def setUpClass(cls):
# Collecting of credentials:
#
# Support the existence of a functional_creds.conf for
# testing. This makes it possible to use a config file.
super(BaseMagnumClient, cls).setUpClass()
user = cliutils.env('OS_USERNAME')
passwd = cliutils.env('OS_PASSWORD')
project_name = cliutils.env('OS_PROJECT_NAME')
auth_url = cliutils.env('OS_AUTH_URL')
insecure = cliutils.env('INSECURE')
region_name = cliutils.env('OS_REGION_NAME')
magnum_url = cliutils.env('BYPASS_URL')
image_id = cliutils.env('IMAGE_ID')
nic_id = cliutils.env('NIC_ID')
flavor_id = cliutils.env('FLAVOR_ID')
master_flavor_id = cliutils.env('MASTER_FLAVOR_ID')
keypair_id = cliutils.env('KEYPAIR_ID')
dns_nameserver = cliutils.env('DNS_NAMESERVER')
copy_logs = cliutils.env('COPY_LOGS')
user_domain_id = cliutils.env('OS_USER_DOMAIN_ID')
project_domain_id = cliutils.env('OS_PROJECT_DOMAIN_ID')
config = configparser.RawConfigParser()
if config.read('functional_creds.conf'):
# the OR pattern means the environment is preferred for
# override
user = user or config.get('admin', 'user')
passwd = passwd or config.get('admin', 'pass')
project_name = project_name or config.get('admin', 'project_name')
auth_url = auth_url or config.get('auth', 'auth_url')
insecure = insecure or config.get('auth', 'insecure')
magnum_url = magnum_url or config.get('auth', 'magnum_url')
image_id = image_id or config.get('magnum', 'image_id')
nic_id = nic_id or config.get('magnum', 'nic_id')
flavor_id = flavor_id or config.get('magnum', 'flavor_id')
master_flavor_id = master_flavor_id or config.get(
'magnum', 'master_flavor_id')
keypair_id = keypair_id or config.get('magnum', 'keypair_id')
dns_nameserver = dns_nameserver or config.get(
'magnum', 'dns_nameserver')
user_domain_id = user_domain_id or config.get(
'admin', 'user_domain_id')
project_domain_id = project_domain_id or config.get(
'admin', 'project_domain_id')
try:
copy_logs = copy_logs or config.get('magnum', 'copy_logs')
except configparser.NoOptionError:
pass
cls.image_id = image_id
cls.nic_id = nic_id
cls.flavor_id = flavor_id
cls.master_flavor_id = master_flavor_id
cls.keypair_id = keypair_id
cls.dns_nameserver = dns_nameserver
cls.copy_logs = str(copy_logs).lower() == 'true'
cls.cs = v1client.Client(username=user,
api_key=passwd,
project_name=project_name,
auth_url=auth_url,
insecure=insecure,
user_domain_id=user_domain_id,
project_domain_id=project_domain_id,
service_type='container-infra',
region_name=region_name,
magnum_url=magnum_url)
cls.keystone = ksclient.Client(username=user,
password=passwd,
project_name=project_name,
project_domain_id=project_domain_id,
user_domain_id=user_domain_id,
auth_url=auth_url,
insecure=insecure)
token = cls.keystone.auth_token
heat_endpoint = cls.keystone.service_catalog.url_for(
service_type='orchestration')
cls.heat = heatclient.Client('1', token=token, endpoint=heat_endpoint)
def displayInstance(self, datacenter, auth,instance):
self.datacenter = datacenter
self.auth = auth
self.instance = instance
current_dir = os.environ["HOME"]
for key, value in self.auth.iteritems():
if key == 'token':
token = value
if key == 'username':
username = value
if key == 'project_name':
project_name = value
if key == 'region':
region = value
if key == 'project_domain_name':
project_domain_name = value
print('\n')
print '- LOADING : ........ ',
sys.stdout.flush()
try:
if region == 'SCL1':
novaauth = v3.Token(auth_url='http://expostack.tf-net.mydomain.com:35357/v3',token=token,project_name=project_name,project_domain_name=project_domain_name)
if region == 'LA1':
novaauth = v3.Token(auth_url='http://expostack-02.tf-net.mydomain.com:35357/v3',token=token,project_name=project_name,project_domain_name=project_domain_name)
novasession = session.Session(auth=novaauth)
keystone = client.Client(session=novasession)
nova = novaClient.Client('2', session=novasession)
except(exceptions.AuthorizationFailure):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error: Unable to authenticate or validate the existing authorization token for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
except(exceptions.Unauthorized):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error: Authentication failed due to invalid token for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
try:
servers = nova.servers.list(search_opts={'all_tenants': 1})
except(exceptions.NotFound):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error: Instance could not be found for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
except(e.Unauthorized):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error: Login into Region: ' + self.datacenter + ' to perform this Operation.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
except(e.from_response):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error: Login into Region: ' + self.datacenter + ' to perform this Operation.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
try:
for myNode in range(len(servers)):
s = servers[myNode]
if s.name.lstrip() == self.instance.strip():
instance_id = s.id
break
except(exceptions.NotFound):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error: Instance could not be found for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
try:
display = nova.servers.get(instance_id)
except(exceptions.NotFound):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error: Instance could not be found for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
except(IOError,IndexError,KeyError,NameError,OSError,RuntimeError,SyntaxError,IndentationError,TypeError,UnboundLocalError,ValueError):
self.progress()
print ' [DONE]'
print('\n')
error = '- Error: Instance Name : ' + self.instance + ' is Invalid. Please try Again.'
