def record_user_action(cse_operation, status=OperationStatus.SUCCESS, message=None, telemetry_settings=None): """Record CSE user action information in telemetry server. No exceptions should be leaked. Catch all exceptions and log them. :param CseOperation cse_operation: :param OperationStatus status: SUCCESS/FAILURE of the user action :param str message: any information about failure or custom message :param dict telemetry_settings: telemetry section CSE config->service """ try: if not telemetry_settings: server_config = get_server_runtime_config() telemetry_settings = None if not server_config else \ server_config.get('service', {}).get('telemetry') if telemetry_settings: if telemetry_settings.get('enable'): payload = get_payload_for_user_action(cse_operation, status, message) # noqa: E501 _send_data_to_telemetry_server(payload, telemetry_settings) else: LOGGER.debug('No telemetry settings found.') except Exception as err: LOGGER.warning(f"Error in recording user action information:{str(err)}" ) # noqa: E501
def template_list(request_data, tenant_auth_token): """Request handler for template list operation. :return: List of dictionaries with template info. """ config = utils.get_server_runtime_config() templates = [] for t in config['broker']['templates']: templates.append({ 'name': t[LocalTemplateKey.NAME], 'revision': t[LocalTemplateKey.REVISION], 'is_default': t[LocalTemplateKey.NAME] == config['broker']['default_template_name'] and str(t[LocalTemplateKey.REVISION]) == str( config['broker']['default_template_revision']), # noqa: E501 'catalog': config['broker']['catalog'], 'catalog_item': t[LocalTemplateKey.CATALOG_ITEM_NAME], 'description': t[LocalTemplateKey.DESCRIPTION].replace("\\n", ", ") }) return templates
def template_list(request_data, tenant_auth_token, is_jwt_token): """Request handler for template list operation. :return: List of dictionaries with template info. """ config = utils.get_server_runtime_config() templates = [] for t in config['broker']['templates']: template_name = t[LocalTemplateKey.NAME] template_revision = str(t[LocalTemplateKey.REVISION]) default_template_name = config['broker']['default_template_name'] default_template_revision = str( config['broker']['default_template_revision']) # noqa: E501 is_default = (template_name, template_revision) == ( default_template_name, default_template_revision) # noqa: E501 templates.append({ 'name': template_name, 'revision': template_revision, 'is_default': 'Yes' if is_default else 'No', 'catalog': config['broker']['catalog'], 'catalog_item': t[LocalTemplateKey.CATALOG_ITEM_NAME], 'description': t[LocalTemplateKey.DESCRIPTION].replace("\\n", ", ") }) return sorted(templates, key=lambda i: (i['name'], i['revision']), reverse=True) # noqa: E501
def get_ovdc(operation_context: ctx.OperationContext, ovdc_id: str) -> dict: """Get ovdc info for a particular ovdc. :param ctx.OperationContext operation_context: context for the request :param str ovdc_id: ID of the ovdc :return: dictionary containing the ovdc information :rtype: dict """ # NOTE: For CSE 3.0, if `enable_tkg_plus` flag in config is set to false, # Prevent showing information about TKG+ by skipping TKG+ from the result. cse_params = { RequestKey.OVDC_ID: ovdc_id } telemetry_handler.record_user_action_details(cse_operation=CseOperation.OVDC_INFO, # noqa: E501 cse_params=cse_params) config = utils.get_server_runtime_config() log_wire = utils.str_to_bool(config.get('service', {}).get('log_wire')) result = asdict(get_ovdc_k8s_runtime_details(operation_context.sysadmin_client, # noqa: E501 ovdc_id=ovdc_id, log_wire=log_wire)) # TODO: Find a better way to avoid sending remove_cp_from_vms_on_disable # flag if ClusterEntityKind.TKG_PLUS.value in result['k8s_runtime'] \ and not utils.is_tkg_plus_enabled(): result['k8s_runtime'].remove(ClusterEntityKind.TKG_PLUS.value) del result['remove_cp_from_vms_on_disable'] return result
