def __init__(self, user, password, projectid, auth_url=None, insecure=False, timeout=None, proxy_tenant_id=None, proxy_token=None, region_name=None, endpoint_type='publicURL', service_type=None, service_name=None, volume_service_name=None, timings=False, bypass_url=None, no_cache=False, http_log_debug=False, auth_system='keystone'): super(HTTPClient, self).__init__(timeout=timeout, proxy_info=_get_proxy_info()) self.user = user self.password = password self.projectid = projectid if not auth_url and auth_system and auth_system != 'keystone': auth_url = get_auth_system_url(auth_system) if not auth_url: raise exceptions.EndpointNotFound() self.auth_url = auth_url.rstrip('/') self.version = 'v1.1' self.region_name = region_name self.endpoint_type = endpoint_type self.service_type = service_type self.service_name = service_name self.volume_service_name = volume_service_name self.timings = timings self.bypass_url = bypass_url self.no_cache = no_cache self.http_log_debug = http_log_debug self.times = [] # [("item", starttime, endtime), ...] self.management_url = None self.auth_token = None self.proxy_token = proxy_token self.proxy_tenant_id = proxy_tenant_id self.used_keyring = False # httplib2 overrides self.force_exception_to_status_code = True self.disable_ssl_certificate_validation = insecure self.auth_system = auth_system self._logger = logging.getLogger(__name__) if self.http_log_debug: ch = logging.StreamHandler() self._logger.setLevel(logging.DEBUG) self._logger.addHandler(ch)
def _get_identity_endpoint_from_sc(context): # Search for the identity endpoint in the service catalog for service in context.service_catalog: if service.get('type') != 'identity': continue for endpoint in service['endpoints']: if (not CONF[NOVA_GROUP].region_name or endpoint.get('region') == CONF[NOVA_GROUP].region_name): return endpoint.get(CONF[NOVA_GROUP].interface + 'URL') raise nova_exceptions.EndpointNotFound()
def basic_auth(self): """Authenticate against a v2.0 auth service.""" auth_url = self.auth_url body = {"credentials": {"username": self.user, "key": self.password}} resp, resp_body = self._authenticate_without_tokens(auth_url, body) try: self.auth_token = resp_body['auth']['token']['id'] except KeyError: raise nova_exceptions.AuthorizationFailure() catalog = resp_body['auth']['serviceCatalog'] if 'cloudDatabases' not in catalog: raise nova_exceptions.EndpointNotFound() endpoints = catalog['cloudDatabases'] for endpoint in endpoints: if self.region_name is None or \ endpoint['region'] == self.region_name: self.management_url = endpoint['publicURL'] return raise nova_exceptions.EndpointNotFound()
def novaclient(context, privileged_user=False, timeout=None): """Returns a Nova client @param privileged_user: If True, use the account from configuration (requires 'auth_type' and the other usual Keystone authentication options to be set in the [nova] section) @param timeout: Number of seconds to wait for an answer before raising a Timeout exception (None to disable) """ if privileged_user and CONF[NOVA_GROUP].auth_type: n_auth = ks_loading.load_auth_from_conf_options(CONF, NOVA_GROUP) else: if CONF[NOVA_GROUP].token_auth_url: url = CONF[NOVA_GROUP].token_auth_url else: # Search for the identity endpoint in the service catalog # if nova.token_auth_url is not configured matching_endpoints = [] for service in context.service_catalog: if service.get('type') != 'identity': continue for endpoint in service['endpoints']: if (not CONF[NOVA_GROUP].region_name or endpoint.get('region') == CONF[NOVA_GROUP].region_name): matching_endpoints.append(endpoint) if not matching_endpoints: raise nova_exceptions.EndpointNotFound() url = matching_endpoints[0].get(CONF[NOVA_GROUP].interface + 'URL') n_auth = identity.Token(auth_url=url, token=context.auth_token, project_name=context.project_name, project_domain_id=context.project_domain) keystone_session = ks_loading.load_session_from_conf_options(CONF, NOVA_GROUP, auth=n_auth) c = nova_client.Client(api_versions.APIVersion(NOVA_API_VERSION), session=keystone_session, insecure=CONF[NOVA_GROUP].insecure, timeout=timeout, region_name=CONF[NOVA_GROUP].region_name, endpoint_type=CONF[NOVA_GROUP].interface, cacert=CONF[NOVA_GROUP].cafile, extensions=nova_extensions) return c
