"""
validate token and rules
modified by meGoo at 2015-10-09
"""
import logging
from tornado import gen
from easted import config
import easted.core.rule as rule
from easted.core import openstack
from easted.core.exception import AuthenticationFailed, DialogueTimeOut
CONF = config.CONF
config.register("identify.super_user_name",
default="ecloud",
setting_type=config.TYPE_STR,
secret=True)
__author__ = '*****@*****.**'
LOG = logging.getLogger('system')
__AUTH_TOKEN = "Ecloud-Token"
_USER_KEY = "EC-USER"
EXCEPTION_METHOD = ['login', 'logout', 'region', 'download']
ECLOUD_ADMIN = ['admin', CONF.identify.super_user_name]
def get_token(request):
if __AUTH_TOKEN not in request.headers:
raise AuthenticationFailed('token missed')
return request.headers[__AUTH_TOKEN]
from easted.core import openstack
from easted.core import region
from easted.core import mail
from eldap import users
from easted.core.openstack import OpenStackException
import tenant_users
from exception import Forbidden, UserExists, UserOperationFailed, UserNotExist, UnknownRoleName, \
QueryUserTenantRoleFailed
from tornado import gen
from easted.utils import required, RedisCache, trace
__author__ = '*****@*****.**'
config.register("identify.public_roles",
default=["tenant_admin", "user"],
setting_type=config.TYPE_LIST,
secret=True)
config.register("identify.admin_roles",
default=["sys_admin", "user"],
setting_type=config.TYPE_LIST,
secret=True)
config.register("identify.send_password_mail",
default=True,
setting_type=config.TYPE_BOOL)
config.register("identify.internal_tenant_admin_role",
default="tenant_admin",
secret=True)
CONF = config.CONF
LOG = logging.getLogger('system')
from easted.core import dbpools
from easted.core import openstack
from easted.core import rest
from easted.core import sequence
from easted.log.conf import ECLOUD_SERVER_LOG_CONF
from easted.websocket import DashBoardHandler, HostDetailHandler
from easted.websocket import HostHandler, VolumeHandler, ComputeHandler, ImageHandler, NetworkHandler, ServiceHandler, \
NetworkDetailHandler, ComputeDetailsHandler, SnapshotHandler, TenantDetailHandler
from manor import launch as manor_launch
from manor.handler.cli import ManorHandler
from manor.handler.message_info import MessageInfoHandler
from manor.monitor import MonitorHandler
__author__ = 'gavin'
config.register("web_root", "../web")
config.register("cert_dir", "../etc")
config.register("port", "8443")
config.register(name="multiprocess",
setting_type=config.TYPE_INT,
default=None,
secret=True)
config.register(name="debug",
setting_type=config.TYPE_BOOL,
default=True,
secret=True)
CONF = config.CONF
os.chdir(sys.path[0])
LOG = logging.getLogger("system")
try:
from tornado import gen
from easted import config
from easted.core import dbpools
from easted.core import openstack
from easted.identify import user
from easted.identify.exception import Forbidden, ActivateUserFailed
from easted.utils import required
from eldap import auth
__author__ = '*****@*****.**'
__all__ = ["login", "logout"]
config.register("identify.enable_super_user", default=True, setting_type=config.TYPE_BOOL, secret=True)
config.register("identify.super_user_name", default="ecloud", setting_type=config.TYPE_STR, secret=True)
config.register("ldap.enable", default="False", setting_type=config.TYPE_STR, secret=True)
config.register("keystone.password", default="password", secret=True)
CONF = config.CONF
LOG = logging.getLogger('system')
@gen.coroutine
@required("username", "password")
def login(username, password):
if CONF.keystone.username == username:
raise Forbidden()
if CONF.identify.super_user_name == username and not CONF.identify.enable_super_user:
raise Forbidden()
from easted import config
from easted.utils import singleton
import threading
from concurrent.futures import ThreadPoolExecutor
__author__ = '*****@*****.**'
config.register('thread_pool_size',
default=10,
setting_type=config.TYPE_INT,
secret=True,
readonly=True)
class WorkerTask(object):
"""A task to be performed by the ThreadPool."""