def get_sys_admin_client(): server_config = get_server_runtime_config() if not server_config['vcd']['verify']: SERVER_LOGGER.warning("InsecureRequestWarning: Unverified HTTPS " "request is being made. Adding certificate " "verification is strongly advised.") requests.packages.urllib3.disable_warnings() log_filename = None log_wire = str_to_bool(server_config['service'].get('log_wire')) if log_wire: log_filename = SERVER_DEBUG_WIRELOG_FILEPATH client = vcd_client.Client( uri=server_config['vcd']['host'], api_version=server_config['vcd']['api_version'], verify_ssl_certs=server_config['vcd']['verify'], log_file=log_filename, log_requests=log_wire, log_headers=log_wire, log_bodies=log_wire) credentials = vcd_client.BasicLoginCredentials( server_config['vcd']['username'], SYSTEM_ORG_NAME, server_config['vcd']['password']) client.set_credentials(credentials) return client
def list_ovdc(operation_context: ctx.OperationContext) -> List[dict]: """List all ovdc and their k8s runtimes. :param ctx.OperationContext operation_context: context for the request :return: list of dictionary containing details about the ovdc :rtype: List[dict] """ # NOTE: For CSE 3.0, if `enable_tkg_plus` flag in config is set to false, # Prevent showing information about TKG+ by skipping TKG+ from the result. # Record telemetry telemetry_handler.record_user_action_details(cse_operation=CseOperation.OVDC_LIST, # noqa: E501 cse_params={}) ovdcs = [] org_vdcs = vcd_utils.get_all_ovdcs(operation_context.client) for ovdc in org_vdcs: ovdc_name = ovdc.get('name') config = utils.get_server_runtime_config() log_wire = utils.str_to_bool(config.get('service', {}).get('log_wire')) ovdc_id = vcd_utils.extract_id(ovdc.get('id')) ovdc_details = asdict( get_ovdc_k8s_runtime_details(operation_context.sysadmin_client, ovdc_id=ovdc_id, ovdc_name=ovdc_name, log_wire=log_wire)) if ClusterEntityKind.TKG_PLUS.value in ovdc_details['k8s_runtime'] \ and not utils.is_tkg_plus_enabled(): # noqa: E501 ovdc_details['k8s_runtime'].remove(ClusterEntityKind.TKG_PLUS.value) # noqa: E501 # TODO: Find a better way to remove remove_cp_from_vms_on_disable del ovdc_details['remove_cp_from_vms_on_disable'] ovdcs.append(ovdc_details) return ovdcs
def delete_nodes_thread(self): LOGGER.debug(f"About to delete nodes from cluster with name: " f"{self.cluster_name}") try: vapp = VApp(self.tenant_client, href=self.cluster['vapp_href']) template = self._get_template() self._update_task( TaskStatus.RUNNING, message=f"Deleting " f"{len(self.req_spec.get(RequestKey.NODE_NAMES_LIST))}" f" node(s) from " f"{self.cluster_name}({self.cluster_id})") try: server_config = get_server_runtime_config() delete_nodes_from_cluster( server_config, vapp, template, self.req_spec.get(RequestKey.NODE_NAMES_LIST), self.req_spec.get(RequestKey.FORCE_DELETE)) except Exception: LOGGER.error(f"Couldn't delete node " f"{self.req_spec.get(RequestKey.NODE_NAMES_LIST)}" f" from cluster:{self.cluster_name}") self._update_task( TaskStatus.RUNNING, message=f"Undeploying " f"{len(self.req_spec.get(RequestKey.NODE_NAMES_LIST))}" f" node(s) for {self.cluster_name}({self.cluster_id})") for vm_name in self.req_spec.get(RequestKey.NODE_NAMES_LIST): vm = VM(self.tenant_client, resource=vapp.get_vm(vm_name)) try: task = vm.undeploy() self.tenant_client.get_task_monitor().wait_for_status(task) except Exception: LOGGER.warning(f"Couldn't undeploy VM {vm_name}") self._update_task( TaskStatus.RUNNING, message=f"Deleting " f"{len(self.req_spec.get(RequestKey.NODE_NAMES_LIST))}" f" VM(s) for {self.cluster_name}({self.cluster_id})") task = vapp.delete_vms(self.req_spec.get(RequestKey.NODE_NAMES_LIST)) # noqa: E501 self.tenant_client.get_task_monitor().wait_for_status(task) self._update_task( TaskStatus.SUCCESS, message=f"Deleted " f"{len(self.req_spec.get(RequestKey.NODE_NAMES_LIST))}" f" node(s) to cluster " f"{self.cluster_name}({self.cluster_id})") except Exception as e: LOGGER.error(traceback.format_exc()) error_obj = error_to_json(e) stack_trace = \ ''.join(error_obj[ERROR_MESSAGE_KEY][ERROR_STACKTRACE_KEY]) self._update_task( TaskStatus.ERROR, error_message=error_obj[ERROR_MESSAGE_KEY][ERROR_DESCRIPTION_KEY], # noqa: E501 stack_trace=stack_trace) finally: self._disconnect_sys_admin()
