Switch from FLAGS to CONF in nova.api

Use the global CONF variable instead of FLAGS. This is purely a cleanup
since FLAGS is already just another reference to CONF.

We leave the nova.flags imports until a later cleanup commit since
removing them may cause unpredictable problems due to config options not
being registered.

Change-Id: I11fda86471fbf02eec342b95ec314792388307e3

nova/api/auth.py

@@ -21,6 +21,7 @@ Common Auth Middleware.
 import webob.dec
 import webob.exc
 
+from nova import config
 from nova import context
 from nova import flags
 from nova.openstack.common import cfg
@@ -34,16 +35,16 @@ use_forwarded_for_opt = cfg.BoolOpt('use_forwarded_for',
         help='Treat X-Forwarded-For as the canonical remote address. '
              'Only enable this if you have a sanitizing proxy.')
 
-FLAGS = flags.FLAGS
+CONF = config.CONF
-FLAGS.register_opt(use_forwarded_for_opt)
+CONF.register_opt(use_forwarded_for_opt)
 LOG = logging.getLogger(__name__)
 
 
 def pipeline_factory(loader, global_conf, **local_conf):
     """A paste pipeline replica that keys off of auth_strategy."""
-    pipeline = local_conf[FLAGS.auth_strategy]
+    pipeline = local_conf[CONF.auth_strategy]
-    if not FLAGS.api_rate_limit:
+    if not CONF.api_rate_limit:
-        limit_name = FLAGS.auth_strategy + '_nolimit'
+        limit_name = CONF.auth_strategy + '_nolimit'
         pipeline = local_conf.get(limit_name, pipeline)
     pipeline = pipeline.split()
     filters = [loader.get_filter(n) for n in pipeline[:-1]]
@@ -95,7 +96,7 @@ class NovaKeystoneContext(wsgi.Middleware):
 
         # Build a context, including the auth_token...
         remote_address = req.remote_addr
-        if FLAGS.use_forwarded_for:
+        if CONF.use_forwarded_for:
             remote_address = req.headers.get('X-Forwarded-For', remote_address)
 
         service_catalog = None

nova/api/ec2/__init__.py

@@ -72,10 +72,8 @@ ec2_opts = [
                help='Time in seconds before ec2 timestamp expires'),
     ]
 
-FLAGS = flags.FLAGS
-FLAGS.register_opts(ec2_opts)
-
 CONF = config.CONF
+CONF.register_opts(ec2_opts)
 CONF.import_opt('use_forwarded_for', 'nova.api.auth')
 
 
@@ -165,11 +163,11 @@ class Lockout(wsgi.Middleware):
 
     def __init__(self, application):
         """middleware can use fake for testing."""
-        if FLAGS.memcached_servers:
+        if CONF.memcached_servers:
             import memcache
         else:
             from nova.common import memorycache as memcache
-        self.mc = memcache.Client(FLAGS.memcached_servers,
+        self.mc = memcache.Client(CONF.memcached_servers,
                                   debug=0)
         super(Lockout, self).__init__(application)
 
@@ -178,7 +176,7 @@ class Lockout(wsgi.Middleware):
         access_key = str(req.params['AWSAccessKeyId'])
         failures_key = "authfailures-%s" % access_key
         failures = int(self.mc.get(failures_key) or 0)
-        if failures >= FLAGS.lockout_attempts:
+        if failures >= CONF.lockout_attempts:
             detail = _("Too many failed authentications.")
             raise webob.exc.HTTPForbidden(detail=detail)
         res = req.get_response(self.application)
@@ -186,15 +184,15 @@ class Lockout(wsgi.Middleware):
             failures = self.mc.incr(failures_key)
             if failures is None:
                 # NOTE(vish): To use incr, failures has to be a string.
-                self.mc.set(failures_key, '1', time=FLAGS.lockout_window * 60)
+                self.mc.set(failures_key, '1', time=CONF.lockout_window * 60)
-            elif failures >= FLAGS.lockout_attempts:
+            elif failures >= CONF.lockout_attempts:
-                lock_mins = FLAGS.lockout_minutes
+                lock_mins = CONF.lockout_minutes
                 msg = _('Access key %(access_key)s has had %(failures)d'
                         ' failed authentications and will be locked out'
                         ' for %(lock_mins)d minutes.') % locals()
                 LOG.warn(msg)
                 self.mc.set(failures_key, str(failures),
-                            time=FLAGS.lockout_minutes * 60)
+                            time=CONF.lockout_minutes * 60)
         return res
 
