Added retry support when encounter requests.exceptions.Timeout
during HTTP request.
Closes-Bug: #1379505
Change-Id: I6253a109c3a76dd2f15c96a349da68936f9bfff4
To be able to create profiling traces for Cinder, client should be
able to send special HTTP header that contains trace info.
This patch is as well important to be able to make cross project
traces. (Typical case nova calls cinder via python client, if
profiler is initialized in nova, cinder client will add extra
header, that will be parsed by special osprofiler middleware in cinder
api)
Don't worry no security issue here, trace information is signed by HMAC
key that is setted in api-paste.ini. So only person that knows HMAC key
is able to send proper header.
Main patch (in Cinder) is:
https://review.openstack.org/#/c/103415/
Change-Id: I53bb1b92e62841a02f941bdafaed7f8ed5db7ce1
The keystoneclient provides an adapter which maintains the client state
around the session. We should re-use this rather than copy it and it
also means we will get new adapter functions and parameters as they
become available.
Change-Id: I05c0d650dcdd69f7e77a06563d735efe521a41ae
This change looks for the use of 'password' in the data that
is sent and uses mask_password() to remove the actual password
text. This change will prevent debug output that is being
saved from saving passwords.
A test case is added to verify that password output is being removed.
Change-Id: I93bde838ea21101df08c0e824d9f9457ed2ad077
Closes-Bug: 1341735
Adding channels to a logger is not the responsibility of a library. This
sort of thing should be handled by an application so move the logging
over to the shell.
Change-Id: Ie11571d428913eba1aae5aa42a6e925228ba6808
The python-requests documentation indicates that the
ConnectionError exception can be raised for reasons other than
"connection refused". Let's just say "error" rather than
implying the wrong type of failure.
Change-Id: I2205e27c7c68164db430cdfdc71b57b3002b24be
Currently, cinder client does not retry when connections to cinder
service is refused. There are many legitimate scenarios under which
retry should be attempted:
1) cinder service being restarted;
2) cinder service is running on multiple API nodes behind a LB, which
might be temporarily overwhelmed or being maintained.
In any scenario, retry with a backoff timer does not seem to hurt.
Change-Id: I3c290c59fa67262c4a3473815b4380ee39e24332
Closes-Bug: 1347843
V3Client support added version discovery and session supports. Most
of the external auth system doesn't support this. This fix bypasses
version discovery if the idenity service doesn't support that. Session
is used only if no external auth plugin is used
Change-Id: Ia84a2ad45940d35c5ef740727f5f7477c72ea9d4
Closes-Bug: #1333961
Using attr and filter is no longer necessary. We provide a region_name
filter directly that works with both v2 and v3 service catalogs.
Change-Id: I67b50fcaa5e4df5c2bb7b2966b5ef2040e6286e7
* service_catalog.py will be used only by nova(cinder.py), it will be removed if nova
uses access instead of service_catalog. Then service_catalog.py and
test_service_catalog.py will be removed from cinderclient if necessary.
* Some unit tests are modified.
* Because of JSON format's modification, functions that process cinder
credentials and cinder endpoints are changed.
* Add dependency for keystoneclient in requirements.txt.
Change-Id: Icf7badfdddcf5f55536d95db7242aff58aa34b6e
Closes-Bug: #1263876
bp: service-catalog
With CINDER_RAX_AUTH being rightfully removed, cinderclient is no longer
compatible with Rackspace/any non-keystone auth. To fix this, I stole
auth_system/auth_plugin from novaclient's implementation.
See https://review.openstack.org/#/c/23820/.
Change-Id: If5f84003f868ef02bb7eb7da67cf62018602e8f0
Closes-Bug: 1280393
Python3 changed the behavior of dict.keys such that it is now
returns a dict_keys object, which is iterable but not indexable.
You can get the python2 result back with an explicit call to list.
Refactor list(*.keys()) so that it just uses list().
Change-Id: Ib2e9646ac967e9bd7cc4f47e2099f5d1358808a9
Signed-off-by: Chuck Short <chuck.short@canonical.com>
To search for verion in cinder endpoint string, instead of using
hard code position
Implements: search for verion in cinder endpoint string
Closes-Bug: #1227307
Change-Id: Ie38806ad995e6fd49155f448abf9b2ef43f24a0e
NOTE:
* openstack/common/* should be synced from oslo, so i leave them
untouched.
* add (c) symbol for related lines, leave others untouched.
Change-Id: I46a87c7f248d3468b1fdf5661411962faf2fb875
Fixes-Bug: #1214176
These exceptions can be used in novaclient, keystoneclient,
glanceclient, and other client projects.
