def _create_stack(self, context, osc, cluster, cluster_create_timeout):
template_path, heat_params, env_files = (
self._extract_template_definition(context, cluster))
tpl_files, template = template_utils.get_template_contents(
template_path)
environment_files, env_map = self._get_env_files(template_path,
env_files)
tpl_files.update(env_map)
# Make sure no duplicate stack name
stack_name = '%s-%s' % (cluster.name, short_id.generate_id())
if cluster_create_timeout:
heat_timeout = cluster_create_timeout
else:
# no cluster_create_timeout value was passed in to the request
# so falling back on configuration file value
heat_timeout = cfg.CONF.cluster_heat.create_timeout
fields = {
'stack_name': stack_name,
'parameters': heat_params,
'environment_files': environment_files,
'template': template,
'files': tpl_files,
'timeout_mins': heat_timeout
}
created_stack = osc.heat().stacks.create(**fields)
return created_stack
def main():
logging.register_options(cfg.CONF)
cfg.CONF(sys.argv[1:], project='magnum')
logging.setup(cfg.CONF, 'magnum')
LOG.info(_LI('Starting server in PID %s') % os.getpid())
LOG.debug("Configuration:")
cfg.CONF.log_opt_values(LOG, std_logging.DEBUG)
cfg.CONF.import_opt('topic', 'magnum.conductor.config', group='conductor')
conductor_id = short_id.generate_id()
endpoints = [
docker_conductor.Handler(),
k8s_conductor.Handler(),
bay_conductor.Handler(),
conductor_listener.Handler(),
]
if (not os.path.isfile(cfg.CONF.bay.k8s_atomic_template_path)
and not os.path.isfile(cfg.CONF.bay.k8s_coreos_template_path)):
LOG.error(_LE("The Heat template can not be found for either k8s "
"atomic %(atomic_template)s or coreos "
"(coreos_template)%s. Install template first if you "
"want to create bay.") %
{'atomic_template': cfg.CONF.bay.k8s_atomic_template_path,
'coreos_template': cfg.CONF.bay.k8s_coreos_template_path})
server = service.Service(cfg.CONF.conductor.topic,
conductor_id, endpoints)
server.serve()
def main():
magnum_service.prepare_service(sys.argv)
gmr.TextGuruMeditation.setup_autorun(version)
LOG.info('Starting server in PID %s', os.getpid())
LOG.debug("Configuration:")
CONF.log_opt_values(LOG, logging.DEBUG)
conductor_id = short_id.generate_id()
endpoints = [
indirection_api.Handler(),
cluster_conductor.Handler(),
conductor_listener.Handler(),
ca_conductor.Handler(),
federation_conductor.Handler(),
]
server = rpc_service.Service.create(CONF.conductor.topic,
conductor_id, endpoints,
binary='magnum-conductor')
workers = CONF.conductor.workers
if not workers:
workers = processutils.get_worker_count()
launcher = service.launch(CONF, server, workers=workers)
