def get_client(cls, org, username, password): """Returns a client for a particular user. The user is identified by the specified username-password combo in a given organization. :param str org: name of the organization, which the user belongs to. :param str username: username of the user. :param str password: password of the user. :return: a client. :rtype: pyvcloud.vcd.client.Client :raises: Exception: if the basic configuration is missing. """ if cls._config is None: raise Exception('Missing base configuration.') client = Client( cls._config['vcd']['host'], api_version=cls._config['vcd']['api_version'], verify_ssl_certs=cls._config['connection']['verify'], log_file=cls._config['logging']['default_client_log_filename'], log_requests=cls._config['logging']['log_requests'], log_headers=cls._config['logging']['log_headers'], log_bodies=cls._config['logging']['log_bodies']) client.set_credentials(BasicLoginCredentials(username, org, password)) return client
def init_environment(config_filepath=BASE_CONFIG_FILEPATH): """Set up module variables according to config dict. :param str config_filepath: """ global AMQP_USERNAME, AMQP_PASSWORD, CLIENT, ORG_HREF, VDC_HREF, \ CATALOG_NAME, DEV_MODE config = testutils.yaml_to_dict(config_filepath) CLIENT = Client(config['vcd']['host'], api_version=config['vcd']['api_version'], verify_ssl_certs=config['vcd']['verify']) credentials = BasicLoginCredentials(config['vcd']['username'], utils.SYSTEM_ORG_NAME, config['vcd']['password']) CLIENT.set_credentials(credentials) org = utils.get_org(CLIENT, org_name=config['broker']['org']) vdc = utils.get_vdc(CLIENT, config['broker']['vdc'], org=org) ORG_HREF = org.href VDC_HREF = vdc.href CATALOG_NAME = config['broker']['catalog'] AMQP_USERNAME = config['amqp']['username'] AMQP_PASSWORD = config['amqp']['password'] try: DEV_MODE = config['test']['developer_mode'] except KeyError: pass
def __init__(self, vcd_api_client: vcd_client.Client, oauth_client_name: str, logger_debug: logging.Logger = NULL_LOGGER, logger_wire: logging.Logger = NULL_LOGGER): self.vcd_api_client: vcd_client.Client = vcd_api_client cloudapi_url = vcd_api_client.get_cloudapi_uri() super().__init__(base_url=cloudapi_url, token=vcd_api_client.get_access_token(), api_version=vcd_api_client.get_api_version(), logger_debug=logger_debug, logger_wire=logger_wire, verify_ssl=vcd_api_client._verify_ssl_certs, is_sys_admin=vcd_api_client.is_sysadmin()) self.oauth_client_name = oauth_client_name # cloudapi_url will be of the format https://vcd-host/cloudapi # since /oauth endpoint is not associated with /cloudapi or /api, # we need to format the cloudapi_url so that only https://vcd-host # part is retained url_host = urlparse(cloudapi_url) self._host_url = f"{url_host.scheme}://{url_host.netloc}" self.oauth_client_id = None self.refresh_token = None
def restore_session(ctx): profiles = Profiles.load() token = profiles.get('token') if token is None or len(token) == 0: raise Exception('Can\'t restore session, please re-login.') if not profiles.get('verify'): if profiles.get('disable_warnings'): pass else: click.secho('InsecureRequestWarning: ' 'Unverified HTTPS request is being made. ' 'Adding certificate verification is strongly ' 'advised.', fg='yellow', err=True) requests.packages.urllib3.disable_warnings() client = Client(profiles.get('host'), api_version=profiles.get('api_version'), verify_ssl_certs=profiles.get('verify'), log_file='vcd.log', log_requests=profiles.get('log_request'), log_headers=profiles.get('log_header'), log_bodies=profiles.get('log_body') ) client.rehydrate(profiles) ctx.obj = {} ctx.obj['client'] = client ctx.obj['profiles'] = profiles
def login(self): try: user = self.params.get('user') password = self.params.get('password') org = self.params.get('org') host = self.params.get('host') api_version = self.params.get('api_version') verify_ssl_certs = self.params.get('verify_ssl_certs') # giving more precedence to module level details user = user if user else os.environ['env_user'] password = password if password else os.environ['env_password'] host = host if host else os.environ['env_host'] org = org if org else os.environ['env_org'] api_version = api_version if api_version else os.environ[ 'env_api_version'] verify_ssl_certs = verify_ssl_certs if verify_ssl_certs else os.environ[ 'env_verify_ssl_certs'] verify_ssl_certs = False if verify_ssl_certs == "False" else True self.client = Client(host, api_version=api_version, verify_ssl_certs=verify_ssl_certs) self.client.set_credentials( BasicLoginCredentials(user, org, password)) except Exception as error: error = 'Login failed for user {} to org {}' raise VCDLoginError(error.format(user, org))
def restore_session(ctx, vdc_required=False): if type(ctx.obj) is dict and 'client' in ctx.obj and ctx.obj[ 'client'] is not None: return profiles = Profiles.load() token = profiles.get('token') if token is None or len(token) == 0: raise Exception('Can\'t restore session, please login again.') if not profiles.get('verify'): if profiles.get('disable_warnings'): pass else: click.secho( 'InsecureRequestWarning: ' 'Unverified HTTPS request is being made. ' 'Adding certificate verification is strongly ' 'advised.', fg='yellow', err=True) requests.packages.urllib3.disable_warnings() client = Client(profiles.get('host'), api_version=profiles.get('api_version'), verify_ssl_certs=profiles.get('verify'), log_file='vcd.log', log_requests=profiles.get('log_request'), log_headers=profiles.get('log_header'), log_bodies=profiles.get('log_body')) client.rehydrate(profiles) ctx.obj = {} ctx.obj['client'] = client ctx.obj['profiles'] = profiles if vdc_required: if not ctx.obj['profiles'].get('vdc_in_use') or \ not ctx.obj['profiles'].get('vdc_href'): raise Exception('select a virtual datacenter')
