def wrap(self, *args, **kwargs):
try:
return method(self, *args, **kwargs)
except KamakiSSLError as ssle:
logger.debug('Kamaki SSL failed %s' % ssle)
logger.info(
'Kamaki SSL failed, fall back to certifi (mozilla certs)')
https.patch_with_certs(os.path.join(RESOURCES, 'cacert.pem'))
return method(self, *args, **kwargs)
def wrap(self, *args, **kwargs):
try:
return method(self, *args, **kwargs)
except KamakiSSLError as ssle:
logger.debug('Kamaki SSL failed %s' % ssle)
logger.info(
'Kamaki SSL failed, fall back to certifi (mozilla certs)')
https.patch_with_certs(os.path.join(RESOURCES, 'cacert.pem'))
return method(self, *args, **kwargs)
def __init__(self, config):
self.config = config
cloud_name = self.config.get('global', 'default_cloud')
self.auth_token = self.config.get_cloud(cloud_name, 'token')
cacerts_path = self.config.get('global', 'ca_certs')
https.patch_with_certs(cacerts_path)
auth_url = self.config.get_cloud(cloud_name, 'url')
auth = AstakosClient(auth_url, self.auth_token)
self.endpoints = dict(
astakos=auth_url,
cyclades=auth.get_endpoint_url(CycladesComputeClient.service_type),
network=auth.get_endpoint_url(CycladesNetworkClient.service_type),
plankton=auth.get_endpoint_url(ImageClient.service_type)
)
self.user_id = auth.user_info['id']
def main():
"""CLI entry point"""
# Check syntax
parser = argparse.ArgumentParser(description='Access your cloud keys')
parser.add_argument('--key-id', help='Get only a specific key')
parser.add_argument('--url',
help='Cloud authentication URL, can be set as OKPUB_URL env variable')
parser.add_argument('--token',
help='Cloud user token, can be set as OKPUB_TOKEN env variable')
parser.add_argument('--ca-certs',
help='Path to CA certificates for SSL, can be set as OKPUB_CA_CERTS '
'env variable')
parser.add_argument('--ignore-ssl',
action='store_true',
help='Ignore SSL (not recomended), ignores CA certificates path')
args = parser.parse_args()
url = args.url or OKPUB_URL
token = args.token or OKPUB_TOKEN
assert all([url, token]), 'Both URL and TOKEN required (-h for more)'
ca_certs = args.ca_certs or OKPUB_CA_CERTS
assert any([ca_certs, args.ignore_ssl]), (
'You should either set ca_certs or --ignore-ssl (-h for more)')
# Resolve SSL issue
from kamaki.clients.utils import https
if args.ignore_ssl:
https.patch_ignore_ssl()
else:
https.patch_with_certs(ca_certs)
# Initialize client
from okpub.client import KeyAPI
endpoint = KeyAPI.get_endpoint_url(url)
client = KeyAPI(endpoint, token)
# Get results and print
import json
from sys import stdout
if args.key_id:
r = client.get_public_key(args.key_id)
else:
r = client.list_public_keys()
stdout.write(json.dumps(r, indent=2))
stdout.write('\n')
stdout.flush()
def _kamaki_ssl(ignore_ssl=None):
"""Patch kamaki to use the correct CA certificates
Read kamaki's config file and decide if we are going to use
CA certificates and patch kamaki clients accordingly.
"""
config = kamaki_config.Config()
if ignore_ssl is None:
ignore_ssl = config.get("global", "ignore_ssl").lower() == "on"
ca_file = config.get("global", "ca_certs")
if ignore_ssl:
# Skip SSL verification
https.patch_ignore_ssl()
else:
# Use ca_certs path found in kamakirc
https.patch_with_certs(ca_file)
def _kamaki_ssl(ignore_ssl=None):
"""Patch kamaki to use the correct CA certificates
Read kamaki's config file and decide if we are going to use
CA certificates and patch kamaki clients accordingly.