# NOTE(mnaser): We create the periodic tasks here so that they
# can be attached to the main process and not
# duplicated in all the children if multiple
# workers are being used.
server.create_periodic_tasks()
server.start()
launcher.wait()
def _generate_client_cert(issuer_name, ca_cert, ca_password, context=None):
"""Generate and store magnum_client_cert
:param issuer_name: CA subject name
:param ca_cert: CA certificate
:param ca_password: CA private key password
:returns: Magnum client cert uuid
"""
client_password = short_id.generate_id()
client_cert = x509.generate_client_certificate(
issuer_name,
CONDUCTOR_CLIENT_NAME,
ca_cert['private_key'],
encryption_password=client_password,
ca_key_password=ca_password,
)
magnum_cert_ref = cert_manager.get_backend().CertManager.store_cert(
certificate=client_cert['certificate'],
private_key=client_cert['private_key'],
private_key_passphrase=client_password,
name=CONDUCTOR_CLIENT_NAME,
context=context
)
LOG.debug('Magnum client cert is created: %s', magnum_cert_ref)
return magnum_cert_ref
def main():
magnum_service.prepare_service(sys.argv)
gmr.TextGuruMeditation.setup_autorun(version)
LOG.info(_LI('Starting server in PID %s'), os.getpid())
LOG.debug("Configuration:")
cfg.CONF.log_opt_values(LOG, logging.DEBUG)
cfg.CONF.import_opt('topic', 'magnum.conductor.config', group='conductor')
conductor_id = short_id.generate_id()
endpoints = [
indirection_api.Handler(),
docker_conductor.Handler(),
k8s_conductor.Handler(),
bay_conductor.Handler(),
conductor_listener.Handler(),
ca_conductor.Handler(),
]
server = rpc_service.Service.create(cfg.CONF.conductor.topic,
conductor_id, endpoints,
binary='magnum-conductor')
launcher = service.launch(cfg.CONF, server)
launcher.wait()
def create_stack(self, context, osc, cluster, cluster_create_timeout):
template_path, heat_params, env_files = (_extract_template_definition(
context, cluster))
tpl_files, template = template_utils.get_template_contents(
template_path)
environment_files, env_map = _get_env_files(template_path, env_files)
tpl_files.update(env_map)
# Make sure no duplicate stack name
stack_name = '%s-%s' % (cluster.name, short_id.generate_id())
if cluster_create_timeout:
heat_timeout = cluster_create_timeout
else:
# no cluster_create_timeout value was passed in to the request
# so falling back on configuration file value
heat_timeout = cfg.CONF.cluster_heat.create_timeout
fields = {
'stack_name': stack_name,
'parameters': heat_params,
'environment_files': environment_files,
'template': template,
'files': tpl_files,
'timeout_mins': heat_timeout
}
created_stack = osc.heat().stacks.create(**fields)
return created_stack
def _generate_client_cert(issuer_name, ca_cert, ca_password, context=None):
"""Generate and store magnum_client_cert
:param issuer_name: CA subject name
:param ca_cert: CA certificate
:param ca_password: CA private key password
:returns: Magnum client cert uuid
"""
client_password = short_id.generate_id()
# TODO(strigazi): set subject name and organization per driver
# For RBAC kubernetes cluster we need the client to have:
# subject_name: admin
# organization_name system:masters
# Non kubernetes drivers are not using the certificates fields
# for authorization
subject_name = 'admin'
organization_name = 'system:masters'
client_cert = x509.generate_client_certificate(
issuer_name,
subject_name,
organization_name,
ca_cert['private_key'],
encryption_password=client_password,
ca_key_password=ca_password,
)
magnum_cert_ref = cert_manager.get_backend().CertManager.store_cert(
certificate=client_cert['certificate'],
private_key=client_cert['private_key'],
private_key_passphrase=client_password,
name=CONDUCTOR_CLIENT_NAME,