def vcdlogin(host, user, password, org): logging.basicConfig(level=logging.DEBUG) logging.info("login called") client = Client(host, api_version="27.0", verify_ssl_certs=False, log_file='vcd.log', log_requests=True, log_headers=True, log_bodies=True) try: client.set_credentials(BasicLoginCredentials(user, org, password)) x = client._session.headers['x-vcloud-authorization'] logging.info(" ===== X VCloud ========\n \n" + x + "\n \n") #pRes= catalog.isPresent(client,"c1") #res=catalog.create(client,"c3","c2UPD") #logging.info(" is create ===== \n \n "+ str(res.created)+ "\n \n ") logging.info("\n\n=====callling upload ova===\n") catalog.upload_media(client, "c3", "/home/iso/vcains13.ova", item_name="vc installer 1.3") logging.info("\n\n=====upload done ===\n ") #logging.info(" Delete ===== \n \n "+ str(catalog.delete(client,"c3").deleted)+ "\n \n ") #logging.info(" Delete ===== \n \n "+ str(catalog.delete(client,"c4").deleted)+ "\n \n ") return client except Exception as e: print('error occured', e)
def get_org_id_from_vdc_name(client: vcd_client.Client, vdc_name: str): """Return org id given vdc name. :param vcd_client.Client client: vcd client :param str vdc_name: vdc name :return: org id, with no prefix, e.g., '12345' :rtype: str """ if client.is_sysadmin(): resource_type = vcd_client.ResourceType.ADMIN_ORG_VDC.value else: resource_type = vcd_client.ResourceType.ORG_VDC.value query = client.get_typed_query( query_type_name=resource_type, query_result_format=vcd_client.QueryResultFormat.ID_RECORDS, equality_filter=('name', vdc_name)) records = list(query.execute()) if len(records) == 0: return None # Process org id if client.is_sysadmin(): org_urn_id = records[0].attrib['org'] else: org_name = records[0].attrib['orgName'] org_resource = client.get_org_by_name(org_name) org_urn_id = org_resource.attrib['id'] return extract_id(org_urn_id)
def vcd_login(host, user, password, org): logging.basicConfig(level=logging.DEBUG) logging.info("login called") client = Client(host, api_version="27.0", verify_ssl_certs=False, log_file='vcd.log', log_requests=True, log_headers=True, log_bodies=True) try: client.set_credentials(BasicLoginCredentials(user, org, password)) x = client._session.headers['x-vcloud-authorization'] logging.info(" ===== X VCloud ========\n \n" + x + "\n \n") logged_in_org = client.get_org() org = Org(client, resource=logged_in_org) v = org.get_vdc('OVD2') vdc = VDC(client, href=v.get('href')) vapp = vdc.get_vapp('cento_vapp11_2') nconfig_section = vapp.NetworkConfigSection nconfig = nconfig_section.findall( "{http://www.vmware.com/vcloud/v1.5}NetworkConfig") for i in range(0, len(nconfig)): print(nconfig[i].get('networkName')) ##print(etree.tostring(nconfig[0], pretty_print=True)) #pRes= catalog.isPresent(client,"c1") # res=catalog.create(client,"c44","c44",True) #logging.info(" is create ===== \n \n "+ str(res.created)+ "\n \n ") #logging.info("\n\n=====callling upload ova===\n") #catalog_item.upload_ova(client,"c44","/home/iso/tiny.ova",item_name="tiny3.ova") #logging.info("\n\n=====upload done ===\n ") #logging.info(" Delete ===== \n \n "+ str(catalog.delete(client,"c3").deleted)+ "\n \n ") #logging.info(" Delete ===== \n \n "+ str(catalog.delete(client,"c4").deleted)+ "\n \n ") #vappInfo=pyvcloudprovider_pb2.CreateVAppInfo() #vappInfo.name="vappacc2" #vappInfo.catalog_name="c1" #vappInfo.template_name="cento_tmpl1" #vapp.create(client,vappInfo) #delVappInfo=pyvcloudprovider_pb2.DeleteVAppInfo() #delVappInfo.name="vappacc2" #vapp.delete(client,delVappInfo) #ovaInfo=pyvcloudprovider_pb2.CatalogUploadOvaInfo() #ovaInfo.item_name="item1" #ovaInfo.catalog_name="testcata1" #ovaInfo.file_path="/Users/srinarayana/vmws/tiny.ova" # catalog_item.ova_check_resolved(client,ovaInfo) #vappInfo.template_name="cento_tmpl1" #vapp.create(client,vappInfo) return client except Exception as e: print('error occured', e)
def init_environment(config_filepath=BASE_CONFIG_FILEPATH): """Set up module variables according to config dict. :param str config_filepath: """ global AMQP_USERNAME, AMQP_PASSWORD, CLIENT, ORG_HREF, VDC_HREF, \ CATALOG_NAME, TEARDOWN_INSTALLATION, TEARDOWN_CLUSTERS, \ TEMPLATE_DEFINITIONS, TEST_ALL_TEMPLATES, SYS_ADMIN_LOGIN_CMD, \ ORG_ADMIN_LOGIN_CMD, VAPP_AUTHOR_LOGIN_CMD, USER_LOGIN_CMD_MAP config = testutils.yaml_to_dict(config_filepath) rtm = RemoteTemplateManager( config['broker']['remote_template_cookbook_url']) template_cookbook = rtm.get_remote_template_cookbook() TEMPLATE_DEFINITIONS = template_cookbook['templates'] rtm.download_all_template_scripts(force_overwrite=True) CLIENT = Client(config['vcd']['host'], api_version=config['vcd']['api_version'], verify_ssl_certs=config['vcd']['verify']) credentials = BasicLoginCredentials(config['vcd']['username'], SYSTEM_ORG_NAME, config['vcd']['password']) CLIENT.set_credentials(credentials) org = pyvcloud_utils.get_org(CLIENT, org_name=config['broker']['org']) vdc = pyvcloud_utils.get_vdc(CLIENT, vdc_name=config['broker']['vdc'], org=org) ORG_HREF = org.href VDC_HREF = vdc.href CATALOG_NAME = config['broker']['catalog'] AMQP_USERNAME = config['amqp']['username'] AMQP_PASSWORD = config['amqp']['password'] SYS_ADMIN_LOGIN_CMD = f"login {config['vcd']['host']} system " \ f"{config['vcd']['username']} " \ f"-iwp {config['vcd']['password']} " \ f"-V {config['vcd']['api_version']}" ORG_ADMIN_LOGIN_CMD = f"login {config['vcd']['host']} " \ f"{config['broker']['org']}" \ f" {ORG_ADMIN_NAME} -iwp {ORG_ADMIN_PASSWORD} " \ f"-V {config['vcd']['api_version']}" VAPP_AUTHOR_LOGIN_CMD = f"login {config['vcd']['host']} " \ f"{config['broker']['org']} " \ f"{VAPP_AUTHOR_NAME} -iwp {VAPP_AUTHOR_PASSWORD}" \ f" -V {config['vcd']['api_version']}" USER_LOGIN_CMD_MAP = { 'sys_admin': SYS_ADMIN_LOGIN_CMD, 'org_admin': ORG_ADMIN_LOGIN_CMD, 'vapp_author': VAPP_AUTHOR_LOGIN_CMD } test_config = config.get('test') if test_config is not None: TEARDOWN_INSTALLATION = test_config.get('teardown_installation', True) TEARDOWN_CLUSTERS = test_config.get('teardown_clusters', True) TEST_ALL_TEMPLATES = test_config.get('test_all_templates', False)
