def delete(self, project_id):
context = pecan.request.context
policy.enforce(context,
'quota:delete',
target={'project_id': project_id},
action='quota:delete')
QUOTAS.destroy_all_by_project(context, project_id)
def _do_get_all(self, legacy_api_version=False, **kwargs):
context = pecan.request.context
policy.enforce(context, "capsule:get_all",
action="capsule:get_all")
if utils.is_all_projects(kwargs):
context.all_projects = True
limit = api_utils.validate_limit(kwargs.get('limit'))
sort_dir = api_utils.validate_sort_dir(kwargs.get('sort_dir', 'asc'))
sort_key = kwargs.get('sort_key', 'id')
resource_url = kwargs.get('resource_url')
expand = kwargs.get('expand')
filters = None
marker_obj = None
marker = kwargs.get('marker')
if marker:
marker_obj = objects.Capsule.get_by_uuid(context,
marker)
capsules = objects.Capsule.list(context,
limit,
marker_obj,
sort_key,
sort_dir,
filters=filters)
return CapsuleCollection.convert_with_links(
capsules, limit, url=resource_url, expand=expand,
sort_key=sort_key, sort_dir=sort_dir,
legacy_api_version=legacy_api_version)
def delete(self, image_id, **kwargs):
context = pecan.request.context
policy.enforce(context, "image:delete", action="image:delete")
host = _get_host(kwargs.pop('host'))
image = utils.get_image(image_id)
return pecan.request.compute_api.image_delete(context, image,
host.hostname)
def post(self, run=False, **container_dict):
"""Create a new container.
:param run: if true, starts the container
:param container_dict: a container within the request body.
"""
LOG.debug('carrier post xxx run=%s, container_dict=%s', run, container_dict)
context = pecan.request.context
compute_api = pecan.request.compute_api
#LOG.debug('container py post xxx context=%s,compute_api=%s' % (context.to_dict(),dir(compute_api)))
policy.enforce(context, "carrier:create",
action="carrier:create")
requested_networks = {}
extra_spec = container_dict.get('hints', None)
new_carrier = objects.Carrier(context, **container_dict)
new_carrier.create(context)
compute_api.carrier_create(context, new_carrier, extra_spec,
requested_networks)
# Set the HTTP Location Header
pecan.response.location = link.build_url('carriers',
new_carrier.uuid)
pecan.response.status = 202
LOG.debug('carrier post xxx pecan.response.status=%s', pecan.response.status)
return view.format_container(pecan.request.host_url, new_carrier)
def _get_containers_collection(self, **kwargs):
context = pecan.request.context
LOG.debug('xxx _get_containers_collection started')
if is_all_tenants(kwargs):
LOG.debug('xxx _get_containers_collection true kwargs=%s', kwargs)
policy.enforce(context, "carrier:get_all_all_tenants",
action="carrier:get_all_all_tenants")
context.all_tenants = True
compute_api = pecan.request.compute_api
limit = api_utils.validate_limit(kwargs.get('limit'))
sort_dir = api_utils.validate_sort_dir(kwargs.get('sort_dir', 'asc'))
sort_key = kwargs.get('sort_key', 'id')
resource_url = kwargs.get('resource_url')
expand = kwargs.get('expand')
filters = None
marker_obj = None
marker = kwargs.get('marker')
if marker:
marker_obj = objects.Container.get_by_uuid(context,
marker)
containers = objects.Carrier.list(context,
limit,
marker_obj,
sort_key,
sort_dir,
filters=filters)
xx=ContainerCollection.convert_with_links(containers, limit,
url=resource_url,
expand=expand,
sort_key=sort_key,
sort_dir=sort_dir)
#LOG.debug('container post xxx containers=%s, xx=%s', containers, xx.__dict__)
return xx
def _do_get_all(self, legacy_api_version=False, **kwargs):
context = pecan.request.context
policy.enforce(context, "capsule:get_all",
action="capsule:get_all")
if utils.is_all_projects(kwargs):
context.all_projects = True
limit = api_utils.validate_limit(kwargs.get('limit'))
sort_dir = api_utils.validate_sort_dir(kwargs.get('sort_dir', 'asc'))
sort_key = kwargs.get('sort_key', 'id')
resource_url = kwargs.get('resource_url')
expand = kwargs.get('expand')
filters = None
marker_obj = None
marker = kwargs.get('marker')
if marker:
marker_obj = objects.Capsule.get_by_uuid(context,
marker)
capsules = objects.Capsule.list(context,
limit,
marker_obj,
sort_key,
sort_dir,
filters=filters)
return CapsuleCollection.convert_with_links(
capsules, limit, url=resource_url, expand=expand,
sort_key=sort_key, sort_dir=sort_dir,
legacy_api_version=legacy_api_version)
def delete(self, container_id, force=False, **kwargs):
"""Delete a container.
