def write_rest(): PASSWORD = '******' AUTH_URL = 'http://10.50.2.123:5000/v2.0' USERNAME = '******' TENANT_NAME = 'admin' auth = keystoneclient.auth.identity.v2.Password(auth_url=AUTH_URL, username=USERNAME, password=PASSWORD, tenant_name=TENANT_NAME) session = keystoneclient.session.Session(auth=auth) congress = client.Client(session=session, auth=None, interface='publicURL', service_type='policy', region_name='RegionOne') script_dir = os.path.dirname(os.path.realpath(__file__)) logfile = script_dir + '/log_os_connect.log' logf = open(logfile, 'a') logf.write(str(datetime.datetime.today()) + '\n') logf.write(str(congress.list_datasources()) + '\n') logf.write(str(datetime.datetime.today()) + '\n') logf.write('\n==================================\n') logf.close
def init_collectd(self): write_debug( "Compute node collectd monitor start at %s\n\n" % datetime.now().isoformat(), "w", self.compute_user) if self.inspector_type == 'sample': self.inspector_url = ('http://%s:12345/events' % self.control_ip) elif self.inspector_type == 'congress': loader = loading.get_plugin_loader('password') self.auth = loader.load_from_options( auth_url=self.os_auth_url, username=self.os_username, password=self.os_password, project_name=self.os_project_name, user_domain_name=self.os_user_domain_name, user_domain_id=self.os_user_domain_id, project_domain_name=self.os_project_domain_name, project_domain_id=self.os_project_domain_id) self.sess = session.Session(auth=self.auth) congress = client.Client(session=self.sess, service_type='policy') ds = congress.list_datasources()['results'] doctor_ds = next( (item for item in ds if item['driver'] == 'doctor'), None) congress_endpoint = \ congress.httpclient.get_endpoint(auth=self.auth) self.inspector_url = ('%s/v1/data-sources/%s/tables/events/rows' % (congress_endpoint, doctor_ds['id'])) else: sys.exit() self.start_notifications = 1
def congress_client(): auth = keystoneclient.auth.identity.v2.Password( auth_url=CONF.identity.uri, username=CONF.identity.admin_username, password=CONF.identity.admin_password, tenant_name=CONF.identity.admin_tenant_name) session = keystoneclient.session.Session(auth=auth) return cclient.Client(session=session, service_type='policy')
def _create_client(self): if not congress_client: # congress client was not imported raise ImportError("Import congresscliet error") return congress_client.Client( **auth_utils.get_session_client_parameters( service_type='policy', execution_session=self._execution_session))
def factory(keystone_client, auth_token): auth = keystoneclient.auth.identity.v2.Token( auth_url=cfg.CONF.keystone_authtoken.auth_uri, tenant_name=keystone_client.tenant_name, token=auth_token) session = keystoneclient.session.Session(auth=auth) return congress_client.Client(session=session, service_type='policy')
def congress_client(): auth = identity.v3.Password( auth_url=CONF.identity.uri_v3, username=CONF.auth.admin_username, password=CONF.auth.admin_password, project_name=CONF.auth.admin_project_name, user_domain_name=CONF.auth.admin_domain_name, project_domain_name=CONF.auth.admin_domain_name) session = ksasession.Session(auth=auth) return cclient.Client(session=session, service_type='policy')
def create_client(self, port_num): creds = self.admin_credentials() auth = keystoneclient.auth.identity.v2.Password( auth_url=CONF.identity.uri, username=creds.username, password=creds.password, tenant_name=creds.tenant_name) session = keystoneclient.session.Session(auth=auth) return congress_client.Client( session=session, auth=None, endpoint_override='http://127.0.0.1:%d' % port_num, region_name=CONF.identity.region)
def _get_congress_client(): auth_url = 'http://16.111.37.119:5000/v2.0' auth = keystoneclient.auth.identity.v2.Password( auth_url="http://16.111.37.119:5000/v2.0", username="******", password="******", tenant_name="admin") session = keystoneclient.session.Session(auth=auth) return client.Client(session=session, auth=None, interface='publicURL', service_type='policy', region_name='RegionOne')
