def wrap(self, *args, **kwargs): try: return method(self, *args, **kwargs) except KamakiSSLError as ssle: logger.debug('Kamaki SSL failed %s' % ssle) logger.info( 'Kamaki SSL failed, fall back to certifi (mozilla certs)') https.patch_with_certs(os.path.join(RESOURCES, 'cacert.pem')) return method(self, *args, **kwargs)
def __init__(self, config): self.config = config cloud_name = self.config.get('global', 'default_cloud') self.auth_token = self.config.get_cloud(cloud_name, 'token') cacerts_path = self.config.get('global', 'ca_certs') https.patch_with_certs(cacerts_path) auth_url = self.config.get_cloud(cloud_name, 'url') auth = AstakosClient(auth_url, self.auth_token) self.endpoints = dict( astakos=auth_url, cyclades=auth.get_endpoint_url(CycladesComputeClient.service_type), network=auth.get_endpoint_url(CycladesNetworkClient.service_type), plankton=auth.get_endpoint_url(ImageClient.service_type) ) self.user_id = auth.user_info['id']
def main(): """CLI entry point""" # Check syntax parser = argparse.ArgumentParser(description='Access your cloud keys') parser.add_argument('--key-id', help='Get only a specific key') parser.add_argument('--url', help='Cloud authentication URL, can be set as OKPUB_URL env variable') parser.add_argument('--token', help='Cloud user token, can be set as OKPUB_TOKEN env variable') parser.add_argument('--ca-certs', help='Path to CA certificates for SSL, can be set as OKPUB_CA_CERTS ' 'env variable') parser.add_argument('--ignore-ssl', action='store_true', help='Ignore SSL (not recomended), ignores CA certificates path') args = parser.parse_args() url = args.url or OKPUB_URL token = args.token or OKPUB_TOKEN assert all([url, token]), 'Both URL and TOKEN required (-h for more)' ca_certs = args.ca_certs or OKPUB_CA_CERTS assert any([ca_certs, args.ignore_ssl]), ( 'You should either set ca_certs or --ignore-ssl (-h for more)') # Resolve SSL issue from kamaki.clients.utils import https if args.ignore_ssl: https.patch_ignore_ssl() else: https.patch_with_certs(ca_certs) # Initialize client from okpub.client import KeyAPI endpoint = KeyAPI.get_endpoint_url(url) client = KeyAPI(endpoint, token) # Get results and print import json from sys import stdout if args.key_id: r = client.get_public_key(args.key_id) else: r = client.list_public_keys() stdout.write(json.dumps(r, indent=2)) stdout.write('\n') stdout.flush()
def _kamaki_ssl(ignore_ssl=None): """Patch kamaki to use the correct CA certificates Read kamaki's config file and decide if we are going to use CA certificates and patch kamaki clients accordingly. """ config = kamaki_config.Config() if ignore_ssl is None: ignore_ssl = config.get("global", "ignore_ssl").lower() == "on" ca_file = config.get("global", "ca_certs") if ignore_ssl: # Skip SSL verification https.patch_ignore_ssl() else: # Use ca_certs path found in kamakirc https.patch_with_certs(ca_file)
def __init__(self, config, cloud=None, debug=False): _setup_logging(debug, debug) self.config = kamaki_config.Config(config) self.cloud = cloud if not self.cloud: self.cloud = self.config.get("global", "default_cloud") self.ignore_ssl = \ self.config.get("global", "ignore_ssl").lower() == "on" self.ca_certs = \ self.config.get("global", "ca_certs") https.patch_ignore_ssl(self.ignore_ssl) if self.ca_certs is not None: https.patch_with_certs(self.ca_certs) self.auth_url = self.config.get_cloud(self.cloud, "url") self.token = self.config.get_cloud(self.cloud, "token") self.auth_client = AstakosClient(self.auth_url, self.token) self.endpoints = None # lazyness
