Skip to content

Commit

Permalink
Requirement: add admin_user/admin_password conf file
Browse files Browse the repository at this point in the history 
    Description:
    Customer require a way to read admin/admin password from given path/file
    --admin-user and --admin-password command is not secret since it would be displayed.The expected change to contrail-logs, contrail-stats, contrail-flow.
    Solution:
    Add a new command --admin-conf-file and follow these rules:
        (1) giving the highest priority to --admin/--admin-password only when they are specified in the command line.
        (2) if --admin/--admin-password are not specified and --conf-file is specified, read the file specified by --conf-file.
        (3) if any of --admin/--admin-password/--conf-file are not specified, read the default conf file.
        (4) if any options are not specified and the credential cannot be read from the default conf file, use default user and password.

Change-Id: I7f7da2108cdf3b1382c0835fd7d52851d606445a
Closes-Bug: 1658821
  • Loading branch information
@ZhiqiangCui
ZhiqiangCui committed Feb 23, 2017
1 parent bedf67b commit 599749a
Show file tree
Hide file tree
Showing 3 changed files with 169 additions and 100 deletions.
44 changes: 37 additions & 7 deletions src/opserver/flow.py
View file
Expand Up @@ -11,6 +11,7 @@
#

import sys
import ConfigParser
import argparse
import json
import datetime
Expand Down Expand Up @@ -70,6 +71,7 @@ def __init__(self):
def run(self):
if self.parse_args() != 0:
return

result = self.query()
self.display(result)

Expand Down Expand Up @@ -98,10 +100,40 @@ def parse_args(self):
'start_time': 'now-10m',
'end_time': 'now',
'direction' : 'ingress',
'admin_user': 'admin',
'admin_password': 'contrail123',
'conf_file': '/etc/contrail/contrail-keystone-auth.conf',
}

conf_parser = argparse.ArgumentParser(add_help=False)
conf_parser.add_argument("--admin-user", help="Name of admin user")
conf_parser.add_argument("--admin-password", help="Password of admin user")
conf_parser.add_argument("--conf-file", help="Configuration file")
args, remaining_argv = conf_parser.parse_known_args();

configfile = defaults['conf_file']
if args.conf_file:
configfile = args.conf_file

config = ConfigParser.SafeConfigParser()
config.read(configfile)
if 'KEYSTONE' in config.sections():
if args.admin_user == None:
args.admin_user = config.get('KEYSTONE', 'admin_user')
if args.admin_password == None:
args.admin_password = config.get('KEYSTONE','admin_password')

if args.admin_user == None:
args.admin_user = defaults['admin_user']
if args.admin_password == None:
args.admin_password = defaults['admin_password']

parser = argparse.ArgumentParser(
formatter_class=argparse.ArgumentDefaultsHelpFormatter)
# Inherit options from config_parser
parents=[conf_parser],
# print script description with -h/--help
description=__doc__,
formatter_class=argparse.ArgumentDefaultsHelpFormatter)
parser.set_defaults(**defaults)
parser.add_argument("--analytics-api-ip",
help="IP address of Analytics API Server")
Expand Down Expand Up @@ -139,12 +171,10 @@ def parse_args(self):
help="Show vmi uuid information")
parser.add_argument(
"--verbose", action="store_true", help="Show internal information")
parser.add_argument(
"--admin-user", help="Name of admin user", default="admin")
parser.add_argument(
"--admin-password", help="Password of admin user",
default="contrail123")
self._args = parser.parse_args()
self._args = parser.parse_args(remaining_argv)

self._args.admin_user = args.admin_user
self._args.admin_password = args.admin_password

try:
self._start_time, self._end_time = \
Expand Down
114 changes: 69 additions & 45 deletions src/opserver/log.py
View file
Expand Up @@ -11,6 +11,7 @@
#

import sys
import ConfigParser
import argparse
import json
import datetime
Expand Down Expand Up @@ -39,47 +40,13 @@ class LogQuerier(object):
def __init__(self):
self._args = None
self._slogger = None
self._defaults = {
'analytics_api_ip': '127.0.0.1',
'analytics_api_port': '8181',
'username': 'admin',
'password': 'contrail123',
}
# end __init__

def run(self):
try:
index = 0
analytics_api_ip = self._defaults['analytics_api_ip']
analytics_api_port = self._defaults['analytics_api_port']
username = self._defaults['username']
password = self._defaults['password']
for arg in sys.argv:
index = index + 1
if arg == "--analytics-api-ip":
analytics_api_ip = sys.argv[index]
elif arg == "--analytics-api-port":
analytics_api_port = sys.argv[index]
elif arg == "--admin-user":
username = sys.argv[index]
elif arg == "--admin-password":
password = sys.argv[index]
tab_url = "http://" + analytics_api_ip + ":" +\
analytics_api_port + "/analytics/tables"
tables = OpServerUtils.get_url_http(tab_url,
username, password)
if tables != {}:
table_list = json.loads(tables.text)
for table in table_list:
if table['type'] == 'OBJECT':
# append to OBJECT_TYPE_LIST only if not existing
if table['name'] not in OBJECT_TABLE_MAP.values():
OBJECT_TYPE_LIST.append(str(table['name']))
# For object table the mapping between the actual table
# name and the table name used in help msg are the same
OBJECT_TABLE_MAP[table['name']]=table['name']
if self.parse_args() != 0:
return

