def __init__(self, section=constants.SERVICE_AUTH):
self._session = None
self._auth = None
self.section = section
ks_loading.register_auth_conf_options(cfg.CONF, self.section)
ks_loading.register_session_conf_options(cfg.CONF, self.section)
def register_opts(conf):
castellan_opts.set_defaults(conf)
# TODO(raj_singh): Code block below is deprecated and will be removed
# post Newton
conf.register_group(barbican_group)
conf.register_opts(barbican_opts, group=barbican_group)
ks_loading.register_session_conf_options(conf, barbican_group.name)
def register_ksa_opts(conf, group, default_service_type, include_auth=True,
deprecated_opts=None):
"""Register keystoneauth auth, Session, and Adapter opts.
:param conf: oslo_config.cfg.CONF in which to register the options
:param group: Conf group, or string name thereof, in which to register the
options.
:param default_service_type: Default for the service_type conf option on
the Adapter.
:param include_auth: For service types where Nova is acting on behalf of
the user, auth should come from the user context.
In those cases, set this arg to False to avoid
registering ksa auth options.
:param deprecated_opts: dict of deprecated opts to register with the ksa
Session or Adapter opts. See docstring for
the deprecated_opts param of:
keystoneauth1.loading.session.Session.register_conf_options
"""
# ksa register methods need the group name as a string. oslo doesn't care.
group = getattr(group, 'name', group)
ks_loading.register_session_conf_options(
conf, group, deprecated_opts=deprecated_opts)
if include_auth:
ks_loading.register_auth_conf_options(conf, group)
conf.register_opts(get_ksa_adapter_opts(
default_service_type, deprecated_opts=deprecated_opts), group=group)
# Have to register dummies for the version-related opts we removed
for name in _ADAPTER_VERSION_OPTS:
conf.register_opt(_dummy_opt(name), group=group)
def register_auth_opts(conf, group):
"""Register session- and auth-related options
Registers only basic auth options shared by all auth plugins.
The rest are registered at runtime depending on auth plugin used.
"""
kaloading.register_session_conf_options(conf, group)
kaloading.register_auth_conf_options(conf, group)
def register_keystoneauth_opts(conf):
ka_loading.register_auth_conf_options(conf, CFG_GROUP)
ka_loading.register_session_conf_options(
conf, CFG_GROUP,
deprecated_opts={'cacert': [
cfg.DeprecatedOpt('os-cacert', group=CFG_GROUP),
cfg.DeprecatedOpt('os-cacert', group="DEFAULT")]
})
def register_opts(conf):
# FIXME(pauloewerton): remove import of authtoken group and legacy options
# after deprecation period
conf.import_group(CFG_LEGACY_GROUP, 'keystonemiddleware.auth_token')
ka_loading.register_auth_conf_options(conf, CFG_GROUP)
ka_loading.register_session_conf_options(
conf, CFG_GROUP, deprecated_opts=legacy_session_opts)
conf.set_default('auth_type', default='password', group=CFG_GROUP)
def test_get_keystone_session(self):
_AUTH_CONF_GROUP = 'watcher_clients_auth'
ka_loading.register_auth_conf_options(cfg.CONF, _AUTH_CONF_GROUP)
ka_loading.register_session_conf_options(cfg.CONF, _AUTH_CONF_GROUP)
cfg.CONF.set_override('auth_type', 'password',
group=_AUTH_CONF_GROUP)
# If we don't clean up the _AUTH_CONF_GROUP conf options, then other
# tests that run after this one will fail, complaining about required
# options that _AUTH_CONF_GROUP wants.
def cleanup_conf_from_loading():
# oslo_config doesn't seem to allow unregistering groups through a
# single method, so we do this instead
cfg.CONF.reset()
del cfg.CONF._groups[_AUTH_CONF_GROUP]
self.addCleanup(cleanup_conf_from_loading)
osc = clients.OpenStackClients()
expected = {'username': '******',
'password': '******',
'auth_url': 'http://server.ip:35357',
'user_domain_id': 'foouserdomainid',
'project_domain_id': 'fooprojdomainid'}
def reset_register_opts_mock(conf_obj, original_method):
conf_obj.register_opts = original_method
original_register_opts = cfg.CONF.register_opts
self.addCleanup(reset_register_opts_mock,
cfg.CONF,
original_register_opts)
