794c5044fa
Currently, no useful notification will be sent for keypair state change. This spec will transform legacy notification to versioned notification about keypairs, and at the same time extend contents of notification with extra data. Blueprint: keypair-notification Change-Id: I05080afb8bd4249f8bea23512b25844fecbefeb9
4.9 KiB
Improve notification for keypair
https://blueprints.launchpad.net/nova/+spec/keypair-notification
Currently, no useful notification will be sent for keypair state change. Nova notifies only key_name when creating/deleting keypair. So it is impossible for users to search keypair information (e.g. ssh public key) by using external system like searchlight.
Problem description
Use Cases
The external system wants to index the keypairs which makes the query for large number of keypairs more fast and efficient. Some users and systems want to search and retrieve ssh public keys and fingerprints to cooperate with external systems by ssh passthrough.
Proposed change
This spec will transform legacy notification to versioned notification about the following keypairs events, and at the same time extend contents of notification with extra data to support the above use case.
- keypair.create.start
- keypair.create.end
- keypair.delete.start
- keypair.delete.end
- keypair.import.start
- keypair.import.end
Alternatives
None
Data model impact
No database schema change is needed.
The following new objects will be added to keypair:
@base.NovaObjectRegistry.register
class KeypairNotification(notification.NotificationBase):
# Version 1.0: Initial version
VERSION = '1.0'
fields = {
'payload': fields.ObjectField('KeypairPayload')
}
@base.NovaObjectRegistry.register
class KeypairPayload(notification.NotificationPayloadBase):
# Version 1.0: Initial version
SCHEMA = {
'name': ('keypair', 'name'),
'type': ('keypair', 'type'),
'fingerprint': ('keypair', 'fingerprint'),
'public_key': ('keypair', 'public_key'),
'user_id': ('keypair', 'user_id')
}
VERSION = '1.0'
fields = {
'name': fields.StringField(),
'type': fields.KeypairTypeField(),
'fingerprint': fields.StringField(),
'public_key': fields.StringField(),
'user_id': fields.StringField(),
}
def __init__(self, keypair):
super(KeypairPayload, self).__init__()
self.populate_schema(keypair=keypair)
class KeypairType(Enum):
"""Represents possible type values for a Keypair."""
SSH = 'ssh'
X509 = 'x509'
ALL = (SSH, X509)
def __init__(self):
super(KeypairType, self).__init__(
valid_values=KeypairType.ALL)
class KeypairTypeField(BaseEnumField):
AUTO_TYPE = KeypairType()The definition of NotificationBase can be found [1].
REST API impact
None
Security impact
None
Notifications impact
Notification for keypair will be changed as follows:
'Before'::
{ "key_name": "key1" }'After'::
{ "priority": "INFO", "payload": { "nova_object.namespace": "nova", "nova_object.name": "KeypairPayload", "nova_object.version": "1.0", "nova_object.data": { "id": 1, "name": "key1", "type": "ssh", "fingerprint": "6d:a1:2c:a3:.....", "public_key": "Public key: ssh-rsa AAAAB3Nza......", "user_id": "5ed98568284443b09b82f2a519a3f1d5", "created_at": "2016-04-04T04:18:30.000000", "deleted_at": None } }, "event_type": "keypair.create.end", "publisher_id": "nova-compute:host1" }
Other end user impact
None
Performance Impact
None
Other deployer impact
None
Developer impact
None
Implementation
Assignee(s)
- Primary assignee:
-
h-eguchi
Work Items
- Add a new notification of keypairs which have a versioned payload.
We keep both notifications available in parallel for some time. We will remove the legacy ones as soon as we have feature parity in the versioned side.
Dependencies
None
Testing
Besides unit test new functional test cases will be added to cover the improved notifications. And notification samples and related tests need to be added.
Documentation Impact
None
References
[1]: Versioned notification: http://docs.openstack.org/developer/nova/notifications.html#versioned-notifications
History
| Release Name | Description |
|---|---|
| Newton | Introduced |