Fix the hardcoding of user role using sdk_adapter approach
1. Refer to nova's latest code, use get_sdk to create the client[1].
2. Move placement_client define from default to seperate placement file.
Note:
The new method for get nova and placement client has been tested in latest
cyborg devstack environment. And the test results are good.
Because now cyborg does not have unit tests for the common and conf directory,
unit tests related to this patch will be added in the future, but not in this patch.
Reference:
[1]. 3f019f2db3/nova/utils.py (L1013)
Change-Id: I2a335d47ee3cc24f78b4d49942f1cccd586a0dcc
This commit is contained in:
parent
a7f1df1596
commit
71df0a289d
@ -196,6 +196,10 @@ class NotFound(CyborgException):
|
|||||||
code = http_client.NOT_FOUND
|
code = http_client.NOT_FOUND
|
||||||
|
|
||||||
|
|
||||||
|
class ServiceUnavailable(Invalid):
|
||||||
|
msg_fmt = _("Service is unavailable at this time.")
|
||||||
|
|
||||||
|
|
||||||
class ServiceNotFound(NotFound):
|
class ServiceNotFound(NotFound):
|
||||||
msg_fmt = _("Service %(service_id)s could not be found.")
|
msg_fmt = _("Service %(service_id)s could not be found.")
|
||||||
|
|
||||||
|
@ -12,8 +12,7 @@
|
|||||||
# License for the specific language governing permissions and limitations
|
# License for the specific language governing permissions and limitations
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
from cyborg.conf import CONF
|
from cyborg.common import utils
|
||||||
from openstack import connection
|
|
||||||
from oslo_log import log as logging
|
from oslo_log import log as logging
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
@ -21,13 +20,7 @@ LOG = logging.getLogger(__name__)
|
|||||||
|
|
||||||
class NovaAPI(object):
|
class NovaAPI(object):
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
default_user = "devstack-admin"
|
self.nova_client = utils.get_sdk_adapter('compute')
|
||||||
try:
|
|
||||||
auth_user = CONF.compute.username
|
|
||||||
except Exception:
|
|
||||||
auth_user = default_user
|
|
||||||
self.conn = connection.Connection(cloud=auth_user)
|
|
||||||
self.nova_client = self.conn.compute
|
|
||||||
|
|
||||||
def _get_acc_changed_event(self, instance_uuid, dev_profile_name, status):
|
def _get_acc_changed_event(self, instance_uuid, dev_profile_name, status):
|
||||||
return [{'name': 'accelerator-requests-bound',
|
return [{'name': 'accelerator-requests-bound',
|
||||||
|
@ -14,33 +14,22 @@
|
|||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
from cyborg.common import exception
|
from cyborg.common import exception
|
||||||
from cyborg.conf import CONF
|
from cyborg.common import utils
|
||||||
from keystoneauth1 import exceptions as ks_exc
|
from keystoneauth1 import exceptions as ks_exc
|
||||||
from oslo_log import log as logging
|
from oslo_log import log as logging
|
||||||
from oslo_middleware import request_id
|
from oslo_middleware import request_id
|
||||||
|
|
||||||
from openstack import connection
|
|
||||||
|
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
NESTED_PROVIDER_API_VERSION = '1.14'
|
NESTED_PROVIDER_API_VERSION = '1.14'
|
||||||
POST_RPS_RETURNS_PAYLOAD_API_VERSION = '1.20'
|
POST_RPS_RETURNS_PAYLOAD_API_VERSION = '1.20'
|
||||||
PLACEMENT_CLIENT_SEMAPHORE = 'placement_client'
|
PLACEMENT_CLIENT_SEMAPHORE = 'placement_client'
|
||||||
_CONN = None
|
|
||||||
|
|
||||||
|
|
||||||
class PlacementClient(object):
|
class PlacementClient(object):
|
||||||
"""Client class for reporting to placement."""
|
"""Client class for reporting to placement."""