 
@@ -226,14 +224,14 @@ class EC2KeystoneAuth(wsgi.Middleware):
             'path': req.path,
             'params': auth_params,
         }
-        if "ec2" in FLAGS.keystone_ec2_url:
+        if "ec2" in CONF.keystone_ec2_url:
             creds = {'ec2Credentials': cred_dict}
         else:
             creds = {'auth': {'OS-KSEC2:ec2Credentials': cred_dict}}
         creds_json = jsonutils.dumps(creds)
         headers = {'Content-Type': 'application/json'}
 
-        o = urlparse.urlparse(FLAGS.keystone_ec2_url)
+        o = urlparse.urlparse(CONF.keystone_ec2_url)
         if o.scheme == "http":
             conn = httplib.HTTPConnection(o.netloc)
         else:
@@ -264,7 +262,7 @@ class EC2KeystoneAuth(wsgi.Middleware):
             return ec2_error(req, request_id, "Unauthorized", msg)
 
         remote_address = req.remote_addr
-        if FLAGS.use_forwarded_for:
+        if CONF.use_forwarded_for:
             remote_address = req.headers.get('X-Forwarded-For',
                                              remote_address)
 
@@ -293,7 +291,7 @@ class NoAuth(wsgi.Middleware):
         user_id, _sep, project_id = req.params['AWSAccessKeyId'].partition(':')
         project_id = project_id or user_id
         remote_address = req.remote_addr
-        if FLAGS.use_forwarded_for:
+        if CONF.use_forwarded_for:
             remote_address = req.headers.get('X-Forwarded-For', remote_address)
         ctx = context.RequestContext(user_id,
                                      project_id,
@@ -317,7 +315,7 @@ class Requestify(wsgi.Middleware):
         args = dict(req.params)
         try:
             expired = ec2utils.is_ec2_timestamp_expired(req.params,
-                            expires=FLAGS.ec2_timestamp_expiry)
+                            expires=CONF.ec2_timestamp_expiry)
             if expired:
                 msg = _("Timestamp failed validation.")
                 LOG.exception(msg)

nova/api/ec2/apirequest.py

@@ -30,7 +30,6 @@ from nova import flags
 from nova.openstack.common import log as logging
 
 LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
 
 
 def _underscore_to_camelcase(str):

nova/api/ec2/cloud.py

@@ -33,6 +33,7 @@ from nova import compute
 from nova.compute import api as compute_api
 from nova.compute import instance_types
 from nova.compute import vm_states
+from nova import config
 from nova import db
 from nova import exception
 from nova import flags
@@ -45,7 +46,7 @@ from nova import utils
 from nova import volume
 
 
-FLAGS = flags.FLAGS
+CONF = config.CONF
 
 LOG = logging.getLogger(__name__)
 
@@ -283,22 +284,22 @@ class CloudController(object):
         return {'availabilityZoneInfo': result}
 
     def describe_regions(self, context, region_name=None, **kwargs):
-        if FLAGS.region_list:
+        if CONF.region_list:
             regions = []
-            for region in FLAGS.region_list:
+            for region in CONF.region_list:
                 name, _sep, host = region.partition('=')
-                endpoint = '%s://%s:%s%s' % (FLAGS.ec2_scheme,
+                endpoint = '%s://%s:%s%s' % (CONF.ec2_scheme,
                                              host,
-                                             FLAGS.ec2_port,
+                                             CONF.ec2_port,
-                                             FLAGS.ec2_path)
+                                             CONF.ec2_path)
                 regions.append({'regionName': name,
                                 'regionEndpoint': endpoint})
         else:
             regions = [{'regionName': 'nova',
-                        'regionEndpoint': '%s://%s:%s%s' % (FLAGS.ec2_scheme,
+                        'regionEndpoint': '%s://%s:%s%s' % (CONF.ec2_scheme,
-                                                            FLAGS.ec2_host,
+                                                            CONF.ec2_host,
-                                                            FLAGS.ec2_port,
+                                                            CONF.ec2_port,
-                                                            FLAGS.ec2_path)}]
+                                                            CONF.ec2_path)}]
         return {'regionInfo': regions}
 
