def get_client(token=None,
api_version=DEFAULT_IRONIC_API_VERSION): # pragma: no cover
"""Get Ironic client instance."""
# NOTE: To support standalone ironic without keystone
if CONF.ironic.auth_strategy == 'noauth':
args = {'token': 'noauth', 'endpoint': CONF.ironic.ironic_url}
else:
global IRONIC_SESSION
if not IRONIC_SESSION:
IRONIC_SESSION = keystone.get_session(IRONIC_GROUP)
if token is None:
args = {
'session': IRONIC_SESSION,
'region_name': CONF.ironic.os_region
}
else:
ironic_url = IRONIC_SESSION.get_endpoint(
service_type=CONF.ironic.os_service_type,
endpoint_type=CONF.ironic.os_endpoint_type,
region_name=CONF.ironic.os_region)
args = {'token': token, 'endpoint': ironic_url}
args['os_ironic_api_version'] = api_version
args['max_retries'] = CONF.ironic.max_retries
args['retry_interval'] = CONF.ironic.retry_interval
return client.Client(1, **args)
def __init__(self):
"""Constructor for creating a SwiftAPI object.
Authentification is loaded from config file.
"""
global SWIFT_SESSION
if not SWIFT_SESSION:
SWIFT_SESSION = keystone.get_session(
SWIFT_GROUP, legacy_mapping=LEGACY_MAP,
legacy_auth_opts=LEGACY_OPTS)
# TODO(pas-ha): swiftclient does not support keystone sessions ATM.
# Must be reworked when LP bug #1518938 is fixed.
swift_url = SWIFT_SESSION.get_endpoint(
service_type=CONF.swift.os_service_type,
endpoint_type=CONF.swift.os_endpoint_type,
region_name=CONF.swift.os_region
)
token = SWIFT_SESSION.get_token()
params = dict(retries=CONF.swift.max_retries,
preauthurl=swift_url,
preauthtoken=token)
# NOTE(pas-ha):session.verify is for HTTPS urls and can be
# - False (do not verify)
# - True (verify but try to locate system CA certificates)
# - Path (verify using specific CA certificate)
# This is normally handled inside the Session instance,
# but swiftclient still does not support sessions,
# so we need to reconstruct these options from Session here.
verify = SWIFT_SESSION.verify
params['insecure'] = not verify
if verify and isinstance(verify, six.string_types):
params['cacert'] = verify
self.connection = swift_client.Connection(**params)
def get_client(token=None,
api_version=DEFAULT_IRONIC_API_VERSION): # pragma: no cover
"""Get Ironic client instance."""
# NOTE: To support standalone ironic without keystone
if CONF.ironic.auth_strategy == 'noauth':
args = {'token': 'noauth',
'endpoint': CONF.ironic.ironic_url}
else:
global IRONIC_SESSION
if not IRONIC_SESSION:
IRONIC_SESSION = keystone.get_session(
IRONIC_GROUP, legacy_mapping=LEGACY_MAP)
if token is None:
args = {'session': IRONIC_SESSION,
'region_name': CONF.ironic.os_region}
else:
ironic_url = IRONIC_SESSION.get_endpoint(
service_type=CONF.ironic.os_service_type,
endpoint_type=CONF.ironic.os_endpoint_type,
region_name=CONF.ironic.os_region
)
args = {'token': token,
'endpoint': ironic_url}
args['os_ironic_api_version'] = api_version
args['max_retries'] = CONF.ironic.max_retries
args['retry_interval'] = CONF.ironic.retry_interval
return client.Client(1, **args)
def __init__(self):
"""Constructor for creating a SwiftAPI object.
Authentification is loaded from config file.
"""
global SWIFT_SESSION
if not SWIFT_SESSION:
SWIFT_SESSION = keystone.get_session(SWIFT_GROUP,
legacy_mapping=LEGACY_MAP,
legacy_auth_opts=LEGACY_OPTS)
# TODO(pas-ha): swiftclient does not support keystone sessions ATM.
# Must be reworked when LP bug #1518938 is fixed.
swift_url = SWIFT_SESSION.get_endpoint(
service_type=CONF.swift.os_service_type,
endpoint_type=CONF.swift.os_endpoint_type,
region_name=CONF.swift.os_region)
token = SWIFT_SESSION.get_token()
params = dict(retries=CONF.swift.max_retries,
preauthurl=swift_url,
preauthtoken=token)
# NOTE(pas-ha):session.verify is for HTTPS urls and can be
# - False (do not verify)
# - True (verify but try to locate system CA certificates)
# - Path (verify using specific CA certificate)
# This is normally handled inside the Session instance,
# but swiftclient still does not support sessions,
# so we need to reconstruct these options from Session here.
verify = SWIFT_SESSION.verify
params['insecure'] = not verify
if verify and isinstance(verify, six.string_types):
params['cacert'] = verify
self.connection = swift_client.Connection(**params)
def get_client(token=None,
api_version=DEFAULT_IRONIC_API_VERSION): # pragma: no cover
"""Get Ironic client instance."""
