def handle(self, *args, **options):
#
parsers = []
# Read config
config = SafeConfigParser()
for p in self.get_parsers():
config.read(os.path.join("etc", "address", "%s.defaults" % p))
config.read(os.path.join("etc", "address", "%s.conf" % p))
if config.getboolean(p, "enabled"):
m = __import__("noc.gis.parsers.address.%s" % p, {}, {}, "*")
for l in dir(m):
a = getattr(m, l)
if inspect.isclass(a) and issubclass(
a, AddressParser) and a != AddressParser:
parsers += [a]
else:
print("Parser '%s' is not enabled. Skipping.." % p)
# Initialize parsers
parsers = [p(config, options) for p in parsers]
# Download
if options["download"]:
for p in parsers:
print("Downloading", p.name)
if not p.download():
raise CommandError("Failed to download %s" % p.name)
else:
print("Skipping downloads")
# Sync
try:
for p in parsers:
print("Syncing", p.name)
p.sync()
except Exception:
error_report()
def parse_config_file(self, config_file):
config = SafeConfigParser(self.DEFAULT_CONFIG)
config.readfp(config_file)
blessconfig = {
'CLIENT_CONFIG': {
'domain_regex':
config.get('CLIENT', 'domain_regex'),
'cache_dir':
config.get('CLIENT', 'cache_dir'),
'cache_file':
config.get('CLIENT', 'cache_file'),
'mfa_cache_dir':
config.get('CLIENT', 'mfa_cache_dir'),
'mfa_cache_file':
config.get('CLIENT', 'mfa_cache_file'),
'ip_urls': [
s.strip()
for s in config.get('CLIENT', 'ip_urls').split(",")
],
'update_script':
config.get('CLIENT', 'update_script'),
'user_session_length':
int(config.get('CLIENT', 'user_session_length')),
'usebless_role_session_length':
int(config.get('CLIENT', 'usebless_role_session_length')),
'update_sshagent':
config.getboolean('CLIENT', 'update_sshagent'),
},
'BLESS_CONFIG': {
'userrole': config.get('LAMBDA', 'user_role'),
'accountid': config.get('LAMBDA', 'account_id'),
'functionname': config.get('LAMBDA', 'functionname'),
'functionversion': config.get('LAMBDA', 'functionversion'),
'certlifetime': config.getint('LAMBDA', 'certlifetime'),
'ipcachelifetime': config.getint('LAMBDA', 'ipcachelifetime'),
'timeoutconfig': {
'connect': config.getint('LAMBDA', 'timeout_connect'),
'read': config.getint('LAMBDA', 'timeout_read')
}
},
'AWS_CONFIG': {
'bastion_ips': config.get('MAIN', 'bastion_ips'),
'remote_user': config.get('MAIN', 'remote_user')
},
'REGION_ALIAS': {}
}
regions = config.get('MAIN', 'region_aliases').split(",")
regions = [region.strip() for region in regions]
for region in regions:
region = region.upper()
kms_region_key = 'KMSAUTH_CONFIG_{}'.format(region)
blessconfig.update(
{kms_region_key: self._get_region_kms_config(region, config)})
blessconfig['REGION_ALIAS'].update(
{region: blessconfig[kms_region_key]['awsregion']})
return blessconfig
def _is_telemetry_enabled(cfg_file):
config = SafeConfigParser()
if not config.read(cfg_file):
return False
try:
telemetry_enabled = config.getboolean("build", "telemetry")
except NoOptionError:
return False
if not telemetry_enabled:
return False
return True
def getboolean(self, section, option, default=None):
"""Wrapper around SafeConfigParser.getboolean() with a custom default.
This method simply wraps the base class method, but adds a `default`
keyword argument. The value of `default` is returned whenever the
config parser does not have the requested option and/or section.
"""
if not self.has_option(section, option):
if isinstance(default, bool):
return default
else:
# compatibility layer for py3 version of ConfigParser
if hasattr(self, '_boolean_states'):
boolean_states = self._boolean_states
else:
boolean_states = self.BOOLEAN_STATES
if default.lower() not in boolean_states:
raise ValueError('Not a boolean: %s' % default)
return boolean_states[default.lower()]
return SafeConfigParser.getboolean(self, section, option)
def getboolean(self, section, option, default=None):
"""Wrapper around SafeConfigParser.getboolean() with a custom default.
This method simply wraps the base class method, but adds a `default`
keyword argument. The value of `default` is returned whenever the
config parser does not have the requested option and/or section.
