projects / osm / MON.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Adds support for OSMMON_DATABASE_COMMONKEY to decrypt vim passwords
[osm/MON.git] / osm_mon / plugins / OpenStack / Aodh / alarm_handler.py
1 # Copyright 2017 Intel Research and Development Ireland Limited
2 # *************************************************************
3
4 # This file is part of OSM Monitoring module
5 # All Rights Reserved to Intel Corporation
6
7 # Licensed under the Apache License, Version 2.0 (the "License"); you may
8 # not use this file except in compliance with the License. You may obtain
9 # a copy of the License at
10
11 # http://www.apache.org/licenses/LICENSE-2.0
12
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
16 # License for the specific language governing permissions and limitations
17 # under the License.
18
19 # For those usages not covered by the Apache License, Version 2.0 please
20 # contact: helena.mcgough@intel.com or adrian.hoban@intel.com
21 ##
22 """Carry out alarming requests via Aodh API."""
23
24 import json
25 import logging
26 from io import UnsupportedOperation
27
28 import six
29
30 from osm_mon.core.auth import AuthManager
31 from osm_mon.core.database import DatabaseManager
32 from osm_mon.core.settings import Config
33 from osm_mon.plugins.OpenStack.Gnocchi.metric_handler import METRIC_MAPPINGS
34 from osm_mon.plugins.OpenStack.common import Common
35 from osm_mon.plugins.OpenStack.response import OpenStackResponseBuilder
36
37 log = logging.getLogger(__name__)
38
39 SEVERITIES = {
40 "warning": "low",
41 "minor": "low",
42 "major": "moderate",
43 "critical": "critical",
44 "indeterminate": "critical"}
45
46 STATISTICS = {
47 "average": "mean",
48 "minimum": "min",
49 "maximum": "max",
50 "count": "count",
51 "sum": "sum"}
52
53
54 class OpenstackAlarmHandler(object):
55 """Carries out alarming requests and responses via Aodh API."""
56
57 def __init__(self):
58 """Create the OpenStack alarming instance."""
59 self._database_manager = DatabaseManager()
60 self._auth_manager = AuthManager()
61 self._cfg = Config.instance()
62
63 # Use the Response class to generate valid json response messages
64 self._response = OpenStackResponseBuilder()
65
66 def handle_message(self, key: str, values: dict, vim_uuid: str):
67 """
68 Processes alarm request message depending on it's key
69 :param key: Kafka message key
70 :param values: Dict containing alarm request data. Follows models defined in core.models.
71 :param vim_uuid: UUID of the VIM to handle the alarm request.
72 :return: Dict containing alarm response data. Follows models defined in core.models.
73 """
74
75 log.info("OpenStack alarm action required.")
76
77 verify_ssl = self._auth_manager.is_verify_ssl(vim_uuid)
78
79 auth_token = Common.get_auth_token(vim_uuid, verify_ssl=verify_ssl)
80
81 alarm_endpoint = Common.get_endpoint("alarming", vim_uuid, verify_ssl=verify_ssl)
82 metric_endpoint = Common.get_endpoint("metric", vim_uuid, verify_ssl=verify_ssl)
83
84 vim_account = self._auth_manager.get_credentials(vim_uuid)
85 vim_config = json.loads(vim_account.config)
86
87 if key == "create_alarm_request":
88 alarm_details = values['alarm_create_request']
89 alarm_id = None
90 status = False
91 try:
92 metric_name = alarm_details['metric_name'].lower()
93 resource_id = alarm_details['resource_uuid']
94
95 self.check_for_metric(auth_token, metric_endpoint, metric_name, resource_id, verify_ssl)
96
97 alarm_id = self.configure_alarm(
98 alarm_endpoint, auth_token, alarm_details, vim_config, verify_ssl)
99
100 log.info("Alarm successfully created")
101 self._database_manager.save_alarm(alarm_id,
102 vim_uuid,
103 alarm_details['threshold_value'],
104 alarm_details['operation'].lower(),
105 alarm_details['metric_name'].lower(),
106 alarm_details['vdu_name'].lower(),
107 alarm_details['vnf_member_index'],
108 alarm_details['ns_id'].lower()
109 )
110 status = True
111 except Exception as e:
112 log.exception("Error creating alarm")
113 raise e
114 finally:
115 return self._response.generate_response('create_alarm_response',
116 cor_id=alarm_details['correlation_id'],
117 status=status,
118 alarm_id=alarm_id)
119
120 elif key == "list_alarm_request":
121 list_details = values['alarm_list_request']
122 alarm_list = None
123 try:
124 alarm_list = self.list_alarms(
125 alarm_endpoint, auth_token, list_details, verify_ssl)
126 except Exception as e:
127 log.exception("Error listing alarms")
128 raise e
129 finally:
130 return self._response.generate_response('list_alarm_response',
131 cor_id=list_details['correlation_id'],
132 alarm_list=alarm_list)
133
134 elif key == "delete_alarm_request":
135 request_details = values['alarm_delete_request']
136 alarm_id = request_details['alarm_uuid']
137 status = False
138 try:
139 self.delete_alarm(
140 alarm_endpoint, auth_token, alarm_id, verify_ssl)
141 status = True
142 except Exception as e:
143 log.exception("Error deleting alarm")
144 raise e
145 finally:
146 return self._response.generate_response('delete_alarm_response',
147 cor_id=request_details['correlation_id'],
148 status=status,
149 alarm_id=alarm_id)
150
151 elif key == "acknowledge_alarm_request":
152 try:
153 alarm_id = values['ack_details']['alarm_uuid']
154
155 self.update_alarm_state(
156 alarm_endpoint, auth_token, alarm_id, verify_ssl)
157
158 log.info("Acknowledged the alarm and cleared it.")
159 except Exception as e:
160 log.exception("Error acknowledging alarm")
161 raise
162 finally:
163 return None
164
165 elif key == "update_alarm_request":
166 # Update alarm configurations
167 alarm_details = values['alarm_update_request']
168 alarm_id = None
169 status = False
170 try:
171 alarm_id = self.update_alarm(
172 alarm_endpoint, auth_token, alarm_details, vim_config, verify_ssl)
173 status = True
174 except Exception as e:
175 log.exception("Error updating alarm")
176 raise e
177 finally:
178 return self._response.generate_response('update_alarm_response',
179 cor_id=alarm_details['correlation_id'],
180 status=status,
181 alarm_id=alarm_id)
182
183 else:
184 raise UnsupportedOperation("Unknown key {}, no action will be performed.".format(key))
185
186 def configure_alarm(self, alarm_endpoint, auth_token, values, vim_config, verify_ssl):
187 """Create requested alarm in Aodh."""
188 url = "{}/v2/alarms/".format(alarm_endpoint)
189
190 # Check if the desired alarm is supported
191 alarm_name = values['alarm_name'].lower()
192 metric_name = values['metric_name'].lower()
193 resource_id = values['resource_uuid']
194
195 if metric_name not in METRIC_MAPPINGS.keys():
196 raise KeyError("Metric {} is not supported.".format(metric_name))
197
198 if 'granularity' in vim_config and 'granularity' not in values:
199 values['granularity'] = vim_config['granularity']
200 payload = self.check_payload(values, metric_name, resource_id,
201 alarm_name)
202 new_alarm = Common.perform_request(
203 url, auth_token, req_type="post", payload=payload, verify_ssl=verify_ssl)
204 return json.loads(new_alarm.text)['alarm_id']
205
206 def delete_alarm(self, endpoint, auth_token, alarm_id, verify_ssl):
207 """Delete alarm function."""
208 url = "{}/v2/alarms/%s".format(endpoint) % alarm_id
209
210 result = Common.perform_request(
211 url, auth_token, req_type="delete", verify_ssl=verify_ssl)
212 if str(result.status_code) == "404":
213 raise ValueError("Alarm {} doesn't exist".format(alarm_id))
214
215 def list_alarms(self, endpoint, auth_token, list_details, verify_ssl):
216 """Generate the requested list of alarms."""
217 url = "{}/v2/alarms/".format(endpoint)
218 a_list, name_list, sev_list, res_list = [], [], [], []
219
220 # TODO(mcgoughh): for now resource_id is a mandatory field
221 # Check for a resource id
222 try:
223 resource = list_details['resource_uuid']
224 name = list_details['alarm_name'].lower()
225 severity = list_details['severity'].lower()
226 sev = SEVERITIES[severity]
227 except KeyError as e:
228 log.warning("Missing parameter for alarm list request: %s", e)
229 raise e
230
231 # Perform the request to get the desired list
232 try:
233 result = Common.perform_request(
234 url, auth_token, req_type="get", verify_ssl=verify_ssl)
235
236 if result is not None:
237 # Get list based on resource id
238 for alarm in json.loads(result.text):
239 rule = alarm['gnocchi_resources_threshold_rule']
240 if resource == rule['resource_id']:
241 res_list.append(alarm['alarm_id'])
242
243 # Generate specified listed if requested
244 if name is not None and sev is not None:
245 log.info("Return a list of %s alarms with %s severity.",
246 name, sev)
247 for alarm in json.loads(result.text):
248 if name == alarm['name']:
249 name_list.append(alarm['alarm_id'])
250 for alarm in json.loads(result.text):
251 if sev == alarm['severity']:
252 sev_list.append(alarm['alarm_id'])
253 name_sev_list = list(set(name_list).intersection(sev_list))
254 a_list = list(set(name_sev_list).intersection(res_list))
255 elif name is not None:
256 log.info("Returning a %s list of alarms.", name)
257 for alarm in json.loads(result.text):
258 if name == alarm['name']:
259 name_list.append(alarm['alarm_id'])
260 a_list = list(set(name_list).intersection(res_list))
261 elif sev is not None:
262 log.info("Returning %s severity alarm list.", sev)
263 for alarm in json.loads(result.text):
264 if sev == alarm['severity']:
265 sev_list.append(alarm['alarm_id'])
266 a_list = list(set(sev_list).intersection(res_list))
267 else:
268 log.info("Returning an entire list of alarms.")
