def get_auth_params_from_request(request):
api_version = VERSIONS.get_active_version()
cinder_url = ""
auth_url = base.url_for(request, 'identity')
try:
# The cinder client assumes that the v2 endpoint type will be
# 'volumev2'.
if api_version['version'] == 2:
try:
cinder_url = base.url_for(request, 'volumev2')
except exceptions.ServiceCatalogException:
LOG.warning("Cinder v2 requested but no 'volumev2' service "
"type available in Keystone catalog.")
except exceptions.ServiceCatalogException:
LOG.debug('no volume service configured.')
raise
return(
api_version,
request.user.username,
request.user.token.id,
request.user.tenant_id,
cinder_url,
auth_url,
)
def novaclient(request):
insecure = getattr(settings, "OPENSTACK_SSL_NO_VERIFY", False)
LOG.debug(
'novaclient connection created using token "%s" and url "%s"'
% (request.user.token.id, url_for(request, "compute"))
)
# jt
# c = nova_client.Client(request.user.username,
# request.user.token.id,
# project_id=request.user.tenant_id,
# auth_url=url_for(request, 'compute'),
# insecure=insecure,
# http_log_debug=settings.DEBUG)
c = nova_client.Client(
request.user.username,
request.user.token.id,
project_id=request.user.tenant_id,
region_name=request.session.get("region_name", None),
auth_url=url_for(request, "compute"),
insecure=insecure,
http_log_debug=settings.DEBUG,
)
c.client.auth_token = request.user.token.id
c.client.management_url = url_for(request, "compute")
return c
def novaclient(request, region=None):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
LOG.debug('novaclient connection created using token "%s" and url "%s"' %
(request.user.token.id, base.url_for(request, 'compute', region=region)))
if request.user.is_superuser:
c = nova_client.Client(request.user.username,
request.user.token.id,
project_id=request.user.tenant_id,
auth_url=base.url_for(request, 'compute', region=region),
insecure=insecure,
cacert=cacert,
http_log_debug=settings.DEBUG)
else:
c = nova_client.Client(request.user.username,
request.user.token.id,
project_id=request.user.tenant_id,
auth_url=base.url_for(request, 'compute', region=region),
insecure=insecure,
timeout=3,
cacert=cacert,
http_log_debug=settings.DEBUG)
c.client.auth_token = request.user.token.id
c.client.management_url = base.url_for(request, 'compute', region=region)
return c
def cinderclient(request):
api_version = VERSIONS.get_active_version()
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
cinder_url = ""
try:
# The cinder client assumes that the v2 endpoint type will be
# 'volumev2'. However it also allows 'volume' type as a
# fallback if the requested version is 2 and there is no
# 'volumev2' endpoint.
if api_version['version'] == 2:
try:
cinder_url = base.url_for(request, 'volumev2')
except exceptions.ServiceCatalogException:
LOG.warning("Cinder v2 requested but no 'volumev2' service "
"type available in Keystone catalog. Falling back "
"to 'volume'.")
if cinder_url == "":
cinder_url = base.url_for(request, 'volume')
except exceptions.ServiceCatalogException:
LOG.debug('no volume service configured.')
raise
c = api_version['client'].Client(request.user.username,
request.user.token.id,
project_id=request.user.tenant_id,
auth_url=cinder_url,
insecure=insecure,
cacert=cacert,
http_log_debug=settings.DEBUG)
c.client.auth_token = request.user.token.id
c.client.management_url = cinder_url
return c
def crdclient(request):
LOG.debug('crdfwclient connection created using token "%s" and url "%s"'
% (request.user.token.id, base.url_for(request, 'crd')))
LOG.debug('user_id=%(user)s, tenant_id=%(tenant)s' %
{'user': request.user.id, 'tenant': request.user.tenant_id})
c = fw_client.Client(token=request.user.token.id,
endpoint_url=base.url_for(request, 'crd'))
return c
def quantumclient(request):
LOG.debug('quantumclient connection created using token "%s" and url "%s"'
% (request.user.token.id, url_for(request, 'network')))
LOG.debug('user_id=%(user)s, tenant_id=%(tenant)s' %
{'user': request.user.id, 'tenant': request.user.tenant_id})
c = quantum_client.Client(token=request.user.token.id,
endpoint_url=url_for(request, 'network'))
return c
def crdclient(request):
LOG.debug(