def __init__(self, user, password, projectid=None, auth_url=None, insecure=False, timeout=None, proxy_tenant_id=None, proxy_token=None, region_name=None, endpoint_type='publicURL', service_type=None, service_name=None, volume_service_name=None, timings=False, bypass_url=None, os_cache=False, no_cache=True, http_log_debug=False, auth_system='keystone', auth_plugin=None, auth_token=None, cacert=None, tenant_id=None, user_id=None, connection_pool=False): self.user = user self.user_id = user_id self.password = password self.projectid = projectid self.tenant_id = tenant_id self._connection_pool = (_ClientConnectionPool() if connection_pool else None) # This will be called by #_get_password if self.password is None. # EG if a password can only be obtained by prompting the user, but a # token is available, you don't want to prompt until the token has # been proven invalid self.password_func = None if auth_system and auth_system != 'keystone' and not auth_plugin: raise exceptions.AuthSystemNotFound(auth_system) if not auth_url and auth_system and auth_system != 'keystone': auth_url = auth_plugin.get_auth_url() if not auth_url: raise exceptions.EndpointNotFound() self.auth_url = auth_url.rstrip('/') if auth_url else auth_url self.version = 'v1.1' self.region_name = region_name self.endpoint_type = endpoint_type self.service_type = service_type self.service_name = service_name self.volume_service_name = volume_service_name self.timings = timings self.bypass_url = bypass_url.rstrip('/') if bypass_url else bypass_url self.os_cache = os_cache or not no_cache self.http_log_debug = http_log_debug if timeout is not None: self.timeout = float(timeout) else: self.timeout = None self.times = [] # [("item", starttime, endtime), ...] self.management_url = self.bypass_url or None self.auth_token = auth_token self.proxy_token = proxy_token self.proxy_tenant_id = proxy_tenant_id self.keyring_saver = None self.keyring_saved = False if insecure: self.verify_cert = False else: if cacert: self.verify_cert = cacert else: self.verify_cert = True self.auth_system = auth_system self.auth_plugin = auth_plugin self._session = None self._current_url = None self._logger = logging.getLogger(__name__) if self.http_log_debug and not self._logger.handlers: # Logging level is already set on the root logger ch = logging.StreamHandler() self._logger.addHandler(ch) self._logger.propagate = False if hasattr(requests, 'logging'): rql = requests.logging.getLogger(requests.__name__) rql.addHandler(ch) # Since we have already setup the root logger on debug, we # have to set it up here on WARNING (its original level) # otherwise we will get all the requests logging messages rql.setLevel(logging.WARNING)
def __init__(self, user, password, projectid=None, auth_url=None, insecure=False, timeout=None, proxy_tenant_id=None, proxy_token=None, region_name=None, endpoint_type='publicURL', service_type=None, service_name=None, volume_service_name=None, timings=False, bypass_url=None, os_cache=False, no_cache=True, http_log_debug=False, auth_system='keystone', auth_plugin=None, cacert=None, tenant_id=None): self.user = user self.password = password self.projectid = projectid self.tenant_id = tenant_id if auth_system and auth_system != 'keystone' and not auth_plugin: raise exceptions.AuthSystemNotFound(auth_system) if not auth_url and auth_system and auth_system != 'keystone': auth_url = auth_plugin.get_auth_url() if not auth_url: raise exceptions.EndpointNotFound() self.auth_url = auth_url.rstrip('/') self.version = 'v1.1' self.region_name = region_name self.endpoint_type = endpoint_type self.service_type = service_type self.service_name = service_name self.volume_service_name = volume_service_name self.timings = timings self.bypass_url = bypass_url self.os_cache = os_cache or not no_cache self.http_log_debug = http_log_debug if timeout is not None: self.timeout = float(timeout) else: self.timeout = None self.times = [] # [("item", starttime, endtime), ...] self.management_url = None self.auth_token = None self.proxy_token = proxy_token self.proxy_tenant_id = proxy_tenant_id self.keyring_saver = None self.keyring_saved = False if insecure: self.verify_cert = False else: if cacert: self.verify_cert = cacert else: self.verify_cert = True self.auth_system = auth_system self.auth_plugin = auth_plugin self._logger = logging.getLogger(__name__) if self.http_log_debug and not self._logger.handlers: # Logging level is already set on the root logger ch = logging.StreamHandler() self._logger.addHandler(ch) self._logger.propagate = False if hasattr(requests, 'logging'): rql = requests.logging.getLogger(requests.