The MatchMaker classes should except a Topic or Fanout exchange key and return keys for direct exchanges, per (approximate) AMQP parlance. """ import contextlib import itertools import json import logging from heat.openstack.common import cfg from heat.openstack.common.gettextutils import _ matchmaker_opts = [ # Matchmaker ring file cfg.StrOpt('matchmaker_ringfile', default='/etc/nova/matchmaker_ring.json', help='Matchmaker ring file (JSON)'), ] CONF = cfg.CONF CONF.register_opts(matchmaker_opts) LOG = logging.getLogger(__name__) contextmanager = contextlib.contextmanager class MatchMakerException(Exception): """Signified a match could not be found.""" message = _("Match not found by MatchMaker.") class Exchange(object):
import webob.exc from heat.common import exception from heat.openstack.common import cfg from heat.openstack.common import importutils from heat.openstack.common import utils URL_LENGTH_LIMIT = 50000 # TODO(shadower) remove this once eventlet 0.9.17 is in distros Heat # supports (notably Fedora 17 and Ubuntu 12.04 and newer) eventlet.wsgi.MAX_REQUEST_LINE = URL_LENGTH_LIMIT bind_opts = [ cfg.StrOpt('bind_host', default='0.0.0.0'), cfg.IntOpt('bind_port'), ] socket_opts = [ cfg.IntOpt('backlog', default=4096), cfg.StrOpt('cert_file'), cfg.StrOpt('key_file'), ] workers_opt = cfg.IntOpt('workers', default=0) class WritableLogger(object): """A thin wrapper that responds to `write` and logs."""
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. import base64 from Crypto.Cipher import AES from Crypto import Random from heat.openstack.common import cfg from heat.openstack.common import log as logging auth_opts = [ cfg.StrOpt('auth_encryption_key', default='notgood', help="Encryption key used for authentication info in database") ] cfg.CONF.register_opts(auth_opts) logger = logging.getLogger('heat.engine.auth') def encrypt(auth_info): if auth_info is None: return None iv = Random.new().read(AES.block_size) cipher = AES.new(cfg.CONF.auth_encryption_key[:32], AES.MODE_CFB, iv) res = base64.b64encode(iv + cipher.encrypt(auth_info)) return res
class ContextMiddleware(wsgi.Middleware): opts = [ cfg.BoolOpt('owner_is_tenant', default=True), cfg.StrOpt('admin_role', default='admin'), ] def __init__(self, app, conf, **local_conf): cfg.CONF.register_opts(self.opts) # Determine the context class to use self.ctxcls = RequestContext if 'context_class' in local_conf: self.ctxcls = importutils.import_class(local_conf['context_class']) super(ContextMiddleware, self).__init__(app) def make_context(self, *args, **kwargs): """ Create a context with the given arguments. """ kwargs.setdefault('owner_is_tenant', cfg.CONF.owner_is_tenant) return self.ctxcls(*args, **kwargs) def process_request(self, req): """ Extract any authentication information in the request and construct an appropriate context from it. A few scenarios exist: 1. If X-Auth-Token is passed in, then consult TENANT and ROLE headers to determine permissions. 2. An X-Auth-Token was passed in, but the Identity-Status is not confirmed. For now, just raising a NotAuthenticated exception. 3. X-Auth-Token is omitted. If we were using Keystone, then the tokenauth middleware would have rejected the request, so we must be using NoAuth. In that case, assume that is_admin=True. """ headers = req.headers try: """ This sets the username/password to the admin user because you need this information in order to perform token authentication. The real 'username' is the 'tenant'. We should also check here to see if X-Auth-Token is not set and in that case we should assign the user/pass directly as the real username/password and token as None. 