prompt = '- Error: Instance could not be found for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(error)
return 1
try:
d = dumps(display._info, sort_keys=True, indent=4, separators=(',', ': '))
username = username.lower()
chk = username.find('@')
if chk != -1:
storeusername = username.split('@')
uname = storeusername[0]
if chk == -1:
uname = username
fileName = self.random_with_N_digits(4)
fopen = open(current_dir + "/" + '.' + self.datacenter + "/" + '.' + uname + "/" + '.' + str(fileName), 'w')
fopen.write('[')
fopen.write(d)
fopen.write(']')
fopen.close()
userDisplay = prettytable.PrettyTable(["INSTANCE ID", "INSTANCE NAME", "IP ADDRESS", "STATUS"])
userDisplay.align["INSTANCE ID"] = "l"
userDisplay.align["INSTANCE NAME"] = "l"
userDisplay.align["IP ADDRESS"] = "l"
userDisplay.align["STATUS"] = "l"
userDisplay.padding_width = 1
fileSize = os.stat(current_dir + "/" + '.' + self.datacenter + "/" + '.' + uname + "/" + '.' + str(fileName)).st_size != 0
if fileSize:
with open(current_dir + "/" + '.' + self.datacenter + "/" + '.' + uname + "/" + '.' + str(fileName), 'r') as f:
data = load(f)
j = 0
ipAddr = []
instance_id = []
instance_name = []
stat = []
for item in data:
for key, value in item.items():
if key == 'addresses':
for k, v in value.iteritems():
if type(k):
for each in v:
for column, row in each.items():
if column == 'addr':
ipAddr.insert(j,row)
if key == 'id':
instance_id.insert(j,value)
if key == 'name':
instance_name.insert(j,value)
if key == 'status':
stat.insert(j,value)
j = j + 1
for j,k,l,m in map(None,instance_id,instance_name,ipAddr,stat):
userDisplay.add_row([j,k,l,m])
self.progress()
print ' [DONE]'
print('\n')
print(userDisplay)
fileToRemove = current_dir + "/" + '.' + self.datacenter + "/" + '.' + uname + "/" + '.' + str(fileName)
os.remove(fileToRemove)
except(IOError,IndexError,KeyError,NameError,OSError,RuntimeError,SyntaxError,IndentationError,TypeError,UnboundLocalError,ValueError):
prompt = '- Error: Unknown Error, Instance could not be found for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
else:
return 0
def main():
"""Shows user info (servers, volumes, snapshots, routers, networks, ...).
List a lot of useful info about a user:
- all projects he's member of
- for each project/region
all servers, volumes, snapshots, routers, networks, floating ips, ...
"""
parser = argparse.ArgumentParser(
description="Show information (servers, volumes, networks, ...) for a user. Search in all projects he's member of, and optionally in all regions (-a).")
parser.add_argument('-a', '--all-regions', help='query all regions', action='store_true')
parser.add_argument('USERNAME', help="username to search")
parser.add_argument('-v', '--verbose', help='verbose', action='store_true')
if len(sys.argv) < 2:
parser.print_help()
sys.exit(1)
args = parser.parse_args()
# get OS_* environment variables
os_auth_url = get_environ('OS_AUTH_URL', args.verbose)
os_username = get_environ('OS_USERNAME', args.verbose)
os_password = get_environ('OS_PASSWORD', args.verbose)
os_tenant_name = get_environ('OS_TENANT_NAME', args.verbose)
os_region_name = get_environ('OS_REGION_NAME', args.verbose)
# keystone_V3 client requires a /v3 auth url
if '/v2.0' in os_auth_url:
os_auth_url_v3 = os_auth_url.replace('/v2.0', '/v3')
if args.verbose:
print "os_auth_url_v3:", os_auth_url_v3
keystone = keystone_v3.Client(username=os_username,
password=os_password,
project_name=os_tenant_name,
auth_url=os_auth_url_v3)
# all regions available
all_regions = []
for region in keystone.regions.list():
all_regions.append(region.id)
# regions to use
region_names = [os_region_name]
if args.all_regions:
if os_region_name in all_regions:
region_names = all_regions
# Openstack clients per region
nova_regions = {}
cinder_regions = {}
neutron_regions = {}
for region_name in region_names:
_nova = nova_client.Client(2,
os_username,
os_password,
os_tenant_name,
auth_url=os_auth_url,
region_name=region_name)
nova_regions[region_name] = _nova
_cinder = cinder_client.Client(os_username,
os_password,
os_tenant_name,
auth_url=os_auth_url,
region_name=region_name)
cinder_regions[region_name] = _cinder
_neutron = neutron_client.Client(username=os_username,
password=os_password,
tenant_name=os_tenant_name,
auth_url=os_auth_url,
region_name=region_name)
neutron_regions[region_name] = _neutron
try:
username = args.USERNAME
user = keystone.users.find(name=username)
user_projects = keystone.projects.list(user=user)
print "User: {} [{}]: {} projects".format(user.name,
user.id,
len(user_projects))
for project in user_projects:
print " Project: {} [{}] - {}".format(project.name,
project.id,
project.description)
servers_search_opts = {'all_tenants': True, 'tenant_id': project.id}
volumes_search_opts = {'all_tenants': True, 'project_id': project.id}
neutron_search_opts = {'all_tenants': True, 'tenant_id': project.id}
for region in region_names:
# get clients for region
nova = nova_regions[region]
cinder = cinder_regions[region]
neutron = neutron_regions[region]
# servers
project_servers = nova.servers.list(search_opts=servers_search_opts)
servers = {}
for server in project_servers:
servers[server.id] = server
# volumes
project_volumes = cinder.volumes.list(search_opts=volumes_search_opts)
volumes = {}
for volume in project_volumes:
volumes[volume.id] = volume
# volume snapshots
project_volume_snapshots = cinder.volume_snapshots.list(search_opts=volumes_search_opts)
volume_snapshots = {}
for volume_snapshot in project_volume_snapshots:
volume_snapshots[volume_snapshot.id] = volume_snapshot
# floating IPs
resp = neutron.list_floatingips(**neutron_search_opts)
floatingips = {}
for floatingip in resp['floatingips']:
floatingips[floatingip['id']] = floatingip
resp = neutron.list_networks(**neutron_search_opts)
networks = {}
for network in resp['networks']:
networks[network['id']] = network
resp = neutron.list_routers(**neutron_search_opts)
routers = {}
for router in resp['routers']:
routers[router['id']] = router
#
# show info
#
if servers or volumes or volume_snapshots or floatingips or networks or routers:
print " Region:", region
if servers:
print " Servers:"
for id, server in servers.items():
print " Server: {} [{}] - {}".format(server.name, server.id, server.status)
volumes_attached = getattr(server,'os-extended-volumes:volumes_attached')
for volume_attached in volumes_attached:
volume_id = volume_attached['id']
if volume_id in volumes:
volume = volumes[volume_id]
volume_name = volume.name.rstrip() if volume.name else 'None'
for attachment in volume.attachments:
attached_server_id = attachment['server_id']
attached_device = attachment['device']
if attached_server_id == server.id:
print " Volume: {}: {} [{}] {}GB - {}".format(attached_device, volume_name, volume.id, volume.size, volume.status.upper())
# remove volume from list
volumes.pop(volume_id)
else:
print " ERROR: Volume {} [{}] not attached to Server {} [{}]".format(volume_name, volume.id, server.name, server.id)
if volumes:
print " Other Volumes:"
for id, volume in volumes.items():
volume_name = volume.name.rstrip() if volume.name else 'None'
print " Volume: {} [{}] {}GB - {}".format(volume_name, volume.id, volume.size, volume.status.upper())
for attachment in volume.attachments:
attached_server_id = attachment['server_id']
if attached_server_id in servers:
server_attached = servers[attached_server_id]
print " Attached to: {} [{}]:{}".format(server_attached.name, server_attached.id, attachment['device'])
else:
print " ERROR: attached to unknown Server [{}]:{}".format(attached_server_id, attachment['device'])
if volume_snapshots:
print " Volume Snapshots:"
for id, v_snapshot in volume_snapshots.items():
v_snapshot_name = v_snapshot.name.rstrip() if v_snapshot.name else 'None'
print " Snapshot: {} [{}] (Volume: [{}]) {}GB - {}".format(v_snapshot_name, v_snapshot.id, v_snapshot.volume_id, v_snapshot.size, v_snapshot.status.upper())
if floatingips:
print " Floating IPs:"
for id, floatingip in floatingips.items():
print " IP: {} [{}] - {}".format(floatingip['floating_ip_address'], floatingip['id'], floatingip['status'])
if routers:
print " Routers:"
for id, router in routers.items():
print " Router: {} [{}] - {}".format(router['name'], router['id'], router['status'])
resp = neutron.list_ports(device_id=id)
ifaces = resp['ports']
for iface in ifaces:
device_owner = iface['device_owner']
iface_info = ["Subnet: %s IP: %s" % (i['subnet_id'],i['ip_address']) for i in iface['fixed_ips']]
if device_owner == 'network:router_gateway':
resp = neutron.show_network(iface['network_id'])
iface_net = resp['network']
print " Interface: {} (Gateway External Network: {} [{}])".format(iface['id'], iface_net['name'], iface_net['id'])
elif device_owner == 'network:router_interface':
print " Interface: {} ({})".format(iface['id'], ",".join(iface_info))
else:
print " Interface: {} ({}) ({})".format(iface['id'], device_owner, ",".join(iface_info))
if networks:
print " Networks:"
for id, network in networks.items():
print " Network: {} [{}] - {}".format(network['name'], network['id'], network['status'])
for subnet_id in network['subnets']:
resp = neutron.show_subnet(subnet_id)
subnet = resp['subnet']
subnet_ipranges = ["IPRange: %s-%s" % (i['start'],i['end']) for i in subnet['allocation_pools']]
print " Subnet: {} [{}] (CIDR: {})".format(subnet['name'], subnet['id'], subnet['cidr'])
resp = neutron.list_ports(network_id=id)
ports = resp['ports']
for port in ports:
device_id = port['device_id']
device_owner = port['device_owner']
if device_id in servers:
server = servers[device_id]
print " Port: {} (Server: {} [{}])".format(port['id'], server.name, server.id, port['status'])
elif device_id in routers:
router = routers[device_id]
print " Port: {} (Router: {} [{}])".format(port['id'], router['name'], router['id'], port['status'])
elif device_owner == 'network:dhcp':
print " Port: {} (DHCP)".format(port['id'])
else:
print " Port: {} ({} [])".format(port['id'], device_owner, device_id, port['status'])
except keystoneclient.exceptions.NotFound as e:
print "ERROR: Username", username, "not found:", e.message
sys.exit(1)
except novaclient.exceptions.NotFound as e:
print "ERROR: not found:", e.message
sys.exit(1)
except Exception as e:
print "ERROR:", e.message
sys.exit(1)
def __init__(self, adap, **kwargs):
super(_V3RequestStrategy, self).__init__(adap, **kwargs)
self._client = v3_client.Client(session=adap)
def get_client_on_behalf_user(auth_plugin):
"""Return a client for keystone v3 endpoint."""
sess = session.Session(auth=auth_plugin)
return ks_client_v3.Client(session=sess)
def _v3_client_init(self):
kwargs = {'auth_url': self.v3_endpoint, 'endpoint': self.v3_endpoint}
# Note try trust_id first, as we can't reuse auth_token in that case
if self.context.trust_id is not None:
# We got a trust_id, so we use the admin credentials
# to authenticate with the trust_id so we can use the
# trust impersonating the trustor user.
kwargs.update(self._service_admin_creds())
kwargs['trust_id'] = self.context.trust_id
kwargs.pop('project_name')
elif self.context.auth_token_info is not None:
# The auth_ref version must be set according to the token version
if 'access' in self.context.auth_token_info:
kwargs['auth_ref'] = copy.deepcopy(
self.context.auth_token_info['access'])
kwargs['auth_ref']['version'] = 'v2.0'
kwargs['auth_ref']['token']['id'] = self.context.auth_token
elif 'token' in self.context.auth_token_info:
kwargs['auth_ref'] = copy.deepcopy(
self.context.auth_token_info['token'])
kwargs['auth_ref']['version'] = 'v3'
kwargs['auth_ref']['auth_token'] = self.context.auth_token
else:
LOG.error(_LE('Unknown version in auth_token_info'))
raise exception.AuthorizationFailure(
_('Unknown token version'))
elif self.context.auth_token is not None:
kwargs['token'] = self.context.auth_token
kwargs['project_id'] = self.context.tenant_id
elif self.context.password is not None:
kwargs['username'] = self.context.username
kwargs['password'] = self.context.password
kwargs['project_id'] = self.context.tenant_id
else:
LOG.error(
_LE("Keystone v3 API connection failed, no password "
"trust or auth_token!"))
