def _endpoints(self,
service_catalog=None,
service_type=None,
endpoint_type='publicURL',
config_section=None,
region=None):
if service_catalog is not None and len(service_catalog):
endpoints = self._endpoints_from_catalog(service_catalog,
service_type,
endpoint_type,
region=region)
elif config_section is not None:
endpoints = []
for u in cfg.CONF[config_section].endpoints:
e_region, e = u.split('|')
# Filter if region is given
if (e_region and region) and e_region != region:
continue
endpoints.append((e, e_region))
if not endpoints:
msg = 'Endpoints are not configured'
raise exceptions.ConfigurationError(msg)
else:
msg = 'No service_catalog and no configured endpoints'
raise exceptions.ConfigurationError(msg)
LOG.debug('Returning endpoints: %s', endpoints)
return endpoints
def _get_config(self, pool_id, target_id):
pool = pool_object.Pool.from_config(cfg.CONF, pool_id)
target = None
for t in pool.targets:
if t.id == target_id:
target = t
else:
msg = _("Failed to find target with ID %s")
raise exceptions.ConfigurationError(msg % target_id)
if target is None:
msg = _("Found multiple targets with ID %s")
raise exceptions.ConfigurationError(msg % target_id)
return pool, target
def _endpoints(self,
service_catalog=None,
service_type=None,
endpoint_type='publicURL',
config_section=None,
region=None):
configured_endpoints = self.get_configured_endpoints(config_section)
if configured_endpoints:
endpoints = self.endpoints_from_config(
configured_endpoints,
region=region,
)
elif service_catalog:
endpoints = self.endpoints_from_catalog(
service_catalog,
service_type,
endpoint_type,
region=region,
)
else:
raise exceptions.ConfigurationError(
'No service_catalog and no configured endpoints')
LOG.debug('Returning endpoints: %s', endpoints)
return endpoints
def deleteZones(self, zoneNames):
LOG.debug("Performing deleteZones with zoneNames: %r", zoneNames)
zoneNames = [self._sanitizeZoneName(zN) for zN in zoneNames]
try:
self.client.service.deleteZones(zoneNames=zoneNames)
except Exception as e:
# *READ THIS SECTION BEFORE MAKING ANY CHANGES*
# Added 01/2017 by Graham Hayes.
# If you have run a spell checking tool against the repo, and it
# changes the line below - the patch will get -2'd.
# This is matching a string that comes back from the akamai API.
# If the akamai API changes - then this should change, but no
# other reason.
if 'Could not retrive object ID for zone' in str(e):
# The zone has already been purged, ignore and move on
pass
elif 'The following zones are still delegated to Akamai' in str(e):
raise DelegationExists()
elif 'basic auth failed' in str(e):
raise exceptions.ConfigurationError(
'Invalid Akamai credentials')
else:
raise EnhancedDNSException('Akamai Communication Failure: %s'
% e)
def __init__(self, *args, **kwargs):
super(InfobloxBackend, self).__init__(*args, **kwargs)
self.infoblox = object_manipulator.InfobloxObjectManipulator(
connector.Infoblox(self.options))
for master in self.masters:
if master.port != 53:
raise exceptions.ConfigurationError(
"Infoblox only supports mDNS instances on port 53")
def _wsgi_application(self):
api_paste_config = cfg.CONF['service:api'].api_paste_config
config_paths = utils.find_config(api_paste_config)
if len(config_paths) == 0:
msg = 'Unable to determine appropriate api-paste-config file'
raise exceptions.ConfigurationError(msg)
LOG.info(_LI('Using api-paste-config found at: %s') % config_paths[0])
return deploy.loadapp("config:%s" % config_paths[0], name='osapi_dns')
def __init__(self, target):
super(AkamaiBackend, self).__init__(target)
self.username = self.options.get('username')
self.password = self.options.get('password')
self.client = EnhancedDNSClient(self.username, self.password)
for m in self.masters:
if m.port != 53:
raise exceptions.ConfigurationError(
"Akamai only supports mDNS instances on port 53")
def _parse_master(master):
try:
(ip_address, port) = utils.split_host_port(master)
except ValueError:
ip_address = str(master)
port = DEFAULT_MASTER_PORT
try:
port = int(port)
except ValueError:
raise exceptions.ConfigurationError(
'Invalid port "%s" in masters option.' % port)
if port < 0 or port > 65535:
raise exceptions.ConfigurationError(
'Port "%s" is not between 0 and 65535 in masters option.' %
port)
try:
socket.inet_pton(socket.AF_INET, ip_address)
except socket.error:
raise exceptions.ConfigurationError(
'Invalid IP address "%s" in masters option.' % ip_address)
return {'ip-address': ip_address, 'port': port}
def __init__(self, target):
super(DynECTBackend, self).__init__(target)
self.customer_name = self.options.get('customer_name')
self.username = self.options.get('username')
self.password = self.options.get('password')
self.contact_nickname = self.options.get('contact_nickname', None)
self.tsig_key_name = self.options.get('tsig_key_name', None)
for m in self.masters:
if m.port != 53:
raise exceptions.ConfigurationError(
"DynECT only supports mDNS instances on port 53")
def _init_extensions(self):
""" Loads and prepares all enabled extensions """
enabled_notification_handlers = \
cfg.CONF['service:sink'].enabled_notification_handlers
notification_handlers = notification_handler.get_notification_handlers(
enabled_notification_handlers)
if len(notification_handlers) == 0:
# No handlers enabled. Bail!
raise exceptions.ConfigurationError('No designate-sink handlers '
'enabled or loaded')
return notification_handlers
def setZone(self, zone):
LOG.debug("Performing setZone with zoneName: %s" % zone.zoneName)
try:
self.client.service.setZone(zone=zone)
except Exception as e:
if 'You do not have permission to view this zone' in str(e):
raise DuplicateZone()
elif 'You do not have access to edit this zone' in str(e):
raise Forbidden()
elif 'basic auth failed' in str(e):
raise exceptions.ConfigurationError(
'Invalid Akamai credentials')
else:
raise EnhancedDNSException('Akamai Communication Failure: %s' %
e)
def init_policy():
LOG.info('Initializing Policy')
policy_files = utils.find_config(cfg.CONF.policy_file)
if len(policy_files) == 0:
msg = 'Unable to determine appropriate policy json file'
raise exceptions.ConfigurationError(msg)
LOG.info('Using policy_file found at: %s' % policy_files[0])
with open(policy_files[0]) as fh:
policy_json = fh.read()
rules = policy.Rules.load_json(policy_json, cfg.CONF.policy_default_rule)
policy.set_rules(rules)
def _init_extensions(self):
""" Loads and prepares all enabled extensions """
enabled_notification_handlers = \
cfg.CONF['service:sink'].enabled_notification_handlers
self.extensions_manager = NamedExtensionManager(
HANDLER_NAMESPACE, names=enabled_notification_handlers)
def _load_extension(ext):
handler_cls = ext.plugin
return handler_cls()
try:
return self.extensions_manager.map(_load_extension)
except RuntimeError:
# No handlers enabled. Bail!
raise exceptions.ConfigurationError('No designate-sink handlers '
'enabled')
def endpoints_from_config(configured_endpoints, region=None):
"""
Return the endpoints for the given service from the configuration.
return [('http://endpoint', 'region')]
"""
endpoints = []
for endpoint_data in configured_endpoints:
if not endpoint_data:
continue
endpoint_region, endpoint = endpoint_data.split('|')
if region and endpoint_region != region:
continue
endpoints.append((endpoint, endpoint_region))
if not endpoints:
raise exceptions.ConfigurationError(
'Endpoints are not correctly configured')
return endpoints
def deleteZones(self, zoneNames):
LOG.debug("Performing deleteZones with zoneNames: %r", zoneNames)
zoneNames = [self._sanitizeZoneName(zN) for zN in zoneNames]
try:
self.client.service.deleteZones(zoneNames=zoneNames)
except Exception as e:
if 'Could not retrive object ID for zone' in str(e):
# The zone has already been purged, ignore and move on
pass
elif 'The following zones are still delegated to Akamai' in str(e):
raise DelegationExists()
elif 'basic auth failed' in str(e):
raise exceptions.ConfigurationError(
'Invalid Akamai credentials')
else:
raise EnhancedDNSException('Akamai Communication Failure: %s' %
e)
def init(default_rule=None):
policy_files = utils.find_config(CONF['oslo_policy'].policy_file)
if len(policy_files) == 0:
msg = 'Unable to determine appropriate policy json file'
raise exceptions.ConfigurationError(msg)
LOG.info(_LI('Using policy_file found at: %s'), policy_files[0])
with open(policy_files[0]) as fh:
policy_string = fh.read()
rules = policy.Rules.load_json(policy_string, default_rule=default_rule)
global _ENFORCER
if not _ENFORCER:
LOG.debug("Enforcer is not present, recreating.")
_ENFORCER = policy.Enforcer(CONF)
_ENFORCER.set_rules(rules)
def __init__(self, central_service):
self._keyfile = cfg.CONF[CFG_GROUP].keyfile
self._certfile = cfg.CONF[CFG_GROUP].certfile
# Make sure keyfile and certfile are readable to avoid cryptic SSL
# errors later
if not os.access(self._keyfile, os.R_OK):
raise exceptions.NSD4SlaveBackendError(
'Keyfile %s missing or permission denied' % self._keyfile)
if not os.access(self._certfile, os.R_OK):
raise exceptions.NSD4SlaveBackendError(
'Certfile %s missing or permission denied' % self._certfile)
self._pattern = cfg.CONF[CFG_GROUP].pattern
try:
self._servers = [
self._parse_server(cfg_server)
for cfg_server in cfg.CONF[CFG_GROUP].servers
]
except TypeError:
raise exceptions.ConfigurationError('No NSD4 servers defined')
def __init__(self, backlog=128, threads=1000):
api_paste_config = cfg.CONF['service:api'].api_paste_config
config_paths = utils.find_config(api_paste_config)
if len(config_paths) == 0:
msg = 'Unable to determine appropriate api-paste-config file'
raise exceptions.ConfigurationError(msg)
LOG.info(_LI('Using api-paste-config found at: %s') % config_paths[0])
policy.init()
application = deploy.loadapp("config:%s" % config_paths[0],
name='osapi_dns')
super(Service, self).__init__(application=application,
host=cfg.CONF['service:api'].api_host,
port=cfg.CONF['service:api'].api_port,
backlog=backlog,
threads=threads)