"""
if not self.has_option(section, option):
if isinstance(default, bool):
return default
else:
# compatibility layer for py3 version of ConfigParser
if hasattr(self, '_boolean_states'):
boolean_states = self._boolean_states
else:
boolean_states = self.BOOLEAN_STATES
if default.lower() not in boolean_states:
raise ValueError('Not a boolean: %s' % default)
return boolean_states[default.lower()]
return SafeConfigParser.getboolean(self, section, option)
def parse_args(args_str):
args_obj = None
# Source any specified config/ini file
# Turn off help, so we print all options in response to -h
conf_parser = argparse.ArgumentParser(add_help=False)
conf_parser.add_argument("-c", "--conf_file", action='append',
help="Specify config file", metavar="FILE")
args, remaining_argv = conf_parser.parse_known_args(args_str.split())
defaults = {
'reset_config': False,
'wipe_config': False,
'listen_ip_addr': _WEB_HOST,
'listen_port': _WEB_PORT,
'admin_port': _ADMIN_PORT,
'cassandra_server_list': "127.0.0.1:9160",
'collectors': None,
'http_server_port': '8084',
'http_server_ip': _WEB_HOST,
'log_local': True,
'log_level': SandeshLevel.SYS_NOTICE,
'log_category': '',
'log_file': Sandesh._DEFAULT_LOG_FILE,
'trace_file': '/var/log/contrail/vnc_openstack.err',
'use_syslog': False,
'syslog_facility': Sandesh._DEFAULT_SYSLOG_FACILITY,
'logging_conf': '',
'logger_class': None,
'multi_tenancy': None,
'aaa_mode': None,
'zk_server_ip': '127.0.0.1:2181',
'worker_id': '0',
'rabbit_server': 'localhost',
'rabbit_port': '5672',
'rabbit_user': '******',
'rabbit_password': '******',
'rabbit_vhost': None,
'rabbit_ha_mode': False,
'rabbit_max_pending_updates': '4096',
'rabbit_health_check_interval': '120.0', # in seconds
'cluster_id': '',
'max_requests': 1024,
'paginate_count': 256,
'region_name': 'RegionOne',
'stale_lock_seconds': '5', # lock but no resource past this => stale
'cloud_admin_role': cfgm_common.CLOUD_ADMIN_ROLE,
'global_read_only_role': cfgm_common.GLOBAL_READ_ONLY_ROLE,
'rabbit_use_ssl': False,
'kombu_ssl_version': '',
'kombu_ssl_keyfile': '',
'kombu_ssl_certfile': '',
'kombu_ssl_ca_certs': '',
'object_cache_entries': '10000', # max number of objects cached for read
'object_cache_exclude_types': '', # csv of object types to *not* cache
'debug_object_cache_types': '', # csv of object types to debug cache
'db_engine': 'cassandra',
'max_request_size': 1024000,
'amqp_timeout': 660,
'config_api_ssl_enable': False,
'config_api_ssl_keyfile': '',
'config_api_ssl_certfile': '',
'config_api_ssl_ca_cert': '',
'tcp_keepalive_enable': True,
'tcp_keepalive_idle_time': 7200,
'tcp_keepalive_interval': 75,
'tcp_keepalive_probes': 9,
}
defaults.update(SandeshConfig.get_default_options(['DEFAULTS']))
# keystone options
ksopts = {
'signing_dir': '/var/lib/contrail/keystone-signing',
'auth_host': '127.0.0.1',
'auth_port': '35357',
'auth_protocol': 'http',
'admin_user': '',
'admin_password': '',
'admin_tenant_name': '',
'admin_user_domain_name': None,
'identity_uri': None,
'project_domain_name': None,
'insecure': True,
'cafile': '',
'certfile': '',
'keyfile': '',
'auth_type': 'password',
'auth_url': '',
'default_domain_id': 'default',
}
# cassandra options
cassandraopts = {
'cassandra_user' : None,
'cassandra_password' : None
}
# sandesh options
sandeshopts = SandeshConfig.get_default_options()
config = None
saved_conf_file = args.conf_file
if args.conf_file:
config = SafeConfigParser({'admin_token': None}, allow_no_value=True)
config.read(args.conf_file)
if 'DEFAULTS' in config.sections():
defaults.update(dict(config.items("DEFAULTS")))
if 'multi_tenancy' in config.options('DEFAULTS'):
defaults['multi_tenancy'] = config.getboolean(
'DEFAULTS', 'multi_tenancy')
if 'default_encoding' in config.options('DEFAULTS'):
default_encoding = config.get('DEFAULTS', 'default_encoding')
gen.resource_xsd.ExternalEncoding = default_encoding
if 'KEYSTONE' in config.sections():
ksopts.update(dict(config.items("KEYSTONE")))
if 'QUOTA' in config.sections():
for (k, v) in config.items("QUOTA"):
try:
if str(k) != 'admin_token':
vnc_quota.QuotaHelper.default_quota[str(k)] = int(v)
except ValueError:
pass
if 'CASSANDRA' in config.sections():