:param container_ident: UUID or Name of a container.
"""
LOG.debug('v 1.7 Carrier delete xxx container_id=%s, kwargs=%s', container_id, kwargs)
context = pecan.request.context
if is_all_tenants(kwargs):
policy.enforce(context, "carrier:delete_all_tenants",
action="carrier:delete_all_tenants")
context.all_tenants = True
container = _get_container(container_id)
check_policy_on_container(container.as_dict(), "carrier:delete")
try:
force = strutils.bool_from_string(force, strict=True)
except ValueError:
msg = _('Valid force values are true, false, 0, 1, yes and no')
raise exception.InvalidValue(msg)
if not force:
utils.validate_container_state(container, 'delete')
else:
utils.validate_container_state(container, 'delete_force')
policy.enforce(context, "carrier:delete_force",
action="carrier:delete_force")
compute_api = pecan.request.compute_api
compute_api.carrier_delete(context, container, force)
pecan.response.status = 204
def defaults(self):
context = pecan.request.context
policy.enforce(context,
'quota:get_default',
action='quota:get_default')
values = QUOTAS.get_defaults(context)
return values
def _get_containers_collection(self, **kwargs):
context = pecan.request.context
if utils.is_all_projects(kwargs):
policy.enforce(context,
"container:get_all_all_projects",
action="container:get_all_all_projects")
context.all_projects = True
limit = api_utils.validate_limit(kwargs.get('limit'))
sort_dir = api_utils.validate_sort_dir(kwargs.get('sort_dir', 'asc'))
sort_key = kwargs.get('sort_key', 'id')
resource_url = kwargs.get('resource_url')
expand = kwargs.get('expand')
filters = None
marker_obj = None
marker = kwargs.get('marker')
if marker:
marker_obj = objects.Container.get_by_uuid(context, marker)
containers = objects.Container.list(context,
limit,
marker_obj,
sort_key,
sort_dir,
filters=filters)
if not context.is_admin:
for container in containers:
del container.host
return ContainerCollection.convert_with_links(containers,
limit,
url=resource_url,
expand=expand,
sort_key=sort_key,
sort_dir=sort_dir)
def get_one(self, container_ident, request_ident, **kwargs):
"""Retrieve information about the action."""
context = pecan.request.context
policy.enforce(context, "container:actions",
action="container:actions")
container = utils.get_container(container_ident)
action = objects.ContainerAction.get_by_request_id(
context, container.uuid, request_ident)
if action is None:
raise exception.ResourceNotFound(name="Action", id=request_ident)
action_id = action.id
if CONF.database.backend == 'etcd':
# etcd using action.uuid get the unique action instead of action.id
action_id = action.uuid
action = self._format_action(action)
show_traceback = False
if policy.enforce(context, "container:action:events",
do_raise=False, action="container:action:events"):
show_traceback = True
events_raw = objects.ContainerActionEvent.get_by_action(context,
action_id)
action['events'] = [self._format_event(evt, show_traceback)
for evt in events_raw]
return action
def search(self, image, image_driver=None, exact_match=False):
"""Search a specific image
:param image: Name of the image.
:param image_driver: Name of the image driver (glance, docker).
:param exact_match: if True, exact match the image name.
