def _check_status(task): """Check inspection status for node given by a task.""" node = task.node if node.provision_state != states.INSPECTING: return if not isinstance(task.driver.inspect, Inspector): return LOG.debug('Calling to inspector to check status of node %s', task.node.uuid) # NOTE(dtantsur): periodic tasks do not have proper tokens in context task.context.auth_token = keystone.get_admin_auth_token() try: status = _call_inspector(client.get_status, node.uuid, task.context) except Exception: # NOTE(dtantsur): get_status should not normally raise # let's assume it's a transient failure and retry later LOG.exception(_LE('Unexpected exception while getting ' 'inspection status for node %s, will retry later'), node.uuid) return if status.get('error'): LOG.error(_LE('Inspection failed for node %(uuid)s ' 'with error: %(err)s'), {'uuid': node.uuid, 'err': status['error']}) node.last_error = (_('ironic-inspector inspection failed: %s') % status['error']) task.process_event('fail') elif status.get('finished'): LOG.info(_LI('Inspection finished successfully for node %s'), node.uuid) task.process_event('done')
def GlanceImageService(client=None, version=1, context=None): module = import_versioned_module(version, 'image_service') service_class = getattr(module, 'GlanceImageService') if (context is not None and CONF.glance.auth_strategy == 'keystone' and not context.auth_token): context.auth_token = keystone.get_admin_auth_token() return service_class(client, version, context)
def GlanceImageService(client=None, version=1, context=None): module_str = "ironic.common.glance_service" module = importutils.import_versioned_module(module_str, version, "image_service") service_class = getattr(module, "GlanceImageService") if context is not None and CONF.glance.auth_strategy == "keystone" and not context.auth_token: session = _get_glance_session() context.auth_token = keystone.get_admin_auth_token(session) return service_class(client, version, context)
def GlanceImageService(client=None, version=1, context=None): module_str = 'ironic.common.glance_service' module = importutils.import_versioned_module(module_str, version, 'image_service') service_class = getattr(module, 'GlanceImageService') if (context is not None and CONF.glance.auth_strategy == 'keystone' and not context.auth_token): session = _get_glance_session() context.auth_token = keystone.get_admin_auth_token(session) return service_class(client, version, context)
def _create_token_file(task): """Save PKI token to file.""" token_file_path = _get_token_file_path(task.node.uuid) token = task.context.auth_token if token: timeout = CONF.conductor.deploy_callback_timeout if timeout and keystone.token_expires_soon(token, timeout): token = keystone.get_admin_auth_token() utils.write_to_file(token_file_path, token) else: utils.unlink_without_raise(token_file_path)
def _check_status(task): """Check inspection status for node given by a task.""" node = task.node if node.provision_state != states.INSPECTING: return if not isinstance(task.driver.inspect, Inspector): return LOG.debug('Calling to inspector to check status of node %s', task.node.uuid) # NOTE(dtantsur): periodic tasks do not have proper tokens in context if CONF.auth_strategy == 'keystone': task.context.auth_token = keystone.get_admin_auth_token() try: status = _call_inspector(client.get_status, node.uuid, task.context) except Exception: # NOTE(dtantsur): get_status should not normally raise # let's assume it's a transient failure and retry later LOG.exception( _LE('Unexpected exception while getting ' 'inspection status for node %s, will retry later'), node.uuid) return error = status.get('error') finished = status.get('finished') if not error and not finished: return # If the inspection has finished or failed, we need to update the node, so # upgrade our lock to an exclusive one. task.upgrade_lock() node = task.node if error: LOG.error( _LE('Inspection failed for node %(uuid)s ' 'with error: %(err)s'), { 'uuid': node.uuid, 'err': error }) node.last_error = (_('ironic-inspector inspection failed: %s') % error) task.process_event('fail') elif finished: LOG.info(_LI('Inspection finished successfully for node %s'), node.uuid) task.process_event('done')
def _check_status(task): """Check inspection status for node given by a task.""" node = task.node if node.provision_state != states.INSPECTING: return if not isinstance(task.driver.inspect, Inspector): return LOG.debug('Calling to inspector to check status of node %s', task.node.uuid) # NOTE(dtantsur): periodic tasks do not have proper tokens in context if CONF.auth_strategy == 'keystone': task.context.auth_token = keystone.get_admin_auth_token() try: status = _call_inspector(client.get_status, node.uuid, task.context) except Exception: # NOTE(dtantsur): get_status should not normally raise # let's assume it's a transient failure and retry later LOG.exception(_LE('Unexpected exception while getting ' 'inspection status for node %s, will retry later'), node.uuid) return error = status.get('error') finished = status.get('finished') if not error and not finished: return # If the inspection has finished or failed, we need to update the node, so # upgrade our lock to an exclusive one. task.upgrade_lock() node = task.node if error: LOG.error(_LE('Inspection failed for node %(uuid)s ' 'with error: %(err)s'), {'uuid': node.uuid, 'err': error}) node.last_error = (_('ironic-inspector inspection failed: %s') % error) task.process_event('fail') elif finished: LOG.info(_LI('Inspection finished successfully for node %s'), node.uuid) task.process_event('done')