'crdcnsclient connection created using token "%s" and url "%s"'
% (request.user.token.id, base.url_for(request, "crd"))
)
LOG.debug("user_id=%(user)s, tenant_id=%(tenant)s" % {"user": request.user.id, "tenant": request.user.tenant_id})
c = cns_client.Client(token=request.user.token.id, endpoint_url=base.url_for(request, "crd"))
return c
def neutronclient(request):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
c = neutron_client.Client(token=request.user.token.id,
auth_url=base.url_for(request, 'identity'),
endpoint_url=base.url_for(request, 'network'),
insecure=insecure, ca_cert=cacert)
return c
def tackerclient(request):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
c = tacker_client.Client(
token=request.user.token.id,
auth_url=base.url_for(request, 'identity'),
endpoint_url=base.url_for(request, 'nfv-orchestration'),
insecure=insecure, ca_cert=cacert)
return c
def neutronclient(request):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
LOG.debug('neutronclient connection created using token "%s" and url "%s"'
% (request.user.token.id, url_for(request, 'network')))
LOG.debug('user_id=%(user)s, tenant_id=%(tenant)s' %
{'user': request.user.id, 'tenant': request.user.tenant_id})
c = neutron_client.Client(token=request.user.token.id,
endpoint_url=url_for(request, 'network'),
insecure=insecure)
return c
def tackerclient(request):
insecure = getattr(settings, "OPENSTACK_SSL_NO_VERIFY", False)
cacert = getattr(settings, "OPENSTACK_SSL_CACERT", None)
c = tacker_client.Client(
token=request.user.token.id,
auth_url=base.url_for(request, "identity"),
endpoint_url=base.url_for(request, "servicevm"),
insecure=insecure,
ca_cert=cacert,
)
return c
def get_auth_params_from_request(request):
"""Extracts the properties from the request object needed by the novaclient
call below. These will be used to memoize the calls to novaclient
"""
return (
request.user.username,
request.user.token.id,
request.user.tenant_id,
base.url_for(request, 'compute'),
base.url_for(request, 'identity')
)
def create_nova_client_baremetal():
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
nc = nova.nova_client.Client(request.user.username,
request.user.token.id,
project_id=request.user.tenant_id,
auth_url=base.url_for(request, 'compute'),
insecure=insecure,
http_log_debug=settings.DEBUG)
nc.client.auth_token = request.user.token.id
nc.client.management_url = base.url_for(request, 'compute')
return nc
def neutronclient(request):
insecure = getattr(settings, "OPENSTACK_SSL_NO_VERIFY", False)
cacert = getattr(settings, "OPENSTACK_SSL_CACERT", None)
LOG.debug(
'neutronclient connection created using token "%s" and url "%s"'
% (request.user.token.id, base.url_for(request, "network"))
)
LOG.debug("user_id=%(user)s, tenant_id=%(tenant)s" % {"user": request.user.id, "tenant": request.user.tenant_id})
c = neutron_client.Client(
token=request.user.token.id, endpoint_url=base.url_for(request, "network"), insecure=insecure, ca_cert=cacert
)
return c
def neutronclient(request):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
LOG.debug('neutronclient connection created using token "%s" and url "%s"'
% (request.user.token.id, base.url_for(request, 'network')))
LOG.debug('user_id=%(user)s, tenant_id=%(tenant)s' %
{'user': request.user.id, 'tenant': request.user.tenant_id})
c = neutron_client.Client(token=request.user.token.id,
auth_url=base.url_for(request, 'identity'),
endpoint_url=base.url_for(request, 'network'),
insecure=insecure, ca_cert=cacert)
return c
def novaclient(request):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
LOG.debug('novaclient connection created using token "%s" and url "%s"' %
(request.user.token.id, url_for(request, 'compute')))
c = nova_client.Client(request.user.username,
request.user.token.id,
project_id=request.user.tenant_id,
auth_url=url_for(request, 'compute'),
insecure=insecure)
c.client.auth_token = request.user.token.id
c.client.management_url = url_for(request, 'compute')
return c
def get_auth_params_from_request(request):
"""Extracts properties needed by novaclient call from the request object.
These will be used to memoize the calls to novaclient.