"""
context = pecan.request.context
policy.enforce(context, "image:search",
action="image:search")
LOG.debug('Calling compute.image_search with %s', image)
try:
exact_match = strutils.bool_from_string(exact_match, strict=True)
except ValueError:
bools = ', '.join(strutils.TRUE_STRINGS + strutils.FALSE_STRINGS)
raise exception.InvalidValue(_('Valid exact_match values are: %s')
% bools)
# Valiadtion accepts 'None' so need to convert it to None
image_driver = api_utils.string_or_none(image_driver)
if not image_driver:
image_driver = CONF.default_image_driver
return pecan.request.compute_api.image_search(context, image,
image_driver,
exact_match)
def delete(self, container_ident, force=False, **kwargs):
"""Delete a container.
:param container_ident: UUID or Name of a container.
:param force: If True, allow to force delete the container.
"""
context = pecan.request.context
if utils.is_all_tenants(kwargs):
policy.enforce(context,
"container:delete_all_tenants",
action="container:delete_all_tenants")
context.all_tenants = True
container = utils.get_container(container_ident)
check_policy_on_container(container.as_dict(), "container:delete")
try:
force = strutils.bool_from_string(force, strict=True)
except ValueError:
msg = _('Valid force values are true, false, 0, 1, yes and no')
raise exception.InvalidValue(msg)
stop = kwargs.pop('stop', False)
try:
stop = strutils.bool_from_string(stop, strict=True)
except ValueError:
msg = _('Valid stop values are true, false, 0, 1, yes and no')
raise exception.InvalidValue(msg)
compute_api = pecan.request.compute_api
if not force and not stop:
utils.validate_container_state(container, 'delete')
elif force and not stop:
req_version = pecan.request.version
min_version = versions.Version('', '', '', '1.7')
if req_version >= min_version:
policy.enforce(context,
"container:delete_force",
action="container:delete_force")
utils.validate_container_state(container, 'delete_force')
else:
raise exception.InvalidParamInVersion(param='force',
req_version=req_version,
min_version=min_version)
elif stop:
req_version = pecan.request.version
min_version = versions.Version('', '', '', '1.12')
if req_version >= min_version:
check_policy_on_container(container.as_dict(),
"container:stop")
utils.validate_container_state(container, 'delete_after_stop')
if container.status == consts.RUNNING:
LOG.debug(
'Calling compute.container_stop with %s '
'before delete', container.uuid)
compute_api.container_stop(context, container, 10)
else:
raise exception.InvalidParamInVersion(param='stop',
req_version=req_version,
min_version=min_version)
container.status = consts.DELETING
compute_api.container_delete(context, container, force)
pecan.response.status = 204
def get_all(self, **kwargs):
"""Retrieve a list of registries.
"""
context = pecan.request.context
policy_action = policies.REGISTRY % 'get_all'
policy.enforce(context, policy_action, action=policy_action)
return self._get_registries_collection(**kwargs)
def get_all(self, **kwargs):
"""Retrieve a list of containers.
"""
LOG.debug('user get_all xxx kwargs=%s', kwargs)
context = pecan.request.context
policy.enforce(context, "user:get_all", action="user:get_all")
return self._get_containers_collection(**kwargs)
def defaults(self, project_id):
context = pecan.request.context
policy.enforce(context,
'quota:get_default',
target={'project_id': project_id},
action='quota:get_default')
values = QUOTAS.get_defaults(context)
return values
def get_all(self, **kwargs):
"""Retrieve a list of containers.
"""
context = pecan.request.context
policy.enforce(context, "container:get_all",
action="container:get_all")
return self._get_containers_collection(**kwargs)
def get_all(self, **kwargs):
"""Retrieve a list of registries.
"""
context = pecan.request.context
policy_action = policies.REGISTRY % 'get_all'
policy.enforce(context, policy_action, action=policy_action)
return self._get_registries_collection(**kwargs)
def get(self, project_id, **kwargs):
context = pecan.request.context
usages = kwargs.get('usages', False)
policy.enforce(context,
'quota:get',
target={'project_id': project_id},
action='quota:get')
return self._get_quotas(context, project_id, usages=usages)
def get_one(self, host_id):
"""Retrieve information about the given host.
:param host_ident: UUID or name of a host.