     def describe_snapshots(self,
@@ -366,7 +367,7 @@ class CloudController(object):
         result = []
         for key_pair in key_pairs:
             # filter out the vpn keys
-            suffix = FLAGS.vpn_key_suffix
+            suffix = CONF.vpn_key_suffix
             if context.is_admin or not key_pair['name'].endswith(suffix):
                 result.append({
                     'keyName': key_pair['name'],
@@ -652,7 +653,7 @@ class CloudController(object):
     def create_security_group(self, context, group_name, group_description):
         if isinstance(group_name, unicode):
             group_name = group_name.encode('utf-8')
-        if FLAGS.ec2_strict_validation:
+        if CONF.ec2_strict_validation:
             # EC2 specification gives constraints for name and description:
             # Accepts alphanumeric characters, spaces, dashes, and underscores
             allowed = '^[a-zA-Z0-9_\- ]+$'
@@ -1048,7 +1049,7 @@ class CloudController(object):
                 instances = []
         for instance in instances:
             if not context.is_admin:
-                if instance['image_ref'] == str(FLAGS.vpn_image_id):
+                if instance['image_ref'] == str(CONF.vpn_image_id):
                     continue
             i = {}
             instance_uuid = instance['uuid']
@@ -1070,7 +1071,7 @@ class CloudController(object):
                 floating_ip = ip_info['floating_ips'][0]
             if ip_info['fixed_ip6s']:
                 i['dnsNameV6'] = ip_info['fixed_ip6s'][0]
-            if FLAGS.ec2_private_dns_show_ip:
+            if CONF.ec2_private_dns_show_ip:
                 i['privateDnsName'] = fixed_ip
             else:
                 i['privateDnsName'] = instance['hostname']

nova/api/ec2/ec2utils.py

@@ -27,8 +27,6 @@ from nova.openstack.common import log as logging
 from nova.openstack.common import timeutils
 from nova import utils
 
-
-FLAGS = flags.FLAGS
 LOG = logging.getLogger(__name__)
 
 

nova/api/ec2/faults.py

@@ -15,11 +15,12 @@
 import webob.dec
 import webob.exc
 
+from nova import config
 from nova import context
 from nova import flags
 from nova import utils
 
-FLAGS = flags.FLAGS
+CONF = config.CONF
 
 
 class Fault(webob.exc.HTTPException):
@@ -44,7 +45,7 @@ class Fault(webob.exc.HTTPException):
         user_id, _sep, project_id = req.params['AWSAccessKeyId'].partition(':')
         project_id = project_id or user_id
         remote_address = getattr(req, 'remote_address', '127.0.0.1')
-        if FLAGS.use_forwarded_for:
+        if CONF.use_forwarded_for:
             remote_address = req.headers.get('X-Forwarded-For', remote_address)
 
         ctxt = context.RequestContext(user_id,

nova/api/manager.py

@@ -16,11 +16,12 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
+from nova import config
 from nova import flags
 from nova import manager
 from nova.openstack.common import importutils
 
-FLAGS = flags.FLAGS
+CONF = config.CONF
 
 
 class MetadataManager(manager.Manager):
@@ -31,7 +32,7 @@ class MetadataManager(manager.Manager):
     """
     def __init__(self, *args, **kwargs):
         super(MetadataManager, self).__init__(*args, **kwargs)
-        self.network_driver = importutils.import_module(FLAGS.network_driver)
+        self.network_driver = importutils.import_module(CONF.network_driver)
 
     def init_host(self):
         """Perform any initialization.

nova/api/metadata/base.py

@@ -41,9 +41,8 @@ metadata_opts = [
                      'config drive')),
     ]
 
-FLAGS = flags.FLAGS
-FLAGS.register_opts(metadata_opts)
 CONF = config.CONF
+CONF.register_opts(metadata_opts)
 CONF.import_opt('dhcp_domain', 'nova.network.manager')
 
