def probe(self): try: keystone = ksclient.Client( username=self.openstack['username'], password=self.openstack['password'], tenant_name=self.openstack['tenant_name'], auth_url=self.openstack['auth_url'], insecure=self.openstack['insecure']) except Exception as e: self.exit_error('cannot get token ' + str(e)) try: neutron = client.Client( '2.0', endpoint_url=keystone.service_catalog.url_for( endpoint_type='public', service_type='network'), token=keystone.auth_token, insecure=self.openstack['insecure']) except Exception as e: self.exit_error('cannot load ' + str(e)) try: result = neutron.list_floatingips() except Exception as e: self.exit_error(str(e)) stati = dict(assigned=0, used=0) for floatingip in result['floatingips']: stati['assigned'] += 1 if floatingip['fixed_ip_address']: stati['used'] += 1 for r in stati.keys(): yield osnag.Metric(r, stati[r], min=0)
def _cleanup_network_resources(session): neutron = neutron_client.Client("2.0", session=session) LOG.debug("Cleaning up floatingips") for fip in neutron.list_floatingips()["floatingips"]: LOG.debug("Removing floatingip %s", fip["id"]) neutron.delete_floatingip(fip["id"]) LOG.debug("Cleaning up routers") for router in neutron.list_routers()["routers"]: LOG.debug("Removing router %s", router["id"]) neutron.remove_gateway_router(router["id"]) for port in neutron.list_ports(device_id=router["id"])["ports"]: neutron.remove_interface_router(router["id"], {"port_id": port["id"]}) neutron.delete_router(router["id"]) LOG.debug("Cleaning up ports") for port in neutron.list_ports()["ports"]: LOG.debug("Removing port %s", port["id"]) neutron.delete_port(port["id"]) LOG.info('Cleaning up networks') for network in neutron.list_networks()['networks']: LOG.info('Removing network %s (%s)', network['name'], network['id']) neutron.delete_network(network['id']) network_list = _wait_until_empty(10, 'networks', neutron.list_networks) if network_list: raise RuntimeError('Some networks were not removed: %s' % ', '.join([ '%s (%s)' % (network['name'], network['id']) for network in network_list['networks'] ]))
def __init__( self, auth_url, username, password, project_name, project_domain_id, user_domain_id, region_name, ssl_verify, http_timeout ): self._auth_url = auth_url self._username = username self._password = password self._project_name = project_name self._project_domain_id = project_domain_id self._user_domain_id = user_domain_id self._region_name = region_name self._ssl_verify = ssl_verify self.auth = identity.Password( auth_url=self._auth_url, username=self._username, password=self._password, project_name=self._project_name, project_domain_id=self._project_domain_id, user_domain_id=self._user_domain_id ) self.sess = session.Session(auth=self.auth, verify=self._ssl_verify, timeout=http_timeout) self.neutron = client.Client( DEFAULT_NEUTRON_CLIENT_VERSION, session=self.sess, region_name=self._region_name )
def run(args): try: ca = os.environ['OS_CACERT'] except KeyError: ca = None # instantiate client qclient = client.Client('2.0', auth_url=os.environ['OS_AUTH_URL'], username=os.environ['OS_USERNAME'], tenant_name=os.environ['OS_TENANT_NAME'], password=os.environ['OS_PASSWORD'], endpoint_type='internalURL', insecure=args.insecure, ca_cert=ca) # set json return type qclient.format = 'json' if args.l3_agent_check: LOG.info("Performing L3 Agent Health Check") l3_agent_check(qclient) if args.l3_agent_migrate: LOG.info("Performing L3 Agent Migration for Offline L3 Agents") l3_agent_migrate(qclient, args.noop, args.now) if args.l3_agent_rebalance: LOG.info("Rebalancing L3 Agent Router Count") l3_agent_rebalance(qclient, args.noop) if args.replicate_dhcp: LOG.info("Performing DHCP Replication of Networks to Agents") replicate_dhcp(qclient, args.noop)