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
global _CONN
|
self._client = utils.get_sdk_adapter('placement')
|
||||||
if _CONN is None:
|
|
||||||
default_user = 'devstack-admin'
|
|
||||||
try:
|
|
||||||
auth_user = CONF.placement.username or default_user
|
|
||||||
except Exception:
|
|
||||||
auth_user = default_user
|
|
||||||
_CONN = connection.Connection(cloud=auth_user)
|
|
||||||
self._client = _CONN.placement
|
|
||||||
|
|
||||||
def get(self, url, version=None, global_request_id=None):
|
def get(self, url, version=None, global_request_id=None):
|
||||||
return self._client.get(url, microversion=version,
|
return self._client.get(url, microversion=version,
|
||||||
|
@ -19,17 +19,19 @@ import six
|
|||||||
|
|
||||||
from keystoneauth1 import exceptions as ks_exc
|
from keystoneauth1 import exceptions as ks_exc
|
||||||
from keystoneauth1 import loading as ks_loading
|
from keystoneauth1 import loading as ks_loading
|
||||||
|
from openstack import connection
|
||||||
|
from openstack import exceptions as sdk_exc
|
||||||
from os_service_types import service_types
|
from os_service_types import service_types
|
||||||
from oslo_concurrency import lockutils
|
from oslo_concurrency import lockutils
|
||||||
from oslo_log import log
|
from oslo_log import log
|
||||||
|
|
||||||
from cyborg.common import exception
|
from cyborg.common import exception
|
||||||
|
from cyborg.common.i18n import _
|
||||||
import cyborg.conf
|
import cyborg.conf
|
||||||
|
|
||||||
|
|
||||||
LOG = log.getLogger(__name__)
|
LOG = log.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
synchronized = lockutils.synchronized_with_prefix('cyborg-')
|
synchronized = lockutils.synchronized_with_prefix('cyborg-')
|
||||||
_SERVICE_TYPES = service_types.ServiceTypes()
|
_SERVICE_TYPES = service_types.ServiceTypes()
|
||||||
CONF = cyborg.conf.CONF
|
CONF = cyborg.conf.CONF
|
||||||
@ -111,6 +113,47 @@ def get_ksa_adapter(service_type, ksa_auth=None, ksa_session=None,
|
|||||||
min_version=min_version, max_version=max_version)
|
min_version=min_version, max_version=max_version)
|
||||||
|
|
||||||
|
|
||||||
|
def _get_conf_group(service_type):
|
||||||
|
# Get the conf group corresponding to the service type.
|
||||||
|
confgrp = _SERVICE_TYPES.get_project_name(service_type)
|
||||||
|
if not confgrp or not hasattr(CONF, confgrp):
|
||||||
|
raise exception.ConfGroupForServiceTypeNotFound(stype=service_type)
|
||||||
|
return confgrp
|
||||||
|
|
||||||
|
|
||||||
|
def _get_auth_and_session(confgrp):
|
||||||
|
ksa_auth = ks_loading.load_auth_from_conf_options(CONF, confgrp)
|
||||||
|
return ks_loading.load_session_from_conf_options(
|
||||||
|
CONF, confgrp, auth=ksa_auth)
|
||||||
|
|
||||||
|
|
||||||
|
def get_sdk_adapter(service_type, check_service=False):
|
||||||
|
"""Construct an openstacksdk-brokered Adapter for a given service type.
|
||||||
|
We expect to find a conf group whose name corresponds to the service_type's
|
||||||
|
project according to the service-types-authority. That conf group must
|
||||||
|
provide ksa auth, session, and adapter options.
|
||||||
|
:param service_type: String name of the service type for which the Adapter
|
||||||
|
is to be constructed.
|
||||||
|
:param check_service: If True, we will query the endpoint to make sure the
|
||||||
|
service is alive, raising ServiceUnavailable if it is not.
|
||||||
|
:return: An openstack.proxy.Proxy object for the specified service_type.
|
||||||
|
:raise: ConfGroupForServiceTypeNotFound If no conf group name could be
|
||||||
|
found for the specified service_type.
|
||||||
|
:raise: ServiceUnavailable if check_service is True and the service is down
|
||||||
|
"""
|
||||||
|
confgrp = _get_conf_group(service_type)
|
||||||
|
sess = _get_auth_and_session(confgrp)
|
||||||
|
try:
|
||||||
|
conn = connection.Connection(
|
||||||
|
session=sess, oslo_conf=CONF, service_types={service_type},
|
||||||
|
strict_proxies=check_service)
|
||||||
|
except sdk_exc.ServiceDiscoveryException as e:
|
||||||
|
raise exception.ServiceUnavailable(
|
||||||
|
_("The %(service_type)s service is unavailable: %(error)s") %
|
||||||
|
{'service_type': service_type, 'error': six.text_type(e)})
|
||||||
|
return getattr(conn, service_type)
|
||||||
|
|
||||||
|
|
||||||
def get_endpoint(ksa_adapter):
|
def get_endpoint(ksa_adapter):
|
||||||
"""Get the endpoint URL represented by a keystoneauth1 Adapter.