"""
config = kamaki_config.Config()
if ignore_ssl is None:
ignore_ssl = config.get("global", "ignore_ssl").lower() == "on"
ca_file = config.get("global", "ca_certs")
if ignore_ssl:
# Skip SSL verification
https.patch_ignore_ssl()
else:
# Use ca_certs path found in kamakirc
https.patch_with_certs(ca_file)
def __init__(self, config, cloud=None, debug=False):
_setup_logging(debug, debug)
self.config = kamaki_config.Config(config)
self.cloud = cloud
if not self.cloud:
self.cloud = self.config.get("global", "default_cloud")
self.ignore_ssl = \
self.config.get("global", "ignore_ssl").lower() == "on"
self.ca_certs = \
self.config.get("global", "ca_certs")
https.patch_ignore_ssl(self.ignore_ssl)
if self.ca_certs is not None:
https.patch_with_certs(self.ca_certs)
self.auth_url = self.config.get_cloud(self.cloud, "url")
self.token = self.config.get_cloud(self.cloud, "token")
self.auth_client = AstakosClient(self.auth_url, self.token)
self.endpoints = None # lazyness
def run(settings):
"""Run the service"""
ldap_args = dict(ldap_url=settings.get('ldap_url'),
admin=settings.get('ldap_admin'),
password=settings.get('ldap_password'),
base_dn=settings.get('ldap_base_dn'))
pool_args = dict(
dbname=settings.get('pool_name'),
host=settings.get('pool_host'),
user=settings.get('pool_user'),
password=settings.get('pool_password'),
)
voms_args = dict([(k, v) for k, v in settings.items()
if k in ('voms_policy', 'voms_dir', 'ca_path',
'voms_api_lib')])
snf_certs = settings.get('snf_ca_certs', None)
vo_projects = settings.get('vo_projects', None)
if snf_certs:
https.patch_with_certs(snf_certs)
elif settings.get('snf_ignore_ssl', None):
https.patch_ignore_ssl()
snf_admin = identity.IdentityClient(settings['snf_auth_url'],
settings['snf_admin_token'])
snf_admin.authenticate()
server.ASTAVOMS_SERVER_SETTINGS.update(
dict(
ldap_args=ldap_args,
pool_args=pool_args,
vomsauth=authvoms.VomsAuth(**voms_args),
snf_admin=snf_admin,
vo_projects=vo_projects,
disable_voms_verification=settings.get(
'disable_voms_verification'),
))
server.app.config.from_object(server)
utils.setup_logger(server.logger,
debug=settings['debug'],
logfile=settings['logfile'])
server.app.run(host=settings.get('host'), port=settings.get('port'))
def patch_certs(cert_path=None):
"""
Patch http certificates or ignore_ssl() if no certificates ca be found
:param cert_path: Path to the certificate file
"""
if not defaults.CACERTS_DEFAULT_PATH:
if cert_path:
https.patch_with_certs(cert_path)
else:
try:
from ssl import get_default_verify_paths
cert_path = get_default_verify_paths().cafile or \
get_default_verify_paths().openssl_cafile
except:
pass
if cert_path:
https.patch_with_certs(cert_path)
else:
logger.warn("COULD NOT FIND ANY CERTIFICATES, PLEASE SET THEM IN YOUR "
".kamakirc global section, option ca_certs")
https.patch_ignore_ssl()
from kamaki.cli.config import Config
import tabulate
try:
from kamaki.clients.utils import https
if Config().getboolean('global', 'ignore_ssl'):
https.patch_ignore_ssl()
else:
ca_file = Config().get('global', 'ca_certs')
if ca_file is None:
raise ValueError("ca_certs cannot be None")
https.patch_with_certs(ca_file)
except ImportError:
pass
def get_cloud_names():
return [cloud[0] for cloud in Config().items("cloud")]
def get_cloud_credentials(cloud_name):
"""Get cloud credentials from kamaki configuration file."""
cloud = dict(Config().items("cloud")).get(cloud_name)
if cloud is None:
raise ValueError("Kamaki config file does not contain '%s' cloud." %
cloud_name)
return cloud["url"], cloud["token"]
def get_server_cloud(server_name):
"""Get the server cloud from the server name."""
