From a07d54afbc3ab369e39676f861b4c40cc351cef7 Mon Sep 17 00:00:00 2001 From: zcui Date: Tue, 21 Feb 2017 14:33:24 -0800 Subject: [PATCH] Requirement: add admin_user/admin_password conf file Description: Customer require a way to read admin/admin password from given path/file --admin-user and --admin-password command is not secret since it would be displayed.The expected change to contrail-logs, contrail-stats, contrail-flow. Solution: Add a new command --admin-conf-file and follow these rules: (1) giving the highest priority to --admin/--admin-password only when they are specified in the command line. (2) if --admin/--admin-password are not specified and --conf-file is specified, read the file specified by --conf-file. (3) if any of --admin/--admin-password/--conf-file are not specified, read the default conf file. (4) if any options are not specified and the credential cannot be read from the default conf file, use default user and password. Closes-Bug: 1658821 Conflicts: src/opserver/log.py Change-Id: I7b4fbc0dd5f06fe6b740d6f3251839f26116627d --- src/opserver/flow.py | 44 +++++++++++++--- src/opserver/log.py | 115 +++++++++++++++++++++++++----------------- src/opserver/stats.py | 111 ++++++++++++++++++++++------------------ 3 files changed, 168 insertions(+), 102 deletions(-) diff --git a/src/opserver/flow.py b/src/opserver/flow.py index e8787189e19..22fdc644185 100755 --- a/src/opserver/flow.py +++ b/src/opserver/flow.py @@ -11,6 +11,7 @@ # import sys +import ConfigParser import argparse import json import datetime @@ -70,6 +71,7 @@ def __init__(self): def run(self): if self.parse_args() != 0: return + result = self.query() self.display(result) @@ -98,10 +100,40 @@ def parse_args(self): 'start_time': 'now-10m', 'end_time': 'now', 'direction' : 'ingress', + 'admin_user': 'admin', + 'admin_password': 'contrail123', + 'conf_file': '/etc/contrail/contrail-keystone-auth.conf', } + conf_parser = argparse.ArgumentParser(add_help=False) + conf_parser.add_argument("--admin-user", help="Name of admin user") + conf_parser.add_argument("--admin-password", help="Password of admin user") + conf_parser.add_argument("--conf-file", help="Configuration file") + args, remaining_argv = conf_parser.parse_known_args(); + + configfile = defaults['conf_file'] + if args.conf_file: + configfile = args.conf_file + + config = ConfigParser.SafeConfigParser() + config.read(configfile) + if 'KEYSTONE' in config.sections(): + if args.admin_user == None: + args.admin_user = config.get('KEYSTONE', 'admin_user') + if args.admin_password == None: + args.admin_password = config.get('KEYSTONE','admin_password') + + if args.admin_user == None: + args.admin_user = defaults['admin_user'] + if args.admin_password == None: + args.admin_password = defaults['admin_password'] + parser = argparse.ArgumentParser( - formatter_class=argparse.ArgumentDefaultsHelpFormatter) + # Inherit options from config_parser + parents=[conf_parser], + # print script description with -h/--help + description=__doc__, + formatter_class=argparse.ArgumentDefaultsHelpFormatter) parser.set_defaults(**defaults) parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server") @@ -139,12 +171,10 @@ def parse_args(self): help="Show vmi uuid information") parser.add_argument( "--verbose", action="store_true", help="Show internal information") - parser.add_argument( - "--admin-user", help="Name of admin user", default="admin") - parser.add_argument( - "--admin-password", help="Password of admin user", - default="contrail123") - self._args = parser.parse_args() + self._args = parser.parse_args(remaining_argv) + + self._args.admin_user = args.admin_user + self._args.admin_password = args.admin_password try: self._start_time, self._end_time = \ diff --git a/src/opserver/log.py b/src/opserver/log.py index 295f0b03a90..53c9086de3e 100755 --- a/src/opserver/log.py +++ b/src/opserver/log.py @@ -11,6 +11,7 @@ # import sys +import ConfigParser import argparse import json import datetime @@ -39,50 +40,13 @@ class LogQuerier(object): def __init__(self): self._args = None self._slogger = None - self._defaults = { - 'analytics_api_ip': '127.0.0.1', - 'analytics_api_port': '8181', - 'username': 'admin', - 'password': 'contrail123', - } # end __init__ def run(self): try: - index = 0 - analytics_api_ip = self._defaults['analytics_api_ip'] - analytics_api_port = self._defaults['analytics_api_port'] - username = self._defaults['username'] - password = self._defaults['password'] - for arg in sys.argv: - index = index + 1 - if arg == "--analytics-api-ip": - analytics_api_ip = sys.argv[index] - elif arg == "--analytics-api-port": - analytics_api_port = sys.argv[index] - elif arg == "--admin-user": - username = sys.argv[index] - elif arg == "--admin-password": - password = sys.argv[index] - if self.parse_args() != 0: return - tab_url = "http://" + analytics_api_ip + ":" +\ - analytics_api_port + "/analytics/tables" - tables = OpServerUtils.get_url_http(tab_url, - username, password) - if tables != {}: - table_list = json.loads(tables.text) - for table in table_list: - if table['type'] == 'OBJECT': - # append to OBJECT_TYPE_LIST only if not existing - if table['name'] not in OBJECT_TABLE_MAP.values(): - OBJECT_TYPE_LIST.append(str(table['name'])) - # For object table the mapping between the actual table - # name and the table name used in help msg are the same - OBJECT_TABLE_MAP[table['name']]=table['name'] - if self._args.tail: start_time = UTCTimestampUsec() - 10*pow(10,6) while True: @@ -147,12 +111,67 @@ def parse_args(self): --syslog-port 514 --keywords comma,seperated,list """ + defaults = { + 'analytics_api_ip': '127.0.0.1', + 'analytics_api_port': '8181', + 'admin_user': 'admin', + 'admin_password': 'contrail123', + 'conf_file': '/etc/contrail/contrail-keystone-auth.conf', + } + + conf_parser = argparse.ArgumentParser(add_help=False) + conf_parser.add_argument("--admin-user", help="Name of admin user") + conf_parser.add_argument("--admin-password", help="Password of admin user") + conf_parser.add_argument("--conf-file", help="Configuration file") + conf_parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server") + conf_parser.add_argument("--analytics-api-port", help="Port of Analytics API Server") + args, remaining_argv = conf_parser.parse_known_args(); + + configfile = defaults['conf_file'] + if args.conf_file: + configfile = args.conf_file + + config = ConfigParser.SafeConfigParser() + config.read(configfile) + if 'KEYSTONE' in config.sections(): + if args.admin_user == None: + args.admin_user = config.get('KEYSTONE', 'admin_user') + if args.admin_password == None: + args.admin_password = config.get('KEYSTONE','admin_password') + + if args.admin_user == None: + args.admin_user = defaults['admin_user'] + if args.admin_password == None: + args.admin_password = defaults['admin_password'] + + if args.analytics_api_ip == None: + args.analytics_api_ip = defaults['analytics_api_ip'] + if args.analytics_api_port == None: + args.analytics_api_port = defaults['analytics_api_port'] + + tab_url = "http://" + args.analytics_api_ip + ":" +\ + args.analytics_api_port + "/analytics/tables" + tables = OpServerUtils.get_url_http(tab_url, + args.admin_user, args.admin_password) + if tables != {}: + if tables.status_code == 200: + table_list = json.loads(tables.text) + for table in table_list: + if table['type'] == 'OBJECT': + # append to OBJECT_TYPE_LIST only if not existing + if table['name'] not in OBJECT_TABLE_MAP.values(): + OBJECT_TYPE_LIST.append(str(table['name'])) + # For object table the mapping between the actual table + # name and the table name used in help msg are the same + OBJECT_TABLE_MAP[table['name']]=table['name'] parser = argparse.ArgumentParser( - formatter_class=argparse.ArgumentDefaultsHelpFormatter) - parser.set_defaults(**(self._defaults)) - parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server") - parser.add_argument("--analytics-api-port", help="Port of Analytics API Server") + # Inherit options from config_parser + parents=[conf_parser], + # print script description with -h/--help + description=__doc__, + formatter_class=argparse.ArgumentDefaultsHelpFormatter) + parser.set_defaults(**defaults) parser.add_argument( "--start-time", help="Logs start time (format now-10m, now-1h)") parser.add_argument("--end-time", help="Logs end time") @@ -197,12 +216,14 @@ def parse_args(self): help="Display list of message type", action="store_true") parser.add_argument("--output-file", "-o", help="redirect output to file") parser.add_argument("--json", help="Dump output as json", action="store_true") - parser.add_argument("--all", action="store_true", help=argparse.SUPPRESS) - parser.add_argument("--admin-user", help="Name of admin user", \ - default=self._defaults['username']) - parser.add_argument("--admin-password", help="Password of admin user", - default=self._defaults['password']) - self._args = parser.parse_args() + parser.add_argument("--all", action="store_true", help=argparse.SUPPRESS) + self._args = parser.parse_args(remaining_argv) + + self._args.admin_user = args.admin_user + self._args.admin_password = args.admin_password + self._args.analytics_api_ip = args.analytics_api_ip + self._args.analytics_api_port = args.analytics_api_port + return 0 # end parse_args diff --git a/src/opserver/stats.py b/src/opserver/stats.py index fbac46e0ac9..6c1e5a1b730 100755 --- a/src/opserver/stats.py +++ b/src/opserver/stats.py @@ -12,6 +12,7 @@ import sys import os +import ConfigParser import argparse import json from opserver_util import OpServerUtils @@ -21,47 +22,11 @@ class StatQuerier(object): def __init__(self): self._args = None - self._defaults = { - 'analytics_api_ip': '127.0.0.1', - 'analytics_api_port': '8181', - 'username': 'admin', - 'password': 'contrail123', - } # end __init__ # Public functions def run(self): - index = 0 - analytics_api_ip = self._defaults['analytics_api_ip'] - analytics_api_port = self._defaults['analytics_api_port'] - username = self._defaults['username'] - password = self._defaults['password'] - stat_table_list = [xx.stat_type + "." + xx.stat_attr for xx in VizConstants._STAT_TABLES] - stat_schema_files = [] - for arg in sys.argv: - index = index + 1 - if arg == "--analytics-api-ip": - analytics_api_ip = sys.argv[index] - elif arg == "--analytics-api-port": - analytics_api_port = sys.argv[index] - elif arg == "--admin-user": - username = sys.argv[index] - elif arg == "--admin-password": - password = sys.argv[index] - tab_url = "http://" + analytics_api_ip + ":" +\ - analytics_api_port + "/analytics/tables" - tables = OpServerUtils.get_url_http(tab_url, - username, password) - if tables != {}: - table_list = json.loads(tables.text) - for table in table_list: - if table['type'] == 'STAT': - table_name = '.'.join(table['name'].split('.')[1:]) - # append to stat_table_list only if not existing - if table_name not in stat_table_list: - stat_table_list.append(table_name) - - if self.parse_args(stat_table_list) != 0: + if self.parse_args() != 0: return if len(self._args.select)==0 and self._args.dtable is None: @@ -87,7 +52,7 @@ def run(self): result = self.query() self.display(result) - def parse_args(self, stat_table_list): + def parse_args(self): """ Eg. python stats.py --analytics-api-ip 127.0.0.1 --analytics-api-port 8181 @@ -106,14 +71,64 @@ def parse_args(self, stat_table_list): 'end_time': 'now', 'select' : [], 'where' : ['Source=*'], - 'sort': [] + 'sort': [], + 'admin_user': 'admin', + 'admin_password': 'contrail123', + 'conf_file': '/etc/contrail/contrail-keystone-auth.conf', } + conf_parser = argparse.ArgumentParser(add_help=False) + conf_parser.add_argument("--admin-user", help="Name of admin user") + conf_parser.add_argument("--admin-password", help="Password of admin user") + conf_parser.add_argument("--conf-file", help="Configuration file") + conf_parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server") + conf_parser.add_argument("--analytics-api-port", help="Port of Analytcis API Server") + args, remaining_argv = conf_parser.parse_known_args(); + + configfile = defaults['conf_file'] + if args.conf_file: + configfile = args.conf_file + + config = ConfigParser.SafeConfigParser() + config.read(configfile) + if 'KEYSTONE' in config.sections(): + if args.admin_user == None: + args.admin_user = config.get('KEYSTONE', 'admin_user') + if args.admin_password == None: + args.admin_password = config.get('KEYSTONE','admin_password') + + if args.admin_user == None: + args.admin_user = defaults['admin_user'] + if args.admin_password == None: + args.admin_password = defaults['admin_password'] + + if args.analytics_api_ip == None: + args.analytics_api_ip = defaults['analytics_api_ip'] + if args.analytics_api_port == None: + args.analytics_api_port = defaults['analytics_api_port'] + + stat_table_list = [xx.stat_type + "." + xx.stat_attr for xx in VizConstants._STAT_TABLES] + tab_url = "http://" + args.analytics_api_ip + ":" +\ + args.analytics_api_port + "/analytics/tables" + tables = OpServerUtils.get_url_http(tab_url, + args.admin_user, args.admin_password) + if tables != {}: + if tables.status_code == 200: + table_list = json.loads(tables.text) + for table in table_list: + if table['type'] == 'STAT': + table_name = '.'.join(table['name'].split('.')[1:]) + # append to stat_table_list only if not existing + if table_name not in stat_table_list: + stat_table_list.append(table_name) + parser = argparse.ArgumentParser( - formatter_class=argparse.ArgumentDefaultsHelpFormatter) + # Inherit options from config_parser + parents=[conf_parser], + # print script description with -h/--help + description=__doc__, + formatter_class=argparse.ArgumentDefaultsHelpFormatter) parser.set_defaults(**defaults) - parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server") - parser.add_argument("--analytics-api-port", help="Port of Analytcis API Server") parser.add_argument( "--start-time", help="Logs start time (format now-10m, now-1h)") parser.add_argument("--end-time", help="Logs end time") @@ -129,12 +144,12 @@ def parse_args(self, stat_table_list): "--where", help="List of Where Terms to be ANDed", nargs='+') parser.add_argument( "--sort", help="List of Sort Terms", nargs='+') - parser.add_argument( - "--admin-user", help="Name of admin user", default="admin") - parser.add_argument( - "--admin-password", help="Password of admin user", - default="contrail123") - self._args = parser.parse_args() + self._args = parser.parse_args(remaining_argv) + + self._args.admin_user = args.admin_user + self._args.admin_password = args.admin_password + self._args.analytics_api_ip = args.analytics_api_ip + self._args.analytics_api_port = args.analytics_api_port if self._args.table is None and self._args.dtable is None: return -1