def init_environment(config_filepath=BASE_CONFIG_FILEPATH): """Set up module variables according to config dict. :param str config_filepath: """ global AMQP_USERNAME, AMQP_PASSWORD, CLIENT, ORG_HREF, VDC_HREF, \ CATALOG_NAME, TEARDOWN_INSTALLATION, TEARDOWN_CLUSTERS, \ TEST_ALL_TEMPLATES config = testutils.yaml_to_dict(config_filepath) CLIENT = Client(config['vcd']['host'], api_version=config['vcd']['api_version'], verify_ssl_certs=config['vcd']['verify']) credentials = BasicLoginCredentials(config['vcd']['username'], utils.SYSTEM_ORG_NAME, config['vcd']['password']) CLIENT.set_credentials(credentials) org = utils.get_org(CLIENT, org_name=config['broker']['org']) vdc = utils.get_vdc(CLIENT, config['broker']['vdc'], org=org) ORG_HREF = org.href VDC_HREF = vdc.href CATALOG_NAME = config['broker']['catalog'] AMQP_USERNAME = config['amqp']['username'] AMQP_PASSWORD = config['amqp']['password'] test_config = config.get('test') if test_config is not None: TEARDOWN_INSTALLATION = test_config.get('teardown_installation', True) TEARDOWN_CLUSTERS = test_config.get('teardown_clusters', True) TEST_ALL_TEMPLATES = test_config.get('test_all_templates', False)
class VcdAnsibleModule(AnsibleModule): def __init__(self, *args, **kwargs): argument_spec = vcd_argument_spec() argument_spec.update(kwargs.get('argument_spec', dict())) kwargs['argument_spec'] = argument_spec super(VcdAnsibleModule, self).__init__(*args, **kwargs) self.login() def login(self): try: user = self.params.get('user') password = self.params.get('password') org = self.params.get('org') host = self.params.get('host') api_version = self.params.get('api_version') verify_ssl_certs = self.params.get('verify_ssl_certs') # giving more precedence to module level details user = user if user else os.environ['env_user'] password = password if password else os.environ['env_password'] host = host if host else os.environ['env_host'] org = org if org else os.environ['env_org'] api_version = api_version if api_version else os.environ[ 'env_api_version'] verify_ssl_certs = verify_ssl_certs if verify_ssl_certs else os.environ[ 'env_verify_ssl_certs'] verify_ssl_certs = False if verify_ssl_certs == "False" else True self.client = Client(host, api_version=api_version, verify_ssl_certs=verify_ssl_certs) self.client.set_credentials( BasicLoginCredentials(user, org, password)) except Exception as error: error = 'Login failed for user {} to org {}' raise VCDLoginError(error.format(user, org)) def execute_task(self, task): task_monitor = self.client.get_task_monitor() task_state = task_monitor.wait_for_status(task=task, timeout=60, poll_frequency=2, fail_on_statuses=None, expected_target_statuses=[ TaskStatus.SUCCESS, TaskStatus.ABORTED, TaskStatus.ERROR, TaskStatus.CANCELED ], callback=None) task_status = task_state.get('status') if task_status != TaskStatus.SUCCESS.value: raise Exception(etree.tostring(task_state, pretty_print=True)) return 1
def login(user, org, password): requests.packages.urllib3.disable_warnings() client = Client(host, api_version='29.0', verify_ssl_certs=False, log_file='pyvcloud.log', log_requests=True, log_headers=True, log_bodies=True) client.set_credentials(BasicLoginCredentials(user, org, password)) return client
def client(self): if self._client is None: self._client = Client( self.endpoint, api_version=self.api_version, verify_ssl_certs=False, ) self.client.set_credentials( BasicLoginCredentials(self.username, self.organization, self.password)) return self._client
def get_cloudapi_client_from_vcd_client(client: vcd_client.Client, logger_debug=NULL_LOGGER, logger_wire=NULL_LOGGER): token = client.get_access_token() return cloud_api_client.CloudApiClient( base_url=client.get_cloudapi_uri(), token=token, api_version=client.get_api_version(), logger_debug=logger_debug, logger_wire=logger_wire, verify_ssl=client._verify_ssl_certs, is_sys_admin=client.is_sysadmin())
def get_all_ovdcs(client: vcd_client.Client): if client.is_sysadmin(): # use adminOrgVdc in typed query query = client.get_typed_query( vcd_client.ResourceType.ADMIN_ORG_VDC.value, query_result_format=vcd_client.QueryResultFormat.ID_RECORDS) else: # use orgVdc in typed query query = client.get_typed_query( vcd_client.ResourceType.ORG_VDC.value, query_result_format=vcd_client.QueryResultFormat.ID_RECORDS) return list(query.execute())