 
@@ -310,8 +309,8 @@ class InstanceMetadata():
 
     def _get_hostname(self):
         return "%s%s%s" % (self.instance['hostname'],
-                           '.' if FLAGS.dhcp_domain else '',
+                           '.' if CONF.dhcp_domain else '',
-                           FLAGS.dhcp_domain)
+                           CONF.dhcp_domain)
 
     def lookup(self, path):
         if path == "" or path[0] != "/":
@@ -353,7 +352,7 @@ class InstanceMetadata():
         """Yields (path, value) tuples for metadata elements."""
         # EC2 style metadata
         for version in VERSIONS + ["latest"]:
-            if version in FLAGS.config_drive_skip_versions.split(' '):
+            if version in CONF.config_drive_skip_versions.split(' '):
                 continue
 
             data = self.get_ec2_metadata(version)

nova/api/metadata/handler.py

@@ -29,12 +29,12 @@ from nova import flags
 from nova.openstack.common import log as logging
 from nova import wsgi
 
-LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
 CONF = config.CONF
 CONF.import_opt('use_forwarded_for', 'nova.api.auth')
 
-if FLAGS.memcached_servers:
+LOG = logging.getLogger(__name__)
+
+if CONF.memcached_servers:
     import memcache
 else:
     from nova.common import memorycache as memcache
@@ -44,7 +44,7 @@ class MetadataRequestHandler(wsgi.Application):
     """Serve metadata."""
 
     def __init__(self):
-        self._cache = memcache.Client(FLAGS.memcached_servers, debug=0)
+        self._cache = memcache.Client(CONF.memcached_servers, debug=0)
 
     def get_metadata(self, address):
         if not address:
@@ -67,7 +67,7 @@ class MetadataRequestHandler(wsgi.Application):
     @webob.dec.wsgify(RequestClass=wsgi.Request)
     def __call__(self, req):
         remote_address = req.remote_addr
-        if FLAGS.use_forwarded_for:
+        if CONF.use_forwarded_for:
             remote_address = req.headers.get('X-Forwarded-For', remote_address)
 
         if os.path.normpath("/" + req.path_info) == "/":

nova/api/openstack/auth.py

@@ -28,7 +28,6 @@ from nova.openstack.common import log as logging
 from nova import wsgi as base_wsgi
 
 LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
 CONF = config.CONF
 CONF.import_opt('use_forwarded_for', 'nova.api.auth')
 
@@ -56,7 +55,7 @@ class NoAuthMiddleware(base_wsgi.Middleware):
         user_id, _sep, project_id = token.partition(':')
         project_id = project_id or user_id
         remote_address = getattr(req, 'remote_address', '127.0.0.1')
-        if FLAGS.use_forwarded_for:
+        if CONF.use_forwarded_for:
             remote_address = req.headers.get('X-Forwarded-For', remote_address)
         ctx = context.RequestContext(user_id,
                                      project_id,

nova/api/openstack/common.py

@@ -28,6 +28,7 @@ from nova.api.openstack import xmlutil
 from nova.compute import task_states
 from nova.compute import utils as compute_utils
 from nova.compute import vm_states
+from nova import config
 from nova import exception
 from nova import flags
 from nova.openstack.common import log as logging
@@ -35,7 +36,7 @@ from nova import quota
 
 
 LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
+CONF = config.CONF
 QUOTAS = quota.QUOTAS
 
 
@@ -148,7 +149,7 @@ def _get_marker_param(request):
     return request.GET['marker']
 
 
-def limited(items, request, max_limit=FLAGS.osapi_max_limit):
+def limited(items, request, max_limit=CONF.osapi_max_limit):
     """Return a slice of items according to requested offset and limit.
 
     :param items: A sliceable entity
@@ -185,7 +186,7 @@ def limited(items, request, max_limit=FLAGS.osapi_max_limit):
     return items[offset:range_end]
 
 
-def get_limit_and_marker(request, max_limit=FLAGS.osapi_max_limit):
+def get_limit_and_marker(request, max_limit=CONF.osapi_max_limit):
     """get limited parameter from request"""
     params = get_pagination_params(request)
     limit = params.get('limit', max_limit)
@@ -195,7 +196,7 @@ def get_limit_and_marker(request, max_limit=FLAGS.osapi_max_limit):
     return limit, marker
 
 
-def limited_by_marker(items, request, max_limit=FLAGS.osapi_max_limit):
+def limited_by_marker(items, request, max_limit=CONF.osapi_max_limit):
     """Return a slice of items according to the requested marker and limit."""
     limit, marker = get_limit_and_marker(request, max_limit)
 