context=context)
LOG.debug('Magnum client cert is created: %s', magnum_cert_ref)
return magnum_cert_ref
def main():
magnum_service.prepare_service(sys.argv)
gmr.TextGuruMeditation.setup_autorun(version)
LOG.info(_LI('Starting server in PID %s'), os.getpid())
LOG.debug("Configuration:")
cfg.CONF.log_opt_values(LOG, logging.DEBUG)
cfg.CONF.import_opt('topic', 'magnum.conductor.config', group='conductor')
conductor_id = short_id.generate_id()
endpoints = [
indirection_api.Handler(),
docker_conductor.Handler(),
k8s_conductor.Handler(),
bay_conductor.Handler(),
conductor_listener.Handler(),
ca_conductor.Handler(),
]
if (not os.path.isfile(cfg.CONF.bay.k8s_atomic_template_path)
and not os.path.isfile(cfg.CONF.bay.k8s_coreos_template_path)):
LOG.error(_LE("The Heat template can not be found for either k8s "
"atomic %(atomic_template)s or coreos "
"%(coreos_template)s. Install template first if you "
"want to create bay.") %
{'atomic_template': cfg.CONF.bay.k8s_atomic_template_path,
'coreos_template': cfg.CONF.bay.k8s_coreos_template_path})
server = rpc_service.Service.create(cfg.CONF.conductor.topic,
conductor_id, endpoints,
binary='magnum-conductor')
launcher = service.launch(cfg.CONF, server)
launcher.wait()
def main():
magnum_service.prepare_service(sys.argv)
gmr.TextGuruMeditation.setup_autorun(version)
LOG.info('Starting server in PID %s', os.getpid())
LOG.debug("Configuration:")
CONF.log_opt_values(LOG, logging.DEBUG)
conductor_id = short_id.generate_id()
endpoints = [
indirection_api.Handler(),
cluster_conductor.Handler(),
conductor_listener.Handler(),
ca_conductor.Handler(),
]
server = rpc_service.Service.create(CONF.conductor.topic,
conductor_id,
endpoints,
binary='magnum-conductor')
workers = CONF.conductor.workers
if not workers:
workers = processutils.get_worker_count()
launcher = service.launch(CONF, server, workers=workers)
launcher.wait()
def _generate_client_cert(issuer_name, ca_cert, ca_password, context=None):
"""Generate and store magnum_client_cert
:param issuer_name: CA subject name
:param ca_cert: CA certificate
:param ca_password: CA private key password
:returns: Magnum client cert uuid
"""
client_password = short_id.generate_id()
# TODO(strigazi): set subject name and organization per driver
# For RBAC kubernetes cluster we need the client to have:
# subject_name: admin
# organization_name system:masters
# Non kubernetes drivers are not using the certificates fields
# for authorization
subject_name = 'admin'
organization_name = 'system:masters'
client_cert = x509.generate_client_certificate(
issuer_name,
subject_name,
organization_name,
ca_cert['private_key'],
encryption_password=client_password,
ca_key_password=ca_password,
)
magnum_cert_ref = cert_manager.get_backend().CertManager.store_cert(
certificate=client_cert['certificate'],
private_key=client_cert['private_key'],
private_key_passphrase=client_password,
name=CONDUCTOR_CLIENT_NAME,
context=context
)
LOG.debug('Magnum client cert is created: %s', magnum_cert_ref)
return magnum_cert_ref
def main():
magnum_service.prepare_service(sys.argv)
gmr.TextGuruMeditation.setup_autorun(version)
LOG.info('Starting server in PID %s', os.getpid())
LOG.debug("Configuration:")
CONF.log_opt_values(LOG, logging.DEBUG)
conductor_id = short_id.generate_id()
endpoints = [
indirection_api.Handler(),
cluster_conductor.Handler(),
conductor_listener.Handler(),
ca_conductor.Handler(),
federation_conductor.Handler(),
]
server = rpc_service.Service.create(CONF.conductor.topic,
conductor_id,
endpoints,
binary='magnum-conductor')
workers = CONF.conductor.workers
if not workers:
workers = processutils.get_worker_count()
launcher = service.launch(CONF, server, workers=workers)