cassandraopts.update(dict(config.items('CASSANDRA')))
SandeshConfig.update_options(sandeshopts, config)
# Override with CLI options
# Don't surpress add_help here so it will handle -h
parser = argparse.ArgumentParser(
# Inherit options from config_parser
parents=[conf_parser],
# print script description with -h/--help
description=__doc__,
# Don't mess with format of description
formatter_class=argparse.RawDescriptionHelpFormatter,
)
defaults.update(ksopts)
defaults.update(cassandraopts)
defaults.update(sandeshopts)
parser.set_defaults(**defaults)
parser.add_argument(
"--cassandra_server_list",
help="List of cassandra servers in IP Address:Port format",
nargs='+')
parser.add_argument(
"--cassandra_use_ssl", action="store_true",
help="Enable TLS for cassandra connection")
parser.add_argument(
"--cassandra_ca_certs",
help="Cassandra CA certs")
parser.add_argument(
"--redis_server_ip",
help="IP address of redis server")
parser.add_argument(
"--redis_server_port",
help="Port of redis server")
parser.add_argument(
"--auth", choices=['keystone', 'noauth', 'no-auth'],
help="Type of authentication for user-requests")
parser.add_argument(
"--reset_config", action="store_true",
help="Warning! Destroy previous configuration and start clean")
parser.add_argument(
"--wipe_config", action="store_true",
help="Warning! Destroy previous configuration")
parser.add_argument(
"--listen_ip_addr",
help="IP address to provide service on, default %s" % (_WEB_HOST))
parser.add_argument(
"--listen_port",
help="Port to provide service on, default %s" % (_WEB_PORT))
parser.add_argument(
"--admin_port",
help="Port with local auth for admin access, default %s"
% (_ADMIN_PORT))
parser.add_argument(
"--collectors",
help="List of VNC collectors in ip:port format",
nargs="+")
parser.add_argument(
"--http_server_port",
help="Port of Introspect HTTP server")
parser.add_argument(
"--http_server_ip",
help="IP address of Introspect HTTP server, default %s" % (_WEB_HOST))
parser.add_argument(
"--log_local", action="store_true",
help="Enable local logging of sandesh messages")
parser.add_argument(
"--log_level",
help="Severity level for local logging of sandesh messages")
parser.add_argument(
"--logging_conf",
help=("Optional logging configuration file, default: None"))
parser.add_argument(
"--logger_class",
help=("Optional external logger class, default: None"))
parser.add_argument(
"--log_category",
help="Category filter for local logging of sandesh messages")
parser.add_argument(
"--log_file",
help="Filename for the logs to be written to")
parser.add_argument(
"--trace_file",
help="Filename for the errors backtraces to be written to")
parser.add_argument("--use_syslog",
action="store_true",
help="Use syslog for logging")
parser.add_argument("--syslog_facility",
help="Syslog facility to receive log lines")
parser.add_argument(
"--multi_tenancy", action="store_true",
help="Validate resource permissions (implies token validation)")
parser.add_argument(
"--aaa_mode", choices=AAA_MODE_VALID_VALUES,
help="AAA mode")
parser.add_argument(
"--worker_id",
help="Worker Id")
parser.add_argument(
"--zk_server_ip",
help="Ip address:port of zookeeper server")
parser.add_argument(
"--rabbit_server",
help="Rabbitmq server address")
parser.add_argument(
"--rabbit_port",
help="Rabbitmq server port")
parser.add_argument(
"--rabbit_user",
help="Username for rabbit")
parser.add_argument(
"--rabbit_vhost",
help="vhost for rabbit")
parser.add_argument(
"--rabbit_password",
help="password for rabbit")
parser.add_argument(
"--rabbit_ha_mode",
help="True if the rabbitmq cluster is mirroring all queue")
parser.add_argument(
"--rabbit_max_pending_updates",
help="Max updates before stateful changes disallowed")
parser.add_argument(
"--rabbit_health_check_interval",
help="Interval seconds between consumer heartbeats to rabbitmq")
parser.add_argument(
"--cluster_id",
help="Used for database keyspace separation")
parser.add_argument(
"--max_requests", type=int,
help="Maximum number of concurrent requests served by api server")
parser.add_argument(
"--paginate_count", type=int,
help="Default number of items when pagination is requested")
parser.add_argument("--cassandra_user",
help="Cassandra user name")
parser.add_argument("--cassandra_password",
help="Cassandra password")
parser.add_argument("--stale_lock_seconds",
help="Time after which lock without resource is stale, default 60")
parser.add_argument( "--cloud_admin_role",
help="Role name of cloud administrator")
parser.add_argument( "--global_read_only_role",
help="Role name of user with Read-Only access to all objects")
parser.add_argument("--object_cache_entries",
help="Maximum number of objects cached for read, default 10000")
parser.add_argument("--object_cache_exclude_types",
help="Comma separated values of object types to not cache")
parser.add_argument(
"--debug_object_cache_types",
help="Comma separated values of object types to debug trace between "
"the cache and the DB")
parser.add_argument("--db_engine",
help="Database engine to use, default cassandra")
parser.add_argument("--max_request_size", type=int,
help="Maximum size of bottle requests served by api server")
parser.add_argument("--amqp_timeout", help="Timeout for amqp request")
SandeshConfig.add_parser_arguments(parser)
args_obj, remaining_argv = parser.parse_known_args(remaining_argv)
args_obj.conf_file = args.conf_file
args_obj.config_sections = config
if isinstance(args_obj.cassandra_server_list, string_types):
args_obj.cassandra_server_list =\
args_obj.cassandra_server_list.split()
if isinstance(args_obj.collectors, string_types):
args_obj.collectors = args_obj.collectors.split()
args_obj.sandesh_config = SandeshConfig.from_parser_arguments(args_obj)
args_obj.cassandra_use_ssl = (str(args_obj.cassandra_use_ssl).lower() == 'true')
args_obj.config_api_ssl_enable = (str(args_obj.config_api_ssl_enable).lower() == 'true')
# convert log_local to a boolean
if not isinstance(args_obj.log_local, bool):
args_obj.log_local = bool(literal_eval(args_obj.log_local))
args_obj.conf_file = saved_conf_file
return args_obj, remaining_argv
with open(config_file, 'r') as f:
config.readfp(f, config_file)
except IOError:
pass
for option in ("jid", "jabber_password", "conference_domain", "mode",
"zulip_email_suffix", "jabber_server_address",
"jabber_server_port"):
if (getattr(options, option) is None
and config.has_option("jabber_mirror", option)):
setattr(options, option, config.get("jabber_mirror", option))
for option in ("no_use_tls", ):
if getattr(options, option) is None:
if config.has_option("jabber_mirror", option):
setattr(options, option,
config.getboolean("jabber_mirror", option))
else:
setattr(options, option, False)
if options.mode is None:
options.mode = "personal"
if options.zulip_email_suffix is None:
options.zulip_email_suffix = ''
if options.mode not in ('public', 'personal'):
config_error(
"Bad value for --mode: must be one of 'public' or 'personal'")
if None in (options.jid, options.jabber_password):
config_error(
def parse_logger_args(self, config_args):
config_args = json.loads(config_args)
parser = argparse.ArgumentParser()
defaults = {
'collectors': None,
'http_server_port': '-1',
'log_local': False,
'log_level': SandeshLevel.SYS_DEBUG,
'log_category': '',
'log_file': Sandesh._DEFAULT_LOG_FILE,
'use_syslog': False,
'syslog_facility': Sandesh._DEFAULT_SYSLOG_FACILITY,
'cluster_id': '',
'logging_conf': '',
'logger_class': None,
'max_job_task': self.TASK_POOL_SIZE,
'playbook_timeout': self.PLAYBOOK_TIMEOUT_VALUE,
}
defaults.update(SandeshConfig.get_default_options(['DEFAULTS']))
secopts = {
'use_certs': False,
'keyfile': '',
'certfile': '',
'ca_certs': '',
}
ksopts = {}
sandeshopts = SandeshConfig.get_default_options()
if config_args.get("fabric_ansible_conf_file"):
config = SafeConfigParser()
config.read(config_args['fabric_ansible_conf_file'])
if 'DEFAULTS' in config.sections():
defaults.update(dict(config.items("DEFAULTS")))
if ('SECURITY' in config.sections() and
'use_certs' in config.options('SECURITY')):
if config.getboolean('SECURITY', 'use_certs'):
secopts.update(dict(config.items("SECURITY")))
if 'KEYSTONE' in config.sections():
ksopts.update(dict(config.items("KEYSTONE")))
SandeshConfig.update_options(sandeshopts, config)
defaults.update(secopts)
defaults.update(ksopts)
