예제 #1
0
 def handle(self, *args, **options):
     #
     parsers = []
     # Read config
     config = SafeConfigParser()
     for p in self.get_parsers():
         config.read(os.path.join("etc", "address", "%s.defaults" % p))
         config.read(os.path.join("etc", "address", "%s.conf" % p))
         if config.getboolean(p, "enabled"):
             m = __import__("noc.gis.parsers.address.%s" % p, {}, {}, "*")
             for l in dir(m):
                 a = getattr(m, l)
                 if inspect.isclass(a) and issubclass(
                         a, AddressParser) and a != AddressParser:
                     parsers += [a]
         else:
             print("Parser '%s' is not enabled. Skipping.." % p)
     # Initialize parsers
     parsers = [p(config, options) for p in parsers]
     # Download
     if options["download"]:
         for p in parsers:
             print("Downloading", p.name)
             if not p.download():
                 raise CommandError("Failed to download %s" % p.name)
     else:
         print("Skipping downloads")
     # Sync
     try:
         for p in parsers:
             print("Syncing", p.name)
             p.sync()
     except Exception:
         error_report()
예제 #2
0
    def parse_config_file(self, config_file):
        config = SafeConfigParser(self.DEFAULT_CONFIG)
        config.readfp(config_file)

        blessconfig = {
            'CLIENT_CONFIG': {
                'domain_regex':
                config.get('CLIENT', 'domain_regex'),
                'cache_dir':
                config.get('CLIENT', 'cache_dir'),
                'cache_file':
                config.get('CLIENT', 'cache_file'),
                'mfa_cache_dir':
                config.get('CLIENT', 'mfa_cache_dir'),
                'mfa_cache_file':
                config.get('CLIENT', 'mfa_cache_file'),
                'ip_urls': [
                    s.strip()
                    for s in config.get('CLIENT', 'ip_urls').split(",")
                ],
                'update_script':
                config.get('CLIENT', 'update_script'),
                'user_session_length':
                int(config.get('CLIENT', 'user_session_length')),
                'usebless_role_session_length':
                int(config.get('CLIENT', 'usebless_role_session_length')),
                'update_sshagent':
                config.getboolean('CLIENT', 'update_sshagent'),
            },
            'BLESS_CONFIG': {
                'userrole': config.get('LAMBDA', 'user_role'),
                'accountid': config.get('LAMBDA', 'account_id'),
                'functionname': config.get('LAMBDA', 'functionname'),
                'functionversion': config.get('LAMBDA', 'functionversion'),
                'certlifetime': config.getint('LAMBDA', 'certlifetime'),
                'ipcachelifetime': config.getint('LAMBDA', 'ipcachelifetime'),
                'timeoutconfig': {
                    'connect': config.getint('LAMBDA', 'timeout_connect'),
                    'read': config.getint('LAMBDA', 'timeout_read')
                }
            },
            'AWS_CONFIG': {
                'bastion_ips': config.get('MAIN', 'bastion_ips'),
                'remote_user': config.get('MAIN', 'remote_user')
            },
            'REGION_ALIAS': {}
        }

        regions = config.get('MAIN', 'region_aliases').split(",")
        regions = [region.strip() for region in regions]
        for region in regions:
            region = region.upper()
            kms_region_key = 'KMSAUTH_CONFIG_{}'.format(region)
            blessconfig.update(
                {kms_region_key: self._get_region_kms_config(region, config)})
            blessconfig['REGION_ALIAS'].update(
                {region: blessconfig[kms_region_key]['awsregion']})
        return blessconfig
예제 #3
0
def _is_telemetry_enabled(cfg_file):
    config = SafeConfigParser()

    if not config.read(cfg_file):
        return False

    try:
        telemetry_enabled = config.getboolean("build", "telemetry")
    except NoOptionError:
        return False

    if not telemetry_enabled:
        return False

    return True
예제 #4
0
    def getboolean(self, section, option, default=None):
        """Wrapper around SafeConfigParser.getboolean() with a custom default.

        This method simply wraps the base class method, but adds a `default`
        keyword argument. The value of `default` is returned whenever the
        config parser does not have the requested option and/or section.
        """
        if not self.has_option(section, option):
            if isinstance(default, bool):
                return default
            else:
                # compatibility layer for py3 version of ConfigParser
                if hasattr(self, '_boolean_states'):
                    boolean_states = self._boolean_states
                else:
                    boolean_states = self.BOOLEAN_STATES
                if default.lower() not in boolean_states:
                    raise ValueError('Not a boolean: %s' % default)
                return boolean_states[default.lower()]

        return SafeConfigParser.getboolean(self, section, option)
예제 #5
0
    def getboolean(self, section, option, default=None):
        """Wrapper around SafeConfigParser.getboolean() with a custom default.

