def _nova_client(self, token=None):
auth = ks_auth.load_from_conf_options(cfg.CONF,
TACKER_NOVA_CONF_SECTION)
endpoint_override = None
if not auth:
LOG.warning(_LW('Authenticating to nova using nova_admin_* options'
' is deprecated. This should be done using'
' an auth plugin, like password'))
if cfg.CONF.nova_admin_tenant_id:
endpoint_override = "%s/%s" % (cfg.CONF.nova_url,
cfg.CONF.nova_admin_tenant_id)
auth = DefaultAuthPlugin(
auth_url=cfg.CONF.nova_admin_auth_url,
username=cfg.CONF.nova_admin_username,
password=cfg.CONF.nova_admin_password,
tenant_id=cfg.CONF.nova_admin_tenant_id,
tenant_name=cfg.CONF.nova_admin_tenant_name,
endpoint_override=endpoint_override)
session = ks_session.Session.load_from_conf_options(
cfg.CONF, TACKER_NOVA_CONF_SECTION, auth=auth)
novaclient_cls = self._novaclient.get_client_class(NOVA_API_VERSION)
return novaclient_cls(session=session,
region_name=cfg.CONF.tacker_nova.region_name)
def _nova_client(self, token=None):
auth = ks_auth.load_from_conf_options(cfg.CONF,
TACKER_NOVA_CONF_SECTION)
endpoint_override = None
if not auth:
LOG.warning(
_LW('Authenticating to nova using nova_admin_* options'
' is deprecated. This should be done using'
' an auth plugin, like password'))
if cfg.CONF.nova_admin_tenant_id:
endpoint_override = "%s/%s" % (cfg.CONF.nova_url,
cfg.CONF.nova_admin_tenant_id)
auth = DefaultAuthPlugin(
auth_url=cfg.CONF.nova_admin_auth_url,
username=cfg.CONF.nova_admin_username,
password=cfg.CONF.nova_admin_password,
tenant_id=cfg.CONF.nova_admin_tenant_id,
tenant_name=cfg.CONF.nova_admin_tenant_name,
endpoint_override=endpoint_override)
session = ks_session.Session.load_from_conf_options(
cfg.CONF, TACKER_NOVA_CONF_SECTION, auth=auth)
novaclient_cls = self._novaclient.get_client_class(NOVA_API_VERSION)
return novaclient_cls(session=session,
region_name=cfg.CONF.tacker_nova.region_name)
def vim_status(self, auth_url):
"""Checks the VIM health status"""
vim_ip = auth_url.split("//")[-1].split(":")[0].split("/")[0]
ping_cmd = ['ping',
'-c', cfg.CONF.vim_monitor.count,
'-W', cfg.CONF.vim_monitor.timeout,
'-i', cfg.CONF.vim_monitor.interval,
vim_ip]
try:
linux_utils.execute(ping_cmd, check_exit_code=True)
return True
except RuntimeError:
LOG.warning(_LW("Cannot ping ip address: %s"), vim_ip)
return False
def vim_status(self, auth_url):
"""Checks the VIM health status"""
vim_ip = auth_url.split("//")[-1].split(":")[0].split("/")[0]
ping_cmd = ['ping',
'-c', cfg.CONF.vim_monitor.count,
'-W', cfg.CONF.vim_monitor.timeout,
'-i', cfg.CONF.vim_monitor.interval,
vim_ip]
try:
linux_utils.execute(ping_cmd, check_exit_code=True)
return True
except RuntimeError:
LOG.warning(_LW("Cannot ping ip address: %s"), vim_ip)
return False
def _is_pingable(self, mgmt_ip='', retry=5, timeout=5, port=80, **kwargs):
"""Checks whether the server is reachable by using urllib.
Waits for connectivity for `timeout` seconds,
and if connection refused, it will retry `retry`
times.
:param mgmt_ip: IP to check
:param retry: times to reconnect if connection refused
:param timeout: seconds to wait for connection
:param port: port number to check connectivity
:return: bool - True or False depending on pingability.