# NOTE(mnaser): We create the periodic tasks here so that they
# can be attached to the main process and not
# duplicated in all the children if multiple
# workers are being used.
server.create_periodic_tasks()
server.start()
launcher.wait()
def main():
magnum_service.prepare_service(sys.argv)
gmr.TextGuruMeditation.setup_autorun(version)
LOG.info(_LI('Starting server in PID %s') % os.getpid())
LOG.debug("Configuration:")
cfg.CONF.log_opt_values(LOG, std_logging.DEBUG)
cfg.CONF.import_opt('topic', 'magnum.conductor.config', group='conductor')
conductor_id = short_id.generate_id()
endpoints = [
docker_conductor.Handler(),
k8s_conductor.Handler(),
bay_conductor.Handler(),
x509keypair_conductor.Handler(),
conductor_listener.Handler(),
ca_conductor.Handler(),
]
if (not os.path.isfile(cfg.CONF.bay.k8s_atomic_template_path)
and not os.path.isfile(cfg.CONF.bay.k8s_coreos_template_path)):
LOG.error(_LE("The Heat template can not be found for either k8s "
"atomic %(atomic_template)s or coreos "
"(coreos_template)%s. Install template first if you "
"want to create bay.") %
{'atomic_template': cfg.CONF.bay.k8s_atomic_template_path,
'coreos_template': cfg.CONF.bay.k8s_coreos_template_path})
server = rpc_service.Service.create(cfg.CONF.conductor.topic,
conductor_id, endpoints)
launcher = service.launch(cfg.CONF, server)
launcher.wait()
def main():
magnum_service.prepare_service(sys.argv)
gmr.TextGuruMeditation.setup_autorun(version)
LOG.info(_LI('Starting server in PID %s'), os.getpid())
LOG.debug("Configuration:")
cfg.CONF.log_opt_values(LOG, logging.DEBUG)
cfg.CONF.import_opt('topic', 'magnum.conductor.config', group='conductor')
conductor_id = short_id.generate_id()
endpoints = [
indirection_api.Handler(),
cluster_conductor.Handler(),
conductor_listener.Handler(),
ca_conductor.Handler(),
]
server = rpc_service.Service.create(cfg.CONF.conductor.topic,
conductor_id,
endpoints,
binary='magnum-conductor')
launcher = service.launch(cfg.CONF, server)
launcher.wait()
def test_generate_ids(self):
allowed_chars = 'abcdefghijklmnopqrstuvwxyz234567'
ids = [short_id.generate_id() for i in range(25)]
for id in ids:
self.assertEqual(12, len(id))
self.assertFalse(id.translate(None, allowed_chars))
self.assertEqual(1, ids.count(id))
def test_generate_ids(self):
allowed_chars = 'abcdefghijklmnopqrstuvwxyz234567'
ids = [short_id.generate_id() for i in range(25)]
for id in ids:
self.assertEqual(12, len(id))
self.assertFalse(id.translate(None, allowed_chars))
self.assertEqual(1, ids.count(id))
def test_generate_ids(self):
allowed_chars = 'abcdefghijklmnopqrstuvwxyz234567'
ids = [short_id.generate_id() for i in range(25)]
for id in ids:
self.assertEqual(12, len(id))
s = ''.join(ch for ch in id if ch not in allowed_chars)
self.assertEqual(s, '')
self.assertEqual(1, ids.count(id))
def _create_stack(self, context, osc, cluster, cluster_create_timeout,
nodegroup=None):
nodegroups = [nodegroup] if nodegroup else None
template_path, heat_params, env_files = (
self._extract_template_definition(context, cluster,
nodegroups=nodegroups))
tpl_files, template = template_utils.get_template_contents(
template_path)
environment_files, env_map = self._get_env_files(template_path,
env_files)
tpl_files.update(env_map)
# Make sure we end up with a valid hostname
valid_chars = set(ascii_letters + digits + '-')
# valid hostnames are 63 chars long, leaving enough room
# to add the random id (for uniqueness)
if nodegroup is None:
stack_name = cluster.name[:30]
else:
stack_name = "%s-%s" % (cluster.name[:20], nodegroup.name[:9])
stack_name = stack_name.replace('_', '-')
stack_name = stack_name.replace('.', '-')
stack_name = ''.join(filter(valid_chars.__contains__, stack_name))
# Make sure no duplicate stack name
stack_name = '%s-%s' % (stack_name, short_id.generate_id())
stack_name = stack_name.lower()
if cluster_create_timeout:
heat_timeout = cluster_create_timeout
else:
# no cluster_create_timeout value was passed in to the request
# so falling back on configuration file value
heat_timeout = cfg.CONF.cluster_heat.create_timeout
heat_params['is_cluster_stack'] = nodegroup is None
if nodegroup:
# In case we are creating a new stack for a new nodegroup then
# we need to extract more params.
heat_params.update(self.get_nodegroup_extra_params(cluster, osc))
fields = {
'stack_name': stack_name,
'parameters': heat_params,
'environment_files': environment_files,
'template': template,
'files': tpl_files,
'timeout_mins': heat_timeout
}
created_stack = osc.heat().stacks.create(**fields)
return created_stack
def _generate_ca_cert(issuer_name):
"""Generate and store ca_cert
:param issuer_name: CA subject name
:returns: CA cert uuid and CA cert, CA private key password
"""
ca_password = short_id.generate_id()
ca_cert = x509.generate_ca_certificate(issuer_name,
encryption_password=ca_password)
ca_cert_ref = cert_manager.get_backend().CertManager.store_cert(
certificate=ca_cert['certificate'],
private_key=ca_cert['private_key'],
private_key_passphrase=ca_password,
name=issuer_name,
)
LOG.debug('CA cert is created: %s' % ca_cert_ref)
return ca_cert_ref, ca_cert, ca_password
def _generate_ca_cert(issuer_name):
"""Generate and store ca_cert
:param issuer_name: CA subject name
:returns: CA cert uuid and CA cert, CA private key password
"""
ca_password = short_id.generate_id()
ca_cert = x509.generate_ca_certificate(issuer_name,
encryption_password=ca_password)
ca_cert_ref = cert_manager.get_backend().CertManager.store_cert(
certificate=ca_cert['certificate'],
private_key=ca_cert['private_key'],
private_key_passphrase=ca_password,
name=issuer_name,
)
LOG.debug('CA cert is created: %s' % ca_cert_ref)
return ca_cert_ref, ca_cert, ca_password
def _create_stack(self, context, osc, cluster, cluster_create_timeout):
template_path, heat_params, env_files = (
self._extract_template_definition(context, cluster))
tpl_files, template = template_utils.get_template_contents(
template_path)
environment_files, env_map = self._get_env_files(template_path,
env_files)
tpl_files.update(env_map)
# Make sure we end up with a valid hostname
valid_chars = set(ascii_letters + digits + '-')
# valid hostnames are 63 chars long, leaving enough room
# to add the random id (for uniqueness)
stack_name = cluster.name[:30]
stack_name = stack_name.replace('_', '-')
stack_name = stack_name.replace('.', '-')
stack_name = ''.join(filter(valid_chars.__contains__, stack_name))
# Make sure no duplicate stack name
stack_name = '%s-%s' % (stack_name, short_id.generate_id())
stack_name = stack_name.lower()
if cluster_create_timeout:
heat_timeout = cluster_create_timeout
else:
# no cluster_create_timeout value was passed in to the request
# so falling back on configuration file value
heat_timeout = cfg.CONF.cluster_heat.create_timeout
fields = {
'stack_name': stack_name,
'parameters': heat_params,
'environment_files': environment_files,
'template': template,
'files': tpl_files,
'timeout_mins': heat_timeout
}
created_stack = osc.heat().stacks.create(**fields)
return created_stack
def _create_stack(self, context, osc, cluster, cluster_create_timeout):
template_path, heat_params, env_files = (
self._extract_template_definition(context, cluster))
tpl_files, template = template_utils.get_template_contents(
template_path)
environment_files, env_map = self._get_env_files(template_path,
env_files)
tpl_files.update(env_map)
# Make sure we end up with a valid hostname
valid_chars = set(ascii_letters + digits + '-')
# valid hostnames are 63 chars long, leaving enough room
# to add the random id (for uniqueness)
stack_name = cluster.name[:30]
stack_name = stack_name.replace('_', '-')
stack_name = stack_name.replace('.', '-')
stack_name = ''.join(filter(valid_chars.__contains__, stack_name))
# Make sure no duplicate stack name
stack_name = '%s-%s' % (stack_name, short_id.generate_id())
stack_name = stack_name.lower()
if cluster_create_timeout:
heat_timeout = cluster_create_timeout
else:
# no cluster_create_timeout value was passed in to the request
# so falling back on configuration file value
heat_timeout = cfg.CONF.cluster_heat.create_timeout
