def list(): """Get a list of projects.""" client = p9admin.OpenStackClient() projects = client.projects() for project in projects: print(project.name)
def ensure_ldap(name, group_cn, uid, password): """Ensure a project exists based on an LDAP group.""" if not uid: sys.exit("You must specify --uid USER to connect to LDAP") if group_cn is None: group_cn = name client = p9admin.OpenStackClient() client.logger.info("Ensuring actual project exists") project = p9admin.project.ensure_project(client, name) client.logger.info("Ensuring all users exist and have their own projects") users = p9admin.user.get_ldap_group_users(group_cn, uid, password) if not users: sys.exit("LDAP group {} doesn't contain any users".format(group_cn)) client.ensure_users(users) user_ids = [user.user.id for user in users] client.ensure_project_members(project, user_ids, keep_others=False) print('Project "{}" [{}]'.format(project.name, project.id))
def ensure_ldap(name, group_cn, uid, password): """Ensure a project exists based on an LDAP group""" if not uid: sys.exit("You must specify --uid USER to connect to LDAP") if group_cn is None: group_cn = name client = p9admin.OpenStackClient() client.logger.info("Ensuring all users exist and have their own projects") ### FIXME this is common code with user.ensure_users p9Users = p9admin.user.get_ldap_group_users(group_cn, uid, password) if not p9Users: sys.exit("LDAP group {} doesn't contain any users".format(group_cn)) for p9User in p9Users: project = p9admin.project.ensure_project(client, p9User.name) client.ensure_user(p9User, default_project=project) client.grant_project_access(project, user=p9User.user) client.logger.info("Ensuring group exists and has the correct members") group = client.ensure_group(name) users = [p9User.user for p9User in p9Users] client.ensure_group_members(group, users, keep_others=False) client.logger.info("Ensuring actual project exists") project = p9admin.project.ensure_project(client, name) client.grant_project_access(project, group=group) print('Project "{}" [{}]'.format(project.name, project.id))
def repl(): """Drop into interactive Python REPL""" client = p9admin.OpenStackClient() import code vars = globals().copy() vars.update(locals()) code.interact(local=vars)
def get_quota(project_name): """Get a list of quotas for a project.""" if "OS_NOVA_URL" not in os.environ: sys.exit("OS_NOVA_URL environment variable must be set. Check README.rst") client = p9admin.OpenStackClient() project = client.project_by_name(project_name) pprint.pprint(p9admin.project.get_quota(client, project.id))
def ensure_ldap_users(filter, uid, password): """Ensure that users are set up based on an LDAP filter.""" if not uid: sys.exit("You must specify --uid USER to connect to LDAP") client = p9admin.OpenStackClient() users = p9admin.user.get_ldap_users(filter, uid, password) client.ensure_users(users)
def ensure_user(name, email): """Ensure that an SAML user is all set up""" client = p9admin.OpenStackClient() user = p9admin.User(name, email) client.saml().ensure_group(user) client.saml().ensure_mappings([user]) project = p9admin.project.ensure_project(client, user.name) client.grant_project_access(project, group=user.group)
def list(): """List hosts""" hosts = p9admin.OpenStackClient().openstack().list_hypervisors() hosts = sorted(hosts, key=operator.itemgetter("hypervisor_hostname")) for host in hosts: print("{host_id} {hypervisor_hostname:<55} {state:10} {status:10}" \ .format( host_id=host['OS-EXT-PF9-HYP-ATTR:host_id'], **host.toDict()))
def revoke_user(email, project, admin): """Revoke a user's access to a project.""" client = p9admin.OpenStackClient() user = client.find_user(email) if not user: sys.exit('User "{}" not found'.format(email)) client.revoke_project_access( client.find_project(project), user=user, role_name=role_name(admin))
def ensure(name): """ Ensure a project exists. This will also ensure that the networks and other objects that should exist within the project do actually exist. """ client = p9admin.OpenStackClient() project = p9admin.project.ensure_project(client, name, assume_complete=False) print('Project "{}" [{}]'.format(project.name, project.id))
def repl(): """ Drop into interactive Python REPL. An instance of p9admin.OpenStackClient() will be available as "client". """ client = p9admin.OpenStackClient() import code vars = globals().copy() vars.update(locals()) code.interact(local=vars)