def __init__(self, function, args=(), kwargs={}):
self.function = function
self.args = args
self.kwargs = kwargs
def __call__(self):
self.function(*self.args, **self.kwargs)
class WorkerThread(threading.Thread):
"""A thread managed by a thread pool."""
def __init__(self, name, pool):
threading.Thread.__init__(self, name=name)
self.setDaemon(True)
# -*- coding: utf-8 -*-
__author__ = '*****@*****.**'
# -*- coding: utf-8 -*-
import os
from easted import config
from easted.core.exception import ECloudException
config.register("download_dir", default="../etc/downloads", secret=True)
CONF = config.CONF
__author__ = '*****@*****.**'
class UploadFileException(ECloudException):
msg = "error.file.upload.failed"
class DownloadFileException(ECloudException):
msg = "error.file.download.failed"
def upload(self, filepath):
try:
file_metas = self.request.files['file']
for meta in file_metas:
filename = meta['filename']
# filepath = os.path.join(CONF.download_dir, filename)
with open(filepath, 'wb') as up:
up.write(meta['body'])
except Exception:
# -*- coding: utf-8 -*-
from common import *
from exception import *
from networkhost import *
from subnet import delete_subnet, list_subnets
import networkdao
from tornado import gen
from easted import config
import logging
LOG = logging.getLogger('system')
__author__ = '*****@*****.**'
config.register("network.bridge_port", default="ph-eth", setting_type=config.TYPE_LIST, secret=True)
CONF = config.CONF
__all__ = ["Network",
"create_network",
"list_network",
"get_network",
"delete_network",
"update_network",
"list_phy_network"]
NETWORK_TYPE_FLAT = "flat"
NETWORK_TYPE_VLAN = "vlan"
class Network():
name = str
phy_network = str
# -*- coding: utf-8 -*-
import os
import re
from tornado import gen
from motor.motor_tornado import MotorClient
from easted.core.openstack import *
from easted import config
import datetime
HOST_LINKS_CACHE = {}
CONF = config.CONF
config.register('meter.mongodb_server', setting_type=config.TYPE_STR, default="", secret=True)
config.register('meter.mongodb_port', setting_type=config.TYPE_INT, default=27017, secret=True)
_OS_BRIDGE = ["virbr0-nic"]
@gen.coroutine
def mongodb_conf():
try:
if CONF.meter.mongodb_server and CONF.meter.mongodb_port:
controller_host, port = CONF.meter.mongodb_server, CONF.meter.mongodb_port
else:
session = yield get_session()
port = 27017
controller_host = session.urls[TYPE_METERING]['internalURL'].split(':')[1].strip('/')
except Exception, e:
from easted.core import dbpools
from tornado import gen
from exception import *
from easted import config
from easted.core.dbpools import get_conn
from easted.utils.tornado_subprocess import call_subprocess
from easted.host.host import query_host
import time
import logging
__author__ = '*****@*****.**'
LOG = logging.getLogger('system')
config.register("service.network",
default="localhost",
setting_type=config.TYPE_LIST,
secret=True)
config.register("service.storage", default="localhost", secret=True)
config.register("meter.mongodb_server", default="localhost", secret=True)
config.register("database.db_redis", secret=True)
config.register('message.url',
setting_type=config.TYPE_STR,
default='amqp://*****:*****@10.10.199.11:5672/%2F',
secret=True)
CONF = config.CONF
LOG = logging.getLogger('system')
__all__ = ["list_openstack_service"]
__service = {"mongod": [CONF.meter.mongodb_server]}
__ps = {
"rabbitmq-server": [
from easted import config
from easted.core import openstack
from exception import TenantUserOperationFailed
from easted.utils import required,trace
import eldap
import user
__author__ = '*****@*****.**'
__all__ = [
'add_tenant_user',
'remove_tenant_user',
