Skip to content

Commit

Permalink
Merge "Keystonev3 + auth-credential support" into R2.21.x
Browse files Browse the repository at this point in the history
  • Loading branch information
@opencontrail-ci-admin
Zuul authored and opencontrail-ci-admin committed Oct 22, 2015
2 parents c6b606a + b7e550a commit 062460a
Showing 1 changed file with 41 additions and 36 deletions.
77 changes: 41 additions & 36 deletions src/config/vnc_openstack/vnc_openstack/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,8 @@
import Queue
import ConfigParser
import keystoneclient.v2_0.client as keystone
import keystoneclient.v3.client as keystonev3
from netaddr import *

import cfgm_common
try:
from cfgm_common import vnc_plugin_base
Expand Down Expand Up @@ -84,6 +84,18 @@ def fill_keystone_opts(obj, conf_sections):
resync_workers = '10'
obj._resync_number_workers = int(resync_workers)

try:
# Get the domain_id for keystone v3
obj._domain_id = conf_sections.get('KEYSTONE', 'admin_domain_id')
except ConfigParser.NoOptionError:
obj._domain_id = 'default'

try:
# Get the user_domain_name for keystone v3
obj._user_domain_name = conf_sections.get('KEYSTONE', 'admin_user_domain_name')
except ConfigParser.NoOptionError:
obj._user_domain_name = 'Default'

def _create_default_security_group(vnc_lib, proj_obj):
def _get_rule(ingress, sg, prefix, ethertype):
sgr_uuid = str(uuid.uuid4())
Expand Down Expand Up @@ -290,23 +302,22 @@ def _ksv2_del_project_from_vnc(self, project_id):
# _ksv2_del_project_from_vnc

def _ksv3_get_conn(self):
if self._ks:
return

self._ks = requests.Session()
adapter = requests.adapters.HTTPAdapter()
self._ks.mount("http://", adapter)
self._ks.mount("https://", adapter)
if not self._ks:
if self._admin_token:
self._ks = keystonev3.Client(token=self._admin_token,
endpoint=self._auth_url,
insecure=self._insecure)
else:
self._ks = keystonev3.Client(user_domain_name=self._user_domain_name,
username=self._auth_user,
password=self._auth_passwd,
domain_id=self._domain_id,
auth_url=self._auth_url,
insecure=self._insecure)
# end _ksv3_get_conn

def _ksv3_domains_list(self):
resp = self._ks.get('%s/domains' %(self._auth_url),
headers={'X-AUTH-TOKEN':self._admin_token})
if resp.status_code != 200:
raise Exception(resp.text)

domains_json = resp.text
return json.loads(domains_json)['domains']
return [{'id': domain.id} for domain in self._ks.domains.list()]
# end _ksv3_domains_list

def _ksv3_domain_id_to_uuid(self, domain_id):
Expand All @@ -317,33 +328,27 @@ def _ksv3_domain_id_to_uuid(self, domain_id):
# _ksv3_domain_id_to_uuid

def _ksv3_domain_get(self, id=None):
resp = self._ks.get('%s/domains/%s' %(self._auth_url, id),
headers={'X-AUTH-TOKEN':self._admin_token})
if resp.status_code != 200:
raise Exception(resp.text)

domain_json = resp.text
return json.loads(domain_json)['domain']
try:
return {'name': self._ks.domains.get(id).name}
except:
self._ks = None
self._get_keystone_conn()
return {'name': self._ks.domains.get(id).name}
# end _ksv3_domain_get

def _ksv3_projects_list(self):
resp = self._ks.get('%s/projects' %(self._auth_url),
headers={'X-AUTH-TOKEN':self._admin_token})
if resp.status_code != 200:
raise Exception(resp.text)

projects_json = resp.text
return json.loads(projects_json)['projects']
return [{'id': project.id} for project in self._ks.projects.list()]
# end _ksv3_projects_list

def _ksv3_project_get(self, id=None):
resp = self._ks.get('%s/projects/%s' %(self._auth_url, id),
headers={'X-AUTH-TOKEN':self._admin_token})
if resp.status_code != 200:
raise Exception(resp.text)

project_json = resp.text
return json.loads(project_json)['project']
try:
project = self._ks.projects.get(id)
return {'id': project.id, 'name': project.name, 'domain_id': project.domain_id}
except Exception as e:
self._ks = None
self._get_keystone_conn()
project = self._ks.projects.get(id)
return {'id': project.id, 'name': project.name, 'domain_id': project.domain_id}
# end _ksv3_project_get

def _ksv3_sync_project_to_vnc(self, id=None, name=None):
Expand Down

0 comments on commit 062460a

Please sign in to comment.