"""
context = pecan.request.context
policy.enforce(context, "host:get", action="host:get")
host = _get_host(host_id)
return view.format_host(pecan.request.host_url, host)
def get_one(self, host_ident):
"""Retrieve information about the given host.
:param host_ident: UUID or name of a host.
"""
context = pecan.request.context
policy.enforce(context, "host:get", action="host:get")
host = api_utils.get_resource('ComputeNode', host_ident)
return view.format_host(pecan.request.host_url, host)
def get_all(self, **kwargs):
"""Retrieve a list of availability zones"""
context = pecan.request.context
context.all_projects = True
policy.enforce(context, "availability_zones:get_all",
action="availability_zones:get_all")
return self._get_host_collection(**kwargs)
def get_one(self, host_ident):
"""Retrieve information about the given host.
:param host_ident: UUID or name of a host.
"""
context = pecan.request.context
policy.enforce(context, "host:get", action="host:get")
host = _get_host(host_ident)
return view.format_host(pecan.request.host_url, host)
def disable(self, **kwargs):
context = pecan.request.context
policy.enforce(context, "zun-service:disable",
action="zun-service:disable")
if 'disabled_reason' in kwargs:
reason = kwargs['disabled_reason']
else:
reason = None
return self._disable(context, kwargs, reason)
def disable(self, **kwargs):
context = pecan.request.context
policy.enforce(context, "zun-service:disable",
action="zun-service:disable")
if 'disabled_reason' in kwargs:
reason = kwargs['disabled_reason']
else:
reason = None
return self._disable(context, kwargs, reason)
def post(self, **network_dict):
"""Create a new network.
:param network_dict: a network within the request body.
"""
context = pecan.request.context
policy.enforce(context, "network:create", action="network:create")
new_network = pecan.request.compute_api.network_create(
context, network_dict['neutron_net_id'])
return view.format_network(pecan.request.host_url, new_network)
def post(self, **network_dict):
"""Create a new network.
:param network_dict: a network within the request body.
"""
context = pecan.request.context
policy.enforce(context, "network:create", action="network:create")
new_network = pecan.request.compute_api.network_create(
context, network_dict['neutron_net_id'])
return view.format_network(pecan.request.host_url, new_network)
def get_all(self, container_ident, **kwargs):
"""Retrieve a list of container actions."""
context = pecan.request.context
policy.enforce(context, "container:actions",
action="container:actions")
container = utils.get_container(container_ident)
actions_raw = objects.ContainerAction.get_by_container_uuid(
context, container.uuid)
actions = [self._format_action(action) for action in actions_raw]
return {"containerActions": actions}
def search(self, image, exact_match=False):
context = pecan.request.context
policy.enforce(context, "image:search", action="image:search")
LOG.debug('Calling compute.image_search with %s' % image)
try:
exact_match = strutils.bool_from_string(exact_match, strict=True)
except ValueError:
msg = _("Valid exact_match values are true,"
" false, 0, 1, yes and no")
raise exception.InvalidValue(msg)
return pecan.request.compute_api.image_search(context, image,
exact_match)
def delete(self, network_ident, **kwargs):
"""Delete a network.
:param network_ident: UUID of the network.
"""
context = pecan.request.context
policy.enforce(context, "network:delete", action="network:delete")
context.all_projects = True
network = _get_network(context, network_ident)
compute_api = pecan.request.compute_api
compute_api.network_delete(context, network)
pecan.response.status = 204
def delete(self, network_ident, **kwargs):
"""Delete a network.
:param network_ident: UUID of the network.
"""
context = pecan.request.context
policy.enforce(context, "network:delete", action="network:delete")
context.all_projects = True
network = _get_network(context, network_ident)
compute_api = pecan.request.compute_api
compute_api.network_delete(context, network)
pecan.response.status = 204
def post(self, **network_dict):
"""Create a new network.
:param network_dict: a network within the request body.
"""
context = pecan.request.context
policy.enforce(context, "network:create", action="network:create")
network_dict['project_id'] = context.project_id
network_dict['user_id'] = context.user_id
new_network = objects.Network(context, **network_dict)
new_network.create(context)
pecan.request.compute_api.network_create(context, new_network)
return view.format_network(pecan.request.host_url, new_network)
def delete(self, container_ident, force=False, **kwargs):
"""Delete a container.