# Because some of the conf options for auth plugins are not registered
# until right before they are loaded, and because the method that does
# the actual loading of the conf option values is an anonymous method
# (see _getter method of load_from_conf_options in
# keystoneauth1.loading.conf.py), we need to manually monkey patch
# the register opts method so that we can override the conf values to
# our custom values.
def mock_register_opts(*args, **kwargs):
ret = original_register_opts(*args, **kwargs)
if 'group' in kwargs and kwargs['group'] == _AUTH_CONF_GROUP:
for key, value in expected.items():
cfg.CONF.set_override(key, value, group=_AUTH_CONF_GROUP)
return ret
cfg.CONF.register_opts = mock_register_opts
sess = osc.session
self.assertEqual(expected['auth_url'], sess.auth.auth_url)
self.assertEqual(expected['username'], sess.auth._username)
self.assertEqual(expected['password'], sess.auth._password)
self.assertEqual(expected['user_domain_id'], sess.auth._user_domain_id)
self.assertEqual(expected['project_domain_id'],
sess.auth._project_domain_id)
def _register_keystoneauth_group(conf, group):
ka_loading.register_auth_conf_options(conf, group)
ka_loading.register_session_conf_options(
conf, group,
deprecated_opts={'cacert': [
cfg.DeprecatedOpt('os-cacert', group=group),
cfg.DeprecatedOpt('os-cacert', group="DEFAULT")]
})
conf.register_opts(CLI_OPTS, group=group)
def register_keystoneauth_opts(conf):
ka_loading.register_auth_conf_options(conf, CFG_GROUP)
ka_loading.register_session_conf_options(
conf, CFG_GROUP,
deprecated_opts={'cacert': [
cfg.DeprecatedOpt('os-cacert', group=CFG_GROUP),
cfg.DeprecatedOpt('os-cacert', group="DEFAULT")]
})
conf.set_default("auth_type", default="password-ceilometer-legacy",
group=CFG_GROUP)
def register_keystoneauth_opts(conf):
ka_loading.register_auth_conf_options(conf, CFG_GROUP)
ka_loading.register_session_conf_options(
conf,
CFG_GROUP,
deprecated_opts={
'cacert': [
cfg.DeprecatedOpt('os-cacert', group=CFG_GROUP),
cfg.DeprecatedOpt('os-cacert', group="DEFAULT")
]
})
def __init__(self, configuration):
self._conf = configuration
self._conf.register_opts(vault_opts, group=VAULT_OPT_GROUP)
loading.register_session_conf_options(self._conf, VAULT_OPT_GROUP)
self._session = requests.Session()
self._root_token_id = self._conf.vault.root_token_id
self._vault_url = self._conf.vault.vault_url
if self._vault_url.startswith("https://"):
self._verify_server = self._conf.vault.ssl_ca_crt_file or True
else:
self._verify_server = False
def register_opts(conf):
loading.register_session_conf_options(CONF, _option_group)
loading.register_adapter_conf_options(CONF, _option_group,
include_deprecated=False)
loading.register_auth_conf_options(CONF, _option_group)
plugin_name = CONF.oslo_limit.auth_type
if plugin_name:
plugin_loader = loading.get_plugin_loader(plugin_name)
plugin_opts = loading.get_auth_plugin_conf_options(plugin_loader)
CONF.register_opts(plugin_opts, group=_option_group)
conf.register_opts(_options, group=_option_group)
def init(args, **kwargs):
cfg.CONF.register_group(sysinv_group)
cfg.CONF.register_opts(sysinv_opts, group=sysinv_group)
ks_loading.register_session_conf_options(cfg.CONF,
sysinv_group.name)
logging.register_options(cfg.CONF)
cfg.CONF(args=args, project='inventory',
version='%%(prog)s %s' % version_info.release_string(),
**kwargs)
objects.register_all()
config.parse_args(args)
def _register_keystoneauth_group(conf, group):
ka_loading.register_auth_conf_options(conf, group)
ka_loading.register_session_conf_options(
conf,
group,
deprecated_opts={
'cacert': [
cfg.DeprecatedOpt('os-cacert', group=group),
cfg.DeprecatedOpt('os-cacert', group="DEFAULT")
]
})
conf.register_opts(CLI_OPTS, group=group)
def __init__(self, config_group_name=None):
self.config_group_name = config_group_name or 'DEFAULT'
ks_loading.register_session_conf_options(
CONF, NEUTRON_GROUP, deprecated_opts=deprecated_opts)
ks_loading.register_auth_conf_options(CONF, NEUTRON_GROUP)
CONF.register_opts(neutron_opts, NEUTRON_GROUP)
self.configuration = getattr(CONF, self.config_group_name, CONF)
self.last_neutron_extension_sync = None
self.extensions = {}
self.auth_obj = None
def register_opts(conf):
conf.register_group(cinder_group)
conf.register_opts(cinder_opts, group=cinder_group)
group = getattr(cinder_group, 'name', cinder_group)
ks_loading.register_session_conf_options(conf, group)
ks_loading.register_auth_conf_options(conf, group)
adapter_opts = get_ksa_adapter_opts(SERVICE_TYPE)
conf.register_opts(adapter_opts, group=group)
def __init__(self):
ks_loading.register_session_conf_options(CONF, "neutron_client")
ks_loading.register_auth_conf_options(CONF, "neutron_client")
self.auth = ks_loading.load_auth_from_conf_options(
CONF,
"neutron_client")
self.session = ks_loading.load_session_from_conf_options(
CONF,
"neutron_client",
auth=self.auth)
self.neutron_client = neutron_client.Client(
session=self.session,
auth=self.auth)
def register_opts(conf):
conf.register_group(glance_group)
conf.register_opts(glance_opts, group=glance_group)
deprecated = {
'insecure':
[cfg.DeprecatedOpt('api_insecure', group=glance_group.name)],
'cafile': [cfg.DeprecatedOpt('ca_file', group="ssl")],
'certfile': [cfg.DeprecatedOpt('cert_file', group="ssl")],
'keyfile': [cfg.DeprecatedOpt('key_file', group="ssl")],
}
ks_loading.register_session_conf_options(conf, glance_group.name,
deprecated)
def __init__(self, config_group_name=None):
self.config_group_name = config_group_name or 'DEFAULT'
ks_loading.register_session_conf_options(CONF, NEUTRON_GROUP)
ks_loading.register_auth_conf_options(CONF, NEUTRON_GROUP)
CONF.register_opts(neutron_opts, NEUTRON_GROUP)
CONF.register_opts(neutron_deprecated_opts,
group=self.config_group_name)
self.configuration = getattr(CONF, self.config_group_name, CONF)
self.last_neutron_extension_sync = None
self.extensions = {}
self.auth_obj = None
def register_auth_opts(conf, group, service_type=None):
"""Register session- and auth-related options
Registers only basic auth options shared by all auth plugins.
