def probe(self):
try:
keystone = ksclient.Client(
username=self.openstack['username'],
password=self.openstack['password'],
tenant_name=self.openstack['tenant_name'],
auth_url=self.openstack['auth_url'],
insecure=self.openstack['insecure'])
except Exception as e:
self.exit_error('cannot get token ' + str(e))
try:
neutron = client.Client(
'2.0',
endpoint_url=keystone.service_catalog.url_for(
endpoint_type='public', service_type='network'),
token=keystone.auth_token,
insecure=self.openstack['insecure'])
except Exception as e:
self.exit_error('cannot load ' + str(e))
try:
result = neutron.list_floatingips()
except Exception as e:
self.exit_error(str(e))
stati = dict(assigned=0, used=0)
for floatingip in result['floatingips']:
stati['assigned'] += 1
if floatingip['fixed_ip_address']:
stati['used'] += 1
for r in stati.keys():
yield osnag.Metric(r, stati[r], min=0)
def _cleanup_network_resources(session):
neutron = neutron_client.Client("2.0", session=session)
LOG.debug("Cleaning up floatingips")
for fip in neutron.list_floatingips()["floatingips"]:
LOG.debug("Removing floatingip %s", fip["id"])
neutron.delete_floatingip(fip["id"])
LOG.debug("Cleaning up routers")
for router in neutron.list_routers()["routers"]:
LOG.debug("Removing router %s", router["id"])
neutron.remove_gateway_router(router["id"])
for port in neutron.list_ports(device_id=router["id"])["ports"]:
neutron.remove_interface_router(router["id"],
{"port_id": port["id"]})
neutron.delete_router(router["id"])
LOG.debug("Cleaning up ports")
for port in neutron.list_ports()["ports"]:
LOG.debug("Removing port %s", port["id"])
neutron.delete_port(port["id"])
LOG.info('Cleaning up networks')
for network in neutron.list_networks()['networks']:
LOG.info('Removing network %s (%s)', network['name'], network['id'])
neutron.delete_network(network['id'])
network_list = _wait_until_empty(10, 'networks', neutron.list_networks)
if network_list:
raise RuntimeError('Some networks were not removed: %s' % ', '.join([
'%s (%s)' % (network['name'], network['id'])
for network in network_list['networks']
]))
def __init__(
self,
auth_url,
username,
password,
project_name,
project_domain_id,
user_domain_id,
region_name,
ssl_verify,
http_timeout
):
self._auth_url = auth_url
self._username = username
self._password = password
self._project_name = project_name
self._project_domain_id = project_domain_id
self._user_domain_id = user_domain_id
self._region_name = region_name
self._ssl_verify = ssl_verify
self.auth = identity.Password(
auth_url=self._auth_url,
username=self._username,
password=self._password,
project_name=self._project_name,
project_domain_id=self._project_domain_id,
user_domain_id=self._user_domain_id
)
self.sess = session.Session(auth=self.auth, verify=self._ssl_verify, timeout=http_timeout)
self.neutron = client.Client(
DEFAULT_NEUTRON_CLIENT_VERSION,
session=self.sess,
region_name=self._region_name
)
def run(args):
try:
ca = os.environ['OS_CACERT']
except KeyError:
ca = None
# instantiate client
qclient = client.Client('2.0',
auth_url=os.environ['OS_AUTH_URL'],
username=os.environ['OS_USERNAME'],
tenant_name=os.environ['OS_TENANT_NAME'],
password=os.environ['OS_PASSWORD'],
endpoint_type='internalURL',
insecure=args.insecure,
ca_cert=ca)
# set json return type
qclient.format = 'json'
if args.l3_agent_check:
LOG.info("Performing L3 Agent Health Check")
l3_agent_check(qclient)
if args.l3_agent_migrate:
LOG.info("Performing L3 Agent Migration for Offline L3 Agents")
l3_agent_migrate(qclient, args.noop, args.now)
if args.l3_agent_rebalance:
LOG.info("Rebalancing L3 Agent Router Count")
l3_agent_rebalance(qclient, args.noop)
if args.replicate_dhcp:
LOG.info("Performing DHCP Replication of Networks to Agents")
replicate_dhcp(qclient, args.noop)
def check_extra_ports(session, network, total):
nclient = neutron.Client("2",
session=session,
region_name=os.environ["OS_REGION_NAME"])
ports = nclient.list_ports()["ports"]
logger.debug("Found %s ports" % ports)
port_name = PORT_NAME
ports_with_name = list(filter(lambda p: p["name"] == port_name, ports))
logger.info("[neutron]: Reusing %s ports" % len(ports_with_name))
# create missing ports
for _ in range(0, total - len(ports_with_name)):
port = {
"admin_state_up": True,
"name": PORT_NAME,
"network_id": network["id"]
}
# Checking port with PORT_NAME
nclient.create_port({"port": port})
ports = nclient.list_ports()["ports"]
ports_with_name = list(filter(lambda p: p["name"] == port_name, ports))
ip_addresses = []
for port in ports_with_name:
ip_addresses.append(port["fixed_ips"][0]["ip_address"])
logger.info("[neutron]: Returning %s free ip addresses" % ip_addresses)
return ip_addresses
def main():
ds = datastore.Datastore()
cuuid, oscfg = fetch_oscfg(ds)
if not oscfg:
log.error("OpenStack Configuration not found!")
