Use SDK instead of neutronclient
TODO: * Document somehwere if users need to be more careful with config. * Check with somebody the devstack plugin.sh and cfg part * I see some warnings in the logs like: "The token used to make the request was project scoped but the policy requires ['system'] scope", I suppose I have to update my environment for the new RBAC things, but better to check it in detail. Change-Id: I0198f38afe3d5c32ea06d9e674ab0ff849f360e6 Related-Bug: #1999774
This commit is contained in:
parent
5703810a40
commit
e2fabfff96
|
@ -16,8 +16,8 @@
|
|||
# Copied partially from nova
|
||||
import concurrent.futures
|
||||
import futurist
|
||||
from neutronclient.common import exceptions as neutron_exceptions
|
||||
from neutronclient.v2_0 import client as clientv20
|
||||
import openstack
|
||||
from openstack import exceptions as sdk_exceptions
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log as logging
|
||||
|
||||
|
@ -28,24 +28,31 @@ CONF = cfg.CONF
|
|||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
||||
def get_client(context, endpoint):
|
||||
def get_client(context, endpoint, region):
|
||||
params = {
|
||||
'endpoint_url': endpoint,
|
||||
'auth_url': CONF['network_api:neutron'].auth_url,
|
||||
'timeout': CONF['network_api:neutron'].timeout,
|
||||
'insecure': CONF['network_api:neutron'].insecure,
|
||||
'ca_cert': CONF['network_api:neutron'].ca_certificates_file,
|
||||
'region_name': region,
|
||||
# TODO(lajoskatona): Add this to network_api cfg section
|
||||
'project_domain_name': 'default',
|
||||
}
|
||||
|
||||
if context.auth_token:
|
||||
params['token'] = context.auth_token
|
||||
params['auth_strategy'] = None
|
||||
params['auth_type'] = 'token'
|
||||
params['project_name'] = CONF['network_api:neutron'].admin_tenant_name
|
||||
elif CONF['network_api:neutron'].admin_username is not None:
|
||||
params['username'] = CONF['network_api:neutron'].admin_username
|
||||
params['project_name'] = CONF['network_api:neutron'].admin_tenant_name
|
||||
params['password'] = CONF['network_api:neutron'].admin_password
|
||||
params['auth_url'] = CONF['network_api:neutron'].auth_url
|
||||
params['auth_strategy'] = CONF['network_api:neutron'].auth_strategy
|
||||
return clientv20.Client(**params)
|
||||
|
||||
return openstack.connect(**params)
|
||||
|
||||
|
||||
class NeutronNetworkAPI(base.NetworkAPI):
|
||||
|
@ -89,20 +96,22 @@ class NeutronNetworkAPI(base.NetworkAPI):
|
|||
def _get_floating_ips(context, endpoint, region, project_id):
|
||||
LOG.debug('Fetching floating ips from %(region)s @ %(endpoint)s',
|
||||
{'region': region, 'endpoint': endpoint})
|
||||
client = get_client(context, endpoint=endpoint)
|
||||
client = get_client(context, endpoint=endpoint, region=region)
|
||||
try:
|
||||
fips = client.list_floatingips(project_id=project_id)
|
||||
for fip in fips['floatingips']:
|
||||
fips = client.network.ips(project_id=project_id)
|
||||
for fip in fips:
|
||||
yield {
|
||||
'id': fip['id'],
|
||||
'address': fip['floating_ip_address'],
|
||||
'region': region
|
||||
}
|
||||
except neutron_exceptions.Unauthorized:
|
||||
except sdk_exceptions.HttpException as http_ex:
|
||||
LOG.warning(
|
||||
'Failed fetching floating ips from %(region)s @ %(endpoint)s'
|
||||
'due to an Unauthorized error',
|
||||
{'region': region, 'endpoint': endpoint}
|
||||
'due to a %(cause)s error',
|
||||
{'region': region,
|
||||
'endpoint': endpoint,
|
||||
'cause': http_ex.message}
|
||||
)
|
||||
except Exception:
|
||||
LOG.error(
|
||||
|
|
|
@ -15,8 +15,7 @@
|
|||
# under the License.
|
||||
from unittest import mock
|
||||
|
||||
from neutronclient.common import exceptions as neutron_exceptions
|
||||
from neutronclient.v2_0 import client as clientv20
|
||||
from openstack import exceptions as sdk_exceptions
|
||||
from oslo_config import cfg
|
||||
from oslo_config import fixture as cfg_fixture
|
||||
import oslotest.base
|
||||
|
@ -38,15 +37,18 @@ class NeutronNetworkAPITest(oslotest.base.BaseTestCase):
|
|||
'endpoints', ['RegionOne|http://localhost:9696'],
|
||||
'network_api:neutron'
|
||||
)
|
||||
CONF.set_override(
|
||||
'auth_url', 'http://localhost/identity', 'network_api:neutron'
|
||||
)
|
||||
|
||||
self.api = get_network_api('neutron')
|
||||
self.context = context.DesignateContext(
|
||||
user_id='12345', project_id='54321',
|
||||
)
|
||||
|
||||
@mock.patch.object(clientv20, 'Client')
|
||||
@mock.patch('openstack.connect')
|
||||
def test_get_client(self, mock_client):
|
||||
neutron.get_client(self.context, 'http://localhost:9696')
|
||||
neutron.get_client(self.context, 'http://localhost:9696', 'RegionOne')
|
||||
|
||||
_, kwargs = mock_client.call_args
|
||||
|
||||
|
@ -60,13 +62,13 @@ class NeutronNetworkAPITest(oslotest.base.BaseTestCase):
|
|||
|
||||
self.assertEqual('http://localhost:9696', kwargs['endpoint_url'])
|
||||
|
||||
@mock.patch.object(clientv20, 'Client')
|
||||
@mock.patch('openstack.connect')
|
||||
def test_get_client_using_token(self, mock_client):
|
||||
self.context = context.DesignateContext(
|
||||
user_id='12345', project_id='54321', auth_token='token',
|
||||
)
|
||||
|
||||
neutron.get_client(self.context, 'http://localhost:9696')
|
||||
neutron.get_client(self.context, 'http://localhost:9696', 'RegionOne')
|
||||
|
||||
_, kwargs = mock_client.call_args
|
||||
|
||||
|
@ -77,14 +79,14 @@ class NeutronNetworkAPITest(oslotest.base.BaseTestCase):
|
|||
self.assertEqual('http://localhost:9696', kwargs['endpoint_url'])
|
||||
self.assertEqual(self.context.auth_token, kwargs['token'])
|
||||
|
||||
@mock.patch.object(clientv20, 'Client')
|
||||
@mock.patch('openstack.connect')
|
||||
def test_get_client_using_admin(self, mock_client):
|
||||
CONF.set_override(
|
||||
'admin_username', 'test',
|
||||
'network_api:neutron'
|
||||
)
|
||||
|
||||
neutron.get_client(self.context, 'http://localhost:9696')
|
||||
neutron.get_client(self.context, 'http://localhost:9696', 'RegionOne')
|
||||
|
||||
_, kwargs = mock_client.call_args
|
||||
|
||||
|
@ -100,10 +102,10 @@ class NeutronNetworkAPITest(oslotest.base.BaseTestCase):
|
|||
kwargs['username'], CONF['network_api:neutron'].admin_username
|
||||
)
|
||||
|
||||
@mock.patch.object(neutron, 'get_client')
|
||||
@mock.patch('openstack.connect')
|
||||
def test_list_floatingips(self, get_client):
|
||||
driver = mock.Mock()
|
||||
driver.list_floatingips.return_value = {'floatingips': [
|
||||
driver.network.ips.return_value = [
|
||||
{
|
||||
'id': '123',
|
||||
'floating_ip_address': '192.168.0.100',
|
||||
|
@ -114,24 +116,24 @@ class NeutronNetworkAPITest(oslotest.base.BaseTestCase):
|
|||
'floating_ip_address': '192.168.0.200',
|
||||
'region': 'RegionOne'
|
||||
},
|
||||
]}
|
||||
]
|
||||
get_client.return_value = driver
|
||||
|
||||
self.assertEqual(2, len(self.api.list_floatingips(self.context)))
|
||||
|
||||
@mock.patch.object(neutron, 'get_client')
|
||||
@mock.patch('openstack.connect')
|
||||
def test_list_floatingips_unauthorized(self, get_client):
|
||||
driver = mock.Mock()
|
||||
driver.list_floatingips.side_effect = neutron_exceptions.Unauthorized
|
||||
driver.network.ips.side_effect = sdk_exceptions.HttpException
|
||||
get_client.return_value = driver
|
||||
|
||||
self.assertEqual(0, len(self.api.list_floatingips(self.context)))
|
||||
|
||||
@mock.patch.object(neutron, 'get_client')
|
||||
@mock.patch('openstack.connect')
|
||||
def test_list_floatingips_communication_failure(self, get_client):
|
||||
driver = mock.Mock()
|
||||
driver.list_floatingips.side_effect = (
|
||||
neutron_exceptions.NeutronException
|
||||
driver.network.ips.side_effect = (
|
||||
Exception
|
||||
)
|
||||
get_client.return_value = driver
|
||||
|
||||
|
|
|
@ -91,6 +91,13 @@ function configure_designate {
|
|||
iniset $DESIGNATE_CONF oslo_messaging_notifications driver "$DESIGNATE_NOTIFICATION_DRIVER"
|
||||
iniset $DESIGNATE_CONF oslo_messaging_notifications topics "$DESIGNATE_NOTIFICATION_TOPICS"
|
||||
|
||||
# Set Neutron API/SDK config options
|
||||
ADMIN_TENANT_NAME=${ADMIN_TENANT_NAME:-"admin"}
|
||||
iniset $DESIGNATE_CONF network_api:neutron admin_tenant_name "$ADMIN_TENANT_NAME"
|
||||
iniset $DESIGNATE_CONF network_api:neutron admin_user_name "designate"
|
||||
iniset $DESIGNATE_CONF network_api:neutron admin_password "$SERVICE_PASSWORD"
|
||||
iniset $DESIGNATE_CONF network_api:neutron auth_url "$KEYSTONE_AUTH_URI"
|
||||
|
||||
# Root Wrap
|
||||
sudo cp $DESIGNATE_DIR/etc/designate/rootwrap.conf.sample $DESIGNATE_ROOTWRAP_CONF
|
||||
iniset $DESIGNATE_ROOTWRAP_CONF DEFAULT filters_path $DESIGNATE_DIR/etc/designate/rootwrap.d root-helper
|
||||
|
|
Loading…
Reference in New Issue