def _init_session(arguments, is_non_api=False):
"""
:returns: cloud name
"""
_help = arguments['help'].value
global _debug
_debug = arguments['debug'].value
_verbose_with_data = arguments['verbose_with_data'].value
_verbose = arguments['verbose'].value or _verbose_with_data
_cnf = arguments['config']
_setup_logging(_debug, _verbose, _verbose_with_data)
if _help or is_non_api:
return None
# Patch https for SSL Authentication
ca_file = arguments['ca_file'].value or _cnf.get('global', 'ca_certs')
ignore_ssl = arguments['ignore_ssl'].value or (_cnf.get(
'global', 'ignore_ssl').lower() == 'on')
if ca_file:
try:
https.patch_with_certs(ca_file)
except https.SSLUnicodeError as sslu:
raise CLIError(
'Failed to set CA certificates file %s' % ca_file,
importance=2,
details=[
'SSL module cannot handle non-ascii file names',
'Check the file path and consider moving and renaming',
'To set the new CA certificates path',
' kamaki config set ca_certs CA_FILE',
sslu,
])
else:
warn = red('CA certifications path not set (insecure) ')
kloger.warning(warn)
https.patch_ignore_ssl(ignore_ssl)
_check_config_version(_cnf.value)
_colors = _cnf.value.get('global', 'colors')
if not (stdout.isatty() and _colors == 'on'):
remove_colors()
cloud = arguments['cloud'].value or _cnf.value.get(
'global', 'default_cloud') or os.environ.get(DEF_CLOUD_ENV)
if not cloud:
num_of_clouds = len(_cnf.value.keys('cloud'))
if num_of_clouds == 1:
cloud = _cnf.value.keys('cloud')[0]
elif num_of_clouds > 1:
raise CLIError(
'Found %s clouds but none of them is set as default' %
(num_of_clouds),
importance=2,
details=[
'Please, choose one of the following cloud names:',
', '.join(_cnf.value.keys('cloud')),
'To see all cloud settings:',
' kamaki config get cloud.<cloud name>',
'To set a default cloud:',
' kamaki config set default_cloud <cloud name>',
' or set the %s enviroment variable' % DEF_CLOUD_ENV,
'To pick a cloud for the current session, use --cloud:',
' kamaki --cloud=<cloud name> ...'
])
if cloud not in _cnf.value.keys('cloud'):
raise CLIError('No cloud%s is configured' %
((' "%s"' % cloud) if cloud else ''),
importance=3,
details=[
'To configure a new cloud "%s", find and set the' %
(cloud or '<cloud name>'),
'single authentication URL and token:',
' kamaki config set cloud.%s.url <URL>' %
(cloud or '<cloud name>'),
' kamaki config set cloud.%s.token <t0k3n>' %
(cloud or '<cloud name>')
])
auth_args = dict()
for term in ('url', 'token'):
try:
auth_args[term] = _cnf.get_cloud(cloud, term)
except KeyError or IndexError:
auth_args[term] = ''
if not auth_args[term]:
raise CLIError('No authentication %s provided for cloud "%s"' %
(term.upper(), cloud),
importance=3,
details=[
'Set a %s for cloud %s:' %
(term.upper(), cloud),
' kamaki config set cloud.%s.%s <%s>' %
(cloud, term, term.upper())
])
return cloud
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
import json
from kamaki.clients import ClientError
from kamaki.clients.astakos import AstakosClient
from kamaki.clients.cyclades import (CycladesComputeClient,
CycladesNetworkClient,
CycladesBlockStorageClient)
from kamaki.clients.utils import https
from soi.config import AUTH_URL, CA_CERTS
https.patch_with_certs(CA_CERTS)
try:
from soi.config import IGNORE_SSL
if IGNORE_SSL:
https.patch_ignore_ssl()
except ImportError:
pass
import webob.exc
# endpoints are offered auth-free, so no need for an admin token
ADMIN_TOKEN = ''