:param container_ident: UUID or Name of a container.
:param force: If True, allow to force delete the container.
"""
context = pecan.request.context
if utils.is_all_projects(kwargs):
policy.enforce(context, "container:delete_all_projects",
action="container:delete_all_projects")
context.all_projects = True
container = utils.get_container(container_ident)
check_policy_on_container(container.as_dict(), "container:delete")
try:
force = strutils.bool_from_string(force, strict=True)
except ValueError:
bools = ', '.join(strutils.TRUE_STRINGS + strutils.FALSE_STRINGS)
raise exception.InvalidValue(_('Valid force values are: %s')
% bools)
stop = kwargs.pop('stop', False)
try:
stop = strutils.bool_from_string(stop, strict=True)
except ValueError:
bools = ', '.join(strutils.TRUE_STRINGS + strutils.FALSE_STRINGS)
raise exception.InvalidValue(_('Valid stop values are: %s')
% bools)
compute_api = pecan.request.compute_api
if not force and not stop:
utils.validate_container_state(container, 'delete')
elif force and not stop:
api_utils.version_check('force', '1.7')
policy.enforce(context, "container:delete_force",
action="container:delete_force")
utils.validate_container_state(container, 'delete_force')
elif stop:
api_utils.version_check('stop', '1.12')
check_policy_on_container(container.as_dict(),
"container:stop")
utils.validate_container_state(container,
'delete_after_stop')
if container.status == consts.RUNNING:
LOG.debug('Calling compute.container_stop with %s '
'before delete',
container.uuid)
compute_api.container_stop(context, container, 10)
container.status = consts.DELETING
if container.host:
compute_api.container_delete(context, container, force)
else:
container.destroy(context)
pecan.response.status = 204
def get_all(self, **kwargs):
"""Retrieve a list of zun-services.
"""
context = pecan.request.context
policy.enforce(context, "zun-service:get_all",
action="zun-service:get_all")
hsvcs = objects.ZunService.list(context,
limit=None,
marker=None,
sort_key='id',
sort_dir='asc')
return ZunServiceCollection.convert_db_rec_list_to_collection(
self.servicegroup_api, hsvcs)
def get_all(self, **kwargs):
"""Retrieve a list of zun-services.
"""
context = pecan.request.context
policy.enforce(context, "zun-service:get_all",
action="zun-service:get_all")
hsvcs = objects.ZunService.list(context,
limit=None,
marker=None,
sort_key='id',
sort_dir='asc')
return ZunServiceCollection.convert_db_rec_list_to_collection(
self.servicegroup_api, hsvcs)
def post(self, run=False, **registry_dict):
context = pecan.request.context
policy_action = policies.REGISTRY % 'create'
policy.enforce(context, policy_action, action=policy_action)
registry_dict = registry_dict.get(RESOURCE_NAME)
registry_dict['project_id'] = context.project_id
registry_dict['user_id'] = context.user_id
new_registry = objects.Registry(context, **registry_dict)
new_registry.create(context)
# Set the HTTP Location Header
pecan.response.location = link.build_url(COLLECTION_NAME,
new_registry.uuid)
pecan.response.status = 201
return RegistryItem.render_response(new_registry)
def post(self, run=False, **registry_dict):
context = pecan.request.context
policy_action = policies.REGISTRY % 'create'
policy.enforce(context, policy_action, action=policy_action)
registry_dict = registry_dict.get(RESOURCE_NAME)
registry_dict['project_id'] = context.project_id
registry_dict['user_id'] = context.user_id
new_registry = objects.Registry(context, **registry_dict)
new_registry.create(context)
# Set the HTTP Location Header
pecan.response.location = link.build_url(COLLECTION_NAME,
new_registry.uuid)
pecan.response.status = 201
return RegistryItem.render_response(new_registry)
def put(self, quota_class_name, **quota_classes_dict):
context = pecan.request.context
policy.enforce(context, 'quota_class:update',
action='quota_class:update')
for key, value in quota_classes_dict.items():
value = int(value)
quota_class = objects.QuotaClass(
context, class_name=quota_class_name,
resource=key, hard_limit=value)
try:
quota_class.update(context)
except exception.QuotaClassNotFound:
quota_class.create(context)
return self._get_quotas(context, quota_class_name)
def get_one(self, container_id, **kwargs):
"""Retrieve information about the given container.