The rest are registered at runtime depending on auth plugin used.
"""
kaloading.register_session_conf_options(conf, group)
kaloading.register_auth_conf_options(conf, group)
kaloading.register_adapter_conf_options(conf, group)
conf.set_default('valid_interfaces', DEFAULT_VALID_INTERFACES, group=group)
# TODO(pas-ha) use os-service-type to try find the service_type by the
# config group name assuming it is a project name (e.g. 'glance')
if service_type:
conf.set_default('service_type', service_type, group=group)
def register_opts():
CONF.register_group(HYPERV_AGENT_GROUP)
CONF.register_opts(HYPERV_AGENT_OPTS, group=HYPERV_AGENT_GROUP_NAME)
CONF.register_group(NVGRE_GROUP)
CONF.register_opts(NVGRE_OPTS, group=NVGRE_GROUP_NAME)
CONF.register_group(NEUTRON_GROUP)
CONF.register_opts(NEUTRON_OPTS, group=NEUTRON_GROUP_NAME)
ks_loading.register_session_conf_options(CONF, NEUTRON_GROUP)
ks_loading.register_auth_conf_options(CONF, NEUTRON_GROUP)
CONF.register_group(HNV_GROUP)
CONF.register_opts(HNV_OPTS, group=HNV_GROUP_NAME)
def register_auth_opts(conf, group, service_type=None):
"""Register session- and auth-related options
Registers only basic auth options shared by all auth plugins.
The rest are registered at runtime depending on auth plugin used.
"""
kaloading.register_session_conf_options(conf, group)
kaloading.register_auth_conf_options(conf, group)
kaloading.register_adapter_conf_options(conf, group)
conf.set_default('valid_interfaces', DEFAULT_VALID_INTERFACES, group=group)
# TODO(pas-ha) use os-service-type to try find the service_type by the
# config group name assuming it is a project name (e.g. 'glance')
if service_type:
conf.set_default('service_type', service_type, group=group)
def __init__(self):
ks_loading.register_session_conf_options(CONF, "glance_client")
ks_loading.register_auth_conf_options(CONF, "glance_client")
self.auth = ks_loading.load_auth_from_conf_options(
CONF,
"glance_client")
self.session = ks_loading.load_session_from_conf_options(
CONF,
"glance_client",
auth=self.auth)
self.glance_client = glance_client.Client(
version='1',
session=self.session,
auth=self.auth)
def register_auth_opts(conf, group, service_type=None):
"""Register session- and auth-related options
Registers only basic auth options shared by all auth plugins.
The rest are registered at runtime depending on auth plugin used.