if self._args.tail:
start_time = UTCTimestampUsec() - 10*pow(10,6)
while True:
Expand Down Expand Up @@ -144,12 +111,67 @@ def parse_args(self):
--syslog-port 514
--keywords comma,seperated,list
"""
defaults = {
'analytics_api_ip': '127.0.0.1',
'analytics_api_port': '8181',
'admin_user': 'admin',
'admin_password': 'contrail123',
'conf_file': '/etc/contrail/contrail-keystone-auth.conf',
}

conf_parser = argparse.ArgumentParser(add_help=False)
conf_parser.add_argument("--admin-user", help="Name of admin user")
conf_parser.add_argument("--admin-password", help="Password of admin user")
conf_parser.add_argument("--conf-file", help="Configuration file")
conf_parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server")
conf_parser.add_argument("--analytics-api-port", help="Port of Analytics API Server")
args, remaining_argv = conf_parser.parse_known_args();

configfile = defaults['conf_file']
if args.conf_file:
configfile = args.conf_file

config = ConfigParser.SafeConfigParser()
config.read(configfile)
if 'KEYSTONE' in config.sections():
if args.admin_user == None:
args.admin_user = config.get('KEYSTONE', 'admin_user')
if args.admin_password == None:
args.admin_password = config.get('KEYSTONE','admin_password')

if args.admin_user == None:
args.admin_user = defaults['admin_user']
if args.admin_password == None:
args.admin_password = defaults['admin_password']

if args.analytics_api_ip == None:
args.analytics_api_ip = defaults['analytics_api_ip']
if args.analytics_api_port == None:
args.analytics_api_port = defaults['analytics_api_port']

tab_url = "http://" + args.analytics_api_ip + ":" +\
args.analytics_api_port + "/analytics/tables"
tables = OpServerUtils.get_url_http(tab_url,
args.admin_user, args.admin_password)
if tables != {}:
if tables.status_code == 200:
table_list = json.loads(tables.text)
for table in table_list:
if table['type'] == 'OBJECT':
# append to OBJECT_TYPE_LIST only if not existing
if table['name'] not in OBJECT_TABLE_MAP.values():
OBJECT_TYPE_LIST.append(str(table['name']))
# For object table the mapping between the actual table
# name and the table name used in help msg are the same
OBJECT_TABLE_MAP[table['name']]=table['name']

parser = argparse.ArgumentParser(
formatter_class=argparse.ArgumentDefaultsHelpFormatter)
parser.set_defaults(**(self._defaults))
parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server")
parser.add_argument("--analytics-api-port", help="Port of Analytics API Server")
# Inherit options from config_parser
parents=[conf_parser],
# print script description with -h/--help
description=__doc__,
formatter_class=argparse.ArgumentDefaultsHelpFormatter)
parser.set_defaults(**defaults)
parser.add_argument(
"--start-time", help="Logs start time (format now-10m, now-1h)")
parser.add_argument("--end-time", help="Logs end time")
Expand Down Expand Up @@ -194,12 +216,14 @@ def parse_args(self):
help="Display list of message type", action="store_true")
parser.add_argument("--output-file", "-o", help="redirect output to file")
parser.add_argument("--json", help="Dump output as json", action="store_true")
parser.add_argument("--all", action="store_true", help=argparse.SUPPRESS)
parser.add_argument("--admin-user", help="Name of admin user", \
default=self._defaults['username'])
parser.add_argument("--admin-password", help="Password of admin user",
default=self._defaults['password'])
self._args = parser.parse_args()
parser.add_argument("--all", action="store_true", help=argparse.SUPPRESS)
self._args = parser.parse_args(remaining_argv)

self._args.admin_user = args.admin_user
self._args.admin_password = args.admin_password
self._args.analytics_api_ip = args.analytics_api_ip
self._args.analytics_api_port = args.analytics_api_port

return 0
# end parse_args

Expand Down
111 changes: 63 additions & 48 deletions src/opserver/stats.py
View file
Expand Up @@ -12,6 +12,7 @@

import sys
import os
import ConfigParser
import argparse
import json
from opserver_util import OpServerUtils
Expand All @@ -21,47 +22,11 @@ class StatQuerier(object):

def __init__(self):
self._args = None
self._defaults = {
'analytics_api_ip': '127.0.0.1',
'analytics_api_port': '8181',
'username': 'admin',
'password': 'contrail123',
}
# end __init__

# Public functions
def run(self):
index = 0
analytics_api_ip = self._defaults['analytics_api_ip']
analytics_api_port = self._defaults['analytics_api_port']
username = self._defaults['username']
password = self._defaults['password']
stat_table_list = [xx.stat_type + "." + xx.stat_attr for xx in VizConstants._STAT_TABLES]
stat_schema_files = []
for arg in sys.argv:
index = index + 1
if arg == "--analytics-api-ip":
analytics_api_ip = sys.argv[index]
elif arg == "--analytics-api-port":
analytics_api_port = sys.argv[index]
elif arg == "--admin-user":
username = sys.argv[index]
elif arg == "--admin-password":
password = sys.argv[index]
tab_url = "http://" + analytics_api_ip + ":" +\
analytics_api_port + "/analytics/tables"
tables = OpServerUtils.get_url_http(tab_url,
username, password)
if tables != {}:
table_list = json.loads(tables.text)
for table in table_list:
if table['type'] == 'STAT':
table_name = '.'.join(table['name'].split('.')[1:])
# append to stat_table_list only if not existing
if table_name not in stat_table_list:
stat_table_list.append(table_name)

if self.parse_args(stat_table_list) != 0:
if self.parse_args() != 0:
return

if len(self._args.select)==0 and self._args.dtable is None:
Expand All @@ -87,7 +52,7 @@ def run(self):
result = self.query()
self.display(result)

def parse_args(self, stat_table_list):
def parse_args(self):
"""
Eg. python stats.py --analytics-api-ip 127.0.0.1
--analytics-api-port 8181
Expand All @@ -106,14 +71,64 @@ def parse_args(self, stat_table_list):
'end_time': 'now',
'select' : [],
'where' : ['Source=*'],
'sort': []
'sort': [],
'admin_user': 'admin',
'admin_password': 'contrail123',
'conf_file': '/etc/contrail/contrail-keystone-auth.conf',
}

conf_parser = argparse.ArgumentParser(add_help=False)
conf_parser.add_argument("--admin-user", help="Name of admin user")
conf_parser.add_argument("--admin-password", help="Password of admin user")
conf_parser.add_argument("--conf-file", help="Configuration file")
conf_parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server")
conf_parser.add_argument("--analytics-api-port", help="Port of Analytcis API Server")
args, remaining_argv = conf_parser.parse_known_args();

configfile = defaults['conf_file']
if args.conf_file:
configfile = args.conf_file

config = ConfigParser.SafeConfigParser()
config.read(configfile)
if 'KEYSTONE' in config.sections():
if args.admin_user == None:
args.admin_user = config.get('KEYSTONE', 'admin_user')
if args.admin_password == None:
args.admin_password = config.get('KEYSTONE','admin_password')

if args.admin_user == None:
args.admin_user = defaults['admin_user']
if args.admin_password == None:
args.admin_password = defaults['admin_password']

if args.analytics_api_ip == None:
args.analytics_api_ip = defaults['analytics_api_ip']
if args.analytics_api_port == None:
args.analytics_api_port = defaults['analytics_api_port']

stat_table_list = [xx.stat_type + "." + xx.stat_attr for xx in VizConstants._STAT_TABLES]
tab_url = "http://" + args.analytics_api_ip + ":" +\
args.analytics_api_port + "/analytics/tables"
tables = OpServerUtils.get_url_http(tab_url,
args.admin_user, args.admin_password)
if tables != {}:
if tables.status_code == 200:
table_list = json.loads(tables.text)
for table in table_list:
if table['type'] == 'STAT':
table_name = '.'.join(table['name'].split('.')[1:])
# append to stat_table_list only if not existing
if table_name not in stat_table_list:
stat_table_list.append(table_name)

parser = argparse.ArgumentParser(
formatter_class=argparse.ArgumentDefaultsHelpFormatter)
# Inherit options from config_parser
parents=[conf_parser],
# print script description with -h/--help
description=__doc__,
formatter_class=argparse.ArgumentDefaultsHelpFormatter)
parser.set_defaults(**defaults)
parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server")
parser.add_argument("--analytics-api-port", help="Port of Analytcis API Server")
parser.add_argument(
"--start-time", help="Logs start time (format now-10m, now-1h)")
parser.add_argument("--end-time", help="Logs end time")
Expand All @@ -129,12 +144,12 @@ def parse_args(self, stat_table_list):
"--where", help="List of Where Terms to be ANDed", nargs='+')
parser.add_argument(
"--sort", help="List of Sort Terms", nargs='+')
parser.add_argument(
"--admin-user", help="Name of admin user", default="admin")
parser.add_argument(
"--admin-password", help="Password of admin user",
default="contrail123")
self._args = parser.parse_args()
self._args = parser.parse_args(remaining_argv)

self._args.admin_user = args.admin_user
self._args.admin_password = args.admin_password
self._args.analytics_api_ip = args.analytics_api_ip
self._args.analytics_api_port = args.analytics_api_port

if self._args.table is None and self._args.dtable is None:
return -1
Expand Down

0 comments on commit 599749a

Please sign in to comment.