:param container_ident: UUID or name of a container.
"""
context = pecan.request.context
if is_all_tenants(kwargs):
policy.enforce(context, "container:get_one_all_tenants",
action="container:get_one_all_tenants")
context.all_tenants = True
container = _get_container(container_id)
check_policy_on_container(container.as_dict(), "container:get_one")
compute_api = pecan.request.compute_api
container = compute_api.container_show(context, container)
return view.format_container(pecan.request.host_url, container)
def delete(self, host, binary):
"""Delete the specified service.
:param host: The host on which the binary is running.
:param binary: The name of the binary.
"""
context = pecan.request.context
policy.enforce(context,
"zun-service:delete",
action="zun-service:delete")
svc = objects.ZunService.get_by_host_and_binary(context, host, binary)
if svc is None:
raise exception.ZunServiceNotFound(binary=binary, host=host)
else:
svc.destroy(context)
def put(self, **quotas_dict):
context = pecan.request.context
policy.enforce(context, 'quota:update', action='quota:update')
project_id = context.project_id
for key, value in quotas_dict.items():
value = int(value)
quota = objects.Quota(context,
project_id=project_id,
resource=key,
hard_limit=value)
try:
quota.create(context)
except exception.QuotaAlreadyExists:
quota.update(context)
return self._get_quotas(context)
def put(self, quota_class_name, **quota_classes_dict):
context = pecan.request.context
policy.enforce(context,
'quota_class:update',
action='quota_class:update')
for key, value in quota_classes_dict.items():
value = int(value)
quota_class = objects.QuotaClass(context,
class_name=quota_class_name,
resource=key,
hard_limit=value)
try:
quota_class.update(context)
except exception.QuotaClassNotFound:
quota_class.create(context)
return self._get_quotas(context, quota_class_name)
def delete(self, host, binary):
"""Delete the specified service.
:param host: The host on which the binary is running.
:param binary: The name of the binary.
"""
context = pecan.request.context
policy.enforce(context, "zun-service:delete",
action="zun-service:delete")
svc = objects.ZunService.get_by_host_and_binary(
context, host, binary)
if svc is None:
raise exception.ZunServiceNotFound(
binary=binary, host=host)
else:
svc.destroy(context)
def delete(self, capsule_ident, **kwargs):
"""Delete a capsule.
:param capsule_ident: UUID or Name of a capsule.
"""
context = pecan.request.context
if utils.is_all_projects(kwargs):
policy.enforce(context, "capsule:delete_all_projects",
action="capsule:delete_all_projects")
context.all_projects = True
capsule = _get_capsule(capsule_ident)
check_policy_on_capsule(capsule.as_dict(), "capsule:delete")
compute_api = pecan.request.compute_api
capsule.task_state = consts.CONTAINER_DELETING
capsule.save(context)
compute_api.container_stop(context, capsule, 10)
compute_api.container_delete(context, capsule)
pecan.response.status = 204
def _get_registries_collection(self, **kwargs):
context = pecan.request.context
if utils.is_all_projects(kwargs):
policy_action = policies.REGISTRY % 'get_all_all_projects'
policy.enforce(context, policy_action, action=policy_action)
context.all_projects = True
kwargs.pop('all_projects', None)
limit = api_utils.validate_limit(kwargs.pop('limit', None))
sort_dir = api_utils.validate_sort_dir(kwargs.pop('sort_dir', 'asc'))
sort_key = kwargs.pop('sort_key', 'id')
resource_url = kwargs.pop('resource_url', None)
registry_allowed_filters = ['name', 'domain', 'username',
'project_id', 'user_id']
filters = {}
for filter_key in registry_allowed_filters:
if filter_key in kwargs:
policy_action = policies.REGISTRY % ('get_one:' + filter_key)
context.can(policy_action, might_not_exist=True)
filter_value = kwargs.pop(filter_key)
filters[filter_key] = filter_value
marker_obj = None
marker = kwargs.pop('marker', None)
if marker:
marker_obj = objects.Registry.get_by_uuid(context, marker)
if kwargs:
unknown_params = [str(k) for k in kwargs]
msg = _("Unknown parameters: %s") % ", ".join(unknown_params)
raise exception.InvalidValue(msg)
registries = objects.Registry.list(context,
limit,
marker_obj,
sort_key,
sort_dir,
filters=filters)
return RegistryCollection.convert_with_links(registries, limit,
url=resource_url,
sort_key=sort_key,
sort_dir=sort_dir)
def post(self, **image_dict):
"""Create a new image.
:param image_dict: an image within the request body.
"""
context = pecan.request.context
policy.enforce(context, "image:pull",
action="image:pull")
host = _get_host(image_dict.pop('host'))
image_dict['project_id'] = context.project_id
image_dict['user_id'] = context.user_id
repo_tag = image_dict.get('repo')
image_dict['host'] = host.hostname
image_dict['repo'], image_dict['tag'] = utils.parse_image_name(
repo_tag)
new_image = objects.Image(context, **image_dict)
new_image.pull(context)
pecan.request.compute_api.image_pull(context, new_image)
# Set the HTTP Location Header
pecan.response.location = link.build_url('images', new_image.uuid)
pecan.response.status = 202
return view.format_image(pecan.request.host_url, new_image)
def get(self, quota_class_name):
context = pecan.request.context
policy.enforce(context, 'quota_class:get',
action='quota_class:get')
return self._get_quotas(context, quota_class_name)
def check_policy_on_host(host, action):
context = pecan.request.context
policy.enforce(context, action, host, action=action)
def check_policy_on_availability_zones(availability_zone, action):
context = pecan.request.context
policy.enforce(context, action, availability_zone, action=action)
def get_all(self, **kwargs):
"""Retrieve a list of hosts"""
context = pecan.request.context
policy.enforce(context, "host:get_all",
action="host:get_all")
return self._get_host_collection(**kwargs)
def _do_post(self, legacy_api_version=False, **capsule_dict):
context = pecan.request.context
compute_api = pecan.request.compute_api
policy.enforce(context, "capsule:create",
action="capsule:create")
# Abstract the capsule specification
capsules_template = capsule_dict.get('template')
spec_content, template_json = \
check_capsule_template(capsules_template)
containers_spec, init_containers_spec = \
utils.capsule_get_container_spec(spec_content)
volumes_spec = utils.capsule_get_volume_spec(spec_content)
# Create the capsule Object
new_capsule = objects.Capsule(context, **capsule_dict)
new_capsule.project_id = context.project_id
new_capsule.user_id = context.user_id
new_capsule.status = consts.CREATING
new_capsule.create(context)
new_capsule.volumes = []
capsule_need_cpu = 0
capsule_need_memory = 0
container_volume_requests = []
if spec_content.get('restart_policy'):
capsule_restart_policy = spec_content.get('restart_policy')
else:
# NOTE(hongbin): this is deprecated but we need to maintain
# backward-compatibility. Will remove this branch in the future.
capsule_restart_policy = template_json.get('restart_policy',
'always')
container_restart_policy = {"MaximumRetryCount": "0",
"Name": capsule_restart_policy}
new_capsule.restart_policy = container_restart_policy
metadata_info = template_json.get('metadata', None)
requested_networks_info = template_json.get('nets', [])
requested_networks = \
utils.build_requested_networks(context, requested_networks_info)
if metadata_info:
new_capsule.name = metadata_info.get('name', None)
new_capsule.labels = metadata_info.get('labels', None)
# create the capsule in DB so that it generates a 'id'
new_capsule.save()
extra_spec = {}
az_info = template_json.get('availabilityZone')
if az_info:
extra_spec['availability_zone'] = az_info
new_capsule.image = CONF.sandbox_image
new_capsule.image_driver = CONF.sandbox_image_driver
merged_containers_spec = init_containers_spec + containers_spec
for container_spec in merged_containers_spec:
if container_spec.get('image_pull_policy'):
policy.enforce(context, "container:create:image_pull_policy",
action="container:create:image_pull_policy")
container_dict = container_spec
container_dict['project_id'] = context.project_id
container_dict['user_id'] = context.user_id
name = self._generate_name_for_capsule_container(new_capsule)
container_dict['name'] = name
if container_dict.get('args') and container_dict.get('command'):
container_dict['command'] = \
container_dict['command'] + container_dict['args']
container_dict.pop('args')
elif container_dict.get('args'):
container_dict['command'] = container_dict['args']
container_dict.pop('args')