raise exception.AuthorizationFailure()
kwargs.update(self._ssl_options())
client = kc_v3.Client(**kwargs)
# If auth_ref has already be specified via auth_token_info, don't
# authenticate as we want to reuse, rather than request a new token
if 'auth_ref' not in kwargs:
try:
client.authenticate()
except kc_exception.Unauthorized:
LOG.error(_LE("Keystone client authentication failed"))
raise exception.AuthorizationFailure()
# If we are authenticating with a trust set the context auth_token
# with the trust scoped token
if 'trust_id' in kwargs:
# Sanity check
if not client.auth_ref.trust_scoped:
LOG.error(_LE("trust token re-scoping failed!"))
raise exception.AuthorizationFailure()
# Sanity check that impersonation is effective
if self.context.trustor_user_id != client.auth_ref.user_id:
LOG.error(_LE("Trust impersonation failed"))
raise exception.AuthorizationFailure()
return client
LOG.exception('Error while reading nova.conf:')
else:
LOG.error('Nova configuration file %s does not exist', nova_cfg)
sys.exit(1)
# get keystone client with details from [placement] section
auth = v3.Password(user_domain_name=config.get('placement',
'user_domain_name'),
username=config.get('placement', 'username'),
password=config.get('placement', 'password'),
project_name=config.get('placement', 'project_name'),
project_domain_name=config.get('placement',
'user_domain_name'),
auth_url=config.get('placement', 'auth_url') + '/v3')
sess = session.Session(auth=auth, verify=False)
keystone = client.Client(session=sess, interface='internal')
iterations_endpoint = iterations
placement_endpoint_url = None
while iterations_endpoint > 1:
iterations_endpoint -= 1
try:
# get placement service id
placement_service_id = keystone.services.list(
name='placement')[0].id
# get placement endpoint (valid_interfaces)
placement_endpoint_url = keystone.endpoints.list(
service=placement_service_id,
region=config.get('placement', 'region_name'),
interface=config.get('placement', 'valid_interfaces'))[0].url
def _authenticate(auth_url,
username=None,
password=None,
user_domain_name='Default'):
"""Authenticate with keystone
Creates an unscoped token using the given credentials (which validates
them), and then uses that token to get a project-scoped token.
"""
unscoped_auth = v3.Password(auth_url,
username=username,
password=password,
user_domain_name=user_domain_name,
unscoped=True)
session = ks_session.Session(user_agent=USER_AGENT,
verify=not CONF.keystone_authtoken.insecure)
try:
# Trigger keystone to verify the credentials
unscoped_auth_ref = unscoped_auth.get_access(session)
except exc.connection.ConnectFailure as e:
abort(503, str(e))
except exc.http.HttpError as e:
abort(e.http_status, e.message)
except exc.ClientException as e:
abort(401, str(e))
except Exception as e:
LOG.exception(e)
abort(500, "Unable to authenticate")
client = ks_client.Client(session=session,
auth=unscoped_auth,
user_agent=USER_AGENT)
auth_url = unscoped_auth.auth_url
projects = client.projects.list(user=unscoped_auth_ref.user_id)
# Filter out disabled projects
projects = [project for project in projects if project.enabled]
# Prioritize the admin project by putting it at the beginning of the list
for pos, project in enumerate(projects):
if project.name == 'admin':
projects.pop(pos)
projects.insert(0, project)
break
# Return the first project token that we have the admin role on, otherwise
# return the first project token we have any role on.
fallback_auth_ref = None
for project in projects:
auth = v3.Token(auth_url=auth_url,
token=unscoped_auth_ref.auth_token,
project_id=project.id,
reauthenticate=False)
try:
auth_ref = auth.get_access(session)
if 'admin' in auth_ref.role_names:
return {
'token': auth_ref.auth_token,
'expires': auth_ref.expires.isoformat()
}
elif not fallback_auth_ref:
fallback_auth_ref = auth_ref
except Exception as e:
pass
if fallback_auth_ref:
return {
'token': fallback_auth_ref.auth_token,
'expires': fallback_auth_ref.expires.isoformat()
}
# TODO(gary): Consider as a secondary fallback to return a domain-scoped
# token
abort(403, "Not authorized for any project")
from keystoneclient.v3 import client as client_keystone
from cinderclient import client as client_cinder
from neutronclient.v2_0 import client as client_neutron
from glanceclient import Client
auth_url = "http://10.10.10.99:5000/v3"
username = "******"
password = "******"
project_name = "dangvv"
user_domain_id = "default"
project_domain_id = "default"
# auth = loader.load_from_options(auth_url="http://192.168.40.11:5000/v3", username='******', password='******', project_name='khoadv', user_domain_id='default', project_domain_id='default')
auth = loader.load_from_options(auth_url=auth_url, username=username, password=password, project_name=project_name, user_domain_id=user_domain_id, project_domain_id=project_domain_id)
sess = session.Session(auth=auth)
glan = Client(2, session=sess)
keystone = client_keystone.Client(session=sess)
nova = client.Client(2, session=sess)
cinder = client_cinder.Client(3, session=sess)
neutron = client_neutron.Client(session=sess)
def get_images(a):
while True:
try:
print(a.__next__()['id'])
except StopIteration:
break
get_images(glan.images.list())
def auth_keystone(self):
auth = v3.Token(auth_url=self.config["Keystone"]["auth_uri"],
token=self.get_token())
sess = session.Session(auth=auth)
keystone = client.Client(session=sess)
return keystone
def main(argv):
""" Get credentials to create a keystoneauth Session to instantiate a
Keystone Client and then call methods to add users, projects and roles"""
path = os.environ.get('PRELOAD_YAML_PATH', '/preload.yml')
try:
with open(path, 'r') as f:
data = yaml.load(f)
except IOError:
data = {'users': [], 'endpoints': []}
print('No preload.yml at %s, using default values: %r' % (path, data))
users = data['users']
url = 'http://localhost:35357/v3'