def _get_nfs_exports(self, ip, vapp, node): """Get the exports from remote NFS server (helper method). :param ip: (str): IP address of the NFS server :param vapp: (pyvcloud.vcd.vapp.VApp): The vApp or cluster to which node belongs :param node: (str): IP address of the NFS server :param node: (`lxml.objectify.StringElement`) object representing the vm resource. :return: (List): List of exports """ # TODO(right template) find a right way to retrieve # the template from which nfs node was created. server_config = get_server_runtime_config() template = server_config['broker']['templates'][0] script = f"#!/usr/bin/env bash\nshowmount -e {ip}" result = execute_script_in_nodes( server_config, vapp, template['admin_password'], script, nodes=[node], check_tools=False) lines = result[0][1].content.decode().split('\n') exports = [] for index in range(1, len(lines) - 1): export = lines[index].strip().split()[0] exports.append(export) return exports
def node_rollback(self, node_list): """Rollback for node creation failure. :param list node_list: faulty nodes to be deleted """ LOGGER.info(f"About to rollback nodes from cluster with name: " "{self.cluster_name}") LOGGER.info(f"Node list to be deleted:{node_list}") vapp = VApp(self.tenant_client, href=self.cluster['vapp_href']) template = self._get_template() try: server_config = get_server_runtime_config() delete_nodes_from_cluster(server_config, vapp, template, node_list, force=True) except Exception: LOGGER.warning("Couldn't delete node {node_list} from cluster:" "{self.cluster_name}") for vm_name in node_list: vm = VM(self.tenant_client, resource=vapp.get_vm(vm_name)) try: vm.undeploy() except Exception: LOGGER.warning(f"Couldn't undeploy VM {vm_name}") vapp.delete_vms(node_list) LOGGER.info(f"Successfully deleted nodes: {node_list}")
def decorator_wrapper(*args, **kwargs): server_config = utils.get_server_runtime_config() if (server_config['service']['enforce_authorization'] and required_rights is not None and len(required_rights) > 0): class_instance: abstract_broker.AbstractBroker = args[0] user_rights = class_instance.context.user.rights missing_rights = [] for right_name in required_rights: namespaced_name = f'{{{CSE_SERVICE_NAMESPACE}}}' \ f':{right_name}' if namespaced_name not in user_rights: missing_rights.append(namespaced_name) if len(missing_rights) > 0: LOGGER.debug(f"Authorization failed for user " f"'{class_instance.context.user.name}'. " f"Missing required rights: " f"{missing_rights}") raise Exception(f'Access forbidden. Missing required ' f'rights: {missing_rights}') return func(*args, **kwargs)
def ovdc_compute_policy_list(request_data, op_ctx: ctx.OperationContext): """Request handler for ovdc compute-policy list operation. Required data: ovdc_id :return: Dictionary with task href. """ required = [RequestKey.OVDC_ID] req_utils.validate_payload(request_data, required) config = utils.get_server_runtime_config() cpm = compute_policy_manager.ComputePolicyManager( op_ctx.sysadmin_client, log_wire=utils.str_to_bool(config['service'].get('log_wire'))) compute_policies = [] for cp in \ compute_policy_manager.list_cse_sizing_policies_on_vdc( cpm, request_data[RequestKey.OVDC_ID]): policy = { 'name': cp['display_name'], 'id': cp['id'], 'href': cp['href'] } compute_policies.append(policy) return compute_policies
def _get_template(self, name=None): server_config = get_server_runtime_config() name = name or \ self.req_spec.get(RequestKey.TEMPLATE_NAME) or \ server_config['broker']['default_template'] for template in server_config['broker']['templates']: if template['name'] == name: return template raise Exception(f"Template {name} not found.")
