def delete_user(self, user):
kc = KeystoneCommands(username=self.inputs.stack_user,
password=self.inputs.stack_password,
tenant=self.inputs.project_name,
auth_url=self.auth_url,
insecure=self.insecure)
kc.delete_user(user)
class OpenstackAuth(OrchestratorAuth):
def __init__(self,
username,
password,
project_name,
inputs=None,
logger=None,
auth_url=None,
region_name=None,
certfile=None,
keyfile=None,
cacert=None,
insecure=True,
domain_name=None,
scope='domain'):
self.inputs = inputs
self.user = username
self.passwd = password
self.project = project_name
self.scope = scope
self.logger = logger or contrail_logging.getLogger(__name__)
if inputs:
self.auth_url = inputs.auth_url
self.region_name = inputs.region_name
self.domain_name = domain_name or self.inputs.admin_domain
self.keystone_certfile = self.inputs.keystonecertfile
self.keystone_keyfile = self.inputs.keystonekeyfile
self.certbundle = self.inputs.certbundle
self.insecure = self.inputs.insecure
self.scope = 'project' if inputs.use_project_scoped_token else scope
else:
self.auth_url = auth_url or os.getenv('OS_AUTH_URL')
self.region_name = region_name or os.getenv('OS_REGION_NAME')
self.domain_name = domain_name or os.getenv('OS_DOMAIN_NAME')
self.keystone_certfile = certfile
self.keystone_keyfile = keyfile
self.insecure = insecure
self.certbundle = cacert
self.reauth()
def reauth(self):
self.keystone = KeystoneCommands(username=self.user,
password=self.passwd,
tenant=self.project,
domain_name=self.domain_name,
auth_url=self.auth_url,
insecure=self.insecure,
region_name=self.region_name,
cert=self.keystone_certfile,
key=self.keystone_keyfile,
cacert=self.certbundle,
logger=self.logger,
scope=self.scope)
def get_domain_id(self, name='Default'):
return self.keystone.get_domain_id(name)
def get_project_id(self, name=None, domain_id=None):
if not name or name == self.project:
return self.keystone.get_id()
return self.keystone.get_project_id(name, domain_id)
def get_session(self, scope='domain'):
return self.keystone.get_session(scope)
def get_client(self, scope='domain'):
return self.keystone.get_client(scope)
def get_endpoint(self, service, interface='public'):
return self.keystone.get_endpoint(service, interface)
def get_token(self):
return self.keystone.get_token()
def create_domain(self, domain_name):
return self.keystone.create_domain(domain_name)
def delete_domain(self, domain_name):
self.keystone.delete_domain(domain_name)
def update_domain(self, domain_id, domain_name, description, enabled):
return self.keystone.update_domain(domain_id=domain_id,
domain_name=domain_name,
description=description,
enabled=enabled)
def get_domain(self, domain_id):
return self.keystone.get_domain(domain_id=domain_id)
def create_project(self, name, domain_name=None):
return self.keystone.create_project(name, domain_name)
def delete_project(self, name):
self.keystone.delete_project(name)
def delete_user(self, user):
self.keystone.delete_user(user)
def create_user(self, user, password, tenant_name=None, domain_name=None):
try:
self.keystone.create_user(user,
password,
email='',
tenant_name=tenant_name
or self.inputs.stack_tenant,
enabled=True,
domain_name=domain_name)
except:
self.logger.info("%s user already present" % (self.user))
def get_user_id(self, user):
user_obj = self.keystone.get_user_dct(user)
return user_obj.id if user_obj else None
def create_role(self, role):
self.keystone.create_role(role)
def delete_role(self, role):
self.keystone.delete_role(role)
def add_user_to_domain(self, user, role='admin', domain=None):
try:
self.keystone.add_user_to_domain(user, role, domain)
except Exception as e:
self.logger.info("%s user already added to domain" % (user))
def add_user_to_project(self, user, project, role='admin'):
try:
self.keystone.add_user_to_tenant(project, user, role)
except Exception as e:
self.logger.info("%s user already added to project" % (user))
def remove_user_from_project(self, user, role, project):
try:
self.keystone.remove_user_role(user, role, project)
except Exception as e:
self.logger.exception("%s user already removed from project" %
(user))
def verify_service_enabled(self, service):
try:
for svc in self.keystone.services_list():
if service in svc.name:
return True
else:
continue
return False
except Exception as e:
return False
def get_auth_h(self):
return self.keystone
def create_user_group(self, group, domain_name):
try:
self.keystone.create_group(group, domain_name)
except Exception as e:
self.logger.info("%s user group already present" % (group))
def delete_group(self, name):
return self.keystone.delete_group(name=name)
def add_user_to_group(self, user, group):
try:
self.keystone.add_user_to_group(user, group)
except Exception as e:
self.logger.info("%s user already added to group %s" %
(user, group))
def remove_user_from_group(self, user, group):
try:
self.keystone.remove_user_from_group(user, group)
except Exception as e:
self.logger.info("%s user already removed from group %s" %
(user, group))
def add_group_to_domain(self, group, role='admin', domain=None):
try:
self.keystone.add_group_to_domain(group,
role='admin',
domain=domain)
except Exception as e:
self.logger.info("%s group already added to domain" %
(group, project))
def remove_group_from_domain(self, group, role, domain=None):
try:
self.keystone.remove_group_from_domain(group, role, domain=None)
except Exception as e:
self.logger.info("%s group already removed from domain" %
(group, domain))
def add_group_to_tenant(self, project, group, role='admin'):
try:
self.keystone.add_group_to_tenant(project, group, role='admin')
except Exception as e:
self.logger.info("%s group already added to project" %
(group, tenant))
def remove_group_from_tenant(self, project, group, role):
try:
self.keystone.remove_group_from_tenant(project, group, role)
except Exception as e:
self.logger.info("%s group already removed from project" %
(group, tenant))
class OpenstackAuth(OrchestratorAuth):
def __init__(self, user, passwd, project_name,
inputs=None, logger=None, auth_url=None):
self.inputs = inputs
self.user = user
self.passwd = passwd
self.project = project_name
self.logger = logger or logging.getLogger(__name__)
self.insecure = bool(os.getenv('OS_INSECURE',True))
if inputs:
self.auth_url = 'http://%s:5000/v2.0' % (self.inputs.openstack_ip)
else:
self.auth_url = auth_url or os.getenv('OS_AUTH_URL')
self.reauth()
def reauth(self):
self.keystone = KeystoneCommands(username=self.user,
password=self.passwd,
tenant=self.project,
auth_url=self.auth_url,
insecure=self.insecure)
def get_project_id(self, name=None):
if not name or name == self.project:
return self.keystone.get_id()
return self.keystone.get_project_id(name)
def create_project(self, name):
return self.keystone.create_project(name)
def delete_project(self, name):
self.keystone.delete_project(name)
def delete_user(self, user):
self.keystone.delete_user(user)
def create_user(self, user, password):
try:
self.keystone.create_user(user,password,email='',
tenant_name=self.inputs.stack_tenant,enabled=True)
except:
self.logger.info("%s user already created"%(self.user))
def add_user_to_project(self, user, project, role='admin'):
try:
self.keystone.add_user_to_tenant(project, user, role)
except Exception as e:
self.logger.info("%s user already added to project"%(user))
def verify_service_enabled(self, service):
try:
for svc in self.keystone.services_list():
if service in svc.name:
return True
else:
continue
return False
except Exception as e:
return False
def get_auth_h(self):
return self.keystone
class OpenstackAuth(OrchestratorAuth):
def __init__(self,
user,
passwd,
project_name,
inputs=None,
logger=None,
auth_url=None,
region_name=None):
self.inputs = inputs
self.user = user
self.passwd = passwd
self.project = project_name
self.logger = logger or contrail_logging.getLogger(__name__)
self.insecure = bool(os.getenv('OS_INSECURE', True))
if inputs:
self.auth_url = inputs.auth_url
self.region_name = inputs.region_name
else:
self.auth_url = auth_url or os.getenv('OS_AUTH_URL')
self.region_name = region_name or os.getenv('OS_REGION_NAME')
self.reauth()
def reauth(self):
self.keystone = KeystoneCommands(username=self.user,
password=self.passwd,
tenant=self.project,
auth_url=self.auth_url,
insecure=self.insecure,
region_name=self.region_name,
logger=self.logger)
def get_project_id(self, name=None):
if not name or name == self.project:
return self.keystone.get_id()
return self.keystone.get_project_id(name)
def create_project(self, name):
return self.keystone.create_project(name)
def delete_project(self, name):
self.keystone.delete_project(name)
def delete_user(self, user):
self.keystone.delete_user(user)
def create_user(self, user, password):
try:
self.keystone.create_user(user,
password,
email='',
tenant_name=self.inputs.stack_tenant,
enabled=True)
except:
self.logger.info("%s user already present" % (self.user))
def add_user_to_project(self, user, project, role='admin'):
try:
self.keystone.add_user_to_tenant(project, user, role)
except Exception as e:
self.logger.info("%s user already added to project" % (user))
def verify_service_enabled(self, service):
try:
for svc in self.keystone.services_list():
if service in svc.name:
return True
else:
continue
return False