def continue_deploy(self, task, **kwargs): """Method invoked when deployed with the IPA ramdisk. This method is invoked during a heartbeat from an agent when the node is in wait-call-back state. This deploys the image on the node and then configures the node to boot according to the desired boot option (netboot or localboot). :param task: a TaskManager object containing the node. :param kwargs: the kwargs passed from the heartbeat method. :raises: InstanceDeployFailure, if it encounters some error during the deploy. """ task.process_event('resume') node = task.node LOG.debug('Continuing the deployment on node %s', node.uuid) ilo_common.cleanup_vmedia_boot(task) iwdi = node.driver_internal_info.get('is_whole_disk_image') uuid_dict = iscsi_deploy.do_agent_iscsi_deploy(task, self._client) root_uuid = uuid_dict.get('root uuid') if iscsi_deploy.get_boot_option(node) == "local" or iwdi: efi_system_part_uuid = uuid_dict.get( 'efi system partition uuid') self.configure_local_boot( task, root_uuid=root_uuid, efi_system_part_uuid=efi_system_part_uuid) else: # Agent vendorpassthru are made without auth token. # We require auth_token to talk to glance while building boot iso. task.context.auth_token = keystone.get_admin_auth_token() self._configure_vmedia_boot(task, root_uuid) # Set boot mode ilo_common.update_boot_mode(task) # Need to enable secure boot, if being requested _update_secure_boot_mode(task, True) self.reboot_and_finish_deploy(task)
def continue_deploy(self, task, **kwargs): """Method invoked when deployed with the IPA ramdisk. This method is invoked during a heartbeat from an agent when the node is in wait-call-back state. This deploys the image on the node and then configures the node to boot according to the desired boot option (netboot or localboot). :param task: a TaskManager object containing the node. :param kwargs: the kwargs passed from the heartbeat method. :raises: InstanceDeployFailure, if it encounters some error during the deploy. """ task.process_event('resume') node = task.node LOG.debug('Continuing the deployment on node %s', node.uuid) ilo_common.cleanup_vmedia_boot(task) iwdi = node.driver_internal_info.get('is_whole_disk_image') uuid_dict = iscsi_deploy.do_agent_iscsi_deploy(task, self._client) root_uuid = uuid_dict.get('root uuid') if iscsi_deploy.get_boot_option(node) == "local" or iwdi: efi_system_part_uuid = uuid_dict.get('efi system partition uuid') self.configure_local_boot( task, root_uuid=root_uuid, efi_system_part_uuid=efi_system_part_uuid) else: # Agent vendorpassthru are made without auth token. # We require auth_token to talk to glance while building boot iso. task.context.auth_token = keystone.get_admin_auth_token() self._configure_vmedia_boot(task, root_uuid) # Set boot mode ilo_common.update_boot_mode(task) # Need to enable secure boot, if being requested _update_secure_boot_mode(task, True) self.reboot_and_finish_deploy(task)
def __init__(self): # TODO(pas-ha): swiftclient does not support keystone sessions ATM. # Must be reworked when LP bug #1518938 is fixed. session = _get_swift_session() params = { 'retries': CONF.swift.swift_max_retries, 'preauthurl': keystone.get_service_url( session, service_type='object-store'), 'preauthtoken': keystone.get_admin_auth_token(session) } # NOTE(pas-ha):session.verify is for HTTPS urls and can be # - False (do not verify) # - True (verify but try to locate system CA certificates) # - Path (verify using specific CA certificate) verify = session.verify params['insecure'] = not verify if verify and isinstance(verify, six.string_types): params['cacert'] = verify self.connection = swift_client.Connection(**params)
def __init__(self): # TODO(pas-ha): swiftclient does not support keystone sessions ATM. # Must be reworked when LP bug #1518938 is fixed. session = _get_swift_session() params = { 'retries': CONF.swift.swift_max_retries, 'preauthurl': keystone.get_service_url(session, service_type='object-store'), 'preauthtoken': keystone.get_admin_auth_token(session) } # NOTE(pas-ha):session.verify is for HTTPS urls and can be # - False (do not verify) # - True (verify but try to locate system CA certificates) # - Path (verify using specific CA certificate) verify = session.verify params['insecure'] = not verify if verify and isinstance(verify, six.string_types): params['cacert'] = verify self.connection = swift_client.Connection(**params)
def _check_status(task): """Check inspection status for node given by a task.""" node = task.node if node.provision_state != states.INSPECTING: return if not isinstance(task.driver.inspect, Inspector): return LOG.debug('Calling to inspector to check status of node %s', task.node.uuid) # NOTE(dtantsur): periodic tasks do not have proper tokens in context task.context.auth_token = keystone.get_admin_auth_token() try: status = _call_inspector(client.get_status, node.uuid, task.context) except Exception: # NOTE(dtantsur): get_status should not normally raise # let's assume it's a transient failure and retry later LOG.exception( _LE('Unexpected exception while getting ' 'inspection status for node %s, will retry later'), node.uuid) return if status.get('error'): LOG.error( _LE('Inspection failed for node %(uuid)s ' 'with error: %(err)s'), { 'uuid': node.uuid, 'err': status['error'] }) node.last_error = (_('ironic-inspector inspection failed: %s') % status['error']) task.process_event('fail') elif status.get('finished'): LOG.info(_LI('Inspection finished successfully for node %s'), node.uuid) task.process_event('done')
def test_get_admin_auth_token(self): mock_sess = mock.Mock() mock_sess.get_token.return_value = 'fake_token' self.assertEqual('fake_token', keystone.get_admin_auth_token(mock_sess))
def test_get_admin_auth_token(self, mock_ks): fake_client = FakeClient() fake_client.auth_token = "123456" mock_ks.return_value = fake_client self.assertEqual("123456", keystone.get_admin_auth_token())
def test_get_admin_auth_token(self, mock_ks): fake_client = FakeClient() fake_client.auth_token = '123456' mock_ks.return_value = fake_client self.assertEqual('123456', keystone.get_admin_auth_token())