"""
url = 'http://' + mgmt_ip + ':' + str(port)
for retry_index in range(int(retry)):
try:
urlreq.urlopen(url, timeout=timeout)
return True
except urlerr.URLError:
LOG.warning(_LW('Unable to reach to the url %s'), url)
return 'failure'
def _is_pingable(self, mgmt_ip='', retry=5, timeout=5, port=80, **kwargs):
"""Checks whether the server is reachable by using urllib.
Waits for connectivity for `timeout` seconds,
and if connection refused, it will retry `retry`
times.
:param mgmt_ip: IP to check
:param retry: times to reconnect if connection refused
:param timeout: seconds to wait for connection
:param port: port number to check connectivity
:return: bool - True or False depending on pingability.
"""
url = 'http://' + mgmt_ip + ':' + str(port)
for retry_index in range(int(retry)):
try:
urlreq.urlopen(url, timeout=timeout)
return True
except urlerr.URLError:
LOG.warning(_LW('Unable to reach to the url %s'), url)
return 'failure'
def _is_pingable(self, mgmt_ip="", count=5, timeout=1, interval='0.2',
**kwargs):
"""Checks whether an IP address is reachable by pinging.
Use linux utils to execute the ping (ICMP ECHO) command.
Sends 5 packets with an interval of 0.2 seconds and timeout of 1
seconds. Runtime error implies unreachability else IP is pingable.
:param ip: IP to check
:return: bool - True or string 'failure' depending on pingability.
"""
ping_cmd = ['ping',
'-c', count,
'-W', timeout,
'-i', interval,
mgmt_ip]
try:
linux_utils.execute(ping_cmd, check_exit_code=True)
return True
except RuntimeError:
LOG.warning(_LW("Cannot ping ip address: %s"), mgmt_ip)
return 'failure'
def _build_subattr_match_rule(attr_name, attr, action, target):
"""Create the rule to match for sub-attribute policy checks."""
# TODO(salv-orlando): Instead of relying on validator info, introduce
# typing for API attributes
# Expect a dict as type descriptor
validate = attr['validate']
key = list(filter(lambda k: k.startswith('type:dict'), validate.keys()))
if not key:
LOG.warning(_LW("Unable to find data type descriptor "
"for attribute %s"),
attr_name)
return
data = validate[key[0]]
if not isinstance(data, dict):
LOG.debug("Attribute type descriptor is not a dict. Unable to "
"generate any sub-attr policy rule for %s.",
attr_name)
return
sub_attr_rules = [policy.RuleCheck('rule', '%s:%s:%s' %
(action, attr_name,
sub_attr_name)) for
sub_attr_name in data if sub_attr_name in
target[attr_name]]
return policy.AndCheck(sub_attr_rules)
def _is_pingable(self,
mgmt_ip="",
count=5,
timeout=1,
interval='0.2',
**kwargs):
"""Checks whether an IP address is reachable by pinging.
Use linux utils to execute the ping (ICMP ECHO) command.
Sends 5 packets with an interval of 0.2 seconds and timeout of 1
seconds. Runtime error implies unreachability else IP is pingable.
:param ip: IP to check
:return: bool - True or string 'failure' depending on pingability.
"""
ping_cmd = [
'ping', '-c', count, '-W', timeout, '-i', interval, mgmt_ip
]
try:
linux_utils.execute(ping_cmd, check_exit_code=True)
return True
except RuntimeError:
LOG.warning(_LW("Cannot ping ip address: %s"), mgmt_ip)
return 'failure'
def _build_subattr_match_rule(attr_name, attr, action, target):
"""Create the rule to match for sub-attribute policy checks."""
# TODO(salv-orlando): Instead of relying on validator info, introduce
# typing for API attributes
# Expect a dict as type descriptor
validate = attr['validate']
key = list(filter(lambda k: k.startswith('type:dict'), validate.keys()))
if not key:
LOG.warning(
_LW("Unable to find data type descriptor "
"for attribute %s"), attr_name)
return
data = validate[key[0]]
if not isinstance(data, dict):
LOG.debug(
"Attribute type descriptor is not a dict. Unable to "
"generate any sub-attr policy rule for %s.", attr_name)
return
sub_attr_rules = [
policy.RuleCheck('rule',
'%s:%s:%s' % (action, attr_name, sub_attr_name))
for sub_attr_name in data if sub_attr_name in target[attr_name]
]
return policy.AndCheck(sub_attr_rules)