'tenant' should still be the username. """ username = None password = None aws_creds = None aws_auth_uri = None if headers.get('X-Auth-User') is not None: username = headers.get('X-Auth-User') password = headers.get('X-Auth-Key') elif headers.get('X-Auth-EC2-Creds') is not None: aws_creds = headers.get('X-Auth-EC2-Creds') aws_auth_uri = headers.get('X-Auth-EC2-Url') token = headers.get('X-Auth-Token') service_user = headers.get('X-Admin-User') service_password = headers.get('X-Admin-Pass') service_tenant = headers.get('X-Admin-Tenant-Name') tenant = headers.get('X-Tenant-Name') tenant_id = headers.get('X-Tenant-Id') auth_url = headers.get('X-Auth-Url') roles = headers.get('X-Roles') except: raise exception.NotAuthenticated() req.context = self.make_context(auth_token=token, tenant=tenant, tenant_id=tenant_id, aws_creds=aws_creds, aws_auth_uri=aws_auth_uri, username=username, password=password, service_user=service_user, service_password=service_password, service_tenant=service_tenant, auth_url=auth_url, roles=roles, is_admin=True)
import eventlet import greenlet import kombu import kombu.connection import kombu.entity import kombu.messaging from heat.openstack.common import cfg from heat.openstack.common.gettextutils import _ from heat.openstack.common import network_utils from heat.openstack.common.rpc import amqp as rpc_amqp from heat.openstack.common.rpc import common as rpc_common kombu_opts = [ cfg.StrOpt('kombu_ssl_version', default='', help='SSL version to use (valid only if SSL enabled)'), cfg.StrOpt('kombu_ssl_keyfile', default='', help='SSL key file (valid only if SSL enabled)'), cfg.StrOpt('kombu_ssl_certfile', default='', help='SSL cert file (valid only if SSL enabled)'), cfg.StrOpt('kombu_ssl_ca_certs', default='', help=('SSL certification authority file ' '(valid only if SSL enabled)')), cfg.StrOpt('rabbit_host', default='localhost', help='The RabbitMQ broker address where a single node is used'), cfg.IntOpt('rabbit_port',
# License for the specific language governing permissions and limitations # under the License. """ A remote procedure call (rpc) abstraction. For some wrappers that add message versioning to rpc, see: rpc.dispatcher rpc.proxy """ from heat.openstack.common import cfg from heat.openstack.common import importutils rpc_opts = [ cfg.StrOpt('rpc_backend', default='%s.impl_kombu' % __package__, help="The messaging module to use, defaults to kombu."), cfg.IntOpt('rpc_thread_pool_size', default=64, help='Size of RPC thread pool'), cfg.IntOpt('rpc_conn_pool_size', default=30, help='Size of RPC connection pool'), cfg.IntOpt('rpc_response_timeout', default=60, help='Seconds to wait for a response from call or multicall'), cfg.IntOpt('rpc_cast_timeout', default=30, help='Seconds to wait before a cast expires (TTL). ' 'Only supported by impl_zmq.'), cfg.ListOpt('allowed_rpc_exception_modules',
>>> db.event_get(context, event_id) # Event object received The underlying driver is loaded . SQLAlchemy is currently the only supported backend. ''' import heat.utils from heat.openstack.common import utils from heat.openstack.common import cfg import heat.utils SQL_CONNECTION = 'sqlite://' SQL_IDLE_TIMEOUT = 3600 db_opts = [ cfg.StrOpt('db_backend', default='sqlalchemy', help='The backend to use for db'), ] IMPL = heat.utils.LazyPluggable('db_backend', sqlalchemy='heat.db.sqlalchemy.api') def configure(): global SQL_CONNECTION global SQL_IDLE_TIMEOUT SQL_CONNECTION = cfg.CONF.sql_connection SQL_IDLE_TIMEOUT = cfg.CONF.sql_idle_timeout def raw_template_get(context, template_id):
import logging import logging.config import logging.handlers import os import sys from eventlet.green import socket from heat.common import wsgi from heat.openstack.common import cfg DEFAULT_PORT = 8000 paste_deploy_group = cfg.OptGroup('paste_deploy') paste_deploy_opts = [ cfg.StrOpt('flavor'), cfg.StrOpt('config_file'), ] bind_opts = [ cfg.IntOpt('bind_port', default=8000), cfg.StrOpt('bind_host', default='127.0.0.1') ] service_opts = [ cfg.IntOpt('report_interval', default=10, help='seconds between nodes reporting state to datastore'), cfg.IntOpt('periodic_interval', default=60, help='seconds between running periodic tasks'),
