def cinder_client(context, region_name=None):
if CONF.cinder_url:
url = '%(cinder_url)s%(tenant)s' % {
'cinder_url': normalize_url(CONF.cinder_url),
'tenant': context.project_id
}
else:
region = region_name or CONF.service_credentials.region_name
url = get_endpoint(context.service_catalog,
service_type=CONF.cinder_service_type,
endpoint_region=region,
endpoint_type=CONF.cinder_endpoint_type)
client = CinderClient.Client(context.user,
context.auth_token,
project_id=context.project_id,
auth_url=CONF.service_credentials.auth_url,
insecure=CONF.cinder_api_insecure)
client.client.auth_token = context.auth_token
client.client.management_url = url
return client
def volume_type(volume_type):
if not cache['volume_types']:
cinder = cinderclient.Client(
config.auth['username'],
config.auth['password'],
config.auth['default_tenant'],
config.auth['end_point'],
region=config.main['region'],
insecure=config.auth['insecure'])
for vtype in cinder.volume_types.list():
cache['volume_types'].append({'id': vtype.id,
'name': vtype.name})
for vtype in cache['volume_types']:
# check name first, as that will be more common
if vtype['name'] == volume_type:
return volume_type
elif vtype['id'] == volume_type:
return vtype['name']
return False
def main():
os_auth_url = get_environ('OS_AUTH_URL')
os_username = get_environ('OS_USERNAME')
os_password = get_environ('OS_PASSWORD')
os_tenant_name = get_environ('OS_TENANT_NAME')
os_region_name = get_environ('OS_REGION_NAME')
cinder = cinder_client.Client(os_username,
os_password,
os_tenant_name,
auth_url=os_auth_url,
region_name=os_region_name)
#for volume in cinder.volumes.list():
# volume_name = volume.name.rstrip() if volume.name else 'None'
# print "Volume: {} [{}] {}GB - {}".format(volume_name, volume.id, volume.size, volume.status.upper())
for snapshot in cinder.volume_snapshots.list():
snapshot_name = snapshot.name.rstrip() if snapshot.name else 'None'
print "Snapshot: {} [{}] (Volume: [{}]) {}GB - {}".format(
snapshot_name, snapshot.id, snapshot.volume_id, snapshot.size,
snapshot.status.upper())
def _get_cinderclient(self,
http_retries=10,
catalog_info=DEFAULT_CINDER_CATALOG_INFO,
allow_insecure=True):
service_type, service_name, endpoint_type = catalog_info.split(':')
c = cinder_client.Client(self.creds['username'],
self.creds['password'],
self.creds['tenant_name'],
auth_url=self.auth_url,
service_type=service_type,
service_name=service_name,
endpoint_type=endpoint_type,
insecure=allow_insecure,
retries=http_retries,
cacert=self.creds.get('cacert'))
# noauth extracts user_id:project_id from auth_token
c.client.auth_token = self.creds.get(
'auth_token',
'%s:%s' % (self.creds['username'], self.creds['password']))
c.client.management_url = self.auth_url
return c
def _get_cinder_client_from_creds():
api_version = ""
cloud_config = _get_cloud_config()
keystone_session = cloud_config.get_session_client("volumev2")
keystone_auth = cloud_config.get_auth()
region_name = cloud_config.get_region_name()
service_type = "volumev2"
endpoint_type = "publicURL"
endpoint = keystone_auth.get_endpoint(keystone_session,
service_type=service_type,
region_name=region_name)
kwargs = {
'session': keystone_session,
'auth': keystone_auth,
'service_type': service_type,
'endpoint_type': endpoint_type,
'region_name': region_name,
}
client = cinder_client.Client(api_version, endpoint, **kwargs)
return client
def get_volume(instance_id):
try:
try:
_client_class = nova_client.get_client_class(2)
nova = _client_class(
config.auth['username'],
config.auth['password'],
config.auth['default_tenant'],
config.auth['end_point'],
region_name=config.main['region'],
insecure=config.auth['insecure'])
except:
nova = nova_client.Client('2',
username=config.auth['username'],
api_key=config.auth['password'],
password=config.auth['password'],
project_id=config.auth['default_tenant'],
auth_url=config.auth['end_point'],
region_name=config.main['region'],
insecure=config.auth['insecure'])
instance = nova.servers.get(instance_id)
# Assume first volume is the root disk
volume_id = getattr(instance, 'os-extended-volumes:volumes_attached')[0]['id']
if not volume_id:
return None
cinder = cinderclient.Client(
config.auth['username'],
config.auth['password'],
config.auth['default_tenant'],
config.auth['end_point'],
region=config.main['region'],
insecure=config.auth['insecure'])
return cinder.volumes.get(volume_id)
except Exception:
return
def client_conn(type_):
