def _get_ks_client(self):
return ksclient.Client(session=self.token_helper.get_domain_session(),
endpoint_type=get_conf("services.endpoint_type",
default="internalURL"),
interface=get_conf("services.interface",
default="internal"),
user_agent=api.USER_AGENT)
def get_auth_url(version='v3'):
"""
Get default url from config file
:return:
"""
url = get_conf("keystone.private_url")
if url is None:
url = '%s://%s:%d' % (get_conf("keystone.protocol"),
get_conf("keystone.host"),
get_conf("keystone.public_port"))
return '%s/%s' % (url, version)
def verify():
global warnings_filtered
# Perform SSL verification unless explicitly configured otherwise
insecure = get_conf("insecure")
verify = False if insecure else get_conf("keystone.cacert")
# If SSL verification is turned off, just log the insecure warning once
# instead of repeating it ad nauseum. Use warnings_filtered
# boolean to avoid repeatedly adding a filter to the warnings system
if not verify and not warnings_filtered:
warnings.filterwarnings("once", category=InsecureRequestWarning)
warnings_filtered = True
return verify
def get_plugins(self):
"""
Gets the list of BLL plugin names whose dependent services are
available. If monasca-transform information is present in
the config file, then ``monasca-transform`` will also be returned.
Request format::
"target": "catalog",
"operation": "get_plugins"
:return: List of BLL plugin names. For example::
[ "ace", "catalog", "monasca-transform", "monitor" ]
"""
available = self._get_services()
mgr = stevedore.extension.ExtensionManager(
'bll.plugins', on_load_failure_callback=on_load_failures)
plugins = []
for ext in mgr:
if ext.plugin.is_available(available):
plugins.append(ext.name)
# monasca-transform components will not show up in keystone's list of
# services, so search for it's existence in config's services
if get_conf('services.monasca.components.monasca-transform'):
plugins.append('monasca-transform')
return sorted(plugins)
def _get_services(self):
client = ksclient.Client(session=self.token_helper.get_session(),
endpoint_type=get_conf(
"services.endpoint_type",
default="internalURL"),
interface=get_conf("services.interface",
default="internal"),
user_agent=api.USER_AGENT,
verify=not get_conf("insecure"))
services = []
for svc in client.services.list():
services.append(svc.name)
services.append(svc.type)
return services
def _get_ironic_client(self, region=None, url=None, **kwargs):
return ironic_client.get_client(1,
os_auth_token=self.token,
ironic_url=url,
os_region_name=region,
user_agent=api.USER_AGENT,
insecure=get_conf("insecure"))
def _get_eon_client(self):
eon_endpoint = self.token_helper.get_service_endpoint(ENDPOINT_TYPE)
return eon_client.get_client('2',
os_token=self.token,
eon_url=eon_endpoint,
insecure=get_conf("insecure"),
user_agent=api.USER_AGENT)
def _request(self,
relative_path,
query_params=None,
body=None,
action='GET'):
url = "/".join([self.base_url, relative_path.strip('/')])
if isinstance(body, dict):
body = json.dumps(body)
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'X-Auth-Token': self.token,
'User-Agent': api.USER_AGENT
}
response = requests.request(action,
url,
params=query_params,
data=body,
headers=headers,
verify=not get_conf("insecure"))
if 400 <= response.status_code < 600:
# Raise an exception if not found. The content has the error
# message to return
try:
message = response.json()['message']
except Exception:
message = response.content
raise Exception(message)
return response.json()
def get_endpoints(self,
service_type,
region=None,
endpoint_type=get_conf("services.endpoint_type",
default="internalURL")):
"""
Returns a list of unique internal service endpoint(s) for the given
service type and region. If no region is specified, keystone will
capture the unique endpoints across regions. If two regions
share the same URL, then only one will be returned. For example,
if keystone contains 3 endpoints for service x:
[ { 'region:'1', 'service_type':'x', 'url':'http://y' },
{ 'region:'2', 'service_type':'x', 'url':'http://y' }]
then only one entry will be returned since they share a common URL:
[ { 'region:'1', 'service_type':'x', 'url':'http://y' }]
"""
auth_ref = get_appropriate_auth_ref(self.token)
urls = auth_ref.service_catalog.get_endpoints(
service_type=service_type,
endpoint_type=endpoint_type,
region_name=region)
if not urls or not urls[service_type]:
return []
# Return only one endpoint per unique URL
return {u['url']: u for u in urls[service_type]}.values()
def get_regions(self):
"""
Obtain a list of regions available in the current environment.