except Exception as e:
return False
def get_auth_h(self):
return self.keystone
class OpenstackAuth(OrchestratorAuth):
def __init__(self, username, password, project_name,
inputs=None, logger=None, auth_url=None, region_name=None,
certfile=None, keyfile=None, cacert=None, insecure=True, domain_name=None,scope='domain'):
self.inputs = inputs
self.user = username
self.passwd = password
self.project = project_name
self.scope = scope
self.logger = logger or contrail_logging.getLogger(__name__)
if inputs:
self.auth_url = inputs.auth_url
self.region_name = inputs.region_name
self.domain_name = domain_name or self.inputs.admin_domain
self.keystone_certfile = self.inputs.keystonecertfile
self.keystone_keyfile = self.inputs.keystonekeyfile
self.certbundle = self.inputs.certbundle
self.insecure = self.inputs.insecure
self.scope = 'project' if inputs.use_project_scoped_token else scope
else:
self.auth_url = auth_url or os.getenv('OS_AUTH_URL')
self.region_name = region_name or os.getenv('OS_REGION_NAME')
self.domain_name = domain_name or os.getenv('OS_DOMAIN_NAME')
self.keystone_certfile = certfile
self.keystone_keyfile = keyfile
self.insecure = insecure
self.certbundle = cacert
self.reauth()
def reauth(self):
self.keystone = KeystoneCommands(username=self.user,
password=self.passwd,
tenant=self.project,
domain_name=self.domain_name,
auth_url=self.auth_url,
insecure=self.insecure,
region_name=self.region_name,
cert=self.keystone_certfile,
key=self.keystone_keyfile,
cacert=self.certbundle,
logger=self.logger,
scope=self.scope)
def get_domain_id(self, name='Default'):
return self.keystone.get_domain_id(name)
def get_project_id(self, name=None, domain_id=None):
if not name or name == self.project:
return self.keystone.get_id()
return self.keystone.get_project_id(name, domain_id)
def get_session(self,scope='domain'):
return self.keystone.get_session(scope)
def get_client(self,scope='domain'):
return self.keystone.get_client(scope)
def get_endpoint(self, service, interface='public'):
return self.keystone.get_endpoint(service, interface)
def get_token(self):
return self.keystone.get_token()
def create_domain(self,domain_name):
return self.keystone.create_domain(domain_name)
def delete_domain(self, domain_name):
self.keystone.delete_domain(domain_name)
def update_domain(self,domain_id, domain_name, description, enabled):
return self.keystone.update_domain(domain_id=domain_id, domain_name=domain_name,
description=description,enabled=enabled)
def get_domain(self,domain_id):
return self.keystone.get_domain(domain_id=domain_id)
def create_project(self, name, domain_name=None):
return self.keystone.create_project(name, domain_name)
def delete_project(self, name):
self.keystone.delete_project(name)
def delete_user(self, user):
self.keystone.delete_user(user)
def create_user(self, user, password, tenant_name=None, domain_name=None):
try:
self.keystone.create_user(user,password,email='',
tenant_name=tenant_name or self.inputs.stack_tenant,enabled=True,
domain_name=domain_name)
except:
self.logger.info("%s user already present"%(self.user))
def get_user_id(self, user):
user_obj = self.keystone.get_user_dct(user)
return user_obj.id if user_obj else None
def create_role(self, role):
self.keystone.create_role(role)
def delete_role(self, role):
self.keystone.delete_role(role)
def add_user_to_domain(self, user, role='admin', domain=None):
try:
self.keystone.add_user_to_domain(user, role, domain)
except Exception as e:
self.logger.info("%s user already added to domain"%(user))
def add_user_to_project(self, user, project, role='admin'):
try:
self.keystone.add_user_to_tenant(project, user, role)
except Exception as e:
self.logger.info("%s user already added to project"%(user))
def remove_user_from_project(self, user, role, project):
try:
self.keystone.remove_user_from_tenant(project, user, role)
except Exception as e:
self.logger.exception("%s user already removed from project"%(user))
def verify_service_enabled(self, service):
try:
for svc in self.keystone.services_list():
if service in svc.name:
return True
else:
continue
return False
except Exception as e:
return False
def get_auth_h(self):
return self.keystone
def create_user_group(self,group,domain_name):
try:
self.keystone.create_group(group,domain_name)
except Exception as e:
self.logger.info("%s user group already present"%(group))
def delete_group(self,name):
return self.keystone.delete_group(name=name)
def add_user_to_group(self,user,group):
try:
self.keystone.add_user_to_group(user, group)
except Exception as e:
self.logger.info("%s user already added to group %s"%(user, group))