"""
return (
request.user.username,
request.user.token.id,
request.user.tenant_id,
request.user.token.project.get('domain_id'),
base.url_for(request, 'compute'),
base.url_for(request, 'identity')
)
def novaclient(request, region=None):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
c = nova_client.Client(request.user.username,
request.user.token.id,
project_id=request.user.tenant_id,
auth_url=base.url_for(request, 'compute'),
insecure=insecure,
cacert=cacert,
http_log_debug=settings.DEBUG)
c.client.auth_token = request.user.token.id
c.client.management_url = base.url_for(request, 'compute', region=region)
return c
def test_url_for(self):
url = api_base.url_for(self.request, 'image')
self.assertEqual(url, 'http://public.glance.example.com:9292/v1')
url = api_base.url_for(self.request, 'image', endpoint_type='adminURL')
self.assertEqual(url, 'http://admin.glance.example.com:9292/v1')
url = api_base.url_for(self.request, 'compute')
self.assertEqual(url, 'http://public.nova.example.com:8774/v2')
url = api_base.url_for(self.request, 'compute',
endpoint_type='adminURL')
self.assertEqual(url, 'http://admin.nova.example.com:8774/v2')
url = api_base.url_for(self.request, 'volume')
self.assertEqual(url, 'http://public.nova.example.com:8776/v1')
url = api_base.url_for(self.request, 'volume',
endpoint_type="internalURL")
self.assertEqual(url, 'http://int.nova.example.com:8776/v1')
url = api_base.url_for(self.request, 'volume',
endpoint_type='adminURL')
self.assertEqual(url, 'http://admin.nova.example.com:8776/v1')
self.assertNotIn('notAnApi', self.request.user.service_catalog,
'Select a new nonexistent service catalog key')
with self.assertRaises(exceptions.ServiceCatalogException):
url = api_base.url_for(self.request, 'notAnApi')
def client(request):
try:
service_type = SAHARA_SERVICE
sahara_url = base.url_for(request, service_type)
except exceptions.ServiceCatalogException:
# if no endpoint found, fallback to the old service_type
service_type = SAHARA_SERVICE_FALLBACK
sahara_url = base.url_for(request, service_type)
return api_client.Client(VERSIONS.get_active_version()["version"],
sahara_url=sahara_url,
service_type=service_type,
project_id=request.user.project_id,
input_auth_token=request.user.token.id)
def handle(self, request, data):
print "++++++++++++ ////////////// data = %s"%data
uri = request.get_full_path()
match = re.search('/project/vpns/([^/]+)/autoburst/', uri)
vpn_id = match.group(1)
print "++++++++++++ ////////////// RBA RBA vpn_id = %s"%vpn_id
self.p_tk=request.user.token.id
try:
messages.success(request, _("AutoBurst is enabled on the remote VMs using this elastic wan..."))
pgsplit=re.split(r'\.',str(data['p_gw']))
self.p_site=pgsplit[0]+'.'+pgsplit[1]
egsplit=re.split(r'\.',str(data['e_gw']))
self.e_site=egsplit[0]+'.'+egsplit[1]
# should use a modular client below once it supports complex jsons:
#api.elasticnet.elasticnet_add_link(request, vpn_id, self.p_site, str(data['p_gw']) , str(data['p_nets']), self.p_tk, self.e_site, str(data['e_gw']) , str(data['e_nets']), self.e_tk, str(data['bw']))
if str(request.user.username).startswith("acme"):
o = urlparse.urlparse(url_for(request, "ipsecvpn"))
else:
o = urlparse.urlparse(url_for(request, "vpn"))
conn0 = Connection("http://"+str(o.hostname)+":9797", "ericsson", "ericsson")
uri0 = "/v1.0/tenants/acme/networks/"+str(vpn_id)+"/links.json"
LOG.debug("http://"+str(o.hostname)+":9797")
LOG.debug(uri0)
bw=None
header = {}
header["Content-Type"]= "application/json"
jsonbody='{"sites": [{"id":"'+str(self.p_site)+'", "gateway":"'+ str(data['p_gw']) +'", "network":"'+ str(data['p_nets']) +'", "token_id":"'+str(self.p_tk)+ '"}, {"id":"' \
+ str(self.e_site)+'", "gateway":"'+ str(data['e_gw']) +'", "network":"'+ str(data['e_nets']) +'", "token_id":"'+str(self.e_tk)+ '"}], "qos":{"bandwidth":"' \
+ str(bw)+'"}, "usecase":{"action":"autoburst", "vmuuid":"' \
+ str(data['e_servers'])+'", "vmtenantid":"'+str(self.vmtenantid)+'", "vmsla":"'+str(data['sla'])+'"}}'
print "+++ ewan result json body =%s"%jsonbody
result=conn0.request_post(uri0, body=jsonbody, headers=header)
print "+++ ewan result body =%s"%result["body"]
body=json.loads(result["body"])
print "+++ewan body=%s"%body
linkid=str(body['link']['id'])
print "+++ewan linkid=%s"%linkid
messages.success(request, _("Link added successfully."))
shortcuts.redirect("horizon:project:vpns:index")
return True
except Exception as e:
msg = _('Failed to authorize Link from remote Enterprise Site crendentials : %s') % e.message
LOG.info(msg)
return shortcuts.redirect("horizon:project:vpns:index")
def handle(self, request, data):
print "++++++++++++ ////////////// data = %s"%data
uri = request.get_full_path()
match = re.search('/project/ipsec/([^/]+)/preaddlink/', uri)
vpn_id = match.group(1)
print "++++++++++++ ////////////// RBA RBA vpn_id = %s"%vpn_id
self.p_tk=request.user.token.id
try:
messages.success(request, _("Link in process of establishement... Pushing low level network configuration..."))