def check_extra_ports(session, network, total): nclient = neutron.Client("2", session=session, region_name=os.environ["OS_REGION_NAME"]) ports = nclient.list_ports()["ports"] logger.debug("Found %s ports" % ports) port_name = PORT_NAME ports_with_name = list(filter(lambda p: p["name"] == port_name, ports)) logger.info("[neutron]: Reusing %s ports" % len(ports_with_name)) # create missing ports for _ in range(0, total - len(ports_with_name)): port = { "admin_state_up": True, "name": PORT_NAME, "network_id": network["id"] } # Checking port with PORT_NAME nclient.create_port({"port": port}) ports = nclient.list_ports()["ports"] ports_with_name = list(filter(lambda p: p["name"] == port_name, ports)) ip_addresses = [] for port in ports_with_name: ip_addresses.append(port["fixed_ips"][0]["ip_address"]) logger.info("[neutron]: Returning %s free ip addresses" % ip_addresses) return ip_addresses
def main(): ds = datastore.Datastore() cuuid, oscfg = fetch_oscfg(ds) if not oscfg: log.error("OpenStack Configuration not found!") sys.exit(1) (kip, kport, auth_url) = osutils.ks_ip_port(oscfg.keystone_host, auth_url=oscfg.auth_url) ksc, err = os_try_access(oscfg.username, oscfg.password, oscfg.admin_tenant, oscfg.keystone_host, const.REQUEST_TIMEOUT, oscfg.region, auth_url=auth_url, log=log) if not ksc: log.error("Cloudn't establish connection to OpenStack, error: " "%s", err) sys.exit(1) eptype = 'internal' if oscfg.use_internal_endpoints else 'public' ckwopts = {'connect_retries': const.CONNECT_RETRIES, 'region_name': oscfg.region, 'interface': eptype} neuc = nnclient.Client('2', session=ksc.session, retries=const.API_RETRIES, **ckwopts) # Get all SEs from DB # For each SE, get all ports using device_id field, # and update the AAP entry if it has it. ses = ds.get_all('serviceengine') for se in ses: secfg = se['config'] if secfg.cloud_uuid != cuuid: continue devid = secfg.uuid.split('se-')[1] log.info("Updating ports for se %s, %s", secfg.name, devid) data = neuc.list_ports(device_id=devid) ports = data.get('ports', []) for port in ports: aaps = port.get('allowed_address_pairs', []) if not aaps: continue new_aaps = [] for aap in aaps: tokens = aap['ip_address'].split('/') if len(tokens) < 2: continue ip = tokens[0] + '/%s' % '32' naap = {'ip_address': ip} if aap.get('mac_address', None): naap['mac_address'] = aap['mac_address'] new_aaps.append(naap) if new_aaps: body = {'port': {'allowed_address_pairs': new_aaps}} neuc.update_port(port=port['id'], body=body) log.info("Updated port %s with new AAP %s", port['name'], new_aaps)
def __init__(self, auth_url, username, password, tenant, auth_token=None): ''' Get keystone client obj ''' self.keystone = ks_client.Client(username=username, password=password, tenant_name=tenant, auth_url=auth_url, insecure=True) ''' Get nova client handle ''' self.nova = nova_client.Client('2', auth_url=auth_url, username=username, api_key=password, project_id=tenant, insecure=True) ''' Get neutron client handle ''' self.neutron = neutron_client.Client('2.0', auth_url=auth_url, username=username, password=password, tenant_name=tenant, insecure=True) ''' Get ironic client handle ''' self.ironic = ironic_client.get_client(1, os_username=username, os_password=password, os_auth_url=auth_url, os_tenant_name=tenant, insecure=True)
def __init__(self, region, service_name=None, endpoint=None, endpoint_type='publicURL', insecure=False, ca_cert=None): """Create neutron client object. :param region: The region of the service :param service_name: The name of the neutron service in the catalog :param endpoint: The endpoint of the service :param endpoint_type: The endpoint_type of the service :param insecure: Turn off certificate validation :param ca_cert: CA Cert file path :return: a Neutron Client object. :raises Exception: if the client cannot be created """ ksession = KeystoneSession() kwargs = {'region_name': region, 'session': ksession.session, 'endpoint_type': endpoint_type, 'insecure': insecure} if service_name: kwargs['service_name'] = service_name if endpoint: kwargs['endpoint_override'] = endpoint if ca_cert: kwargs['ca_cert'] = ca_cert try: self.neutron_client = neutron_client.Client( NEUTRON_VERSION, **kwargs) except Exception: with excutils.save_and_reraise_exception(): LOG.exception("Error creating Neutron client.")