__name__) rql.addHandler(ch) # Since we have already setup the root logger on debug, we # have to set it up here on WARNING (its original level) # otherwise we will get all the requests logging messanges rql.setLevel(logging.WARNING) # requests within the same session can reuse TCP connections from pool self.http = requests.Session()
def __init__(self, user, password, projectid, auth_url=None, insecure=False, timeout=None, proxy_tenant_id=None, proxy_token=None, region_name=None, endpoint_type='publicURL', service_type=None, service_name=None, volume_service_name=None, timings=False, bypass_url=None, os_cache=False, no_cache=True, http_log_debug=False, auth_system='keystone', cacert=None): self.user = user self.password = password self.projectid = projectid if not auth_url and auth_system and auth_system != 'keystone': auth_url = get_auth_system_url(auth_system) if not auth_url: raise exceptions.EndpointNotFound() self.auth_url = auth_url.rstrip('/') self.version = 'v1.1' self.region_name = region_name self.endpoint_type = endpoint_type self.service_type = service_type self.service_name = service_name self.volume_service_name = volume_service_name self.timings = timings self.bypass_url = bypass_url self.os_cache = os_cache or not no_cache self.http_log_debug = http_log_debug if timeout is not None: self.timeout = float(timeout) else: self.timeout = None self.times = [] # [("item", starttime, endtime), ...] self.management_url = None self.auth_token = None self.proxy_token = proxy_token self.proxy_tenant_id = proxy_tenant_id self.keyring_saver = None self.keyring_saved = False if insecure: self.verify_cert = False else: if cacert: self.verify_cert = cacert else: self.verify_cert = True self.auth_system = auth_system self._logger = logging.getLogger(__name__) if self.http_log_debug: ch = logging.StreamHandler() self._logger.setLevel(logging.DEBUG) self._logger.addHandler(ch) if hasattr(requests, 'logging'): requests.logging.getLogger(requests.__name__).addHandler(ch)
def url_for(self, attr=None, filter_value=None, service_type=None, endpoint_type='publicURL', service_name=None, volume_service_name=None): """Fetch public URL for a particular endpoint. If none given, return the first. See tests for sample service catalog. """ matching_endpoints = [] if 'endpoints' in self.catalog: # We have a bastardized service catalog. Treat it special. :/ for endpoint in self.catalog['endpoints']: if not filter_value or endpoint[attr] == filter_value: # Ignore 1.0 compute endpoints if endpoint.get("type") == 'compute' and \ endpoint.get('versionId') in (None, '1.1', '2'): matching_endpoints.append(endpoint) if not matching_endpoints: raise nova_exceptions.EndpointNotFound() # We don't always get a service catalog back ... if 'serviceCatalog' not in self.catalog['access']: return None # Full catalog ... catalog = self.catalog['access']['serviceCatalog'] for service in catalog: if service.get("type") != service_type: continue if (service_name and service_type == 'compute' and service.get('name') != service_name): continue if (volume_service_name and service_type == 'volume' and service.get('name') != volume_service_name): continue endpoints = service['endpoints'] for endpoint in endpoints: # Ignore 1.0 compute endpoints if (service.get("type") == 'compute' and endpoint.get( 'versionId', '2') not in ('1.1', '2')): continue if (not filter_value or endpoint.get(attr).lower() == filter_value.lower()): endpoint["serviceName"] = service.get("name") matching_endpoints.append(endpoint) if not matching_endpoints: raise nova_exceptions.EndpointNotFound() elif len(matching_endpoints) > 1: raise nova_exceptions.AmbiguousEndpoints( endpoints=matching_endpoints) else: return matching_endpoints[0][endpoint_type]