"""
kaloading.register_session_conf_options(conf, group)
kaloading.register_auth_conf_options(conf, group)
if service_type:
kaloading.register_adapter_conf_options(conf, group)
conf.set_default('valid_interfaces',
DEFAULT_VALID_INTERFACES,
group=group)
conf.set_default('service_type', service_type, group=group)
def __init__(self):
ks_loading.register_session_conf_options(CONF, "keystone_client")
ks_loading.register_auth_conf_options(CONF, "keystone_client")
self.auth = ks_loading.load_auth_from_conf_options(
CONF,
"keystone_client")
self.session = ks_loading.load_session_from_conf_options(
CONF,
"keystone_client",
auth=self.auth)
self.ks_client = ks_client.Client(
version='3',
session=self.session,
auth_url=self.auth.auth_url)
def register_keystoneauth_opts(conf):
ka_loading.register_auth_conf_options(conf, CFG_GROUP)
ka_loading.register_session_conf_options(
conf,
CFG_GROUP,
deprecated_opts={
'cacert': [
cfg.DeprecatedOpt('os-cacert', group=CFG_GROUP),
cfg.DeprecatedOpt('os-cacert', group="DEFAULT")
]
})
conf.set_default("auth_type",
default="password-aodh-legacy",
group=CFG_GROUP)
def register_opts():
# NOTE (froyo): just to not try to re-register options already done
# by Neutron, specially in test scope, that will get a DuplicateOptError
missing_opts = ovn_opts
try:
neutron_registered_opts = [opt for opt in cfg.CONF.ovn]
missing_opts = [
opt for opt in ovn_opts if opt.name not in neutron_registered_opts
]
except cfg.NoSuchOptError:
LOG.info('Not found any opts under group ovn registered by Neutron')
cfg.CONF.register_opts(missing_opts, group='ovn')
cfg.CONF.register_opts(neutron_opts, group='neutron')
ks_loading.register_auth_conf_options(cfg.CONF, 'service_auth')
ks_loading.register_session_conf_options(cfg.CONF, 'service_auth')
def register_opts(conf):
global neutron_options
conf.register_group(neutron_group)
conf.register_opts(ALL_OPTS, group=neutron_group)
neutron_options = ks_loading.register_session_conf_options(
conf, NEUTRON_GROUP, deprecated_opts=deprecations)
ks_loading.register_auth_conf_options(conf, NEUTRON_GROUP)
def register_opts(conf):
conf.register_group(glance_group)
conf.register_opts(glance_opts, group=glance_group)
deprecated = {
'insecure': [cfg.DeprecatedOpt('api_insecure',
group=glance_group.name)],
'cafile': [cfg.DeprecatedOpt('ca_file',
group="ssl")],
'certfile': [cfg.DeprecatedOpt('cert_file',
group="ssl")],
'keyfile': [cfg.DeprecatedOpt('key_file',
group="ssl")],
}
ks_loading.register_session_conf_options(conf, glance_group.name,
deprecated)
def connect_gnocchi():
conf = cfg.ConfigOpts()
loading.register_auth_conf_options(conf, "keystone_authtoken")
loading.register_session_conf_options(
conf,
"keystone_authtoken",
deprecated_opts={
'cacert': [
cfg.DeprecatedOpt('os-cacert', group="keystone_authtoken"),
cfg.DeprecatedOpt('os-cacert', group="DEFAULT")
]
})
conf([], project='gnocchi')
auth_plugin = loading.load_auth_from_conf_options(conf,
"keystone_authtoken")
conn_gnocchi = client.Client(session_options={'auth': auth_plugin})
return conn_gnocchi
def __init__(self, configuration):
self._conf = configuration
self._conf.register_opts(vault_opts, group=VAULT_OPT_GROUP)
loading.register_session_conf_options(self._conf, VAULT_OPT_GROUP)
self._session = requests.Session()
self._root_token_id = self._conf.vault.root_token_id
self._approle_role_id = self._conf.vault.approle_role_id
self._approle_secret_id = self._conf.vault.approle_secret_id
self._cached_approle_token_id = None
self._approle_token_ttl = None
self._approle_token_issue = None
self._kv_mountpoint = self._conf.vault.kv_mountpoint
self._vault_url = self._conf.vault.vault_url
if self._vault_url.startswith("https://"):
self._verify_server = self._conf.vault.ssl_ca_crt_file or True
else:
self._verify_server = False
self._vault_kv_version = None
def __init__(self, configuration):
self._conf = configuration
self._conf.register_opts(vault_opts, group=VAULT_OPT_GROUP)
loading.register_session_conf_options(self._conf, VAULT_OPT_GROUP)
self._session = requests.Session()
self._root_token_id = self._conf.vault.root_token_id
self._approle_role_id = self._conf.vault.approle_role_id
self._approle_secret_id = self._conf.vault.approle_secret_id
self._cached_approle_token_id = None
self._approle_token_ttl = None
self._approle_token_issue = None
self._kv_mountpoint = self._conf.vault.kv_mountpoint
self._vault_url = self._conf.vault.vault_url
if self._vault_url.startswith("https://"):
self._verify_server = self._conf.vault.ssl_ca_crt_file or True
else:
self._verify_server = False
self._vault_kv_version = None
def list_auth_opts():
opt_list = ks_loading.register_session_conf_options(CONF, GROUP_AUTHTOKEN)
opt_list.insert(0, ks_loading.get_auth_common_conf_options()[0])
# NOTE(mhickey): There are a lot of auth plugins, we just generate
# the config options for a few common ones
plugins = ['password', 'v2password', 'v3password']
for name in plugins:
for plugin_option in ks_loading.get_auth_plugin_conf_options(name):
if all(option.name != plugin_option.name for option in opt_list):
opt_list.append(plugin_option)
opt_list.sort(key=operator.attrgetter('name'))
return [(GROUP_AUTHTOKEN, opt_list)]
def main():
cli_opts = [
cfg.StrOpt('component',
short='c',
choices=['neutron', 'nova', 'cinder'],
help='Openstack Service to check'),
cfg.StrOpt('binary',
short='b',
default=None,
help='For neutron agent, filter for this binary'),
cfg.BoolOpt('dhcp_ready',
short='r',
default=False,
help='check that dhcp-agent has all networks synced'),
]
conf = cfg.CONF
conf.register_cli_opts(cli_opts)
logging.basicConfig(level=logging.WARNING)
ks_loading.register_auth_conf_options(conf, 'keystone_authtoken')
ks_loading.register_auth_conf_options(conf, 'nova')
ks_loading.register_session_conf_options(conf, 'nova')
conf.register_opts(auth_opts, 'keystone_authtoken')
conf.register_opts(host_opts)
conf(sys.argv[1:])
if conf.component is None:
# Try guessing service type
tokens = conf.host.split('-')
if len(tokens) > 1:
try:
conf.component = next(x for x in ['neutron', 'nova', 'cinder']
if x == tokens[0])
except StopIteration:
logging.critical(
"Error, no component mode defined, use --component")
sys.exit(1)
from agentliveness.agent import Liveness
return Liveness(conf).check()
def register_ksa_opts(conf, group, default_service_type, deprecated_opts=None):
"""Register keystoneauth auth, Session, and Adapter opts.
:param conf: oslo_config.cfg.CONF in which to register the options
:param group: Conf group, or string name thereof, in which to register the
options.
:param default_service_type: Default for the service_type conf option on
the Adapter.
:param deprecated_opts: dict of deprecated opts to register with the ksa
Session or Adapter opts. See docstring for
the deprecated_opts param of:
keystoneauth1.loading.session.Session.register_conf_options
"""
# ksa register methods need the group name as a string. oslo doesn't care.
group = getattr(group, 'name', group)
ks_loading.register_session_conf_options(
conf, group, deprecated_opts=deprecated_opts)
ks_loading.register_auth_conf_options(conf, group)
conf.register_opts(get_ksa_adapter_opts(
default_service_type, deprecated_opts=deprecated_opts), group=group)
# Have to register dummies for the version-related opts we removed
for name in _ADAPTER_VERSION_OPTS:
conf.register_opt(_dummy_opt(name), group=group)
def add_auth_opts():
opts = ks_loading.register_session_conf_options(
cfg.CONF, constants.SERVICE_AUTH)
opt_list = copy.deepcopy(opts)
opt_list.insert(0, ks_loading.get_auth_common_conf_options()[0])
# NOTE(mhickey): There are a lot of auth plugins, we just generate
# the config options for a few common ones
plugins = ['password', 'v2password', 'v3password']
for name in plugins:
for plugin_option in ks_loading.get_auth_plugin_conf_options(name):
if all(option.name != plugin_option.name for option in opt_list):
opt_list.append(plugin_option)
opt_list.sort(key=operator.attrgetter('name'))
return (constants.SERVICE_AUTH, opt_list)
def add_auth_opts():
opts = ks_loading.register_session_conf_options(cfg.CONF,
constants.SERVICE_AUTH)
opt_list = copy.deepcopy(opts)
opt_list.insert(0, ks_loading.get_auth_common_conf_options()[0])
# NOTE(mhickey): There are a lot of auth plugins, we just generate
# the config options for a few common ones
plugins = ['password', 'v2password', 'v3password']
for name in plugins:
for plugin_option in ks_loading.get_auth_plugin_conf_options(name):
if all(option.name != plugin_option.name for option in opt_list):
opt_list.append(plugin_option)
opt_list.sort(key=operator.attrgetter('name'))
return (constants.SERVICE_AUTH, opt_list)
def list_auth_opts(group):
group_conf = AUTH_GROUPS_OPTS.get(group)
kwargs = {'conf': CONF, 'group': group}
deprecations = group_conf.get('deprecations')
if deprecations:
kwargs['deprecated_opts'] = deprecations
opts = ks_loading.register_session_conf_options(**kwargs)
opt_list = copy.deepcopy(opts)
opt_list.insert(0, ks_loading.get_auth_common_conf_options()[0])
# NOTE(mhickey): There are a lot of auth plugins, we just generate
# the config options for a few common ones
plugins = ['password', 'v2password', 'v3password']
for name in plugins:
for plugin_option in ks_loading.get_auth_plugin_conf_options(name):
if all(option.name != plugin_option.name for option in opt_list):
opt_list.append(plugin_option)
opt_list.sort(key=operator.attrgetter('name'))
return [(group, opt_list)]
def list_opts(group):
"""Generates a list of config option for a given group
:param group: group name
:return: list of auth default configuration
"""
opts = copy.deepcopy(ks_loading.register_session_conf_options(
CONF, group))
opts.insert(0, ks_loading.get_auth_common_conf_options()[0])
for plugin_option in ks_loading.get_auth_plugin_conf_options(
'password'):
found = False
for option in opts:
if option.name == plugin_option.name:
found = True
break
if not found:
opts.append(plugin_option)
opts.sort(key=lambda x: x.name)
return [(group, opts)]
def list_opts(group):
"""Generates a list of config option for a given group
:param group: group name
:return: list of auth default configuration
"""
opts = copy.deepcopy(
ks_loading.register_session_conf_options(CONF, group))
opts.insert(0, ks_loading.get_auth_common_conf_options()[0])
for plugin_option in ks_loading.get_auth_plugin_conf_options(
'password'):
found = False
for option in opts:
if option.name == plugin_option.name:
found = True
break
if not found:
opts.append(plugin_option)
opts.sort(key=lambda x: x.name)
return [(group, opts)]
def register_common_config_options():
global _COMMON_OPTIONS_ALREADY_REGISTERED
if _COMMON_OPTIONS_ALREADY_REGISTERED:
return
# Register the configuration options
common_config.register_core_common_config_opts()
