def setup_logging():
"""Sets up the logging options for a log with supplied name."""
product_name = "neutron"
# We use the oslo.log default log levels and add only the extra levels
# that Neutron needs.
logging.set_defaults(default_log_levels=logging.get_default_log_levels() +
EXTRA_LOG_LEVEL_DEFAULTS)
logging.setup(cfg.CONF, product_name)
LOG.info(_LI("Logging enabled!"))
LOG.info(_LI("%(prog)s version %(version)s"), {
'prog': sys.argv[0],
'version': version.version_info.release_string()
})
LOG.debug("command line: %s", " ".join(sys.argv))
def drop_privileges(user=None, group=None):
"""Drop privileges to user/group privileges."""
if user is None and group is None:
return
if os.geteuid() != 0:
msg = _('Root permissions are required to drop privileges.')
LOG.critical(msg)
raise exceptions.FailToDropPrivilegesExit(msg)
if group is not None:
try:
os.setgroups([])
except OSError:
msg = _('Failed to remove supplemental groups')
LOG.critical(msg)
raise exceptions.FailToDropPrivilegesExit(msg)
setgid(group)
if user is not None:
setuid(user)
LOG.info(_LI("Process runs with uid/gid: %(uid)s/%(gid)s"), {
'uid': os.getuid(),
'gid': os.getgid()
})
def acquire_connection(self, auto_login=True, headers=None, rid=-1):
'''Check out an available HTTPConnection instance.
Blocks until a connection is available.
:auto_login: automatically logins before returning conn
:headers: header to pass on to login attempt
:param rid: request id passed in from request eventlet.
:returns: An available HTTPConnection instance or None if no
api_providers are configured.
'''
if self._conn_pool.empty():
LOG.debug("[%d] Waiting to acquire API client connection.", rid)
priority, conn = self._conn_pool.get()
now = time.time()
if getattr(conn, 'last_used', now) < now - self.CONN_IDLE_TIMEOUT:
LOG.info(_LI("[%(rid)d] Connection %(conn)s idle for "
"%(sec)0.2f seconds; reconnecting."),
{'rid': rid,
'conn': utils.ctrl_conn_to_str(conn),
'sec': now - conn.last_used})
conn = self._create_connection(*self._conn_params(conn))
self.set_auth_data(conn)
conn.last_used = now
conn.priority = priority # stash current priority for release
qsize = self._conn_pool.qsize()
LOG.debug("[%(rid)d] Acquired connection %(conn)s. %(qsize)d "
"connection(s) available.",
{'rid': rid, 'conn': utils.ctrl_conn_to_str(conn),
'qsize': qsize})
if auto_login and self.auth_data(conn) is None:
self._wait_for_login(conn, headers)
return conn
def _handle_request(self):
'''First level request handling.'''
attempt = 0
timeout = 0
badstatus = 0
response = None
while response is None and attempt <= self._retries:
attempt += 1
try:
req = self._issue_request()
except httplib.BadStatusLine:
if badstatus <= DEFAULT_RETRIES:
badstatus += 1
attempt -= 1
LOG.error("request {method} {url} {body} error".format(
method=self._method, url=self._url, body=self._body))
continue
# automatically raises any exceptions returned.
if isinstance(req, httplib.HTTPResponse):
timeout = 0
if attempt <= self._retries and not self._abort:
# currently there is a bug in fortios, it return 401 and
# 400 when a cookie is invalid, the change is to tolerant
# the bug to handle return 400 situation.
# when fortios fix the bug, here should use
# 'req.status in (401, 403)' instead
if req.status in (400, 401, 403):
continue
elif req.status == 503:
timeout = 0.5
continue
# else fall through to return the error code
LOG.debug(
"[%(rid)d] Completed request '%(method)s %(url)s'"
": %(status)s", {
'rid': self._rid(),
'method': self._method,
'url': self._url,
'status': req.status
})
self._request_error = None
response = req
else:
LOG.info(
_LI('[%(rid)d] Error while handling request: '
'%(req)s'), {
'rid': self._rid(),
'req': req
})
self._request_error = req
response = None
return response
def _run(self):
'''Method executed within green thread.'''
if self._request_timeout:
# No timeout exception escapes the with block.
with eventlet.timeout.Timeout(self._request_timeout, False):
return self._handle_request()
LOG.info(_LI('[%d] Request timeout.'), self._rid())
self._request_error = Exception(_('Request timeout'))
return None
else:
return self._handle_request()
def is_enabled():
global _IS_IPV6_ENABLED
if _IS_IPV6_ENABLED is None:
disabled_ipv6_path = "/proc/sys/net/ipv6/conf/default/disable_ipv6"
if os.path.exists(disabled_ipv6_path):
with open(disabled_ipv6_path, 'r') as f:
disabled = f.read().strip()
_IS_IPV6_ENABLED = disabled == "0"
else:
_IS_IPV6_ENABLED = False
if not _IS_IPV6_ENABLED:
LOG.info(_LI("IPv6 is not enabled on this system."))
return _IS_IPV6_ENABLED
def is_enabled():
global _IS_IPV6_ENABLED
if _IS_IPV6_ENABLED is None:
disabled_ipv6_path = "/proc/sys/net/ipv6/conf/default/disable_ipv6"
if os.path.exists(disabled_ipv6_path):
with open(disabled_ipv6_path, 'r') as f:
disabled = f.read().strip()
_IS_IPV6_ENABLED = disabled == "0"
else:
_IS_IPV6_ENABLED = False
if not _IS_IPV6_ENABLED:
LOG.info(_LI("IPv6 is not enabled on this system."))
return _IS_IPV6_ENABLED
def plug(self, network_id, port_id, device_name, mac_address,
bridge=None, namespace=None, prefix=None, mtu=None):
if not ip_lib.device_exists(device_name,
namespace=namespace):
try:
self.plug_new(network_id, port_id, device_name, mac_address,
bridge, namespace, prefix, mtu)
except TypeError:
versionutils.report_deprecated_feature(
LOG,
_LW('Interface driver does not support MTU parameter. '
'This may not work in future releases.'))
self.plug_new(network_id, port_id, device_name, mac_address,
bridge, namespace, prefix)
else:
LOG.info(_LI("Device %s already exists"), device_name)
def drop_privileges(user=None, group=None):
"""Drop privileges to user/group privileges."""
if user is None and group is None:
return
if os.geteuid() != 0:
msg = _('Root permissions are required to drop privileges.')
LOG.critical(msg)
raise exceptions.FailToDropPrivilegesExit(msg)
if group is not None:
try:
os.setgroups([])
except OSError:
msg = _('Failed to remove supplemental groups')
LOG.critical(msg)
raise exceptions.FailToDropPrivilegesExit(msg)
setgid(group)
if user is not None:
setuid(user)
LOG.info(_LI("Process runs with uid/gid: %(uid)s/%(gid)s"),
{'uid': os.getuid(), 'gid': os.getgid()})
#
# These variables default to respectively:
#
# import oslo_log
# oslo_log._options.DEFAULT_LOG_LEVELS
# oslo_log._options.log_opts[0].default
#
extra_log_level_defaults = [
'dogpile=INFO',
'routes=INFO'
]
logging.set_defaults(
default_log_levels=logging.get_default_log_levels() +
extra_log_level_defaults)
# Required setup based on configuration and domain
logging.setup(CONF, DOMAIN)
if __name__ == '__main__':
prepare()
# NOTE: These examples use Oslo i18n marker functions
LOG.info(_LI("Welcome to Oslo Logging"))
LOG.debug("A debugging message") # Debug messages are not translated
LOG.warning(_LW("A warning occured"))
LOG.error(_LE("An error occured"))
LOG.exception(_("An Exception occured"))
def _issue_request(self):
'''Issue a request to a provider.'''
conn = self.get_conn()
if conn is None:
error = Exception(_("No API connections available"))
self._request_error = error
return error
url = self._url
LOG.debug("[%(rid)d] Issuing - request url: %(conn)s, body: %(body)s",
{'rid': self._rid(), 'conn': self._request_str(conn, url),
'body': self._body})
issued_time = time.time()
is_conn_error = False
is_conn_service_unavail = False
response = None
try:
redirects = 0
while redirects <= self._redirects:
# Update connection with user specified request timeout,
# the connect timeout is usually smaller so we only set
# the request timeout after a connection is established
if conn.sock is None:
conn.connect()
conn.sock.settimeout(self._http_timeout)
elif conn.sock.gettimeout() != self._http_timeout:
conn.sock.settimeout(self._http_timeout)
headers = copy.copy(self._headers)
auth = self._api_client.auth_data(conn)
headers.update(auth)
try:
if self._body:
body = jsonutils.dumps(self._body)
else:
body = None
LOG.debug("Issuing request: self._method = [%(method)s], "
"url= %(url)s, body=%(body)s, "
"headers=%(headers)s",
{'method': self._method, "url": url,
"body": body, "headers": headers})
conn.request(self._method, url, body, headers)
except Exception as e:
with excutils.save_and_reraise_exception():
LOG.warning(
_LW("[%(rid)d] Exception issuing request: %(e)s"),
{'rid': self._rid(), 'e': e})
response = conn.getresponse()
response.body = response.read()
response.headers = response.getheaders()
elapsed_time = time.time() - issued_time
LOG.debug("@@@@@@ [ _issue_request ] [%(rid)d] "
"Completed request '%(conn)s': "
"%(status)s (%(elapsed)s seconds), "
"request.url: %(url)s, "
"request.method: %(method)s, "
"request.headers: %(headers)s, "
"request.body %(body)s,"
"response.headers: %(response.headers)s, "
"response.body: %(response.body)s",
{'rid': self._rid(),
'conn': self._request_str(conn, url),
'status': response.status,
'elapsed': elapsed_time,
'method': self._method, "url": url,
'headers': headers, 'body': body,
'response.headers': response.headers,
'response.body': response.body})
if response.status in (401, 302):
# if response.headers:
login_msg = self._api_client.login_msg()
if auth is None and login_msg:
# The connection still has no valid cookie despite
# attempts to authenticate and the request has failed
# with unauthorized status code. If this isn't a
# a request to authenticate, we should abort the
# request since there is no point in retrying.
if self._url != jsonutils.loads(login_msg)['path']:
self._abort = True
# If request is unauthorized, clear the session cookie
# for the current provider so that subsequent requests
# to the same provider triggers re-authentication.
self._api_client.set_auth_data(conn, None)
elif 503 == response.status:
is_conn_service_unavail = True
if response.status not in [301, 307]:
break
elif redirects >= self._redirects:
LOG.info(_LI("[%d] Maximum redirects exceeded, aborting "
"request"), self._rid())
break
redirects += 1
conn, url = self._redirect_params(conn, response.headers,
self._client_conn is None)
if url is None:
response.status = 500
break
LOG.info(_LI("[%(rid)d] Redirecting request to: %(conn)s"),
{'rid': self._rid(),
'conn': self._request_str(conn, url)})
# yield here, just in case we are not out of the loop yet
eventlet.greenthread.sleep(0)
# If we receive any of these responses, then
# our server did not process our request and may be in an
# errored state. Raise an exception, which will cause the
# the conn to be released with is_conn_error == True
# which puts the conn on the back of the client's priority
# queue.
if 500 == response.status or 501 < response.status:
LOG.warning(_LW("[%(rid)d] Request '%(method)s %(url)s' "
"received: %(status)s"),
{'rid': self._rid(), 'method': self._method,
'url': self._url, 'status': response.status})
raise Exception(_('Server error return: %s'), response.status)
return response
except Exception as e:
if isinstance(e, httpclient.BadStatusLine):
msg = "Invalid server response"
else:
msg = str(e)
if response is None:
elapsed_time = time.time() - issued_time
LOG.warning(_LW("[%(rid)d] Failed request '%(conn)s': '%(msg)s' "
"(%(elapsed)s seconds)"),
{'rid': self._rid(),
'conn': self._request_str(conn, url),
'msg': msg, 'elapsed': elapsed_time})
self._request_error = e
is_conn_error = True
return e
finally:
# Make sure we release the original connection provided by the
# acquire_connection() call above.
if self._client_conn is None:
self._api_client.release_connection(conn, is_conn_error,
is_conn_service_unavail,
rid=self._rid())
#
# These variables default to respectively:
#
# import oslo_log
# oslo_log._options.DEFAULT_LOG_LEVELS
# oslo_log._options.log_opts[0].default
#
extra_log_level_defaults = [
'dogpile=INFO',
'routes=INFO'
]
logging.set_defaults(
default_log_levels=logging.get_default_log_levels() +
extra_log_level_defaults)
# Required setup based on configuration and domain
logging.setup(CONF, DOMAIN)
if __name__ == '__main__':
prepare()
# NOTE: These examples use Oslo i18n marker functions
LOG.info(_LI("Welcome to Oslo Logging"))
LOG.debug("A debugging message") # Debug messages are not translated
LOG.warning(_LW("A warning occurred"))
LOG.error(_LE("An error occurred"))
LOG.exception(_("An Exception occurred"))