def apply_quota_all(quota_name, quota_value, force=False, defaults=False): """ Apply a quota to all projects in the environment. This will not lower quotas, only raise them. Use --force to force all quotas to the new setting, even if that would mean lowering a quota. quota_name is one of: instances ram cores fixed_ips floating_ips injected_file_content_bytes injected_file_path_bytes injected_files key_pairs metadata_items security_groups security_group_rules server_groups server_group_members networks subnets routers root_gb quota_value is a number, -1 for unlimited """ client = p9admin.OpenStackClient() projects = client.projects() if "OS_NOVA_URL" not in os.environ: sys.exit( "OS_NOVA_URL environment variable must be set. Check README.md") client.logger.info("Starting application of quotas to all projects") if defaults: for project in projects: p9admin.project.verified_apply_quota_defaults(client, project) sys.exit() validators.quota_name(quota_name) validators.quota_value(quota_name, quota_value) for project in projects: p9admin.project.verified_apply_quota(client, project, quota_name, quota_value)
def apply_quota(project_name, quota_name, quota_value, defaults): """ Apply a quota to a project. quota_name is one of: instances ram cores fixed_ips floating_ips injected_file_content_bytes injected_file_path_bytes injected_files key_pairs metadata_items security_groups security_group_rules server_groups server_group_members networks subnets routers root_gb quota_value is a number, -1 for unlimited """ client = p9admin.OpenStackClient() if "OS_NOVA_URL" not in os.environ: sys.exit( "OS_NOVA_URL environment variable must be set. Check README.md") project = client.project_by_name(project_name) if defaults: if quota_name or quota_value: sys.exit("Can't use defaults with quota_name or quota_value") pprint.pprint(p9admin.project.apply_quota_defaults(client, project.id)) sys.exit() validators.quota_name(quota_name) validators.quota_value(quota_name, quota_value) pprint.pprint( p9admin.project.apply_quota(client, project.id, quota_name, quota_value))
def ensure_ldap_users(filter, uid, password): """Ensure that SAML users are set up based on an LDAP filter""" if not uid: sys.exit("You must specify --uid USER to connect to LDAP") users = p9admin.user.get_ldap_users(filter, uid, password) if not users: return client = p9admin.OpenStackClient() for user in users: client.saml().ensure_group(user) client.saml().ensure_mappings(users) for user in users: project = p9admin.project.ensure_project(client, user.name) client.grant_project_access(project, group=user.group)
def fix_provider_location(id=None, all=False): """ Fix the provider_location property of an image. Setting the provider_location property correctly allows the Tintri to do the clone of the image instead of having OpenStack download the image and then re-upload it via Cinder. """ logger = logging.getLogger(__name__) glance = p9admin.OpenStackClient().glance() if all and id is not None: sys.exit("ID and --all cannot both be specified.") if not all and id is None: sys.exit("Either ID or --all must be specified.") if all: for image in glance.images.list(): _fix_provider_location(logger, glance, image) else: image = glance.images.get(id) _fix_provider_location(logger, glance, image)
def list(format): """List hosts.""" hosts = p9admin.OpenStackClient().openstack().list_hypervisors() hosts = sorted(hosts, key=operator.itemgetter("hypervisor_hostname")) if format == "csv": writer = csv.writer(sys.stdout) writer.writerow(["host_id", "hostname", "state", "status"]) for host in hosts: writer.writerow([ host['OS-EXT-PF9-HYP-ATTR:host_id'], host['hypervisor_hostname'], host['state'], host['status'], ]) elif format == "table": for host in hosts: print("{host_id} {hypervisor_hostname:<55} {state:10} {status:10}" \ .format( host_id=host['OS-EXT-PF9-HYP-ATTR:host_id'], **host.toDict())) else: sys.exit("Format must be csv or table")
def stats(): """ Get information about usage of all projects. This outputs CSV. """ client = p9admin.OpenStackClient() projects = client.projects() writer = csv.writer(sys.stdout) writer.writerow([ "project_id", "project_name", "count_servers", "count_servers_on", "count_volumes", "size_volumes", "count_volumes_inuse", "size_volumes_inuse", ]) for project in projects: stats = p9admin.project.get_stats(client, project) writer.writerow([project.id, project.name] + stats)
def delete(name): """Delete a project and the objects within""" p9admin.project.delete_project(p9admin.OpenStackClient(), name)
def ensure_user(name, email): """Ensure that a user is all set up.""" client = p9admin.OpenStackClient() client.ensure_users([p9admin.User(name, email)])
def show(name): """Show a project and the objects within.""" p9admin.project.show_project(p9admin.OpenStackClient(), name)
def delete(names): """Delete project(s) and the objects within.""" client = p9admin.OpenStackClient() for name in names: p9admin.project.delete_project(client, name)
def show_group(email): """Show a group""" p9admin.OpenStackClient().saml().show_group(email)
def ensure(name): """Ensure a project exists""" client = p9admin.OpenStackClient() project = p9admin.project.ensure_project(client, name) print('Project "{}" [{}]'.format(project.name, project.id))
def delete_groups(emails): """Delete groups""" p9admin.OpenStackClient().saml().delete_groups(emails)