"""
client = ksclient3.Client(session=self.get_session(),
endpoint_type=get_conf(
"services.endpoint_type",
default="internalURL"),
user_agent=USER_AGENT)
return client.regions.list()
def __init__(self, *args, **kwargs):
"""
Initializer for the Cinder Client Service
"""
super(CinderSvc, self).__init__(*args, **kwargs)
self.cinder_client = cinderclient.Client(
session=self.token_helper.get_session(),
endpoint_type=get_conf("services.endpoint_type",
default="internalURL"),
user_agent=api.USER_AGENT)
def _get_nova_client(self, region=None, **kwargs):
try:
return novaclient.Client("2",
session=self.token_helper.get_session(),
endpoint_type=get_conf(
"services.endpoint_type",
default="internalURL"),
region_name=region,
user_agent=api.USER_AGENT)
except Exception as e:
LOG.error("Error creating nova client : %s ", e)
raise requests.exceptions.HTTPError(e.message)
def _get_monasca_client(self):
"""
Build the monasca client
"""
monasca_url = self.token_helper.get_service_endpoint('monitoring')
# All monasca data is stored in the admin project, so get a token
# to that project
token = self.token_helper.get_token_for_project('admin')
return msclient.Client(api_version,
monasca_url,
token=token,
insecure=get_conf("insecure"),
user_agent=api.USER_AGENT)
def _get_eon_client(self):
eon_url = self.token_helper.get_service_endpoint(EON_ENDPOINT_TYPE)
if not eon_url:
return
try:
# This import cannot be at the top of this file, or it makes
# the whole file dependent on the presence of eon, but eon is
# supposed to be optional for this service
from eonclient import client as eon_client
return eon_client.get_client('2',
os_token=self.token,
eon_url=eon_url,
user_agent=api.USER_AGENT,
insecure=get_conf("insecure"))
except ImportError:
pass
def get_service_endpoint(self,
service_type,
endpoint_type=get_conf("services.endpoint_type",
default="internalURL"),
region=None):
"""
Get the internal service endpoint for the given service type. In a
multi-region environment where no region is passed, only a single
endpoint will be returned.
"""
auth_ref = get_appropriate_auth_ref(self.token)
try:
return auth_ref.service_catalog.url_for(
service_type=service_type,
endpoint_type=endpoint_type,
region_name=region)
except exceptions.EndpointNotFound:
pass
def _get_service_topo(self, path):
"""
Gets the requested section from service_topology.yml in
the config file and if it doesn't succeed, try to get it from
ardana service
"""
# First try getting it from the config file (blazingly fast)
comp_topo = get_conf(path)
if comp_topo:
return comp_topo
else:
# Otherwise, try getting it from ardana service (pretty slow)
services = self.call_service(
target='ardana',
operation='do_path_operation',
data={'path': '/model/cp_output/service_topology.yml'})
for key in path.split('.'):
services = services.get(key, {})
return services
def _get_monasca_client(self):
"""
Build the monasca client
"""
monasca_url = self.token_helper.get_service_endpoint('monitoring')
keystone_url = self.token_helper.get_service_endpoint(
'identity') + 'v3'
# All monasca data is stored in the admin project, so get a token
# to that project
token = self.token_helper.get_token_for_project('admin')
return client.Client(api_version=api_version,
endpoint=monasca_url,
token=token,
auth_url=keystone_url,
project_name='admin',
project_domain_name='Default',
insecure=get_conf("insecure"),
user_agent=api.USER_AGENT)
def _get_eon_client(self, region=None, url=None):
return eonclient.get_client('2', os_token=self.token, eon_url=url,
user_agent=api.USER_AGENT,
insecure=get_conf("insecure"))
# is run and whose number of entries is not going to continue to grow. These
# items are not specific to the logged in user.
#
# The "session" cache contains items that are tied to keystone sessions,
# and the region's timeout is set to match keystone's (4 hours). After
# the expiration time is hit, dogpile will not return the value from the cache,
# but will trigger the function to run and re-obtain its values. The
# in-memory backends supplied by dogpile do not actually delete expired
# entries from the cache, so a separate thread is spawned to periodically
# clean these up to avoid runaway memory usage.
#
static = make_region(
key_mangler=sha1_mangle_key).configure('dogpile.cache.memory')
cache = {}
cache_expiration = get_conf('cache_expiration', 14400) # 4 hours
# session = make_region(key_mangler=sha1_mangle_key).configure(
session_cache = make_region().configure('dogpile.cache.memory',
expiration_time=cache_expiration,
arguments={"cache_dict": cache})
start_cache_cleaner(cache, cache_expiration, "SessionCacheCleaner")
def login(username, password, domain='Default'):
"""
Perform the initial login to the BLL, using the given credentials. This
uses the "normal" keystone workflow of:
- Connecting to keystone and obtain an unscoped token (not scoped to any
particular project or domain)
- Get a list of projects available to the given user