        This method simply wraps the base class method, but adds a `default`
        keyword argument. The value of `default` is returned whenever the
        config parser does not have the requested option and/or section.
        """
        if not self.has_option(section, option):
            if isinstance(default, bool):
                return default
            else:
                # compatibility layer for py3 version of ConfigParser
                if hasattr(self, '_boolean_states'):
                    boolean_states = self._boolean_states
                else:
                    boolean_states = self.BOOLEAN_STATES
                if default.lower() not in boolean_states:
                    raise ValueError('Not a boolean: %s' % default)
                return boolean_states[default.lower()]

        return SafeConfigParser.getboolean(self, section, option)
예제 #6
0
def parse_args(args_str):
    args_obj = None
    # Source any specified config/ini file
    # Turn off help, so we print all options in response to -h
    conf_parser = argparse.ArgumentParser(add_help=False)

    conf_parser.add_argument("-c", "--conf_file", action='append',
                             help="Specify config file", metavar="FILE")
    args, remaining_argv = conf_parser.parse_known_args(args_str.split())

    defaults = {
        'reset_config': False,
        'wipe_config': False,
        'listen_ip_addr': _WEB_HOST,
        'listen_port': _WEB_PORT,
        'admin_port': _ADMIN_PORT,
        'cassandra_server_list': "127.0.0.1:9160",
        'collectors': None,
        'http_server_port': '8084',
        'http_server_ip': _WEB_HOST,
        'log_local': True,
        'log_level': SandeshLevel.SYS_NOTICE,
        'log_category': '',
        'log_file': Sandesh._DEFAULT_LOG_FILE,
        'trace_file': '/var/log/contrail/vnc_openstack.err',
        'use_syslog': False,
        'syslog_facility': Sandesh._DEFAULT_SYSLOG_FACILITY,
        'logging_conf': '',
        'logger_class': None,
        'multi_tenancy': None,
        'aaa_mode': None,
        'zk_server_ip': '127.0.0.1:2181',
        'worker_id': '0',
        'rabbit_server': 'localhost',
        'rabbit_port': '5672',
        'rabbit_user': '******',
        'rabbit_password': '******',
        'rabbit_vhost': None,
        'rabbit_ha_mode': False,
        'rabbit_max_pending_updates': '4096',
        'rabbit_health_check_interval': '120.0', # in seconds
        'cluster_id': '',
        'max_requests': 1024,
        'paginate_count': 256,
        'region_name': 'RegionOne',
        'stale_lock_seconds': '5', # lock but no resource past this => stale
        'cloud_admin_role': cfgm_common.CLOUD_ADMIN_ROLE,
        'global_read_only_role': cfgm_common.GLOBAL_READ_ONLY_ROLE,
        'rabbit_use_ssl': False,
        'kombu_ssl_version': '',
        'kombu_ssl_keyfile': '',
        'kombu_ssl_certfile': '',
        'kombu_ssl_ca_certs': '',
        'object_cache_entries': '10000', # max number of objects cached for read
        'object_cache_exclude_types': '', # csv of object types to *not* cache
        'debug_object_cache_types': '', # csv of object types to debug cache
        'db_engine': 'cassandra',
        'max_request_size': 1024000,
        'amqp_timeout': 660,
        'config_api_ssl_enable': False,
        'config_api_ssl_keyfile': '',
        'config_api_ssl_certfile': '',
        'config_api_ssl_ca_cert': '',
        'tcp_keepalive_enable': True,
        'tcp_keepalive_idle_time': 7200,
        'tcp_keepalive_interval': 75,
        'tcp_keepalive_probes': 9,
    }
    defaults.update(SandeshConfig.get_default_options(['DEFAULTS']))
    # keystone options
    ksopts = {
        'signing_dir': '/var/lib/contrail/keystone-signing',
        'auth_host': '127.0.0.1',
        'auth_port': '35357',
        'auth_protocol': 'http',
        'admin_user': '',
        'admin_password': '',
        'admin_tenant_name': '',
        'admin_user_domain_name': None,
        'identity_uri': None,
        'project_domain_name': None,
        'insecure': True,
        'cafile': '',
        'certfile': '',
        'keyfile': '',
        'auth_type': 'password',
        'auth_url': '',
        'default_domain_id': 'default',
    }
    # cassandra options
    cassandraopts = {
        'cassandra_user'     : None,
        'cassandra_password' : None
    }
    # sandesh options
    sandeshopts = SandeshConfig.get_default_options()

