def _get_keystone_auth_provider(username=None,
password=None,
project_name=None,
user_domain_name=None,
project_domain_name=None):
keystone_v3 = CONF.identity.auth_version is '3'
if keystone_v3:
creds = auth.KeystoneV3Credentials(
username=username or CONF.identity.username,
password=password or CONF.identity.password,
project_name=project_name or CONF.identity.project_name,
user_domain_name=(user_domain_name
or CONF.identity.user_domain_name),
project_domain_name=(project_domain_name
or CONF.identity.project_domain_name))
auth_provider = auth.KeystoneV3AuthProvider(creds, CONF.identity.uri)
else:
creds = auth.KeystoneV2Credentials(
username=username or CONF.identity.username,
password=password or CONF.identity.password,
tenant_name=project_name or CONF.identity.project_name,
)
auth_provider = auth.KeystoneV2AuthProvider(creds, CONF.identity.uri)
auth_provider.fill_credentials()
return auth_provider
def get_auth_provider(self, **credentials):
"""Validates credentials and returns auth provider
Auth provider will contain required security context to pass to magnum
:param credentials: credentials dict to validate against
:returns: auth provider object
"""
auth_version = config.Config.auth_version
creds = self._get_auth_credentials(auth_version, **credentials)
if auth_version == 'v3':
auth_provider = auth.KeystoneV3AuthProvider(
creds, config.Config.auth_url)
elif auth_version == 'v2':
auth_provider = auth.KeystoneV2AuthProvider(
creds, config.Config.auth_url)
else:
raise exceptions.InvalidCredentials('Specify identity version')
auth_provider.fill_credentials()
return auth_provider
def __init__(self, user, pw, tenant):
default_params = {
'disable_ssl_certificate_validation':
CONF.identity.disable_ssl_certificate_validation,
'ca_certs': CONF.identity.ca_certificates_file,
'trace_requests': CONF.debug.trace_requests
}
default_params_with_timeout_values = {
'build_interval': CONF.compute.build_interval,
'build_timeout': CONF.compute.build_timeout
}
default_params_with_timeout_values.update(default_params)
compute_params = {
'service': CONF.compute.catalog_type,
'region': CONF.compute.region or CONF.identity.region,
'endpoint_type': CONF.compute.endpoint_type,
'build_interval': CONF.compute.build_interval,
'build_timeout': CONF.compute.build_timeout
}
compute_params.update(default_params)
object_storage_params = {
'service': CONF.object_storage.catalog_type,
'region': CONF.object_storage.region or CONF.identity.region,
'endpoint_type': CONF.object_storage.endpoint_type
}
object_storage_params.update(default_params)
_creds = auth.KeystoneV2Credentials(username=user,
password=pw,
tenant_name=tenant)
auth_provider_params = {
'disable_ssl_certificate_validation':
CONF.identity.disable_ssl_certificate_validation,
'ca_certs': CONF.identity.ca_certificates_file,
'trace_requests': CONF.debug.trace_requests
}
_auth = auth.KeystoneV2AuthProvider(_creds, CONF.identity.uri,
**auth_provider_params)
self.identity = identity_client.IdentityClientJSON(
_auth,
CONF.identity.catalog_type,
CONF.identity.region,
endpoint_type='adminURL',
**default_params_with_timeout_values)
self.servers = servers_client.ServersClientJSON(
_auth, **compute_params)
self.flavors = flavors_client.FlavorsClientJSON(
_auth, **compute_params)
self.floating_ips = floating_ips_client.FloatingIPsClientJSON(
_auth, **compute_params)
self.secgroups = security_groups_client.SecurityGroupsClientJSON(
_auth, **compute_params)
self.objects = object_client.ObjectClient(_auth,
**object_storage_params)
self.containers = container_client.ContainerClient(
_auth, **object_storage_params)
self.images = image_client.ImageClientV2JSON(
_auth,
CONF.image.catalog_type,
CONF.image.region or CONF.identity.region,
endpoint_type=CONF.image.endpoint_type,
build_interval=CONF.image.build_interval,
build_timeout=CONF.image.build_timeout,
**default_params)
self.telemetry = telemetry_client.TelemetryClientJSON(
_auth,
CONF.telemetry.catalog_type,
CONF.identity.region,
endpoint_type=CONF.telemetry.endpoint_type,
**default_params_with_timeout_values)
self.volumes = volumes_client.VolumesClientJSON(
_auth,
CONF.volume.catalog_type,
CONF.volume.region or CONF.identity.region,
endpoint_type=CONF.volume.endpoint_type,
build_interval=CONF.volume.build_interval,
build_timeout=CONF.volume.build_timeout,
**default_params)
self.networks = network_client.NetworkClientJSON(
_auth,
CONF.network.catalog_type,
CONF.network.region or CONF.identity.region,
endpoint_type=CONF.network.endpoint_type,
build_interval=CONF.network.build_interval,
build_timeout=CONF.network.build_timeout,
**default_params)