# Ensure that the control exchange is set correctly
oslo_messaging.set_transport_defaults(control_exchange='neutron')
ks_loading.register_auth_conf_options(cfg.CONF,
common_config.NOVA_CONF_SECTION)
ks_loading.register_session_conf_options(cfg.CONF,
common_config.NOVA_CONF_SECTION)
# Register the nova configuration options
common_config.register_nova_opts()
ks_loading.register_auth_conf_options(cfg.CONF,
common_config.PLACEMENT_CONF_SECTION)
ks_loading.register_session_conf_options(
cfg.CONF, common_config.PLACEMENT_CONF_SECTION)
# Register the placement configuration options
common_config.register_placement_opts()
logging.register_options(cfg.CONF)
# Register the ironic configuration options
ks_loading.register_auth_conf_options(cfg.CONF,
common_config.IRONIC_CONF_SECTION)
ks_loading.register_session_conf_options(cfg.CONF,
common_config.IRONIC_CONF_SECTION)
ks_loading.register_adapter_conf_options(cfg.CONF,
common_config.IRONIC_CONF_SECTION)
common_config.register_ironic_opts()
_COMMON_OPTIONS_ALREADY_REGISTERED = True
help='endpoint url type'),
cfg.StrOpt('archive_policy_name',
default='rating',
help='Gnocchi storage archive policy name.'),
# The archive policy definition MUST include the collect period granularity
cfg.StrOpt('archive_policy_definition',
default='[{"granularity": '
+ six.text_type(CONF.collect.period) +
', "timespan": "90 days"}, '
'{"granularity": 86400, "timespan": "360 days"}, '
'{"granularity": 2592000, "timespan": "1800 days"}]',
help='Gnocchi storage archive policy definition.'), ]
CONF.register_opts(gnocchi_storage_opts, GNOCCHI_STORAGE_OPTS)
ks_loading.register_session_conf_options(
CONF,
GNOCCHI_STORAGE_OPTS)
ks_loading.register_auth_conf_options(
CONF,
GNOCCHI_STORAGE_OPTS)
RESOURCE_TYPE_NAME_ROOT = 'rating_service_'
METADATA_NAME_ROOT = 'ckmeta_'
class UnknownResourceType(Exception):
"""Exception raised when an unknown resource type is encountered"""
def __init__(self, resource_type):
super(UnknownResourceType, self).__init__(
'Unknown resource type {}'.format(resource_type)
from oslo_config import cfg
from oslo_log import log as logging
from fuge.common import exception
from fuge.common.i18n import _LE
CONF = cfg.CONF
CFG_GROUP = 'keystone_auth'
LOG = logging.getLogger(__name__)
keystone_auth_opts = (ka_loading.get_auth_common_conf_options() +
ka_loading.get_auth_plugin_conf_options('password'))
CONF.import_group('keystone_authtoken', 'keystonemiddleware.auth_token')
ka_loading.register_auth_conf_options(CONF, CFG_GROUP)
ka_loading.register_session_conf_options(CONF, CFG_GROUP)
CONF.set_default('auth_type', default='password', group=CFG_GROUP)
class KeystoneClientV3(object):
"""Keystone client wrapper so we can encapsulate logic in one place."""
def __init__(self, context):
self.context = context
self._client = None
self._session = None
@property
def auth_url(self):
return CONF.keystone_auth.auth_uri.replace('v2.0', 'v3')
import neutron.plugins.ml2.drivers.mech_sriov.agent.common.config
import neutron.wsgi
NOVA_GROUP = 'nova'
CONF = cfg.CONF
deprecations = {'nova.cafile': [cfg.DeprecatedOpt('ca_certificates_file',
group=NOVA_GROUP)],
'nova.insecure': [cfg.DeprecatedOpt('api_insecure',
group=NOVA_GROUP)],
'nova.timeout': [cfg.DeprecatedOpt('url_timeout',
group=NOVA_GROUP)]}
_nova_options = ks_loading.register_session_conf_options(
CONF, NOVA_GROUP, deprecated_opts=deprecations)
def list_agent_opts():
return [
('agent',
itertools.chain(
neutron.conf.agent.common.ROOT_HELPER_OPTS,
neutron.conf.agent.common.AGENT_STATE_OPTS,
neutron.conf.agent.common.IPTABLES_OPTS,
neutron.conf.agent.common.PROCESS_MONITOR_OPTS,
neutron.conf.agent.common.AVAILABILITY_ZONE_OPTS)
),
('DEFAULT',
itertools.chain(
neutron.conf.agent.common.INTERFACE_DRIVER_OPTS,
def set_db_defaults():
# Update the default QueuePool parameters. These can be tweaked by the
# conf variables - max_pool_size, max_overflow and pool_timeout
db_options.set_defaults(
cfg.CONF,
connection='sqlite://',
sqlite_db='', max_pool_size=10,
max_overflow=20, pool_timeout=10)
set_db_defaults()
NOVA_CONF_SECTION = 'nova'
ks_loading.register_auth_conf_options(cfg.CONF, NOVA_CONF_SECTION)
ks_loading.register_session_conf_options(cfg.CONF, NOVA_CONF_SECTION)
nova_opts = [
cfg.StrOpt('region_name',
help=_('Name of nova region to use. Useful if keystone manages'
' more than one region.')),