def probe(self): try: neutron = client.Client(self.api_version, session=self.session, region_name=self.region_name) except Exception as e: self.exit_error('cannot load ' + str(e)) try: result = neutron.list_agents(host=self.host, binary=self.binary) except Exception as e: self.exit_error('list_agents: ' + str(e)) stati = dict(up=0, disabled=0, down=0, total=0) for agent in result['agents']: stati['total'] += 1 if agent['admin_state_up'] and agent['alive']: stati['up'] += 1 elif not agent['admin_state_up']: stati['disabled'] += 1 else: stati['down'] += 1 for r in stati.keys(): yield osnag.Metric(r, stati[r], min=0)
def get_tneuc(tname, auth_url, oscfg): ksc, err = os_try_access(oscfg.username, oscfg.password, tname, oscfg.keystone_host, const.REQUEST_TIMEOUT, oscfg.region, auth_url=auth_url, log=log) if not ksc: log.error("Cloudn't establish connection to OpenStack, error: " "%s", err) sys.exit(1) eptype = 'internal' if oscfg.use_internal_endpoints else 'public' ckwopts = { 'connect_retries': const.CONNECT_RETRIES, 'region_name': oscfg.region, 'interface': eptype } tneuc = nnclient.Client('2', session=ksc.session, retries=const.API_RETRIES, **ckwopts) return tneuc, ksc
def get_neutron_client(cls, region, service_name=None, endpoint=None, endpoint_type='publicURL'): """Create neutron client object. :param region: The region of the service :param service_name: The name of the neutron service in the catalog :param endpoint: The endpoint of the service :param endpoint_type: The endpoint_type of the service :return: a Neutron Client object. :raises Exception: if the client cannot be created """ if not cls.neutron_client: kwargs = { 'region_name': region, 'session': keystone.get_session(), 'endpoint_type': endpoint_type } if service_name: kwargs['service_name'] = service_name if endpoint: kwargs['endpoint_override'] = endpoint try: cls.neutron_client = neutron_client.Client( NEUTRON_VERSION, **kwargs) except Exception: with excutils.save_and_reraise_exception(): LOG.exception(_LE("Error creating Neutron client.")) return cls.neutron_client
def gen_os_clients(self): try: output = {} # Grab handles to each client type keystone = kclient.Client(session=self.os['sess']) output['keystone'] = {} output['keystone']['client'] = keystone glance = gclient.Client(2, session=self.os['sess']) output['glance'] = {} output['glance']['client'] = glance nova = nclient.Client(2, session=self.os['sess']) output['nova'] = {} output['nova']['client'] = nova neutron = neuclient.Client(2, session=self.os['sess']) output['neutron'] = {} output['neutron']['client'] = neutron return 1, output except: logging.error("return_keystone_sess: Issue getting Openstack \ session object") return 0, {}
def allow_address_pairs(session, network, subnet): """Allow several interfaces to be added and accessed from the other machines. This is particularly useful when working with virtual ips. """ nclient = neutron.Client('2', session=session) ports = nclient.list_ports() ports_to_update = filter( lambda p: p['network_id'] == network['id'], ports['ports']) logger.info('[nova]: Allowing address pairs for ports %s' % map(lambda p: p['fixed_ips'], ports_to_update)) for port in ports_to_update: try: nclient.update_port(port['id'], { 'port': { 'allowed_address_pairs': [{ 'ip_address': subnet }] } }) except Exception: # NOTE(msimonin): dhcp and router interface port # seems to have enabled_sec_groups = False which # prevent them to be updated, just throw a warning # a skip them logger.warn("Can't update port %s" % port)
