def monthly_allocation_reset():
"""
This task contains logic related to:
* Providers whose allocations should be reset on the first of the month
* Which Allocation will be used as 'default'
"""
default_allocation = Allocation.default_allocation()
provider_locations = None
# ensure a 'set' settings value
if hasattr(settings, 'MONTHLY_RESET_PROVIDER_LOCATIONS'):
provider_locations = settings.MONTHLY_RESET_PROVIDER_LOCATIONS
else:
raise Exception(
"settings.MONTHLY_RESET_PROVIDER_LOCATIONS has not been set. SKIPPING the monthly allocation reset."
)
# Ensure settings value is a list
if not provider_locations or not isinstance(provider_locations, list):
raise Exception(
"Expected a list ([]) of provider locations to receive a monthly reset"
)
for location in provider_locations:
provider = Provider.objects.get(location=location)
reset_provider_allocation.apply_async(
args=[provider.id, default_allocation.id])
return
def share(self, core_group, quota=None):
"""
"""
from core.models import IdentityMembership, ProviderMembership, Quota, Allocation
existing_membership = IdentityMembership.objects.filter(
member=core_group, identity=self)
if existing_membership:
return existing_membership[0]
#User does not already have membership - Check for provider membership
prov_membership = ProviderMembership.objects.filter(
member=core_group, provider=self.provider)
if not prov_membership:
raise Exception("Cannot share identity membership before the"
" provider is shared")
#Ready to create new membership for this group
if not quota:
quota = Quota.default_quota()
allocation = Allocation.default_allocation()
new_membership = IdentityMembership.objects.get_or_create(
member=core_group,
identity=self,
quota=quota,
allocation=allocation)[0]
return new_membership
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--allocation-list",
action="store_true",
help="List of allocation names and IDs")
parser.add_argument("--provider-list",
action="store_true",
help="List of provider names and IDs")
parser.add_argument("--dry-run",
action="store_true",
help="Print, but don't do anything else")
parser.add_argument("--provider-id",
type=int,
help="Atmosphere provider ID"
" to use when importing users.")
parser.add_argument(
"--allocation-id",
help="Atmosphere Allocation ID to assign (Optional, instead of default)"
)
args = parser.parse_args()
users = None
quota = None
if args.provider_list:
print "ID\tName"
for p in Provider.objects.all().order_by('id'):
print "%d\t%s" % (p.id, p.location)
return
elif args.allocation_list:
print "ID\tSpecs"
for alloc in Allocation.objects.all().order_by('id'):
print "%s\t%s" % (alloc.id, alloc)
return
# Optional args
if args.dry_run:
print "Test Run Enabled"
# Optional args
if args.allocation_id:
def_allocation = Allocation.objects.get(id=args.allocation_id)
else:
def_allocation = Allocation.default_allocation()
print "Looking for users with non-default Allocation:%s" % def_allocation
if not args.provider_id:
print "ERROR: provider-id is required. To get a list of providers use"\
" --provider-list"
return
members = IdentityMembership.objects.filter(
~Q(allocation__id=def_allocation.id),
Q(identity__provider__id=args.provider_id),
identity__created_by__is_staff=False)
print "Identities with non-default Allocation:%s" % len(members)
for ident_member in members:
user = ident_member.member.name
old_alloc = ident_member.allocation
ident_member.allocation = def_allocation
if not args.dry_run:
ident_member.save()
print "Updated Allocation for %s (OLD:%s)" % (user, old_alloc)
def monthly_allocation_reset():
"""
This task contains logic related to:
* Providers whose allocations should be reset on the first of the month
* Which Allocation will be used as 'default'
"""
default_allocation = Allocation.default_allocation()
provider = Provider.objects.get(location='iPlant Cloud - Tucson')
reset_provider_allocation.apply_async(args=[provider.id, default_allocation.id])
def main():
"""
TODO: Add argparse, --delete : Deletes existing users in openstack (Never use in PROD)
"""
openstack = Provider.objects.get(location='iPlant Cloud - Tucson')
os_driver = OSAccountDriver(openstack)
found = 0
create = 0
quota_dict = {
'cpu':16,
'memory': 128,
'storage': 10,
'storage_count': 10
}
higher_quota = Quota.objects.get_or_create(**quota_dict)[0]
usernames = os_driver.list_usergroup_names()
staff = get_staff_users()
staff_users = sorted(list(set(staff) & set(usernames)))
non_staff = sorted(list(set(usernames) - set(staff)))
for user in non_staff:
#Raise everybody's quota
#try:
im_list = IdentityMembership.objects.filter(identity__created_by__username=user, identity__provider=openstack)
if not im_list:
print "Missing user:%s" % user
continue
im = im_list[0]
if not im.allocation:
print "User missing Allocation: %s" % user
im.allocation = Allocation.default_allocation()
im.save()
#Ignore the quota set if you are above it..
if im.quota.cpu >= quota_dict["cpu"] \
or im.quota.memory >= quota_dict["memory"]:
continue
print "Existing Quota CPU:%s should be %s" % (im.quota.cpu, quota_dict["cpu"])
im.quota = higher_quota
im.save()
print 'Found non-staff user:%s -- Update quota and add allocation' % user
#for user in staff_users:
# # Openstack account exists, but we need the identity.
# im = IdentityMembership.objects.filter(identity__created_by__username=user, identity__provider=openstack)
# if not im:
# print "Missing user:%s" % user
# continue
# im = im[0]
# if im.quota.cpu == quota_dict["cpu"]:
# continue
# #Disable time allocation
# im.allocation = None
# im.quota = higher_quota
# im.save()
# print 'Found staff user:%s -- Update quota and no allocation' % user
print "Total users added to atmosphere:%s" % len(usernames)
def monthly_allocation_reset():
"""
This task contains logic related to:
* Providers whose allocations should be reset on the first of the month
* Which Allocation will be used as 'default'
"""
default_allocation = Allocation.default_allocation()
provider = Provider.objects.get(location='iPlant Cloud - Tucson')
reset_provider_allocation.apply_async(
args=[provider.id, default_allocation.id])
def main():
parser = argparse.ArgumentParser()
parser.add_argument("--allocation-list", action="store_true",
help="List of allocation names and IDs")
parser.add_argument("--provider-list", action="store_true",
help="List of provider names and IDs")
parser.add_argument("--dry-run", action="store_true",
help="Print, but don't do anything else")
parser.add_argument("--provider-id", type=int,
help="Atmosphere provider ID"
" to use when importing users.")
parser.add_argument(
"--allocation-id",
help="Atmosphere Allocation ID to assign (Optional, instead of default)")
args = parser.parse_args()
users = None
quota = None
if args.provider_list:
print "ID\tName"
for p in Provider.objects.all().order_by('id'):
print "%d\t%s" % (p.id, p.location)
return
elif args.allocation_list:
print "ID\tSpecs"
for alloc in Allocation.objects.all().order_by('id'):
print "%s\t%s" % (alloc.id, alloc)
return
# Optional args
if args.dry_run:
print "Test Run Enabled"
# Optional args
if args.allocation_id:
def_allocation = Allocation.objects.get(id=args.allocation_id)
else:
def_allocation = Allocation.default_allocation()
print "Looking for users with non-default Allocation:%s" % def_allocation
if not args.provider_id:
print "ERROR: provider-id is required. To get a list of providers use"\
" --provider-list"
return
members = IdentityMembership.objects.filter(
~Q(allocation__id=def_allocation.id),
Q(identity__provider__id=args.provider_id),
identity__created_by__is_staff=False)
print "Identities with non-default Allocation:%s" % len(members)
for ident_member in members:
user = ident_member.member.name
old_alloc = ident_member.allocation
ident_member.allocation = def_allocation
if not args.dry_run:
ident_member.save()
print "Updated Allocation for %s (OLD:%s)" % (user, old_alloc)
def main():
"""
TODO: Add argparse, --delete : Deletes existing users in openstack (Never use in PROD)
"""
openstack = Provider.objects.get(location='iPlant Cloud - Tucson')
os_driver = OSAccountDriver(openstack)
found = 0
create = 0
quota_dict = {'cpu': 16, 'memory': 128, 'storage': 10, 'storage_count': 10}
higher_quota = Quota.objects.get_or_create(**quota_dict)[0]
usernames = os_driver.list_usergroup_names()
staff = get_staff_users()
staff_users = sorted(list(set(staff) & set(usernames)))
non_staff = sorted(list(set(usernames) - set(staff)))
for user in non_staff:
#Raise everybody's quota
#try:
im_list = IdentityMembership.objects.filter(
identity__created_by__username=user, identity__provider=openstack)
if not im_list:
print "Missing user:%s" % user
continue
im = im_list[0]
if not im.allocation:
print "User missing Allocation: %s" % user
im.allocation = Allocation.default_allocation()
im.save()
#Ignore the quota set if you are above it..
if im.quota.cpu >= quota_dict["cpu"] \
or im.quota.memory >= quota_dict["memory"]:
continue
print "Existing Quota CPU:%s should be %s" % (im.quota.cpu,
quota_dict["cpu"])
im.quota = higher_quota
im.save()
print 'Found non-staff user:%s -- Update quota and add allocation' % user
#for user in staff_users:
# # Openstack account exists, but we need the identity.
# im = IdentityMembership.objects.filter(identity__created_by__username=user, identity__provider=openstack)
# if not im:
# print "Missing user:%s" % user
# continue
# im = im[0]
# if im.quota.cpu == quota_dict["cpu"]:
# continue
# #Disable time allocation
# im.allocation = None
# im.quota = higher_quota
# im.save()
# print 'Found staff user:%s -- Update quota and no allocation' % user
print "Total users added to atmosphere:%s" % len(usernames)
def _new_mock_identity_member(username, provider):
# Mock a user and an identity..
mock_user = AtmosphereUser.objects.get_or_create(username=username)[0]
mock_group = Group.objects.get_or_create(name=username)[0]
mock_quota = Quota.default_quota()
mock_identity = Identity.objects.get_or_create(created_by=mock_user,
quota=mock_quota,
provider=provider)[0]
mock_allocation = Allocation.default_allocation()
mock_identity_member = IdentityMembership.objects.get_or_create(
identity=mock_identity, member=mock_group,
allocation=mock_allocation)[0]
return mock_identity_member
def _new_mock_identity_member(username, provider):
# Mock a user and an identity..
mock_user = AtmosphereUser.objects.get_or_create(
username=username)[0]
mock_group = Group.objects.get_or_create(
name=username)[0]
mock_identity = Identity.objects.get_or_create(
created_by=mock_user,
provider=provider)[0]
mock_allocation = Allocation.default_allocation()
mock_quota = Quota.default_quota()
mock_identity_member = IdentityMembership.objects.get_or_create(
identity=mock_identity, member=mock_group,
allocation=mock_allocation, quota=mock_quota)[0]
return mock_identity_member
def share(self, core_group, allocation=None):
"""
"""
from core.models import IdentityMembership, Quota, Allocation
existing_membership = IdentityMembership.objects.filter(
member=core_group, identity=self)
if existing_membership:
return existing_membership[0]
# Ready to create new membership for this group
if not allocation:
allocation = Allocation.default_allocation()
new_membership = IdentityMembership.objects.get_or_create(
member=core_group, identity=self, allocation=allocation)[0]
return new_membership
def share(self, core_group, quota=None):
"""
"""
from core.models import IdentityMembership, Quota, Allocation
existing_membership = IdentityMembership.objects.filter(
member=core_group, identity=self)
if existing_membership:
return existing_membership[0]
#Ready to create new membership for this group
if not quota:
quota = Quota.default_quota()
allocation = Allocation.default_allocation()
new_membership = IdentityMembership.objects.get_or_create(
member=core_group, identity=self, quota=quota, allocation=allocation)[0]
return new_membership
def share(self, core_group, quota=None):
"""
"""
from core.models import IdentityMembership, ProviderMembership, Quota, Allocation
existing_membership = IdentityMembership.objects.filter(member=core_group, identity=self)
if existing_membership:
return existing_membership[0]
# User does not already have membership - Check for provider membership
prov_membership = ProviderMembership.objects.filter(member=core_group, provider=self.provider)
if not prov_membership:
raise Exception("Cannot share identity membership before the" " provider is shared")
# Ready to create new membership for this group
if not quota:
quota = Quota.default_quota()
allocation = Allocation.default_allocation()
new_membership = IdentityMembership.objects.get_or_create(
member=core_group, identity=self, quota=quota, allocation=allocation
)[0]
return new_membership
def monthly_allocation_reset():
"""
This task contains logic related to:
* Providers whose allocations should be reset on the first of the month
* Which Allocation will be used as 'default'
"""
default_allocation = Allocation.default_allocation()
provider_locations = None
# ensure a 'set' settings value
if hasattr(settings, 'MONTHLY_RESET_PROVIDER_LOCATIONS'):
provider_locations = settings.MONTHLY_RESET_PROVIDER_LOCATIONS
else:
raise Exception("settings.MONTHLY_RESET_PROVIDER_LOCATIONS has not been set. SKIPPING the monthly allocation reset.")
# Ensure settings value is a list
if not provider_locations or not isinstance(provider_locations, list):
raise Exception("Expected a list ([]) of provider locations to receive a monthly reset")
for location in provider_locations:
provider = Provider.objects.get(location=location)
reset_provider_allocation.apply_async(
args=[
provider.id,
default_allocation.id])
return
def create_identity(cls, username, provider_location,
quota=None,
max_quota=False, account_admin=False, **kwarg_creds):
"""
Create new User/Group & Identity for given provider_location
NOTES:
* kwargs prefixed with 'cred_' will be collected as credentials
* Can assign optional flags:
+ max_quota - Assign the highest quota available, rather than
default.
+ account_admin - Private Clouds only - This user should have ALL
permissions including:
* Image creation (Glance)
* Account creation (Keystone)
* Access to ALL instances launched over ALL users
Atmosphere will run fine without an account_admin, but the above
features will be disabled.
"""
# Do not move up. ImportError.
from core.models import Group, Credential, Quota,\
Provider, AccountProvider, Allocation,\
IdentityMembership
provider = Provider.objects.get(location__iexact=provider_location)
credentials = {}
for (c_key, c_value) in kwarg_creds.items():
if 'cred_' not in c_key.lower():
continue
c_key = c_key.replace('cred_', '')
credentials[c_key] = c_value
(user, group) = Group.create_usergroup(username)
# NOTE: This specific query will need to be modified if we want
# 2+ Identities on a single provider
id_membership = IdentityMembership.objects.filter(
member__name=user.username,
identity__provider=provider,
identity__created_by__username=user.username)
if not id_membership:
default_allocation = Allocation.default_allocation()
# 1. Create an Identity Membership
# DEV NOTE: I have a feeling that THIS line will mean
# creating a secondary identity for a user on a given
# provider will be difficult. We need to find a better
# workflow here..
try:
identity = Identity.objects.get(created_by=user,
provider=provider)
except Identity.DoesNotExist:
new_uuid = uuid4()
identity = Identity.objects.create(
created_by=user,
provider=provider,
uuid=str(new_uuid))
id_membership = IdentityMembership.objects.get_or_create(
identity=identity,
member=group,
allocation=default_allocation,
quota=Quota.default_quota())
# Either first in list OR object from two-tuple.. Its what we need.
id_membership = id_membership[0]
# ID_Membership exists.
# 2. Make sure that all kwargs exist as credentials
# NOTE: Because we assume only one identity per provider
# We can add new credentials to
# existing identities if missing..
# In the future it will be hard to determine when we want to
# update values on an identity Vs. create a second, new
# identity.
for (c_key, c_value) in credentials.items():
test_key_exists = Credential.objects.filter(
identity=id_membership.identity,
key=c_key)
if test_key_exists:
logger.info("Conflicting Key Error: Key:%s Value:%s "
"Replacement:%s" %
(c_key, c_value, test_key_exists[0].value))
# No Dupes... But should we really throw an Exception here?
continue
Credential.objects.get_or_create(
identity=id_membership.identity,
key=c_key,
value=c_value)[0]
# 3. Assign a different quota, if requested
if quota:
id_membership.quota = quota
id_membership.allocation = None
id_membership.save()
elif max_quota:
quota = Quota.max_quota()
id_membership.quota = quota
id_membership.allocation = None
id_membership.save()
if account_admin:
admin = AccountProvider.objects.get_or_create(
provider=id_membership.identity.provider,
identity=id_membership.identity)[0]
# 5. Save the user to activate profile on first-time use
user.save()
# Return the identity
return id_membership.identity
def create_identity(cls,
username,
provider_location,
quota=None,
max_quota=False,
account_admin=False,
**kwarg_creds):
"""
Create new User/Group & Identity for given provider_location
NOTES:
* kwargs prefixed with 'cred_' will be collected as credentials
* Can assign optional flags:
+ max_quota - Assign the highest quota available, rather than
default.
+ account_admin - Private Clouds only - This user should have ALL
permissions including:
* Image creation (Glance)
* Account creation (Keystone)
* Access to ALL instances launched over ALL users
Atmosphere will run fine without an account_admin, but the above
features will be disabled.
"""
#Do not move up. ImportError.
from core.models import Group, Credential, Quota,\
Provider, AccountProvider, Allocation,\
IdentityMembership
provider = Provider.objects.get(location__iexact=provider_location)
credentials = {}
for (c_key, c_value) in kwarg_creds.items():
if 'cred_' not in c_key.lower():
continue
c_key = c_key.replace('cred_', '')
credentials[c_key] = c_value
(user, group) = Group.create_usergroup(username)
#NOTE: This specific query will need to be modified if we want
# 2+ Identities on a single provider
id_membership = IdentityMembership.objects.filter(
member__name=user.username,
identity__provider=provider,
identity__created_by__username=user.username)
if not id_membership:
default_allocation = Allocation.default_allocation()
#1. Create an Identity Membership
#DEV NOTE: I have a feeling that THIS line will mean
# creating a secondary identity for a user on a given
# provider will be difficult. We need to find a better
# workflow here..
try:
identity = Identity.objects.get(created_by=user,
provider=provider)
except Identity.DoesNotExist:
new_uuid = uuid4()
identity = Identity.objects.create(created_by=user,
provider=provider,
uuid=str(new_uuid))
#Two-tuple, (Object, created)
id_membership = IdentityMembership.objects.get_or_create(
identity=identity,
member=group,
allocation=default_allocation,
quota=Quota.default_quota())
#Either first in list OR object from two-tuple.. Its what we need.
id_membership = id_membership[0]
#ID_Membership exists.
#2. Make sure that all kwargs exist as credentials
# NOTE: Because we assume only one identity per provider
# We can add new credentials to
# existing identities if missing..
# In the future it will be hard to determine when we want to
# update values on an identity Vs. create a second, new
# identity.
for (c_key, c_value) in credentials.items():
test_key_exists = Credential.objects.filter(
identity=id_membership.identity, key=c_key)
if test_key_exists:
logger.info("Conflicting Key Error: Key:%s Value:%s "
"Replacement:%s" %
(c_key, c_value, test_key_exists[0].value))
#No Dupes... But should we really throw an Exception here?
continue
Credential.objects.get_or_create(identity=id_membership.identity,
key=c_key,
value=c_value)[0]
#3. Assign a different quota, if requested
if quota:
id_membership.quota = quota
id_membership.allocation = None
id_membership.save()
elif max_quota:
quota = Quota.max_quota()
id_membership.quota = quota
id_membership.allocation = None
id_membership.save()
if account_admin:
admin = AccountProvider.objects.get_or_create(
provider=id_membership.identity.provider,
identity=id_membership.identity)[0]
#5. Save the user to activate profile on first-time use
user.save()
#Return the identity
return id_membership.identity