defaults.update(sandeshopts)
parser.set_defaults(**defaults)
parser.add_argument("--collectors",
help="List of VNC collectors in ip:port format",
nargs="+")
parser.add_argument("--http_server_port",
help="Port of local HTTP server")
parser.add_argument("--log_local", action="store_true",
help="Enable local logging of sandesh messages")
parser.add_argument("--log_level",
help="Severity level for local logging"
" of sandesh messages")
parser.add_argument("--log_category",
help="Category filter for local logging "
"of sandesh messages")
parser.add_argument("--log_file",
help="Filename for the logs to be written to")
parser.add_argument("--use_syslog", action="store_true",
help="Use syslog for logging")
parser.add_argument("--syslog_facility",
help="Syslog facility to receive log lines")
parser.add_argument("--admin_user",
help="Name of keystone admin user")
parser.add_argument("--admin_password",
help="Password of keystone admin user")
parser.add_argument("--admin_tenant_name",
help="Tenant name for keystone admin user")
parser.add_argument("--cluster_id",
help="Used for database keyspace separation")
parser.add_argument("--logging_conf",
help=("Optional logging configuration "
"file, default: None"))
parser.add_argument("--logger_class",
help=("Optional external logger class,"
" default: None"))
parser.add_argument("--max_job_task",
help=("Maximum job tasks that can execute in "
"parallel in a parent job, default: %s"
% self.TASK_POOL_SIZE))
parser.add_argument("--playbook_timeout",
help=("Playbook execution timeout value,"
" default: 60 min"))
SandeshConfig.add_parser_arguments(parser)
args = parser.parse_args(list())
args.conf_file = config_args.get('fabric_ansible_conf_file')
args.collectors = config_args.get('collectors')
args.host_ip = config_args.get('host_ip')
args.zk_server_ip = config_args.get('zk_server_ip')
args.cluster_id = config_args.get('cluster_id')
if isinstance(args.collectors, str):
args.collectors = args.collectors.split()
args.sandesh_config = SandeshConfig.from_parser_arguments(args)
self.args = args
return args
config = SafeConfigParser()
try:
with open(config_file, 'r') as f:
config.readfp(f, config_file)
except IOError:
pass
for option in ("jid", "jabber_password", "conference_domain", "mode", "zulip_email_suffix",
"jabber_server_address", "jabber_server_port"):
if (getattr(options, option) is None
and config.has_option("jabber_mirror", option)):
setattr(options, option, config.get("jabber_mirror", option))
for option in ("no_use_tls",):
if getattr(options, option) is None:
if config.has_option("jabber_mirror", option):
setattr(options, option, config.getboolean("jabber_mirror", option))
else:
setattr(options, option, False)
if options.mode is None:
options.mode = "personal"
if options.zulip_email_suffix is None:
options.zulip_email_suffix = ''
if options.mode not in ('public', 'personal'):
config_error("Bad value for --mode: must be one of 'public' or 'personal'")
if None in (options.jid, options.jabber_password):
config_error("You must specify your Jabber JID and Jabber password either "
+ "in the Zulip configuration file or on the commandline")
def parse_args(args_str):
# Turn off help, so we all options in response to -h
conf_parser = argparse.ArgumentParser(add_help=False)
conf_parser.add_argument("-c",
"--conf_file",
action='append',
help="Specify config file",
metavar="FILE")
args, remaining_argv = conf_parser.parse_known_args(args_str.split())
defaults = {
'rabbit_server': 'localhost',
'rabbit_port': '5672',
'rabbit_user': '******',
'rabbit_password': '******',
'rabbit_vhost': None,
'rabbit_ha_mode': False,
'cassandra_server_list': '127.0.0.1:9160',
'api_server_ip': '127.0.0.1',
'api_server_port': '8082',
'api_server_use_ssl': None,
'zk_server_ip': '127.0.0.1',
'zk_server_port': '2181',
'collectors': None,
'http_server_port': '8087',
'http_server_ip': '0.0.0.0',
'log_local': False,
'log_level': SandeshLevel.SYS_DEBUG,
'log_category': '',
'log_file': Sandesh._DEFAULT_LOG_FILE,
'trace_file': '/var/log/contrail/schema.err',
'use_syslog': False,
'syslog_facility': Sandesh._DEFAULT_SYSLOG_FACILITY,
'cluster_id': '',
'logging_conf': '',
'logger_class': None,
'bgpaas_port_start': 50000,
'bgpaas_port_end': 50512,
'rabbit_use_ssl': False,
'kombu_ssl_version': '',
'kombu_ssl_keyfile': '',
'kombu_ssl_certfile': '',
'kombu_ssl_ca_certs': '',
'zk_timeout': 120,
'logical_routers_enabled': True,
'yield_in_evaluate': False,
}
defaults.update(SandeshConfig.get_default_options(['DEFAULTS']))
secopts = {
'use_certs': False,
'keyfile': '',
'certfile': '',
'ca_certs': '',
}
ksopts = {
'admin_user': '******',
'admin_password': '******',
'admin_tenant_name': 'default-domain'
}
cassandraopts = {
'cassandra_user': None,
'cassandra_password': None,
}
zookeeperopts = {
'zookeeper_ssl_enable': False,
'zookeeper_ssl_keyfile': None,
'zookeeper_ssl_certificate': None,
'zookeeper_ssl_ca_cert': None,
}
sandeshopts = SandeshConfig.get_default_options()
saved_conf_file = args.conf_file
if args.conf_file:
config = SafeConfigParser()
config.read(args.conf_file)
defaults.update(dict(config.items("DEFAULTS")))
if ('SECURITY' in config.sections()
and 'use_certs' in config.options('SECURITY')):
if config.getboolean('SECURITY', 'use_certs'):
secopts.update(dict(config.items("SECURITY")))
if 'KEYSTONE' in config.sections():
ksopts.update(dict(config.items("KEYSTONE")))
if 'CASSANDRA' in config.sections():
cassandraopts.update(dict(config.items('CASSANDRA')))
if 'ZOOKEEPER' in config.sections():
zookeeperopts.update(dict(config.items('ZOOKEEPER')))
SandeshConfig.update_options(sandeshopts, config)
# Override with CLI options
# Don't surpress add_help here so it will handle -h
parser = argparse.ArgumentParser(
# Inherit options from config_parser
parents=[conf_parser],
# print script description with -h/--help
description=__doc__,
# Don't mess with format of description
formatter_class=argparse.RawDescriptionHelpFormatter,
)
defaults.update(secopts)
defaults.update(ksopts)
defaults.update(cassandraopts)
defaults.update(sandeshopts)
parser.set_defaults(**defaults)
def _bool(s):
"""Convert string to bool (in argparse context)."""
if s.lower() not in ['true', 'false']:
raise ValueError('Need bool; got %r' % s)
return {'true': True, 'false': False}[s.lower()]
parser.add_argument(
"--cassandra_server_list",
help="List of cassandra servers in IP Address:Port format",
nargs='+')
parser.add_argument(
"--reset_config",
action="store_true",
help="Warning! Destroy previous configuration and start clean")
parser.add_argument("--api_server_ip", help="IP address of API server")
parser.add_argument("--api_server_port", help="Port of API server")
parser.add_argument("--api_server_use_ssl",
help="Use SSL to connect with API server")
parser.add_argument("--zk_server_ip",
help="IP address:port of zookeeper server")
parser.add_argument("--collectors",
help="List of VNC collectors in ip:port format",
nargs="+")
parser.add_argument("--http_server_port", help="Port of local HTTP server")
parser.add_argument("--http_server_ip", help="IP of local HTTP server")
parser.add_argument("--log_local",
action="store_true",
help="Enable local logging of sandesh messages")
parser.add_argument(
"--log_level",
help="Severity level for local logging of sandesh messages")
parser.add_argument(
"--log_category",
help="Category filter for local logging of sandesh messages")
parser.add_argument("--log_file",
help="Filename for the logs to be written to")
parser.add_argument("--trace_file",
help="Filename for the error "
"backtraces to be written to")
parser.add_argument("--use_syslog",
action="store_true",
help="Use syslog for logging")
parser.add_argument("--syslog_facility",
help="Syslog facility to receive log lines")
parser.add_argument("--admin_user", help="Name of keystone admin user")
parser.add_argument("--admin_password",
help="Password of keystone admin user")
parser.add_argument("--admin_tenant_name",
help="Tenant name for keystone admin user")
parser.add_argument("--cluster_id",
help="Used for database keyspace separation")
parser.add_argument(
"--logging_conf",
help=("Optional logging configuration file, default: None"))
parser.add_argument("--logger_class",
help=("Optional external logger class, default: None"))
parser.add_argument("--cassandra_user", help="Cassandra user name")
parser.add_argument("--cassandra_password", help="Cassandra password")
parser.add_argument("--rabbit_server", help="Rabbitmq server address")
parser.add_argument("--rabbit_port", help="Rabbitmq server port")
parser.add_argument("--rabbit_user", help="Username for rabbit")
parser.add_argument("--rabbit_vhost", help="vhost for rabbit")
parser.add_argument("--rabbit_password", help="password for rabbit")
parser.add_argument("--rabbit_ha_mode",
action='store_true',
help="True if the rabbitmq cluster is "
"mirroring all queue")
parser.add_argument("--bgpaas_port_start",
type=int,
help="Start port for bgp-as-a-service proxy")
parser.add_argument("--bgpaas_port_end",
type=int,
help="End port for bgp-as-a-service proxy")
parser.add_argument("--zk_timeout",
type=int,
help="Timeout for ZookeeperClient")
parser.add_argument("--yield_in_evaluate",
type=_bool,
help="Yield for other greenlets during evaluate")
parser.add_argument("--logical_routers_enabled",
type=_bool,
help="Enabled logical routers")
parser.add_argument("--cassandra_use_ssl",
action="store_true",
help="Enable TLS for cassandra communication")
parser.add_argument("--cassandra_ca_certs", help="Cassandra CA certs")
parser.add_argument("--zookeeper_ssl_enable",
help="Enable SSL in rest api server")
parser.add_argument("--zookeeper_insecure_enable",
help="Enable insecure mode")
parser.add_argument("--zookeeper_ssl_certfile",
help="Location of zookeeper ssl host certificate")
parser.add_argument("--zookeeper_ssl_keyfile",
help="Location of zookeeper ssl private key")
parser.add_argument("--zookeeper_ssl_ca_cert",
type=str,
help="Location of zookeeper ssl CA certificate")
SandeshConfig.add_parser_arguments(parser)
args = parser.parse_args(remaining_argv)
args.conf_file = saved_conf_file
if isinstance(args.cassandra_server_list, string_types):
args.cassandra_server_list = args.cassandra_server_list.split()
if isinstance(args.collectors, string_types):
args.collectors = args.collectors.split()
args.sandesh_config = SandeshConfig.from_parser_arguments(args)
args.cassandra_use_ssl = (str(args.cassandra_use_ssl).lower() == 'true')
args.zookeeper_ssl_enable = (str(
args.zookeeper_ssl_enable).lower() == 'true')
return args
def parse_args(args_str):
"""
Please see the example below.
python dm_server.py
--rabbit_server localhost
--rabbit_port 5672
--cassandra_server_list 10.1.2.3:9160
--api_server_ip 10.1.2.3
--api_server_use_ssl False
--analytics_server_ip 10.1.2.3
--zk_server_ip 10.1.2.3
--zk_server_port 2181
--collectors 127.0.0.1:8086
--http_server_port 8090
[--reset_config]
"""
# Source any specified config/ini file
# Turn off help, so we see all options in response to -h
conf_parser = argparse.ArgumentParser(add_help=False)
conf_parser.add_argument("-c", "--conf_file", action='append',
help="Specify config file", metavar="FILE")
args, remaining_argv = conf_parser.parse_known_args(args_str.split())
defaults = default_options()
defaults.update(SandeshConfig.get_default_options(['DEFAULTS']))
defaults.update(SandeshConfig.get_default_options())
saved_conf_file = args.conf_file
if args.conf_file:
config = SafeConfigParser()
config.read(args.conf_file)
defaults.update(dict(config.items("DEFAULTS")))
if ('SECURITY' in config.sections() and
'use_certs' in config.options('SECURITY')):
if config.getboolean('SECURITY', 'use_certs'):
defaults.update(dict(config.items("SECURITY")))
if 'KEYSTONE' in config.sections():
defaults.update(dict(config.items("KEYSTONE")))
if 'CASSANDRA' in config.sections():
defaults.update(dict(config.items('CASSANDRA')))
SandeshConfig.update_options(defaults, config)
# Override with CLI options
# Don't surpress add_help here so it will handle -h
parser = argparse.ArgumentParser(
# Inherit options from config_parser
parents=[conf_parser],
# print script description with -h/--help
description=__doc__,
# Don't mess with format of description
formatter_class=argparse.RawDescriptionHelpFormatter,
)
parser.set_defaults(**defaults)
add_parser_arguments(parser)
args = parser.parse_args(remaining_argv)
if type(args.cassandra_server_list) is str:
args.cassandra_server_list = args.cassandra_server_list.split()
