Merge "Modifying vnc_openstack to use credentials to authenticate + a…

…dd missing domain_id; Change-Id: Icc75afb950dc2f33a99dd576e616b2539ed1bead"
Juniper · May 4, 2015 · e80d259 · e80d259
2 parents 43375be + 8db1cdd
commit e80d259
Showing 1 changed file with 41 additions and 36 deletions.
diff --git a/src/config/vnc_openstack/vnc_openstack/__init__.py b/src/config/vnc_openstack/vnc_openstack/__init__.py
@@ -16,7 +16,7 @@
 import Queue
 import ConfigParser
 import keystoneclient.v2_0.client as keystone
-
+import keystoneclient.v3.client as keystonev3
 import cfgm_common
 try:
     from cfgm_common import vnc_plugin_base
@@ -81,6 +81,18 @@ def fill_keystone_opts(obj, conf_sections):
         resync_workers = '10'
     obj._resync_number_workers = int(resync_workers)
 
+    try:
+        # Get the domain_id for keystone v3
+        obj._domain_id = conf_sections.get('KEYSTONE', 'admin_domain_id')
+    except ConfigParser.NoOptionError:
+        obj._domain_id = 'default'
+
+    try:
+        # Get the user_domain_name for keystone v3
+        obj._user_domain_name = conf_sections.get('KEYSTONE', 'admin_user_domain_name')
+    except ConfigParser.NoOptionError:
+        obj._user_domain_name = 'Default'
+
 def _create_default_security_group(vnc_lib, proj_obj):
     def _get_rule(ingress, sg, prefix, ethertype):
         sgr_uuid = str(uuid.uuid4())
@@ -287,23 +299,22 @@ def _ksv2_del_project_from_vnc(self, project_id):
     # _ksv2_del_project_from_vnc
 
     def _ksv3_get_conn(self):
-        if self._ks:
-            return
-
-        self._ks = requests.Session()
-        adapter = requests.adapters.HTTPAdapter()
-        self._ks.mount("http://", adapter)
-        self._ks.mount("https://", adapter)
+        if not self._ks:
+            if self._admin_token:
+                self._ks = keystonev3.Client(token=self._admin_token,
+                                             endpoint=self._auth_url,
+                                             insecure=self._insecure)
+            else:
+                self._ks = keystonev3.Client(user_domain_name=self._user_domain_name,
+                                             username=self._auth_user,
+                                             password=self._auth_passwd,
+                                             domain_id=self._domain_id,
+                                             auth_url=self._auth_url,
+                                             insecure=self._insecure)
     # end _ksv3_get_conn
 
     def _ksv3_domains_list(self):
-        resp = self._ks.get('%s/domains' %(self._auth_url),
-                            headers={'X-AUTH-TOKEN':self._admin_token})
-        if resp.status_code != 200:
-            raise Exception(resp.text)
-
-        domains_json = resp.text
-        return json.loads(domains_json)['domains']
+        return [{'id': domain.id} for domain in self._ks.domains.list()]
     # end _ksv3_domains_list
 
     def _ksv3_domain_id_to_uuid(self, domain_id):
@@ -314,33 +325,27 @@ def _ksv3_domain_id_to_uuid(self, domain_id):
     # _ksv3_domain_id_to_uuid
 
     def _ksv3_domain_get(self, id=None):
-        resp = self._ks.get('%s/domains/%s' %(self._auth_url, id),
-                            headers={'X-AUTH-TOKEN':self._admin_token})
-        if resp.status_code != 200:
-            raise Exception(resp.text)
-
-        domain_json = resp.text
-        return json.loads(domain_json)['domain']
+        try:
+            return {'name': self._ks.domains.get(id).name}
+        except:
+            self._ks = None
+            self._get_keystone_conn()
+            return {'name': self._ks.domains.get(id).name}
     # end _ksv3_domain_get
 
     def _ksv3_projects_list(self):
-        resp = self._ks.get('%s/projects' %(self._auth_url),
-                            headers={'X-AUTH-TOKEN':self._admin_token})
-        if resp.status_code != 200:
-            raise Exception(resp.text)
-
-        projects_json = resp.text
-        return json.loads(projects_json)['projects']
+        return [{'id': project.id} for project in self._ks.projects.list()]
     # end _ksv3_projects_list
 
     def _ksv3_project_get(self, id=None):
-        resp = self._ks.get('%s/projects/%s' %(self._auth_url, id),
-                            headers={'X-AUTH-TOKEN':self._admin_token})
-        if resp.status_code != 200:
-            raise Exception(resp.text)
-
-        project_json = resp.text
-        return json.loads(project_json)['project']
+        try:
+            project = self._ks.projects.get(id)
+            return {'id': project.id, 'name': project.name, 'domain_id': project.domain_id}
+        except Exception as e:
+            self._ks = None
+            self._get_keystone_conn()
+            project = self._ks.projects.get(id)
+            return {'id': project.id, 'name': project.name, 'domain_id': project.domain_id}
     # end _ksv3_project_get
 
     def _ksv3_sync_project_to_vnc(self, id=None, name=None):