    config = None
    saved_conf_file = args.conf_file
    if args.conf_file:
        config = SafeConfigParser({'admin_token': None}, allow_no_value=True)
        config.read(args.conf_file)
        if 'DEFAULTS' in config.sections():
            defaults.update(dict(config.items("DEFAULTS")))
            if 'multi_tenancy' in config.options('DEFAULTS'):
                defaults['multi_tenancy'] = config.getboolean(
                    'DEFAULTS', 'multi_tenancy')
            if 'default_encoding' in config.options('DEFAULTS'):
                default_encoding = config.get('DEFAULTS', 'default_encoding')
                gen.resource_xsd.ExternalEncoding = default_encoding
        if 'KEYSTONE' in config.sections():
            ksopts.update(dict(config.items("KEYSTONE")))
        if 'QUOTA' in config.sections():
            for (k, v) in config.items("QUOTA"):
                try:
                    if str(k) != 'admin_token':
                        vnc_quota.QuotaHelper.default_quota[str(k)] = int(v)
                except ValueError:
                    pass
        if 'CASSANDRA' in config.sections():
                cassandraopts.update(dict(config.items('CASSANDRA')))
        SandeshConfig.update_options(sandeshopts, config)
    # Override with CLI options
    # Don't surpress add_help here so it will handle -h
    parser = argparse.ArgumentParser(
        # Inherit options from config_parser
        parents=[conf_parser],
        # print script description with -h/--help
        description=__doc__,
        # Don't mess with format of description
        formatter_class=argparse.RawDescriptionHelpFormatter,
    )
    defaults.update(ksopts)
    defaults.update(cassandraopts)
    defaults.update(sandeshopts)
    parser.set_defaults(**defaults)

    parser.add_argument(
        "--cassandra_server_list",
        help="List of cassandra servers in IP Address:Port format",
        nargs='+')
    parser.add_argument(
        "--cassandra_use_ssl", action="store_true",
        help="Enable TLS for cassandra connection")
    parser.add_argument(
        "--cassandra_ca_certs",
        help="Cassandra CA certs")
    parser.add_argument(
        "--redis_server_ip",
        help="IP address of redis server")
    parser.add_argument(
        "--redis_server_port",
        help="Port of redis server")
    parser.add_argument(
        "--auth", choices=['keystone', 'noauth', 'no-auth'],
        help="Type of authentication for user-requests")
    parser.add_argument(
        "--reset_config", action="store_true",
        help="Warning! Destroy previous configuration and start clean")
    parser.add_argument(
        "--wipe_config", action="store_true",
        help="Warning! Destroy previous configuration")
    parser.add_argument(
        "--listen_ip_addr",
        help="IP address to provide service on, default %s" % (_WEB_HOST))
    parser.add_argument(
        "--listen_port",
        help="Port to provide service on, default %s" % (_WEB_PORT))
    parser.add_argument(
        "--admin_port",
        help="Port with local auth for admin access, default %s"
              % (_ADMIN_PORT))
    parser.add_argument(
        "--collectors",
        help="List of VNC collectors in ip:port format",
        nargs="+")
    parser.add_argument(
        "--http_server_port",
        help="Port of Introspect HTTP server")
    parser.add_argument(
        "--http_server_ip",
        help="IP address of Introspect HTTP server, default %s" % (_WEB_HOST))
    parser.add_argument(
        "--log_local", action="store_true",
        help="Enable local logging of sandesh messages")
    parser.add_argument(
        "--log_level",
        help="Severity level for local logging of sandesh messages")
    parser.add_argument(
        "--logging_conf",
        help=("Optional logging configuration file, default: None"))
    parser.add_argument(
        "--logger_class",
        help=("Optional external logger class, default: None"))
    parser.add_argument(
        "--log_category",
        help="Category filter for local logging of sandesh messages")
    parser.add_argument(
        "--log_file",
        help="Filename for the logs to be written to")
    parser.add_argument(
        "--trace_file",
        help="Filename for the errors backtraces to be written to")
    parser.add_argument("--use_syslog",
        action="store_true",
        help="Use syslog for logging")
    parser.add_argument("--syslog_facility",
        help="Syslog facility to receive log lines")
    parser.add_argument(
        "--multi_tenancy", action="store_true",
        help="Validate resource permissions (implies token validation)")
    parser.add_argument(
        "--aaa_mode", choices=AAA_MODE_VALID_VALUES,
        help="AAA mode")
    parser.add_argument(
        "--worker_id",
        help="Worker Id")
    parser.add_argument(
        "--zk_server_ip",
        help="Ip address:port of zookeeper server")
    parser.add_argument(
        "--rabbit_server",
        help="Rabbitmq server address")
    parser.add_argument(
        "--rabbit_port",
        help="Rabbitmq server port")
    parser.add_argument(
        "--rabbit_user",
        help="Username for rabbit")
    parser.add_argument(
        "--rabbit_vhost",
        help="vhost for rabbit")
    parser.add_argument(
        "--rabbit_password",
        help="password for rabbit")
    parser.add_argument(
        "--rabbit_ha_mode",
        help="True if the rabbitmq cluster is mirroring all queue")
    parser.add_argument(
        "--rabbit_max_pending_updates",
        help="Max updates before stateful changes disallowed")
    parser.add_argument(
        "--rabbit_health_check_interval",
        help="Interval seconds between consumer heartbeats to rabbitmq")
    parser.add_argument(
        "--cluster_id",
        help="Used for database keyspace separation")
    parser.add_argument(
        "--max_requests", type=int,
        help="Maximum number of concurrent requests served by api server")
    parser.add_argument(
        "--paginate_count", type=int,
        help="Default number of items when pagination is requested")
    parser.add_argument("--cassandra_user",
            help="Cassandra user name")
    parser.add_argument("--cassandra_password",
            help="Cassandra password")
    parser.add_argument("--stale_lock_seconds",
            help="Time after which lock without resource is stale, default 60")
    parser.add_argument( "--cloud_admin_role",
        help="Role name of cloud administrator")
    parser.add_argument( "--global_read_only_role",
        help="Role name of user with Read-Only access to all objects")
    parser.add_argument("--object_cache_entries",
            help="Maximum number of objects cached for read, default 10000")
    parser.add_argument("--object_cache_exclude_types",
            help="Comma separated values of object types to not cache")
    parser.add_argument(
        "--debug_object_cache_types",
        help="Comma separated values of object types to debug trace between "
             "the cache and the DB")
    parser.add_argument("--db_engine",
        help="Database engine to use, default cassandra")
    parser.add_argument("--max_request_size", type=int,
            help="Maximum size of bottle requests served by api server")
    parser.add_argument("--amqp_timeout", help="Timeout for amqp request")
    SandeshConfig.add_parser_arguments(parser)
    args_obj, remaining_argv = parser.parse_known_args(remaining_argv)
    args_obj.conf_file = args.conf_file
    args_obj.config_sections = config
    if isinstance(args_obj.cassandra_server_list, string_types):
        args_obj.cassandra_server_list =\
            args_obj.cassandra_server_list.split()
    if isinstance(args_obj.collectors, string_types):
        args_obj.collectors = args_obj.collectors.split()
    args_obj.sandesh_config = SandeshConfig.from_parser_arguments(args_obj)
    args_obj.cassandra_use_ssl = (str(args_obj.cassandra_use_ssl).lower() == 'true')
    args_obj.config_api_ssl_enable = (str(args_obj.config_api_ssl_enable).lower() == 'true')
    # convert log_local to a boolean
    if not isinstance(args_obj.log_local, bool):
        args_obj.log_local = bool(literal_eval(args_obj.log_local))
    args_obj.conf_file = saved_conf_file
    return args_obj, remaining_argv
예제 #7
0
        with open(config_file, 'r') as f:
            config.readfp(f, config_file)
    except IOError:
        pass
    for option in ("jid", "jabber_password", "conference_domain", "mode",
                   "zulip_email_suffix", "jabber_server_address",
                   "jabber_server_port"):
        if (getattr(options, option) is None
                and config.has_option("jabber_mirror", option)):
            setattr(options, option, config.get("jabber_mirror", option))