from heat.openstack.common.gettextutils import _ from heat.openstack.common import importutils from heat.openstack.common import jsonutils from heat.openstack.common import log as logging from heat.openstack.common import timeutils LOG = logging.getLogger(__name__) notifier_opts = [ cfg.MultiStrOpt('notification_driver', default=[], deprecated_name='list_notifier_drivers', help='Driver or drivers to handle sending notifications'), cfg.StrOpt('default_notification_level', default='INFO', help='Default notification level for outgoing notifications'), cfg.StrOpt('default_publisher_id', default='$host', help='Default publisher_id for outgoing notifications'), ] CONF = cfg.CONF CONF.register_opts(notifier_opts) WARN = 'WARN' INFO = 'INFO' ERROR = 'ERROR' CRITICAL = 'CRITICAL' DEBUG = 'DEBUG'
from heat.openstack.common.gettextutils import _ from heat.openstack.common import importutils from heat.openstack.common import jsonutils from heat.openstack.common.rpc import common as rpc_common # for convenience, are not modified. pformat = pprint.pformat Timeout = eventlet.timeout.Timeout LOG = rpc_common.LOG RemoteError = rpc_common.RemoteError RPCException = rpc_common.RPCException zmq_opts = [ cfg.StrOpt('rpc_zmq_bind_address', default='*', help='ZeroMQ bind address. Should be a wildcard (*), ' 'an ethernet interface, or IP. ' 'The "host" option should point or resolve to this ' 'address.'), # The module.Class to use for matchmaking. cfg.StrOpt( 'rpc_zmq_matchmaker', default=('heat.openstack.common.rpc.' 'matchmaker.MatchMakerLocalhost'), help='MatchMaker driver', ), # The following port is unassigned by IANA as of 2012-05-21 cfg.IntOpt('rpc_zmq_port', default=9501, help='ZeroMQ receiver listening port'),
import eventlet import greenlet import qpid.messaging import qpid.messaging.exceptions from heat.openstack.common import cfg from heat.openstack.common.gettextutils import _ from heat.openstack.common import jsonutils from heat.openstack.common.rpc import amqp as rpc_amqp from heat.openstack.common.rpc import common as rpc_common LOG = logging.getLogger(__name__) qpid_opts = [ cfg.StrOpt('qpid_hostname', default='localhost', help='Qpid broker hostname'), cfg.StrOpt('qpid_port', default='5672', help='Qpid broker port'), cfg.StrOpt('qpid_username', default='', help='Username for qpid connection'), cfg.StrOpt('qpid_password', default='', help='Password for qpid connection'), cfg.StrOpt('qpid_sasl_mechanisms', default='', help='Space separated list of SASL mechanisms to use for auth'), cfg.IntOpt('qpid_heartbeat', default=60, help='Seconds between connection keepalive heartbeats'), cfg.StrOpt('qpid_protocol',
import os import stat import sys import traceback from heat.openstack.common import cfg from heat.openstack.common.gettextutils import _ from heat.openstack.common import jsonutils from heat.openstack.common import local from heat.openstack.common import notifier log_opts = [ cfg.StrOpt('logging_context_format_string', default='%(asctime)s %(levelname)s %(name)s [%(request_id)s ' '%(user_id)s %(project_id)s] %(instance)s' '%(message)s', help='format string to use for log messages with context'), cfg.StrOpt('logging_default_format_string', default='%(asctime)s %(process)d %(levelname)s %(name)s [-]' ' %(instance)s%(message)s', help='format string to use for log messages without context'), cfg.StrOpt('logging_debug_format_suffix', default='%(funcName)s %(pathname)s:%(lineno)d', help='data to append to log format when level is DEBUG'), cfg.StrOpt('logging_exception_prefix', default='%(asctime)s %(process)d TRACE %(name)s %(instance)s', help='prefix each line of exception output with this format'), cfg.ListOpt('default_log_levels', default=[ 'amqplib=WARN',