# FIXME(clenimar): to date, devstack doesn't set domain-related enviroment
# variables. That's why we need that little workaround when getting those
# from sys.argv.
kwargs = {
'username': os.environ.get('KEYSTONE_USERNAME', 'admin'),
'password': os.environ.get('KEYSTONE_PASSWORD', 's3cr3t'),
'project_name': os.environ.get('KEYSTONE_PROJECT', 'admin'),
'project_domain_id': 'default',
'user_domain_id': 'default'
}
auth_plugin = _get_auth_plugin(auth_url=url, **kwargs)
session = _retry(lambda: ks_session.Session(auth=auth_plugin))
ks_client = _retry(lambda: client.Client(session=session))
projects = []
for user in users:
if 'project' in user and user['project'] not in projects:
projects.append(user['project'])
add_projects(ks_client, projects)
add_users(ks_client, users)
add_user_roles(ks_client, users)
do_resolve = os.environ.get('KUBERNETES_RESOLVE_PUBLIC_ENDPOINTS', False)
for e in data['endpoints']:
for interface in e['interfaces']:
if isinstance(interface, (str, unicode)):
interface_name = interface
url = e['url']
else:
interface_name = interface['name']
url = interface['url']
if do_resolve \
and 'resolve' in interface \
and interface['resolve']:
url = resolve_k8s_service_by_url(url)
add_service_endpoint(ks_client,
e['name'],
e['description'],
e['type'],
url,
e['region'],
interface=interface_name)
return 0
filter(lambda e: e.name.startswith(prefix),
murano.environments.list()))
if not envs:
return None
return envs[0]
auth_url = sys.argv[1]
username = sys.argv[2]
tenant = sys.argv[3]
password = sys.argv[4]
keystone = keystoneclient.Client(username=username,
tenant_name=tenant,
password=password,
auth_url=auth_url)
murano_url = keystone.service_catalog.url_for(
service_type='application_catalog')
murano = muranoclient.Client(murano_url,
auth_url=auth_url,
tenant=keystone.project_id,
token=keystone.auth_token)
env = get_env_by_prefix(murano, "CF-LBaaS-")
if not env:
print("Env already deleted.")
exit(0)
def keystone_api(self):
"""Kết nối tới keystone"""
return keystone_client.Client(session=self.sess)
import datetime
import conf
USERNAME = '******'
PASSWORD = '******'
PROJECT_NAME = 'admin'
KEYSTONE_URL = 'http://172.31.25.80:5000/v3'
USER_DOMAIN_NAME = 'Default'
PROJECT_DOMAIN_NAME = 'Default'
ITERATIONS = 300
ks = client.Client(username=conf.USERNAME,
password=conf.PASSWORD,
project_name=conf.PROJECT_NAME,
project_domain_name=conf.PROJECT_DOMAIN_NAME,
user_domain_name=conf.USER_DOMAIN_NAME,
auth_url=conf.KEYSTONE_URL)
def get_response_times(method, *args):
resp_times = []
for i in range(ITERATIONS + 100):
# Let us warm up a little
if i < 100:
method(*args)
continue
start = datetime.datetime.utcnow()
method(*args)
def disableTrialProject(project_name):
keyStone = client.Client(username=credentials.open_stack_username,
password=credentials.open_stack_pw,
auth_url=credentials.open_stack_url)
project_instance = getProject(project_name)
keyStone.projects.update(project_instance.id, enabled=False)
def get_keystone_client(**kwargs):
return keystoneclient.Client(**kwargs)
def keystone(self):
return keystone_client.Client(session=self.session.keystone_session, interface='public')
def __init__(self, app, conf):
"""Common initialization code."""
self._app = app
self._logger = get_logger(conf,
log_route=conf.get('log_name', 's3token'))
self._logger.debug('Starting the %s component', PROTOCOL_NAME)
self._timeout = float(conf.get('http_timeout', '10.0'))
if not (0 < self._timeout <= 60):
raise ValueError('http_timeout must be between 0 and 60 seconds')
self._reseller_prefix = conf.get('reseller_prefix', 'AUTH_')
self._delay_auth_decision = config_true_value(
conf.get('delay_auth_decision'))
# where to find the auth service (we use this to validate tokens)
self._request_uri = conf.get('auth_uri')
if not self._request_uri:
self._logger.warning(
"Use of the auth_host, auth_port, and auth_protocol "
"configuration options was deprecated in the Newton release "
"in favor of auth_uri. These options may be removed in a "
"future release.")
auth_host = conf.get('auth_host')
if not auth_host:
raise ConfigFileError('Either auth_uri or auth_host required')
elif is_valid_ipv6(auth_host):
# Note(timburke) it is an IPv6 address, so it needs to be
# wrapped with '[]' to generate a valid IPv6 URL, based on
# http://www.ietf.org/rfc/rfc2732.txt
auth_host = '[%s]' % auth_host
auth_port = int(conf.get('auth_port', 35357))
auth_protocol = conf.get('auth_protocol', 'https')
self._request_uri = '%s://%s:%s' % (auth_protocol, auth_host,
auth_port)
self._request_uri = self._request_uri.rstrip('/')
parsed = urllib.parse.urlsplit(self._request_uri)
if not parsed.scheme or not parsed.hostname:
raise ConfigFileError(
'Invalid auth_uri; must include scheme and host')
if parsed.scheme not in ('http', 'https'):
raise ConfigFileError(
'Invalid auth_uri; scheme must be http or https')
if parsed.query or parsed.fragment or '@' in parsed.netloc:
raise ConfigFileError('Invalid auth_uri; must not include '
'username, query, or fragment')
self._request_uri += '/v%s/s3tokens' % conf.get('auth_version', '2.0')
self._max_attempts = 1 + int(conf.get('max_retries', 1))
# SSL
insecure = config_true_value(conf.get('insecure'))
cert_file = conf.get('certfile')
key_file = conf.get('keyfile')
if insecure:
self._verify = False
elif cert_file and key_file:
self._verify = (cert_file, key_file)
elif cert_file:
self._verify = cert_file
else:
self._verify = None
self.session = requests.Session()
self._secret_cache_duration = int(conf.get('secret_cache_duration', 0))
if self._secret_cache_duration > 0:
try:
auth_plugin = keystone_loading.get_plugin_loader(
conf.get('auth_type'))
available_auth_options = auth_plugin.get_options()
auth_options = {}
for option in available_auth_options:
name = option.name.replace('-', '_')
value = conf.get(name)
if value:
auth_options[name] = value
auth = auth_plugin.load_from_options(**auth_options)
session = keystone_session.Session(auth=auth)
self.keystoneclient = keystone_client.Client(session=session)
self._logger.info("Caching s3tokens for %s seconds",
self._secret_cache_duration)
except Exception:
self._logger.warning(
"Unable to load keystone auth_plugin. "
"Secret caching will be unavailable.",
exc_info=True)
self.keystoneclient = None
self._secret_cache_duration = 0
def run_tests(self):
exit_code = 0
provided_pkg_name = self.args.package
load_packages_from = self.args.load_packages_from
tests_to_run = self.args.tests
ks_opts = self._validate_keystone_opts(self.args)
client = ks_client.Client(**ks_opts)
test_session = execution_session.ExecutionSession()