    for option in ("no_use_tls", ):
        if getattr(options, option) is None:
            if config.has_option("jabber_mirror", option):
                setattr(options, option,
                        config.getboolean("jabber_mirror", option))
            else:
                setattr(options, option, False)

    if options.mode is None:
        options.mode = "personal"

    if options.zulip_email_suffix is None:
        options.zulip_email_suffix = ''

    if options.mode not in ('public', 'personal'):
        config_error(
            "Bad value for --mode: must be one of 'public' or 'personal'")

    if None in (options.jid, options.jabber_password):
        config_error(
예제 #8
0
    def parse_logger_args(self, config_args):
        config_args = json.loads(config_args)
        parser = argparse.ArgumentParser()

        defaults = {
            'collectors': None,
            'http_server_port': '-1',
            'log_local': False,
            'log_level': SandeshLevel.SYS_DEBUG,
            'log_category': '',
            'log_file': Sandesh._DEFAULT_LOG_FILE,
            'use_syslog': False,
            'syslog_facility': Sandesh._DEFAULT_SYSLOG_FACILITY,
            'cluster_id': '',
            'logging_conf': '',
            'logger_class': None,
            'max_job_task': self.TASK_POOL_SIZE,
            'playbook_timeout': self.PLAYBOOK_TIMEOUT_VALUE,
        }

        defaults.update(SandeshConfig.get_default_options(['DEFAULTS']))
        secopts = {
            'use_certs': False,
            'keyfile': '',
            'certfile': '',
            'ca_certs': '',
        }
        ksopts = {}
        sandeshopts = SandeshConfig.get_default_options()

        if config_args.get("fabric_ansible_conf_file"):
            config = SafeConfigParser()
            config.read(config_args['fabric_ansible_conf_file'])
            if 'DEFAULTS' in config.sections():
                defaults.update(dict(config.items("DEFAULTS")))
            if ('SECURITY' in config.sections() and
                    'use_certs' in config.options('SECURITY')):
                if config.getboolean('SECURITY', 'use_certs'):
                    secopts.update(dict(config.items("SECURITY")))
            if 'KEYSTONE' in config.sections():
                ksopts.update(dict(config.items("KEYSTONE")))
            SandeshConfig.update_options(sandeshopts, config)