# NOTE(kevinz): Don't support port remapping, will find a
# easy way to implement it.
# if container need to open some port, just open it in container,
# user can change the security group and getting access to port.
if container_dict.get('ports'):
container_dict.pop('ports')
if container_dict.get('resources'):
resources_list = container_dict.get('resources')
allocation = resources_list.get('requests')
if allocation.get('cpu'):
capsule_need_cpu += allocation.get('cpu')
container_dict['cpu'] = allocation.get('cpu')
if allocation.get('memory'):
capsule_need_memory += allocation.get('memory')
container_dict['memory'] = str(allocation['memory'])
container_dict.pop('resources')
container_dict['image_pull_policy'] = (
container_dict.get('image_pull_policy', 'always').lower())
container_dict['status'] = consts.CREATING
container_dict['interactive'] = True
container_dict['capsule_id'] = new_capsule.id
container_dict['restart_policy'] = container_restart_policy
if container_spec in init_containers_spec:
if capsule_restart_policy == "always":
container_restart_policy = {"MaximumRetryCount": "10",
"Name": "on-failure"}
container_dict['restart_policy'] = container_restart_policy
utils.check_for_restart_policy(container_dict)
new_container = objects.CapsuleInitContainer(context,
**container_dict)
else:
utils.check_for_restart_policy(container_dict)
new_container = objects.CapsuleContainer(context,
**container_dict)
new_container.create(context)
if container_dict.get('volumeMounts'):
for volume in container_dict['volumeMounts']:
volume['container_uuid'] = new_container.uuid
container_volume_requests.append(volume)
# Deal with the volume support
requested_volumes = \
self._build_requested_volumes(context,
volumes_spec,
container_volume_requests,
new_capsule)
new_capsule.cpu = capsule_need_cpu
new_capsule.memory = str(capsule_need_memory)
new_capsule.save(context)
kwargs = {}
kwargs['extra_spec'] = extra_spec
kwargs['requested_networks'] = requested_networks
kwargs['requested_volumes'] = requested_volumes
kwargs['run'] = True
compute_api.container_create(context, new_capsule, **kwargs)
# Set the HTTP Location Header
pecan.response.location = link.build_url('capsules',
new_capsule.uuid)
pecan.response.status = 202
return view.format_capsule(pecan.request.host_url, new_capsule,
context,
legacy_api_version=legacy_api_version)
def check_policy_on_capsule(capsule, action):
context = pecan.request.context
policy.enforce(context, action, capsule, action=action)
def check_policy_on_image(image, action):
context = pecan.request.context
policy.enforce(context, action, image, action=action)
def delete(self, image_id):
context = pecan.request.context
policy.enforce(context, "image:delete", action="image:delete")
image = utils.get_image(image_id)
return pecan.request.compute_api.image_delete(context, image)
def get_all(self, **kwargs):
"""Retrieve a list of images."""
context = pecan.request.context
policy.enforce(context, "image:get_all",
action="image:get_all")
return self._get_images_collection(**kwargs)
def enable(self, **kwargs):
context = pecan.request.context
policy.enforce(context, "zun-service:enable",
action="zun-service:enable")
return self._enable(context, kwargs)
def check_policy_on_registry(registry, action):
context = pecan.request.context
policy.enforce(context, action, registry, action=action)
def force_down(self, **kwargs):
context = pecan.request.context
policy.enforce(context, "zun-service:force_down",
action="zun-service:force_down")
return self._update_forced_down(context, kwargs)