test_session.token = client.auth_token
test_session.project_id = client.project_id
# Replace location of loading packages with provided from command line.
if load_packages_from:
cfg.CONF.engine.load_packages_from = load_packages_from
with package_loader.CombinedPackageLoader(test_session) as pkg_loader:
engine.get_plugin_loader().register_in_loader(pkg_loader)
package = self._load_package(pkg_loader, provided_pkg_name)
class_to_methods = self._get_test_cases_by_classes(package)
run_set = self._get_methods_to_run(package,
tests_to_run,
class_to_methods)
max_length = 0
num_tests = 0
for pkg_class, test_cases in six.iteritems(run_set):
for m in test_cases:
max_length = max(max_length, len(pkg_class)+len(m)+1)
num_tests += len(test_cases)
max_length += 3
if run_set:
LOG.debug('Starting test execution.')
self.message('About to execute {0} tests(s)'.format(num_tests))
else:
msg = _('No tests found for execution.')
LOG.error(msg)
self.error(msg)
run_count = 0
error_count = 0
started = timeutils.utcnow()
for pkg_class, test_cases in six.iteritems(run_set):
for m in test_cases:
# Create new executor for each test case to provide
# pure test environment
dsl_executor = executor.MuranoDslExecutor(
pkg_loader,
mock_context_manager.MockContextManager(),
test_session)
obj = dsl_executor.object_store.load(
{}, None,
default_type=package.find_class(pkg_class, False))
test_name = "{0}.{1}".format(obj.type.name, m)
dots_number = max_length - len(test_name)
msg = "{0} {1} ".format(test_name, '.' * dots_number)
sys.stdout.write(msg)
sys.stdout.flush()
self._call_service_method('setUp', dsl_executor, obj)
obj.type.methods[m].usage = 'Action'
test_session.start()
try:
run_count += 1
dsl_executor.run(obj.type, m, obj, (), {})
self._call_service_method(
'tearDown', dsl_executor, obj)
msg = '{0}{1}{2}\n'.format(OK_COLOR, 'OK', END_COLOR)
LOG.debug('Test {0} successful'.format(test_name))
sys.stdout.write(msg)
sys.stdout.flush()
except Exception as e:
error_count += 1
msg = ''.join((
FAIL_COLOR, 'FAIL!', END_COLOR, '\n'))
sys.stdout.write(msg)
if isinstance(e, dsl_exception.MuranoPlException):
tb = e.format()
else:
tb = traceback.format_exc()
sys.stdout.write(''.join((
FAIL_COLOR,
tb,
END_COLOR,
'\n'
)))
sys.stdout.flush()
LOG.exception('Test {0} failed'.format(test_name))
exit_code = 1
finally:
test_session.finish()
completed = timeutils.utcnow()
self.message('Executed {0} tests in {1} seconds: '
'{2} passed, '
'{3} failed'.format(run_count,
timeutils.delta_seconds(
started, completed),
run_count-error_count,
error_count))
return exit_code
def __init__(self, auth):
"""
Constructor for creating a keystone object
"""
self.keystone = client.Client(session=auth.sess)
argparser = argparse.ArgumentParser(
description='Generate a lua script for public->private IP mappings')
argparser.add_argument('--config-file',
help='Path to config file',
default='/etc/labs-dns-alias.yaml',
type=argparse.FileType('r'))
argparser.add_argument(
'--check-changes-only',
help='Exit 0 if there are no changes and 1 otherwise. Do not write to file',
action='store_true')
args = argparser.parse_args()
config = yaml.safe_load(args.config_file)
session = new_session(config['observer_project_name'])
keystoneClient = keystone_client.Client(session=session,
interface='public',
connect_retries=5)
region_recs = keystoneClient.regions.list()
regions = [region.id for region in region_recs]
projects = []
for tenant in keystoneClient.projects.list():
projects.append(tenant.name)
aliases = {}
for project in projects:
# There's nothing useful in 'admin,' and
# the novaobserver isn't a member.
if project == 'admin':
continue
def _initialize_tests(self):
"""Perform final initialization before tests get run."""