        defaults.update(secopts)
        defaults.update(ksopts)
        defaults.update(sandeshopts)
        parser.set_defaults(**defaults)

        parser.add_argument("--collectors",
                            help="List of VNC collectors in ip:port format",
                            nargs="+")
        parser.add_argument("--http_server_port",
                            help="Port of local HTTP server")
        parser.add_argument("--log_local", action="store_true",
                            help="Enable local logging of sandesh messages")
        parser.add_argument("--log_level",
                            help="Severity level for local logging"
                                 " of sandesh messages")
        parser.add_argument("--log_category",
                            help="Category filter for local logging "
                                 "of sandesh messages")
        parser.add_argument("--log_file",
                            help="Filename for the logs to be written to")
        parser.add_argument("--use_syslog", action="store_true",
                            help="Use syslog for logging")
        parser.add_argument("--syslog_facility",
                            help="Syslog facility to receive log lines")
        parser.add_argument("--admin_user",
                            help="Name of keystone admin user")
        parser.add_argument("--admin_password",
                            help="Password of keystone admin user")
        parser.add_argument("--admin_tenant_name",
                            help="Tenant name for keystone admin user")
        parser.add_argument("--cluster_id",
                            help="Used for database keyspace separation")
        parser.add_argument("--logging_conf",
                            help=("Optional logging configuration "
                                  "file, default: None"))
        parser.add_argument("--logger_class",
                            help=("Optional external logger class,"
                                  " default: None"))
        parser.add_argument("--max_job_task",
                            help=("Maximum job tasks that can execute in "
                                  "parallel in a parent job, default: %s"
                                  % self.TASK_POOL_SIZE))
        parser.add_argument("--playbook_timeout",
                            help=("Playbook execution timeout value,"
                                  " default: 60 min"))
        SandeshConfig.add_parser_arguments(parser)
        args = parser.parse_args(list())
        args.conf_file = config_args.get('fabric_ansible_conf_file')
        args.collectors = config_args.get('collectors')
        args.host_ip = config_args.get('host_ip')
        args.zk_server_ip = config_args.get('zk_server_ip')
        args.cluster_id = config_args.get('cluster_id')
        if isinstance(args.collectors, str):
            args.collectors = args.collectors.split()
        args.sandesh_config = SandeshConfig.from_parser_arguments(args)
        self.args = args

        return args
예제 #9
0
    config = SafeConfigParser()
    try:
        with open(config_file, 'r') as f:
            config.readfp(f, config_file)
    except IOError:
        pass
    for option in ("jid", "jabber_password", "conference_domain", "mode", "zulip_email_suffix",
                   "jabber_server_address", "jabber_server_port"):
        if (getattr(options, option) is None
            and config.has_option("jabber_mirror", option)):
            setattr(options, option, config.get("jabber_mirror", option))

    for option in ("no_use_tls",):
        if getattr(options, option) is None:
            if config.has_option("jabber_mirror", option):
                setattr(options, option, config.getboolean("jabber_mirror", option))
            else:
                setattr(options, option, False)

    if options.mode is None:
        options.mode = "personal"

    if options.zulip_email_suffix is None:
        options.zulip_email_suffix = ''

    if options.mode not in ('public', 'personal'):
        config_error("Bad value for --mode: must be one of 'public' or 'personal'")

    if None in (options.jid, options.jabber_password):
        config_error("You must specify your Jabber JID and Jabber password either "
                     + "in the Zulip configuration file or on the commandline")
예제 #10
0
def parse_args(args_str):
    # Turn off help, so we      all options in response to -h
    conf_parser = argparse.ArgumentParser(add_help=False)

    conf_parser.add_argument("-c",
                             "--conf_file",
                             action='append',
                             help="Specify config file",
                             metavar="FILE")
    args, remaining_argv = conf_parser.parse_known_args(args_str.split())

    defaults = {
        'rabbit_server': 'localhost',
        'rabbit_port': '5672',
        'rabbit_user': '******',
        'rabbit_password': '******',
        'rabbit_vhost': None,
        'rabbit_ha_mode': False,
        'cassandra_server_list': '127.0.0.1:9160',
        'api_server_ip': '127.0.0.1',
        'api_server_port': '8082',
        'api_server_use_ssl': None,
        'zk_server_ip': '127.0.0.1',
        'zk_server_port': '2181',
        'collectors': None,
        'http_server_port': '8087',
        'http_server_ip': '0.0.0.0',
        'log_local': False,
        'log_level': SandeshLevel.SYS_DEBUG,
        'log_category': '',
        'log_file': Sandesh._DEFAULT_LOG_FILE,
        'trace_file': '/var/log/contrail/schema.err',
        'use_syslog': False,
        'syslog_facility': Sandesh._DEFAULT_SYSLOG_FACILITY,
        'cluster_id': '',
        'logging_conf': '',
        'logger_class': None,
        'bgpaas_port_start': 50000,
        'bgpaas_port_end': 50512,
        'rabbit_use_ssl': False,
        'kombu_ssl_version': '',
        'kombu_ssl_keyfile': '',
        'kombu_ssl_certfile': '',
        'kombu_ssl_ca_certs': '',
        'zk_timeout': 120,
        'logical_routers_enabled': True,
        'yield_in_evaluate': False,
    }
    defaults.update(SandeshConfig.get_default_options(['DEFAULTS']))
    secopts = {
        'use_certs': False,
        'keyfile': '',
        'certfile': '',
        'ca_certs': '',
    }
    ksopts = {
        'admin_user': '******',
        'admin_password': '******',
        'admin_tenant_name': 'default-domain'
    }
    cassandraopts = {
        'cassandra_user': None,
        'cassandra_password': None,
    }
    zookeeperopts = {
        'zookeeper_ssl_enable': False,
        'zookeeper_ssl_keyfile': None,
        'zookeeper_ssl_certificate': None,
        'zookeeper_ssl_ca_cert': None,
    }
    sandeshopts = SandeshConfig.get_default_options()