@@ -414,7 +415,7 @@ class MetadataTemplate(xmlutil.TemplateBuilder):
 def check_snapshots_enabled(f):
     @functools.wraps(f)
     def inner(*args, **kwargs):
-        if not FLAGS.allow_instance_snapshots:
+        if not CONF.allow_instance_snapshots:
             LOG.warn(_('Rejecting snapshot request, snapshots currently'
                        ' disabled'))
             msg = _("Instance snapshots are not permitted at this time.")
@@ -443,7 +444,7 @@ class ViewBuilder(object):
         params = request.params.copy()
         params["marker"] = identifier
         prefix = self._update_link_prefix(request.application_url,
-                                          FLAGS.osapi_compute_link_prefix)
+                                          CONF.osapi_compute_link_prefix)
         url = os.path.join(prefix,
                            request.environ["nova.context"].project_id,
                            collection_name)
@@ -452,7 +453,7 @@ class ViewBuilder(object):
     def _get_href_link(self, request, identifier, collection_name):
         """Return an href string pointing to this object."""
         prefix = self._update_link_prefix(request.application_url,
-                                          FLAGS.osapi_compute_link_prefix)
+                                          CONF.osapi_compute_link_prefix)
         return os.path.join(prefix,
                             request.environ["nova.context"].project_id,
                             collection_name,
@@ -462,7 +463,7 @@ class ViewBuilder(object):
         """Create a URL that refers to a specific resource."""
         base_url = remove_version_from_href(request.application_url)
         base_url = self._update_link_prefix(base_url,
-                                            FLAGS.osapi_compute_link_prefix)
+                                            CONF.osapi_compute_link_prefix)
         return os.path.join(base_url,
                             request.environ["nova.context"].project_id,
                             collection_name,

nova/api/openstack/compute/__init__.py

@@ -31,6 +31,7 @@ from nova.api.openstack.compute import limits
 from nova.api.openstack.compute import server_metadata
 from nova.api.openstack.compute import servers
 from nova.api.openstack.compute import versions
+from nova import config
 from nova import flags
 from nova.openstack.common import cfg
 from nova.openstack.common import log as logging
@@ -42,8 +43,8 @@ allow_instance_snapshots_opt = cfg.BoolOpt('allow_instance_snapshots',
         default=True,
         help='Permit instance snapshot operations.')
 
-FLAGS = flags.FLAGS
+CONF = config.CONF
-FLAGS.register_opt(allow_instance_snapshots_opt)
+CONF.register_opt(allow_instance_snapshots_opt)
 
 
 class APIRouter(nova.api.openstack.APIRouter):

nova/api/openstack/compute/contrib/__init__.py

@@ -22,11 +22,12 @@ It can't be called 'extensions' because that causes namespacing problems.
 """
 
 from nova.api.openstack import extensions
+from nova import config
 from nova import flags
 from nova.openstack.common import log as logging
 
 
-FLAGS = flags.FLAGS
+CONF = config.CONF
 LOG = logging.getLogger(__name__)
 
 
@@ -36,4 +37,4 @@ def standard_extensions(ext_mgr):
 
 def select_extensions(ext_mgr):
     extensions.load_standard_extensions(ext_mgr, LOG, __path__, __package__,
-                                        FLAGS.osapi_compute_ext_list)
+                                        CONF.osapi_compute_ext_list)

nova/api/openstack/compute/contrib/admin_actions.py

@@ -27,11 +27,8 @@ from nova import exception
 from nova import flags
 from nova.openstack.common import log as logging
 
-
-FLAGS = flags.FLAGS
 LOG = logging.getLogger(__name__)
 
-
 # States usable in resetState action
 state_map = dict(active=vm_states.ACTIVE, error=vm_states.ERROR)
 

nova/api/openstack/compute/contrib/certificates.py

@@ -24,9 +24,7 @@ from nova import flags
 from nova import network
 from nova.openstack.common import log as logging
 
-
 LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
 authorize = extensions.extension_authorizer('compute', 'certificates')
 
 

nova/api/openstack/compute/contrib/cloudpipe.py

@@ -21,6 +21,7 @@ from nova.cloudpipe import pipelib
 from nova import compute
 from nova.compute import utils as compute_utils
 from nova.compute import vm_states
+from nova import config
 from nova import db
 from nova import exception
 from nova import flags
@@ -30,8 +31,7 @@ from nova.openstack.common import log as logging
 from nova.openstack.common import timeutils
 from nova import utils
 