|
"""Get the endpoint URL represented by a keystoneauth1 Adapter.
|
||||||
|
|
||||||
|
@ -21,6 +21,8 @@ from cyborg.conf import database
|
|||||||
from cyborg.conf import default
|
from cyborg.conf import default
|
||||||
from cyborg.conf import glance
|
from cyborg.conf import glance
|
||||||
from cyborg.conf import keystone
|
from cyborg.conf import keystone
|
||||||
|
from cyborg.conf import nova
|
||||||
|
from cyborg.conf import placement
|
||||||
from cyborg.conf import service_token
|
from cyborg.conf import service_token
|
||||||
|
|
||||||
CONF = cfg.CONF
|
CONF = cfg.CONF
|
||||||
@ -29,7 +31,8 @@ api.register_opts(CONF)
|
|||||||
agent.register_opts(CONF)
|
agent.register_opts(CONF)
|
||||||
database.register_opts(CONF)
|
database.register_opts(CONF)
|
||||||
default.register_opts(CONF)
|
default.register_opts(CONF)
|
||||||
default.register_placement_opts(CONF)
|
|
||||||
service_token.register_opts(CONF)
|
service_token.register_opts(CONF)
|
||||||
glance.register_opts(CONF)
|
glance.register_opts(CONF)
|
||||||
keystone.register_opts(CONF)
|
keystone.register_opts(CONF)
|
||||||
|
nova.register_opts(CONF)
|
||||||
|
placement.register_opts(CONF)
|
||||||
|
@ -18,11 +18,9 @@
|
|||||||
import os
|
import os
|
||||||
import socket
|
import socket
|
||||||
|
|
||||||
from keystoneauth1 import loading as k_loading
|
|
||||||
from oslo_config import cfg
|
from oslo_config import cfg
|
||||||
|
|
||||||
from cyborg.common.i18n import _
|
from cyborg.common.i18n import _
|
||||||
from cyborg.conf import utils as confutils
|
|
||||||
|
|
||||||
|
|
||||||
exc_log_opts = [
|
exc_log_opts = [
|
||||||
@ -65,33 +63,6 @@ path_opts = [
|
|||||||
help=_("Top-level directory for maintaining cyborg's state.")),
|
help=_("Top-level directory for maintaining cyborg's state.")),
|
||||||
]
|
]
|
||||||
|
|
||||||
PLACEMENT_CONF_SECTION = 'placement'
|
|
||||||
DEFAULT_SERVICE_TYPE = 'placement'
|
|
||||||
|
|
||||||
placement_group = cfg.OptGroup(
|
|
||||||
PLACEMENT_CONF_SECTION,
|
|
||||||
title='Placement Service Options',
|
|
||||||
help="Configuration options for connecting to the placement API service")
|
|
||||||
|
|
||||||
placement_opts = [
|
|
||||||
cfg.StrOpt('endpoint_type',
|
|
||||||
default='public',
|
|
||||||
choices=['public', 'admin', 'internal'],
|
|
||||||
help=_('Type of the placement endpoint to use. This endpoint '
|
|
||||||
'will be looked up in the keystone catalog and should '
|
|
||||||
'be one of public, internal or admin.')),
|
|
||||||
cfg.BoolOpt(
|
|
||||||
'randomize_allocation_candidates',
|
|
||||||
default=False,
|
|
||||||
help=_('If True, when limiting allocation candidate results, the '
|
|
||||||
'results will be a random sampling of the full result set. '
|
|
||||||
'If False, allocation candidates are returned in a '
|
|
||||||
'deterministic but undefined order. That is, all things '
|
|
||||||
'being equal, two requests for allocation candidates will '
|
|
||||||
'return the same results in the same order; but no guarantees '
|
|
||||||
'are made as to how that order is determined.')),
|
|
||||||
]
|
|
||||||
|
|
||||||
|
|
||||||
def register_opts(conf):
|
def register_opts(conf):
|
||||||
conf.register_opts(exc_log_opts)
|
conf.register_opts(exc_log_opts)
|
||||||
@ -99,24 +70,10 @@ def register_opts(conf):
|
|||||||
conf.register_opts(path_opts)
|
conf.register_opts(path_opts)
|
||||||
|
|
||||||
|
|
||||||
def register_placement_opts(cfg=cfg.CONF):
|
|
||||||
cfg.register_group(placement_group)
|
|
||||||
cfg.register_opts(placement_opts, group=PLACEMENT_CONF_SECTION)
|
|
||||||
confutils.register_ksa_opts(cfg, placement_group, DEFAULT_SERVICE_TYPE)
|
|
||||||
|
|
||||||
|
|
||||||
DEFAULT_OPTS = (exc_log_opts + service_opts + path_opts)
|
DEFAULT_OPTS = (exc_log_opts + service_opts + path_opts)
|
||||||
|
|
||||||
|
|
||||||
def list_opts():
|
def list_opts():
|
||||||
return {
|
return {
|
||||||
PLACEMENT_CONF_SECTION: (
|
|
||||||
placement_opts +
|
|
||||||
k_loading.get_session_conf_options() +
|
|
||||||
k_loading.get_auth_common_conf_options() +
|
|
||||||
k_loading.get_auth_plugin_conf_options('password') +
|
|
||||||
k_loading.get_auth_plugin_conf_options('v2password') +
|
|
||||||
k_loading.get_auth_plugin_conf_options('v3password') +
|
|
||||||
confutils.get_ksa_adapter_opts(DEFAULT_SERVICE_TYPE)),
|
|
||||||
'DEFAULT': DEFAULT_OPTS
|
'DEFAULT': DEFAULT_OPTS
|
||||||
}
|
}
|
||||||
|
42
cyborg/conf/nova.py
Normal file
42
cyborg/conf/nova.py
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
from keystoneauth1 import loading as ks_loading
|
||||||
|
from oslo_config import cfg
|
||||||
|
|
||||||
|
from cyborg.conf import utils as confutils
|
||||||
|
|
||||||
|
|
||||||
|
DEFAULT_SERVICE_TYPE = 'compute'
|
||||||
|
|
||||||
|
|
||||||
|
nova_group = cfg.OptGroup(
|
||||||
|
'nova',
|
||||||
|
title='Nova Service Options',
|
||||||
|
help="Configuration options for connecting to the Nova API service")
|
||||||
|
|
||||||
|
|
||||||
|
def register_opts(conf):
|
||||||
|
conf.register_group(nova_group)
|
||||||
|
confutils.register_ksa_opts(conf, nova_group, DEFAULT_SERVICE_TYPE)
|
||||||
|
|
||||||
|
|
||||||
|
def list_opts():
|
||||||
|
return {
|
||||||
|
nova_group.name: (
|
||||||
|
ks_loading.get_session_conf_options() +
|
||||||
|
ks_loading.get_auth_common_conf_options() +
|
||||||
|
ks_loading.get_auth_plugin_conf_options('password') +
|
||||||
|
ks_loading.get_auth_plugin_conf_options('v2password') +
|
||||||
|
ks_loading.get_auth_plugin_conf_options('v3password') +
|
||||||
|
confutils.get_ksa_adapter_opts(DEFAULT_SERVICE_TYPE))
|
||||||
|
}
|
42
cyborg/conf/placement.py
Normal file
42
cyborg/conf/placement.py
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
from keystoneauth1 import loading as ks_loading
|
||||||
|
from oslo_config import cfg
|
||||||
|
|
||||||
|
from cyborg.conf import utils as confutils
|
||||||
|
|
||||||
|
|
||||||
|
PLACEMENT_CONF_SECTION = 'placement'
|
||||||
|
DEFAULT_SERVICE_TYPE = 'placement'
|
||||||
|
|
||||||
|
placement_group = cfg.OptGroup(
|
||||||
|
PLACEMENT_CONF_SECTION,
|
||||||
|
title='Placement Service Options',
|
||||||
|
help="Configuration options for connecting to the placement API service")
|
||||||
|
|
||||||
|
|
||||||
|
def register_opts(conf):
|
||||||
|
conf.register_group(placement_group)
|
||||||
|
confutils.register_ksa_opts(conf, placement_group, DEFAULT_SERVICE_TYPE)
|
||||||
|
|
||||||
|
|
||||||
|
def list_opts():
|
||||||
|
return {
|
||||||
|
PLACEMENT_CONF_SECTION: (
|
||||||
|
ks_loading.get_session_conf_options() +
|
||||||
|
ks_loading.get_auth_common_conf_options() +
|
||||||
|
ks_loading.get_auth_plugin_conf_options('password') +
|
||||||
|
ks_loading.get_auth_plugin_conf_options('v2password') +
|
||||||
|
ks_loading.get_auth_plugin_conf_options('v3password') +
|
||||||
|
confutils.get_ksa_adapter_opts(DEFAULT_SERVICE_TYPE))
|
||||||
|
}
|
@ -199,7 +199,6 @@ function configure_cyborg_placement {
|
|||||||
# Use the provided config file path or default to $CYBORG_CONF.
|
# Use the provided config file path or default to $CYBORG_CONF.
|
||||||
local section=${1:-placement}
|
local section=${1:-placement}
|
||||||
local auth_section=${2:-keystone_authtoken}
|
local auth_section=${2:-keystone_authtoken}
|
||||||
iniset $CYBORG_CONF_FILE $section auth_section $auth_section
|
|
||||||
iniset $CYBORG_CONF_FILE $section auth_type "password"
|
iniset $CYBORG_CONF_FILE $section auth_type "password"
|
||||||
iniset $CYBORG_CONF_FILE $section auth_url "$KEYSTONE_SERVICE_URI"
|
iniset $CYBORG_CONF_FILE $section auth_url "$KEYSTONE_SERVICE_URI"
|
||||||
iniset $CYBORG_CONF_FILE $section username $section
|
iniset $CYBORG_CONF_FILE $section username $section
|
||||||
@ -218,7 +217,6 @@ function configure_cyborg_placement {
|
|||||||
function configure_cyborg_glance {
|
function configure_cyborg_glance {
|
||||||
local section=${1:-glance}
|
local section=${1:-glance}
|
||||||
local auth_section=${2:-keystone_authtoken}
|
local auth_section=${2:-keystone_authtoken}
|
||||||
iniset $CYBORG_CONF_FILE $section auth_section $auth_section
|
|
||||||
iniset $CYBORG_CONF_FILE $section auth_type "password"
|
iniset $CYBORG_CONF_FILE $section auth_type "password"
|
||||||
iniset $CYBORG_CONF_FILE $section auth_url "$KEYSTONE_SERVICE_URI"
|
iniset $CYBORG_CONF_FILE $section auth_url "$KEYSTONE_SERVICE_URI"
|
||||||
iniset $CYBORG_CONF_FILE $section username $section
|
iniset $CYBORG_CONF_FILE $section username $section
|
||||||
@ -229,6 +227,18 @@ function configure_cyborg_glance {
|
|||||||
iniset $CYBORG_CONF_FILE $section api_servers "$GLANCE_URL"
|
iniset $CYBORG_CONF_FILE $section api_servers "$GLANCE_URL"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function configure_cyborg_nova {
|
||||||
|
local section=${1:-nova}
|
||||||
|
local auth_section=${2:-keystone_authtoken}
|
||||||
|
iniset $CYBORG_CONF_FILE $section auth_type "password"
|
||||||
|
iniset $CYBORG_CONF_FILE $section auth_url "$KEYSTONE_SERVICE_URI"
|
||||||
|
iniset $CYBORG_CONF_FILE $section username $section
|
||||||
|
iniset $CYBORG_CONF_FILE $section password "$SERVICE_PASSWORD"
|
||||||
|
iniset $CYBORG_CONF_FILE $section user_domain_name "$SERVICE_DOMAIN_NAME"
|
||||||
|
iniset $CYBORG_CONF_FILE $section project_name "$SERVICE_TENANT_NAME"
|
||||||
|
iniset $CYBORG_CONF_FILE $section project_domain_name "$SERVICE_DOMAIN_NAME"
|
||||||
|
}
|
||||||
|
|
||||||
# configure_cyborg_conductor() - Is used by configure_cyborg().
|
# configure_cyborg_conductor() - Is used by configure_cyborg().
|
||||||
# Sets conductor specific settings.
|
# Sets conductor specific settings.
|
||||||
function configure_cyborg_conductor {
|
function configure_cyborg_conductor {
|
||||||
@ -240,6 +250,7 @@ function configure_cyborg_conductor {
|
|||||||
configure_auth_for service_catalog
|
configure_auth_for service_catalog
|
||||||
configure_cyborg_placement
|
configure_cyborg_placement
|
||||||
configure_cyborg_glance
|
configure_cyborg_glance
|
||||||
|
configure_cyborg_nova
|
||||||
|
|
||||||
sudo cp $CYBORG_DIR/etc/cyborg/rootwrap.conf $CYBORG_ROOTWRAP_CONF
|
sudo cp $CYBORG_DIR/etc/cyborg/rootwrap.conf $CYBORG_ROOTWRAP_CONF
|
||||||
sudo cp -r $CYBORG_DIR/etc/cyborg/rootwrap.d $CYBORG_CONF_DIR
|
sudo cp -r $CYBORG_DIR/etc/cyborg/rootwrap.d $CYBORG_CONF_DIR
|
||||||
|
Loading…
Reference in New Issue
Block a user