sys.exit(1)
(kip, kport, auth_url) = osutils.ks_ip_port(oscfg.keystone_host,
auth_url=oscfg.auth_url)
ksc, err = os_try_access(oscfg.username, oscfg.password,
oscfg.admin_tenant, oscfg.keystone_host,
const.REQUEST_TIMEOUT, oscfg.region,
auth_url=auth_url, log=log)
if not ksc:
log.error("Cloudn't establish connection to OpenStack, error: "
"%s", err)
sys.exit(1)
eptype = 'internal' if oscfg.use_internal_endpoints else 'public'
ckwopts = {'connect_retries': const.CONNECT_RETRIES,
'region_name': oscfg.region, 'interface': eptype}
neuc = nnclient.Client('2', session=ksc.session,
retries=const.API_RETRIES, **ckwopts)
# Get all SEs from DB
# For each SE, get all ports using device_id field,
# and update the AAP entry if it has it.
ses = ds.get_all('serviceengine')
for se in ses:
secfg = se['config']
if secfg.cloud_uuid != cuuid:
continue
devid = secfg.uuid.split('se-')[1]
log.info("Updating ports for se %s, %s", secfg.name, devid)
data = neuc.list_ports(device_id=devid)
ports = data.get('ports', [])
for port in ports:
aaps = port.get('allowed_address_pairs', [])
if not aaps:
continue
new_aaps = []
for aap in aaps:
tokens = aap['ip_address'].split('/')
if len(tokens) < 2:
continue
ip = tokens[0] + '/%s' % '32'
naap = {'ip_address': ip}
if aap.get('mac_address', None):
naap['mac_address'] = aap['mac_address']
new_aaps.append(naap)
if new_aaps:
body = {'port': {'allowed_address_pairs': new_aaps}}
neuc.update_port(port=port['id'], body=body)
log.info("Updated port %s with new AAP %s", port['name'],
new_aaps)
def __init__(self, auth_url, username, password, tenant, auth_token=None):
''' Get keystone client obj '''
self.keystone = ks_client.Client(username=username,
password=password,
tenant_name=tenant,
auth_url=auth_url,
insecure=True)
''' Get nova client handle '''
self.nova = nova_client.Client('2',
auth_url=auth_url,
username=username,
api_key=password,
project_id=tenant,
insecure=True)
''' Get neutron client handle '''
self.neutron = neutron_client.Client('2.0',
auth_url=auth_url,
username=username,
password=password,
tenant_name=tenant,
insecure=True)
''' Get ironic client handle '''
self.ironic = ironic_client.get_client(1,
os_username=username,
os_password=password,
os_auth_url=auth_url,
os_tenant_name=tenant,
insecure=True)
def __init__(self, region, service_name=None, endpoint=None,
endpoint_type='publicURL', insecure=False,
ca_cert=None):
"""Create neutron client object.
:param region: The region of the service
:param service_name: The name of the neutron service in the catalog
:param endpoint: The endpoint of the service
:param endpoint_type: The endpoint_type of the service
:param insecure: Turn off certificate validation
:param ca_cert: CA Cert file path
:return: a Neutron Client object.