-
+CONF = config.CONF
-FLAGS = flags.FLAGS
 LOG = logging.getLogger(__name__)
 authorize = extensions.extension_authorizer('compute', 'cloudpipe')
 
@@ -70,12 +70,12 @@ class CloudpipeController(object):
         # NOTE(vish): One of the drawbacks of doing this in the api is
         #             the keys will only be on the api node that launched
         #             the cloudpipe.
-        fileutils.ensure_tree(FLAGS.keys_path)
+        fileutils.ensure_tree(CONF.keys_path)
 
     def _get_all_cloudpipes(self, context):
         """Get all cloudpipes"""
         return [instance for instance in self.compute_api.get_all(context)
-                if instance['image_ref'] == str(FLAGS.vpn_image_id)
+                if instance['image_ref'] == str(CONF.vpn_image_id)
                 and instance['vm_state'] != vm_states.DELETED]
 
     def _get_cloudpipe_for_project(self, context, project_id):

nova/api/openstack/compute/contrib/config_drive.py

@@ -23,8 +23,6 @@ from nova.api.openstack import wsgi
 from nova.api.openstack import xmlutil
 from nova import flags
 
-
-FLAGS = flags.FLAGS
 authorize = extensions.soft_extension_authorizer('compute', 'config_drive')
 
 

nova/api/openstack/compute/contrib/extended_server_attributes.py

@@ -22,8 +22,6 @@ from nova import db
 from nova import flags
 from nova.openstack.common import log as logging
 
-
-FLAGS = flags.FLAGS
 LOG = logging.getLogger(__name__)
 authorize = extensions.soft_extension_authorizer('compute',
                                                  'extended_server_attributes')

nova/api/openstack/compute/contrib/extended_status.py

@@ -21,8 +21,6 @@ from nova import compute
 from nova import flags
 from nova.openstack.common import log as logging
 
-
-FLAGS = flags.FLAGS
 LOG = logging.getLogger(__name__)
 authorize = extensions.soft_extension_authorizer('compute', 'extended_status')
 

nova/api/openstack/compute/contrib/hosts.py

@@ -28,9 +28,7 @@ from nova import exception
 from nova import flags
 from nova.openstack.common import log as logging
 
-
 LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
 authorize = extensions.extension_authorizer('compute', 'hosts')
 
 

nova/api/openstack/compute/contrib/instance_usage_audit_log.py

@@ -21,11 +21,12 @@ import datetime
 import webob.exc
 
 from nova.api.openstack import extensions
+from nova import config
 from nova import db
 from nova import flags
 from nova import utils
 
-FLAGS = flags.FLAGS
+CONF = config.CONF
 
 
 authorize = extensions.extension_authorizer('compute',
@@ -82,7 +83,7 @@ class InstanceUsageAuditLogController(object):
         # We do this this way to include disabled compute services,
         # which can have instances on them. (mdragon)
         services = [svc for svc in db.service_get_all(context)
-                    if svc['topic'] == FLAGS.compute_topic]
+                    if svc['topic'] == CONF.compute_topic]
         hosts = set(serv['host'] for serv in services)
         seen_hosts = set()
         done_hosts = set()

nova/api/openstack/compute/contrib/networks.py

@@ -26,8 +26,6 @@ from nova import flags
 from nova import network
 from nova.openstack.common import log as logging
 
-
-FLAGS = flags.FLAGS
 LOG = logging.getLogger(__name__)
 authorize = extensions.extension_authorizer('compute', 'networks')
 authorize_view = extensions.extension_authorizer('compute', 'networks:view')

nova/api/openstack/compute/contrib/rescue.py

@@ -21,13 +21,14 @@ from nova.api.openstack import common
 from nova.api.openstack import extensions as exts
 from nova.api.openstack import wsgi
 from nova import compute
+from nova import config
 from nova import exception
 from nova import flags
 from nova.openstack.common import log as logging
 from nova import utils
 
 
-FLAGS = flags.FLAGS
+CONF = config.CONF
 LOG = logging.getLogger(__name__)
 authorize = exts.extension_authorizer('compute', 'rescue')
 
@@ -54,7 +55,7 @@ class RescueController(wsgi.Controller):
         if body['rescue'] and 'adminPass' in body['rescue']:
             password = body['rescue']['adminPass']
         else:
-            password = utils.generate_password(FLAGS.password_length)
+            password = utils.generate_password(CONF.password_length)
 
         instance = self._get_instance(context, id)
         try:

nova/api/openstack/compute/contrib/security_groups.py

@@ -32,9 +32,7 @@ from nova import exception
 from nova import flags
 from nova.openstack.common import log as logging
 