def check_config(config_file_name, template='*'): click.secho('Validating CSE on vCD from file: %s' % config_file_name) config = get_config(config_file_name) validate_broker_config_elements(config['broker']) amqp = config['amqp'] credentials = pika.PlainCredentials(amqp['username'], amqp['password']) parameters = pika.ConnectionParameters( amqp['host'], amqp['port'], '/', credentials, ssl=amqp['ssl']) connection = pika.BlockingConnection(parameters) click.echo('Connected to AMQP server (%s:%s): %s' % (amqp['host'], amqp['port'], bool_to_msg(connection.is_open))) connection.close() v = VSphere( config['vcs']['host'], config['vcs']['username'], config['vcs']['password'], port=int(config['vcs']['port'])) v.connect() click.echo('Connected to vCenter Server as %s ' '(%s:%s): %s' % (config['vcs']['username'], config['vcs']['host'], config['vcs']['port'], bool_to_msg(True))) if not config['vcd']['verify']: click.secho( 'InsecureRequestWarning: ' 'Unverified HTTPS request is being made. ' 'Adding certificate verification is strongly ' 'advised.', fg='yellow', err=True) requests.packages.urllib3.disable_warnings() client = Client( config['vcd']['host'], api_version=config['vcd']['api_version'], verify_ssl_certs=config['vcd']['verify'], log_file='cse.log', log_headers=True, log_bodies=True) client.set_credentials( BasicLoginCredentials(config['vcd']['username'], 'System', config['vcd']['password'])) click.echo('Connected to vCloud Director as system ' 'administrator (%s:%s): %s' % (config['vcd']['host'], config['vcd']['port'], bool_to_msg(True))) click.secho('Validating \'%s\' service broker' % config['broker']['type']) if config['broker']['type'] == 'default': validate_broker_config_content(config, client, template) return config
def get_vsphere(config, vapp, vm_name, logger=None): """Get the VSphere object for a specific VM inside a VApp. :param dict config: CSE config as a dictionary :param pyvcloud.vcd.vapp.VApp vapp: VApp used to get the VM ID. :param str vm_name: :param logging.Logger logger: optional logger to log with. :return: VSphere object for a specific VM inside a VApp :rtype: vsphere_guest_run.vsphere.VSphere """ global cache # get vm id from vm resource vm_id = vapp.get_vm(vm_name).get('id') if vm_id not in cache: client = Client(uri=config['vcd']['host'], api_version=config['vcd']['api_version'], verify_ssl_certs=config['vcd']['verify'], log_headers=True, log_bodies=True) credentials = BasicLoginCredentials(config['vcd']['username'], SYSTEM_ORG_NAME, config['vcd']['password']) client.set_credentials(credentials) # must recreate vapp, or cluster creation fails vapp = VApp(client, href=vapp.href) vm_resource = vapp.get_vm(vm_name) vm_sys = VM(client, resource=vm_resource) vcenter_name = vm_sys.get_vc() platform = Platform(client) vcenter = platform.get_vcenter(vcenter_name) vcenter_url = urlparse(vcenter.Url.text) cache_item = { 'hostname': vcenter_url.hostname, 'port': vcenter_url.port } for vc in config['vcs']: if vc['name'] == vcenter_name: cache_item['username'] = vc['username'] cache_item['password'] = vc['password'] break cache[vm_id] = cache_item if logger: logger.debug(f"VM ID: {vm_id}, Hostname: {cache[vm_id]['hostname']}") return VSphere(cache[vm_id]['hostname'], cache[vm_id]['username'], cache[vm_id]['password'], cache[vm_id]['port'])
def connect_vcd_user_via_token(tenant_auth_token): server_config = get_server_runtime_config() vcd_uri = server_config['vcd']['host'] version = server_config['vcd']['api_version'] verify_ssl_certs = server_config['vcd']['verify'] client_tenant = Client(uri=vcd_uri, api_version=version, verify_ssl_certs=verify_ssl_certs, log_file=SERVER_DEBUG_WIRELOG_FILEPATH, log_requests=True, log_headers=True, log_bodies=True) session = client_tenant.rehydrate_from_token(tenant_auth_token) return (client_tenant, session)
def _connect_sysadmin(self): if not self.verify: LOGGER.warning('InsecureRequestWarning: ' 'Unverified HTTPS request is being made. ' 'Adding certificate verification is strongly ' 'advised.') requests.packages.urllib3.disable_warnings() self.client_sysadmin = Client(uri=self.host, api_version=self.version, verify_ssl_certs=self.verify, log_headers=True, log_bodies=True) self.client_sysadmin.set_credentials( BasicLoginCredentials(self.username, 'System', self.password))
def connect_tenant(self, headers): token = headers.get('x-vcloud-authorization') accept_header = headers.get('Accept') version = accept_header.split('version=')[1] client_tenant = Client(uri=self.config['vcd']['host'], api_version=version, verify_ssl_certs=self.config['vcd']['verify'], log_headers=True, log_bodies=True) session = client_tenant.rehydrate_from_token(token) return ( client_tenant, session, )
def __new__(cls, client: vcd_client.Client, k8_runtime=None): """Create the right cluster class for the negotiated API version. In case of ApiVersion.VERSION_35, return specific instance if the cluster kind is known up-front. If the cluster entity kind is unknown, return instance of DefEntityCluster for all common operations like get_cluster_info(), list_clusters() :param pyvcloud.vcd.client client: vcd client :param dict cluster_config: cluster configuration :return: instance of version specific client side cluster """ api_version = client.get_api_version() if float(api_version) < float( vcd_client.ApiVersion.VERSION_35.value): # noqa: E501 return LegacyClusterNative(client) elif float(api_version) >= float( vcd_client.ApiVersion.VERSION_35.value): # noqa: E501 if k8_runtime == ClusterEntityKind.NATIVE.value or k8_runtime == ClusterEntityKind.TKG_PLUS.value: # noqa: E501 return DEClusterNative(client) elif k8_runtime == ClusterEntityKind.TKG.value: return DEClusterTKG(client) else: return DECluster(client)
def get_missing_rights_for_cluster_force_delete(client: vcd_client.Client, is_cluster_owner=False, logger=NULL_LOGGER) -> set: """ Find the missing rights for force-deleting the cluster. :param vcd_client.Client client: current client :param bool is_cluster_owner: true if the client is cluster owner :param logging.Logger logger: logger to record errors. :return: all missing rights :rtype: set :raises: OperationNotSupportedException :raises: Exception for any unexpected errors """ role_name = "" try: role_name = get_user_role_name(client) org_obj = vcd_org.Org(client, resource=client.get_org()) role_obj = vcd_role.Role( client, resource=org_obj.get_role_resource(role_name)) # noqa: E501 logger.debug(f"role_name:{role_name}") role_rights = set() for right_dict in role_obj.list_rights(): role_rights.update(right_dict.values()) logger.debug(f"rights of role:{role_name}--{role_rights}") missing_rights = set() if not server_constants.VAPP_DELETE_RIGHTS.issubset(role_rights): missing_rights.update(server_constants.VAPP_DELETE_RIGHTS) if not server_constants.DNAT_DELETE_RIGHTS.issubset(role_rights): missing_rights.update(server_constants.DNAT_DELETE_RIGHTS) if is_cluster_owner: if not server_constants.CSE_NATIVE_CLUSTER_FULL_ACCESS_RIGHTS.issubset( role_rights ) and not server_constants.CSE_NATIVE_CLUSTER_ADMINISTRATOR_FULL_ACCESS_RIGHTS.issubset( role_rights): # noqa: E501 missing_rights.update( server_constants.CSE_NATIVE_CLUSTER_FULL_ACCESS_RIGHTS ) # noqa: E501 else: if not server_constants.CSE_NATIVE_CLUSTER_ADMINISTRATOR_FULL_ACCESS_RIGHTS.issubset( role_rights): # noqa: E501 missing_rights.update( server_constants. CSE_NATIVE_CLUSTER_ADMINISTRATOR_FULL_ACCESS_RIGHTS ) # noqa: E501 except OperationNotSupportedException as err: logger.warning( f"Cannot determine the rights associated with role:{role_name} {err}" ) # noqa: E501 raise except Exception as err: logger.warning( f"Cannot determine the rights associated with role:{role_name} {err}" ) # noqa: E501 raise logger.debug(f"missing rights of role:{role_name}--{missing_rights}") return missing_rights
def vcd_login(host, user, password, org): logging.basicConfig(level=logging.DEBUG) logging.info("login called") client = Client(host, api_version="27.0", verify_ssl_certs=False, log_file='vcd.log', log_requests=True, log_headers=True, log_bodies=True) try: client.set_credentials(BasicLoginCredentials(user, org, password)) return client except Exception as e: print('error occured', e)
def _authenticate(self): _password = self.templar.template(self.get_option('password')) if not _password: raise AnsibleError(f"Password returned None. Check and try again.") try: self.client = Client( self.get_option('host'), api_version=self.get_option('api_version'), verify_ssl_certs=self.get_option('verify_ssl_certs'), log_file=None) self.client.set_credentials( BasicLoginCredentials(self.get_option('user'), self.get_option('org'), _password)) except Exception as e: raise AnsibleError(f"Failed to login to endpoint. MSG: {e}")
def get_org_name_from_ovdc_id(sysadmin_client: vcd_client.Client, vdc_id): """Get org_name from vdc_id using OVDC_TO_ORG_MAP. Update OVDC_TO_ORG_MAP for new {org_name:vdc_id} pair :param vdc_id: unique ovdc id :return: org_name :rtype: str """ raise_error_if_not_sysadmin(sysadmin_client) if vdc_id in OVDC_TO_ORG_MAP: return OVDC_TO_ORG_MAP.get(vdc_id) vdc_href = f"{sysadmin_client.get_api_uri()}/vdc/{vdc_id}" vdc_resource = sysadmin_client.get_resource(get_admin_href(vdc_href)) vdc_obj = VDC(sysadmin_client, resource=vdc_resource) link = vcd_client.find_link(vdc_obj.get_resource(), vcd_client.RelationType.UP, vcd_client.EntityType.ADMIN_ORG.value) org = vcd_org.Org(sysadmin_client, href=link.href) OVDC_TO_ORG_MAP[vdc_id] = org.get_name() return org.get_name()
def get_cloudapi_client_from_vcd_client(client: vcd_client.Client, logger_debug=NULL_LOGGER, logger_wire=NULL_LOGGER): token = client.get_access_token() is_jwt = True if not token: token = client.get_xvcloud_authorization_token() is_jwt = False return cloudApiClient.CloudApiClient(base_url=client.get_cloudapi_uri(), token=token, is_jwt_token=is_jwt, api_version=client.get_api_version(), logger_debug=logger_debug, logger_wire=logger_wire, verify_ssl=client._verify_ssl_certs, is_sys_admin=client.is_sysadmin())
def get_org_name_href_from_ovdc_id(sysadmin_client: vcd_client.Client, vdc_id): """Get org name and href from vdc_id using OVDC_TO_ORG_MAP. Update OVDC_TO_ORG_MAP for new vdc_id :param vdc_id: unique ovdc id :return: org's name and href :rtype: dict """ raise_error_if_user_not_from_system_org(sysadmin_client) if vdc_id in OVDC_TO_ORG_MAP: return OVDC_TO_ORG_MAP.get(vdc_id) vdc_href = f"{sysadmin_client.get_api_uri()}/vdc/{vdc_id}" vdc_resource = sysadmin_client.get_resource(get_admin_href(vdc_href)) vdc_obj = VDC(sysadmin_client, resource=vdc_resource) link = vcd_client.find_link(vdc_obj.get_resource(), vcd_client.RelationType.UP, vcd_client.EntityType.ADMIN_ORG.value) org_href = link.href org = vcd_org.Org(sysadmin_client, href=org_href) org_name = org.get_name() result = {'name': org_name, 'href': org_href} OVDC_TO_ORG_MAP[vdc_id] = result return result
def setUpClass(cls): config_file = 'config.yml' if 'VCD_TEST_CONFIG_FILE' in os.environ: config_file = os.environ['VCD_TEST_CONFIG_FILE'] with open(config_file, 'r') as f: cls.config = yaml.safe_load(f) if not cls.config['vcd']['verify'] and \ cls.config['vcd']['disable_ssl_warnings']: requests.packages.urllib3.disable_warnings() cls.client = Client( cls.config['vcd']['host'], api_version=cls.config['vcd']['api_version'], verify_ssl_certs=cls.config['vcd']['verify'], log_file='pyvcloud.log', log_requests=True, log_headers=True, log_bodies=True) cls.client.set_credentials( BasicLoginCredentials(cls.config['vcd']['user'], cls.config['vcd']['org'], cls.config['vcd']['password'])) logging.basicConfig( filename='tests.log', level=logging.DEBUG, format='%(asctime)s %(name)-12s %(lineno)s ' '%(levelname)-8s %(message)s', datefmt='%m-%d %H:%M:%S') cls.logger = logging.getLogger(__name__)