269 a_list = res_list
270 else:
271 log.info("There are no alarms!")
272 response_list = []
273 for alarm in json.loads(result.text):
274 if alarm['alarm_id'] in a_list:
275 response_list.append(alarm)
276 return response_list
277
278 except Exception as e:
279 log.exception("Failed to generate alarm list: ")
280 raise e
281
282 def update_alarm_state(self, endpoint, auth_token, alarm_id, verify_ssl):
283 """Set the state of an alarm to ok when ack message is received."""
284 url = "{}/v2/alarms/%s/state".format(endpoint) % alarm_id
285 payload = json.dumps("ok")
286
287 result = Common.perform_request(
288 url, auth_token, req_type="put", payload=payload, verify_ssl=verify_ssl)
289
290 return json.loads(result.text)
291
292 def update_alarm(self, endpoint, auth_token, values, vim_config, verify_ssl):
293 """Get alarm name for an alarm configuration update."""
294 # Get already existing alarm details
295 url = "{}/v2/alarms/%s".format(endpoint) % values['alarm_uuid']
296
297 # Gets current configurations about the alarm
298 result = Common.perform_request(
299 url, auth_token, req_type="get")
300 alarm_name = json.loads(result.text)['name']
301 rule = json.loads(result.text)['gnocchi_resources_threshold_rule']
302 alarm_state = json.loads(result.text)['state']
303 resource_id = rule['resource_id']
304 metric_name = [key for key, value in six.iteritems(METRIC_MAPPINGS) if value == rule['metric']][0]
305
306 # Generates and check payload configuration for alarm update
307 if 'granularity' in vim_config and 'granularity' not in values:
308 values['granularity'] = vim_config['granularity']
309 payload = self.check_payload(values, metric_name, resource_id,
310 alarm_name, alarm_state=alarm_state)
311
312 # Updates the alarm configurations with the valid payload
313 update_alarm = Common.perform_request(
314 url, auth_token, req_type="put", payload=payload, verify_ssl=verify_ssl)
315
316 return json.loads(update_alarm.text)['alarm_id']
317
318 def check_payload(self, values, metric_name, resource_id,
319 alarm_name, alarm_state=None):
320 """Check that the payload is configuration for update/create alarm."""
321 cfg = Config.instance()
322 # Check state and severity
323
324 severity = 'critical'
325 if 'severity' in values:
326 severity = values['severity'].lower()
327
328 if severity == "indeterminate":
329 alarm_state = "insufficient data"
330 if alarm_state is None:
331 alarm_state = "ok"
332
333 statistic = values['statistic'].lower()
334
335 granularity = cfg.OS_DEFAULT_GRANULARITY
336 if 'granularity' in values:
337 granularity = values['granularity']
338
339 resource_type = 'generic'
340 if 'resource_type' in values:
341 resource_type = values['resource_type'].lower()
342
343 # Try to configure the payload for the update/create request
344 # Can only update: threshold, operation, statistic and
345 # the severity of the alarm
346 rule = {'threshold': values['threshold_value'],
347 'comparison_operator': values['operation'].lower(),
348 'metric': METRIC_MAPPINGS[metric_name],
349 'resource_id': resource_id,
350 'resource_type': resource_type,
351 'aggregation_method': STATISTICS[statistic],
352 'granularity': granularity, }
353 payload = json.dumps({'state': alarm_state,
354 'name': alarm_name,
355 'severity': SEVERITIES[severity],
356 'type': 'gnocchi_resources_threshold',
357 'gnocchi_resources_threshold_rule': rule,
358 'alarm_actions': [cfg.OS_NOTIFIER_URI],
359 'repeat_actions': True}, sort_keys=True)
360 return payload
361
362 def get_alarm_state(self, endpoint, auth_token, alarm_id):
363 """Get the state of the alarm."""
364 url = "{}/v2/alarms/%s/state".format(endpoint) % alarm_id
365
366 alarm_state = Common.perform_request(
367 url, auth_token, req_type="get")
368 return json.loads(alarm_state.text)
369
370 def check_for_metric(self, auth_token, metric_endpoint, metric_name, resource_id, verify_ssl):
371 """
372 Checks if resource has a specific metric. If not, throws exception.
373 :param verify_ssl: Boolean flag to set SSL cert validation
374 :param auth_token: OpenStack auth token
375 :param metric_endpoint: OpenStack metric endpoint
376 :param metric_name: Metric name
377 :param resource_id: Resource UUID
378 :return: Metric details from resource
379 :raise Exception: Could not retrieve metric from resource
380 """
381 try:
382 url = "{}/v1/resource/generic/{}".format(metric_endpoint, resource_id)
383 result = Common.perform_request(
384 url, auth_token, req_type="get", verify_ssl=verify_ssl)
385 resource = json.loads(result.text)
386 metrics_dict = resource['metrics']
387 return metrics_dict[METRIC_MAPPINGS[metric_name]]
388 except Exception as e:
389 log.exception("Desired Gnocchi metric not found:", e)
390 raise e