-
 LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
 authorize = extensions.extension_authorizer('compute', 'security_groups')
 softauth = extensions.soft_extension_authorizer('compute', 'security_groups')
 

nova/api/openstack/compute/contrib/simple_tenant_usage.py

@@ -26,8 +26,6 @@ from nova import exception
 from nova import flags
 from nova.openstack.common import timeutils
 
-
-FLAGS = flags.FLAGS
 authorize_show = extensions.extension_authorizer('compute',
                                                  'simple_tenant_usage:show')
 authorize_list = extensions.extension_authorizer('compute',

nova/api/openstack/compute/contrib/volumes.py

@@ -30,9 +30,7 @@ from nova.openstack.common import log as logging
 from nova import utils
 from nova import volume
 
-
 LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
 authorize = extensions.extension_authorizer('compute', 'volumes')
 
 

nova/api/openstack/compute/extensions.py

@@ -16,19 +16,20 @@
 #    under the License.
 
 from nova.api.openstack import extensions as base_extensions
+from nova import config
 from nova import flags
 from nova.openstack.common import log as logging
 from nova.openstack.common.plugin import pluginmanager
 
 
 LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
+CONF = config.CONF
 
 
 class ExtensionManager(base_extensions.ExtensionManager):
     def __init__(self):
         LOG.audit(_('Initializing extension manager.'))
-        self.cls_list = FLAGS.osapi_compute_extension
+        self.cls_list = CONF.osapi_compute_extension
         self.PluginManager = pluginmanager.PluginManager('nova',
                                                          'compute-extensions')
         self.PluginManager.load_plugins()

nova/api/openstack/compute/image_metadata.py

@@ -24,9 +24,6 @@ from nova import flags
 from nova.image import glance
 
 
-FLAGS = flags.FLAGS
-
-
 class Controller(object):
     """The image metadata API controller for the OpenStack API"""
 

nova/api/openstack/compute/images.py

@@ -27,7 +27,6 @@ import nova.utils
 
 
 LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
 
 SUPPORTED_FILTERS = {
     'name': 'name',

nova/api/openstack/compute/ips.py

@@ -25,9 +25,7 @@ from nova.api.openstack import xmlutil
 from nova import flags
 from nova.openstack.common import log as logging
 
-
 LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
 
 
 def make_network(elem):

nova/api/openstack/compute/servers.py

@@ -30,6 +30,7 @@ from nova.api.openstack import wsgi
 from nova.api.openstack import xmlutil
 from nova import compute
 from nova.compute import instance_types
+from nova import config
 from nova import exception
 from nova import flags
 from nova.openstack.common import importutils
@@ -40,7 +41,7 @@ from nova import utils
 
 
 LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
+CONF = config.CONF
 
 
 def make_fault(elem):
@@ -602,7 +603,7 @@ class Controller(wsgi.Controller):
             self.quantum_attempted = True
             from nova.network.quantumv2 import api as quantum_api
             self.have_quantum = issubclass(
-                importutils.import_class(FLAGS.network_api_class),
+                importutils.import_class(CONF.network_api_class),
                 quantum_api.API)
         except ImportError:
             self.have_quantum = False
@@ -920,7 +921,7 @@ class Controller(wsgi.Controller):
         if '_is_precooked' in server['server'].keys():
             del server['server']['_is_precooked']
         else:
-            if FLAGS.enable_instance_password:
+            if CONF.enable_instance_password:
                 server['server']['adminPass'] = password
 
         robj = wsgi.ResponseObject(server)
@@ -929,7 +930,7 @@ class Controller(wsgi.Controller):
 
     def _delete(self, context, req, instance_uuid):
         instance = self._get_server(context, req, instance_uuid)
-        if FLAGS.reclaim_instance_interval:
+        if CONF.reclaim_instance_interval:
             self.compute_api.soft_delete(context, instance)
         else:
             self.compute_api.delete(context, instance)
@@ -1184,7 +1185,7 @@ class Controller(wsgi.Controller):
         try:
             password = body['adminPass']
         except (KeyError, TypeError):
-            password = utils.generate_password(FLAGS.password_length)
+            password = utils.generate_password(CONF.password_length)
 
         context = req.environ['nova.context']
         instance = self._get_server(context, req, id)
@@ -1252,7 +1253,7 @@ class Controller(wsgi.Controller):
 