def congressclient(request): """Instantiate Congress client.""" auth_url = getattr(settings, 'OPENSTACK_KEYSTONE_URL') user = request.user session = get_keystone_session(auth_url, user) region_name = user.services_region kwargs = { 'session': session, 'auth': None, 'interface': 'publicURL', 'service_type': 'policy', 'region_name': region_name } return congress_client.Client(**kwargs)
def _get_congress_client(self): auth_url = '%s/v2.0' % (cfg.CONF.keystone_authtoken.auth_uri) # auth_url='%s/v2.0'%(cfg.CONF.congress_driver.auth_uri) auth = keystoneclient.auth.identity.v2.Password( auth_url=auth_url, username=cfg.CONF.congress_driver.congress_username, password=cfg.CONF.congress_driver.congress_password, tenant_name=cfg.CONF.congress_driver.congress_tenant) session = keystoneclient.session.Session(auth=auth) return client.Client(session=session, auth=None, interface='publicURL', service_type='policy', region_name='RegionOne')
def _get_congress_client (): #auth_url='%s/v2.0'%(cfg.CONF.keystone_authtoken.auth_uri) auth_url='http://16.111.37.119:5000/v2.0' auth = keystoneclient.auth.identity.v2.Password( auth_url="http://16.111.37.119:5000/v2.0", username="******", password="******", tenant_name="admin") #auth_url=auth_url, #username=cfg.CONF.congress_driver.congress_username, #password=cfg.CONF.congress_driver.congress_password, #tenant_name=cfg.CONF.congress_driver.congress_tenant) session = keystoneclient.session.Session(auth=auth) return client.Client(session=session, auth=None, interface='publicURL', service_type='policy', region_name='RegionOne')
def configure(self, conf): for node in conf.children: if node.key == "Username": username = node.values[0] elif node.key == "Password": password = node.values[0] elif node.key == "TenantName": tenant = node.values[0] elif node.key == "AuthURL": auth_url = node.values[0] auth = keystoneclient.auth.identity.v2.Password( auth_url=auth_url, username=username, password=password, tenant_name=tenant) session = keystoneclient.session.Session(auth=auth) self.congress = client.Client(session=session, auth=None, interface='publicURL', service_type='policy', region_name='regionOne')
def congressclient(request): """Instantiate Congress client.""" auth_url = base.url_for(request, 'identity') user = request.user auth = keystoneclient.auth.identity.v2.Token(auth_url, user.token.id, tenant_id=user.tenant_id, tenant_name=user.tenant_name) session = keystoneclient.session.Session(auth=auth) region_name = user.services_region kwargs = { 'session': session, 'auth': None, 'interface': 'publicURL', 'service_type': 'policy', 'region_name': region_name } return congress_client.Client(**kwargs)
def __init__(self, args): if args.inspector_type not in SUPPORTED_INSPECTOR_TYPES: raise Exception("Inspector type '%s' not supported", args.inspector_type) self.hostname = args.hostname self.inspector_type = args.inspector_type self.ip_addr = args.ip or socket.gethostbyname(self.hostname) if self.inspector_type == 'sample': self.inspector_url = 'http://127.0.0.1:12345/events' elif self.inspector_type == 'congress': auth=identity_auth.get_identity_auth() self.session=session.Session(auth=auth) congress = client.Client(session=self.session, service_type='policy') ds = congress.list_datasources()['results'] doctor_ds = next((item for item in ds if item['driver'] == 'doctor'), None) congress_endpoint = congress.httpclient.get_endpoint(auth=auth) self.inspector_url = ('%s/v1/data-sources/%s/tables/events/rows' % (congress_endpoint, doctor_ds['id']))
def _initialize_tests(self): """Perform final initialization before tests get run.""" # Access the sentries for inspecting service units self.congress_sentry = self.d.sentry['congress'][0] self.percona_cluster_sentry = self.d.sentry['percona-cluster'][0] self.keystone_sentry = self.d.sentry['keystone'][0] self.rabbitmq_sentry = self.d.sentry['rabbitmq-server'][0] u.log.debug('openstack release val: {}'.format( self._get_openstack_release())) u.log.debug('openstack release str: {}'.format( self._get_openstack_release_string())) # Authenticate admin with keystone endpoint self.keystone_session, self.keystone = u.get_default_keystone_session( self.keystone_sentry, openstack_release=self._get_openstack_release()) self.congress = congress_client.Client(session=self.keystone_session, auth=None, interface='publicURL', service_type='policy', region_name='RegionOne')