cfg.StrOpt('endpoint_type',
default='public',
choices=['public', 'admin', 'internal'],
help=_('Type of the nova endpoint to use. This endpoint will'
' be looked up in the keystone catalog and should be'
' one of public, internal or admin.')),
]
cfg.CONF.register_opts(nova_opts, group=NOVA_CONF_SECTION)
logging.register_options(cfg.CONF)
deprecated_group="DEFAULT",
deprecated_name="nova_ca_certificates_file",
help='Location of CA certificates file to use for nova client '
'requests.'),
cfg.BoolOpt('api_insecure',
default=False,
deprecated_group="DEFAULT",
deprecated_name="nova_api_insecure",
help='Allow to perform insecure SSL requests to nova.'),
]
CONF = cfg.CONF
CONF.register_opts(nova_deprecated_opts)
CONF.register_opts(core_opts)
CONF.register_opts(nova_opts, NOVA_GROUP)
ks_loading.register_session_conf_options(CONF, NOVA_GROUP)
ks_loading.register_auth_conf_options(CONF, NOVA_GROUP)
LOG = log.getLogger(__name__)
def list_opts():
return client_auth.AuthClientLoader.list_opts(NOVA_GROUP)
def novaclient(context):
global AUTH_OBJ
if not AUTH_OBJ:
deprecated_opts_for_v2 = {
'username': CONF.nova_admin_username,
'password': CONF.nova_admin_password,
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# @author: Stéphane Albert
#
from ceilometerclient import client as cclient
from keystoneauth1 import loading as ks_loading
from oslo_config import cfg
from cloudkitty import collector
from cloudkitty import utils as ck_utils
CEILOMETER_COLLECTOR_OPTS = 'ceilometer_collector'
ks_loading.register_session_conf_options(cfg.CONF, CEILOMETER_COLLECTOR_OPTS)
ks_loading.register_auth_conf_options(cfg.CONF, CEILOMETER_COLLECTOR_OPTS)
CONF = cfg.CONF
class ResourceNotFound(Exception):
"""Raised when the resource doesn't exist."""
def __init__(self, resource_type, resource_id):
super(ResourceNotFound, self).__init__(
"No such resource: %s, type: %s" % (resource_id, resource_type))
self.resource_id = resource_id
self.resource_type = resource_type
class CeilometerResourceCacher(object):
def __init__(self):
CONF = cfg.CONF
CINDER_OPT_GROUP = 'cinder'
# cinder_opts options in the DEFAULT group were deprecated in Juno
CONF.register_opts(cinder_opts, group=CINDER_OPT_GROUP)
deprecated = {'timeout': [cfg.DeprecatedOpt('http_timeout',
group=CINDER_OPT_GROUP)],
'cafile': [cfg.DeprecatedOpt('ca_certificates_file',
group=CINDER_OPT_GROUP)],
'insecure': [cfg.DeprecatedOpt('api_insecure',
group=CINDER_OPT_GROUP)]}
ks_loading.register_session_conf_options(CONF,
CINDER_OPT_GROUP,
deprecated_opts=deprecated)
LOG = logging.getLogger(__name__)
_SESSION = None
_V1_ERROR_RAISED = False
def reset_globals():
"""Testing method to reset globals.
"""
global _SESSION
_SESSION = None
def register_opts(conf):
conf.register_group(ironic_group)
conf.register_opts(ironic_options, group=ironic_group)
ks_loading.register_auth_conf_options(conf, group=ironic_group.name)
ks_loading.register_session_conf_options(conf, group=ironic_group.name)
cfg.StrOpt('os-region-name',
default=os.environ.get('OS_REGION_NAME'),
help='Region name to use for OpenStack service endpoints.'
'If set, will be included in plugin mappings.'),
cfg.StrOpt('os-endpoint-type',
default=os.environ.get('OS_ENDPOINT_TYPE', 'publicURL'),
help='Type of endpoint in Identity service catalog to '
'use for communication with OpenStack services.'),
]
GROUP = "service_credentials"
CONF = cfg.CONF
CONF.register_opts(client_opts, group=GROUP)
ka_loading.register_session_conf_options(CONF, GROUP)
ka_loading.register_auth_conf_options(CONF, GROUP)
_session = None
NOVA_MIN_API_VERSION = '2.1'
def _get_session():
global _session
if not _session:
auth = ka_loading.load_auth_from_conf_options(CONF, GROUP)
_session = ka_loading.load_session_from_conf_options(CONF,
GROUP,
auth=auth)
return _session
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# @author: Stéphane Albert
#
from ceilometerclient import client as cclient
from keystoneauth1 import loading as ks_loading
from oslo_config import cfg
from cloudkitty import collector
from cloudkitty import utils as ck_utils
CEILOMETER_COLLECTOR_OPTS = 'ceilometer_collector'
ks_loading.register_session_conf_options(
cfg.CONF,
CEILOMETER_COLLECTOR_OPTS)
ks_loading.register_auth_conf_options(
cfg.CONF,
CEILOMETER_COLLECTOR_OPTS)
CONF = cfg.CONF
class ResourceNotFound(Exception):
"""Raised when the resource doesn't exist."""