:raises Exception: if the client cannot be created
"""
ksession = KeystoneSession()
kwargs = {'region_name': region,
'session': ksession.session,
'endpoint_type': endpoint_type,
'insecure': insecure}
if service_name:
kwargs['service_name'] = service_name
if endpoint:
kwargs['endpoint_override'] = endpoint
if ca_cert:
kwargs['ca_cert'] = ca_cert
try:
self.neutron_client = neutron_client.Client(
NEUTRON_VERSION, **kwargs)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception("Error creating Neutron client.")
def probe(self):
try:
neutron = client.Client(self.api_version,
session=self.session,
region_name=self.region_name)
except Exception as e:
self.exit_error('cannot load ' + str(e))
try:
result = neutron.list_agents(host=self.host, binary=self.binary)
except Exception as e:
self.exit_error('list_agents: ' + str(e))
stati = dict(up=0, disabled=0, down=0, total=0)
for agent in result['agents']:
stati['total'] += 1
if agent['admin_state_up'] and agent['alive']:
stati['up'] += 1
elif not agent['admin_state_up']:
stati['disabled'] += 1
else:
stati['down'] += 1
for r in stati.keys():
yield osnag.Metric(r, stati[r], min=0)
def get_tneuc(tname, auth_url, oscfg):
ksc, err = os_try_access(oscfg.username,
oscfg.password,
tname,
oscfg.keystone_host,
const.REQUEST_TIMEOUT,
oscfg.region,
auth_url=auth_url,
log=log)
if not ksc:
log.error("Cloudn't establish connection to OpenStack, error: "
"%s", err)
sys.exit(1)
eptype = 'internal' if oscfg.use_internal_endpoints else 'public'
ckwopts = {
'connect_retries': const.CONNECT_RETRIES,
'region_name': oscfg.region,
'interface': eptype
}
tneuc = nnclient.Client('2',
session=ksc.session,
retries=const.API_RETRIES,
**ckwopts)
return tneuc, ksc
def get_neutron_client(cls,
region,
service_name=None,
endpoint=None,
endpoint_type='publicURL'):
"""Create neutron client object.
:param region: The region of the service
:param service_name: The name of the neutron service in the catalog
:param endpoint: The endpoint of the service
:param endpoint_type: The endpoint_type of the service
:return: a Neutron Client object.
:raises Exception: if the client cannot be created
"""
if not cls.neutron_client:
kwargs = {
'region_name': region,
'session': keystone.get_session(),
'endpoint_type': endpoint_type
}
if service_name:
kwargs['service_name'] = service_name
if endpoint:
kwargs['endpoint_override'] = endpoint
try:
cls.neutron_client = neutron_client.Client(
NEUTRON_VERSION, **kwargs)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("Error creating Neutron client."))
return cls.neutron_client
def gen_os_clients(self):
try:
output = {}
# Grab handles to each client type
keystone = kclient.Client(session=self.os['sess'])
output['keystone'] = {}
output['keystone']['client'] = keystone
glance = gclient.Client(2, session=self.os['sess'])
output['glance'] = {}
output['glance']['client'] = glance
nova = nclient.Client(2, session=self.os['sess'])
output['nova'] = {}
output['nova']['client'] = nova
neutron = neuclient.Client(2, session=self.os['sess'])
output['neutron'] = {}
output['neutron']['client'] = neutron
return 1, output
except:
logging.error("return_keystone_sess: Issue getting Openstack \
session object")
return 0, {}
def allow_address_pairs(session, network, subnet):
"""Allow several interfaces to be added and accessed from the other machines.
This is particularly useful when working with virtual ips.