# # Main Program: # if __name__ == "__main__": # Create the congress client Instance auth = keystoneclient.auth.identity.v2.Password( auth_url="http://16.111.37.119:5000/v2.0", username="******", password="******", tenant_name="admin") session = keystoneclient.session.Session(auth=auth) congress = client.Client(session=session, auth=None, interface='publicURL', service_type='policy', region_name='RegionOne') # API to create the lable trees given the label tree hierarchy conf file ltree_op = create_label_trees_from_tree_definitions (label_hierarchy_file) #print ltree_op # Display the label tree list for ltree_each in ltree_op: #print "\n#Label Tree for:", ltree_each['label_tree']['name'] print (ltree_each) # Create the Datalog messages given the label tree hierarchy conf file #create_datalog_policies (label_hierarchy_file)
def factory(keystone_client, auth_token): auth = access.AccessInfoPlugin(keystone_client.auth_ref) session = keystoneclient.session.Session(auth=auth) return congress_client.Client(session=session, service_type='policy')
def __call__(self, req): if req.environ['REQUEST_METHOD'] != 'POST': return self.application raw_path = req.environ['RAW_PATH_INFO'] if "metadata" in raw_path: return self.application if "servers/action" in raw_path: return self.application flavor_ref = json.loads(req.body)['server']['flavorRef'] token = req.environ['HTTP_X_AUTH_TOKEN'] tenant_name = req.environ['HTTP_X_TENANT_NAME'] CONF = cfg.CONF # obtain identity endpoint url url = CONF.keystone_authtoken.auth_url # obtain one of support keystone api versions raw_versions = keystoneclient.discover.available_versions(url, session=None) version = raw_versions[-1]['id'] # assemble auth_url auth_url = url + '/' + version auth = keystoneclient.auth.identity.v2.Token(auth_url=auth_url, token=token, tenant_name=tenant_name) session = keystoneclient.session.Session(auth=auth) congress = client.Client(session=session, auth=None, interface='publicURL', service_type='policy') # Aggregating resource usage within domain level domain = req.environ['HTTP_X_PROJECT_DOMAIN_NAME'] # obtain list of projects under this domain k3_client = ksv3client.Client(session=session) projects = k3_client.projects.list(domain=domain) # obtain list of hosts under each of these projects nova_c = nova.Client("2", session=session) ram_p = 0 disk_p = 0 cpus_p = 0 for project in projects: search_opts = { 'all_tenants': 1, 'tenant_id': project.id, } servers_p = nova_c.servers.list(search_opts=search_opts) # locate flavor of each host for server in servers_p: info = nova_c.servers.get(server=server) flavor_id = info._info['flavor']['id'] fd = nova_c.flavors.get(flavor=flavor_id) ram_p += fd.ram disk_p += fd.disk disk_p += fd.ephemeral cpus_p += fd.vcpus # incrementally add each type of resource # assemble query policy based on the data-usage # with memory_p, disk_p and cpus_p fd = nova_c.flavors.get(flavor=flavor_ref) ram_p += fd.ram disk_p += fd.disk disk_p += fd.ephemeral cpus_p += fd.vcpus domain_resource = ("(" + domain + "," + str(ram_p) + "," + str(disk_p) + "," + str(cpus_p) + ")") validation_result = congress.execute_policy_action( "classification", "simulate", False, True, { 'query': 'domain_resource_usage_exceeded (domain)', # this needs to be defined in congress server 'action_policy': 'nova_quota_action', 'sequence': 'domain_resource+' + domain_resource }) if validation_result["result"]: messages = validation_result["result"] if messages: result_str = "\n ".join(map(str, messages)) msg = _("quota is not sufficient for this VM deployment" ).format("\n " + result_str) LOG.error(msg) LOG.debug(messages) return webob.exc.HTTPUnauthorized(explanation=msg) else: LOG.info('Model valid') return self.application
def congress_client(session): return congressclient.Client(session=session, service_type='policy')