if type(args.collectors) is str:
args.collectors = args.collectors.split()
args.sandesh_config = SandeshConfig.from_parser_arguments(args)
args.cassandra_use_ssl = (str(args.cassandra_use_ssl).lower() == 'true')
args.rabbit_use_ssl = (str(args.rabbit_use_ssl).lower() == 'true')
args.zookeeper_ssl_enable = (
str(args.zookeeper_ssl_enable).lower() == 'true')
args.dnsmasq_reload_by_signal = \
(str(args.dnsmasq_reload_by_signal).lower() == 'true')
args.conf_file = saved_conf_file
return args
def parse_config_file(self, config_file):
config = SafeConfigParser(self.DEFAULT_CONFIG)
config.readfp(config_file)
blessconfig = {
'CLIENT_CONFIG': {
'domain_regex': config.get('CLIENT', 'domain_regex'),
'cache_dir': config.get('CLIENT', 'cache_dir'),
'cache_file': config.get('CLIENT', 'cache_file'),
'mfa_cache_dir': config.get('CLIENT', 'mfa_cache_dir'),
'mfa_cache_file': config.get('CLIENT', 'mfa_cache_file'),
'ip_urls': [s.strip() for s in config.get('CLIENT', 'ip_urls').split(",")],
'update_script': config.get('CLIENT', 'update_script'),
'user_session_length': int(config.get('CLIENT', 'user_session_length')),
'usebless_role_session_length': int(config.get('CLIENT', 'usebless_role_session_length')),
'update_sshagent': config.getboolean('CLIENT', 'update_sshagent'),
'use_env_creds': config.getboolean('CLIENT', 'use_env_creds'),
},
'BLESS_CONFIG': {
'ca_backend': config.get('MAIN', 'ca_backend'),
'userrole': config.get('LAMBDA', 'user_role'),
'accountid': config.get('LAMBDA', 'account_id'),
'functionname': config.get('LAMBDA', 'functionname'),
'functionversion': config.get('LAMBDA', 'functionversion'),
'certlifetime': config.getint('LAMBDA', 'certlifetime'),
'ipcachelifetime': config.getint('LAMBDA', 'ipcachelifetime'),
'timeoutconfig': {
'connect': config.getint('LAMBDA', 'timeout_connect'),
'read': config.getint('LAMBDA', 'timeout_read')
}
},
'AWS_CONFIG': {
'remote_user': config.get('MAIN', 'remote_user')
},
'REGION_ALIAS': {}
}
if config.has_option('MAIN', 'bastion_ips'):
blessconfig['AWS_CONFIG']['bastion_ips'] = config.get('MAIN', 'bastion_ips')
if blessconfig['BLESS_CONFIG']['ca_backend'].lower() == 'hashicorp-vault':
blessconfig['VAULT_CONFIG'] = {
'vault_addr': config.get('VAULT', 'vault_addr'),
'auth_mount': config.get('VAULT', 'auth_mount'),
'ssh_backend_mount': config.get('VAULT', 'ssh_backend_mount'),
'ssh_backend_role': config.get('VAULT', 'ssh_backend_role'),
}
regions = config.get('MAIN', 'region_aliases').split(",")
regions = [region.strip() for region in regions]
for region in regions:
region = region.upper()
kms_region_key = 'KMSAUTH_CONFIG_{}'.format(region)
blessconfig.update({kms_region_key: self._get_region_kms_config(region, config)})
blessconfig['REGION_ALIAS'].update({region: blessconfig[kms_region_key]['awsregion']})
if config.has_section('HOUSEKEEPER'):
hk_region_key = 'HOUSEKEEPER_CONFIG_{}'.format(region)
blessconfig.update({hk_region_key: self._get_region_housekeeper_config(region, config)})
blessconfig['REGION_ALIAS'].update({region: blessconfig[hk_region_key]['awsregion']})
return blessconfig
config = SafeConfigParser()
try:
with open(config_file, 'r') as f:
config.readfp(f, config_file)
except IOError:
pass
for option in ("jid", "jabber_password", "conference_domain", "mode", "wyzepal_email_suffix",
"jabber_server_address", "jabber_server_port"):
if (getattr(options, option) is None and
config.has_option("jabber_mirror", option)):
setattr(options, option, config.get("jabber_mirror", option))
for option in ("no_use_tls",):
if getattr(options, option) is None:
if config.has_option("jabber_mirror", option):
setattr(options, option, config.getboolean("jabber_mirror", option))
else:
setattr(options, option, False)
if options.mode is None:
options.mode = "personal"
if options.wyzepal_email_suffix is None:
options.wyzepal_email_suffix = ''
if options.mode not in ('public', 'personal'):
config_error("Bad value for --mode: must be one of 'public' or 'personal'")
if None in (options.jid, options.jabber_password):
config_error("You must specify your Jabber JID and Jabber password either "
"in the WyzePal configuration file or on the commandline")