def probe(self): try: neutron = client.Client('2.0', session=self.get_session(), ca_cert=self.openstack['cacert'], insecure=self.openstack['insecure']) except Exception as e: self.exit_error('cannot load ' + str(e)) try: result = neutron.list_agents(host=self.host, binary=self.binary) except Exception as e: self.exit_error(str(e)) stati = dict(up=0, disabled=0, down=0, total=0) for agent in result['agents']: stati['total'] += 1 if agent['admin_state_up'] and agent['alive']: stati['up'] += 1 elif not agent['admin_state_up']: stati['disabled'] += 1 else: stati['down'] += 1 for r in stati.keys(): yield osnag.Metric(r, stati[r], min=0)
def _reload_connection(self): '''Called before any operation, it check if credentials has changed Throw keystoneclient.apiclient.exceptions.AuthorizationFailure ''' #TODO control the timing and possible token timeout, but it seams that python client does this task for us :-) if self.reload_client: #test valid params if len(self.n_creds) < 4: raise ksExceptions.ClientException( "Not enough parameters to connect to openstack") self.nova = nClient.Client(2, **self.n_creds) self.keystone = ksClient.Client(**self.k_creds) self.glance_endpoint = self.keystone.service_catalog.url_for( service_type='image', endpoint_type='publicURL') self.glance = glClient.Client( self.glance_endpoint, token=self.keystone.auth_token, **self.k_creds) #TODO check k_creds vs n_creds self.ne_endpoint = self.keystone.service_catalog.url_for( service_type='network', endpoint_type='publicURL') self.neutron = neClient.Client('2.0', endpoint_url=self.ne_endpoint, token=self.keystone.auth_token, **self.k_creds) self.reload_client = False
def client(): session = sessions.cache().get_session(sessions.SESSION_TYPE_NEUTRON) neutron = neutron_cli.Client('2.0', session=session, auth=keystone.auth(), endpoint_type=CONF.neutron.endpoint_type) return neutron
def __init__(self, auth_url, username, password, tenant, auth_token=None): print "User:", auth_url, username, password, tenant, auth_token self.keystone_client = kclient.Client(username=username, password=password, tenant_name=tenant, auth_url=auth_url) if not auth_token: auth_token = self.keystone_client.auth_token self.nova_client = nova_client.Client('2', auth_url=auth_url, username=username, api_key=password, project_id=tenant, auth_token=auth_token, insecure=True) ''' Get neutron client handle ''' self.neutron_client = neutron_client.Client('2.0', auth_url=auth_url, username=username, password=password, tenant_name=tenant, insecure=True)
def initialize_sc_clients(self): super(NetworkSyncThread, self).initialize_sc_clients() if (not self.sc_neutron_client and self.sc_admin_session): self.sc_neutron_client = neutronclient.Client( "2.0", session=self.sc_admin_session, endpoint_type=consts.KS_ENDPOINT_INTERNAL, region_name=self.subcloud_engine.subcloud.region_name)
def create_client(self, version=None, service_type=None): """Return neutron client.""" from neutronclient.neutron import client as neutron client = neutron.Client(self.choose_version(version), session=self.keystone.get_session()[0], endpoint_url=self._get_endpoint(service_type)) return client
def get_to_neutron_client(self): auth_ref = self.get_to_auth_ref() token = auth_ref['token']['id'] endpoint_url = 'http://{ip}:9696'.format(ip=self.to_auth_ip) neutron = neutron_client.Client('2.0', token=token, endpoint_url=endpoint_url) return neutron
def __init__(self): creds = credentials() tenant_name = creds['project_name'] auth_url = creds['auth_url'] + "/v2.0" print creds self.neutron = client.Client('2.0', username=creds['username'], password=creds['password'], auth_url=auth_url, tenant_name=tenant_name)