def run(settings): """Run the service""" ldap_args = dict(ldap_url=settings.get('ldap_url'), admin=settings.get('ldap_admin'), password=settings.get('ldap_password'), base_dn=settings.get('ldap_base_dn')) pool_args = dict( dbname=settings.get('pool_name'), host=settings.get('pool_host'), user=settings.get('pool_user'), password=settings.get('pool_password'), ) voms_args = dict([(k, v) for k, v in settings.items() if k in ('voms_policy', 'voms_dir', 'ca_path', 'voms_api_lib')]) snf_certs = settings.get('snf_ca_certs', None) vo_projects = settings.get('vo_projects', None) if snf_certs: https.patch_with_certs(snf_certs) elif settings.get('snf_ignore_ssl', None): https.patch_ignore_ssl() snf_admin = identity.IdentityClient(settings['snf_auth_url'], settings['snf_admin_token']) snf_admin.authenticate() server.ASTAVOMS_SERVER_SETTINGS.update( dict( ldap_args=ldap_args, pool_args=pool_args, vomsauth=authvoms.VomsAuth(**voms_args), snf_admin=snf_admin, vo_projects=vo_projects, disable_voms_verification=settings.get( 'disable_voms_verification'), )) server.app.config.from_object(server) utils.setup_logger(server.logger, debug=settings['debug'], logfile=settings['logfile']) server.app.run(host=settings.get('host'), port=settings.get('port'))
def patch_certs(cert_path=None): """ Patch http certificates or ignore_ssl() if no certificates ca be found :param cert_path: Path to the certificate file """ if not defaults.CACERTS_DEFAULT_PATH: if cert_path: https.patch_with_certs(cert_path) else: try: from ssl import get_default_verify_paths cert_path = get_default_verify_paths().cafile or \ get_default_verify_paths().openssl_cafile except: pass if cert_path: https.patch_with_certs(cert_path) else: logger.warn("COULD NOT FIND ANY CERTIFICATES, PLEASE SET THEM IN YOUR " ".kamakirc global section, option ca_certs") https.patch_ignore_ssl()
from kamaki.cli.config import Config import tabulate try: from kamaki.clients.utils import https if Config().getboolean('global', 'ignore_ssl'): https.patch_ignore_ssl() else: ca_file = Config().get('global', 'ca_certs') if ca_file is None: raise ValueError("ca_certs cannot be None") https.patch_with_certs(ca_file) except ImportError: pass def get_cloud_names(): return [cloud[0] for cloud in Config().items("cloud")] def get_cloud_credentials(cloud_name): """Get cloud credentials from kamaki configuration file.""" cloud = dict(Config().items("cloud")).get(cloud_name) if cloud is None: raise ValueError("Kamaki config file does not contain '%s' cloud." % cloud_name) return cloud["url"], cloud["token"] def get_server_cloud(server_name): """Get the server cloud from the server name."""
def _init_session(arguments, is_non_api=False): """ :returns: cloud name """ _help = arguments['help'].value global _debug _debug = arguments['debug'].value _verbose_with_data = arguments['verbose_with_data'].value _verbose = arguments['verbose'].value or _verbose_with_data _cnf = arguments['config'] _setup_logging(_debug, _verbose, _verbose_with_data) if _help or is_non_api: return None # Patch https for SSL Authentication ca_file = arguments['ca_file'].value or _cnf.get('global', 'ca_certs') ignore_ssl = arguments['ignore_ssl'].value or (_cnf.get( 'global', 'ignore_ssl').lower() == 'on') if ca_file: try: https.patch_with_certs(ca_file) except https.SSLUnicodeError as sslu: raise CLIError( 'Failed to set CA certificates file %s' % ca_file, importance=2, details=[ 'SSL module cannot handle non-ascii file names', 'Check the file path and consider moving and renaming', 'To set the new CA certificates path', ' kamaki config set ca_certs CA_FILE', sslu, ]) else: warn = red('CA certifications path not set (insecure) ') kloger.warning(warn) https.patch_ignore_ssl(ignore_ssl) _check_config_version(_cnf.value) _colors = _cnf.value.get('global', 'colors') if not (stdout.isatty() and _colors == 'on'): remove_colors() cloud = arguments['cloud'].value or _cnf.value.get( 'global', 'default_cloud') or os.environ.get(DEF_CLOUD_ENV) if not cloud: num_of_clouds = len(_cnf.value.keys('cloud')) if num_of_clouds == 1: cloud = _cnf.value.keys('cloud')[0] elif num_of_clouds > 1: raise CLIError( 'Found %s clouds but none of them is set as default' % (num_of_clouds), importance=2, details=[ 'Please, choose one of the following cloud names:', ', '.join(_cnf.value.keys('cloud')), 'To see all cloud settings:', ' kamaki config get cloud.