class VcdAnsibleModule(AnsibleModule): def __init__(self, *args, **kwargs): argument_spec = vcd_argument_spec() argument_spec.update(kwargs.get('argument_spec', dict())) kwargs['argument_spec'] = argument_spec super(VcdAnsibleModule, self).__init__(*args, **kwargs) self.login() def login(self): try: user = self.params.get('user') password = self.params.get('password') org = self.params.get('org') host = self.params.get('host') api_version = self.params.get('api_version') verify_ssl_certs = self.params.get('verify_ssl_certs') self.client = Client(host, api_version=api_version, verify_ssl_certs=verify_ssl_certs) self.client.set_credentials( BasicLoginCredentials(user, org, password)) except Exception as error: self.fail_json( msg='Login failed for user {} to org {}'.format(user, org)) def execute_task(self, task): task_monitor = self.client.get_task_monitor() task_state = task_monitor.wait_for_status(task=task, timeout=60, poll_frequency=2, fail_on_statuses=None, expected_target_statuses=[ TaskStatus.SUCCESS, TaskStatus.ABORTED, TaskStatus.ERROR, TaskStatus.CANCELED ], callback=None) task_status = task_state.get('status') if task_status != TaskStatus.SUCCESS.value: raise Exception(etree.tostring(task_state, pretty_print=True)) return 1
def vcd_login(host, user, password, org): logging.basicConfig(level=logging.DEBUG) logging.info("login called") client = Client( host, api_version="27.0", verify_ssl_certs=False, log_file='vcd.log', log_requests=True, log_headers=True, log_bodies=True) try: client.set_credentials(BasicLoginCredentials(user, org, password)) return client except Exception as e: print('error occured', e)
class VcdAnsibleModule(AnsibleModule): def __init__(self, *args, **kwargs): argument_spec = vcd_argument_spec() argument_spec.update(kwargs.get('argument_spec', dict())) kwargs['argument_spec'] = argument_spec super(VcdAnsibleModule, self).__init__(*args, **kwargs) self.login() def login(self): try: user = self.params.get('user') password = self.params.get('password') org = self.params.get('org') host = self.params.get('host') api_version = self.params.get('api_version') verify_ssl_certs = self.params.get('verify_ssl_certs') self.client = Client(host, api_version=api_version, verify_ssl_certs=verify_ssl_certs) self.client.set_credentials(BasicLoginCredentials(user, org, password)) except Exception as error: error = 'Login failed for user {} to org {}' raise VCDLoginError(error.format(user, org)) def execute_task(self, task): task_monitor = self.client.get_task_monitor() task_state = task_monitor.wait_for_status( task=task, timeout=60, poll_frequency=2, fail_on_statuses=None, expected_target_statuses=[ TaskStatus.SUCCESS, TaskStatus.ABORTED, TaskStatus.ERROR, TaskStatus.CANCELED ], callback=None) task_status = task_state.get('status') if task_status != TaskStatus.SUCCESS.value: raise Exception(etree.tostring(task_state, pretty_print=True)) return 1
def vcd_login_with_token(host): logging.basicConfig(level=logging.DEBUG) logging.info("INIT vcd_login_with_token") profiles = Profiles.load() token = profiles.get('token') client = Client( host, api_version="27.0", verify_ssl_certs=False, log_file='vcd.log', log_requests=True, log_headers=True, log_bodies=True) try: client.rehydrate_from_token(token) x = client._session.headers['x-vcloud-authorization'] logging.info(" ===== X VCloud ========\n \n" + x + "\n \n") except Exception as e: print('error occured', e)
def vcd_login(context, lc): logging.info("__INIT__vcd_login [%s]", lc) login_path = "" client = Client( lc.ip, api_version="27.0", verify_ssl_certs=not lc.allow_insecure_flag, log_file='vcd.log', log_requests=True, log_headers=True, log_bodies=True) try: if lc.use_vcd_cli_profile: login_path = "rehydrate_from_token" profiles = Profiles.load() token = profiles.get('token') client.rehydrate_from_token(token) else: login_path = "set_credentials" client.set_credentials( BasicLoginCredentials(lc.username, lc.org, lc.password)) vref = VCDClientRef() vref.set_ref(client) logging.debug('LOGIN VIA :[{0}] ARG :[{1}]'.format( login_path, str(lc))) return client except Exception as e: traceback.print_exc() error_message = 'ERROR IN LOGIN .. Exception [{0}] LOGIN VIA :[{1}] ARG :[{2}]'.format( str(e), login_path, str(lc)) error_message = error_message.replace('\n', ' ') context.set_code(grpc.StatusCode.INVALID_ARGUMENT) context.set_details(error_message) raise
def restore_session(ctx, vdc_required=False): if type( ctx.obj ) is dict and 'client' in ctx.obj and ctx.obj['client'] is not None: return profiles = Profiles.load() token = profiles.get('token') if token is None or len(token) == 0: raise Exception('Can\'t restore session, please login again.') if not profiles.get('verify'): if profiles.get('disable_warnings'): pass else: click.secho( 'InsecureRequestWarning: ' 'Unverified HTTPS request is being made. ' 'Adding certificate verification is strongly ' 'advised.', fg='yellow', err=True) requests.packages.urllib3.disable_warnings() client = Client( profiles.get('host'), api_version=profiles.get('api_version'), verify_ssl_certs=profiles.get('verify'), log_file='vcd.log', log_requests=profiles.get('log_request'), log_headers=profiles.get('log_header'), log_bodies=profiles.get('log_body')) client.rehydrate(profiles) ctx.obj = {} ctx.obj['client'] = client ctx.obj['profiles'] = profiles if vdc_required: if not ctx.obj['profiles'].get('vdc_in_use') or \ not ctx.obj['profiles'].get('vdc_href'): raise Exception('select a virtual datacenter')