if type_ == 'nova':
client = client_nova.Client(username=AUTH_USER,
insecure=True,
api_key=AUTH_PASSWORD,
project_id=AUTH_TENANT_NAME,
auth_url=AUTH_URL,
region_name=AUTH_REGION)
elif type_ == 'keystone':
client = client_keystone.Client(username=AUTH_USER,
insecure=True,
password=AUTH_PASSWORD,
tenant_name=AUTH_TENANT_NAME,
auth_url=AUTH_URL)
elif type_ == 'cinder':
client = client_cinder.Client(username=AUTH_USER,
insecure=True,
api_key=AUTH_PASSWORD,
project_id=AUTH_TENANT_NAME,
auth_url=AUTH_URL,
region_name=AUTH_REGION,
service_type='volume')
return client
def cinder(self):
try:
return cinder_client.Client(session=self.session.keystone_session)
except cinder_exceptions.ClientException as e:
logger.exception('Failed to create cinder client: %s', e)
raise OpenStackBackendError(e)
def get_cinder_client(**kwargs):
return cinderclient.Client()
def get_nova_credentials():
d = {}
d['username'] = os.environ['OS_USERNAME']
d['api_key'] = os.environ['OS_PASSWORD']
d['auth_url'] = os.environ['OS_AUTH_URL']
d['project_id'] = os.environ['OS_TENANT_NAME']
if 'OS_REGION_NAME' in os.environ:
d['region_name'] = os.environ['OS_REGION_NAME']
return d
credentials = get_credentials()
novacredentials = get_nova_credentials()
keystone = ksclient.Client(**credentials)
cinder = cinderclient.Client(**novacredentials)
neutron = neutronclient.Client(**credentials)
nova = novaclient.Client('2', **novacredentials)
glance_endpoint = keystone.service_catalog.url_for(service_type='image',
endpoint_type='publicURL')
glance = glanceclient.Client(glance_endpoint, token=keystone.auth_token)
heat_endpoint = keystone.service_catalog.url_for(service_type='orchestration',
endpoint_type='publicURL')
heat = heatclient.Client('1',
endpoint=heat_endpoint,
token=keystone.auth_token)
def get_tenantids():
def get_clients():
ks_version = int(env.get('OS_IDENTITY_API_VERSION', 2))
if ks_version == 2:
from keystoneclient.v2_0 import client as keystone_client
# Legacy v2 env vars:
# OS_USERNAME OS_PASSWORD OS_TENANT_NAME OS_AUTH_URL OS_REGION_NAME
ks_creds = get_creds_dict("username", "password", "tenant_name",
"auth_url", "region_name")
cacert = maybe_get_cacert()
if cacert:
ks_creds["cacert"] = cacert
nova_creds = [2] + get_creds_list("username", "password", "tenant_name",
"auth_url")
cinder_creds = get_creds_list("username", "password", "tenant_name",
"auth_url")
keystone = keystone_client.Client(**ks_creds)
nova = nova_client.Client(*nova_creds, cacert=cacert)
neutron = neutron_client.Client(**ks_creds)
cinder = cinder_client.Client(*cinder_creds, cacert=cacert)
elif ks_version == 3:
from keystoneauth1.identity import v3
from keystoneauth1 import session
from keystoneclient.v3 import client
# A little helper for the poor human trying to figure out which env vars
# are needed, it worked for me (jjo) having:
# OS_USERNAME OS_PASSWORD OS_USER_DOMAIN_NAME OS_AUTH_URL
# OS_PROJECT_DOMAIN_NAME OS_PROJECT_DOMAIN_ID OS_PROJECT_ID OS_DOMAIN_NAME
# Keystone needs domain creds for e.g. project list
# project and project_domain are needed for listing projects
ks_creds_domain = get_creds_dict(
"username", "password", "user_domain_name", "auth_url",
"project_domain_name", "project_name", "project_domain_id", "project_id")
# Need non-domain creds to get full catalog
ks_creds_admin = get_creds_dict(
"username", "password", "user_domain_name", "auth_url",
"project_domain_name", "project_name", "project_domain_id", "project_id")
auth_domain = v3.Password(**ks_creds_domain)
auth_admin = v3.Password(**ks_creds_admin)
# Need to pass in cacert separately
verify = maybe_get_cacert()
if verify is None:
verify = True
sess_domain = session.Session(auth=auth_domain, verify=verify)
sess_admin = session.Session(auth=auth_admin, verify=verify)
interface = env.get('OS_INTERFACE', 'admin')
# Keystone has not switched from interface to endpoint_type yet
## keystone = client.Client(session=sess_domain, interface=interface)
auth = v3.Password(user_domain_name="Default",
username="******",
password='******',
project_domain_name="Default",
project_name="admin",
auth_url="http://172.16.104.7:5000/v3")
sess = session.Session(auth=auth)
keystone = client.Client(session=sess, interface=interface)
nova = nova_client.Client(2, session=sess_admin, endpoint_type=interface)
neutron = neutron_client.Client(session=sess_admin, endpoint_type=interface)
cinder = cinder_client.Client(session=sess_admin, endpoint_type=interface)
else:
print("++++++++++++++++++++++++++++++++++++++++++else eerror")
raise(ValueError("Invalid OS_IDENTITY_API_VERSION=%s" % ks_version))
log.debug("Client setup done, keystone ver {}".format(ks_version))
return (keystone, nova, neutron, cinder)
def cinder_client(self) -> cinder_client.Client:
if not self._cinder_client:
self._cinder_client = cinder_client.Client(session=self._session)
return self._cinder_client
def __init__(self, region):
self.region = region
self.conn = openstack.connect(cloud=self.region)
self.conn_cinder = cinderclient.Client(session=self.conn.session)
self.darter_util = DarterUtil()
self.logger = logging.getLogger(__name__)
admin_user = os.environ.get('OS_USERNAME')
admin_pwd = os.environ.get('OS_PASSWORD')
admin_project = os.environ.get('OS_TENANT_NAME')
auth_url = os.environ.get('OS_AUTH_URL')
auth = v2.Password(auth_url=auth_url,
username=admin_user,
password=admin_pwd,
tenant_name=admin_project)
sess = session.Session(auth=auth)
keystone = client.Client(session=sess)
ks_projects = keystone.projects.list()
neutron = nclient.Client(session=sess)
nova = novaclient.Client(2, session=sess)
cinder = cinderclient.Client(session=sess)
with open(args.filename, "rb") as source:
READER = list(csv.DictReader(source))
MOC_STANDARDS = {
'subnet': 10,
'router': 10,
'port': 10,
'network': 5,
'floatingip': 2,
'security_group': -1,
'security_group_rule': -1,
'ram': 51200,
'gigabytes': 1000,
'snapshots': 10,
def get_cinder_client_from_creds():
auth_plugin, session = _get_cloud_config_auth_data()
return client.Client(session=session, auth=auth_plugin)
def test_authenticate_tenant_id(self):
cs = client.Client("username",
"password",
auth_url="http://*****:*****@mock.patch.object(requests, "request", mock_request)
def test_auth_call():
cs.client.authenticate()
headers = {
'User-Agent': cs.client.USER_AGENT,
'Content-Type': 'application/json',
'Accept': 'application/json',
}
body = {
'auth': {
'passwordCredentials': {
'username': cs.client.user,
'password': cs.client.password,
},
'tenantId': cs.client.tenant_id,
},
}
token_url = cs.client.auth_url + "/tokens"
mock_request.assert_called_with("POST",
token_url,
headers=headers,
data=json.dumps(body),
allow_redirects=True,
**self.TEST_REQUEST_BASE)
endpoints = resp["access"]["serviceCatalog"][0]['endpoints']
public_url = endpoints[0]["publicURL"].rstrip('/')
self.assertEqual(cs.client.management_url, public_url)
token_id = resp["access"]["token"]["id"]
self.assertEqual(cs.client.auth_token, token_id)
tenant_id = resp["access"]["token"]["tenant"]["id"]
self.assertEqual(cs.client.tenant_id, tenant_id)
test_auth_call()
import sys
import os
from cinderclient.v2 import client
from credentials import get_cinder_credentials
credentials = get_cinder_credentials()
try:
cinder_client = client.Client(*credentials, service_type="volume")
vol_list = cinder_client.volumes.list()
vol_name = sys.argv[1]
vol_type = sys.argv[2]
vol_size = sys.argv[3]
vol_exists = False
for v in vol_list:
if v == vol_name:
print "volume %s exists" % vol_name
vol_exists = True
if vol_exists == False:
volume = cinder_client.volumes.create(vol_size,
name=vol_name,
volume_type=vol_type)
print volume
finally:
print "Execution completed"
def capi(self):
if not self._capi:
self._capi = cinderclient.Client(session=self.session)
return self._capi
def volume(self):
if not self._volume:
self._volume = volume_client.Client(session=self._session())
return self._volume
def new_client(self):
return v2client.Client(username='******',
api_key='xx',
project_id='xx',
auth_url=self.identity_url)
nova_cl = nova_client.Client(auth_url=args.auth_url,
username=args.username,
api_key=args.password,
project_id=args.tenant_name,
version='2',
region_name=args.region_name)
neutron_cl = neutron_client.Client(auth_url=args.auth_url,
username=args.username,
password=args.password,
tenant_name=args.tenant_name,
region_name=args.region_name)
cinder_cl = cinder_client.Client(auth_url=args.auth_url,
username=args.username,
api_key=args.password,
project_id=args.tenant_name,
region_name=args.region_name)
# ================= Delete computation components =================
detach_volumes(nova_cl)
delete_servers(nova_cl)
delete_volumes(cinder_cl)
delete_bosh_images(nova_cl)
# ================= Delete network components =================
delete_network_components(neutron_cl)
def main():
"""Shows user info (servers, volumes, snapshots, routers, networks, ...).
List a lot of useful info about a user:
- all projects he's member of
- for each project/region
all servers, volumes, snapshots, routers, networks, floating ips, ...
"""
parser = argparse.ArgumentParser(
description="Show information (servers, volumes, networks, ...) for a user. Search in all projects he's member of, and optionally in all regions (-a).")
parser.add_argument('-a', '--all-regions', help='query all regions', action='store_true')
parser.add_argument('USERNAME', help="username to search")
parser.add_argument('-v', '--verbose', help='verbose', action='store_true')
if len(sys.argv) < 2:
parser.print_help()
sys.exit(1)
args = parser.parse_args()
# get OS_* environment variables
os_auth_url = get_environ('OS_AUTH_URL', args.verbose)
os_username = get_environ('OS_USERNAME', args.verbose)
os_password = get_environ('OS_PASSWORD', args.verbose)
os_tenant_name = get_environ('OS_TENANT_NAME', args.verbose)
os_region_name = get_environ('OS_REGION_NAME', args.verbose)
# keystone_V3 client requires a /v3 auth url
if '/v2.0' in os_auth_url:
os_auth_url_v3 = os_auth_url.replace('/v2.0', '/v3')
if args.verbose:
print "os_auth_url_v3:", os_auth_url_v3
keystone = keystone_v3.Client(username=os_username,
password=os_password,
project_name=os_tenant_name,
auth_url=os_auth_url_v3)
# all regions available
all_regions = []
for region in keystone.regions.list():
all_regions.append(region.id)
# regions to use
region_names = [os_region_name]
if args.all_regions:
if os_region_name in all_regions:
region_names = all_regions
# Openstack clients per region
nova_regions = {}
cinder_regions = {}
neutron_regions = {}
for region_name in region_names:
_nova = nova_client.Client(2,
os_username,
os_password,
os_tenant_name,
auth_url=os_auth_url,
region_name=region_name)
nova_regions[region_name] = _nova
_cinder = cinder_client.Client(os_username,
os_password,
os_tenant_name,
auth_url=os_auth_url,
region_name=region_name)
cinder_regions[region_name] = _cinder
_neutron = neutron_client.Client(username=os_username,
password=os_password,
tenant_name=os_tenant_name,
auth_url=os_auth_url,
region_name=region_name)
neutron_regions[region_name] = _neutron
try:
username = args.USERNAME
user = keystone.users.find(name=username)
user_projects = keystone.projects.list(user=user)
print "User: {} [{}]: {} projects".format(user.name,
user.id,
len(user_projects))
for project in user_projects:
print " Project: {} [{}] - {}".format(project.name,
project.id,
project.description)
servers_search_opts = {'all_tenants': True, 'tenant_id': project.id}
volumes_search_opts = {'all_tenants': True, 'project_id': project.id}
neutron_search_opts = {'all_tenants': True, 'tenant_id': project.id}
for region in region_names:
# get clients for region
nova = nova_regions[region]
cinder = cinder_regions[region]
neutron = neutron_regions[region]
# servers
project_servers = nova.servers.list(search_opts=servers_search_opts)
servers = {}
for server in project_servers:
servers[server.id] = server
# volumes
project_volumes = cinder.volumes.list(search_opts=volumes_search_opts)
volumes = {}
for volume in project_volumes:
volumes[volume.id] = volume
# volume snapshots
project_volume_snapshots = cinder.volume_snapshots.list(search_opts=volumes_search_opts)
volume_snapshots = {}
for volume_snapshot in project_volume_snapshots:
volume_snapshots[volume_snapshot.id] = volume_snapshot
# floating IPs
resp = neutron.list_floatingips(**neutron_search_opts)
floatingips = {}
for floatingip in resp['floatingips']:
floatingips[floatingip['id']] = floatingip
resp = neutron.list_networks(**neutron_search_opts)
networks = {}
for network in resp['networks']:
networks[network['id']] = network
resp = neutron.list_routers(**neutron_search_opts)
routers = {}
for router in resp['routers']:
routers[router['id']] = router
#
# show info
#
if servers or volumes or volume_snapshots or floatingips or networks or routers:
print " Region:", region
if servers:
print " Servers:"
for id, server in servers.items():
print " Server: {} [{}] - {}".format(server.name, server.id, server.status)
volumes_attached = getattr(server,'os-extended-volumes:volumes_attached')
for volume_attached in volumes_attached:
volume_id = volume_attached['id']
if volume_id in volumes:
volume = volumes[volume_id]
volume_name = volume.name.rstrip() if volume.name else 'None'
for attachment in volume.attachments:
attached_server_id = attachment['server_id']
attached_device = attachment['device']
if attached_server_id == server.id:
print " Volume: {}: {} [{}] {}GB - {}".format(attached_device, volume_name, volume.id, volume.size, volume.status.upper())
# remove volume from list
volumes.pop(volume_id)
else:
print " ERROR: Volume {} [{}] not attached to Server {} [{}]".format(volume_name, volume.id, server.name, server.id)
if volumes:
print " Other Volumes:"
for id, volume in volumes.items():
volume_name = volume.name.rstrip() if volume.name else 'None'
print " Volume: {} [{}] {}GB - {}".format(volume_name, volume.id, volume.size, volume.status.upper())
for attachment in volume.attachments:
attached_server_id = attachment['server_id']
if attached_server_id in servers:
server_attached = servers[attached_server_id]
print " Attached to: {} [{}]:{}".format(server_attached.name, server_attached.id, attachment['device'])
else:
print " ERROR: attached to unknown Server [{}]:{}".format(attached_server_id, attachment['device'])
if volume_snapshots:
print " Volume Snapshots:"
for id, v_snapshot in volume_snapshots.items():
v_snapshot_name = v_snapshot.name.rstrip() if v_snapshot.name else 'None'
print " Snapshot: {} [{}] (Volume: [{}]) {}GB - {}".format(v_snapshot_name, v_snapshot.id, v_snapshot.volume_id, v_snapshot.size, v_snapshot.status.upper())
if floatingips:
print " Floating IPs:"
for id, floatingip in floatingips.items():
print " IP: {} [{}] - {}".format(floatingip['floating_ip_address'], floatingip['id'], floatingip['status'])
if routers:
print " Routers:"
for id, router in routers.items():
print " Router: {} [{}] - {}".format(router['name'], router['id'], router['status'])
resp = neutron.list_ports(device_id=id)
ifaces = resp['ports']
for iface in ifaces:
device_owner = iface['device_owner']
iface_info = ["Subnet: %s IP: %s" % (i['subnet_id'],i['ip_address']) for i in iface['fixed_ips']]
if device_owner == 'network:router_gateway':
resp = neutron.show_network(iface['network_id'])
iface_net = resp['network']
print " Interface: {} (Gateway External Network: {} [{}])".format(iface['id'], iface_net['name'], iface_net['id'])
elif device_owner == 'network:router_interface':
print " Interface: {} ({})".format(iface['id'], ",".join(iface_info))
else:
print " Interface: {} ({}) ({})".format(iface['id'], device_owner, ",".join(iface_info))
if networks:
print " Networks:"
for id, network in networks.items():
print " Network: {} [{}] - {}".format(network['name'], network['id'], network['status'])
for subnet_id in network['subnets']:
resp = neutron.show_subnet(subnet_id)
subnet = resp['subnet']
subnet_ipranges = ["IPRange: %s-%s" % (i['start'],i['end']) for i in subnet['allocation_pools']]
print " Subnet: {} [{}] (CIDR: {})".format(subnet['name'], subnet['id'], subnet['cidr'])
resp = neutron.list_ports(network_id=id)
ports = resp['ports']
for port in ports:
device_id = port['device_id']
device_owner = port['device_owner']
if device_id in servers:
server = servers[device_id]
print " Port: {} (Server: {} [{}])".format(port['id'], server.name, server.id, port['status'])
elif device_id in routers:
router = routers[device_id]
print " Port: {} (Router: {} [{}])".format(port['id'], router['name'], router['id'], port['status'])
elif device_owner == 'network:dhcp':
print " Port: {} (DHCP)".format(port['id'])
else:
print " Port: {} ({} [])".format(port['id'], device_owner, device_id, port['status'])
except keystoneclient.exceptions.NotFound as e:
print "ERROR: Username", username, "not found:", e.message
sys.exit(1)
except novaclient.exceptions.NotFound as e:
print "ERROR: not found:", e.message
sys.exit(1)
except Exception as e:
print "ERROR:", e.message
sys.exit(1)
def __init__(self, session, nova_version):
self.nova = novaclient.Client(nova_version, session=session)
self.neutron = neutronclient.Client(session=session)
self.cinder = cinderclient.Client(session=session)
def get_client(service):
"""Return a client object and authorization token.
:rtype: dict
"""
from goldstone.neutron.utils import get_neutron_client
# Error message template.
NO_AUTH = "%s client failed to authorize. Check credentials in" \
" goldstone settings."
try:
cloud = get_cloud()
os_username = cloud.username
os_password = cloud.password
os_tenant_name = cloud.tenant_name
os_auth_url = cloud.auth_url
if service == 'keystone':
client = ksclient.Client(
username=os_username,
password=os_password,
tenant_name=os_tenant_name,
auth_url=_v3_auth_url(os_auth_url))
if client.auth_token is None:
raise GoldstoneAuthError("Keystone client call succeeded, but "
"auth token was not returned. Check "
"credentials in goldstone settings.")
else:
return {'client': client, 'hex_token': client.auth_token}
elif service == 'nova':
client = nvclient.Client(
os_username,
os_password,
os_tenant_name,
_v2_auth_url(os_auth_url))
client.authenticate()
return {'client': client, 'hex_token': client.client.auth_token}
elif service == 'cinder':
cinderclient.v2.services.Service.__repr__ = \
_patched_cinder_service_repr
client = ciclient.Client(os_username,
os_password,
os_tenant_name,
_v2_auth_url(os_auth_url))
region = _get_region_for_cinder_client(client)
return {'client': client, 'region': region}
elif service == 'neutron':
client = get_neutron_client(os_username,
os_password,
os_tenant_name,
_v3_auth_url(os_auth_url))
return {'client': client}
elif service == 'glance':
keystoneclient = get_client("keystone")['client']
# This had used a "name='glance'" qualifier, but the V3 find method
# raised a NoUniqueMatch exception. Keystone no longer accepts
# 'name' as a qualifier, so use 'type'.
service_id = keystoneclient.services.find(type="image").id
mgmt_url = \
keystoneclient.endpoints.find(service_id=service_id,
interface="admin").url
region = get_region_for_glance_client(keystoneclient)
client = glclient.Client(endpoint=mgmt_url,
token=keystoneclient.auth_token)
return {'client': client, 'region': region}
else:
raise GoldstoneAuthError("Unknown service")
except (KeystoneUnauthorized, NovaUnauthorized, CinderUnauthorized,
NeutronUnauthorized):
raise GoldstoneAuthError(NO_AUTH % service.capitalize())
def test_auth_redirect(self):
cs = client.Client("username",
"password",
"project_id",
"http://*****:*****@mock.patch.object(requests, "request", mock_request)
def test_auth_call():
cs.client.authenticate()
headers = {
'User-Agent': cs.client.USER_AGENT,
'Content-Type': 'application/json',
'Accept': 'application/json',
}
body = {
'auth': {
'passwordCredentials': {
'username': cs.client.user,
'password': cs.client.password,
},
'tenantName': cs.client.projectid,
},
}
token_url = cs.client.auth_url + "/tokens"
mock_request.assert_called_with("POST",
token_url,
headers=headers,
data=json.dumps(body),
allow_redirects=True,
**self.TEST_REQUEST_BASE)
resp = dict_correct_response
endpoints = resp["access"]["serviceCatalog"][0]['endpoints']
public_url = endpoints[0]["publicURL"].rstrip('/')
self.assertEqual(cs.client.management_url, public_url)
token_id = resp["access"]["token"]["id"]
self.assertEqual(cs.client.auth_token, token_id)
test_auth_call()
import novaclient.v1_1.client as nvclient
import cinderclient.v2.client as cinderclient
import neutronclient.neutron.client as neutronclient
cinder = cinderclient.Client('demo', 'demo', 'istl',
'http://192.168.5.71:5000/v2.0')
#neutron = neutronclient.Client('demo','demo','istl','http://192.168.5.71:5000/v2.0')
nova = nvclient.Client('demo', 'demo', 'istl', 'http://192.168.5.71:5000/v2.0')
def setUp(self):
super(ClientTestBase, self).setUp()
test_timeout = os.environ.get('OS_TEST_TIMEOUT', 0)
try:
test_timeout = int(test_timeout)
except ValueError:
test_timeout = 0
if test_timeout > 0:
self.useFixture(fixtures.Timeout(test_timeout, gentle=True))
if (os.environ.get('OS_STDOUT_CAPTURE') == 'True'
or os.environ.get('OS_STDOUT_CAPTURE') == '1'):
stdout = self.useFixture(fixtures.StringStream('stdout')).stream
self.useFixture(fixtures.MonkeyPatch('sys.stdout', stdout))
if (os.environ.get('OS_STDERR_CAPTURE') == 'True'
or os.environ.get('OS_STDERR_CAPTURE') == '1'):
stderr = self.useFixture(fixtures.StringStream('stderr')).stream
self.useFixture(fixtures.MonkeyPatch('sys.stderr', stderr))
if (os.environ.get('OS_LOG_CAPTURE') != 'False'
and os.environ.get('OS_LOG_CAPTURE') != '0'):
self.useFixture(
fixtures.LoggerFixture(nuke_handlers=False,
format=self.log_format,
level=None))
# Collecting of credentials:
#
# Grab the cloud config from a user's clouds.yaml file.
# First look for a functional_admin cloud, as this is a cloud
# that the user may have defined for functional testing that has
# admin credentials.
# If that is not found, get the devstack config and override the
# username and project_name to be admin so that admin credentials
# will be used.
#
# Finally, fall back to looking for environment variables to support
# existing users running these the old way. We should deprecate that
# as tox 2.0 blanks out environment.
#
# TODO(sdague): while we collect this information in
# tempest-lib, we do it in a way that's not available for top
# level tests. Long term this probably needs to be in the base
# class.
openstack_config = os_client_config.config.OpenStackConfig()
try:
cloud_config = openstack_config.get_one_cloud('functional_admin')
except os_client_config.exceptions.OpenStackConfigException:
try:
cloud_config = openstack_config.get_one_cloud(
'devstack',
auth=dict(username='******', project_name='admin'))
except os_client_config.exceptions.OpenStackConfigException:
try:
cloud_config = openstack_config.get_one_cloud('envvars')
except os_client_config.exceptions.OpenStackConfigException:
cloud_config = None
if cloud_config is None:
raise NoCloudConfigException(
"Could not find a cloud named functional_admin or a cloud"
" named devstack. Please check your clouds.yaml file and"
" try again.")
auth_info = cloud_config.config['auth']
user = auth_info['username']
passwd = auth_info['password']
self.project_name = auth_info['project_name']
auth_url = auth_info['auth_url']
user_domain_id = auth_info['user_domain_id']
self.project_domain_id = auth_info['project_domain_id']
if 'insecure' in cloud_config.config:
self.insecure = cloud_config.config['insecure']
else:
self.insecure = False
auth = identity.Password(username=user,
password=passwd,
project_name=self.project_name,
auth_url=auth_url,
project_domain_id=self.project_domain_id,
user_domain_id=user_domain_id)
session = ksession.Session(auth=auth, verify=(not self.insecure))
self.client = self._get_novaclient(session)
self.glance = glanceclient.Client('2', session=session)
# pick some reasonable flavor / image combo
if "flavor" not in CACHE:
CACHE["flavor"] = pick_flavor(self.client.flavors.list())
if "image" not in CACHE:
CACHE["image"] = pick_image(self.glance.images.list())
self.flavor = CACHE["flavor"]
self.image = CACHE["image"]
if "network" not in CACHE:
# Get the networks from neutron.
neutron = neutronclient.Client(session=session)
neutron_networks = neutron.list_networks()['networks']
# Convert the neutron dicts to Network objects.
nets = []
for network in neutron_networks:
nets.append(networks.Network(networks.NeutronManager, network))
# Keep track of whether or not there are multiple networks
# available to the given tenant because if so, a specific
# network ID has to be passed in on server create requests
# otherwise the server POST will fail with a 409.
CACHE['multiple_networks'] = len(nets) > 1
CACHE["network"] = pick_network(nets)
self.network = CACHE["network"]
self.multiple_networks = CACHE['multiple_networks']
# create a CLI client in case we'd like to do CLI
# testing. tempest.lib does this really weird thing where it
# builds a giant factory of all the CLIs that it knows
# about. Eventually that should really be unwound into
# something more sensible.
cli_dir = os.environ.get(
'OS_NOVACLIENT_EXEC_DIR',
os.path.join(os.path.abspath('.'), '.tox/functional/bin'))
self.cli_clients = tempest.lib.cli.base.CLIClient(
username=user,
password=passwd,
tenant_name=self.project_name,
uri=auth_url,
cli_dir=cli_dir,
insecure=self.insecure)
self.keystone = keystoneclient.Client(session=session,
username=user,
password=passwd)
self.cinder = cinderclient.Client(auth=auth, session=session)
def setUp(self):
super(ClientTestBase, self).setUp()
test_timeout = os.environ.get('OS_TEST_TIMEOUT', 0)
try:
test_timeout = int(test_timeout)
except ValueError:
test_timeout = 0
if test_timeout > 0:
self.useFixture(fixtures.Timeout(test_timeout, gentle=True))
if (os.environ.get('OS_STDOUT_CAPTURE') == 'True'
or os.environ.get('OS_STDOUT_CAPTURE') == '1'):
stdout = self.useFixture(fixtures.StringStream('stdout')).stream
self.useFixture(fixtures.MonkeyPatch('sys.stdout', stdout))
if (os.environ.get('OS_STDERR_CAPTURE') == 'True'
or os.environ.get('OS_STDERR_CAPTURE') == '1'):
stderr = self.useFixture(fixtures.StringStream('stderr')).stream
self.useFixture(fixtures.MonkeyPatch('sys.stderr', stderr))
if (os.environ.get('OS_LOG_CAPTURE') != 'False'
and os.environ.get('OS_LOG_CAPTURE') != '0'):
self.useFixture(
fixtures.LoggerFixture(nuke_handlers=False,
format=self.log_format,
level=None))
# Collecting of credentials:
#
# Grab the cloud config from a user's clouds.yaml file.
# First look for a functional_admin cloud, as this is a cloud
# that the user may have defined for functional testing that has
# admin credentials.
# If that is not found, get the devstack config and override the
# username and project_name to be admin so that admin credentials
# will be used.
#
# Finally, fall back to looking for environment variables to support
# existing users running these the old way. We should deprecate that
# as tox 2.0 blanks out environment.
#
# TODO(sdague): while we collect this information in
# tempest-lib, we do it in a way that's not available for top
# level tests. Long term this probably needs to be in the base
# class.
openstack_config = os_client_config.config.OpenStackConfig()
try:
cloud_config = openstack_config.get_one_cloud('functional_admin')
except os_client_config.exceptions.OpenStackConfigException:
try:
cloud_config = openstack_config.get_one_cloud(
'devstack',
auth=dict(username='******', project_name='admin'))
except os_client_config.exceptions.OpenStackConfigException:
try:
cloud_config = openstack_config.get_one_cloud('envvars')
except os_client_config.exceptions.OpenStackConfigException:
cloud_config = None
if cloud_config is None:
raise NoCloudConfigException(
"Could not find a cloud named functional_admin or a cloud"
" named devstack. Please check your clouds.yaml file and"
" try again.")
auth_info = cloud_config.config['auth']
user = auth_info['username']
passwd = auth_info['password']
tenant = auth_info['project_name']
auth_url = auth_info['auth_url']
self.project_domain_id = auth_info['project_domain_id']
if 'insecure' in cloud_config.config:
self.insecure = cloud_config.config['insecure']
else:
self.insecure = False
if self.COMPUTE_API_VERSION == "2.latest":
version = novaclient.API_MAX_VERSION.get_string()
else:
version = self.COMPUTE_API_VERSION or "2"
loader = loading.get_plugin_loader("password")
auth = loader.load_from_options(username=user,
password=passwd,
project_name=tenant,
auth_url=auth_url)
session = ksession.Session(auth=auth, verify=(not self.insecure))
self.client = novaclient.client.Client(version, session=session)
# pick some reasonable flavor / image combo
self.flavor = pick_flavor(self.client.flavors.list())
self.image = pick_image(self.client.images.list())
self.network = pick_network(self.client.networks.list())
# create a CLI client in case we'd like to do CLI
# testing. tempest.lib does this really weird thing where it
# builds a giant factory of all the CLIs that it knows
# about. Eventually that should really be unwound into
# something more sensible.
cli_dir = os.environ.get(
'OS_NOVACLIENT_EXEC_DIR',
os.path.join(os.path.abspath('.'), '.tox/functional/bin'))
self.cli_clients = tempest.lib.cli.base.CLIClient(
username=user,
password=passwd,
tenant_name=tenant,
uri=auth_url,
cli_dir=cli_dir,
insecure=self.insecure)
self.keystone = keystoneclient.Client(session=session,
username=user,
password=passwd)
self.cinder = cinderclient.Client(auth=auth, session=session)
def capi(self):
if not self._capi:
self._capi = cinderclient.Client(session=self.session,
service_type="volume")
return self._capi
def factory_fn(token, endpoint):
client = cinder.Client(insecure=credential.https_insecure,
cacert=credential.https_cacert)
client.client.management_url = endpoint
client.client.auth_token = token
return client