OStack User - Credentials: %s' % (credentials)
#ASSERT: User exists on openstack, create an identity for them.
success += 1
print 'New OStack Identity - %s:%s' % (identity.id, identity)
except Exception as e:
print "Problem adding username: %s" % username
print e
raise
print "Total users created:%s/%s" % (success, len(args.users))
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--provider",
type=int,
help="Atmosphere provider ID"
" to use when importing users.")
parser.add_argument("users",
help="LDAP usernames to import. (comma separated)")
parser.add_argument("--admin",
action="store_true",
help="Users addded as admin and staff users.")
args = parser.parse_args()
users = None
added = 0
if args.provider:
os_driver = OSAccountDriver(Provider.objects.get(id=args.provider))
else:
os_driver = OSAccountDriver(
Provider.objects.get(location='iPlant Workshop Cloud - Tucson'))
users = args.users.split(",")
for user in users:
# Then add the Openstack Identity
try:
if is_atmo_user(user):
os_driver.create_account(user, max_quota=args.admin)
added += 1
else:
print "%s is not in the ldap atmosphere group (atmo-user)." % (
user)
continue
if args.admin:
make_admin(user)
print "%s added as admin." % (user)
else:
print "%s added." % (user)
except Exception as e:
print "Problem adding %s." % (user)
print e.message
print "Total users added:%s" % (added)
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--provider", type=int,
help="Atmosphere provider ID"
" to use.")
parser.add_argument("image_ids",
help="Image ID(s) to be repaired. (Comma-Separated)")
args = parser.parse_args()
if not args.provider:
provider = Provider.objects.get(location='iPlant Cloud - Tucson')
else:
provider = Provider.objects.get(id=args.provider)
images = args.image_ids.split(",")
accounts = OSAccountDriver(provider)
for image_id in images:
mr = MachineRequest.objects.get(new_machine__identifier=image_id)
glance_image = accounts.get_image(image_id)
if not glance_image.properties.has_key('kernel_id')\
or not glance_image.properties.has_key('ramdisk_id'):
print "Image %s (%s) is missing kernel and/or ramdisk ..." % (image_id,glance_image.name),
fix_image(accounts, glance_image, mr)
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--provider", type=int,
help="Atmosphere provider ID"
" to use when importing users.")
parser.add_argument("users",
help="LDAP usernames to import. (comma separated)")
parser.add_argument("--admin", action="store_true",
help="Users addded as admin and staff users.")
args = parser.parse_args()
users = None
added = 0
if args.provider:
os_driver = OSAccountDriver(Provider.objects.get(id=args.provider))
else:
os_driver = OSAccountDriver(
Provider.objects.get(location='iPlant Workshop Cloud - Tucson'))
users = args.users.split(",")
for user in users:
# Then add the Openstack Identity
try:
if is_atmo_user(user):
os_driver.create_account(user, max_quota=args.admin)
added += 1
else:
print "%s is not in the ldap atmosphere group (atmo-user)." % (user)
continue
if args.admin:
make_admin(user)
print "%s added as admin." % (user)
else:
print "%s added." % (user)
except Exception as e:
print "Problem adding %s." % (user)
print e.message
print "Total users added:%s" % (added)
def set_provider_quota(identity_id):
"""
"""
identity = Identity.objects.get(id=identity_id)
if not identity.credential_set.all():
#Can't update quota if credentials arent set
return
if identity.provider.get_type_name().lower() == 'openstack':
driver = get_esh_driver(identity)
username = identity.created_by.username
user_id = driver._connection._get_user_id()
tenant_id = driver._connection._get_tenant_id()
membership = IdentityMembership.objects.get(identity__id=identity_id,
member__name=username)
user_quota = membership.quota
if user_quota:
values = {'cores': user_quota.cpu, 'ram': user_quota.memory * 1024}
logger.info("Updating quota for %s to %s" % (username, values))
ad = AccountDriver(identity.provider)
admin_driver = ad.admin_driver
admin_driver._connection.ex_update_quota_for_user(
tenant_id, user_id, values)
return True
def main():
"""
Add a user to openstack.
"""
parser = argparse.ArgumentParser()
parser.add_argument('users', type=str, nargs='+')
args = parser.parse_args()
openstack_prov = Provider.objects.get(location='OPENSTACK')
driver = AccountDriver(openstack_prov)
success = 0
for username in args.users:
print "Adding username... %s" % username
try:
if not is_atmo_user(username):
print "User is not in the atmo-user group.\n"\
+ "User does not exist in Atmosphere."
raise Exception("User does not exist in Atmosphere.")
user = driver.get_user(username)
if not user:
identity = driver.create_account(username)
credentials = identity.credential_set.all()
print 'New OStack User - Credentials: %s ' % (credentials)
send_new_provider_email(username, "Openstack")
else:
password = driver.hashpass(username)
identity = driver.create_identity(user.name,
password,
project_name=username)
credentials = identity.credential_set.all()
print 'Found OStack User - Credentials: %s' % (credentials)
#ASSERT: User exists on openstack, create an identity for them.
success += 1
print 'New OStack Identity - %s:%s' % (identity.id, identity)
except Exception as e:
print "Problem adding username: %s" % username
print e
raise
print "Total users created:%s/%s" % (success, len(args.users))
def clear_empty_ips():
logger.debug("clear_empty_ips task started at %s." % datetime.now())
from service import instance as instance_service
from rtwo.driver import OSDriver
from api import get_esh_driver
from service.accounts.openstack import AccountDriver as\
OSAccountDriver
identities = Identity.objects.filter(
provider__type__name__iexact='openstack',
provider__active=True)
typename = ident.provider.type.name
username = ident.created_by.username
key_sorter = lambda ident: attrgetter(typename, username)
identities = sorted(
identities,
key=key_sorter)
os_acct_driver = None
total = len(identities)
for idx, core_identity in enumerate(identities):
try:
#Initialize the drivers
driver = get_esh_driver(core_identity)
if not isinstance(driver, OSDriver):
continue
if not os_acct_driver or\
os_acct_driver.core_provider != core_identity.provider:
os_acct_driver = OSAccountDriver(core_identity.provider)
logger.info("Initialized account driver")
# Get useful info
creds = core_identity.get_credentials()
tenant_name = creds['ex_tenant_name']
logger.info("Checking Identity %s/%s - %s"
% (idx+1, total, tenant_name))
# Attempt to clean floating IPs
num_ips_removed = driver._clean_floating_ip()
if num_ips_removed:
logger.debug("Removed %s ips from OpenStack Tenant %s"
% (num_ips_removed, tenant_name))
#Test for active/inactive instances
instances = driver.list_instances()
active = any(driver._is_active_instance(inst)
for inst in instances)
inactive = all(driver._is_inactive_instance(inst)
for inst in instances)
if active and not inactive:
#User has >1 active instances AND not all instances inactive
pass
elif os_acct_driver.network_manager.get_network_id(
os_acct_driver.network_manager.neutron,
'%s-net' % tenant_name):
#User has 0 active instances OR all instances are inactive
#Network exists, attempt to dismantle as much as possible
remove_network = not inactive
logger.info("Removing project network %s for %s"
% (remove_network, tenant_name))
if remove_network:
#Sec. group can't be deleted if instances are suspended
# when instances are suspended we pass remove_network=False
os_acct_driver.delete_security_group(core_identity)
os_acct_driver.delete_network(
core_identity,
remove_network=remove_network)
else:
#logger.info("No Network found. Skipping %s" % tenant_name)
pass
except Exception as exc:
logger.exception(exc)
logger.debug("clear_empty_ips task finished at %s." % datetime.now())