"""
nclient = neutron.Client('2', session=session)
ports = nclient.list_ports()
ports_to_update = filter(
lambda p: p['network_id'] == network['id'],
ports['ports'])
logger.info('[nova]: Allowing address pairs for ports %s' %
map(lambda p: p['fixed_ips'], ports_to_update))
for port in ports_to_update:
try:
nclient.update_port(port['id'], {
'port': {
'allowed_address_pairs': [{
'ip_address': subnet
}]
}
})
except Exception:
# NOTE(msimonin): dhcp and router interface port
# seems to have enabled_sec_groups = False which
# prevent them to be updated, just throw a warning
# a skip them
logger.warn("Can't update port %s" % port)
def probe(self):
try:
neutron = client.Client('2.0',
session=self.get_session(),
ca_cert=self.openstack['cacert'],
insecure=self.openstack['insecure'])
except Exception as e:
self.exit_error('cannot load ' + str(e))
try:
result = neutron.list_agents(host=self.host, binary=self.binary)
except Exception as e:
self.exit_error(str(e))
stati = dict(up=0, disabled=0, down=0, total=0)
for agent in result['agents']:
stati['total'] += 1
if agent['admin_state_up'] and agent['alive']:
stati['up'] += 1
elif not agent['admin_state_up']:
stati['disabled'] += 1
else:
stati['down'] += 1
for r in stati.keys():
yield osnag.Metric(r, stati[r], min=0)
def _reload_connection(self):
'''Called before any operation, it check if credentials has changed
Throw keystoneclient.apiclient.exceptions.AuthorizationFailure
'''
#TODO control the timing and possible token timeout, but it seams that python client does this task for us :-)
if self.reload_client:
#test valid params
if len(self.n_creds) < 4:
raise ksExceptions.ClientException(
"Not enough parameters to connect to openstack")
self.nova = nClient.Client(2, **self.n_creds)
self.keystone = ksClient.Client(**self.k_creds)
self.glance_endpoint = self.keystone.service_catalog.url_for(
service_type='image', endpoint_type='publicURL')
self.glance = glClient.Client(
self.glance_endpoint,
token=self.keystone.auth_token,
**self.k_creds) #TODO check k_creds vs n_creds
self.ne_endpoint = self.keystone.service_catalog.url_for(
service_type='network', endpoint_type='publicURL')
self.neutron = neClient.Client('2.0',
endpoint_url=self.ne_endpoint,
token=self.keystone.auth_token,
**self.k_creds)
self.reload_client = False
def client():
session = sessions.cache().get_session(sessions.SESSION_TYPE_NEUTRON)
neutron = neutron_cli.Client('2.0',
session=session,
auth=keystone.auth(),
endpoint_type=CONF.neutron.endpoint_type)
return neutron
def __init__(self, auth_url, username, password, tenant, auth_token=None):
print "User:", auth_url, username, password, tenant, auth_token
self.keystone_client = kclient.Client(username=username,
password=password,
tenant_name=tenant,
auth_url=auth_url)
if not auth_token:
auth_token = self.keystone_client.auth_token
self.nova_client = nova_client.Client('2',
auth_url=auth_url,
username=username,
api_key=password,
project_id=tenant,
auth_token=auth_token,
insecure=True)
''' Get neutron client handle '''
self.neutron_client = neutron_client.Client('2.0',
auth_url=auth_url,
username=username,
password=password,
tenant_name=tenant,
insecure=True)
def initialize_sc_clients(self):
super(NetworkSyncThread, self).initialize_sc_clients()
if (not self.sc_neutron_client and self.sc_admin_session):
self.sc_neutron_client = neutronclient.Client(
"2.0",
session=self.sc_admin_session,
endpoint_type=consts.KS_ENDPOINT_INTERNAL,
region_name=self.subcloud_engine.subcloud.region_name)
def create_client(self, version=None, service_type=None):
"""Return neutron client."""