# Access the sentries for inspecting service units
self.pxc_sentry = self.d.sentry['percona-cluster'][0]
self.keystone_sentry = self.d.sentry['keystone'][0]
self.rabbitmq_sentry = self.d.sentry['rabbitmq-server'][0]
self.nova_compute_sentry = self.d.sentry['nova-compute'][0]
self.nova_cc_sentry = self.d.sentry['nova-cloud-controller'][0]
self.glance_sentry = self.d.sentry['glance'][0]
u.log.debug('openstack release val: {}'.format(
self._get_openstack_release()))
u.log.debug('openstack release str: {}'.format(
self._get_openstack_release_string()))
# Authenticate admin with keystone
self.keystone_session, self.keystone = u.get_default_keystone_session(
self.keystone_sentry,
openstack_release=self._get_openstack_release())
force_v1_client = False
if self._get_openstack_release() == self.trusty_icehouse:
# Updating image properties (such as arch or hypervisor) using the
# v2 api in icehouse results in:
# https://bugs.launchpad.net/python-glanceclient/+bug/1371559
u.log.debug('Forcing glance to use v1 api')
force_v1_client = True
# Authenticate admin with glance endpoint
self.glance = u.authenticate_glance_admin(
self.keystone, force_v1_client=force_v1_client)
# Authenticate admin with nova endpoint
self.nova = nova_client.Client(2, session=self.keystone_session)
keystone_ip = self.keystone_sentry.info['public-address']
# Create a demo tenant/role/user
self.demo_tenant = 'demoTenant'
self.demo_role = 'demoRole'
self.demo_user = '******'
self.demo_project = 'demoProject'
self.demo_domain = 'demoDomain'
if self._get_openstack_release() >= self.xenial_queens:
self.create_users_v3()
self.demo_user_session, auth = u.get_keystone_session(
keystone_ip,
self.demo_user,
'password',
api_version=3,
user_domain_name=self.demo_domain,
project_domain_name=self.demo_domain,
project_name=self.demo_project)
self.keystone_demo = keystone_client_v3.Client(
session=self.demo_user_session)
self.nova_demo = nova_client.Client(2,
session=self.demo_user_session)
else:
self.create_users_v2()
# Authenticate demo user with keystone
self.keystone_demo = \
u.authenticate_keystone_user(
self.keystone, user=self.demo_user,
password='******',
tenant=self.demo_tenant)
# Authenticate demo user with nova-api
self.nova_demo = u.authenticate_nova_user(self.keystone,
user=self.demo_user,
password='******',
tenant=self.demo_tenant)
def get_client(conf):
"""Return a client for keystone v3 endpoint."""
sess = get_session(conf)
return ks_client_v3.Client(session=sess)
def client_create_wrapper():
client.Client(user_domain_name=self.TEST_DOMAIN_NAME,
username=self.TEST_USER,
password="******",
project_id=self.TEST_TENANT_ID,
auth_url=self.TEST_URL)
# logging.basicConfig(level=logging.DEBUG)
logging.basicConfig(level=logging.INFO)
LOG = logging.getLogger(__name__)
if os.environ.get('http_proxy') or os.environ.get('https_proxy'):
LOG.WARN("Proxy env vars set")
# TODO howto pass internalURL
auth = v3.Password(auth_url=os.environ['OS_AUTH_URL'],
username=os.environ['OS_USERNAME'],
password=os.environ['OS_PASSWORD'],
project_name=os.environ['OS_PROJECT_NAME'],
user_domain_name=os.environ['OS_USER_DOMAIN_NAME'],
project_domain_name=os.environ['OS_PROJECT_DOMAIN_NAME'])
# sess = session.Session(auth=auth, verify='/path/to/ca.cert')
sess = session.Session(auth=auth, verify=False)
novac = novaclient.client.Client(2, session=sess)
print(novac.servers.list())
print(novac.flavors.find(ram=512))
keystonecl = client.Client(session=sess)
pprint(keystonecl.users.list())
#import neutronclient.neutron.client
#neutc = neutronclient.neutron.client.Client('2.0', session=sess)
#neutc.list_networks()
def __init__(self,
instance_id,
common_config,
source_config,
dest_config):
self.dnsdomain = common_config['dnsdomain']
self.instance_id = instance_id
self.source_config = source_config
self.dest_config = dest_config
self.common_config = common_config
source_auth = generic.Password(
auth_url=self.common_config['keystone_url'],
username=self.common_config['user'],
password=self.common_config['password'],
user_domain_name='Default',
project_domain_name='Default',
project_name='admin')
source_session = keystone_session.Session(auth=source_auth)
self.source_novaclient = novaclient.Client('2', session=source_session,
region_name=source_config['region'])
self.refresh_instance()
self.project_id = self.source_instance.tenant_id
self.user_id = self.source_instance.user_id
project_auth = generic.Password(
auth_url=self.common_config['keystone_url'],
username=self.common_config['user'],
password=self.common_config['password'],
user_domain_name='Default',
project_domain_name='Default',
project_name=self.project_id)
project_session = keystone_session.Session(auth=project_auth)
self.designateclient = designateclient.Client(session=project_session,
region_name=source_config['region'])
self.novaclient_projectscope = novaclient.Client('2', session=project_session,
region_name=dest_config['region'])
wmflabs_auth = generic.Password(
auth_url=self.common_config['keystone_url'],
username=self.common_config['user'],
password=self.common_config['password'],
user_domain_name='Default',
project_domain_name='Default',
project_name='wmflabsdotorg')
wmflabs_session = keystone_session.Session(auth=wmflabs_auth)
self.wmflabsdesignateclient = designateclient.Client(session=wmflabs_session,
region_name=source_config['region'])
dest_auth = generic.Password(
auth_url=self.common_config['keystone_url'],
username=self.common_config['user'],
password=self.common_config['password'],
user_domain_name='Default',
project_domain_name='Default',
project_name='admin')
self.dest_session = keystone_session.Session(auth=dest_auth)
self.dest_novaclient = novaclient.Client(
'2', session=self.dest_session,
region_name=dest_config['region'])
self.dest_neutronclient = neutronclient.Client(
session=self.dest_session,
region_name=dest_config['region'])
self.dest_keystoneclient = keystoneclient.Client(
session=self.dest_session,
region_name=dest_config['region'])
self.proxy_endpoint = self.get_proxy_endpoint(
self.dest_keystoneclient, dest_config['region'])
def expiryInstances(self,datacenter,auth,instance):
self.datacenter = datacenter
self.auth = auth
self.instance = instance
current_dir = os.environ["HOME"]
if self.instance != 'list':
print '- Error: Invalid Command, Please try again.'