'list_tenant_users'
]
config.register("identify.internal_user_role", default="user", setting_type=config.TYPE_STR, secret=True)
config.register("keystone.password", default="password", secret=True)
LOG = logging.getLogger('system')
CONF = config.CONF
@gen.coroutine
@required("tenant_id", "user_id")
def add_tenant_user(tenant_id, user_id, role_id=None):
try:
session = yield openstack.get_session()
if not role_id:
role_id = openstack.get_role_by_name(CONF.identify.internal_user_role)
r = yield openstack.connect_request(
session=session,
type=openstack.TYPE_IDENTITY,
from easted.core import dbpools
from easted.utils import required
from easted.identify import update_quota_used, QUOTA_NAMES, check_quota
from easted.core.exception import RequiredParamNotExist
from exception import ServerOperationFailed, SetServerMetaError, ServerListFailed, \
OnlyOneIpTypeError
from easted.volume import list_volume, delete_volume, volume_create, get_metadata, volume_list, volume_delete, \
get_volume_image_metadata, update_volume_image_metadata, get_drive_image_id
from easted.utils.cacheUtils import eval_val
from easted.core import task
from easted.core import openstack
from easted.utils import jsonutils
from constant import *
config.register("compute.max_booting",
default="5",
setting_type=config.TYPE_INT)
config.register("compute.boot_interval",
default="120",
setting_type=config.TYPE_INT)
CONF = config.CONF
SYS_VOLUME_IMAGE = "ecloud-sys-volume-image-%s"
DRIVE_VOLUME_IMAGE = "ecloud-drive-volume-image-%s"
__author__ = '*****@*****.**'
LOG = logging.getLogger("system")
__all__ = [
"Metadata", "server_request", "server_action", "live_migrate_request",
"server_list", "server_delete", "server_force_delete", "server_restore",
from tornado import gen
from tornado_mysql import pools
from tornado_mysql.cursors import DictCursor
from easted import config
from easted.core.exception import ECloudException
__author__ = '*****@*****.**'
CONF = config.CONF
__all__ = [
"init", "get_pool", "execute_commit", "update", "LOCAL_DB", "COMMON_DB",
"NOVA_DB", "get_conn"
]
config.register("database.db_local", secret=True)
config.register("database.db_global", secret=True)
config.register("database.db_nova", secret=True)
config.register("database.db_cinder", secret=True)
config.register("database.db_redis", secret=True)
config.register("database.db_keystone", secret=True)
config.register("database.db_glance", secret=True)
config.register("database.db_neutron", secret=True)
config.register("database.max_idle_connections",
setting_type=config.TYPE_INT,
default=1,
secret=True)
config.register("database.max_recycle_sec",
setting_type=config.TYPE_INT,
default=3600,
secret=True)
import copy
import logging
import os
import re
from oslo_config import cfg
import six
import six.moves.urllib.parse as urlparse
import six.moves.urllib.request as urlrequest
from easted.utils import fileutils
from easted.utils import jsonutils
from easted import config
LOG = logging.getLogger('system')
config.register('policy_file', default='policy.json',
setting_help='The JSON file that defines policies.')
config.register('policy_default_rule', default='default',
setting_help='Default rule. Enforced when a requested rule is not found.')
config.register('policy_dirs', default=['policy.d'], setting_type=config.TYPE_LIST,
setting_help='Directories where policy configuration files are '
'stored. They can be relative to any directory '
'in the search path defined by the config_dir '
'option, or absolute paths. The file defined by '
'policy_file must exist for these directories to '
'be searched. Missing or empty directories are '
'ignored.')