         # Add on the adminPass attribute since the view doesn't do it
         # unless instance passwords are disabled
-        if FLAGS.enable_instance_password:
+        if CONF.enable_instance_password:
             view['server']['adminPass'] = password
 
         robj = wsgi.ResponseObject(view)
@@ -1326,7 +1327,7 @@ class Controller(wsgi.Controller):
             password = server['adminPass']
             self._validate_admin_password(password)
         except KeyError:
-            password = utils.generate_password(FLAGS.password_length)
+            password = utils.generate_password(CONF.password_length)
         except ValueError:
             raise exc.HTTPBadRequest(explanation=_("Invalid adminPass"))
 

nova/api/openstack/compute/views/addresses.py

@@ -21,8 +21,6 @@ from nova.api.openstack import common
 from nova import flags
 from nova.openstack.common import log as logging
 
-
-FLAGS = flags.FLAGS
 LOG = logging.getLogger(__name__)
 
 

nova/api/openstack/compute/views/images.py

@@ -18,11 +18,11 @@
 import os.path
 
 from nova.api.openstack import common
+from nova import config
 from nova import flags
 from nova import utils
 
-
+CONF = config.CONF
-FLAGS = flags.FLAGS
 
 
 class ViewBuilder(common.ViewBuilder):
@@ -123,7 +123,7 @@ class ViewBuilder(common.ViewBuilder):
         """Create an alternate link for a specific image id."""
         glance_url = utils.generate_glance_url()
         glance_url = self._update_link_prefix(glance_url,
-                                              FLAGS.osapi_glance_link_prefix)
+                                              CONF.osapi_glance_link_prefix)
         return os.path.join(glance_url,
                             request.environ["nova.context"].project_id,
                             self._collection_name,

nova/api/openstack/compute/views/versions.py

@@ -19,10 +19,11 @@ import copy
 import os
 
 from nova.api.openstack import common
+from nova import config
 from nova import flags
 
 
-FLAGS = flags.FLAGS
+CONF = config.CONF
 
 
 def get_view_builder(req):
@@ -93,7 +94,7 @@ class ViewBuilder(common.ViewBuilder):
     def generate_href(self, path=None):
         """Create an url that refers to a specific version_number."""
         prefix = self._update_link_prefix(self.base_url,
-                                          FLAGS.osapi_compute_link_prefix)
+                                          CONF.osapi_compute_link_prefix)
         version_number = 'v2'
         if path:
             path = path.strip('/')

nova/api/openstack/extensions.py

@@ -30,9 +30,7 @@ from nova.openstack.common import importutils
 from nova.openstack.common import log as logging
 import nova.policy
 
-
 LOG = logging.getLogger(__name__)
-FLAGS = flags.FLAGS
 
 
 class ExtensionDescriptor(object):

nova/api/sizelimit.py

@@ -21,6 +21,7 @@ Request Body limiting middleware.
 import webob.dec
 import webob.exc
 
+from nova import config
 from nova import flags
 from nova.openstack.common import cfg
 from nova.openstack.common import log as logging
@@ -33,8 +34,8 @@ max_request_body_size_opt = cfg.IntOpt('osapi_max_request_body_size',
                                        help='the maximum body size '
                                             'per each osapi request(bytes)')
 
-FLAGS = flags.FLAGS
+CONF = config.CONF
-FLAGS.register_opt(max_request_body_size_opt)
+CONF.register_opt(max_request_body_size_opt)
 LOG = logging.getLogger(__name__)
 
 
@@ -46,8 +47,8 @@ class RequestBodySizeLimiter(wsgi.Middleware):
 
     @webob.dec.wsgify(RequestClass=wsgi.Request)
     def __call__(self, req):
-        if (req.content_length > FLAGS.osapi_max_request_body_size
+        if (req.content_length > CONF.osapi_max_request_body_size
-            or len(req.body) > FLAGS.osapi_max_request_body_size):
+            or len(req.body) > CONF.osapi_max_request_body_size):
             msg = _("Request is too large.")
             raise webob.exc.HTTPBadRequest(explanation=msg)
         else: