X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=osm_mon%2Fplugins%2FOpenStack%2Fcommon.py;h=09c911dc02f69c6fbf2707a37af286417183e3c0;hb=6eda48bf7489c00fee4e1f276404ab82db23fd1d;hp=4401d0a7f3e6bb40254a4e317c9e76170fa80602;hpb=0e57d11ebb85637f38dd92a791abd6fe4889a565;p=osm%2FMON.git diff --git a/osm_mon/plugins/OpenStack/common.py b/osm_mon/plugins/OpenStack/common.py index 4401d0a..09c911d 100644 --- a/osm_mon/plugins/OpenStack/common.py +++ b/osm_mon/plugins/OpenStack/common.py @@ -21,18 +21,21 @@ ## """Common methods for the OpenStack plugins.""" import json - import logging +import requests +import yaml +from keystoneauth1 import session +from keystoneauth1.identity import v3 from keystoneclient.v3 import client -from osm_mon.plugins.OpenStack.settings import Config - -import requests +from osm_mon.core.auth import AuthManager +from osm_mon.core.settings import Config __author__ = "Helena McGough" log = logging.getLogger(__name__) +cfg = Config.instance() class Common(object): @@ -40,74 +43,71 @@ class Common(object): def __init__(self): """Create the common instance.""" - self._auth_token = None - self._ks = None - self.openstack_url = None - self.user = None - self.password = None - self.tenant = None - - def _authenticate(self, message=None): - """Authenticate and/or renew the authentication token.""" - if self._auth_token is not None: - return self._auth_token - - if message is not None: - values = json.loads(message.value)['access_config'] - self.openstack_url = values['openstack_site'] - self.user = values['user'] - self.password = values['password'] - self.tenant = values['vim_tenant_name'] + @staticmethod + def get_auth_token(vim_uuid, verify_ssl=True): + """Authenticate and/or renew the authentication token.""" + auth_manager = AuthManager() + creds = auth_manager.get_credentials(vim_uuid) + sess = session.Session(verify=verify_ssl) + ks = client.Client(session=sess) + token_dict = ks.get_raw_token_from_identity_service(auth_url=creds.url, + username=creds.user, + password=creds.password, + project_name=creds.tenant_name, + project_domain_id='default', + user_domain_id='default') + return token_dict['auth_token'] + + @staticmethod + def get_endpoint(service_type, vim_uuid, verify_ssl=True): + """ + Gets the public endpoint for an OpenStack service in the configured region (default: RegionOne). + :param service_type: Service type name (eg. metric or alarming) + :param vim_uuid: VIM UUID generated by OSM + :param verify_ssl: If False, disables SSL validation. Useful when using self signed certs. + :return: Endpoint url string. + + :raises ValueError If it can't find services, or if it can find services but no endpoint for specified region. + """ + auth_manager = AuthManager() + creds = auth_manager.get_credentials(vim_uuid) + auth = v3.Password(auth_url=creds.url, + username=creds.user, + password=creds.password, + project_name=creds.tenant_name, + project_domain_id='default', + user_domain_id='default') + sess = session.Session(auth=auth, verify=verify_ssl) + ks = client.Client(session=sess, interface='public') + services = ks.services.list(type=service_type) + if not services: + raise ValueError("No services found for {}. Is the corresponding service enabled?".format(service_type)) + service = services[0] + endpoints = ks.endpoints.list(service) + endpoint_type = 'publicURL' + region_name = 'RegionOne' + if creds.config is not None: try: - # try to authenticate with supplied access_credentials - self._ks = client.Client(auth_url=self.openstack_url, - username=self.user, - password=self.password, - tenant_name=self.tenant) - self._auth_token = self._ks.auth_token - log.info("Authenticating with access_credentials from SO.") - return self._auth_token - except Exception as exc: - log.warn("Authentication failed with access_credentials: %s", - exc) - - else: - log.info("Access_credentials were not sent from SO.") - - # If there are no access_credentials or they fail use env variables - try: - cfg = Config.instance() - self._ks = client.Client(auth_url=cfg.OS_AUTH_URL, - username=cfg.OS_USERNAME, - password=cfg.OS_PASSWORD, - tenant_name=cfg.OS_TENANT_NAME) - log.info("Authenticating with environment varialbles.") - self._auth_token = self._ks.auth_token - except Exception as exc: - - log.warn("Authentication failed: %s", exc) - - self._auth_token = None + config = json.loads(creds.config) + except ValueError: + config = yaml.safe_load(creds.config) + if 'endpoint_type' in config: + endpoint_type = config['endpoint_type'] + if 'region_name' in config: + region_name = config['region_name'] + for endpoint in endpoints: + if endpoint.interface in endpoint_type and endpoint.region == region_name: + return endpoint.url + raise ValueError("No endpoints found for service {} in region {}".format(service_type, region_name)) + + @staticmethod + def perform_request(url, auth_token, + req_type=None, payload=None, params=None, verify_ssl=True): + """Perform the POST/PUT/GET/DELETE request.""" - return self._auth_token + timeout = cfg.REQUEST_TIMEOUT - def get_endpoint(self, service_type): - """Get the endpoint for Gnocchi/Aodh.""" - try: - return self._ks.service_catalog.url_for( - service_type=service_type, - endpoint_type='publicURL', - region_name='regionOne') - except Exception as exc: - log.warning("Failed to retreive endpoint for service due to: %s", - exc) - return None - - @classmethod - def _perform_request(cls, url, auth_token, - req_type=None, payload=None, params=None): - """Perform the POST/PUT/GET/DELETE request.""" # request headers headers = {'X-Auth-Token': auth_token, 'Content-type': 'application/json'} @@ -115,25 +115,25 @@ class Common(object): if req_type == "put": response = requests.put( url, data=payload, headers=headers, - timeout=1) + timeout=timeout, verify=verify_ssl) elif req_type == "get": response = requests.get( - url, params=params, headers=headers, timeout=1) + url, params=params, headers=headers, timeout=timeout, verify=verify_ssl) elif req_type == "delete": response = requests.delete( - url, headers=headers, timeout=1) + url, headers=headers, timeout=timeout, verify=verify_ssl) else: response = requests.post( url, data=payload, headers=headers, - timeout=1) + timeout=timeout, verify=verify_ssl) # Raises exception if there was an error try: response.raise_for_status() # pylint: disable=broad-except except Exception: - # Log out the result of the request for debugging purpose - log.debug( + # Log out the result of the request + log.warning( 'Result: %s, %s', response.status_code, response.text) return response