sys.exit()
for key, value in self.auth.iteritems():
if key == 'token':
token = value
if key == 'id':
userid = value
if key == 'username':
username = value
if key == 'project_name':
project_name = value
if key == 'region':
region = value
if key == 'project_domain_name':
project_domain_name = value
print('\n')
print '- LOADING : ........ ',
sys.stdout.flush()
try:
if region == 'SCL1':
novaauth = v3.Token(auth_url='http://expostack.tf-net.mydomain.com:35357/v3',token=token,project_name=project_name,project_domain_name=project_domain_name)
if region == 'LA1':
novaauth = v3.Token(auth_url='http://expostack-02.tf-net.mydomain.com:35357/v3',token=token,project_name=project_name,project_domain_name=project_domain_name)
novasession = session.Session(auth=novaauth)
keystone = client.Client(session=novasession)
nova = novaClient.Client('2', session=novasession)
except(exceptions.AuthorizationFailure):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error: Unable to authenticate or validate the existing authorization token for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
except(exceptions.Unauthorized):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error : Authentication failed due to invalid token for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
userDisplay = prettytable.PrettyTable(["INSTANCE ID", "INSTANCE NAME", "IP ADDRESS", "STATUS", "LEASE", "LEASE TYPE","CREATED ON"])
userDisplay.align["INSTANCE ID"] = "l"
userDisplay.align["INSTANCE NAME"] = "l"
userDisplay.align["IP ADDRESS"] = "l"
userDisplay.align["STATUS"] = "l"
userDisplay.align["LEASE"] = "l"
userDisplay.align["LEASE TYPE"] = "l"
userDisplay.align["CREATED ON"] = "l"
userDisplay.padding_width = 1
try:
servers = nova.servers.list(search_opts={'all_tenants': 1})
except(exceptions.NotFound):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error: Instance could not be found for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
except(exceptions.Unauthorized):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error : Authentication failed due to invalid token for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
except(e.Unauthorized):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error: Login into Region: ' + self.datacenter + ' to perform this Operation.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
except(e.from_response):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error: Login into Region: ' + self.datacenter + ' to perform this Operation.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
callLease = self.callExpiryTime(self.datacenter,username)
if callLease != False:
try:
for myNode in range(len(servers)):
s = servers[myNode]
if userid == s.user_id:
for key, value in s.addresses.iteritems():
for item in value:
for hay,stack in item.iteritems():
if hay == 'addr':
ip = stack
for item in callLease:
for key, value in item.items():
if key == 'hostname':
node = value
if key == 'ipaddress':
ipaddr = value
if key == 'leasedays':
lease = value
if key == 'requesttype':
request = value
if key == 'created_on':
create = value
if str(node.strip()) == str(s.name.strip()):
server = str(node.strip())
ipadd = str(ip)
userDisplay.add_row([s.id,server,ipadd,s.status,str(lease),str(request),str(create)])
self.progress()
print ' [DONE]'
print('\n')
print(userDisplay)
except(IOError,IndexError,KeyError,NameError,OSError,RuntimeError,SyntaxError,IndentationError,TypeError,UnboundLocalError,ValueError):
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error : Unknown Error Occured while fetching Lease for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
else:
prompt = '- Info : Lease Information fetch successful for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 0
else:
self.progress()
print ' [DONE]'
print('\n')
prompt = '- Error : Unknown Error Occured while fetching Lease for ' + username + ' at ' + time.strftime("%d/%m/%Y") + ' ' + time.strftime("%I:%M:%S") + '.'
self.log(self.datacenter,username,prompt)
print(prompt)
return 1
def _initialize_tests(self):
"""Perform final initialization before tests get run."""
# Access the sentries for inspecting service units
self.pxc_sentry = self.d.sentry['percona-cluster'][0]
self.keystone_sentry = self.d.sentry['keystone'][0]
self.rabbitmq_sentry = self.d.sentry['rabbitmq-server'][0]
self.nova_sentry = self.d.sentry['nova-compute'][0]
self.glance_sentry = self.d.sentry['glance'][0]
self.cinder_sentry = self.d.sentry['cinder'][0]
self.cinder_ceph_sentry = self.d.sentry['cinder-ceph'][0]
self.ceph_osd_sentry = self.d.sentry['ceph-osd'][0]
self.ceph0_sentry = self.d.sentry['ceph-mon'][0]
self.ceph1_sentry = self.d.sentry['ceph-mon'][1]
self.ceph2_sentry = self.d.sentry['ceph-mon'][2]
u.log.debug('openstack release val: {}'.format(
self._get_openstack_release()))
u.log.debug('openstack release str: {}'.format(
self._get_openstack_release_string()))
# Authenticate admin with keystone
self.keystone_session, self.keystone = u.get_default_keystone_session(
self.keystone_sentry,
openstack_release=self._get_openstack_release())
# Authenticate admin with cinder endpoint
self.cinder = u.authenticate_cinder_admin(self.keystone)
# Authenticate admin with glance endpoint
self.glance = u.authenticate_glance_admin(self.keystone)
# Authenticate admin with nova endpoint
self.nova = nova_client.Client(2, session=self.keystone_session)
keystone_ip = self.keystone_sentry.info['public-address']
# Create a demo tenant/role/user
self.demo_tenant = 'demoTenant'
self.demo_role = 'demoRole'
self.demo_user = '******'
self.demo_project = 'demoProject'
self.demo_domain = 'demoDomain'
if self._get_openstack_release() >= self.xenial_queens:
self.create_users_v3()
self.demo_user_session, auth = u.get_keystone_session(
keystone_ip,
self.demo_user,
'password',
api_version=3,
user_domain_name=self.demo_domain,
project_domain_name=self.demo_domain,
project_name=self.demo_project)
self.keystone_demo = keystone_client_v3.Client(
session=self.demo_user_session)
self.nova_demo = nova_client.Client(2,
session=self.demo_user_session)
else:
self.create_users_v2()
# Authenticate demo user with keystone
self.keystone_demo = \
u.authenticate_keystone_user(
self.keystone, user=self.demo_user,
password='******',
tenant=self.demo_tenant)
# Authenticate demo user with nova-api
self.nova_demo = u.authenticate_nova_user(self.keystone,
user=self.demo_user,
password='******',
tenant=self.demo_tenant)
def domain_admin_client(self):
if not self._domain_admin_client:
self._domain_admin_client = kc_v3.Client(
session=self.domain_admin_session)
return self._domain_admin_client
def create_keystone_client(token=None, project_id=None, conf=None):
return ks_client.Client(session=get_token_client_session(
token=token, project_id=project_id, conf=conf))