fields = {
'stack_name': stack_name,
'parameters': heat_params,
'environment_files': environment_files,
'template': template,
'files': tpl_files,
'timeout_mins': heat_timeout
}
created_stack = osc.heat().stacks.create(**fields)
return created_stack
def _create_stack(context, osc, bay, bay_create_timeout):
template_path, heat_params = _extract_template_definition(context, bay)
tpl_files, template = template_utils.get_template_contents(template_path)
# Make sure no duplicate stack name
stack_name = '%s-%s' % (bay.name, short_id.generate_id())
if bay_create_timeout:
heat_timeout = bay_create_timeout
elif bay_create_timeout == 0:
heat_timeout = None
else:
# no bay_create_timeout value was passed in to the request
# so falling back on configuration file value
heat_timeout = cfg.CONF.k8s_heat.bay_create_timeout
fields = {
'stack_name': stack_name,
'parameters': heat_params,
'template': template,
'files': dict(list(tpl_files.items())),
'timeout_mins': heat_timeout
}
created_stack = osc.heat().stacks.create(**fields)
return created_stack
def main():
magnum_service.prepare_service(sys.argv)
LOG.info(_LI("Starting server in PID %s") % os.getpid())
LOG.debug("Configuration:")
cfg.CONF.log_opt_values(LOG, std_logging.DEBUG)
cfg.CONF.import_opt("topic", "magnum.conductor.config", group="conductor")
conductor_id = short_id.generate_id()
endpoints = [
docker_conductor.Handler(),
k8s_conductor.Handler(),
bay_conductor.Handler(),
conductor_listener.Handler(),
]
if not os.path.isfile(cfg.CONF.bay.k8s_atomic_template_path) and not os.path.isfile(
cfg.CONF.bay.k8s_coreos_template_path
):
LOG.error(
_LE(
"The Heat template can not be found for either k8s "
"atomic %(atomic_template)s or coreos "
"(coreos_template)%s. Install template first if you "
"want to create bay."
)
% {
"atomic_template": cfg.CONF.bay.k8s_atomic_template_path,
"coreos_template": cfg.CONF.bay.k8s_coreos_template_path,
}
)
server = rpc_service.Service.create(cfg.CONF.conductor.topic, conductor_id, endpoints)
launcher = service.launch(cfg.CONF, server)
launcher.wait()
def _generate_client_cert(issuer_name, ca_cert, ca_password, context=None):
"""Generate and store magnum_client_cert
:param issuer_name: CA subject name
:param ca_cert: CA certificate
:param ca_password: CA private key password
:returns: Magnum client cert uuid
"""
client_password = short_id.generate_id()
client_cert = x509.generate_client_certificate(
issuer_name,
CONDUCTOR_CLIENT_NAME,
ca_cert['private_key'],
encryption_password=client_password,
ca_key_password=ca_password,
)
magnum_cert_ref = cert_manager.get_backend().CertManager.store_cert(
certificate=client_cert['certificate'],
private_key=client_cert['private_key'],
private_key_passphrase=client_password,
name=CONDUCTOR_CLIENT_NAME,
context=context)
LOG.debug('Magnum client cert is created: %s', magnum_cert_ref)
return magnum_cert_ref
def _create_stack(context, osc, bay, bay_create_timeout):
template_path, heat_params = _extract_template_definition(context, bay)
tpl_files, template = template_utils.get_template_contents(template_path)
# Make sure no duplicate stack name
stack_name = '%s-%s' % (bay.name, short_id.generate_id())
if bay_create_timeout:
heat_timeout = bay_create_timeout
elif bay_create_timeout == 0:
heat_timeout = None
else:
# no bay_create_timeout value was passed in to the request
# so falling back on configuration file value
heat_timeout = cfg.CONF.bay_heat.bay_create_timeout
fields = {
'stack_name': stack_name,
'parameters': heat_params,
'template': template,
'files': dict(list(tpl_files.items())),
'timeout_mins': heat_timeout
}
created_stack = osc.heat().stacks.create(**fields)
return created_stack
def setUp(self):
super(BayLockTest, self).setUp()
self.conductor_id = short_id.generate_id()
self.bay = obj_utils.get_test_bay(self.context)
def setUp(self):
super(BayLockTest, self).setUp()
self.conductor_id = short_id.generate_id()
self.bay = obj_utils.get_test_bay(self.context)