def create_nodes_thread(self): LOGGER.debug(f"About to add nodes to cluster with name: " f"{self.cluster_name}") try: server_config = get_server_runtime_config() org_resource = self.tenant_client.get_org() org = Org(self.tenant_client, resource=org_resource) vdc = VDC(self.tenant_client, href=self.cluster['vdc_href']) vapp = VApp(self.tenant_client, href=self.cluster['vapp_href']) template = self.get_template() self.update_task( TaskStatus.RUNNING, message=f"Creating {self.req_spec['node_count']} node(s) for " f"{self.cluster_name}({self.cluster_id})") new_nodes = add_nodes(self.req_spec['node_count'], template, self.req_spec['node_type'], server_config, self.tenant_client, org, vdc, vapp, self.req_spec) if self.req_spec['node_type'] == TYPE_NFS: self.update_task( TaskStatus.SUCCESS, message=f"Created {self.req_spec['node_count']} node(s) " f"for {self.cluster_name}({self.cluster_id})") elif self.req_spec['node_type'] == TYPE_NODE: self.update_task( TaskStatus.RUNNING, message=f"Adding {self.req_spec['node_count']} node(s) to " f"cluster {self.cluster_name}({self.cluster_id})") target_nodes = [] for spec in new_nodes['specs']: target_nodes.append(spec['target_vm_name']) vapp.reload() join_cluster(server_config, vapp, template, target_nodes) self.update_task( TaskStatus.SUCCESS, message=f"Added {self.req_spec['node_count']} node(s) to " f"cluster {self.cluster_name}({self.cluster_id})") except NodeCreationError as e: error_obj = error_to_json(e) LOGGER.error(traceback.format_exc()) stack_trace = ''.join(error_obj[ERROR_MESSAGE][ERROR_STACKTRACE]) self.update_task( TaskStatus.ERROR, error_message=error_obj[ERROR_MESSAGE][ERROR_DESCRIPTION], stack_trace=stack_trace) raise except Exception as e: error_obj = error_to_json(e) LOGGER.error(traceback.format_exc()) stack_trace = ''.join(error_obj[ERROR_MESSAGE][ERROR_STACKTRACE]) self.update_task( TaskStatus.ERROR, error_message=error_obj[ERROR_MESSAGE][ERROR_DESCRIPTION], stack_trace=stack_trace) finally: self._disconnect_sys_admin()
def __init__(self, pks_ctx, op_ctx: ctx.OperationContext): """Initialize PKS broker. :param dict pks_ctx: A dictionary with which should atleast have the following keys in it ['username', 'secret', 'host', 'port', 'uaac_port'], 'proxy' and 'pks_compute_profile_name' are optional keys. Currently all callers of this method is using ovdc cache (subject to change) to initialize PKS broker. """ self.context: ctx.OperationContext = None # populates above attributes super().__init__(op_ctx) if not pks_ctx: raise ValueError( "PKS context is required to establish connection to PKS") self.username = pks_ctx['username'] self.secret = pks_ctx['secret'] self.pks_host_uri = f"https://{pks_ctx['host']}:{pks_ctx['port']}" self.uaac_uri = f"https://{pks_ctx['host']}:{pks_ctx['uaac_port']}" self.proxy_uri = None if pks_ctx.get('proxy'): self.proxy_uri = f"http://{pks_ctx['proxy']}:80" self.compute_profile = pks_ctx.get(PKS_COMPUTE_PROFILE_KEY, None) self.nsxt_server = \ utils.get_pks_cache().get_nsxt_info(pks_ctx.get('vc')) self.nsxt_client = None self.pks_wire_logger = NULL_LOGGER