<cloud name>', 'To set a default cloud:', ' kamaki config set default_cloud <cloud name>', ' or set the %s enviroment variable' % DEF_CLOUD_ENV, 'To pick a cloud for the current session, use --cloud:', ' kamaki --cloud=<cloud name> ...' ]) if cloud not in _cnf.value.keys('cloud'): raise CLIError('No cloud%s is configured' % ((' "%s"' % cloud) if cloud else ''), importance=3, details=[ 'To configure a new cloud "%s", find and set the' % (cloud or '<cloud name>'), 'single authentication URL and token:', ' kamaki config set cloud.%s.url <URL>' % (cloud or '<cloud name>'), ' kamaki config set cloud.%s.token <t0k3n>' % (cloud or '<cloud name>') ]) auth_args = dict() for term in ('url', 'token'): try: auth_args[term] = _cnf.get_cloud(cloud, term) except KeyError or IndexError: auth_args[term] = '' if not auth_args[term]: raise CLIError('No authentication %s provided for cloud "%s"' % (term.upper(), cloud), importance=3, details=[ 'Set a %s for cloud %s:' % (term.upper(), cloud), ' kamaki config set cloud.%s.%s <%s>' % (cloud, term, term.upper()) ]) return cloud
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED # AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. import json from kamaki.clients import ClientError from kamaki.clients.astakos import AstakosClient from kamaki.clients.cyclades import (CycladesComputeClient, CycladesNetworkClient, CycladesBlockStorageClient) from kamaki.clients.utils import https from soi.config import AUTH_URL, CA_CERTS https.patch_with_certs(CA_CERTS) try: from soi.config import IGNORE_SSL if IGNORE_SSL: https.patch_ignore_ssl() except ImportError: pass import webob.exc # endpoints are offered auth-free, so no need for an admin token ADMIN_TOKEN = '' auth = AstakosClient(AUTH_URL, ADMIN_TOKEN) endpoints = {'identity': AUTH_URL} client_classes = {'identity': AstakosClient}
def _init_session(arguments, is_non_api=False): """ :returns: cloud name """ _help = arguments['help'].value global _debug _debug = arguments['debug'].value _verbose = arguments['verbose'].value _cnf = arguments['config'] _setup_logging(_debug, _verbose) if _help or is_non_api: return None # Patch https for SSL Authentication ca_file = arguments['ca_file'].value or _cnf.get('global', 'ca_certs') ignore_ssl = arguments['ignore_ssl'].value or ( _cnf.get('global', 'ignore_ssl').lower() == 'on') if ca_file: try: https.patch_with_certs(ca_file) except https.SSLUnicodeError as sslu: raise CLIError( 'Failed to set CA certificates file %s' % ca_file, importance=2, details=[ 'SSL module cannot handle non-ascii file names', 'Check the file path and consider moving and renaming', 'To set the new CA certificates path', ' kamaki config set ca_certs CA_FILE', sslu, ]) else: warn = red('CA certifications path not set (insecure) ') kloger.warning(warn) https.patch_ignore_ssl(ignore_ssl) _check_config_version(_cnf.value) _colors = _cnf.value.get('global', 'colors') if not (stdout.isatty() and _colors == 'on'): remove_colors() cloud = arguments['cloud'].value or _cnf.value.get( 'global', 'default_cloud') if not cloud: num_of_clouds = len(_cnf.value.keys('cloud')) if num_of_clouds == 1: cloud = _cnf.value.keys('cloud')[0] elif num_of_clouds > 1: raise CLIError( 'Found %s clouds but none of them is set as default' % ( num_of_clouds), importance=2, details=[ 'Please, choose one of the following cloud names:', ', '.join(_cnf.value.keys('cloud')), 'To see all cloud settings:', ' kamaki config get cloud.<cloud name>', 'To set a default cloud:', ' kamaki config set default_cloud <cloud name>', 'To pick a cloud for the current session, use --cloud:', ' kamaki --cloud=<cloud name> ...']) if cloud not in _cnf.value.keys('cloud'): raise CLIError( 'No cloud%s is configured' % ((' "%s"' % cloud) if cloud else ''), importance=3, details=[ 'To configure a new cloud "%s", find and set the' % ( cloud or '<cloud name>'), 'single authentication URL and token:', ' kamaki config set cloud.%s.url <URL>' % ( cloud or '<cloud name>'), ' kamaki config set cloud.%s.token <t0k3n>' % ( cloud or '<cloud name>')]) auth_args = dict() for term in ('url', 'token'): try: auth_args[term] = _cnf.get_cloud(cloud, term) except KeyError or IndexError: auth_args[term] = '' if not auth_args[term]: raise CLIError( 'No authentication %s provided for cloud "%s"' % ( term.upper(), cloud), importance=3, details=[ 'Set a %s for cloud %s:' % (term.upper(), cloud), ' kamaki config set cloud.%s.%s <%s>' % ( cloud, term, term.upper())]) return cloud