def __init__(self, session, plan, name): self.name = name self.keystone = keystone_v3.Client(session=session) self.nova = novaclient.Client('2', session=session) self.neutron = neutronclient.Client('2.0', session=session) self.neutron.format = 'json' self.plan = plan
def __init__(self, network, uri, token, tenant_name): self.neutron = neutron_cli.Client('2.0', endpoint_url=uri, token=token, tenant_name=tenant_name, ca_cert=CONF.neutron.ca_file, insecure=CONF.neutron.api_insecure) self.network = network
def get_to_neutron_client(self): auth_ref = self.get_to_auth_ref() endpoint_url = '{ip}:{port}'.format(ip=self.to_auth_ip, port=self.to_neutron_port) neutron = neutron_client.Client('2.0', session=auth_ref.session, endpoint_override=endpoint_url) return neutron
def _get_neutron_client(module, kwargs): _ksclient = _get_ksclient(module, kwargs) token = _ksclient.auth_token endpoint = _get_endpoint(module, _ksclient) kwargs = {'token': token, 'endpoint_url': endpoint} try: neutron = client.Client('2.0', **kwargs) except Exception, e: module.fail_json(msg="Error in connecting to neutron: %s " % e.message)
def _get_client(self, cxt): token = cxt.auth_token if not token and cxt.is_admin: token = self.get_admin_token(cxt.tenant) return q_client.Client('2.0', token=token, auth_url=self.auth_url, endpoint_url=self.endpoint_url, timeout=cfg.CONF.client.neutron_timeout)
def run(args): try: ca = os.environ['OS_CACERT'] except KeyError: ca = None auth_version = os.getenv('OS_AUTH_VERSION', None) if not auth_version: auth_version = os.getenv('OS_IDENTITY_API_VERSION', None) if not auth_version: auth_version = 3 kclient = IDENTITY_API_VERSIONS[auth_version] kclient_kwargs = dict() kclient_kwargs['username'] = os.environ['OS_USERNAME'] kclient_kwargs['password'] = os.environ['OS_PASSWORD'] kclient_kwargs['insecure'] = args.insecure kclient_kwargs['ca_cert'] = ca kclient_kwargs['auth_url'] = os.environ['OS_AUTH_URL'] tenant_name = os.getenv('OS_TENANT_NAME') if tenant_name and auth_version != 3: kclient_kwargs['tenant_name'] = tenant_name else: kclient_kwargs['project_name'] = os.environ['OS_PROJECT_NAME'] # Instantiate Keystone client keystone = kclient.Client(**kclient_kwargs) # Instantiate Neutron client qclient = nclient.Client( '2.0', endpoint_url=keystone.service_catalog.url_for( service_type='network', endpoint_type=os.environ['OS_ENDPOINT_TYPE'] ), token=keystone.get_token(keystone.session) ) # set json return type qclient.format = 'json' if args.l3_agent_check: LOG.info("Performing L3 Agent Health Check") l3_agent_check(qclient) if args.l3_agent_migrate: LOG.info("Performing L3 Agent Migration for Offline L3 Agents") l3_agent_migrate(qclient, args.noop, args.now) if args.l3_agent_rebalance: LOG.info("Rebalancing L3 Agent Router Count") l3_agent_rebalance(qclient, args.noop) if args.replicate_dhcp: LOG.info("Performing DHCP Replication of Networks to Agents") replicate_dhcp(qclient, args.noop)
def __init__(self, network, token, tenant_name, auth=None): session = sessions.cache().get_session(sessions.SESSION_TYPE_NEUTRON) if auth is None: auth = keystone.token_auth(token=token, project_name=tenant_name) self.neutron = neutron_cli.Client('2.0', session=session, auth=auth, region_name=CONF.os_region_name) self.network = network
def get_neutron_client(): global neutron_client if not keystone_session: get_keystone_client() if neutron_client is None: neutron_client = neutron.Client('2.0', session=keystone_session, insecure=settings.OS_INSECURE) return neutron_client
def client(self): if self._client is None: self._client = q_client.Client( API_VER, endpoint_url=self.keystone.service_catalog.url_for( service_type='network'), token=self.token, ) return self._client