nsxt_wire_logger = NULL_LOGGER config = utils.get_server_runtime_config() if utils.str_to_bool(config['service'].get('log_wire')): nsxt_wire_logger = SERVER_NSXT_WIRE_LOGGER self.pks_wire_logger = SERVER_PKS_WIRE_LOGGER if self.nsxt_server: self.nsxt_client = NSXTClient( host=self.nsxt_server.get('host'), username=self.nsxt_server.get('username'), password=self.nsxt_server.get('password'), logger_debug=SERVER_LOGGER, logger_wire=nsxt_wire_logger, http_proxy=self.nsxt_server.get('proxy'), https_proxy=self.nsxt_server.get('proxy'), verify_ssl=self.nsxt_server.get('verify')) # TODO() Add support in pyvcloud to send metadata values with their # types intact. verify_ssl = pks_ctx.get('verify') self.verify = True if isinstance(verify_ssl, bool): self.verify = verify_ssl elif isinstance(verify_ssl, str): self.verify = utils.str_to_bool(verify_ssl) self.pks_client = self._get_pks_client(self._get_token())
def get_cluster_config(self, cluster_name): self._connect_tenant() clusters = load_from_metadata(self.tenant_client, name=cluster_name) if len(clusters) != 1: raise CseServerError(f"Cluster '{cluster_name}' not found") vapp = VApp(self.tenant_client, href=clusters[0]['vapp_href']) template = self.get_template(name=clusters[0]['template']) server_config = get_server_runtime_config() result = get_cluster_config(server_config, vapp, template['admin_password']) return result
def get_template(self, name=None): server_config = get_server_runtime_config() if name is None: if 'template' in self.body and self.body['template'] is not None: name = self.body['template'] else: name = server_config['broker']['default_template'] for template in server_config['broker']['templates']: if template['name'] == name: return template raise Exception('Template %s not found' % name)
def cloudapi_client(self): if self._cloudapi_client is None: log_wire = utils.get_server_runtime_config() \ .get('service', {}).get('log_wire', False) logger_wire = logger.NULL_LOGGER if log_wire: logger_wire = logger.SERVER_CLOUDAPI_WIRE_LOGGER self._cloudapi_client = \ vcd_utils.get_cloudapi_client_from_vcd_client(self.client, logger.SERVER_LOGGER, # noqa: E501 logger_wire) return self._cloudapi_client
def __init__(self, request_headers, request_query_params, request_spec): self.req_headers = request_headers self.req_qparams = request_query_params self.req_spec = request_spec self.pks_cache = get_pks_cache() self.ovdc_cache = OvdcCache(get_vcd_sys_admin_client()) self.is_ovdc_present_in_request = False config = get_server_runtime_config() self.vcd_client, self.session = connect_vcd_user_via_token( vcd_uri=config['vcd']['host'], headers=self.req_headers, verify_ssl_certs=config['vcd']['verify'])
def get_template(self, name=None): server_config = get_server_runtime_config() if name is None: if 'template' in self.req_spec and \ self.req_spec['template'] is not None: name = self.req_spec['template'] else: name = server_config['broker']['default_template'] for template in server_config['broker']['templates']: if template['name'] == name: return template raise Exception(f"Template {name} not found.")
def get_cluster_config(self, cluster_name): result = {} self._connect_tenant() clusters = load_from_metadata(self.tenant_client, name=cluster_name) if len(clusters) != 1: raise CseServerError('Cluster \'%s\' not found' % cluster_name) vapp = VApp(self.tenant_client, href=clusters[0]['vapp_href']) template = self.get_template(name=clusters[0]['template']) server_config = get_server_runtime_config() result['body'] = get_cluster_config(server_config, vapp, template['admin_password']) result['status_code'] = OK return result
def template_list(request_data, op_ctx): """Request handler for template list operation. :return: List of dictionaries with template info. """ config = utils.get_server_runtime_config() templates = [] default_template_name = config['broker']['default_template_name'] default_template_revision = str( config['broker']['default_template_revision']) # noqa: E501 for t in config['broker']['templates']: template_name = t[LocalTemplateKey.NAME] template_revision = str(t[LocalTemplateKey.REVISION]) is_default = (template_name, template_revision) == ( default_template_name, default_template_revision) # noqa: E501 templates.append({ 'catalog': config['broker']['catalog'], 'catalog_item': t[LocalTemplateKey.CATALOG_ITEM_NAME], 'cni': t[LocalTemplateKey.CNI], 'cni_version': t[LocalTemplateKey.CNI_VERSION], 'deprecated': t[LocalTemplateKey.DEPRECATED], 'description': t[LocalTemplateKey.DESCRIPTION].replace("\\n", ", "), # noqa: E501 'docker_version': t[LocalTemplateKey.DOCKER_VERSION], 'is_default': 'Yes' if is_default else 'No', 'kind': t[LocalTemplateKey.KIND], 'kubernetes': t[LocalTemplateKey.KUBERNETES], 'kubernetes_version': t[LocalTemplateKey.KUBERNETES_VERSION], 'name': template_name, 'os': t[LocalTemplateKey.OS], 'revision': template_revision }) return sorted(templates, key=lambda i: (i['name'], i['revision']), reverse=True) # noqa: E501
def get_template(name=None, revision=None): if (name is None and revision is not None) or (name is not None and revision is None): # noqa: E501 raise ValueError(f"If template revision is specified, then template " f"name must also be specified (and vice versa).") server_config = utils.get_server_runtime_config() name = name or server_config['broker']['default_template_name'] revision = revision or server_config['broker']['default_template_revision'] for template in server_config['broker']['templates']: if template[LocalTemplateKey.NAME] == name and str(template[ LocalTemplateKey.REVISION]) == str(revision): # noqa: E501 return template raise Exception(f"Template '{name}' at revision {revision} not found.")
def connect_vcd_user_via_token(tenant_auth_token): server_config = get_server_runtime_config() vcd_uri = server_config['vcd']['host'] version = server_config['vcd']['api_version'] verify_ssl_certs = server_config['vcd']['verify'] client_tenant = Client(uri=vcd_uri, api_version=version, verify_ssl_certs=verify_ssl_certs, log_file=SERVER_DEBUG_WIRELOG_FILEPATH, log_requests=True, log_headers=True, log_bodies=True) session = client_tenant.rehydrate_from_token(tenant_auth_token) return (client_tenant, session)
def delete_nodes_thread(self): LOGGER.debug(f"About to delete nodes from cluster with name: " f"{self.cluster_name}") try: vapp = VApp(self.tenant_client, href=self.cluster['vapp_href']) template = self.get_template() self.update_task( TaskStatus.RUNNING, message=f"Deleting {len(self.req_spec['nodes'])} node(s) from " f"{self.cluster_name}({self.cluster_id})") try: server_config = get_server_runtime_config() delete_nodes_from_cluster(server_config, vapp, template, self.req_spec['nodes'], self.req_spec['force']) except Exception: LOGGER.error(f"Couldn't delete node {self.req_spec['nodes']} " f"from cluster:{self.cluster_name}") self.update_task( TaskStatus.RUNNING, message=f"Undeploying {len(self.req_spec['nodes'])} node(s) " f"for {self.cluster_name}({self.cluster_id})") for vm_name in self.req_spec['nodes']: vm = VM(self.tenant_client, resource=vapp.get_vm(vm_name)) try: task = vm.undeploy() self.tenant_client.get_task_monitor().wait_for_status(task) except Exception: LOGGER.warning(f"Couldn't undeploy VM {vm_name}") self.update_task( TaskStatus.RUNNING, message=f"Deleting {len(self.req_spec['nodes'])} VM(s) for " f"{self.cluster_name}({self.cluster_id})") task = vapp.delete_vms(self.req_spec['nodes']) self.tenant_client.get_task_monitor().wait_for_status(task) self.update_task( TaskStatus.SUCCESS, message=f"Deleted {len(self.req_spec['nodes'])} node(s) to " f"cluster {self.cluster_name}({self.cluster_id})") except Exception as e: LOGGER.error(traceback.format_exc()) error_obj = error_to_json(e) stack_trace = ''.join(error_obj[ERROR_MESSAGE][ERROR_STACKTRACE]) self.update_task( TaskStatus.ERROR, error_message=error_obj[ERROR_MESSAGE][ERROR_DESCRIPTION], stack_trace=stack_trace) finally: self._disconnect_sys_admin()
def _connect_tenant(self): server_config = get_server_runtime_config() host = server_config['vcd']['host'] verify = server_config['vcd']['verify'] self.tenant_client, self.client_session = connect_vcd_user_via_token( vcd_uri=host, headers=self.req_headers, verify_ssl_certs=verify) self.tenant_info = { 'user_name': self.client_session.get('user'), 'user_id': self.client_session.get('userId'), 'org_name': self.client_session.get('org'), 'org_href': self.tenant_client._get_wk_endpoint( _WellKnownEndpoint.LOGGED_IN_ORG) }
def ovdc_compute_policy_list(request_data, request_context: ctx.RequestContext): """Request handler for ovdc compute-policy list operation. Required data: ovdc_id :return: Dictionary with task href. """ required = [RequestKey.OVDC_ID] req_utils.validate_payload(request_data, required) config = utils.get_server_runtime_config() cpm = compute_policy_manager.ComputePolicyManager( request_context.sysadmin_client, log_wire=utils.str_to_bool(config['service'].get('log_wire'))) return cpm.list_compute_policies_on_vdc(request_data[RequestKey.OVDC_ID])
def connect_vcd_user_via_token(tenant_auth_token): server_config = get_server_runtime_config() vcd_uri = server_config['vcd']['host'] version = server_config['vcd']['api_version'] verify_ssl_certs = server_config['vcd']['verify'] log_filename = None log_wire = str_to_bool(server_config['service'].get('log_wire')) if log_wire: log_filename = SERVER_DEBUG_WIRELOG_FILEPATH client_tenant = Client(uri=vcd_uri, api_version=version, verify_ssl_certs=verify_ssl_certs, log_file=log_filename, log_requests=log_wire, log_headers=log_wire, log_bodies=log_wire) session = client_tenant.rehydrate_from_token(tenant_auth_token) return (client_tenant, session)
def get_cluster_config(self, cluster_name): self._connect_tenant() clusters = load_from_metadata( self.tenant_client, name=cluster_name, org_name=self.req_spec.get(RequestKey.ORG_NAME), vdc_name=self.req_spec.get(RequestKey.OVDC_NAME)) if len(clusters) > 1: raise CseDuplicateClusterError(f"Multiple clusters of name" f" '{cluster_name}' detected.") if len(clusters) == 0: raise ClusterNotFoundError(f"Cluster '{cluster_name}' not found.") vapp = VApp(self.tenant_client, href=clusters[0]['vapp_href']) template = self._get_template(name=clusters[0]['template']) server_config = get_server_runtime_config() result = get_cluster_config(server_config, vapp, template['admin_password']) return result
def decorator_wrapper(*args, **kwargs): sys_admin_client = None try: is_authorized = True server_config = get_server_runtime_config() if server_config['service']['enforce_authorization']: sys_admin_client = get_vcd_sys_admin_client() broker_instance = args[0] # self user_session = broker_instance.get_tenant_client_session() is_authorized = _is_authorized(sys_admin_client, user_session, required_rights) if is_authorized: return func(*args, **kwargs) else: raise Exception( 'Access Forbidden. Missing required rights.') finally: if sys_admin_client is not None: sys_admin_client.logout()
def record_user_action_details(cse_operation, cse_params, telemetry_settings=None): """Record CSE user operation details in telemetry server. No exception should be leaked. Catch all exceptions and log them. :param CseOperation cse_operation: CSE operation information :param dict cse_params: CSE operation parameters :param dict telemetry_settings: telemetry section of config->service """ try: if not telemetry_settings: telemetry_settings = get_server_runtime_config()['service'][ 'telemetry'] # noqa: E501 if telemetry_settings['enable']: payload = OPERATION_TO_PAYLOAD_GENERATOR[cse_operation](cse_params) _send_data_to_telemetry_server(payload, telemetry_settings) except Exception as err: LOGGER.warning(f"Error in recording CSE operation details :{str(err)}" ) # noqa: E501