from neutronclient.neutron import client as neutron
client = neutron.Client(self.choose_version(version),
session=self.keystone.get_session()[0],
endpoint_url=self._get_endpoint(service_type))
return client
def get_to_neutron_client(self):
auth_ref = self.get_to_auth_ref()
token = auth_ref['token']['id']
endpoint_url = 'http://{ip}:9696'.format(ip=self.to_auth_ip)
neutron = neutron_client.Client('2.0',
token=token,
endpoint_url=endpoint_url)
return neutron
def __init__(self):
creds = credentials()
tenant_name = creds['project_name']
auth_url = creds['auth_url'] + "/v2.0"
print creds
self.neutron = client.Client('2.0', username=creds['username'],
password=creds['password'], auth_url=auth_url,
tenant_name=tenant_name)
def __init__(self, session, plan, name):
self.name = name
self.keystone = keystone_v3.Client(session=session)
self.nova = novaclient.Client('2', session=session)
self.neutron = neutronclient.Client('2.0', session=session)
self.neutron.format = 'json'
self.plan = plan
def __init__(self, network, uri, token, tenant_name):
self.neutron = neutron_cli.Client('2.0',
endpoint_url=uri,
token=token,
tenant_name=tenant_name,
ca_cert=CONF.neutron.ca_file,
insecure=CONF.neutron.api_insecure)
self.network = network
def get_to_neutron_client(self):
auth_ref = self.get_to_auth_ref()
endpoint_url = '{ip}:{port}'.format(ip=self.to_auth_ip,
port=self.to_neutron_port)
neutron = neutron_client.Client('2.0',
session=auth_ref.session,
endpoint_override=endpoint_url)
return neutron
def _get_neutron_client(module, kwargs):
_ksclient = _get_ksclient(module, kwargs)
token = _ksclient.auth_token
endpoint = _get_endpoint(module, _ksclient)
kwargs = {'token': token, 'endpoint_url': endpoint}
try:
neutron = client.Client('2.0', **kwargs)
except Exception, e:
module.fail_json(msg="Error in connecting to neutron: %s " % e.message)
def _get_client(self, cxt):
token = cxt.auth_token
if not token and cxt.is_admin:
token = self.get_admin_token(cxt.tenant)
return q_client.Client('2.0',
token=token,
auth_url=self.auth_url,
endpoint_url=self.endpoint_url,
timeout=cfg.CONF.client.neutron_timeout)
def run(args):
try:
ca = os.environ['OS_CACERT']
except KeyError:
ca = None
auth_version = os.getenv('OS_AUTH_VERSION', None)
if not auth_version:
auth_version = os.getenv('OS_IDENTITY_API_VERSION', None)
if not auth_version:
auth_version = 3
kclient = IDENTITY_API_VERSIONS[auth_version]
kclient_kwargs = dict()
kclient_kwargs['username'] = os.environ['OS_USERNAME']
kclient_kwargs['password'] = os.environ['OS_PASSWORD']
kclient_kwargs['insecure'] = args.insecure
kclient_kwargs['ca_cert'] = ca
kclient_kwargs['auth_url'] = os.environ['OS_AUTH_URL']
tenant_name = os.getenv('OS_TENANT_NAME')
if tenant_name and auth_version != 3:
kclient_kwargs['tenant_name'] = tenant_name
else:
kclient_kwargs['project_name'] = os.environ['OS_PROJECT_NAME']
# Instantiate Keystone client
keystone = kclient.Client(**kclient_kwargs)
# Instantiate Neutron client
qclient = nclient.Client(
'2.0',
endpoint_url=keystone.service_catalog.url_for(
service_type='network',
endpoint_type=os.environ['OS_ENDPOINT_TYPE']
),
token=keystone.get_token(keystone.session)
)
# set json return type
qclient.format = 'json'
if args.l3_agent_check:
LOG.info("Performing L3 Agent Health Check")
l3_agent_check(qclient)
if args.l3_agent_migrate:
LOG.info("Performing L3 Agent Migration for Offline L3 Agents")
l3_agent_migrate(qclient, args.noop, args.now)
if args.l3_agent_rebalance:
LOG.info("Rebalancing L3 Agent Router Count")
l3_agent_rebalance(qclient, args.noop)
if args.replicate_dhcp:
LOG.info("Performing DHCP Replication of Networks to Agents")
replicate_dhcp(qclient, args.noop)
def __init__(self, network, token, tenant_name, auth=None):
session = sessions.cache().get_session(sessions.SESSION_TYPE_NEUTRON)
if auth is None:
auth = keystone.token_auth(token=token, project_name=tenant_name)
self.neutron = neutron_cli.Client('2.0',
session=session,
auth=auth,
region_name=CONF.os_region_name)
self.network = network
def get_neutron_client():
global neutron_client
if not keystone_session:
get_keystone_client()
if neutron_client is None:
neutron_client = neutron.Client('2.0',
session=keystone_session,
insecure=settings.OS_INSECURE)
return neutron_client
def client(self):
if self._client is None:
self._client = q_client.Client(
API_VER,
endpoint_url=self.keystone.service_catalog.url_for(
service_type='network'),
token=self.token,
)
return self._client
