diff --git a/src/config/vnc_openstack/vnc_openstack/__init__.py b/src/config/vnc_openstack/vnc_openstack/__init__.py index 8bb12668e6f..6eec51d0b4d 100644 --- a/src/config/vnc_openstack/vnc_openstack/__init__.py +++ b/src/config/vnc_openstack/vnc_openstack/__init__.py @@ -16,7 +16,7 @@ import Queue import ConfigParser import keystoneclient.v2_0.client as keystone - +import keystoneclient.v3.client as keystonev3 import cfgm_common try: from cfgm_common import vnc_plugin_base @@ -81,6 +81,18 @@ def fill_keystone_opts(obj, conf_sections): resync_workers = '10' obj._resync_number_workers = int(resync_workers) + try: + # Get the domain_id for keystone v3 + obj._domain_id = conf_sections.get('KEYSTONE', 'admin_domain_id') + except ConfigParser.NoOptionError: + obj._domain_id = 'default' + + try: + # Get the user_domain_name for keystone v3 + obj._user_domain_name = conf_sections.get('KEYSTONE', 'admin_user_domain_name') + except ConfigParser.NoOptionError: + obj._user_domain_name = 'Default' + def _create_default_security_group(vnc_lib, proj_obj): def _get_rule(ingress, sg, prefix, ethertype): sgr_uuid = str(uuid.uuid4()) @@ -287,23 +299,22 @@ def _ksv2_del_project_from_vnc(self, project_id): # _ksv2_del_project_from_vnc def _ksv3_get_conn(self): - if self._ks: - return - - self._ks = requests.Session() - adapter = requests.adapters.HTTPAdapter() - self._ks.mount("http://", adapter) - self._ks.mount("https://", adapter) + if not self._ks: + if self._admin_token: + self._ks = keystonev3.Client(token=self._admin_token, + endpoint=self._auth_url, + insecure=self._insecure) + else: + self._ks = keystonev3.Client(user_domain_name=self._user_domain_name, + username=self._auth_user, + password=self._auth_passwd, + domain_id=self._domain_id, + auth_url=self._auth_url, + insecure=self._insecure) # end _ksv3_get_conn def _ksv3_domains_list(self): - resp = self._ks.get('%s/domains' %(self._auth_url), - headers={'X-AUTH-TOKEN':self._admin_token}) - if resp.status_code != 200: - raise Exception(resp.text) - - domains_json = resp.text - return json.loads(domains_json)['domains'] + return [{'id': domain.id} for domain in self._ks.domains.list()] # end _ksv3_domains_list def _ksv3_domain_id_to_uuid(self, domain_id): @@ -314,33 +325,27 @@ def _ksv3_domain_id_to_uuid(self, domain_id): # _ksv3_domain_id_to_uuid def _ksv3_domain_get(self, id=None): - resp = self._ks.get('%s/domains/%s' %(self._auth_url, id), - headers={'X-AUTH-TOKEN':self._admin_token}) - if resp.status_code != 200: - raise Exception(resp.text) - - domain_json = resp.text - return json.loads(domain_json)['domain'] + try: + return {'name': self._ks.domains.get(id).name} + except: + self._ks = None + self._get_keystone_conn() + return {'name': self._ks.domains.get(id).name} # end _ksv3_domain_get def _ksv3_projects_list(self): - resp = self._ks.get('%s/projects' %(self._auth_url), - headers={'X-AUTH-TOKEN':self._admin_token}) - if resp.status_code != 200: - raise Exception(resp.text) - - projects_json = resp.text - return json.loads(projects_json)['projects'] + return [{'id': project.id} for project in self._ks.projects.list()] # end _ksv3_projects_list def _ksv3_project_get(self, id=None): - resp = self._ks.get('%s/projects/%s' %(self._auth_url, id), - headers={'X-AUTH-TOKEN':self._admin_token}) - if resp.status_code != 200: - raise Exception(resp.text) - - project_json = resp.text - return json.loads(project_json)['project'] + try: + project = self._ks.projects.get(id) + return {'id': project.id, 'name': project.name, 'domain_id': project.domain_id} + except Exception as e: + self._ks = None + self._get_keystone_conn() + project = self._ks.projects.get(id) + return {'id': project.id, 'name': project.name, 'domain_id': project.domain_id} # end _ksv3_project_get def _ksv3_sync_project_to_vnc(self, id=None, name=None):