def __init__(self, auth_url, auth_token, container, local_root_path, *args, **kwargs): check_encoding() auth_url = utils.to_unicode(auth_url) auth_token = utils.to_unicode(auth_token) container = utils.to_unicode(container) local_root_path = utils.to_unicode(local_root_path) self.auth_url = utils.normalize_standard_suffix(auth_url) self.auth_token = auth_token self.container = utils.normalize_standard_suffix(container) self.ignore_ssl = kwargs.get("ignore_ssl", False) if self.ignore_ssl: https.patch_ignore_ssl() elif kwargs.get('ca_certs', None): https.patch_with_certs(kwargs['ca_certs']) self.endpoint = self._get_pithos_client(auth_url, auth_token, container) container_exists = self.check_container_exists(container) home_dir = utils.to_unicode(os.path.expanduser('~')) default_settings_path = join_path(home_dir, GLOBAL_SETTINGS_NAME) self.settings_path = utils.to_unicode( kwargs.get("agkyra_path", default_settings_path)) self.create_dir(self.settings_path, mode=stat.S_IRWXU) self.instances_path = join_path(self.settings_path, INSTANCES_NAME) self.create_dir(self.instances_path) self.local_root_path = utils.normalize_local_suffix(local_root_path) local_root_path_exists = os.path.isdir(self.local_root_path) self.cache_name = utils.to_unicode( kwargs.get("cache_name", DEFAULT_CACHE_NAME)) self.cache_path = join_path(self.local_root_path, self.cache_name) self.cache_hide_name = utils.to_unicode( kwargs.get("cache_hide_name", DEFAULT_CACHE_HIDE_NAME)) self.cache_hide_path = join_path(self.cache_path, self.cache_hide_name) self.cache_stage_name = utils.to_unicode( kwargs.get("cache_stage_name", DEFAULT_CACHE_STAGE_NAME)) self.cache_stage_path = join_path(self.cache_path, self.cache_stage_name) self.cache_fetch_name = utils.to_unicode( kwargs.get("cache_fetch_name", DEFAULT_CACHE_FETCH_NAME)) self.cache_fetch_path = join_path(self.cache_path, self.cache_fetch_name) self.user_id = self.endpoint.account self.instance = get_instance([ self.auth_url, self.user_id, self.container, self.local_root_path ]) self.instance_path = join_path(self.instances_path, self.instance) self.create_dir(self.instance_path) self.dbname = utils.to_unicode(kwargs.get("dbname", DEFAULT_DBNAME)) self.full_dbname = join_path(self.instance_path, self.dbname) self.syncer_dbtuple = common.DBTuple(dbtype=database.SyncerDB, dbname=self.full_dbname) db_existed = os.path.isfile(self.full_dbname) if not db_existed: database.initialize(self.syncer_dbtuple) self.mtime_lag = 0 self.case_insensitive = False if not db_existed: self.set_localfs_enabled(True) self.create_local_dirs() self.set_pithos_enabled(True) if not container_exists: self.mk_container(container) else: if not local_root_path_exists: self.set_localfs_enabled(False) else: self.create_local_dirs() if not container_exists: self.set_pithos_enabled(False) self.heartbeat = ThreadSafeDict() self.action_max_wait = kwargs.get("action_max_wait", DEFAULT_ACTION_MAX_WAIT) self.pithos_list_interval = kwargs.get("pithos_list_interval", DEFAULT_PITHOS_LIST_INTERVAL) self.connection_retry_limit = kwargs.get( "connection_retry_limit", DEFAULT_CONNECTION_RETRY_LIMIT) self.endpoint.CONNECTION_RETRY_LIMIT = self.connection_retry_limit self.max_alive_sync_threads = kwargs.get( "max_alive_sync_threads", DEFAULT_MAX_ALIVE_SYNC_THREADS) self.messager = Messager()
admin=settings.get('ldap_admin'), password=settings.get('ldap_password'), base_dn=settings.get('ldap_base_dn')) pool_args = dict( dbname=settings.get('pool_name'), host=settings.get('pool_host'), user=settings.get('pool_user'), password=settings.get('pool_password'), ) voms_args = dict([(k, v) for k, v in settings.items() if k in ('voms_policy', 'voms_dir', 'ca_path', 'voms_api_lib')]) snf_certs = settings.get('snf_ca_certs', None) if snf_certs: https.patch_with_certs(snf_certs) elif settings.get('snf_ignore_ssl', None): https.patch_ignore_ssl() snf_admin = identity.IdentityClient(settings['snf_auth_url'], settings['snf_admin_token']) snf_admin.authenticate() vo_projects = settings.get('vo_projects', '/etc/astavoms/vo_projects.json') server.ASTAVOMS_SERVER_SETTINGS.update( dict( ldap_args=ldap_args, pool_args=pool_args, vomsauth=authvoms.VomsAuth(**voms_args), snf_admin=snf_admin, vo_projects=vo_projects,