global IRONIC_SESSION
if not IRONIC_SESSION:
IRONIC_SESSION = keystone.get_session('ironic')
args = {
'session': IRONIC_SESSION,
'os_ironic_api_version': api_version,
'max_retries': CONF.ironic.max_retries,
'retry_interval': CONF.ironic.retry_interval
}
if token is not None:
args['token'] = token
endpoint = keystone.get_adapter('ironic',
session=IRONIC_SESSION).get_endpoint()
if not endpoint:
raise utils.Error(
_('Cannot find the bare metal endpoint either in Keystone or '
'in the configuration'), code=500)
return client.get_client(1, endpoint=endpoint, **args)
def __init__(self):
"""Constructor for creating a SwiftAPI object.
Authentification is loaded from config file.
"""
global SWIFT_SESSION
adapter_opts = dict()
# TODO(pas-ha): remove handling deprecated options in Rocky
if CONF.swift.os_region and not CONF.swift.region_name:
adapter_opts['region_name'] = CONF.swift.os_region
try:
if not SWIFT_SESSION:
SWIFT_SESSION = keystone.get_session('swift')
adapter = keystone.get_adapter('swift',
session=SWIFT_SESSION,
**adapter_opts)
except Exception as exc:
raise utils.Error(
_("Could not create an adapter to connect to "
"the object storage service: %s") % exc)
# TODO(pas-ha) reverse-construct SSL-related session options here
params = {'os_options': {'object_storage_url': adapter.get_endpoint()}}
try:
self.connection = swift_client.Connection(session=SWIFT_SESSION,
**params)
except Exception as exc:
raise utils.Error(
_("Could not connect to the object storage "
"service: %s") % exc)
def test_get_session(self, auth_mock):
keystone.register_auth_opts(TESTGROUP, 'fake-service')
self.cfg.config(group=TESTGROUP, cafile='/path/to/ca/file')
auth1 = mock.Mock()
auth_mock.return_value = auth1
sess = keystone.get_session(TESTGROUP)
self.assertEqual('/path/to/ca/file', sess.verify)
self.assertEqual(auth1, sess.auth)
def test_get_session(self, auth_mock):
keystone.register_auth_opts(TESTGROUP)
self.cfg.config(group=TESTGROUP,
cafile='/path/to/ca/file')
auth1 = mock.Mock()
auth_mock.return_value = auth1
sess = keystone.get_session(TESTGROUP)
self.assertEqual('/path/to/ca/file', sess.verify)
self.assertEqual(auth1, sess.auth)
def __init__(self):
"""Constructor for creating a SwiftAPI object.
Authentification is loaded from config file.
"""
global SWIFT_SESSION
if not SWIFT_SESSION:
SWIFT_SESSION = keystone.get_session(SWIFT_GROUP)
self.connection = swift_client.Connection(session=SWIFT_SESSION)
def __init__(self):
"""Constructor for creating a SwiftAPI object.
Authentification is loaded from config file.
"""
global SWIFT_SESSION
try:
if not SWIFT_SESSION:
SWIFT_SESSION = keystone.get_session('swift')
self.connection = openstack.connection.Connection(
session=SWIFT_SESSION, oslo_conf=CONF).object_store
except Exception as exc:
raise utils.Error(
_("Could not connect to the object storage "
"service: %s") % exc)
def get_client(token=None,
api_version=DEFAULT_IRONIC_API_VERSION): # pragma: no cover
"""Get Ironic client instance."""
global IRONIC_SESSION
# NOTE: To support standalone ironic without keystone
# TODO(pas-ha) remove handling of deprecated opts in Rocky
# TODO(pas-ha) rewrite when ironicclient natively supports 'none' auth
# via sessions https://review.openstack.org/#/c/359061/
if CONF.ironic.auth_strategy == 'noauth':
CONF.set_override('auth_type', 'none', group='ironic')
if not IRONIC_SESSION:
IRONIC_SESSION = keystone.get_session('ironic')
args = {
'os_ironic_api_version': api_version,
'max_retries': CONF.ironic.max_retries,
'retry_interval': CONF.ironic.retry_interval
}
adapter_opts = dict()
# TODO(pas-ha) use service auth with incoming token
if CONF.ironic.auth_type != 'none':
if token is None:
args['session'] = IRONIC_SESSION
else:
args['token'] = token
# TODO(pas-ha): remove handling of deprecated options in Rocky
if CONF.ironic.os_region and not CONF.ironic.region_name:
adapter_opts['region_name'] = CONF.ironic.os_region
if (CONF.ironic.auth_type == 'none' and not CONF.ironic.endpoint_override
and CONF.ironic.ironic_url):
adapter_opts['endpoint_override'] = CONF.ironic.ironic_url
adapter = keystone.get_adapter('ironic',
session=IRONIC_SESSION,
**adapter_opts)
endpoint = adapter.get_endpoint()
return client.Client(1, endpoint, **args)
def get_client(token=None,
api_version=DEFAULT_IRONIC_API_VERSION): # pragma: no cover
"""Get Ironic client instance."""
global IRONIC_SESSION
# NOTE: To support standalone ironic without keystone
# TODO(pas-ha) remove handling of deprecated opts in Rocky
# TODO(pas-ha) rewrite when ironicclient natively supports 'none' auth
# via sessions https://review.openstack.org/#/c/359061/
if CONF.ironic.auth_strategy == 'noauth':
CONF.set_override('auth_type', 'none', group='ironic')
if not IRONIC_SESSION:
IRONIC_SESSION = keystone.get_session('ironic')
args = {
'os_ironic_api_version': api_version,
'max_retries': CONF.ironic.max_retries,
'retry_interval': CONF.ironic.retry_interval}
adapter_opts = dict()
# TODO(pas-ha) use service auth with incoming token
if CONF.ironic.auth_type != 'none':
if token is None:
args['session'] = IRONIC_SESSION
else:
args['token'] = token
# TODO(pas-ha): remove handling of deprecated options in Rocky
if CONF.ironic.os_region and not CONF.ironic.region_name:
adapter_opts['region_name'] = CONF.ironic.os_region
if (CONF.ironic.auth_type == 'none' and
not CONF.ironic.endpoint_override and
CONF.ironic.ironic_url):
adapter_opts['endpoint_override'] = CONF.ironic.ironic_url
adapter = keystone.get_adapter('ironic', session=IRONIC_SESSION,
**adapter_opts)
endpoint = adapter.get_endpoint()
return client.Client(1, endpoint, **args)
def __init__(self):
"""Constructor for creating a SwiftAPI object.
Authentification is loaded from config file.
"""
global SWIFT_SESSION
if not SWIFT_SESSION:
SWIFT_SESSION = keystone.get_session('swift')
adapter_opts = dict()
# TODO(pas-ha): remove handling deprecated options in Rocky
if CONF.swift.os_region and not CONF.swift.region_name:
adapter_opts['region_name'] = CONF.swift.os_region
adapter = keystone.get_adapter('swift',
session=SWIFT_SESSION,
**adapter_opts)
# TODO(pas-ha) reverse-construct SSL-related session options here
params = {'os_options': {'object_storage_url': adapter.get_endpoint()}}
self.connection = swift_client.Connection(session=SWIFT_SESSION,
**params)
def __init__(self):
"""Constructor for creating a SwiftAPI object.
Authentification is loaded from config file.
"""
global SWIFT_SESSION
if not SWIFT_SESSION:
SWIFT_SESSION = keystone.get_session('swift')
adapter_opts = dict()
# TODO(pas-ha): remove handling deprecated options in Rocky
if CONF.swift.os_region and not CONF.swift.region_name:
adapter_opts['region_name'] = CONF.swift.os_region
adapter = keystone.get_adapter('swift', session=SWIFT_SESSION,
**adapter_opts)
# TODO(pas-ha) reverse-construct SSL-related session options here
params = {
'os_options': {
'object_storage_url': adapter.get_endpoint()}}
self.connection = swift_client.Connection(session=SWIFT_SESSION,
**params)
def _get_ironic_session():
global _IRONIC_SESSION
if not _IRONIC_SESSION:
_IRONIC_SESSION = keystone.get_session('ironic')
return _IRONIC_SESSION