auth = AstakosClient(AUTH_URL, ADMIN_TOKEN)
endpoints = {'identity': AUTH_URL}
client_classes = {'identity': AstakosClient}
def _init_session(arguments, is_non_api=False):
"""
:returns: cloud name
"""
_help = arguments['help'].value
global _debug
_debug = arguments['debug'].value
_verbose = arguments['verbose'].value
_cnf = arguments['config']
_setup_logging(_debug, _verbose)
if _help or is_non_api:
return None
# Patch https for SSL Authentication
ca_file = arguments['ca_file'].value or _cnf.get('global', 'ca_certs')
ignore_ssl = arguments['ignore_ssl'].value or (
_cnf.get('global', 'ignore_ssl').lower() == 'on')
if ca_file:
try:
https.patch_with_certs(ca_file)
except https.SSLUnicodeError as sslu:
raise CLIError(
'Failed to set CA certificates file %s' % ca_file,
importance=2, details=[
'SSL module cannot handle non-ascii file names',
'Check the file path and consider moving and renaming',
'To set the new CA certificates path',
' kamaki config set ca_certs CA_FILE',
sslu, ])
else:
warn = red('CA certifications path not set (insecure) ')
kloger.warning(warn)
https.patch_ignore_ssl(ignore_ssl)
_check_config_version(_cnf.value)
_colors = _cnf.value.get('global', 'colors')
if not (stdout.isatty() and _colors == 'on'):
remove_colors()
cloud = arguments['cloud'].value or _cnf.value.get(
'global', 'default_cloud')
if not cloud:
num_of_clouds = len(_cnf.value.keys('cloud'))
if num_of_clouds == 1:
cloud = _cnf.value.keys('cloud')[0]
elif num_of_clouds > 1:
raise CLIError(
'Found %s clouds but none of them is set as default' % (
num_of_clouds),
importance=2, details=[
'Please, choose one of the following cloud names:',
', '.join(_cnf.value.keys('cloud')),
'To see all cloud settings:',
' kamaki config get cloud.<cloud name>',
'To set a default cloud:',
' kamaki config set default_cloud <cloud name>',
'To pick a cloud for the current session, use --cloud:',
' kamaki --cloud=<cloud name> ...'])
if cloud not in _cnf.value.keys('cloud'):
raise CLIError(
'No cloud%s is configured' % ((' "%s"' % cloud) if cloud else ''),
importance=3, details=[
'To configure a new cloud "%s", find and set the' % (
cloud or '<cloud name>'),
'single authentication URL and token:',
' kamaki config set cloud.%s.url <URL>' % (
cloud or '<cloud name>'),
' kamaki config set cloud.%s.token <t0k3n>' % (
cloud or '<cloud name>')])
auth_args = dict()
for term in ('url', 'token'):
try:
auth_args[term] = _cnf.get_cloud(cloud, term)
except KeyError or IndexError:
auth_args[term] = ''
if not auth_args[term]:
raise CLIError(
'No authentication %s provided for cloud "%s"' % (
term.upper(), cloud),
importance=3, details=[
'Set a %s for cloud %s:' % (term.upper(), cloud),
' kamaki config set cloud.%s.%s <%s>' % (
cloud, term, term.upper())])
return cloud
def __init__(self, auth_url, auth_token, container, local_root_path, *args,
**kwargs):
check_encoding()
auth_url = utils.to_unicode(auth_url)
auth_token = utils.to_unicode(auth_token)
container = utils.to_unicode(container)
local_root_path = utils.to_unicode(local_root_path)
self.auth_url = utils.normalize_standard_suffix(auth_url)
self.auth_token = auth_token
self.container = utils.normalize_standard_suffix(container)
self.ignore_ssl = kwargs.get("ignore_ssl", False)
if self.ignore_ssl:
https.patch_ignore_ssl()
elif kwargs.get('ca_certs', None):
https.patch_with_certs(kwargs['ca_certs'])
self.endpoint = self._get_pithos_client(auth_url, auth_token,
container)
container_exists = self.check_container_exists(container)
home_dir = utils.to_unicode(os.path.expanduser('~'))
default_settings_path = join_path(home_dir, GLOBAL_SETTINGS_NAME)
self.settings_path = utils.to_unicode(
kwargs.get("agkyra_path", default_settings_path))
self.create_dir(self.settings_path, mode=stat.S_IRWXU)
self.instances_path = join_path(self.settings_path, INSTANCES_NAME)
self.create_dir(self.instances_path)
self.local_root_path = utils.normalize_local_suffix(local_root_path)
local_root_path_exists = os.path.isdir(self.local_root_path)
self.cache_name = utils.to_unicode(
kwargs.get("cache_name", DEFAULT_CACHE_NAME))
self.cache_path = join_path(self.local_root_path, self.cache_name)
self.cache_hide_name = utils.to_unicode(
kwargs.get("cache_hide_name", DEFAULT_CACHE_HIDE_NAME))
self.cache_hide_path = join_path(self.cache_path, self.cache_hide_name)
self.cache_stage_name = utils.to_unicode(
kwargs.get("cache_stage_name", DEFAULT_CACHE_STAGE_NAME))
self.cache_stage_path = join_path(self.cache_path,
self.cache_stage_name)
self.cache_fetch_name = utils.to_unicode(
kwargs.get("cache_fetch_name", DEFAULT_CACHE_FETCH_NAME))
self.cache_fetch_path = join_path(self.cache_path,
self.cache_fetch_name)
self.user_id = self.endpoint.account
self.instance = get_instance([
self.auth_url, self.user_id, self.container, self.local_root_path
])
self.instance_path = join_path(self.instances_path, self.instance)
self.create_dir(self.instance_path)
self.dbname = utils.to_unicode(kwargs.get("dbname", DEFAULT_DBNAME))
self.full_dbname = join_path(self.instance_path, self.dbname)
self.syncer_dbtuple = common.DBTuple(dbtype=database.SyncerDB,
dbname=self.full_dbname)
db_existed = os.path.isfile(self.full_dbname)
if not db_existed:
database.initialize(self.syncer_dbtuple)
self.mtime_lag = 0
self.case_insensitive = False
if not db_existed:
self.set_localfs_enabled(True)
self.create_local_dirs()
self.set_pithos_enabled(True)
if not container_exists:
self.mk_container(container)
else:
if not local_root_path_exists:
self.set_localfs_enabled(False)
else:
self.create_local_dirs()
if not container_exists:
self.set_pithos_enabled(False)
self.heartbeat = ThreadSafeDict()
self.action_max_wait = kwargs.get("action_max_wait",
DEFAULT_ACTION_MAX_WAIT)
self.pithos_list_interval = kwargs.get("pithos_list_interval",
DEFAULT_PITHOS_LIST_INTERVAL)
self.connection_retry_limit = kwargs.get(
"connection_retry_limit", DEFAULT_CONNECTION_RETRY_LIMIT)
self.endpoint.CONNECTION_RETRY_LIMIT = self.connection_retry_limit
self.max_alive_sync_threads = kwargs.get(
"max_alive_sync_threads", DEFAULT_MAX_ALIVE_SYNC_THREADS)
self.messager = Messager()
admin=settings.get('ldap_admin'),
password=settings.get('ldap_password'),
base_dn=settings.get('ldap_base_dn'))
pool_args = dict(
dbname=settings.get('pool_name'),
host=settings.get('pool_host'),
user=settings.get('pool_user'),
password=settings.get('pool_password'),
)
voms_args = dict([(k, v) for k, v in settings.items()
if k in ('voms_policy', 'voms_dir', 'ca_path',
'voms_api_lib')])
snf_certs = settings.get('snf_ca_certs', None)
if snf_certs:
https.patch_with_certs(snf_certs)
elif settings.get('snf_ignore_ssl', None):
https.patch_ignore_ssl()
snf_admin = identity.IdentityClient(settings['snf_auth_url'],
settings['snf_admin_token'])
snf_admin.authenticate()
vo_projects = settings.get('vo_projects', '/etc/astavoms/vo_projects.json')