pgsplit=re.split(r'\.',str(data['p_gw']))
self.p_site=pgsplit[0]+'.'+pgsplit[1]
egsplit=re.split(r'\.',str(data['e_gw']))
self.e_site=egsplit[0]+'.'+egsplit[1]
print "++++++ data to plugin : vpn=%s, psite=%s, pgw=%s, pnets=%s, ptk=%s, esite=%s, egw=%s, enets=%s, etk=%s, bw=%s"%(vpn_id, self.p_site, data['p_gw'] , data['p_nets'],
self.p_tk, self.e_site, data['e_gw'] , data['e_nets'], self.e_tk, data['bw'])
# should use a modular client below once it supports complex jsons:
#api.elasticnet.elasticnet_add_link(request, vpn_id, self.p_site, str(data['p_gw']) , str(data['p_nets']), self.p_tk, self.e_site, str(data['e_gw']) , str(data['e_nets']), self.e_tk, str(data['bw']))
if str(request.user.username).startswith("acme"):
o = urlparse.urlparse(url_for(request, "ipsecvpn"))
else:
o = urlparse.urlparse(url_for(request, "vpn"))
conn0 = Connection("http://"+str(o.hostname)+":9797", "ericsson", "ericsson")
uri0 = "/v1.0/tenants/acme/networks/"+str(vpn_id)+"/links.json"
LOG.debug("http://"+str(o.hostname)+":9797")
LOG.debug(uri0)
header = {}
header["Content-Type"]= "application/json"
jsonbody='{"sites": [{"id":"'+str(self.p_site)+'", "gateway":"'+ str(data['p_gw']) +'", "network":"'+ str(data['p_nets']) +'", "token_id":"'+str(self.p_tk)+ '"}, {"id":"' \
+ str(self.e_site)+'", "gateway":"'+ str(data['e_gw']) +'", "network":"'+ str(data['e_nets']) +'", "token_id":"'+str(self.e_tk)+ '"}], "qos":{"bandwidth":"' \
+ str(data['bw'])+'", "eir":"'+ str(data['eir'])+ '", "cbs":"'+ str(data['cbs'])+ '", "pbs":"'+ str(data['pbs'])+ '"}}'
print "+++ ewan result json body =%s"%jsonbody
result=conn0.request_post(uri0, body=jsonbody, headers=header)
print "+++ ewan result body =%s"%result["body"]
body=json.loads(result["body"])
print "+++ewan body=%s"%body
linkid=str(body['link']['id'])
print "+++ewan linkid=%s"%linkid
messages.success(request, _("Link added successfully."))
shortcuts.redirect("horizon:project:ipsec:index")
return True
except Exception as e:
msg = _('Failed to authorize Link from remote Enterprise Site crendentials : %s') % e.message
LOG.info(msg)
return shortcuts.redirect("horizon:project:ipsec:index")
def _get_auth_params_from_request(request):
"""Extracts the properties from the request object needed by the monascaclient call below.
These will be used to memoize the calls to monascaclient
"""
LOG.debug('Extracting intel from request')
return (
request.user.user_domain_id,
request.user.token.id,
request.user.tenant_id,
request.user.token.project.get('domain_id'),
base.url_for(request, MONITORING_SERVICE),
base.url_for(request, KEYSTONE_SERVICE)
)
def magnumclient(request):
magnum_url = ""
service_type = 'container-infra'
try:
magnum_url = base.url_for(request, service_type)
except exceptions.ServiceCatalogException:
LOG.debug('No Container Infrastructure Management service is '
'configured.')
return None
LOG.debug('magnumclient connection created using the token "%s" and url'
'"%s"' % (request.user.token.id, magnum_url))
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
openstack_api_versions = getattr(settings, 'OPENSTACK_API_VERSIONS', {})
magnum_api_version = openstack_api_versions.get(service_type, 1.1)
c = magnum_client.Client(username=request.user.username,
project_id=request.user.tenant_id,
input_auth_token=request.user.token.id,
magnum_url=magnum_url,
insecure=insecure,
api_version=magnum_api_version,
cacert=cacert)
return c
def _get_endpoint_url(request, endpoint_type, catalog=None):
if getattr(request.user, "service_catalog", None):
return base.url_for(request,
service_type='identity',
endpoint_type=endpoint_type)
return request.session.get('region_endpoint',
getattr(settings, 'OPENSTACK_KEYSTONE_URL'))
def vitrageclient(request, password=None):
endpoint = base.url_for(request, 'identity')
tokenId = request.user.token.id
tenentName = request.user.tenant_name
auth = Token(auth_url=endpoint, token=tokenId, project_name=tenentName)
session = Session(auth=auth, timeout=600)
return vitrage_client.Client('1', session)
def baremetalclient(request):
def create_remote_nova_client_baremetal():
nc = nova.nova_client.Client(REMOTE_NOVA_BAREMETAL_CREDS['user'],
REMOTE_NOVA_BAREMETAL_CREDS['password'],
REMOTE_NOVA_BAREMETAL_CREDS['tenant'],
auth_url=REMOTE_NOVA_BAREMETAL_CREDS['auth_url'],
bypass_url=REMOTE_NOVA_BAREMETAL_CREDS['bypass_url'])
return nc
def create_nova_client_baremetal():
insecure = getattr(django.conf.settings, 'OPENSTACK_SSL_NO_VERIFY',
False)
nc = nova.nova_client.Client(
request.user.username,
request.user.token.id,
project_id=request.user.tenant_id,
auth_url=base.url_for(request, 'compute'),
insecure=insecure,
http_log_debug=django.conf.settings.DEBUG)
nc.client.auth_token = request.user.token.id
nc.client.management_url = base.url_for(request, 'compute')
return nc
if REMOTE_NOVA_BAREMETAL_CREDS:
LOG.debug('remote nova baremetal client connection created')
nc = create_remote_nova_client_baremetal()
else:
LOG.debug('nova baremetal client connection created using token "%s" '
'and url "%s"' %
(request.user.token.id, base.url_for(request, 'compute')))
nc = create_nova_client_baremetal()
return baremetal.BareMetalNodeManager(nc)
def swift_get_container(request, container_name, with_data=True):
if with_data:
headers, data = swift_api(request).get_object(container_name, "")
else:
data = None
headers = swift_api(request).head_container(container_name)
timestamp = None
is_public = False
public_url = None
try:
is_public = GLOBAL_READ_ACL in headers.get('x-container-read', '')
if is_public:
swift_endpoint = base.url_for(request,
'object-store',
endpoint_type='publicURL')
parameters = urlparse.quote(container_name.encode('utf8'))
public_url = swift_endpoint + '/' + parameters
ts_float = float(headers.get('x-timestamp'))
timestamp = timeutils.iso8601_from_timestamp(ts_float)
except Exception:
pass
container_info = {
'name': container_name,
'container_object_count': headers.get('x-container-object-count'),
'container_bytes_used': headers.get('x-container-bytes-used'),
'timestamp': timestamp,
'data': data,
'is_public': is_public,
'public_url': public_url,
}
return Container(container_info)
def manilaclient(request):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
manila_url = ""
try:
manila_url = base.url_for(request, MANILA_SERVICE_TYPE)
except exceptions.ServiceCatalogException:
LOG.debug('no share service configured.')
return None
LOG.debug('manilaclient connection created using token "%s" and url "%s"' %
(request.user.token.id, manila_url))
c = manila_client.Client(
MANILA_VERSION,
username=request.user.username,
input_auth_token=request.user.token.id,
project_id=request.user.tenant_id,
service_catalog_url=manila_url,
insecure=insecure,
cacert=cacert,
http_log_debug=settings.DEBUG,
user_agent=MANILA_UI_USER_AGENT_REPR,
)
c.client.auth_token = request.user.token.id
c.client.management_url = manila_url
return c
def accountsclient(request):
t = request.user.token.id
url = url_for(request, 'account')
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
LOG.debug('accountsclient connection created using token "%s" and url "%s"'
% (request.user.token.id, url))
return accounts_client(url, token=t, insecure=insecure)
def ceilometerclient(request):
"""Initialization of Ceilometer client."""
endpoint = base.url_for(request, 'metering')
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
LOG.debug('ceilometerclient connection created using token "%s" '
'and endpoint "%s"' % (request.user.token.id, endpoint))
return ceilometer_client.Client('2', endpoint,
token=(lambda: request.user.token.id),
insecure=insecure,
ca_file=cacert)
def action_request(request, action, requestdict):
endpoint = base.url_for(request, 'identity')
token_id = request.user.token.id
tenant_name = request.user.tenant_name
project_domain_id = request.user.token.project.get('domain_id', 'Default')
auth = Token(auth_url=endpoint, token=token_id,
project_name=tenant_name,
project_domain_id=project_domain_id)
session = Session(auth=auth, timeout=600)
result = action_manager.ActionManager.execute(session, str(action),requestdict)
return result
def get_microversion(request, features):
for service_name in ('volume', 'volumev2', 'volumev3'):
try:
cinder_url = base.url_for(request, service_name)
break
except exceptions.ServiceCatalogException:
continue
else:
return None
min_ver, max_ver = cinder_client.get_server_version(cinder_url)
return (microversions.get_microversion_for_features(
'cinder', features, api_versions.APIVersion, min_ver, max_ver))
def swift_api(request):
endpoint = base.url_for(request, 'object-store')
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
LOG.debug('Swift connection created using token "%s" and url "%s"' %
(request.user.token.id, endpoint))
return swiftclient.client.Connection(None,
request.user.username,
None,
preauthtoken=request.user.token.id,
preauthurl=endpoint,
cacert=cacert,
auth_version="2.0")
def swift_api(request):
endpoint = base.url_for(request, 'object-store')
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
return swiftclient.client.Connection(None,
request.user.username,
None,
preauthtoken=request.user.token.id,
preauthurl=endpoint,
cacert=cacert,
insecure=insecure,
auth_version="2.0")
def glanceclient(request):
o = urlparse.urlparse(base.url_for(request, 'image'))
url = "://".join((o.scheme, o.netloc))
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
LOG.debug('glanceclient connection created using token "%s" and url "%s"' %
(request.user.token.id, url))
return glance_client.Client('1',
url,
token=request.user.token.id,
insecure=insecure,
cacert=cacert)
def get_node_info(request, uuid):
auth_url=base.url_for(request, 'identity'),
kwargs = {
'os_auth_token': request.user.token.id,
'ironic_url':'http://223.3.73.169:6385/',
#'ironic_url':auth_url,
# 'timeout': args.timeout,
# 'ca_file': args.ca_file,
# 'cert_file': args.cert_file,
# 'key_file': args.key_file,
}
client = ironic_client.get_client(1,**kwargs)
return client.node.get(uuid)
def distilclient(request):
try:
try:
from distilclient import client
except Exception:
from distil.client import client
auth_url = base.url_for(request, service_type='identity')
distil_url = base.url_for(request, service_type='rating')
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
distil = client.Client(distil_url=distil_url,
os_auth_token=request.user.token.id,
os_tenant_id=request.user.tenant_id,
os_auth_url=auth_url,
os_region_name=request.user.services_region,
insecure=insecure,
os_cacert=cacert)
distil.request = request
except Exception as e:
LOG.error(e)
return
return distil
def _get_endpoint_url(request):
# If the request is made by an anonymous user, this endpoint request fails.
# Thus, we must hardcode this in Horizon.
if getattr(request.user, "service_catalog", None):
url = base.url_for(request, service_type='registration')
else:
url = getattr(settings, 'OPENSTACK_REGISTRATION_URL')
# Ensure ends in slash
if not url.endswith('/'):
url += '/'
return url
def ironicclient(request):
"""Returns a client connected to the Ironic backend.
"""
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', DEFAULT_INSECURE)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', DEFAULT_CACERT)
ironic_url = base.url_for(request, IRONIC_CLIENT_CLASS_NAME)
return client.Client(1,
ironic_url,
project_id=request.user.project_id,
token=request.user.token.id,
insecure=insecure,
cacert=cacert)
def novaclient(request):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
LOG.debug('novaclient connection created using token "%s" and url "%s"' %
(request.user.token.id, url_for(request, 'compute')))
# jt
# c = nova_client.Client(request.user.username,
# request.user.token.id,
# project_id=request.user.tenant_id,
# auth_url=url_for(request, 'compute'),
# insecure=insecure,
# http_log_debug=settings.DEBUG)
c = nova_client.Client(request.user.username,
request.user.token.id,
project_id=request.user.tenant_id,
region_name=request.session.get(
'region_name', None),
auth_url=url_for(request, 'compute'),
insecure=insecure,
http_log_debug=settings.DEBUG)
c.client.auth_token = request.user.token.id
c.client.management_url = url_for(request, 'compute')
return c
def get_auth_params_from_request(request):
"""Extracts properties needed by zunclient call from the request object.
These will be used to memoize the calls to zunclient.
"""
endpoint_override = ""
try:
endpoint_override = base.url_for(request, 'container')
except exceptions.ServiceCatalogException:
LOG.debug('No Container Management service is configured.')
return None
return (request.user.username, request.user.token.id,
request.user.tenant_id, endpoint_override)
def _get_endpoint_url(request, endpoint_type, catalog=None):
if getattr(request.user, "service_catalog", None):
url = base.url_for(request,
service_type='identity',
endpoint_type=endpoint_type)
else:
auth_url = getattr(settings, 'OPENSTACK_KEYSTONE_URL')
url = request.session.get('region_endpoint', auth_url)
# TODO(gabriel): When the Service Catalog no longer contains API versions
# in the endpoints this can be removed.
url = auth_utils.fix_auth_url_version(url)
return url
def troveclient(request):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
trove_url = base.url_for(request, 'database')
c = client.Client(request.user.username,
request.user.token.id,
project_id=request.user.project_id,
auth_url=trove_url,
insecure=insecure,
cacert=cacert,
http_log_debug=settings.DEBUG)
c.client.auth_token = request.user.token.id
c.client.management_url = trove_url
return c
def zaqarclient(request):
zaqar_url = ""
service_type = 'messaging'
try:
zaqar_url = base.url_for(request, service_type)
except exceptions.ServiceCatalogException:
LOG.debug('No messaging service is configured.')