    saved_conf_file = args.conf_file
    if args.conf_file:
        config = SafeConfigParser()
        config.read(args.conf_file)
        defaults.update(dict(config.items("DEFAULTS")))
        if ('SECURITY' in config.sections()
                and 'use_certs' in config.options('SECURITY')):
            if config.getboolean('SECURITY', 'use_certs'):
                secopts.update(dict(config.items("SECURITY")))
        if 'KEYSTONE' in config.sections():
            ksopts.update(dict(config.items("KEYSTONE")))

        if 'CASSANDRA' in config.sections():
            cassandraopts.update(dict(config.items('CASSANDRA')))
        if 'ZOOKEEPER' in config.sections():
            zookeeperopts.update(dict(config.items('ZOOKEEPER')))
        SandeshConfig.update_options(sandeshopts, config)

    # Override with CLI options
    # Don't surpress add_help here so it will handle -h
    parser = argparse.ArgumentParser(
        # Inherit options from config_parser
        parents=[conf_parser],
        # print script description with -h/--help
        description=__doc__,
        # Don't mess with format of description
        formatter_class=argparse.RawDescriptionHelpFormatter,
    )
    defaults.update(secopts)
    defaults.update(ksopts)
    defaults.update(cassandraopts)
    defaults.update(sandeshopts)
    parser.set_defaults(**defaults)

    def _bool(s):
        """Convert string to bool (in argparse context)."""
        if s.lower() not in ['true', 'false']:
            raise ValueError('Need bool; got %r' % s)
        return {'true': True, 'false': False}[s.lower()]

    parser.add_argument(
        "--cassandra_server_list",
        help="List of cassandra servers in IP Address:Port format",
        nargs='+')
    parser.add_argument(
        "--reset_config",
        action="store_true",
        help="Warning! Destroy previous configuration and start clean")
    parser.add_argument("--api_server_ip", help="IP address of API server")
    parser.add_argument("--api_server_port", help="Port of API server")
    parser.add_argument("--api_server_use_ssl",
                        help="Use SSL to connect with API server")
    parser.add_argument("--zk_server_ip",
                        help="IP address:port of zookeeper server")
    parser.add_argument("--collectors",
                        help="List of VNC collectors in ip:port format",
                        nargs="+")
    parser.add_argument("--http_server_port", help="Port of local HTTP server")
    parser.add_argument("--http_server_ip", help="IP of local HTTP server")
    parser.add_argument("--log_local",
                        action="store_true",
                        help="Enable local logging of sandesh messages")
    parser.add_argument(
        "--log_level",
        help="Severity level for local logging of sandesh messages")
    parser.add_argument(
        "--log_category",
        help="Category filter for local logging of sandesh messages")
    parser.add_argument("--log_file",
                        help="Filename for the logs to be written to")
    parser.add_argument("--trace_file",
                        help="Filename for the error "
                        "backtraces to be written to")
    parser.add_argument("--use_syslog",
                        action="store_true",
                        help="Use syslog for logging")
    parser.add_argument("--syslog_facility",
                        help="Syslog facility to receive log lines")
    parser.add_argument("--admin_user", help="Name of keystone admin user")
    parser.add_argument("--admin_password",
                        help="Password of keystone admin user")
    parser.add_argument("--admin_tenant_name",
                        help="Tenant name for keystone admin user")
    parser.add_argument("--cluster_id",
                        help="Used for database keyspace separation")
    parser.add_argument(
        "--logging_conf",
        help=("Optional logging configuration file, default: None"))
    parser.add_argument("--logger_class",
                        help=("Optional external logger class, default: None"))
    parser.add_argument("--cassandra_user", help="Cassandra user name")
    parser.add_argument("--cassandra_password", help="Cassandra password")
    parser.add_argument("--rabbit_server", help="Rabbitmq server address")
    parser.add_argument("--rabbit_port", help="Rabbitmq server port")
    parser.add_argument("--rabbit_user", help="Username for rabbit")
    parser.add_argument("--rabbit_vhost", help="vhost for rabbit")
    parser.add_argument("--rabbit_password", help="password for rabbit")
    parser.add_argument("--rabbit_ha_mode",
                        action='store_true',
                        help="True if the rabbitmq cluster is "
                        "mirroring all queue")
    parser.add_argument("--bgpaas_port_start",
                        type=int,
                        help="Start port for bgp-as-a-service proxy")
    parser.add_argument("--bgpaas_port_end",
                        type=int,
                        help="End port for bgp-as-a-service proxy")
    parser.add_argument("--zk_timeout",
                        type=int,
                        help="Timeout for ZookeeperClient")
    parser.add_argument("--yield_in_evaluate",
                        type=_bool,
                        help="Yield for other greenlets during evaluate")
    parser.add_argument("--logical_routers_enabled",
                        type=_bool,
                        help="Enabled logical routers")
    parser.add_argument("--cassandra_use_ssl",
                        action="store_true",
                        help="Enable TLS for cassandra communication")
    parser.add_argument("--cassandra_ca_certs", help="Cassandra CA certs")
    parser.add_argument("--zookeeper_ssl_enable",
                        help="Enable SSL in rest api server")
    parser.add_argument("--zookeeper_insecure_enable",
                        help="Enable insecure mode")
    parser.add_argument("--zookeeper_ssl_certfile",
                        help="Location of zookeeper ssl host certificate")
    parser.add_argument("--zookeeper_ssl_keyfile",
                        help="Location of zookeeper ssl private key")
    parser.add_argument("--zookeeper_ssl_ca_cert",
                        type=str,
                        help="Location of zookeeper ssl CA certificate")
    SandeshConfig.add_parser_arguments(parser)