Partially implements: blueprint common-client-library
Change-Id: I43918316622b1c1d722872fe30199db6a3a7bb76
Adds functionality which allows user to work with
that cinder API version which is the same as
the endpoint version.
Fixes: bug #1169455
Change-Id: I9bb46e602d15856d2da502a6ac2b6c25e76f4fa3
The testsuite is full of the following:
TypeError: 'dict_keys' object does not support indexing
This is due to the fact in python3 dict methods dict.keys(),
dict.items() and dict.values() return “views” instead of lists.
Change-Id: Ifa5383e6485fdbabf363fd1442877b2452346c1c
Signed-off-by: Chuck Short <chuck.short@canonical.com>
Python3 reorganized the standard library and moved several functions
to different modules. Six provides a consistent interface
to them through the fake six.moves module.
However, the urlparse, urllib2, etc modules have been combined
into one module which Six does not support so do it the old
fashioned way.
Change-Id: Ieb7cc7ee2a4a97807873cfe2fc3fa0a5cf3c3980
Signed-off-by: Chuck Short <chuck.short@canonical.com>
Instead of globally ignoring Pyflakes and Hacking
warnings, only blacklist those that occur frequently
and fix the others. Start gating on those checks.
Change-Id: Ice032c16d445ef08ef018bcdc5c221ab3c323755
This corrects an odd problem where Horizon would stand up multiple
client objects, which would cause duplicate/triplicate/dozens of
repeated log lines in its log files, due to multiple identical
handlers being added to the logging object
Fixes Bug 1182678
Change-Id: I198f3ecbb687bff69a06a166574b998cce54f2ac
Several files were missing the license issue, so simply
add them.
Change-Id: I866ec03096a72fe8ae7d776e2ffe040379ec5bc6
Signed-off-by: Chuck Short <chuck.short@canonical.com>
This will allow the cinderclient to speak to the v2 rest api if it's
enabled in the cinder config. Includes additional v2 tests as well.
blueprint cinderclient-v2-support
Change-Id: I004134d9f528a6eadefdaa89eb48087bcae2691f
Bump up version requirements for requests to standardize
on version >= 0.8 so it doesnt create conflict with other
openstack projects.
Change-Id: I1ed9b3bd6bdbbbb451298a3c397e6e7a06c0cabd
Signed-off-by: Chuck Short <chuck.short@canonical.com>
* Implement correct certificate verification
* Add --os-cacert
* Rework tests for requests
Pinned requests module to < 1.0 as 1.0.2 is now current in pipi
as of 17Dec2012.
Blueprint: tls-verify
Change-Id: I71066ff7297f3b70c08b7ae1c8ae8b6a1b82bbae
Ported from novaclient https://review.openstack.org/9241
Support CINDERCLIENT_DEBUG as synonym for --debug
Change-Id: Ic03b9e7d84c8db14f6e193ca2b478fd0d70d1299
HTTPClient now supports a retries argument. It will reissue requests
for any 5xx or socket (400 with n/a) errors. This retry loop was
"inspired" by swiftclient's loop. It reauths one extra time if
necessary. It uses backoff times of 1, 2, 4... seconds.
The default is 0 retries. It is also exposed to the shell as well with
a --retries arg.
Change-Id: I67bed02d65155f4a4d5d879bb233f56cc78849fa
HTTPClient now supports a retries argument. It will reissue requests
for any 5xx or socket (400 with n/a) errors. This retry loop was
"inspired" by swiftclient's loop. It reauths one time if necessary.
It uses backoff times of 1, 2, 4... seconds.
The default is 0 retries. It is also exposed to the shell as well with
a --retries arg.
Change-Id: I75d9a13d6c4ba16a5da13d4bf5cad78a777d67d7
Add a new optional tenant_id keyword argument to the client classes
cinderclient.client.HTTPClient and cinderclient.v1.client.Client to
support authentication with tenant_id instead of projectid (which is
acctually used as "tenantName" in the auth request body).
Keystone can provide tokens without specifiying the tenant in any form,
but a tenantName _or_ tenantId is required to generate the catalog (the
keystone service code seems to prefer tenantName if both are specified).
When using cinderclient programatically, it may be more convienent,
depending on the context to authenticate with out specificying the
tenant, or by tenant_id instead of tenant_name. Either way it's
impractial to make the requirement in the client for projectid
(tenantName) if the auth system has no such limitation.
The new client signature is backwards compatible. There is no change in
behavior for the shell client.
Change-Id: I0c1bdbdabd9acc29133a48a798750323011f1f18