CONF = cfg.CONF
_checks = {}
import ldap
from easted import config
from easted.identify.exception import ConnectLdapFailed
from easted.core import dbpools
__all__ = [
"users",
"auth"
]
__author__ = '*****@*****.**'
CONF = config.CONF
LOG = logging.getLogger('system')
config.register("ldap.base_dn", setting_type=config.TYPE_STR, secret=True)
config.register("ldap.retrieve", setting_type=config.TYPE_LIST, secret=True)
config.register("ldap.auth_user", setting_type=config.TYPE_STR, secret=True)
config.register("ldap.auth_pass", setting_type=config.TYPE_STR, secret=True)
def users(username=None):
"""
支持根据用户名查找用户信息
:param username:
:return:[{
"displayname":"",
"name":"",
"phone":"",
"email":"",
"des":"备注信息"
from easted.identify import get_tenant_by_id, get_user_by_id
from easted.host import get_avilable_host
from easted.core import task
from easted.core.openstack import get_admin_tenant_id
from easted.utils import dict_deep_convert, datetimeUtils
from easted.core.consumer import MessageExecuter
__author__ = '*****@*****.**'
__all__ = [
"create_server", "list_server", "get_server", "get_servers_metadata",
"del_server", "Server", "list_vm_by_database", "set_vm_user",
"clear_vm_user", "check_network", "clear_task"
]
config.register("compute.policy", default="1", setting_type=config.TYPE_INT)
config.register("compute.expiration",
default="1800",
setting_type=config.TYPE_INT)
CONF = config.CONF
LOG = logging.getLogger('system')
class Server(object):
tenant = str
host = str
image = str
cores = int
memory = int
num = int
# -*- coding: utf-8 -*-
import json
import logging
from tornado import gen
from easted import config
from tornado.httpclient import AsyncHTTPClient, HTTPRequest
from easted.core.exception import ECloudException, DialogueTimeOut
from easted.core import dbpools
from easted.utils import RedisCache
__author__ = 'tao'
LOG = logging.getLogger('system')
config.register("keystone.username", default="admin", secret=True)
config.register("keystone.password", default="password", secret=True)
config.register("keystone.auth_url",
default="http://10.10.130.5:5000/v2.0/tokens",
secret=True)
config.register("keystone.region_name", default="RegionOne", secret=True)
config.register("keystone.tenant_name", default="admin", secret=True)
CONF = config.CONF
TYPE_COMPUTE = "compute"
TYPE_NETWORK = "network"
TYPE_VOLUME = "volumev2"
TYPE_IDENTITY = "identity"
TYPE_IMAGE = "image"
TYPE_METERING = "metering"
from easted.identify import tenant_users
from easted.identify.exception import TenantExists, TenantOperationFailed
from easted.utils import required, RedisCache
__author__ = '*****@*****.**'
__all__ = [
"list_tenants",
"get_tenant_by_id",
"create_tenant",
"update_tenant",
"delete_tenant",
]
config.register("identify.internal_admin_role",
default="admin",
setting_type=config.TYPE_STR,
secret=True)
LOG = logging.getLogger('system')
CONF = config.CONF
__TENANT_CACHE = RedisCache("tenant")
@gen.coroutine
def list_tenants():
params = []
db = dbpools.get_pool(dbpools.KEYSTONE_DB)
try:
sql = "select a.id,a.name,a.description,b.count from project as a " \
"LEFT JOIN (select target_id, if(count(*)!=0,count(*)-1,count(*)) as count " \
# -*- coding: utf-8 -*-
from easted import config
CONF = config.CONF
config.register('log.operation_log_format',
default='%(user)s %(role)s %(type)s %(operation)s %(object)s',
secret=True)
config.register('log.system_log_level', default='DEBUG', secret=True)
config.register('log.file_path', default='/var/log/ecloud/', readonly=True)
config.register('log.files_max_size', setting_type=config.TYPE_INT, default=1)
config.register('log.file_ttl', setting_type=config.TYPE_INT, default=10)
config.register('log.syslog_server_ip', default='')
config.register('log.syslog_server_port',
setting_type=config.TYPE_INT,
default=514)
config.register("keystone.region_name", default="RegionOne", secret=True)
operation_log_format = CONF.log.operation_log_format
system_log_level = CONF.log.system_log_level
syslog_server_ip = CONF.log.syslog_server_ip
syslog_server_port = CONF.log.syslog_server_port
__ESCHED = "ecloud-task_" + CONF.keystone.region_name + ".log"
__EWORKER = "ecloud-message_" + CONF.keystone.region_name + ".log"
__ECLOUD = "ecloud-server_" + CONF.keystone.region_name + ".log"
__ESCHED_ERROR_PATH = "error-ecloud-task_" + CONF.keystone.region_name + ".log"
__EWORKER_ERROR_PATH = "error-ecloud-message_" + CONF.keystone.region_name + ".log"
__ECLOUD_ERROR_PATH = "error-ecloud-server_" + CONF.keystone.region_name + ".log"
# -*- coding: utf-8 -*-
import logging
import os
import sys
from easted import config
import easted.log as log
from easted.log.conf import ECLOUD_MESSAGE_LOG_CONF
from easted.utils import loadmodules
from easted.core import dbpools
from easted.core import consumer
config.register('message.url',
setting_type=config.TYPE_STR,
default='amqp://*****:*****@10.10.130.56:5672/%2F',
secret=True)
CONF = config.CONF
os.chdir(sys.path[0])
LOG = logging.getLogger("system")
__author__ = '*****@*****.**'
try:
log.init(ECLOUD_MESSAGE_LOG_CONF)
print "Start the eworker service..."