    args = parser.parse_args(remaining_argv)
    args.conf_file = saved_conf_file
    if isinstance(args.cassandra_server_list, string_types):
        args.cassandra_server_list = args.cassandra_server_list.split()
    if isinstance(args.collectors, string_types):
        args.collectors = args.collectors.split()
    args.sandesh_config = SandeshConfig.from_parser_arguments(args)
    args.cassandra_use_ssl = (str(args.cassandra_use_ssl).lower() == 'true')
    args.zookeeper_ssl_enable = (str(
        args.zookeeper_ssl_enable).lower() == 'true')

    return args
예제 #11
0
def parse_args(args_str):
    """
    Please see the example below.

    python dm_server.py
    --rabbit_server localhost
    --rabbit_port 5672
    --cassandra_server_list 10.1.2.3:9160
    --api_server_ip 10.1.2.3
    --api_server_use_ssl False
    --analytics_server_ip 10.1.2.3
    --zk_server_ip 10.1.2.3
    --zk_server_port 2181
    --collectors 127.0.0.1:8086
    --http_server_port 8090
    [--reset_config]
    """
    # Source any specified config/ini file
    # Turn off help, so we see all options in response to -h
    conf_parser = argparse.ArgumentParser(add_help=False)

    conf_parser.add_argument("-c", "--conf_file", action='append',
                             help="Specify config file", metavar="FILE")
    args, remaining_argv = conf_parser.parse_known_args(args_str.split())

    defaults = default_options()
    defaults.update(SandeshConfig.get_default_options(['DEFAULTS']))
    defaults.update(SandeshConfig.get_default_options())

    saved_conf_file = args.conf_file
    if args.conf_file:
        config = SafeConfigParser()
        config.read(args.conf_file)
        defaults.update(dict(config.items("DEFAULTS")))
        if ('SECURITY' in config.sections() and
                'use_certs' in config.options('SECURITY')):
            if config.getboolean('SECURITY', 'use_certs'):
                defaults.update(dict(config.items("SECURITY")))
        if 'KEYSTONE' in config.sections():
            defaults.update(dict(config.items("KEYSTONE")))
        if 'CASSANDRA' in config.sections():
            defaults.update(dict(config.items('CASSANDRA')))
        SandeshConfig.update_options(defaults, config)

    # Override with CLI options
    # Don't surpress add_help here so it will handle -h
    parser = argparse.ArgumentParser(
        # Inherit options from config_parser
        parents=[conf_parser],
        # print script description with -h/--help
        description=__doc__,
        # Don't mess with format of description
        formatter_class=argparse.RawDescriptionHelpFormatter,
    )
    parser.set_defaults(**defaults)

    add_parser_arguments(parser)
    args = parser.parse_args(remaining_argv)
    if type(args.cassandra_server_list) is str:
        args.cassandra_server_list = args.cassandra_server_list.split()
    if type(args.collectors) is str:
        args.collectors = args.collectors.split()
    args.sandesh_config = SandeshConfig.from_parser_arguments(args)
    args.cassandra_use_ssl = (str(args.cassandra_use_ssl).lower() == 'true')
    args.rabbit_use_ssl = (str(args.rabbit_use_ssl).lower() == 'true')
    args.zookeeper_ssl_enable = (
        str(args.zookeeper_ssl_enable).lower() == 'true')
    args.dnsmasq_reload_by_signal = \
        (str(args.dnsmasq_reload_by_signal).lower() == 'true')