return None
LOG.debug('zaqarclient connection created using the token "%s" and url'
'"%s"' % (request.user.token.id, zaqar_url))
opts = {
'os_auth_token': request.user.token.id,
'os_auth_url': base.url_for(request, 'identity'),
'os_project_id': request.user.tenant_id,
'os_service_type': service_type
}
auth_opts = {'backend': 'keystone', 'options': opts}
conf = {'auth_opts': auth_opts}
return zaqar_client.Client(url=zaqar_url, version=2, conf=conf)
def magnumclient(request):
magnum_url = ""
try:
magnum_url = base.url_for(request, 'container')
except exceptions.ServiceCatalogException:
LOG.debug('No Containers service is configured.')
return None
LOG.debug('magnumclient connection created using the token "%s" and url'
'"%s"' % (request.user.token.id, magnum_url))
c = magnum_client.Client(username=request.user.username,
project_id=request.user.tenant_id,
input_auth_token=request.user.token.id,
magnum_url=magnum_url)
return c
def get_auth_params_from_request(request):
api_version = VERSIONS.get_active_version()
cinder_url = ""
auth_url = base.url_for(request, 'identity')
try:
# The cinder client assumes that the v2 endpoint type will be
# 'volumev2'.
if api_version['version'] == 2:
try:
cinder_url = base.url_for(request, 'volumev2')
except exceptions.ServiceCatalogException:
LOG.warning("Cinder v2 requested but no 'volumev2' service "
"type available in Keystone catalog.")
except exceptions.ServiceCatalogException:
LOG.debug('no volume service configured.')
raise
return(
request.user.username,
request.user.token.id,
request.user.tenant_id,
cinder_url,
auth_url,
)
def barbicanclient(request):
region = request.user.services_region
endpoint = base.url_for(request, 'key-manager')
auth_url, _ = auth_utils.fix_auth_url_version_prefix(
settings.OPENSTACK_KEYSTONE_URL)
auth = token_endpoint.Token(auth_url, request.user.token.id)
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
# If 'insecure' is True, 'verify' is False in all cases; otherwise
# pass the cacert path if it is present, or True if no cacert.
verify = not insecure and (cacert or True)
return barbican_client.Client(session=session.Session(auth=auth,
verify=verify),
endpoint=endpoint,
region_name=region)
def _get_endpoint_url(request, endpoint_type, catalog=None):
if getattr(request.user, "service_catalog", None):
url = base.url_for(request,
service_type='identity',
endpoint_type=endpoint_type)
else:
auth_url = getattr(settings, 'OPENSTACK_KEYSTONE_URL')
url = request.session.get('region_endpoint', auth_url)
# TODO(gabriel): When the Service Catalog no longer contains API versions
# in the endpoints this can be removed.
bits = urlparse.urlparse(url)
root = "://".join((bits.scheme, bits.netloc))
url = "%s/v%s" % (root, VERSIONS.active)
return url
def glanceclient(request, version=None):
api_version = VERSIONS.get_active_version()
url = base.url_for(request, 'image')
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
# TODO(jpichon): Temporarily keep both till we update the API calls
# to stop hardcoding a version in this file. Once that's done we
# can get rid of the deprecated 'version' parameter.
if version is None:
return api_version['client'].Client(url, token=request.user.token.id,
insecure=insecure, cacert=cacert)
else:
return glance_client.Client(version, url, token=request.user.token.id,
insecure=insecure, cacert=cacert)
def share_update(request,
share_id,
name,
description,
is_public='',
lease_days=None):
share_data = {'display_name': name, 'display_description': description}
if not isinstance(is_public, six.string_types):
is_public = six.text_type(is_public)
if is_public and is_public.lower() != 'none':
share_data['is_public'] = is_public
controllername1 = str(base.url_for(request, 'sharev2')).split(':')
controllername2 = str(controllername1[1]).split('/')
controllername = controllername2[2]
lease.update_share_lease(controllername, share_id.id, lease_days)
return manilaclient(request).shares.update(share_id, **share_data)
def nova_client_client(request):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
endpoint_type = getattr(settings, 'OPENSTACK_ENDPOINT_TYPE', 'publicURL')
identity_url = base.url_for(request, 'identity')
loader = loading.get_plugin_loader('token')
auth = loader.load_from_options(auth_url=identity_url,
token=request.user.token.id,
tenant_id=request.user.project_id)
sess = session.Session(auth=auth)
nova = nova_client.Client(NOVA_VERSION,
session=sess,
insecure=insecure,
cacert=cacert,
endpoint_type=endpoint_type,
http_log_debug=settings.DEBUG)
return nova
def get_proxy_list(request):
try:
resp = requests.get(base.url_for(request, 'proxy') + '/mapping')
if resp.status_code == 400 and resp.text == 'No such project':
proxies = []
elif not resp:
raise Exception("Got status " + str(resp.status_code))
else:
proxies = [
Proxy(route['domain'], route['backends'])
for route in resp.json()['routes']
]
except Exception:
proxies = []
exceptions.handle(request,
_("Unable to retrieve proxies: " + resp.text))
return proxies
def _add_sites(self,
request,
data,
vpn=None,
tenant_name=None,
no_redirect=False):
if vpn:
vpn_id = vpn['vpn']['id']
vpn_name = self.clean(data['net_name'])
else:
vpn_id = self.context.get('vpn_id')
vpn_name = self.context.get('vpn_name')
try:
o = urlparse.urlparse(url_for(request, "compute"))
hostname = str(o.hostname)
lsite = api.elasticnet.elasticnet_add_site(
request, vpn_id, vpn_name + '.Provider_AZ1', hostname, '',
str(request.user.username), str(request.user.token.id),
str(request.user.tenant_name))
messages.success(
request,
_("Local Provider Site %s added successfully.") % vpn_name +
'.Provider_AZ1')
data['token'] = ''
if data['site_name']:
rsite = api.elasticnet.elasticnet_add_site(
request, vpn_id,
vpn_name + '.' + self.clean(data['site_name']),
data['keystone'], data['token'], data['user'],
data['password'], data['tenant'])
messages.success(
request,
_("Enterprise Site %s added successfully.") % vpn_name +
'.' + self.clean(data['site_name']))
return rsite
except Exception as e:
if no_redirect:
redirect = None
else:
redirect = self.get_failure_url()
exceptions.handle(request,
"Failed to add site because %s" % e,
redirect=redirect)
return False
def server_update(request, instance_id, name, lease_days):
controllername1 = str(base.url_for(request, 'compute')).split(':')
controllername2 = str(controllername1[1]).split('/')
controllername = controllername2[2]
db = pymysql.connect(host=controllername, port=3306, user='******', passwd='BSoniC', db='expo_nova')
cursor = db.cursor()
lease_days_pass = str(lease_days)
viname = str(name)
generatetime1 = datetime.datetime.strftime(datetime.datetime.now(), '%Y-%m-%d %H:%M:%S')
generatetime = str(generatetime1)
cursor.execute("update lease_active_vms set created_on='"+generatetime+"', leasedays='"+lease_days_pass+"' where hostname='"+viname+"'")
db.commit()
db.close()
return novaclient(request).servers.update(instance_id, name=name)
def tuskarclient(request, password=None):
api_version = "2"
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
ca_file = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
endpoint = base.url_for(request, TUSKAR_SERVICE)
LOG.debug('tuskarclient connection created using token "%s" and url "%s"' %
(request.user.token.id, endpoint))
client = tuskar_client.get_client(api_version,
tuskar_url=endpoint,
insecure=insecure,
ca_file=ca_file,
username=request.user.username,
password=password,
os_auth_token=request.user.token.id)
return client
def designateclient(request):
designate_url = ""
try:
designate_url = url_for(request, 'dns')
except exceptions.ServiceCatalogException:
LOG.debug('no dns service configured.')
return None
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
return Client(endpoint=designate_url,
token=request.user.token.id,
username=request.user.username,
tenant_id=request.user.project_id,
insecure=insecure,
cacert=cacert)
def get_microversion(request, features):
for service_name in ('volume', 'volumev2', 'volumev3'):
try:
cinder_url = base.url_for(request, service_name)
break
except exceptions.ServiceCatalogException:
continue
else:
return None
insecure = settings.OPENSTACK_SSL_NO_VERIFY
cacert = settings.OPENSTACK_SSL_CACERT
min_ver, max_ver = cinder_client.get_server_version(cinder_url,
insecure, cacert)
return microversions.get_microversion_for_features(
'cinder', features, api_versions.APIVersion, min_ver, max_ver)
def heatclient(request):
#TODO: unhardcode api_version
api_version = "1"
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
endpoint = url_for(request, 'orchestration')
LOG.debug('heatclient connection created using token "%s" and url "%s"' %
(request.user.token.id, endpoint))
kwargs = {
'token': request.user.token.id,
'insecure': insecure,
#'timeout': args.timeout,
#'ca_file': args.ca_file,
#'cert_file': args.cert_file,
#'key_file': args.key_file,
}
client = heat_client.Client(api_version, endpoint, **kwargs)
client.format_parameters = format_parameters
return client
def _get_engine_kwargs(request, connection_str):
from openstack_dashboard.api import base
engines_kwargs = {
# NOTE(tsufiev): actually Horizon doesn't use ceilometer backend (too
# slow for UI), but since osprofiler still supports it (due to API
# deprecation cycle limitations), Horizon also should support this
# option
'ceilometer': lambda req: {
'endpoint': base.url_for(req, 'metering'),
'insecure': settings.OPENSTACK_SSL_NO_VERIFY,
'cacert': settings.OPENSTACK_SSL_CACERT,
'token': (lambda: req.user.token.id),
'ceilometer_api_version': '2'
}
}
engine = urlparse(connection_str).scheme
return engines_kwargs.get(engine, lambda req: {})(request)