server.ASTAVOMS_SERVER_SETTINGS.update(
dict(
ldap_args=ldap_args,
pool_args=pool_args,
vomsauth=authvoms.VomsAuth(**voms_args),
snf_admin=snf_admin,
vo_projects=vo_projects,
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
# The views and conclusions contained in the software and
# documentation are those of the authors and should not be
# interpreted as representing official policies, either expressed
# or implied, of GRNET S.A.
from kamaki.cli.config import Config
from kamaki.clients import astakos, cyclades, ClientError
from kamaki.clients.utils import https
https.patch_with_certs('/etc/ssl/certs/ca-certificates.crt')
cnf = Config()
CLOUD = cnf.get('global', 'default_cloud')
URL = cnf.get_cloud(CLOUD, 'url')
TOKEN = cnf.get_cloud(CLOUD, 'token')
identity_client = astakos.CachedAstakosClient(URL, TOKEN)
computeURL = identity_client.get_endpoint_url(
cyclades.CycladesComputeClient.service_type)
compute_client = cyclades.CycladesComputeClient(computeURL, TOKEN)
img = dict(id='10b79e4d-9362-4f30-9223-3105c9a84bce')
srv_name = raw_input('Server name: ')
flv = compute_client.get_flavor_details(raw_input('Flavor id: '))
srv = compute_client.create_server(srv_name,
def __init__(self, auth_url, auth_token, container, local_root_path,
*args, **kwargs):
check_encoding()
auth_url = utils.to_unicode(auth_url)
auth_token = utils.to_unicode(auth_token)
container = utils.to_unicode(container)
local_root_path = utils.to_unicode(local_root_path)
self.auth_url = utils.normalize_standard_suffix(auth_url)
self.auth_token = auth_token
self.container = utils.normalize_standard_suffix(container)
self.ignore_ssl = kwargs.get("ignore_ssl", False)
if self.ignore_ssl:
https.patch_ignore_ssl()
elif kwargs.get('ca_certs', None):
https.patch_with_certs(kwargs['ca_certs'])
self.endpoint = self._get_pithos_client(
auth_url, auth_token, container)
container_exists = self.check_container_exists(container)
home_dir = utils.to_unicode(os.path.expanduser('~'))
default_settings_path = join_path(home_dir, GLOBAL_SETTINGS_NAME)
self.settings_path = utils.to_unicode(
kwargs.get("agkyra_path", default_settings_path))
self.create_dir(self.settings_path, mode=stat.S_IRWXU)
self.instances_path = join_path(self.settings_path, INSTANCES_NAME)
self.create_dir(self.instances_path)
self.local_root_path = utils.normalize_local_suffix(local_root_path)
local_root_path_exists = os.path.isdir(self.local_root_path)
self.cache_name = utils.to_unicode(
kwargs.get("cache_name", DEFAULT_CACHE_NAME))
self.cache_path = join_path(self.local_root_path, self.cache_name)
self.cache_hide_name = utils.to_unicode(
kwargs.get("cache_hide_name", DEFAULT_CACHE_HIDE_NAME))
self.cache_hide_path = join_path(self.cache_path, self.cache_hide_name)
self.cache_stage_name = utils.to_unicode(
kwargs.get("cache_stage_name", DEFAULT_CACHE_STAGE_NAME))
self.cache_stage_path = join_path(self.cache_path,
self.cache_stage_name)
self.cache_fetch_name = utils.to_unicode(
kwargs.get("cache_fetch_name", DEFAULT_CACHE_FETCH_NAME))
self.cache_fetch_path = join_path(self.cache_path,
self.cache_fetch_name)
self.user_id = self.endpoint.account
self.instance = get_instance(
[self.auth_url, self.user_id,
self.container, self.local_root_path])
self.instance_path = join_path(self.instances_path, self.instance)
self.create_dir(self.instance_path)
self.dbname = utils.to_unicode(kwargs.get("dbname", DEFAULT_DBNAME))
self.full_dbname = join_path(self.instance_path, self.dbname)
self.syncer_dbtuple = common.DBTuple(
dbtype=database.SyncerDB,
dbname=self.full_dbname)
db_existed = os.path.isfile(self.full_dbname)
if not db_existed:
database.initialize(self.syncer_dbtuple)
self.mtime_lag = 0
self.case_insensitive = False
if not db_existed:
self.set_localfs_enabled(True)
self.create_local_dirs()
self.set_pithos_enabled(True)
if not container_exists:
self.mk_container(container)
else:
if not local_root_path_exists:
self.set_localfs_enabled(False)
else:
self.create_local_dirs()
if not container_exists:
self.set_pithos_enabled(False)
self.heartbeat = ThreadSafeDict()
self.action_max_wait = kwargs.get("action_max_wait",
DEFAULT_ACTION_MAX_WAIT)
self.pithos_list_interval = kwargs.get("pithos_list_interval",
DEFAULT_PITHOS_LIST_INTERVAL)
self.connection_retry_limit = kwargs.get(
"connection_retry_limit", DEFAULT_CONNECTION_RETRY_LIMIT)
self.endpoint.CONNECTION_RETRY_LIMIT = self.connection_retry_limit
self.max_alive_sync_threads = kwargs.get(
"max_alive_sync_threads", DEFAULT_MAX_ALIVE_SYNC_THREADS)
self.messager = Messager()
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
# The views and conclusions contained in the software and
# documentation are those of the authors and should not be
# interpreted as representing official policies, either expressed
# or implied, of GRNET S.A.
from kamaki.cli.config import Config
from kamaki.clients import astakos, cyclades, ClientError
from kamaki.clients.utils import https
https.patch_with_certs('/etc/ssl/certs/ca-certificates.crt')
cnf = Config()
CLOUD = cnf.get('global', 'default_cloud')
URL = cnf.get_cloud(CLOUD, 'url')
TOKEN = cnf.get_cloud(CLOUD, 'token')
identity_client = astakos.CachedAstakosClient(URL, TOKEN)
computeURL = identity_client.get_endpoint_url(
cyclades.CycladesComputeClient.service_type)
compute_client = cyclades.CycladesComputeClient(computeURL, TOKEN)
volumeURL = identity_client.get_endpoint_url(
cyclades.CycladesBlockStorageClient.service_type)
volume_client = cyclades.CycladesBlockStorageClient(volumeURL, TOKEN)
srv = compute_client.get_server_details(454001)
def main():
"""Entry point for icaas-monitord"""
args = get_args()
manifest = read_manifest(args.manifest)
if 'status' not in manifest['service']:
sys.stderr.write('"status" is missing from the service section of the '
'manifest')
sys.exit(3)
if 'insecure' in manifest and manifest['insecure'].lower() == 'true':
verify = False
else:
verify = True
report = Report(manifest['service']['status'], verify=verify,
log=sys.stderr)
def missing_key(key, section):
"""missing key message"""
return "`%s' is missing from the `%s' section of the manifest" % \
(key, section)
# Validate the manifest
for key in 'url', 'token', 'log', 'status':
if key not in manifest['service']:
report.error(missing_key(key, 'service'))
sys.exit(3)
for key in 'url', 'name', 'object':
if key not in manifest['image']:
report.error(missing_key(key, 'image'))
sys.exit(3)
service = manifest['service']
try:
container, logname = service['log'].split('/', 1)
except ValueError:
report.error('Incorrect format for log entry in manifest file')
# Use the systems certificates
https.patch_with_certs(CERTS)
account = AstakosClient(service['url'], service['token'])
try:
account.authenticate()
except AstakosClientError as err:
report.error("Astakos: %s" % err)
sys.exit(3)
pithos = PithosClient(
account.get_service_endpoints('object-store')['publicURL'],
account.token, account.user_info['id'], container)
if args.daemonize:
daemon_context = daemon.DaemonContext(stdin=sys.stdin,
stdout=sys.stdout,
stderr=sys.stderr)
daemon_context.open()
with open(PID, 'w') as pid:
pid.write("%d\n" % os.getpid())
try:
# Export manifest to environment variables
for section in manifest:
for key, value in manifest[section].items():
name = "ICAAS_%s_%s" % (section.upper(), key.upper())
os.environ[name] = value
# Use SIGHUP to unblock from the sleep if necessary
signal.signal(signal.SIGHUP, lambda x, y: None)
if 'ICAAS_MONITOR_SIGSTOP' in os.environ:
# Tell service supervisor that we are ready.
syslog.syslog(
syslog.LOG_NOTICE, "Stopping with SIGSTOP as the "
"environment variable ICAAS_MONITOR_SIGSTOP is defined")
os.kill(os.getpid(), signal.SIGSTOP)
del os.environ['ICAAS_MONITOR_SIGSTOP']
if do_main_loop(args.interval, pithos, logname):
report.success()
else:
report.error("Image creation failed. Check the log for more info")
finally:
os.unlink(PID)