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED # AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. # # The views and conclusions contained in the software and # documentation are those of the authors and should not be # interpreted as representing official policies, either expressed # or implied, of GRNET S.A. from kamaki.cli.config import Config from kamaki.clients import astakos, cyclades, ClientError from kamaki.clients.utils import https https.patch_with_certs('/etc/ssl/certs/ca-certificates.crt') cnf = Config() CLOUD = cnf.get('global', 'default_cloud') URL = cnf.get_cloud(CLOUD, 'url') TOKEN = cnf.get_cloud(CLOUD, 'token') identity_client = astakos.CachedAstakosClient(URL, TOKEN) computeURL = identity_client.get_endpoint_url( cyclades.CycladesComputeClient.service_type) compute_client = cyclades.CycladesComputeClient(computeURL, TOKEN) img = dict(id='10b79e4d-9362-4f30-9223-3105c9a84bce') srv_name = raw_input('Server name: ') flv = compute_client.get_flavor_details(raw_input('Flavor id: ')) srv = compute_client.create_server(srv_name,
def __init__(self, auth_url, auth_token, container, local_root_path, *args, **kwargs): check_encoding() auth_url = utils.to_unicode(auth_url) auth_token = utils.to_unicode(auth_token) container = utils.to_unicode(container) local_root_path = utils.to_unicode(local_root_path) self.auth_url = utils.normalize_standard_suffix(auth_url) self.auth_token = auth_token self.container = utils.normalize_standard_suffix(container) self.ignore_ssl = kwargs.get("ignore_ssl", False) if self.ignore_ssl: https.patch_ignore_ssl() elif kwargs.get('ca_certs', None): https.patch_with_certs(kwargs['ca_certs']) self.endpoint = self._get_pithos_client( auth_url, auth_token, container) container_exists = self.check_container_exists(container) home_dir = utils.to_unicode(os.path.expanduser('~')) default_settings_path = join_path(home_dir, GLOBAL_SETTINGS_NAME) self.settings_path = utils.to_unicode( kwargs.get("agkyra_path", default_settings_path)) self.create_dir(self.settings_path, mode=stat.S_IRWXU) self.instances_path = join_path(self.settings_path, INSTANCES_NAME) self.create_dir(self.instances_path) self.local_root_path = utils.normalize_local_suffix(local_root_path) local_root_path_exists = os.path.isdir(self.local_root_path) self.cache_name = utils.to_unicode( kwargs.get("cache_name", DEFAULT_CACHE_NAME)) self.cache_path = join_path(self.local_root_path, self.cache_name) self.cache_hide_name = utils.to_unicode( kwargs.get("cache_hide_name", DEFAULT_CACHE_HIDE_NAME)) self.cache_hide_path = join_path(self.cache_path, self.cache_hide_name) self.cache_stage_name = utils.to_unicode( kwargs.get("cache_stage_name", DEFAULT_CACHE_STAGE_NAME)) self.cache_stage_path = join_path(self.cache_path, self.cache_stage_name) self.cache_fetch_name = utils.to_unicode( kwargs.get("cache_fetch_name", DEFAULT_CACHE_FETCH_NAME)) self.cache_fetch_path = join_path(self.cache_path, self.cache_fetch_name) self.user_id = self.endpoint.account self.instance = get_instance( [self.auth_url, self.user_id, self.container, self.local_root_path]) self.instance_path = join_path(self.instances_path, self.instance) self.create_dir(self.instance_path) self.dbname = utils.to_unicode(kwargs.get("dbname", DEFAULT_DBNAME)) self.full_dbname = join_path(self.instance_path, self.dbname) self.syncer_dbtuple = common.DBTuple( dbtype=database.SyncerDB, dbname=self.full_dbname) db_existed = os.path.isfile(self.full_dbname) if not db_existed: database.initialize(self.syncer_dbtuple) self.mtime_lag = 0 self.case_insensitive = False if not db_existed: self.set_localfs_enabled(True) self.create_local_dirs() self.set_pithos_enabled(True) if not container_exists: self.mk_container(container) else: if not local_root_path_exists: self.set_localfs_enabled(False) else: self.create_local_dirs() if not container_exists: self.set_pithos_enabled(False) self.heartbeat = ThreadSafeDict() self.action_max_wait = kwargs.get("action_max_wait", DEFAULT_ACTION_MAX_WAIT) self.pithos_list_interval = kwargs.get("pithos_list_interval", DEFAULT_PITHOS_LIST_INTERVAL) self.connection_retry_limit = kwargs.get( "connection_retry_limit", DEFAULT_CONNECTION_RETRY_LIMIT) self.endpoint.CONNECTION_RETRY_LIMIT = self.connection_retry_limit self.max_alive_sync_threads = kwargs.get( "max_alive_sync_threads", DEFAULT_MAX_ALIVE_SYNC_THREADS) self.messager = Messager()
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED # AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. # # The views and conclusions contained in the software and # documentation are those of the authors and should not be # interpreted as representing official policies, either expressed # or implied, of GRNET S.A. from kamaki.cli.config import Config from kamaki.clients import astakos, cyclades, ClientError from kamaki.clients.utils import https https.patch_with_certs('/etc/ssl/certs/ca-certificates.crt') cnf = Config() CLOUD = cnf.get('global', 'default_cloud') URL = cnf.get_cloud(CLOUD, 'url') TOKEN = cnf.get_cloud(CLOUD, 'token') identity_client = astakos.CachedAstakosClient(URL, TOKEN) computeURL = identity_client.get_endpoint_url( cyclades.CycladesComputeClient.service_type) compute_client = cyclades.CycladesComputeClient(computeURL, TOKEN) volumeURL = identity_client.get_endpoint_url( cyclades.CycladesBlockStorageClient.service_type) volume_client = cyclades.CycladesBlockStorageClient(volumeURL, TOKEN) srv = compute_client.get_server_details(454001)
def main(): """Entry point for icaas-monitord""" args = get_args() manifest = read_manifest(args.manifest) if 'status' not in manifest['service']: sys.stderr.write('"status" is missing from the service section of the ' 'manifest') sys.exit(3) if 'insecure' in manifest and manifest['insecure'].lower() == 'true': verify = False else: verify = True report = Report(manifest['service']['status'], verify=verify, log=sys.stderr) def missing_key(key, section): """missing key message""" return "`%s' is missing from the `%s' section of the manifest" % \ (key, section) # Validate the manifest for key in 'url', 'token', 'log', 'status': if key not in manifest['service']: report.error(missing_key(key, 'service')) sys.exit(3) for key in 'url', 'name', 'object': if key not in manifest['image']: report.error(missing_key(key, 'image')) sys.exit(3) service = manifest['service'] try: container, logname = service['log'].split('/', 1) except ValueError: report.error('Incorrect format for log entry in manifest file') # Use the systems certificates https.patch_with_certs(CERTS) account = AstakosClient(service['url'], service['token']) try: account.authenticate() except AstakosClientError as err: report.error("Astakos: %s" % err) sys.exit(3) pithos = PithosClient( account.get_service_endpoints('object-store')['publicURL'], account.token, account.user_info['id'], container) if args.daemonize: daemon_context = daemon.DaemonContext(stdin=sys.stdin, stdout=sys.stdout, stderr=sys.stderr) daemon_context.open() with open(PID, 'w') as pid: pid.write("%d\n" % os.getpid()) try: # Export manifest to environment variables for section in manifest: for key, value in manifest[section].items(): name = "ICAAS_%s_%s" % (section.upper(), key.upper()) os.environ[name] = value # Use SIGHUP to unblock from the sleep if necessary signal.signal(signal.SIGHUP, lambda x, y: None) if 'ICAAS_MONITOR_SIGSTOP' in os.environ: # Tell service supervisor that we are ready. syslog.syslog( syslog.LOG_NOTICE, "Stopping with SIGSTOP as the " "environment variable ICAAS_MONITOR_SIGSTOP is defined") os.kill(os.getpid(), signal.SIGSTOP) del os.environ['ICAAS_MONITOR_SIGSTOP'] if do_main_loop(args.interval, pithos, logname): report.success() else: report.error("Image creation failed. Check the log for more info") finally: os.unlink(PID)