def monthly_allocation_reset(): """ This task contains logic related to: * Providers whose allocations should be reset on the first of the month * Which Allocation will be used as 'default' """ default_allocation = Allocation.default_allocation() provider_locations = None # ensure a 'set' settings value if hasattr(settings, 'MONTHLY_RESET_PROVIDER_LOCATIONS'): provider_locations = settings.MONTHLY_RESET_PROVIDER_LOCATIONS else: raise Exception( "settings.MONTHLY_RESET_PROVIDER_LOCATIONS has not been set. SKIPPING the monthly allocation reset." ) # Ensure settings value is a list if not provider_locations or not isinstance(provider_locations, list): raise Exception( "Expected a list ([]) of provider locations to receive a monthly reset" ) for location in provider_locations: provider = Provider.objects.get(location=location) reset_provider_allocation.apply_async( args=[provider.id, default_allocation.id]) return
def share(self, core_group, quota=None): """ """ from core.models import IdentityMembership, ProviderMembership, Quota, Allocation existing_membership = IdentityMembership.objects.filter( member=core_group, identity=self) if existing_membership: return existing_membership[0] #User does not already have membership - Check for provider membership prov_membership = ProviderMembership.objects.filter( member=core_group, provider=self.provider) if not prov_membership: raise Exception("Cannot share identity membership before the" " provider is shared") #Ready to create new membership for this group if not quota: quota = Quota.default_quota() allocation = Allocation.default_allocation() new_membership = IdentityMembership.objects.get_or_create( member=core_group, identity=self, quota=quota, allocation=allocation)[0] return new_membership
def main(): parser = argparse.ArgumentParser() parser.add_argument("--allocation-list", action="store_true", help="List of allocation names and IDs") parser.add_argument("--provider-list", action="store_true", help="List of provider names and IDs") parser.add_argument("--dry-run", action="store_true", help="Print, but don't do anything else") parser.add_argument("--provider-id", type=int, help="Atmosphere provider ID" " to use when importing users.") parser.add_argument( "--allocation-id", help="Atmosphere Allocation ID to assign (Optional, instead of default)" ) args = parser.parse_args() users = None quota = None if args.provider_list: print "ID\tName" for p in Provider.objects.all().order_by('id'): print "%d\t%s" % (p.id, p.location) return elif args.allocation_list: print "ID\tSpecs" for alloc in Allocation.objects.all().order_by('id'): print "%s\t%s" % (alloc.id, alloc) return # Optional args if args.dry_run: print "Test Run Enabled" # Optional args if args.allocation_id: def_allocation = Allocation.objects.get(id=args.allocation_id) else: def_allocation = Allocation.default_allocation() print "Looking for users with non-default Allocation:%s" % def_allocation if not args.provider_id: print "ERROR: provider-id is required. To get a list of providers use"\ " --provider-list" return members = IdentityMembership.objects.filter( ~Q(allocation__id=def_allocation.id), Q(identity__provider__id=args.provider_id), identity__created_by__is_staff=False) print "Identities with non-default Allocation:%s" % len(members) for ident_member in members: user = ident_member.member.name old_alloc = ident_member.allocation ident_member.allocation = def_allocation if not args.dry_run: ident_member.save() print "Updated Allocation for %s (OLD:%s)" % (user, old_alloc)
def monthly_allocation_reset(): """ This task contains logic related to: * Providers whose allocations should be reset on the first of the month * Which Allocation will be used as 'default' """ default_allocation = Allocation.default_allocation() provider = Provider.objects.get(location='iPlant Cloud - Tucson') reset_provider_allocation.apply_async(args=[provider.id, default_allocation.id])
def main(): """ TODO: Add argparse, --delete : Deletes existing users in openstack (Never use in PROD) """ openstack = Provider.objects.get(location='iPlant Cloud - Tucson') os_driver = OSAccountDriver(openstack) found = 0 create = 0 quota_dict = { 'cpu':16, 'memory': 128, 'storage': 10, 'storage_count': 10 } higher_quota = Quota.objects.get_or_create(**quota_dict)[0] usernames = os_driver.list_usergroup_names() staff = get_staff_users() staff_users = sorted(list(set(staff) & set(usernames))) non_staff = sorted(list(set(usernames) - set(staff))) for user in non_staff: #Raise everybody's quota #try: im_list = IdentityMembership.objects.filter(identity__created_by__username=user, identity__provider=openstack) if not im_list: print "Missing user:%s" % user continue im = im_list[0] if not im.allocation: print "User missing Allocation: %s" % user im.allocation = Allocation.default_allocation() im.save() #Ignore the quota set if you are above it.. if im.quota.cpu >= quota_dict["cpu"] \ or im.quota.memory >= quota_dict["memory"]: continue print "Existing Quota CPU:%s should be %s" % (im.quota.cpu, quota_dict["cpu"]) im.quota = higher_quota im.save() print 'Found non-staff user:%s -- Update quota and add allocation' % user #for user in staff_users: # # Openstack account exists, but we need the identity. # im = IdentityMembership.objects.filter(identity__created_by__username=user, identity__provider=openstack) # if not im: # print "Missing user:%s" % user # continue # im = im[0] # if im.quota.cpu == quota_dict["cpu"]: # continue # #Disable time allocation # im.allocation = None # im.quota = higher_quota # im.save() # print 'Found staff user:%s -- Update quota and no allocation' % user print "Total users added to atmosphere:%s" % len(usernames)
def monthly_allocation_reset(): """ This task contains logic related to: * Providers whose allocations should be reset on the first of the month * Which Allocation will be used as 'default' """ default_allocation = Allocation.default_allocation() provider = Provider.objects.get(location='iPlant Cloud - Tucson') reset_provider_allocation.apply_async( args=[provider.id, default_allocation.id])
def main(): parser = argparse.ArgumentParser() parser.add_argument("--allocation-list", action="store_true", help="List of allocation names and IDs") parser.add_argument("--provider-list", action="store_true", help="List of provider names and IDs") parser.add_argument("--dry-run", action="store_true", help="Print, but don't do anything else") parser.add_argument("--provider-id", type=int, help="Atmosphere provider ID" " to use when importing users.") parser.add_argument( "--allocation-id", help="Atmosphere Allocation ID to assign (Optional, instead of default)") args = parser.parse_args() users = None quota = None if args.provider_list: print "ID\tName" for p in Provider.objects.all().order_by('id'): print "%d\t%s" % (p.id, p.location) return elif args.allocation_list: print "ID\tSpecs" for alloc in Allocation.objects.all().order_by('id'): print "%s\t%s" % (alloc.id, alloc) return # Optional args if args.dry_run: print "Test Run Enabled" # Optional args if args.allocation_id: def_allocation = Allocation.objects.get(id=args.allocation_id) else: def_allocation = Allocation.default_allocation() print "Looking for users with non-default Allocation:%s" % def_allocation if not args.provider_id: print "ERROR: provider-id is required. To get a list of providers use"\ " --provider-list" return members = IdentityMembership.objects.filter( ~Q(allocation__id=def_allocation.id), Q(identity__provider__id=args.provider_id), identity__created_by__is_staff=False) print "Identities with non-default Allocation:%s" % len(members) for ident_member in members: user = ident_member.member.name old_alloc = ident_member.allocation ident_member.allocation = def_allocation if not args.dry_run: ident_member.save() print "Updated Allocation for %s (OLD:%s)" % (user, old_alloc)
def main(): """ TODO: Add argparse, --delete : Deletes existing users in openstack (Never use in PROD) """ openstack = Provider.objects.get(location='iPlant Cloud - Tucson') os_driver = OSAccountDriver(openstack) found = 0 create = 0 quota_dict = {'cpu': 16, 'memory': 128, 'storage': 10, 'storage_count': 10} higher_quota = Quota.objects.get_or_create(**quota_dict)[0] usernames = os_driver.list_usergroup_names() staff = get_staff_users() staff_users = sorted(list(set(staff) & set(usernames))) non_staff = sorted(list(set(usernames) - set(staff))) for user in non_staff: #Raise everybody's quota #try: im_list = IdentityMembership.objects.filter( identity__created_by__username=user, identity__provider=openstack) if not im_list: print "Missing user:%s" % user continue im = im_list[0] if not im.allocation: print "User missing Allocation: %s" % user im.allocation = Allocation.default_allocation() im.save() #Ignore the quota set if you are above it.. if im.quota.cpu >= quota_dict["cpu"] \ or im.quota.memory >= quota_dict["memory"]: continue print "Existing Quota CPU:%s should be %s" % (im.quota.cpu, quota_dict["cpu"]) im.quota = higher_quota im.save() print 'Found non-staff user:%s -- Update quota and add allocation' % user #for user in staff_users: # # Openstack account exists, but we need the identity. # im = IdentityMembership.objects.filter(identity__created_by__username=user, identity__provider=openstack) # if not im: # print "Missing user:%s" % user # continue # im = im[0] # if im.quota.cpu == quota_dict["cpu"]: # continue # #Disable time allocation # im.allocation = None # im.quota = higher_quota # im.save() # print 'Found staff user:%s -- Update quota and no allocation' % user print "Total users added to atmosphere:%s" % len(usernames)
def _new_mock_identity_member(username, provider): # Mock a user and an identity.. mock_user = AtmosphereUser.objects.get_or_create(username=username)[0] mock_group = Group.objects.get_or_create(name=username)[0] mock_quota = Quota.default_quota() mock_identity = Identity.objects.get_or_create(created_by=mock_user, quota=mock_quota, provider=provider)[0] mock_allocation = Allocation.default_allocation() mock_identity_member = IdentityMembership.objects.get_or_create( identity=mock_identity, member=mock_group, allocation=mock_allocation)[0] return mock_identity_member
def _new_mock_identity_member(username, provider): # Mock a user and an identity.. mock_user = AtmosphereUser.objects.get_or_create( username=username)[0] mock_group = Group.objects.get_or_create( name=username)[0] mock_identity = Identity.objects.get_or_create( created_by=mock_user, provider=provider)[0] mock_allocation = Allocation.default_allocation() mock_quota = Quota.default_quota() mock_identity_member = IdentityMembership.objects.get_or_create( identity=mock_identity, member=mock_group, allocation=mock_allocation, quota=mock_quota)[0] return mock_identity_member
def share(self, core_group, allocation=None): """ """ from core.models import IdentityMembership, Quota, Allocation existing_membership = IdentityMembership.objects.filter( member=core_group, identity=self) if existing_membership: return existing_membership[0] # Ready to create new membership for this group if not allocation: allocation = Allocation.default_allocation() new_membership = IdentityMembership.objects.get_or_create( member=core_group, identity=self, allocation=allocation)[0] return new_membership
def share(self, core_group, quota=None): """ """ from core.models import IdentityMembership, Quota, Allocation existing_membership = IdentityMembership.objects.filter( member=core_group, identity=self) if existing_membership: return existing_membership[0] #Ready to create new membership for this group if not quota: quota = Quota.default_quota() allocation = Allocation.default_allocation() new_membership = IdentityMembership.objects.get_or_create( member=core_group, identity=self, quota=quota, allocation=allocation)[0] return new_membership
def share(self, core_group, quota=None): """ """ from core.models import IdentityMembership, ProviderMembership, Quota, Allocation existing_membership = IdentityMembership.objects.filter(member=core_group, identity=self) if existing_membership: return existing_membership[0] # User does not already have membership - Check for provider membership prov_membership = ProviderMembership.objects.filter(member=core_group, provider=self.provider) if not prov_membership: raise Exception("Cannot share identity membership before the" " provider is shared") # Ready to create new membership for this group if not quota: quota = Quota.default_quota() allocation = Allocation.default_allocation() new_membership = IdentityMembership.objects.get_or_create( member=core_group, identity=self, quota=quota, allocation=allocation )[0] return new_membership
def monthly_allocation_reset(): """ This task contains logic related to: * Providers whose allocations should be reset on the first of the month * Which Allocation will be used as 'default' """ default_allocation = Allocation.default_allocation() provider_locations = None # ensure a 'set' settings value if hasattr(settings, 'MONTHLY_RESET_PROVIDER_LOCATIONS'): provider_locations = settings.MONTHLY_RESET_PROVIDER_LOCATIONS else: raise Exception("settings.MONTHLY_RESET_PROVIDER_LOCATIONS has not been set. SKIPPING the monthly allocation reset.") # Ensure settings value is a list if not provider_locations or not isinstance(provider_locations, list): raise Exception("Expected a list ([]) of provider locations to receive a monthly reset") for location in provider_locations: provider = Provider.objects.get(location=location) reset_provider_allocation.apply_async( args=[ provider.id, default_allocation.id]) return
def create_identity(cls, username, provider_location, quota=None, max_quota=False, account_admin=False, **kwarg_creds): """ Create new User/Group & Identity for given provider_location NOTES: * kwargs prefixed with 'cred_' will be collected as credentials * Can assign optional flags: + max_quota - Assign the highest quota available, rather than default. + account_admin - Private Clouds only - This user should have ALL permissions including: * Image creation (Glance) * Account creation (Keystone) * Access to ALL instances launched over ALL users Atmosphere will run fine without an account_admin, but the above features will be disabled. """ # Do not move up. ImportError. from core.models import Group, Credential, Quota,\ Provider, AccountProvider, Allocation,\ IdentityMembership provider = Provider.objects.get(location__iexact=provider_location) credentials = {} for (c_key, c_value) in kwarg_creds.items(): if 'cred_' not in c_key.lower(): continue c_key = c_key.replace('cred_', '') credentials[c_key] = c_value (user, group) = Group.create_usergroup(username) # NOTE: This specific query will need to be modified if we want # 2+ Identities on a single provider id_membership = IdentityMembership.objects.filter( member__name=user.username, identity__provider=provider, identity__created_by__username=user.username) if not id_membership: default_allocation = Allocation.default_allocation() # 1. Create an Identity Membership # DEV NOTE: I have a feeling that THIS line will mean # creating a secondary identity for a user on a given # provider will be difficult. We need to find a better # workflow here.. try: identity = Identity.objects.get(created_by=user, provider=provider) except Identity.DoesNotExist: new_uuid = uuid4() identity = Identity.objects.create( created_by=user, provider=provider, uuid=str(new_uuid)) id_membership = IdentityMembership.objects.get_or_create( identity=identity, member=group, allocation=default_allocation, quota=Quota.default_quota()) # Either first in list OR object from two-tuple.. Its what we need. id_membership = id_membership[0] # ID_Membership exists. # 2. Make sure that all kwargs exist as credentials # NOTE: Because we assume only one identity per provider # We can add new credentials to # existing identities if missing.. # In the future it will be hard to determine when we want to # update values on an identity Vs. create a second, new # identity. for (c_key, c_value) in credentials.items(): test_key_exists = Credential.objects.filter( identity=id_membership.identity, key=c_key) if test_key_exists: logger.info("Conflicting Key Error: Key:%s Value:%s " "Replacement:%s" % (c_key, c_value, test_key_exists[0].value)) # No Dupes... But should we really throw an Exception here? continue Credential.objects.get_or_create( identity=id_membership.identity, key=c_key, value=c_value)[0] # 3. Assign a different quota, if requested if quota: id_membership.quota = quota id_membership.allocation = None id_membership.save() elif max_quota: quota = Quota.max_quota() id_membership.quota = quota id_membership.allocation = None id_membership.save() if account_admin: admin = AccountProvider.objects.get_or_create( provider=id_membership.identity.provider, identity=id_membership.identity)[0] # 5. Save the user to activate profile on first-time use user.save() # Return the identity return id_membership.identity
def create_identity(cls, username, provider_location, quota=None, max_quota=False, account_admin=False, **kwarg_creds): """ Create new User/Group & Identity for given provider_location NOTES: * kwargs prefixed with 'cred_' will be collected as credentials * Can assign optional flags: + max_quota - Assign the highest quota available, rather than default. + account_admin - Private Clouds only - This user should have ALL permissions including: * Image creation (Glance) * Account creation (Keystone) * Access to ALL instances launched over ALL users Atmosphere will run fine without an account_admin, but the above features will be disabled. """ #Do not move up. ImportError. from core.models import Group, Credential, Quota,\ Provider, AccountProvider, Allocation,\ IdentityMembership provider = Provider.objects.get(location__iexact=provider_location) credentials = {} for (c_key, c_value) in kwarg_creds.items(): if 'cred_' not in c_key.lower(): continue c_key = c_key.replace('cred_', '') credentials[c_key] = c_value (user, group) = Group.create_usergroup(username) #NOTE: This specific query will need to be modified if we want # 2+ Identities on a single provider id_membership = IdentityMembership.objects.filter( member__name=user.username, identity__provider=provider, identity__created_by__username=user.username) if not id_membership: default_allocation = Allocation.default_allocation() #1. Create an Identity Membership #DEV NOTE: I have a feeling that THIS line will mean # creating a secondary identity for a user on a given # provider will be difficult. We need to find a better # workflow here.. try: identity = Identity.objects.get(created_by=user, provider=provider) except Identity.DoesNotExist: new_uuid = uuid4() identity = Identity.objects.create(created_by=user, provider=provider, uuid=str(new_uuid)) #Two-tuple, (Object, created) id_membership = IdentityMembership.objects.get_or_create( identity=identity, member=group, allocation=default_allocation, quota=Quota.default_quota()) #Either first in list OR object from two-tuple.. Its what we need. id_membership = id_membership[0] #ID_Membership exists. #2. Make sure that all kwargs exist as credentials # NOTE: Because we assume only one identity per provider # We can add new credentials to # existing identities if missing.. # In the future it will be hard to determine when we want to # update values on an identity Vs. create a second, new # identity. for (c_key, c_value) in credentials.items(): test_key_exists = Credential.objects.filter( identity=id_membership.identity, key=c_key) if test_key_exists: logger.info("Conflicting Key Error: Key:%s Value:%s " "Replacement:%s" % (c_key, c_value, test_key_exists[0].value)) #No Dupes... But should we really throw an Exception here? continue Credential.objects.get_or_create(identity=id_membership.identity, key=c_key, value=c_value)[0] #3. Assign a different quota, if requested if quota: id_membership.quota = quota id_membership.allocation = None id_membership.save() elif max_quota: quota = Quota.max_quota() id_membership.quota = quota id_membership.allocation = None id_membership.save() if account_admin: admin = AccountProvider.objects.get_or_create( provider=id_membership.identity.provider, identity=id_membership.identity)[0] #5. Save the user to activate profile on first-time use user.save() #Return the identity return id_membership.identity