def remove_user_from_group(self,user,group):
try:
self.keystone.remove_user_from_group(user, group)
except Exception as e:
self.logger.info("%s user already removed from group %s"%(user, group))
def add_group_to_domain(self,group, role='admin', domain=None):
try:
self.keystone.add_group_to_domain(group, role='admin', domain=domain)
except Exception as e:
self.logger.info("%s group already added to domain"%(group,project))
def remove_group_from_domain(self, group, role, domain=None):
try:
self.keystone.remove_group_from_domain(group, role, domain=None)
except Exception as e:
self.logger.info("%s group already removed from domain"%(group,domain))
def add_group_to_tenant(self, project, group, role='admin'):
try:
self.keystone.add_group_to_tenant(project, group, role='admin')
except Exception as e:
self.logger.info("%s group already added to project"%(group,tenant))
def remove_group_from_tenant(self,project, group, role):
try:
self.keystone.remove_group_from_tenant(project, group, role)
except Exception as e:
self.logger.info("%s group already removed from project"%(group,tenant))
class IsolatedCreds(fixtures.Fixture):
def __init__(self,project_name,inputs,ini_file = None ,logger = None):
# self.project_name = project_name
self.project_name = get_random_name(project_name)
self.user = project_name
self.password = project_name
self.inputs = inputs
self.ini_file = ini_file
self.logger = logger
def setUp(self):
super(IsolatedCreds, self).setUp()
self.connections= ContrailConnections(self.inputs, self.logger)
self.vnc_lib= self.connections.vnc_lib
# self.logger= self.inputs.logger
def create_tenant(self):
self.project = None
time.sleep(4)
try:
self.project = project_test.ProjectFixture(project_name = self.project_name,
vnc_lib_h= self.vnc_lib,username= self.user,password= self.password,
connections= self.connections)
self.project.setUp()
except Exception as e:
self.logger.warn("got exception as %s"%(e))
finally:
return self.project
def delete_tenant(self):
self.project.cleanUp()
def delete_user(self,user=None):
if user:
user = user
else:
user = self.user
insecure = bool(os.getenv('OS_INSECURE',True))
try:
self.auth_url = os.getenv('OS_AUTH_URL') or \
'http://' + self.inputs.openstack_ip + ':5000/v2.0'
self.key_stone_clients= KeystoneCommands(username= self.inputs.stack_user, password= self.inputs.stack_password,
tenant= self.inputs.project_name, auth_url= auth_url, insecure=insecure)
except Exception as e:
self.logger.warn("Failed - Keystone client instance")
self.key_stone_clients.delete_user(user)
def create_and_attach_user_to_tenant(self):
insecure = bool(os.getenv('OS_INSECURE',True))
try:
auth_url = os.getenv('OS_AUTH_URL') or \
'http://' + self.inputs.openstack_ip + ':5000/v2.0'
self.key_stone_clients= KeystoneCommands(username= self.inputs.stack_user, password= self.inputs.stack_password,
tenant= self.inputs.project_name, auth_url= auth_url, insecure=insecure)
try:
self.key_stone_clients.create_user(self.user,self.password,email='',tenant_name=self.inputs.stack_tenant,enabled=True)
except:
self.logger.info("%s user already created"%(self.user))
try:
self.key_stone_clients.add_user_to_tenant(self.project_name,self.user , 'admin')
except Exception as e:
self.logger.info("%s user already added to project"%(self.user))
try:
self.key_stone_clients.add_user_to_tenant(self.project_name,'admin' , 'admin')
except Exception as e:
self.logger.info("Admin user already added to project")
time.sleep(4)
except Exception as e:
self.logger.info("Failed - Keystone client instance")
def get_inputs(self):
self.project_inputs= self.useFixture(ContrailTestInit(self.ini_file,
stack_user=self.project.username,
stack_password=self.project.password,
project_fq_name=['default-domain',self.project_name],logger = self.logger))
return self.project_inputs
def get_conections(self):
self.project_connections= ContrailConnections(self.project_inputs,project_name= self.project_name,
username=self.project.username
,password= self.project.password,
logger = self.logger)
return self.project_connections
def get_admin_inputs(self):
admin = AdminCreds(ADMIN_TENANT , self.inputs , self.ini_file , self.logger)
return admin.get_inputs()
def get_admin_connections(self):
admin = AdminCreds(ADMIN_TENANT , self.inputs , self.ini_file , self.logger)
return admin.get_conections()
def cleanUp(self):
super(IsolatedCreds, self).cleanUp()
def delete_user(self, user):
kc = KeystoneCommands(username= self.inputs.stack_user,
password= self.inputs.stack_password,
tenant= self.inputs.project_name,
auth_url= self.auth_url, insecure=self.insecure)
kc.delete_user(user)