    args.conf_file = saved_conf_file
    return args
예제 #12
0
    def parse_config_file(self, config_file):
        config = SafeConfigParser(self.DEFAULT_CONFIG)
        config.readfp(config_file)

        blessconfig = {
            'CLIENT_CONFIG': {
                'domain_regex': config.get('CLIENT', 'domain_regex'),
                'cache_dir': config.get('CLIENT', 'cache_dir'),
                'cache_file': config.get('CLIENT', 'cache_file'),
                'mfa_cache_dir': config.get('CLIENT', 'mfa_cache_dir'),
                'mfa_cache_file': config.get('CLIENT', 'mfa_cache_file'),
                'ip_urls': [s.strip() for s in config.get('CLIENT', 'ip_urls').split(",")],
                'update_script': config.get('CLIENT', 'update_script'),
                'user_session_length': int(config.get('CLIENT', 'user_session_length')),
                'usebless_role_session_length': int(config.get('CLIENT', 'usebless_role_session_length')),
                'update_sshagent': config.getboolean('CLIENT', 'update_sshagent'),
                'use_env_creds': config.getboolean('CLIENT', 'use_env_creds'),
            },
            'BLESS_CONFIG': {
                'ca_backend': config.get('MAIN', 'ca_backend'),
                'userrole': config.get('LAMBDA', 'user_role'),
                'accountid': config.get('LAMBDA', 'account_id'),
                'functionname': config.get('LAMBDA', 'functionname'),
                'functionversion': config.get('LAMBDA', 'functionversion'),
                'certlifetime': config.getint('LAMBDA', 'certlifetime'),
                'ipcachelifetime': config.getint('LAMBDA', 'ipcachelifetime'),
                'timeoutconfig': {
                    'connect': config.getint('LAMBDA', 'timeout_connect'),
                    'read': config.getint('LAMBDA', 'timeout_read')
                }
            },
            'AWS_CONFIG': {
                'remote_user': config.get('MAIN', 'remote_user')
            },
            'REGION_ALIAS': {}
        }

        if config.has_option('MAIN', 'bastion_ips'):
            blessconfig['AWS_CONFIG']['bastion_ips'] = config.get('MAIN', 'bastion_ips')
        if blessconfig['BLESS_CONFIG']['ca_backend'].lower() == 'hashicorp-vault':
            blessconfig['VAULT_CONFIG'] = {
                'vault_addr': config.get('VAULT', 'vault_addr'),
                'auth_mount': config.get('VAULT', 'auth_mount'),
                'ssh_backend_mount': config.get('VAULT', 'ssh_backend_mount'),
                'ssh_backend_role': config.get('VAULT', 'ssh_backend_role'),
            }

        regions = config.get('MAIN', 'region_aliases').split(",")
        regions = [region.strip() for region in regions]
        for region in regions:
            region = region.upper()
            kms_region_key = 'KMSAUTH_CONFIG_{}'.format(region)
            blessconfig.update({kms_region_key: self._get_region_kms_config(region, config)})
            blessconfig['REGION_ALIAS'].update({region: blessconfig[kms_region_key]['awsregion']})

            if config.has_section('HOUSEKEEPER'):
                hk_region_key = 'HOUSEKEEPER_CONFIG_{}'.format(region)
                blessconfig.update({hk_region_key: self._get_region_housekeeper_config(region, config)})
                blessconfig['REGION_ALIAS'].update({region: blessconfig[hk_region_key]['awsregion']})

        return blessconfig
예제 #13
0
    config = SafeConfigParser()
    try:
        with open(config_file, 'r') as f:
            config.readfp(f, config_file)
    except IOError:
        pass
    for option in ("jid", "jabber_password", "conference_domain", "mode", "wyzepal_email_suffix",
                   "jabber_server_address", "jabber_server_port"):
        if (getattr(options, option) is None and
                config.has_option("jabber_mirror", option)):
            setattr(options, option, config.get("jabber_mirror", option))

    for option in ("no_use_tls",):
        if getattr(options, option) is None:
            if config.has_option("jabber_mirror", option):
                setattr(options, option, config.getboolean("jabber_mirror", option))
            else:
                setattr(options, option, False)

    if options.mode is None:
        options.mode = "personal"

    if options.wyzepal_email_suffix is None:
        options.wyzepal_email_suffix = ''

    if options.mode not in ('public', 'personal'):
        config_error("Bad value for --mode: must be one of 'public' or 'personal'")

    if None in (options.jid, options.jabber_password):
        config_error("You must specify your Jabber JID and Jabber password either "
                     "in the WyzePal configuration file or on the commandline")