def __init__(self, resource_type, resource_id):
super(ResourceNotFound, self).__init__(
"No such resource: %s, type: %s" % (resource_id, resource_type))
self.resource_id = resource_id
self.resource_type = resource_type
def register_opts(conf):
conf.register_group(opt_group)
conf.register_opts(opts, group=opt_group)
ks_loading.register_auth_conf_options(conf, group=opt_group.name)
ks_loading.register_session_conf_options(conf, group=opt_group.name)
def __init__(self, configuration):
self._barbican_client = None
self._base_url = None
self.conf = configuration
self.conf.register_opts(barbican_opts, group=BARBICAN_OPT_GROUP)
loading.register_session_conf_options(self.conf, BARBICAN_OPT_GROUP)
def register_neutron_opts(conf):
conf.register_group(neutron_group)
conf.register_opts(neutron_opts, group=neutron_group)
ks_loading.register_session_conf_options(conf, neutron_group.name)
ks_loading.register_auth_conf_options(conf, neutron_group.name)
'certfile': [cfg.DeprecatedOpt('certfile', CFG_LEGACY_GROUP)],
'keyfile': [cfg.DeprecatedOpt('keyfile', CFG_LEGACY_GROUP)],
'cafile': [cfg.DeprecatedOpt('cafile', CFG_LEGACY_GROUP)],
'insecure': [cfg.DeprecatedOpt('insecure', CFG_LEGACY_GROUP)],
'timeout': [cfg.DeprecatedOpt('timeout', CFG_LEGACY_GROUP)],
}
keystone_auth_opts = (ka_loading.get_auth_common_conf_options() +
ka_loading.get_auth_plugin_conf_options('password'))
CONF.register_opts(trust_opts, group='trust')
# FIXME(pauloewerton): remove import of authtoken group and legacy options
# after deprecation period
CONF.import_group('keystone_authtoken', 'keystonemiddleware.auth_token')
ka_loading.register_auth_conf_options(CONF, CFG_GROUP)
ka_loading.register_session_conf_options(CONF, CFG_GROUP,
deprecated_opts=legacy_session_opts)
CONF.set_default('auth_type', default='password', group=CFG_GROUP)
class KeystoneClientV3(object):
"""Keystone client wrapper so we can encapsulate logic in one place."""
def __init__(self, context):
self.context = context
self._client = None
self._domain_admin_client = None
self._session = None
@property
def auth_url(self):
# FIXME(pauloewerton): auth_url should be retrieved from keystone_auth
def register_opts(conf):
conf.register_group(placement_group)
conf.register_opts(placement_opts, group=placement_group)
ks_loading.register_session_conf_options(conf, placement_group.name)
ks_loading.register_auth_conf_options(conf, placement_group.name)
'catalog. Format is: separated values of the form: '
'<service_type>:<service_name>:<endpoint_type>'),
cfg.StrOpt('endpoint_template',
help='Override service catalog lookup with template for '
'barbican endpoint e.g. '
'http://localhost:9311/v1/%(project_id)s'),
cfg.StrOpt('os_region_name',
help='Region name of this node'),
]
CONF = cfg.CONF
BARBICAN_OPT_GROUP = 'barbican'
CONF.register_opts(barbican_opts, group=BARBICAN_OPT_GROUP)
ks_loading.register_session_conf_options(CONF, BARBICAN_OPT_GROUP)
LOG = logging.getLogger(__name__)
class BarbicanKeyManager(key_mgr.KeyManager):
"""Key Manager Interface that wraps the Barbican client API."""
def __init__(self):
self._barbican_client = None
self._current_context = None
self._base_url = None
def _get_barbican_client(self, ctxt):
"""Creates a client to connect to the Barbican service.
default=3,
help='Number of cinderclient retries on failed HTTP calls.',
deprecated_group='DEFAULT',
deprecated_name="cinder_http_retries"),
cfg.BoolOpt('api_insecure',
default=False,
help='Allow to perform insecure SSL requests to cinder.',
deprecated_group='DEFAULT',
deprecated_name="cinder_api_insecure"),
]
CONF = cfg.CONF
CONF.register_opts(cinder_deprecated_opts)
CONF.register_opts(core_opts)
CONF.register_opts(cinder_opts, CINDER_GROUP)
ks_loading.register_session_conf_options(CONF, CINDER_GROUP)
ks_loading.register_auth_conf_options(CONF, CINDER_GROUP)
LOG = log.getLogger(__name__)
def list_opts():
return client_auth.AuthClientLoader.list_opts(CINDER_GROUP)
auth_obj = None
def cinderclient(context):
global auth_obj
