Example #1
0
 def __init__(self,
              host='127.0.0.1',
              version='2',
              port=None,
              user='******',
              password=None,
              debug=False,
              project=None,
              domain='Default',
              auth_url=None):
     self.debug = debug
     self.host = host
     loader = loading.get_plugin_loader('password')
     auth = loader.load_from_options(auth_url=auth_url,
                                     username=user,
                                     password=password,
                                     project_name=project,
                                     user_domain_name=domain,
                                     project_domain_name=domain)
     sess = session.Session(auth=auth)
     self.nova = novaclient.Client(version, session=sess)
     self.glance = glanceclient(version, session=sess)
     self.cinder = cinderclient.Client(version, session=sess)
     self.neutron = neutronclient(session=sess)
     self.conn = self.nova
     self.project = project
     return
Example #2
0
def add_auth_opts(options, service_type=None):
    """Add auth options to sample config

    As these are dynamically registered at runtime,
    this adds options for most used auth_plugins
    when generating sample config.
    """
    def add_options(opts, opts_to_add):
        for new_opt in opts_to_add:
            for opt in opts:
                if opt.name == new_opt.name:
                    break
            else:
                opts.append(new_opt)

    opts = copy.deepcopy(options)
    opts.insert(0, ks_loading.get_auth_common_conf_options()[0])
    # NOTE(dims): There are a lot of auth plugins, we just generate
    # the config options for a few common ones
    plugins = ['password', 'v2password', 'v3password']
    for name in plugins:
        plugin = ks_loading.get_plugin_loader(name)
        add_options(opts, ks_loading.get_auth_plugin_conf_options(plugin))
    add_options(opts, ks_loading.get_session_conf_options())
    if service_type:
        adapter_opts = ks_loading.get_adapter_conf_options(
            include_deprecated=False)
        # adding defaults for valid interfaces
        cfg.set_defaults(adapter_opts,
                         service_type=service_type,
                         valid_interfaces=DEFAULT_VALID_INTERFACES)
        add_options(opts, adapter_opts)
    opts.sort(key=lambda x: x.name)
    return opts
    def test_client_manager_k2k_auth_setup(self):
        loader = loading.get_plugin_loader('password')
        auth_plugin = loader.load_from_options(**AUTH_DICT)
        cli_options = defaults.get_defaults()
        cli_options.update({
            'auth_type': 'password',
            'auth': AUTH_DICT,
            'interface': fakes.INTERFACE,
            'region_name': fakes.REGION_NAME,
            'service_provider': fakes.SERVICE_PROVIDER_ID,
            'remote_project_id': fakes.PROJECT_ID
        })
        client_manager = self._clientmanager_class()(
            cli_options=cloud_config.CloudConfig(
                name='t1',
                region='1',
                config=cli_options,
                auth_plugin=auth_plugin,
            ),
            api_version={
                'identity': '3',
            },
        )

        self.assertFalse(client_manager._auth_setup_completed)
        client_manager.setup_auth()
        # Note(knikolla): Make sure that the auth object is of the correct
        # type and that the service_provider is correctly set.
        self.assertIsInstance(client_manager.auth, k2k.Keystone2Keystone)
        self.assertEqual(client_manager.auth._sp_id, fakes.SERVICE_PROVIDER_ID)
        self.assertEqual(client_manager.auth.project_id, fakes.PROJECT_ID)
        self.assertTrue(client_manager._auth_setup_completed)
Example #4
0
def get_keystone_plugin_loader(auth, keystone_session):
    cred = parse_auth_credential_to_dict(auth)
    auth_plugin = ks_loading.get_plugin_loader(
        cred.get('auth_type')).load_from_options(
            **cred.get('auth'))
    validate_auth_plugin(auth_plugin, keystone_session)
    return auth_plugin
Example #5
0
 def __init_keystone_session_v2(self, check=False):
     """Create and return a session object using Keystone API v2."""
     from keystoneauth1 import loading as keystone_v2
     loader = keystone_v2.get_plugin_loader('password')
     auth = loader.load_from_options(
         auth_url=self._os_auth_url,
         username=self._os_username,
         password=self._os_password,
         project_name=self._os_tenant_name,
     )
     sess = keystoneauth1.session.Session(auth=auth, verify=self._os_cacert)
     if check:
         log.debug("Checking that Keystone API v2 session works...")
         try:
             # if session is invalid, the following will raise some exception
             nova = nova_client.Client(self._compute_api_version, session=sess, cacert=self._os_cacert)
             nova.flavors.list()
         except keystoneauth1.exceptions.NotFound as err:
             log.warning("Creating Keystone v2 session failed: %s", err)
             return None
         except keystoneauth1.exceptions.ClientException as err:
             log.error("OpenStack server rejected request (likely configuration error?): %s", err)
             return None  # FIXME: should we be raising an error instead?
     # if we got to this point, v2 session is valid
     log.info("Using Keystone API v2 session to authenticate to OpenStack")
     return sess
def start_heat_connection(AUTH_URL=None,
                          USERNAME=None,
                          PASSWORD=None,
                          PROJECT_NAME=None,
                          TENANT_ID=None,
                          TENANT_NAME=None,
                          USER_DOMAIN_ID="default",
                          USER_DOMAIN_NAME="default",
                          PROJECT_DOMAIN_ID="default"):
    from heatclient import client
    from keystoneauth1 import loading
    from keystoneauth1 import session

    loader = loading.get_plugin_loader('password')
    auth = loader.load_from_options(auth_url=AUTH_URL,
                                    username=USERNAME,
                                    password=PASSWORD,
                                    project_name=PROJECT_NAME,
                                    user_domain_name=USER_DOMAIN_NAME,
                                    user_domain_id=USER_DOMAIN_ID,
                                    project_domain_id=PROJECT_DOMAIN_ID)

    # auth = loader.load_from_options(auth_url=AUTH_URL,
    #                                 username=USERNAME,
    #                                 password=PASSWORD,
    #                                 tenant_id=TENANT_ID,
    #                                 tenant_name=TENANT_NAME,
    #                                 project_name=PROJECT_NAME)

    sess = session.Session(auth=auth)
    heat = client.Client('1', session=sess)
    heat.stacks.list()

    return heat
def get_openstack_clients(config):
    """ gets a tuple of various openstack clients.
        (novaclient, neutronclient, cinderclient).
        Caller can pick up one or all of the returned clients.
    """
    if config:
        if config.get('M2M_CREDENTIAL_STORE'):
            logging.debug("loading credentials from %s" % config.get('M2M_CREDENTIAL_STORE'))
            m2m_config = json.load(open(config.get('M2M_CREDENTIAL_STORE')))
            source_config = m2m_config
        else:
            logging.debug("using config as provided")
            source_config = config
    else:
        logging.debug("no config, trying environment vars")
        source_config = os.environ
    os_username = source_config['OS_USERNAME']
    os_password = source_config['OS_PASSWORD']
    os_tenant_name = source_config['OS_TENANT_NAME']
    os_auth_url = source_config['OS_AUTH_URL']

    loader = loading.get_plugin_loader('password')
    auth = loader.load_from_options(auth_url=os_auth_url,
                                    username=os_username,
                                    password=os_password,
                                    project_name=os_tenant_name
                                    )
    sess = session.Session(auth=auth, verify=False)

    return (novaclient.client.Client(NOVACLIENT_VERSION,
                                     session=sess),
            neutronclient.v2_0.client.Client(session=sess),
            cinderclient.v2.client.Client(NOVACLIENT_VERSION, session=sess)
            )
Example #8
0
    def test_client_manager_k2k_auth_setup(self):
        loader = loading.get_plugin_loader('password')
        auth_plugin = loader.load_from_options(**AUTH_DICT)
        cli_options = defaults.get_defaults()
        cli_options.update({
            'auth_type': 'password',
            'auth': AUTH_DICT,
            'interface': fakes.INTERFACE,
            'region_name': fakes.REGION_NAME,
            'service_provider': fakes.SERVICE_PROVIDER_ID,
            'remote_project_id': fakes.PROJECT_ID
        })
        client_manager = self._clientmanager_class()(
            cli_options=cloud_config.CloudConfig(
                name='t1',
                region='1',
                config=cli_options,
                auth_plugin=auth_plugin,
            ),
            api_version={
                'identity': '3',
            },
        )

        self.assertFalse(client_manager._auth_setup_completed)
        client_manager.setup_auth()
        # Note(knikolla): Make sure that the auth object is of the correct
        # type and that the service_provider is correctly set.
        self.assertIsInstance(client_manager.auth, k2k.Keystone2Keystone)
        self.assertEqual(client_manager.auth._sp_id, fakes.SERVICE_PROVIDER_ID)
        self.assertEqual(client_manager.auth.project_id, fakes.PROJECT_ID)
        self.assertTrue(client_manager._auth_setup_completed)
Example #9
0
def add_auth_opts(options):
    """Add auth options to sample config

    As these are dynamically registered at runtime,
    this adds options for most used auth_plugins
    when generating sample config.
    """
    def add_options(opts, opts_to_add):
        for new_opt in opts_to_add:
            for opt in opts:
                if opt.name == new_opt.name:
                    break
            else:
                opts.append(new_opt)

    opts = copy.deepcopy(options)
    opts.insert(0, kaloading.get_auth_common_conf_options()[0])
    # NOTE(dims): There are a lot of auth plugins, we just generate
    # the config options for a few common ones
    plugins = ['password', 'v2password', 'v3password']
    for name in plugins:
        plugin = kaloading.get_plugin_loader(name)
        add_options(opts, kaloading.get_auth_plugin_conf_options(plugin))
    add_options(opts, kaloading.get_session_conf_options())
    opts.sort(key=lambda x: x.name)
    return opts
def upload_to_glance(image, image_name_in_glance, provider, disk_format, url):
    """
    Upload iso/qcow2/ova images to Glance.
    """
    api_version = '2'  # python-glanceclient API version
    provider_dict = cfme_data['template_upload'][provider]
    creds_key = provider_dict['credentials']

    loader = loading.get_plugin_loader('password')
    auth = loader.load_from_options(
        auth_url=provider_dict['auth_url'],
        username=credentials[creds_key]['username'],
        password=credentials[creds_key]['password'],
        tenant_name=credentials[creds_key]['tenant'])
    glance_session = session.Session(auth=auth)
    glance = Client(api_version, session=glance_session)

    # Two images on Glance could have the same name since Glance assigns them different IDS.
    # So, we are running a check to make sure an image with the same name doesn't already exist.
    for img in glance.images.list():
        if img.name == image_name_in_glance:
            print("image_upload_glance: Image already exists on Glance server")
            return

    glance_img = glance.images.create(name=image_name_in_glance)
    # Update image properties before uploading the image.
    glance.images.update(glance_img.id, container_format="bare")
    glance.images.update(glance_img.id, disk_format=disk_format)
    glance.images.update(glance_img.id, visibility="public")
    if image:
        glance.images.upload(glance_img.id, open(image, 'rb'))
    elif url:
        glance.images.add_location(glance_img.id, url, {})
Example #11
0
    def _get_session(self, auth_args):
        """ Return Keystone API session object."""
        loader = loading.get_plugin_loader('password')
        auth = loader.load_from_options(**auth_args)
        sess = session.Session(auth=auth, verify=False)

        return sess
Example #12
0
def add_auth_opts(options, service_type=None):
    """Add auth options to sample config

    As these are dynamically registered at runtime,
    this adds options for most used auth_plugins
    when generating sample config.
    """
    def add_options(opts, opts_to_add):
        for new_opt in opts_to_add:
            for opt in opts:
                if opt.name == new_opt.name:
                    break
            else:
                opts.append(new_opt)

    opts = copy.deepcopy(options)
    opts.insert(0, kaloading.get_auth_common_conf_options()[0])
    # NOTE(dims): There are a lot of auth plugins, we just generate
    # the config options for a few common ones
    plugins = ['password', 'v2password', 'v3password']
    for name in plugins:
        plugin = kaloading.get_plugin_loader(name)
        add_options(opts, kaloading.get_auth_plugin_conf_options(plugin))
    add_options(opts, kaloading.get_session_conf_options())
    if service_type:
        adapter_opts = kaloading.get_adapter_conf_options(
            include_deprecated=False)
        # adding defaults for valid interfaces
        cfg.set_defaults(adapter_opts, service_type=service_type,
                         valid_interfaces=DEFAULT_VALID_INTERFACES)
        add_options(opts, adapter_opts)
    opts.sort(key=lambda x: x.name)
    return opts
Example #13
0
def _get_legacy_auth():
    """Load auth from keystone_authtoken config section

    Used only to provide backward compatibility with old configs.
    """
    conf = getattr(CONF, ironic_auth.LEGACY_SECTION)
    # NOTE(pas-ha) first try to load auth from legacy section
    # using the new keystoneauth options that might be already set there
    auth = ironic_auth.load_auth(CONF, ironic_auth.LEGACY_SECTION)
    if auth:
        return auth
    # NOTE(pas-ha) now we surely have legacy config section for auth
    # and with legacy options set in it, deal with it.
    legacy_loader = kaloading.get_plugin_loader('password')
    auth_params = {
        'auth_url': conf.auth_uri,
        'username': conf.admin_user,
        'password': conf.admin_password,
        'tenant_name': conf.admin_tenant_name
    }
    api_v3 = _is_apiv3(conf.auth_uri, conf.auth_version)
    if api_v3:
        # NOTE(pas-ha): mimic defaults of keystoneclient
        auth_params.update({
            'project_domain_id': 'default',
            'user_domain_id': 'default',
        })
    return legacy_loader.load_from_options(**auth_params)
Example #14
0
    def test_client_manager_auth_setup_once(self, check_authn_options_func):
        loader = loading.get_plugin_loader('password')
        auth_plugin = loader.load_from_options(**AUTH_DICT)
        cli_options = defaults.get_defaults()
        cli_options.update({
            'auth_type': 'password',
            'auth': AUTH_DICT,
            'interface': fakes.INTERFACE,
            'region_name': fakes.REGION_NAME,
        })
        client_manager = self._clientmanager_class()(
            cli_options=cloud_config.CloudConfig(
                name='t1',
                region='1',
                config=cli_options,
                auth_plugin=auth_plugin,
            ),
            api_version={
                'identity': '2.0',
            },
        )
        self.assertFalse(client_manager._auth_setup_completed)
        client_manager.setup_auth()
        self.assertTrue(check_authn_options_func.called)
        self.assertTrue(client_manager._auth_setup_completed)

        # now make sure we don't do auth setup the second time around
        # by checking whether check_valid_auth_options() gets called again
        check_authn_options_func.reset_mock()
        client_manager.auth_ref
        check_authn_options_func.assert_not_called()
    def test_client_manager_auth_setup_once(self, check_authn_options_func):
        loader = loading.get_plugin_loader('password')
        auth_plugin = loader.load_from_options(**AUTH_DICT)
        cli_options = defaults.get_defaults()
        cli_options.update({
            'auth_type': 'password',
            'auth': AUTH_DICT,
            'interface': fakes.INTERFACE,
            'region_name': fakes.REGION_NAME,
        })
        client_manager = self._clientmanager_class()(
            cli_options=cloud_config.CloudConfig(
                name='t1',
                region='1',
                config=cli_options,
                auth_plugin=auth_plugin,
            ),
            api_version={
                'identity': '2.0',
            },
        )
        self.assertFalse(client_manager._auth_setup_completed)
        client_manager.setup_auth()
        self.assertTrue(check_authn_options_func.called)
        self.assertTrue(client_manager._auth_setup_completed)

        # now make sure we don't do auth setup the second time around
        # by checking whether check_valid_auth_options() gets called again
        check_authn_options_func.reset_mock()
        client_manager.auth_ref
        check_authn_options_func.assert_not_called()
Example #16
0
 def test_base_options_are_there(self):
     options = loading.get_plugin_loader(self.plugin_name).get_options()
     self.assertTrue(
         set(['client-id', 'client-secret', 'access-token-endpoint',
              'access-token-type']).issubset(
                  set([o.name for o in options]))
     )
Example #17
0
 def session(self):
     if self._session:
         return self._session
     auth_type = 'password'
     auth_kwargs = {
         'auth_url': self.opts.os_auth_url,
         'project_id': self.opts.os_project_id,
         'project_name': self.opts.os_project_name,
         'project_domain_id': self.opts.os_project_domain_id,
         'project_domain_name': self.opts.os_project_domain_name,
     }
     if self.opts.os_username and self.opts.os_password:
         auth_kwargs.update({
             'username': self.opts.os_username,
             'password': self.opts.os_password,
             'tenant_name': self.opts.os_tenant_name,
             'user_domain_id': self.opts.os_user_domain_id,
             'user_domain_name': self.opts.os_user_domain_name,
         })
     elif self.opts.os_token:
         auth_type = 'token'
         auth_kwargs.update({
             'token': self.opts.os_token,
         })
     loader = kaloading.get_plugin_loader(auth_type)
     auth_plugin = loader.load_from_options(**auth_kwargs)
     # Let keystoneauth do the necessary parameter conversions
     session = kaloading.session.Session().load_from_options(
         auth=auth_plugin, insecure=self.opts.insecure, cacert=self.cacert,
         cert=self.cert)
     return session
Example #18
0
def create_keystone_session(ctxt, connection_info={}):
    allow_untrusted = connection_info.get("allow_untrusted",
                                          CONF.keystone.allow_untrusted)
    # TODO(alexpilotti): add "ca_cert" to connection_info
    verify = not allow_untrusted

    username = connection_info.get("username")
    auth = None

    if not username:
        # Using directly the caller's token is not feasible for long running
        # tasks as once it expires it cannot be automatically renewed. This is
        # solved by using a Keystone trust, which must have been set priorly.
        if ctxt.trust_id:
            auth = _get_trusts_auth_plugin(ctxt.trust_id)
        else:
            plugin_name = "token"
            plugin_args = {"token": ctxt.auth_token}
    else:
        plugin_name = "password"
        password = connection_info.get("password")
        plugin_args = {
            "username": username,
            "password": password,
        }

    if not auth:
        project_name = connection_info.get("project_name", ctxt.project_name)

        auth_url = connection_info.get("auth_url", CONF.keystone.auth_url)
        if not auth_url:
            raise exception.CoriolisException(
                '"auth_url" not provided in "connection_info" and option '
                '"auth_url" in group "[openstack_migration_provider]" '
                'not set')

        plugin_args.update({
            "auth_url": auth_url,
            "project_name": project_name,
        })

        keystone_version = connection_info.get(
            "identity_api_version", CONF.keystone.identity_api_version)

        if keystone_version == 3:
            plugin_name = "v3" + plugin_name

            project_domain_name = connection_info.get("project_domain_name",
                                                      ctxt.project_domain)
            plugin_args["project_domain_name"] = project_domain_name

            user_domain_name = connection_info.get("user_domain_name",
                                                   ctxt.user_domain)
            plugin_args["user_domain_name"] = user_domain_name

        loader = loading.get_plugin_loader(plugin_name)
        auth = loader.load_from_options(**plugin_args)

    return ks_session.Session(auth=auth, verify=verify)
Example #19
0
def create_keystone_session(ctxt):
    allow_untrusted = CONF.keystone.allow_untrusted
    # TODO(gsamfira): add "ca_cert" to connection_info
    verify = not allow_untrusted

    plugin_name = "token"
    plugin_args = {"token": ctxt.auth_token}

    project_name = ctxt.project_name
    auth_url = CONF.keystone.auth_url
    if not auth_url:
        raise exception.NovaGuestException(
            '"auth_url" in group "[keystone]" not set')

    plugin_args.update({
        "auth_url": auth_url,
        "project_name": project_name,
    })

    keystone_version = CONF.keystone.identity_api_version

    if keystone_version == 3:
        plugin_name = "v3" + plugin_name

        project_domain_name = ctxt.project_domain_name
        # NOTE: only set the kwarg if proper argument is provided:
        if project_domain_name:
            plugin_args["project_domain_name"] = project_domain_name

        project_domain_id = ctxt.project_domain_id
        if project_domain_id:
            plugin_args["project_domain_id"] = project_domain_id

        if not project_domain_name and not project_domain_id:
            raise exception.NovaGuestException(
                "Either 'project_domain_name' or 'project_domain_id' is "
                "required for Keystone v3 Auth.")

        # NOTE: The v3token plugin does not allow the user_domain_name
        #       or user_domain_id options, while the v3password plugin
        #       requires at least any of these.
        if plugin_name != "v3token":
            user_domain_name = ctxt.user_domain_name
            if user_domain_name:
                plugin_args["user_domain_name"] = user_domain_name

            user_domain_id = ctxt.user_domain_id
            if user_domain_id:
                plugin_args["user_domain_id"] = user_domain_id

            if not user_domain_name and not user_domain_id:
                raise exception.NovaGuestException(
                    "Either 'user_domain_name' or 'user_domain_id' is "
                    "required for Keystone v3 Auth.")

    loader = loading.get_plugin_loader(plugin_name)
    auth = loader.load_from_options(**plugin_args)

    return ks_session.Session(auth=auth, verify=verify)
Example #20
0
def create_worker():
    flavor = "ssc.small"
    private_net = "SNIC 2017/13-45 Internal IPv4 Network"
    floating_ip_pool_name = "Public External IPv4 Network"
    floating_ip = None
    image_name = "Ubuntu 16.04 LTS (Xenial Xerus) - latest"

    loader = loading.get_plugin_loader('password')

    auth = loader.load_from_options(
        auth_url=env['OS_AUTH_URL'],
        username=env['OS_USERNAME'],
        password=env['OS_PASSWORD'],
        project_name=env['OS_PROJECT_NAME'],
        project_domain_name=env['OS_USER_DOMAIN_NAME'],
        project_id=env['OS_PROJECT_ID'],
        user_domain_name=env['OS_USER_DOMAIN_NAME'])

    sess = session.Session(auth=auth)
    nova = client.Client('2.1', session=sess)
    print "user authorization completed."

    image = nova.glance.find_image(image_name)

    flavor = nova.flavors.find(name=flavor)

    if private_net != None:
        net = nova.neutron.find_network(private_net)
        nics = [{'net-id': net.id}]
    else:
        sys.exit("private-net not defined.")

    #print("Path at terminal when executing this file")
    #print(os.getcwd() + "\n")

    cfg_file_path = os.getcwd() + '/cloud-config.txt'
    if os.path.isfile(cfg_file_path):
        userdata = open(cfg_file_path)
    else:
        sys.exit("cloud-cfg.txt is not in current working directory")

    secgroups = ['hoyhoy2']

    print "Creating instance ... "
    instance = nova.servers.create(name='ACC-1 worker',
                                   image=image,
                                   flavor=flavor,
                                   userdata=userdata,
                                   nics=nics,
                                   security_groups=secgroups)
    inst_status = instance.status

    while inst_status == 'BUILD':
        print "Instance: " + instance.name + " is in " + inst_status + " state, sleeping for 5 seconds more..."
        time.sleep(.5)
        instance = nova.servers.get(instance.id)
        inst_status = instance.status

    print "Instance: " + instance.name + " is in " + inst_status + "state"
Example #21
0
def getUtilizationV0():
    auth = get_keystone_creds()

    loader = loading.get_plugin_loader('password')
    keystone = loader.load_from_options(
        auth_url=auth['OS_AUTH_URL'],
        username=auth['OS_USERNAME'],
        password=auth['OS_PASSWORD'],
        project_name=auth['OS_PROJECT_NAME'],
        user_domain_name=auth['OS_USER_DOMAIN_NAME'],
        project_domain_name=auth['OS_PROJECT_DOMAIN_NAME'])

    sess = session.Session(auth=keystone)

    nova = nova_client.Client(2.1, session=sess)

    # Docs stink
    # get field names from json output of openstack command line
    # or look here: nova/api/openstack/compute/hypervisors.py
    # or here: nova/objects/compute_node.py

    hvs = []
    hv_total = {}
    hv_total['vcpus'] = 0
    hv_total['vcpus_used'] = 0
    hv_total['memory_mb'] = 0
    hv_total['memory_mb_used'] = 0
    hv_total['free_ram_mb'] = 0
    hv_total['running_vms'] = 0
    hv_total['hypervisors'] = 0

    for nc in nova.hypervisors.list(detailed=True):
        hv = {}
        hv_total['hypervisors'] += 1
        hv['id'] = nc.id
        hv['hypervisor_hostname'] = nc.hypervisor_hostname
        hv['vcpus'] = nc.vcpus
        hv_total['vcpus'] += hv['vcpus']
        hv['vcpus_used'] = nc.vcpus_used
        hv_total['vcpus_used'] += hv['vcpus_used']
        hv['memory_mb'] = nc.memory_mb
        hv_total['memory_mb'] += hv['memory_mb']
        hv['memory_mb_used'] = nc.memory_mb_used
        hv_total['memory_mb_used'] += hv['memory_mb_used']
        hv['free_ram_mb'] = nc.free_ram_mb
        hv_total['free_ram_mb'] += hv['free_ram_mb']
        hv['running_vms'] = nc.running_vms
        hv_total['running_vms'] += hv['running_vms']
        hvs.append(hv)

    #print json.dumps(hvs,indent=2)
    hv_total['vcpus_percent'] = int(100 * hv_total['vcpus_used'] /
                                    hv_total['vcpus'])
    hv_total['memory_percent'] = int(100 * hv_total['memory_mb_used'] /
                                     hv_total['memory_mb'])
    #print json.dumps(hv_total,indent=2)
    ts = datetime.utcnow().strftime("%Y-%m-%dT%H:%M:%SZ")
    hv_total['ts'] = ts
    return hv_total
Example #22
0
 def keystone_auth(self, domain="default", project="default"):
     loader = loading.get_plugin_loader('password')
     auth = loader.load_from_options(auth_url=self.AUTH_URL, username=self.USERNAME, password=self.PASSWORD,
                                     project_name=self.PROJECT_NAME, user_domain_name=domain,
                                     project_domain_name=project)
     sess = session.Session(auth=auth)
     nova = client.Client(self.VERSION, session=sess)
     return nova
def ks_session(auth_url, username, password, project_id):
    loader = ks_loading.get_plugin_loader('password')
    auth = loader.load_from_options(auth_url=auth_url,
                                    username=username,
                                    password=password,
                                    project_id=project_id)
    sess = keystoneauth1.session.Session(auth=auth)
    return sess
Example #24
0
def get_loader(auth_type):
    if auth_type not in list_auth_types():
        raise ValueError(
            "'auth_type' has to be one of %s (received %s)" % (
                list_auth_types(), auth_type
            )
        )
    return loading.get_plugin_loader(auth_type)
Example #25
0
 def test_options(self):
     options = loading.get_plugin_loader(self.plugin_name).get_options()
     self.assertTrue(
         set(['username', 'password', 'openid-scope']).issubset(
             set([o.name for o in options]))
     )
     # openid-scope gets renamed into "scope"
     self.assertIn('scope', [o.dest for o in options])
Example #26
0
    def get_nova_client(self):
        creds = self.get_nova_credentials()
        loader = loading.get_plugin_loader('password')
        auth = loader.load_from_options(**creds)
        sess = session.Session(auth=auth)
        nova_client = novaclient.Client(NOVA_CLIENT_API_VERSION, session=sess)

        return nova_client
Example #27
0
    def __init__(self, auth_config_json_file=None):
        with open(auth_config_json_file, 'r') as _f:
            auth_config_dict = json.load(_f)

        # Openstack API version
        version = '2.0'  #FIXME
        if version == '2.0':
            loader = loading.get_plugin_loader('v2password')
        elif version >= '3.0':
            loader = loading.get_plugin_loader('password')

        auth = loader.load_from_options(**auth_config_dict)
        #sess = keystoneauth1.session.Session(auth=auth)
        sess = session.Session(auth=auth)

        #self.nova = novaclient.client.Client(version, session=sess)
        self.nova = nova_cl.Client(version, session=sess)
Example #28
0
 def __init__(self):
     loader = loading.get_plugin_loader(constants.OPENSTACK_PASSWORD)
     auth = loader.load_from_options(
         auth_url=constants.OPENSTACK_URL,
         username=constants.OPENSTACK_USER,
         password=constants.OPENSTACK_PASSWORD,
         project_id=constants.OPENSTACK_PROJECT_ID)
     self.sess = session.Session(auth=auth)
    def __init__(self, auth_config_json_file=None):
        with open(auth_config_json_file, 'r') as _f:
            auth_config_dict = json.load(_f)

        # Openstack API version
        version = '2.0' #FIXME
        if version == '2.0':
            loader = loading.get_plugin_loader('v2password')
        elif version >= '3.0':
            loader = loading.get_plugin_loader('password')

        auth = loader.load_from_options(**auth_config_dict)
        #sess = keystoneauth1.session.Session(auth=auth)
        sess = session.Session(auth=auth)

        #self.nova = novaclient.client.Client(version, session=sess)
        self.nova = nova_cl.Client(version, session=sess)
Example #30
0
 def auth(self):
     loader = loading.get_plugin_loader('password')
     auth = loader.load_from_options(
         auth_url=self.auth_url,
         username=self.username,
         password=self.password,
         project_id=self.tenant_id)
     return auth
Example #31
0
def ks_session(auth_url, username, password, project_id):
    loader = ks_loading.get_plugin_loader('password')
    auth = loader.load_from_options(auth_url=auth_url,
                                    username=username,
                                    password=password,
                                    project_id=project_id)
    sess = keystoneauth1.session.Session(auth=auth)
    return sess
 def __password_session_setup(self, node):
     creds = node.runtime_properties['auth_properties']
     if 'region_name' in creds:
         del creds['region_name']
     loader = loading.get_plugin_loader('password')
     auth = loader.load_from_options(**creds)
     sess = session.Session(auth=auth)
     return sess
Example #33
0
 def _constructClient(client_version, username, password, project_name,
                      auth_url):
     """Return a novaclient from the given args."""
     loader = loading.get_plugin_loader('password')
     auth = loader.load_from_options(auth_url=auth_url, username=username,
                                     password=password, project_name=project_name)
     sess = session.Session(auth=auth)
     return client.Client(client_version, session=sess)
def nova_login(username, password, projectname, auth_url, user_domain_name,
               project_domain_name, ssl_insecure, cacert, apitimeout):
    legacy_import = False

    try:
        from keystoneauth1 import loading
        from keystoneauth1 import session as ksc_session
        from keystoneauth1.exceptions.discovery import DiscoveryFailure
        from keystoneauth1.exceptions.http import Unauthorized
    except ImportError:
        try:
            from keystoneclient import session as ksc_session
            from keystoneclient.auth.identity import v3

            legacy_import = True
        except ImportError:
            fail_usage("Failed: Keystone client not found or not accessible")

    if not legacy_import:
        loader = loading.get_plugin_loader("password")
        auth = loader.load_from_options(
            auth_url=auth_url,
            username=username,
            password=password,
            project_name=projectname,
            user_domain_name=user_domain_name,
            project_domain_name=project_domain_name,
        )
    else:
        auth = v3.Password(
            auth_url=auth_url,
            username=username,
            password=password,
            project_name=projectname,
            user_domain_name=user_domain_name,
            project_domain_name=project_domain_name,
            cacert=cacert,
        )

    caverify=True
    if ssl_insecure:
        caverify=False
    elif cacert:
        caverify=cacert

    session = ksc_session.Session(auth=auth, verify=caverify, timeout=apitimeout)
    nova = client.Client("2", session=session, timeout=apitimeout)
    apiversion = None
    try:
        apiversion = nova.versions.get_current()
    except DiscoveryFailure as e:
        fail_usage("Failed: Discovery Failure: " + str(e))
    except Unauthorized as e:
        fail_usage("Failed: Unauthorized: " + str(e))
    except Exception as e:
        logging.error(e)
    logging.debug("Nova version: %s", apiversion)
    return nova
Example #35
0
 def create_session(self, user_id, password):
     user = self.get_user(user_id)
     loader = loading.get_plugin_loader('password')
     auth = loader.load_from_options(
         auth_url=CONF.watcher_clients_auth.auth_url,
         password=password,
         user_id=user_id,
         project_id=user.default_project_id)
     return session.Session(auth=auth)
Example #36
0
 def _create_keystone_session(self):
     """
     Return a keystone session used to
     connect to other Openstack services
     """
     loader = loading.get_plugin_loader('password')
     auth = loader.load_from_options(**self._creds)
     sess = session.Session(auth=auth, verify=_OPENSTACK_VERIFY_SSL)
     return sess
Example #37
0
 def connect(self):
     loader = loading.get_plugin_loader('password')
     auth = loader.load_from_options(auth_url=self.auth_url,
                                     username=self.username,
                                     password=self.password,
                                     project_name=self.project_name)
     sess = session.Session(auth=auth)
     nova = client.Client(2, session=sess)
     return nova
Example #38
0
 def get_nova_client(self, tenant_id, username, password):
     loader = loading.get_plugin_loader('password')
     auth = loader.load_from_options(auth_url='http://' + self.ip +
                                     ':5000/v2.0',
                                     username=username,
                                     password=password,
                                     project_id=tenant_id)
     sess = session.Session(auth=auth)
     return nova_client.Client(2, session=sess)
 def getAuth(self):
     loader = loading.get_plugin_loader('password')
     auth = loader.load_from_options(
         auth_url=self._auth_url,
         username=self._username,
         password=self._password,
         project_id=self._project_id,
         user_domain_name=self._user_domain_name)
     return auth
Example #40
0
 def test_base_options_are_there(self):
     options = loading.get_plugin_loader(self.plugin_name).get_options()
     self.assertTrue(
         set([
             'client-id', 'client-secret', 'access-token-endpoint',
             'access-token-type', 'openid-scope', 'discovery-endpoint'
         ]).issubset(set([o.name for o in options])))
     # openid-scope gets renamed into "scope"
     self.assertIn('scope', [o.dest for o in options])
Example #41
0
 def __init__(self, params):
     super(AodhClient, self).__init__(params)
     self.params = params
     loader = loading.get_plugin_loader('password')
     auth = loader.load_from_options(**self.aodh_credential)
     sess = session.Session(auth)
     version = self.params.get('version', 2)
     self.aodhclient = aodhclient.Client(version, sess)
     self.alarm_utils = self.aodhclient.alarm
    def _make_clientmanager(
        self,
        auth_args=None,
        config_args=None,
        identity_api_version=None,
        auth_plugin_name=None,
        auth_required=None,
    ):

        if identity_api_version is None:
            identity_api_version = '2.0'
        if auth_plugin_name is None:
            auth_plugin_name = 'password'

        if auth_plugin_name.endswith('password'):
            auth_dict = copy.deepcopy(self.default_password_auth)
        elif auth_plugin_name.endswith('token'):
            auth_dict = copy.deepcopy(self.default_token_auth)
        else:
            auth_dict = {}

        if auth_args is not None:
            auth_dict = auth_args

        cli_options = defaults.get_defaults()
        cli_options.update({
            'auth_type': auth_plugin_name,
            'auth': auth_dict,
            'interface': fakes.INTERFACE,
            'region_name': fakes.REGION_NAME,
            # 'workflow_api_version': '2',
        })
        if config_args is not None:
            cli_options.update(config_args)

        loader = loading.get_plugin_loader(auth_plugin_name)
        auth_plugin = loader.load_from_options(**auth_dict)
        client_manager = self._clientmanager_class()(
            cli_options=cloud_region.CloudRegion(
                name='t1',
                region_name='1',
                config=cli_options,
                auth_plugin=auth_plugin,
            ),
            api_version={
                'identity': identity_api_version,
            },
        )
        client_manager._auth_required = auth_required is True
        client_manager.setup_auth()
        client_manager.auth_ref

        self.assertEqual(
            auth_plugin_name,
            client_manager.auth_plugin_name,
        )
        return client_manager
    def test_options(self):
        options = loading.get_plugin_loader('v3oauth1').get_options()

        self.assertEqual(set([o.name for o in options]),
                         set(['auth-url',
                              'access-key',
                              'access-secret',
                              'consumer-key',
                              'consumer-secret']))
Example #44
0
    def _make_clientmanager(
        self,
        auth_args=None,
        config_args=None,
        identity_api_version=None,
        auth_plugin_name=None,
        auth_required=None,
    ):

        if identity_api_version is None:
            identity_api_version = '2.0'
        if auth_plugin_name is None:
            auth_plugin_name = 'password'

        if auth_plugin_name.endswith('password'):
            auth_dict = copy.deepcopy(self.default_password_auth)
        elif auth_plugin_name.endswith('token'):
            auth_dict = copy.deepcopy(self.default_token_auth)
        else:
            auth_dict = {}

        if auth_args is not None:
            auth_dict = auth_args

        cli_options = defaults.get_defaults()
        cli_options.update({
            'auth_type': auth_plugin_name,
            'auth': auth_dict,
            'interface': fakes.INTERFACE,
            'region_name': fakes.REGION_NAME,
            # 'workflow_api_version': '2',
        })
        if config_args is not None:
            cli_options.update(config_args)

        loader = loading.get_plugin_loader(auth_plugin_name)
        auth_plugin = loader.load_from_options(**auth_dict)
        client_manager = self._clientmanager_class()(
            cli_options=cloud_region.CloudRegion(
                name='t1',
                region_name='1',
                config=cli_options,
                auth_plugin=auth_plugin,
            ),
            api_version={
                'identity': identity_api_version,
            },
        )
        client_manager._auth_required = auth_required is True
        client_manager.setup_auth()
        client_manager.auth_ref

        self.assertEqual(
            auth_plugin_name,
            client_manager.auth_plugin_name,
        )
        return client_manager
Example #45
0
def setup(keystone_url="", admin="admin", password="******", project="admin"):
    loader = loading.get_plugin_loader('password')
    auth = loader.load_from_options(auth_url=keystone_url,
                                    username="******",
                                    password="******",
                                    project_name="admin")
    sess = session.Session(auth=auth, verify=False)
    cinder = client.Client(version="2.0", session=sess)
    return cinder
Example #46
0
def setup(url):
    loader = loading.get_plugin_loader('password')
    auth = loader.load_from_options(auth_url=url,
                                    username="******",
                                    password="******",
                                    project_name="admin")
    sess = session.Session(auth=auth)
    glance = Gclient.Client(version="2", session=sess)
    return glance
Example #47
0
    def __init__(self, label, **kwargs):
        loader = loading.get_plugin_loader('password')
        auth = loader.load_from_options(**kwargs)
        session2 = session.Session(auth=auth)

        LOG.info('Creating Nova client for %s using keystone: %s', label,
                 kwargs.pop('auth_url'))

        self.nova = client.Client(2, session=session2)
Example #48
0
def get_session(username, password, project_name, auth_url):
    loader = loading.get_plugin_loader('password')
    auth = loader.load_from_options(auth_url=auth_url,
                                    username=username,
                                    password=password,
                                    project_name=project_name,
                                    user_domain_id='default',
                                    project_domain_id='default')
    return session.Session(auth=auth)
Example #49
0
def get_admin_auth_session():
    global ADMIN_SESSION
    if not ADMIN_SESSION:
        loader = loading.get_plugin_loader('password')
        auth = loader.load_from_options(**admin_auth_info)
        ADMIN_SESSION = session.Session(auth=auth)
        headers = {"Content-Type": "application/json", }
        ADMIN_SESSION.additional_headers.update(headers)
    return ADMIN_SESSION
Example #50
0
 def get_sess(self):
     if not self.have_sess:
         loader = loading.get_plugin_loader('password')
         auth = loader.load_from_options(auth_url=self.authsettings['AUTH_URL'],
                                        username=self.authsettings['AUTH_NAME'],
                                        password=self.authsettings['AUTH_PASSWORD'],
                                        project_name=self.authsettings['TENANT_NAME'])
         self.sess = session.Session(auth=auth)
         self.have_sess = True
     return self.sess
Example #51
0
 def test_base_options_are_there(self):
     options = loading.get_plugin_loader(self.plugin_name).get_options()
     self.assertTrue(
         set(['client-id', 'client-secret', 'access-token-endpoint',
              'access-token-type', 'openid-scope',
              'discovery-endpoint']).issubset(
                  set([o.name for o in options]))
     )
     # openid-scope gets renamed into "scope"
     self.assertIn('scope', [o.dest for o in options])
Example #52
0
    def get_session(self):
        """Get a keystone auth session.

        :returns: keystoneauth1.session.Session
        """
        if self.session is None:
            loader = loading.get_plugin_loader('password')
            auth = loader.load_from_options(**self.auth_kwargs)
            self.session = session.Session(auth=auth)
        return self.session
Example #53
0
def list_auth_opts():
    # Inspired by similar code in neutron
    opt_list = []
    for plugin in ['password', 'v2password', 'v3password']:
        plugin_options = ks_loading.get_plugin_loader(plugin).get_options()
        for plugin_option in plugin_options:
            if all(option.name != plugin_option.name for option in opt_list):
                opt_list.append(plugin_option)

    opt_list.sort(key=operator.attrgetter('name'))
    return opt_list
Example #54
0
    def test_can_load(self):
        loader = loading.get_plugin_loader('v1password')
        self.assertIsInstance(loader, authv1.PasswordLoader)

        auth_plugin = loader.load_from_options(**self.options)
        self.assertIsInstance(auth_plugin, authv1.PasswordPlugin)

        self.assertEqual(self.options['auth_url'], auth_plugin.auth_url)
        self.assertEqual(self.options['username'], auth_plugin.user)
        self.assertEqual(self.options.get('project_name'), auth_plugin.account)
        self.assertEqual(self.options['password'], auth_plugin.key)
Example #55
0
 def __init__(self, session):
     loader = keystone_loading.get_plugin_loader('password')
     auth = loader.load_from_options(auth_url=session.auth_url,
                                     username=session.username,
                                     password=session.password,
                                     project_name=session.project_name,
                                     user_domain_name=session.user_domain_name,
                                     project_domain_name=session.project_domain_name)
     sess = keystone_session.Session(auth=auth)
     self.client = glance_client.Client("2", session=sess)
     self.project_id = session.project_id
Example #56
0
    def connect(self, cfg):
        client_kwargs = {field: cfg[field] for field in
                         self.REQUIRED_CONFIG_PARAMS}

        loader = loading.get_plugin_loader('password')
        auth = loader.load_from_options(**client_kwargs)
        sess = session.Session(auth=auth)
        client_kwargs.update(
            cfg.get('custom_configuration', {}).get('keystone_client', {}))
        client_kwargs['session'] = sess
        return KeystoneClientWithSugar(**client_kwargs)
def getClient(service):
    loader = loading.get_plugin_loader('password')
    auth = loader.load_from_options(auth_url=auth_url, username=username, password=password, project_id=project_id)
    sess = session.Session(auth=auth)
    if service=='nova':
        myclient = nova_client.Client(version, session=sess)
    elif service=='keystone':
        myclient = keystone_client.Client(version,session=sess)
    elif service=='glance':
        myclient = glance_client.Client(Config.get('Glance','VERSION'),session=sess)
    return myclient
Example #58
0
def list_auth_opts():
    opt_list = copy.deepcopy(_nova_options)
    opt_list.insert(0, ks_loading.get_auth_common_conf_options()[0])
    # NOTE(mhickey): There are a lot of auth plugins, we just generate
    # the config options for a few common ones
    plugins = ['password', 'v2password', 'v3password']
    for name in plugins:
        for plugin_option in ks_loading.get_plugin_loader(name).get_options():
            if all(option.name != plugin_option.name for option in opt_list):
                opt_list.append(plugin_option)
    opt_list.sort(key=operator.attrgetter('name'))
    return [(NOVA_GROUP, opt_list)]