def login(self): try: user = self.params.get('user') password = self.params.get('password') org = self.params.get('org') host = self.params.get('host') api_version = self.params.get('api_version') verify_ssl_certs = self.params.get('verify_ssl_certs') self.client = Client(host, api_version=api_version, verify_ssl_certs=verify_ssl_certs) self.client.set_credentials(BasicLoginCredentials(user, org, password)) except Exception as error: error = 'Login failed for user {} to org {}' raise VCDLoginError(error.format(user, org))
# Load the YAML configuration and convert to an object with properties for # top-level entries. Values are either scalar variables, dictionaries, # or lists depending on the structure of the YAML. with open(config_yaml, "r") as config_file: config_dict = yaml.safe_load(config_file) cfg = namedtuple('ConfigObject', config_dict.keys())(**config_dict) # Disable warnings from self-signed certificates. requests.packages.urllib3.disable_warnings() # Login. SSL certificate verification is turned off to allow self-signed # certificates. You should only do this in trusted environments. print("Logging in...") client = Client(cfg.vcd_host, verify_ssl_certs=False, log_file='pyvcloud.log', log_requests=True, log_headers=True, log_bodies=True) client.set_highest_supported_version() client.set_credentials(BasicLoginCredentials(cfg.vcd_admin_user, "System", cfg.vcd_admin_password)) # Ensure the org exists. print("Fetching org...") try: # This call gets a record that we can turn into an Org class. org_record = client.get_org_by_name(cfg.org) org = Org(client, href=org_record.get('href')) print("Org already exists: {0}".format(org.get_name())) except Exception: print("Org does not exist, creating: {0}".format(cfg.org))
def vcd_login(host, user, password, org): logging.basicConfig(level=logging.DEBUG) logging.info("login called") client = Client( host, api_version="27.0", verify_ssl_certs=False, log_file='vcd.log', log_requests=True, log_headers=True, log_bodies=True) try: client.set_credentials(BasicLoginCredentials(user, org, password)) x = client._session.headers['x-vcloud-authorization'] logging.info(" ===== X VCloud ========\n \n" + x + "\n \n") logged_in_org = client.get_org() org = Org(client, resource=logged_in_org) v = org.get_vdc('OVD2') vdc = VDC(client, href=v.get('href')) vapp = vdc.get_vapp('cento_vapp11_2') nconfig_section = vapp.NetworkConfigSection nconfig = nconfig_section.findall( "{http://www.vmware.com/vcloud/v1.5}NetworkConfig") for i in range(0, len(nconfig)): print(nconfig[i].get('networkName')) ##print(etree.tostring(nconfig[0], pretty_print=True)) #pRes= catalog.isPresent(client,"c1") # res=catalog.create(client,"c44","c44",True) #logging.info(" is create ===== \n \n "+ str(res.created)+ "\n \n ") #logging.info("\n\n=====callling upload ova===\n") #catalog_item.upload_ova(client,"c44","/home/iso/tiny.ova",item_name="tiny3.ova") #logging.info("\n\n=====upload done ===\n ") #logging.info(" Delete ===== \n \n "+ str(catalog.delete(client,"c3").deleted)+ "\n \n ") #logging.info(" Delete ===== \n \n "+ str(catalog.delete(client,"c4").deleted)+ "\n \n ") #vappInfo=pyvcloudprovider_pb2.CreateVAppInfo() #vappInfo.name="vappacc2" #vappInfo.catalog_name="c1" #vappInfo.template_name="cento_tmpl1" #vapp.create(client,vappInfo) #delVappInfo=pyvcloudprovider_pb2.DeleteVAppInfo() #delVappInfo.name="vappacc2" #vapp.delete(client,delVappInfo) #ovaInfo=pyvcloudprovider_pb2.CatalogUploadOvaInfo() #ovaInfo.item_name="item1" #ovaInfo.catalog_name="testcata1" #ovaInfo.file_path="/Users/srinarayana/vmws/tiny.ova" # catalog_item.ova_check_resolved(client,ovaInfo) #vappInfo.template_name="cento_tmpl1" #vapp.create(client,vappInfo) return client except Exception as e: print('error occured', e)
sys.exit(1) vcd_host = sys.argv[1] org = sys.argv[2] user = sys.argv[3] password = sys.argv[4] # Disable warnings from self-signed certificates. requests.packages.urllib3.disable_warnings() # Login. SSL certificate verification is turned off to allow self-signed # certificates. You should only do this in trusted environments. print("Logging in: host={0}, org={1}, user={2}".format(vcd_host, org, user)) client = Client(vcd_host, api_version='29.0', verify_ssl_certs=False, log_file='pyvcloud.log', log_requests=True, log_headers=True, log_bodies=True) client.set_credentials(BasicLoginCredentials(user, org, password)) print("Fetching vCD installation info...") results = client.get_resource( client._session_endpoints[_WellKnownEndpoint.ADMIN]) for k, v in results.items(): print("Key: {0} Value: {1}".format(k, v)) # Log out. print("Logging out") client.logout()
user = sys.argv[3] password = sys.argv[4] vdc = sys.argv[5] vapp = sys.argv[6] vm = sys.argv[7] # Disable warnings from self-signed certificates. requests.packages.urllib3.disable_warnings() # Login. SSL certificate verification is turned off to allow self-signed # certificates. You should only do this in trusted environments. print("Logging in: host={0}, org={1}, user={2}".format(host, org, user)) client = Client(host, api_version='27.0', verify_ssl_certs=False, log_file='pyvcloud.log', log_requests=True, log_headers=True, log_bodies=True) client.set_credentials(BasicLoginCredentials(user, org, password)) task_monitor = client.get_task_monitor() print("Fetching Org...") org_resource = client.get_org() org = Org(client, resource=org_resource) print("Fetching VDC...") vdc_resource = org.get_vdc(vdc) vdc = VDC(client, resource=vdc_resource) print("Fetching vApp...")