channels = [
{
"exchange_declare": None,
"queue_declare": {
"name": "ecloud-openstack",
"bind": {
"nova": "notifications.info",
from email.header import Header
from email.mime.text import MIMEText
from easted import config
from easted import log
from easted.core.exception import SendMailFailed
from threadpool import GlobalThreadPool
__author__ = '*****@*****.**'
__time__ = '16-2-2'
LOG = logging.getLogger('system')
CONF = config.CONF
config.register('mail.template_dir',
setting_type=config.TYPE_STR,
default="../etc/mail",
secret=True)
config.register('mail.smtp_host', setting_type=config.TYPE_STR)
config.register('mail.smtp_port', default=25, setting_type=config.TYPE_INT)
config.register('mail.username', setting_type=config.TYPE_STR)
config.register('mail.password', setting_type=config.TYPE_STR)
config.register('mail.time_out',
default=120,
setting_type=config.TYPE_INT,
secret=True)
def __send_mail(to_list, sub, content):
mail_user = CONF.mail.username
mails = mail_user.split('@')
user = mails[0]
# coding:utf-8
import os, time
from easted import config
from easted.core import file
from easted.utils import datetimeUtils
from license_decode import *
from license_handle import *
from manor.util.generals import trace
config.register("license.license_path",
default="../etc/downloads/license",
setting_type=config.TYPE_STR,
secret=True)
config.register("license.private_key_path",
default="../etc/downloads/private_key",
setting_type=config.TYPE_STR,
secret=True)
CONF = config.CONF
LICENSE_PATH = CONF.license.license_path
PRIVATE_KEY_PATH = CONF.license.private_key_path
# LICENSE = "/opt/ecloud/etc/downloads/license"
# LICENSE_PATH = "C:\work\ecloud\code\src\main\etc\downloads\license"
# PRIVATE_KEY_PATH = "C:\work\ecloud\code\src\main\etc\downloads\private_key"
# LICENSE = "C:\work\ecloud\code\src\main\etc\downloads\license"
__all__ = [
"license_get", "license_upload", "check_license", "license_exists",
"pri_key_update", "pri_key_get", "hostid_get"
]
from easted.alarm.constant import ALARM_VM_REBOOT_MESSAGE, ALARM_VM_STOP_MESSAGE
from easted.alarm.ipmi_snmp import ipmi_lib, assert_feild
from easted.host.host import get_host_by_ipmi
from easted.compute import get_servers_metadata
from easted.core import mail
from easted.utils.cacheUtils import eval_val
from easted.utils.datetimeUtils import date2str, str2date, utc2local
from easted.host.exception import HostNotExist
CONF = config.CONF
LOG = logging.getLogger('system')
__all__ = ["snmp_message"]
vm_message_map = {ALARM_VM_REBOOT_MESSAGE: u"重启", ALARM_VM_STOP_MESSAGE: u"关机"}
config.register('alarm.mails', setting_type=config.TYPE_LIST, default=[])
alarm_level = {"notice": u"注意", "warning": u"警告", "fatal": u"故障"}
def __get_sensor_type_code(specific_trap):
return (0x00ff0000 & specific_trap) >> 16
def __get_event_type_code(specific_trap):
return (0x0000ff00 & specific_trap) >> 8
def __get_offset(specific_trap):
return 0x000000ff & specific_trap