# Collect arguments. if len(sys.argv) != 5: print("Usage: python3 {0} host org user password".format(sys.argv[0])) sys.exit(1) host = sys.argv[1] org = sys.argv[2] user = sys.argv[3] password = sys.argv[4] # Disable warnings from self-signed certificates. requests.packages.urllib3.disable_warnings() # Login. SSL certificate verification is turned off to allow self-signed # certificates. You should only do this in trusted environments. print("Logging in: host={0}, org={1}, user={2}".format(host, org, user)) client = Client(host, verify_ssl_certs=False) client.set_highest_supported_version() client.set_credentials(BasicLoginCredentials(user, org, password)) print("Fetching Org...") org = Org(client, resource=client.get_org()) print("Fetching VDCs...") for vdc_info in org.list_vdcs(): name = vdc_info['name'] href = vdc_info['href'] print("VDC name: {0}\n href: {1}".format( vdc_info['name'], vdc_info['href'])) vdc = VDC(client, resource=org.get_vdc(vdc_info['name'])) print("{0}{1}".format("Name".ljust(40), "Type")) print("{0}{1}".format("----".ljust(40), "----")) for resource in vdc.list_resources():
def login(ctx, user, host, password, api_version, org, verify_ssl_certs, disable_warnings, vdc, session_id, use_browser_session): """Login to vCloud Director \b Login to a vCloud Director service. \b Examples vcd login mysp.com org1 usr1 Login to host 'mysp.com'. \b vcd login test.mysp.com org1 usr1 -i -w Login to a host with self-signed SSL certificate. \b vcd login mysp.com org1 usr1 --use-browser-session Login using active session from browser. \b vcd login session list chrome List active session ids from browser. \b vcd login mysp.com org1 usr1 \\ --session-id ee968665bf3412d581bbc6192508eec4 Login using active session id. \b Environment Variables VCD_PASSWORD If this environment variable is set, the command will use its value as the password to login and will not ask for one. The --password option has precedence over the environment variable. """ if not verify_ssl_certs: if disable_warnings: pass else: click.secho( 'InsecureRequestWarning: ' 'Unverified HTTPS request is being made. ' 'Adding certificate verification is strongly ' 'advised.', fg='yellow', err=True) requests.packages.urllib3.disable_warnings() if host == 'session' and org == 'list': sessions = [] if user == 'chrome': cookies = browsercookie.chrome() for c in cookies: if c.name == 'vcloud_session_id': sessions.append({'host': c.domain, 'session_id': c.value}) stdout(sessions, ctx) return client = Client( host, api_version=api_version, verify_ssl_certs=verify_ssl_certs, log_file='vcd.log', log_requests=True, log_headers=True, log_bodies=True) try: if api_version is None: api_version = client.set_highest_supported_version() if session_id is not None or use_browser_session: if use_browser_session: browser_session_id = None cookies = browsercookie.chrome() for c in cookies: if c.name == 'vcloud_session_id' and \ c.domain == host: browser_session_id = c.value break if browser_session_id is None: raise Exception('Session not found in browser.') session_id = browser_session_id client.rehydrate_from_token(session_id) else: if password is None: password = click.prompt('Password', hide_input=True, type=str) client.set_credentials(BasicLoginCredentials(user, org, password)) wkep = {} for endpoint in _WellKnownEndpoint: if endpoint in client._session_endpoints: wkep[endpoint.name] = client._session_endpoints[endpoint] profiles = Profiles.load() logged_in_org = client.get_org() org_href = logged_in_org.get('href') vdc_href = '' in_use_vdc = '' if vdc is None: for v in get_links(logged_in_org, media_type=EntityType.VDC.value): in_use_vdc = v.name vdc_href = v.href break else: for v in get_links(logged_in_org, media_type=EntityType.VDC.value): if vdc == v.name: in_use_vdc = v.name vdc_href = v.href break if len(in_use_vdc) == 0: raise Exception('VDC not found') profiles.update( host, org, user, client._session.headers['x-vcloud-authorization'], api_version, wkep, verify_ssl_certs, disable_warnings, vdc=in_use_vdc, org_href=org_href, vdc_href=vdc_href, log_request=True, log_header=True, log_body=True, vapp='', vapp_href='') alt_text = '%s logged in, org: \'%s\', vdc: \'%s\'' % \ (user, org, in_use_vdc) stdout({ 'user': user, 'org': org, 'vdc': in_use_vdc, 'logged_in': True }, ctx, alt_text) except Exception as e: try: profiles = Profiles.load() profiles.set('token', '') except Exception: pass stderr(e, ctx)
#!/usr/bin/env python3 import os from pyvcloud.vcd.client import BasicLoginCredentials from pyvcloud.vcd.client import Client from pyvcloud.vcd.client import EntityType from pyvcloud.vcd.org import Org from pyvcloud.vcd.vdc import VDC import requests requests.packages.urllib3.disable_warnings() client = Client('bos1-vcd-sp-static-202-34.eng.vmware.com', verify_ssl_certs=False) client.set_highest_supported_version() client.set_credentials(BasicLoginCredentials('usr1', 'org1', 'ca$hc0w')) org = Org(client, resource=client.get_org()) vdc = VDC(client, resource=org.get_vdc('vdc1')) for resource in vdc.list_resources(): print('%s%s' % (resource['name'].ljust(40), resource['type'])) client.logout()