openstack/python-glanceclient
Code Issues Proposed changes
04e1ea73a5
python-glanceclient/glanceclient/common/http.py

343 lines
12 KiB
Python
Raw Normal View History

Replace OpenStack LLC with OpenStack Foundation Change-Id: I38dcbcf1a6c8efe540fcf5f29e782cb3826e583d Fixes-Bug: #1214176
2013-09-20 04:05:51 +08:00
# Copyright 2012 OpenStack Foundation
Add missing copyright headers A few files were missing copyright headers: * glanceclient/common/http.py * glanceclient/v1/__init__.py * glanceclient/exc.py Change-Id: Ibbd53cd49f9367994de66a30601b3aefe1a8d6ee
2012-08-02 14:22:27 -07:00
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
Basic get/list operations work * 'glance image-list' and 'glance image-show' work * Set up tests, pep8, venv
2012-03-26 22:48:48 -07:00
import copy
import logging
SSL Certificate Validation This adds support for validation of ssl certs returned by remote servers over SSL. The --ca-file param represents the CA cert used to sign the remote server's cert. Use --insecure if the remote server is using a self-signed cert or you don't have the CA cert. Related to bp glance-client-parity Change-Id: I45253a6e2d88da599addfcc464571e62ae920166
2012-08-02 14:16:13 -07:00
import socket
Basic get/list operations work * 'glance image-list' and 'glance image-show' work * Set up tests, pep8, venv
2012-03-26 22:48:48 -07:00
Make glanceclient accept a session object To make this work we create a different HTTPClient that extends the basic keystoneclient Adapter. The Adapter is a standard set of parameters that all clients should know how to use like region_name and user_agent. We extend this with the glance specific response manipulation like loading and sending iterables. Implements: bp session-objects Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
2014-11-25 13:25:12 +10:00
from keystoneclient import adapter
from keystoneclient import exceptions as ksc_exc
Change oslo.utils to oslo_utils The oslo.utils libraries are moving away from namespace packages. This requires oslo.utils>=1.2.0 bp drop-namespace-packages Change-Id: I803df61e91eabb96329d859aef6bea03530fb84f
2015-02-05 22:27:16 +00:00
from oslo_utils import importutils
from oslo_utils import netutils
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
import requests
Python3: use six.StringIO rather than StringIO.StringIO It’s an alias for StringIO.StringIO in Python 2 and io.StringIO in Python 3. Change-Id: I1c2f1412c586d5d8e0aa866a28232747056e0ca7
2014-01-10 17:16:09 +01:00
import six
Remove custom SSL compression handling Custom SSL handling was introduced because disabling SSL layer compression provided an approximately five fold performance increase in some cases. Without SSL layer compression disabled the image transfer would be CPU bound -- with the CPU performing the DEFLATE algorithm. This would typically limit image transfers to < 20 MB/s. When --no-ssl-compression was specified the client would not negotiate any compression algorithm during the SSL handshake with the server which would remove the CPU bottleneck and transfers could approach wire speed. In order to support '--no-ssl-compression' two totally separate code paths exist depending on whether this is True or False. When SSL compression is disabled, rather than using the standard 'requests' library, we enter some custom code based on pyopenssl and httplib in order to disable compression. This patch/spec proposes removing the custom code because: * It is a burden to maintain Eg adding new code such as keystone session support is more complicated * It can introduce additional failure modes We have seen some bugs related to the 'custom' certificate checking * Newer Operating Systems disable SSL for us. Eg. While Debian 7 defaulted to compression 'on', Debian 8 has compression 'off'. This makes both servers and client less likely to have compression enabled. * Newer combinations of 'requests' and 'python' do this for us Requests disables compression when backed by a version of python which supports it (>= 2.7.9). This makes clients more likely to disable compression out-of-the-box. * It is (in principle) possible to do this on older versions too If pyopenssl, ndg-httpsclient and pyasn1 are installed on older operating system/python combinations, the requests library should disable SSL compression on the client side. * Systems that have SSL compression enabled may be vulnerable to the CRIME (https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4929) attack. Installations which are security conscious should be running the Glance server with SSL disabled. Full Spec: https://review.openstack.org/#/c/187674 Blueprint: remove-custom-client-ssl-handling Change-Id: I7e7761fc91b0d6da03939374eeedd809534f6edf
2015-06-08 14:49:52 +00:00
import warnings
python3: use six.moves for httplib imports This adds six to the requirements.txt file in order to make some HTTP-related imports work across Python 2's httplib and Python 3's http.client modules. Tests were updated, including one change to the location of HTTPConnection - moving it from being accessed where it was imported rather than its canonical location inside of six.moves.http_client. Change-Id: Ibc4932b37dfdf195cd5091066914513af1876955 Signed-off-by: Chuck Short <chuck.short@canonical.com>
2013-10-15 14:47:30 -04:00
Basic get/list operations work * 'glance image-list' and 'glance image-show' work * Set up tests, pep8, venv
2012-03-26 22:48:48 -07:00
try:
import json
except ImportError:
import simplejson as json
Change oslo.utils to oslo_utils The oslo.utils libraries are moving away from namespace packages. This requires oslo.utils>=1.2.0 bp drop-namespace-packages Change-Id: I803df61e91eabb96329d859aef6bea03530fb84f
2015-02-05 22:27:16 +00:00
from oslo_utils import encodeutils
Remove openstack.common.strutils This module now lives in oslo.utils, so import it from there instead. Co-Authored-By: Ian Cordasco <ian.cordasco@rackspace.com> Change-Id: Ib35dc840992433542490670781badd9529ec8947
2015-01-06 14:32:05 +00:00
Import only modules and update tox.ini As stated in the OpenStack Hacking Guidelines, it is prefered that only modules should be imported. Also updated tox.ini to ignore opestack/common among others. Change-Id: I2f0a603c31052eadee581c11880c0ec6bd392829
2015-05-19 19:59:06 -05:00
from glanceclient.common import utils
Fix and enable gating on H306 H306 - module imports should be in alphabetical order Change-Id: I1f8fc25b0e6ca23c21c90bda420f42a45141c2e2
2013-12-16 15:28:05 +01:00
from glanceclient import exc
Basic get/list operations work * 'glance image-list' and 'glance image-show' work * Set up tests, pep8, venv
2012-03-26 22:48:48 -07:00
Add profiling support to glanceclinet To be able to create profiling traces for Glance, client should be able to send special HTTP header that contains trace info. This patch is as well important to be able to make cross project traces. (Typical case nova calls glance via python client, if profiler is initialized in nova, glance client will add extra header, that will be parsed by special osprofiler middleware in glance api) Don't worry no security issue here, trace information is signed by HMAC key that is setted in api-paste.ini. So only person that knows HMAC key is able to send proper header. Change-Id: Ib13084fbe9b33c2f3dee165f7d6c778546cce6ca
2014-06-28 22:09:26 +04:00
osprofiler_web = importutils.try_import("osprofiler.web")
Refactor http request/response logging Using the --debug flag or the GLANCECLIENT_DEBUG env var, a user will see http requests and responses in great detail. Requests are formed into proper curl commands while responses are printed just as they would as if the curl request provided were executed. Response bodies will not be printed if they are application/octet-stream. Change-Id: I9c9c5d6ec9f481091c944e596d073da3739795b6
2012-07-29 22:12:37 -07:00
LOG = logging.getLogger(__name__)
Basic get/list operations work * 'glance image-list' and 'glance image-show' work * Set up tests, pep8, venv
2012-03-26 22:48:48 -07:00
USER_AGENT = 'python-glanceclient'
Wrap image data in iterator This is establishing the API for a future optimization. We want to be able to offer true socket-level caching, but can't do that with httplib2 right now. For now, we will just fake the optimization by returning an iterator over the image body, which happens to already be fully loaded into a string. Change-Id: I2d36e3cdd45b26d7c7c27ba050bf6a4b5765df6c
2012-07-11 19:34:28 -07:00
CHUNKSIZE = 1024 * 64 # 64kB
Basic get/list operations work * 'glance image-list' and 'glance image-show' work * Set up tests, pep8, venv
2012-03-26 22:48:48 -07:00
Make glanceclient accept a session object To make this work we create a different HTTPClient that extends the basic keystoneclient Adapter. The Adapter is a standard set of parameters that all clients should know how to use like region_name and user_agent. We extend this with the glance specific response manipulation like loading and sending iterables. Implements: bp session-objects Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
2014-11-25 13:25:12 +10:00
class _BaseHTTPClient(object):
@staticmethod
def _chunk_body(body):
chunk = body
while chunk:
chunk = body.read(CHUNKSIZE)
if chunk == '':
break
yield chunk
def _set_common_request_kwargs(self, headers, kwargs):
"""Handle the common parameters used to send the request."""
# Default Content-Type is octet-stream
content_type = headers.get('Content-Type', 'application/octet-stream')
# NOTE(jamielennox): remove this later. Managers should pass json= if
# they want to send json data.
data = kwargs.pop("data", None)
if data is not None and not isinstance(data, six.string_types):
try:
data = json.dumps(data)
content_type = 'application/json'
except TypeError:
# Here we assume it's
# a file-like object
# and we'll chunk it
data = self._chunk_body(data)
headers['Content-Type'] = content_type
kwargs['stream'] = content_type == 'application/octet-stream'
return data
def _handle_response(self, resp):
if not resp.ok:
LOG.debug("Request returned failure status %s." % resp.status_code)
raise exc.from_response(resp, resp.content)
Check if v2 is available and fallback We have a basic implementation for a fallback mechanism that will use v1 rather than v2 when downloading schema files from glance-api fails. However, this is not sound. If the schemas are cached already, we won't check if v2 is available and fail to fallback. This patch fixes the aforementioned issue by getting the list of available versions from the server only when the API versions was not explicitly specified through the CLI. That is, for all commands that don't pass `--os-image-api-version 2`, we'll check v2's availability and we'll fallback to v1 if it isn't available. This patch also changes how we handle `/versions` calls in the client. The server has been, incorrectly, replying to requests to `/version` with a 300 error, which ended up in the client re-raising such exception. While I think 300 shouldn't raise an exception, I think we should handle that in a spearate patch. Therefore, this patch just avoids raising such exception when `/version` is explicitly called. This fallback behaviour and the check on `/versions` will be removed in future versions of the client. The later depends on this bug[0] being fixed. [0] https://bugs.launchpad.net/glance/+bug/1491350 Closes-bug: #1489381 Change-Id: Ibeba6bc86db2a97b8a2b4bd042248464cd792e5e
2015-09-01 23:28:11 +02:00
elif (resp.status_code == requests.codes.MULTIPLE_CHOICES and
resp.request.path_url != '/versions'):
# NOTE(flaper87): Eventually, we'll remove the check on `versions`
# which is a bug (1491350) on the server.
Make glanceclient accept a session object To make this work we create a different HTTPClient that extends the basic keystoneclient Adapter. The Adapter is a standard set of parameters that all clients should know how to use like region_name and user_agent. We extend this with the glance specific response manipulation like loading and sending iterables. Implements: bp session-objects Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
2014-11-25 13:25:12 +10:00
raise exc.from_response(resp)
content_type = resp.headers.get('Content-Type')
# Read body into string if it isn't obviously image data
if content_type == 'application/octet-stream':
# Do not read all response in memory when downloading an image.
body_iter = _close_after_stream(resp, CHUNKSIZE)
else:
content = resp.text
if content_type and content_type.startswith('application/json'):
# Let's use requests json method, it should take care of
# response encoding
body_iter = resp.json()
else:
body_iter = six.StringIO(content)
try:
body_iter = json.loads(''.join([c for c in body_iter]))
except ValueError:
body_iter = None
return resp, body_iter
class HTTPClient(_BaseHTTPClient):
Basic get/list operations work * 'glance image-list' and 'glance image-show' work * Set up tests, pep8, venv
2012-03-26 22:48:48 -07:00
SSL Certificate Validation This adds support for validation of ssl certs returned by remote servers over SSL. The --ca-file param represents the CA cert used to sign the remote server's cert. Use --insecure if the remote server is using a self-signed cert or you don't have the CA cert. Related to bp glance-client-parity Change-Id: I45253a6e2d88da599addfcc464571e62ae920166
2012-08-02 14:16:13 -07:00
def __init__(self, endpoint, **kwargs):
self.endpoint = endpoint
Pass all identity headers received to glance There is an upcoming patch in nova which passes identity headers to glance client. We want to ensure that these get passed to glance, which in turn with help the no auth option in glance. Resolves bug 1200761 Change-Id: Ifbef582aa4e64a2e7a46db43a9cc6cf8c3531dbd
2013-07-12 20:23:54 +00:00
self.identity_headers = kwargs.get('identity_headers')
SSL Certificate Validation This adds support for validation of ssl certs returned by remote servers over SSL. The --ca-file param represents the CA cert used to sign the remote server's cert. Use --insecure if the remote server is using a self-signed cert or you don't have the CA cert. Related to bp glance-client-parity Change-Id: I45253a6e2d88da599addfcc464571e62ae920166
2012-08-02 14:16:13 -07:00
self.auth_token = kwargs.get('token')
Add support for setting Accept-Language header DocImpact Closes-Bug: 1480529 Change-Id: I35a37d55edb700a5993bd5cc352335a87a15e47a
2015-08-03 10:04:15 +02:00
self.language_header = kwargs.get('language_header')
Pass all identity headers received to glance There is an upcoming patch in nova which passes identity headers to glance client. We want to ensure that these get passed to glance, which in turn with help the no auth option in glance. Resolves bug 1200761 Change-Id: Ifbef582aa4e64a2e7a46db43a9cc6cf8c3531dbd
2013-07-12 20:23:54 +00:00
if self.identity_headers:
if self.identity_headers.get('X-Auth-Token'):
self.auth_token = self.identity_headers.get('X-Auth-Token')
del self.identity_headers['X-Auth-Token']
Basic get/list operations work * 'glance image-list' and 'glance image-show' work * Set up tests, pep8, venv
2012-03-26 22:48:48 -07:00
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
self.session = requests.Session()
self.session.headers["User-Agent"] = USER_AGENT
Don't set X-Auth-Token key in http session header if no token provided Commit f980fc549247fa2deb87dfacebc6d8d13ccd45d1 changed how the X-Auth-Token header was scrubbed when logging the request, but effectively made the value required which can lead to an AttributeError if the value for the header is None. The value can be None if you're using Nova but don't have Nova configured with auth_strategy='keystone' (see nova.image.glance._create_glance_client for details). This patch simply checks if the auth_token is set in the http client object and if not, it doesn't set the X-Auth-Token key in the session header. Closes-Bug: #1381295 Change-Id: Ie285d5253df28a9f0f964147a53c99ceaa919c5c
2014-10-17 07:53:05 -07:00
if self.auth_token:
Ensure that identity token in header is not an unicode string We need all the headers to be safe strings so they can be joined together and not become an unicode string in doing so. This fixes a bug when creating an image with non-ascii characters in the name. This is required for python 2.6 compatibility. Change-Id: I66ebc27edf4ccd8f903399da58705711c372536d Closes-Bug: 1448080
2015-04-24 13:29:12 +02:00
self.session.headers["X-Auth-Token"] = encodeutils.safe_encode(
self.auth_token)
SSL Certificate Validation This adds support for validation of ssl certs returned by remote servers over SSL. The --ca-file param represents the CA cert used to sign the remote server's cert. Use --insecure if the remote server is using a self-signed cert or you don't have the CA cert. Related to bp glance-client-parity Change-Id: I45253a6e2d88da599addfcc464571e62ae920166
2012-08-02 14:16:13 -07:00
Add support for setting Accept-Language header DocImpact Closes-Bug: 1480529 Change-Id: I35a37d55edb700a5993bd5cc352335a87a15e47a
2015-08-03 10:04:15 +02:00
if self.language_header:
self.session.headers["Accept-Language"] = self.language_header
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
self.timeout = float(kwargs.get('timeout', 600))
Simplify http(s) connection instantiation The endpoint parsing and connection instantiation code was too complicated and easily broken. This assigns human-readable names to instance variables and breaks up the parsing into more understandable chunks. Fixes bug 1060316. Change-Id: I5c5236f90d88b9e797cf0a476aabe8cc7cfa1cc9
2012-10-03 13:52:55 -07:00
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
if self.endpoint.startswith("https"):
compression = kwargs.get('ssl_compression', True)
SSL Certificate Validation This adds support for validation of ssl certs returned by remote servers over SSL. The --ca-file param represents the CA cert used to sign the remote server's cert. Use --insecure if the remote server is using a self-signed cert or you don't have the CA cert. Related to bp glance-client-parity Change-Id: I45253a6e2d88da599addfcc464571e62ae920166
2012-08-02 14:16:13 -07:00
Remove custom SSL compression handling Custom SSL handling was introduced because disabling SSL layer compression provided an approximately five fold performance increase in some cases. Without SSL layer compression disabled the image transfer would be CPU bound -- with the CPU performing the DEFLATE algorithm. This would typically limit image transfers to < 20 MB/s. When --no-ssl-compression was specified the client would not negotiate any compression algorithm during the SSL handshake with the server which would remove the CPU bottleneck and transfers could approach wire speed. In order to support '--no-ssl-compression' two totally separate code paths exist depending on whether this is True or False. When SSL compression is disabled, rather than using the standard 'requests' library, we enter some custom code based on pyopenssl and httplib in order to disable compression. This patch/spec proposes removing the custom code because: * It is a burden to maintain Eg adding new code such as keystone session support is more complicated * It can introduce additional failure modes We have seen some bugs related to the 'custom' certificate checking * Newer Operating Systems disable SSL for us. Eg. While Debian 7 defaulted to compression 'on', Debian 8 has compression 'off'. This makes both servers and client less likely to have compression enabled. * Newer combinations of 'requests' and 'python' do this for us Requests disables compression when backed by a version of python which supports it (>= 2.7.9). This makes clients more likely to disable compression out-of-the-box. * It is (in principle) possible to do this on older versions too If pyopenssl, ndg-httpsclient and pyasn1 are installed on older operating system/python combinations, the requests library should disable SSL compression on the client side. * Systems that have SSL compression enabled may be vulnerable to the CRIME (https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4929) attack. Installations which are security conscious should be running the Glance server with SSL disabled. Full Spec: https://review.openstack.org/#/c/187674 Blueprint: remove-custom-client-ssl-handling Change-Id: I7e7761fc91b0d6da03939374eeedd809534f6edf
2015-06-08 14:49:52 +00:00
if compression is False:
# Note: This is not seen by default. (python must be
# run with -Wd)
warnings.warn('The "ssl_compression" argument has been '
'deprecated.', DeprecationWarning)
Ensure server's SSL cert is validated A bug was introduced which meant that the server SSL certificate was not being verified. Here we make sure that it is checked (unless the --insecure flag is used). Helps guard against man-in-the-middle attack. Change-Id: I08f30bf3906b6580c871729311343fa8eefda91b Closes-bug: #1357430
2014-08-15 14:53:34 +00:00
Remove custom SSL compression handling Custom SSL handling was introduced because disabling SSL layer compression provided an approximately five fold performance increase in some cases. Without SSL layer compression disabled the image transfer would be CPU bound -- with the CPU performing the DEFLATE algorithm. This would typically limit image transfers to < 20 MB/s. When --no-ssl-compression was specified the client would not negotiate any compression algorithm during the SSL handshake with the server which would remove the CPU bottleneck and transfers could approach wire speed. In order to support '--no-ssl-compression' two totally separate code paths exist depending on whether this is True or False. When SSL compression is disabled, rather than using the standard 'requests' library, we enter some custom code based on pyopenssl and httplib in order to disable compression. This patch/spec proposes removing the custom code because: * It is a burden to maintain Eg adding new code such as keystone session support is more complicated * It can introduce additional failure modes We have seen some bugs related to the 'custom' certificate checking * Newer Operating Systems disable SSL for us. Eg. While Debian 7 defaulted to compression 'on', Debian 8 has compression 'off'. This makes both servers and client less likely to have compression enabled. * Newer combinations of 'requests' and 'python' do this for us Requests disables compression when backed by a version of python which supports it (>= 2.7.9). This makes clients more likely to disable compression out-of-the-box. * It is (in principle) possible to do this on older versions too If pyopenssl, ndg-httpsclient and pyasn1 are installed on older operating system/python combinations, the requests library should disable SSL compression on the client side. * Systems that have SSL compression enabled may be vulnerable to the CRIME (https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4929) attack. Installations which are security conscious should be running the Glance server with SSL disabled. Full Spec: https://review.openstack.org/#/c/187674 Blueprint: remove-custom-client-ssl-handling Change-Id: I7e7761fc91b0d6da03939374eeedd809534f6edf
2015-06-08 14:49:52 +00:00
if kwargs.get('insecure', False) is True:
self.session.verify = False
Ensure server's SSL cert is validated A bug was introduced which meant that the server SSL certificate was not being verified. Here we make sure that it is checked (unless the --insecure flag is used). Helps guard against man-in-the-middle attack. Change-Id: I08f30bf3906b6580c871729311343fa8eefda91b Closes-bug: #1357430
2014-08-15 14:53:34 +00:00
else:
Remove custom SSL compression handling Custom SSL handling was introduced because disabling SSL layer compression provided an approximately five fold performance increase in some cases. Without SSL layer compression disabled the image transfer would be CPU bound -- with the CPU performing the DEFLATE algorithm. This would typically limit image transfers to < 20 MB/s. When --no-ssl-compression was specified the client would not negotiate any compression algorithm during the SSL handshake with the server which would remove the CPU bottleneck and transfers could approach wire speed. In order to support '--no-ssl-compression' two totally separate code paths exist depending on whether this is True or False. When SSL compression is disabled, rather than using the standard 'requests' library, we enter some custom code based on pyopenssl and httplib in order to disable compression. This patch/spec proposes removing the custom code because: * It is a burden to maintain Eg adding new code such as keystone session support is more complicated * It can introduce additional failure modes We have seen some bugs related to the 'custom' certificate checking * Newer Operating Systems disable SSL for us. Eg. While Debian 7 defaulted to compression 'on', Debian 8 has compression 'off'. This makes both servers and client less likely to have compression enabled. * Newer combinations of 'requests' and 'python' do this for us Requests disables compression when backed by a version of python which supports it (>= 2.7.9). This makes clients more likely to disable compression out-of-the-box. * It is (in principle) possible to do this on older versions too If pyopenssl, ndg-httpsclient and pyasn1 are installed on older operating system/python combinations, the requests library should disable SSL compression on the client side. * Systems that have SSL compression enabled may be vulnerable to the CRIME (https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4929) attack. Installations which are security conscious should be running the Glance server with SSL disabled. Full Spec: https://review.openstack.org/#/c/187674 Blueprint: remove-custom-client-ssl-handling Change-Id: I7e7761fc91b0d6da03939374eeedd809534f6edf
2015-06-08 14:49:52 +00:00
if kwargs.get('cacert', None) is not '':
self.session.verify = kwargs.get('cacert', True)
Ensure server's SSL cert is validated A bug was introduced which meant that the server SSL certificate was not being verified. Here we make sure that it is checked (unless the --insecure flag is used). Helps guard against man-in-the-middle attack. Change-Id: I08f30bf3906b6580c871729311343fa8eefda91b Closes-bug: #1357430
2014-08-15 14:53:34 +00:00
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
self.session.cert = (kwargs.get('cert_file'),
kwargs.get('key_file'))
SSL Certificate Validation This adds support for validation of ssl certs returned by remote servers over SSL. The --ca-file param represents the CA cert used to sign the remote server's cert. Use --insecure if the remote server is using a self-signed cert or you don't have the CA cert. Related to bp glance-client-parity Change-Id: I45253a6e2d88da599addfcc464571e62ae920166
2012-08-02 14:16:13 -07:00
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
@staticmethod
def parse_endpoint(endpoint):
Remove network_utils Use oslo.utils instead Change-Id: I4830b13794db5570e7dde4a897a7396065028e37
2014-10-03 16:13:11 +03:00
return netutils.urlsplit(endpoint)
Replace httplib2 with httplib as http driver * This allows us to send truly chunked responses to users * Handle bad connection url schemes with a new InvalidEndpoint exception * Fixes bug 1023240 Change-Id: I34500987f51d4e0c6e1f89ecf93853de3fcbb1c3
2012-07-10 20:51:00 -07:00
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
def log_curl_request(self, method, url, headers, data, kwargs):
Curl statements to include globoff for IPv6 URLs python-glanceclient displays curl statements for debugging/troubleshooting purposes. For IPv6 URLs, curl requires --globoff to be passed in the arguments. Since glanceclient does not use curl directly, this patch displays the curl commands with globoff option which works for both IPv4 and IPv6 URLs. Fix adapted from python-novaclient Ib7099e8e3bbc15f29bbaa1db37ef21e78a74e7bc Closes-Bug: #1228744 Change-Id: Ie02c4e75ca1ab995102aa55bbff39b2161218b2d
2014-11-21 13:04:29 +00:00
curl = ['curl -g -i -X %s' % method]
Refactor http request/response logging Using the --debug flag or the GLANCECLIENT_DEBUG env var, a user will see http requests and responses in great detail. Requests are formed into proper curl commands while responses are printed just as they would as if the curl request provided were executed. Response bodies will not be printed if they are application/octet-stream. Change-Id: I9c9c5d6ec9f481091c944e596d073da3739795b6
2012-07-29 22:12:37 -07:00
Enable osprofiler interface in glanceclient shell To help end user uses profiling by glanceclient CLI directly, the change added '--profile <HMAC_KEY>' argument to the shell. This change also fixed a function regression, it was used to pass necessary trace info to glance server via http header: https://github.com/openstack/python-glanceclient/commit/dbb242b776908ca50ed8557ebfe7cfcd879366c8#diff-740dd7d9149f46fe4c01ef0ab7eb3bfbL196 In addition: 1. If client app want to enable profiling feature for glanceclient object, please see: http://paste.openstack.org/show/85722/ 2. Afer adding more trace point into Client object, as fundamental requirement of osprofiler, what we need to notice caller is providing correct messaging notifier in the context code. The relevant change for glance server is ready at: I45a19f5eb5304c2b78a9e12cbc0744941a807304 DocImpact Change-Id: If42b69b2695a5f88536ecbc2c1b3592d9dbd880a Signed-off-by: Zhi Yan Liu <lzy.dev@gmail.com>
2014-08-01 15:02:22 +08:00
headers = copy.deepcopy(headers)
headers.update(self.session.headers)
for (key, value) in six.iteritems(headers):
Import only modules and update tox.ini As stated in the OpenStack Hacking Guidelines, it is prefered that only modules should be imported. Also updated tox.ini to ignore opestack/common among others. Change-Id: I2f0a603c31052eadee581c11880c0ec6bd392829
2015-05-19 19:59:06 -05:00
header = '-H \'%s: %s\'' % utils.safe_header(key, value)
Enable osprofiler interface in glanceclient shell To help end user uses profiling by glanceclient CLI directly, the change added '--profile <HMAC_KEY>' argument to the shell. This change also fixed a function regression, it was used to pass necessary trace info to glance server via http header: https://github.com/openstack/python-glanceclient/commit/dbb242b776908ca50ed8557ebfe7cfcd879366c8#diff-740dd7d9149f46fe4c01ef0ab7eb3bfbL196 In addition: 1. If client app want to enable profiling feature for glanceclient object, please see: http://paste.openstack.org/show/85722/ 2. Afer adding more trace point into Client object, as fundamental requirement of osprofiler, what we need to notice caller is providing correct messaging notifier in the context code. The relevant change for glance server is ready at: I45a19f5eb5304c2b78a9e12cbc0744941a807304 DocImpact Change-Id: If42b69b2695a5f88536ecbc2c1b3592d9dbd880a Signed-off-by: Zhi Yan Liu <lzy.dev@gmail.com>
2014-08-01 15:02:22 +08:00
curl.append(header)
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
if not self.session.verify:
Client-side SSL Connection This allows a user to pass a cert and a key to use in HTTPS connections. The flags --cert-file and --key-file are added to the CLI. Addiionally, update the debug curl logging to print --cacert and -k when ca_file and insecure are set. Related to bp glance-client-parity. Change-Id: Ibaea51419a903afb7939a6b5b848f7a6667893bf
2012-08-02 15:30:50 -07:00
curl.append('-k')
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
else:
if isinstance(self.session.verify, six.string_types):
curl.append(' --cacert %s' % self.session.verify)
if self.session.cert:
curl.append(' --cert %s --key %s' % self.session.cert)
Client-side SSL Connection This allows a user to pass a cert and a key to use in HTTPS connections. The flags --cert-file and --key-file are added to the CLI. Addiionally, update the debug curl logging to print --cacert and -k when ca_file and insecure are set. Related to bp glance-client-parity. Change-Id: Ibaea51419a903afb7939a6b5b848f7a6667893bf
2012-08-02 15:30:50 -07:00
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
if data and isinstance(data, six.string_types):
curl.append('-d \'%s\'' % data)
Refactor http request/response logging Using the --debug flag or the GLANCECLIENT_DEBUG env var, a user will see http requests and responses in great detail. Requests are formed into proper curl commands while responses are printed just as they would as if the curl request provided were executed. Response bodies will not be printed if they are application/octet-stream. Change-Id: I9c9c5d6ec9f481091c944e596d073da3739795b6
2012-07-29 22:12:37 -07:00
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
curl.append(url)
Enable osprofiler interface in glanceclient shell To help end user uses profiling by glanceclient CLI directly, the change added '--profile <HMAC_KEY>' argument to the shell. This change also fixed a function regression, it was used to pass necessary trace info to glance server via http header: https://github.com/openstack/python-glanceclient/commit/dbb242b776908ca50ed8557ebfe7cfcd879366c8#diff-740dd7d9149f46fe4c01ef0ab7eb3bfbL196 In addition: 1. If client app want to enable profiling feature for glanceclient object, please see: http://paste.openstack.org/show/85722/ 2. Afer adding more trace point into Client object, as fundamental requirement of osprofiler, what we need to notice caller is providing correct messaging notifier in the context code. The relevant change for glance server is ready at: I45a19f5eb5304c2b78a9e12cbc0744941a807304 DocImpact Change-Id: If42b69b2695a5f88536ecbc2c1b3592d9dbd880a Signed-off-by: Zhi Yan Liu <lzy.dev@gmail.com>
2014-08-01 15:02:22 +08:00
Remove openstack.common.strutils This module now lives in oslo.utils, so import it from there instead. Co-Authored-By: Ian Cordasco <ian.cordasco@rackspace.com> Change-Id: Ib35dc840992433542490670781badd9529ec8947
2015-01-06 14:32:05 +00:00
msg = ' '.join([encodeutils.safe_decode(item, errors='ignore')
Enable osprofiler interface in glanceclient shell To help end user uses profiling by glanceclient CLI directly, the change added '--profile <HMAC_KEY>' argument to the shell. This change also fixed a function regression, it was used to pass necessary trace info to glance server via http header: https://github.com/openstack/python-glanceclient/commit/dbb242b776908ca50ed8557ebfe7cfcd879366c8#diff-740dd7d9149f46fe4c01ef0ab7eb3bfbL196 In addition: 1. If client app want to enable profiling feature for glanceclient object, please see: http://paste.openstack.org/show/85722/ 2. Afer adding more trace point into Client object, as fundamental requirement of osprofiler, what we need to notice caller is providing correct messaging notifier in the context code. The relevant change for glance server is ready at: I45a19f5eb5304c2b78a9e12cbc0744941a807304 DocImpact Change-Id: If42b69b2695a5f88536ecbc2c1b3592d9dbd880a Signed-off-by: Zhi Yan Liu <lzy.dev@gmail.com>
2014-08-01 15:02:22 +08:00
for item in curl])
LOG.debug(msg)
Refactor http request/response logging Using the --debug flag or the GLANCECLIENT_DEBUG env var, a user will see http requests and responses in great detail. Requests are formed into proper curl commands while responses are printed just as they would as if the curl request provided were executed. Response bodies will not be printed if they are application/octet-stream. Change-Id: I9c9c5d6ec9f481091c944e596d073da3739795b6
2012-07-29 22:12:37 -07:00
@staticmethod
Make glanceclient accept a session object To make this work we create a different HTTPClient that extends the basic keystoneclient Adapter. The Adapter is a standard set of parameters that all clients should know how to use like region_name and user_agent. We extend this with the glance specific response manipulation like loading and sending iterables. Implements: bp session-objects Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
2014-11-25 13:25:12 +10:00
def log_http_response(resp):
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
status = (resp.raw.version / 10.0, resp.status_code, resp.reason)
Refactor http request/response logging Using the --debug flag or the GLANCECLIENT_DEBUG env var, a user will see http requests and responses in great detail. Requests are formed into proper curl commands while responses are printed just as they would as if the curl request provided were executed. Response bodies will not be printed if they are application/octet-stream. Change-Id: I9c9c5d6ec9f481091c944e596d073da3739795b6
2012-07-29 22:12:37 -07:00
dump = ['\nHTTP/%.1f %s %s' % status]
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
headers = resp.headers.items()
Import only modules and update tox.ini As stated in the OpenStack Hacking Guidelines, it is prefered that only modules should be imported. Also updated tox.ini to ignore opestack/common among others. Change-Id: I2f0a603c31052eadee581c11880c0ec6bd392829
2015-05-19 19:59:06 -05:00
dump.extend(['%s: %s' % utils.safe_header(k, v) for k, v in headers])
Refactor http request/response logging Using the --debug flag or the GLANCECLIENT_DEBUG env var, a user will see http requests and responses in great detail. Requests are formed into proper curl commands while responses are printed just as they would as if the curl request provided were executed. Response bodies will not be printed if they are application/octet-stream. Change-Id: I9c9c5d6ec9f481091c944e596d073da3739795b6
2012-07-29 22:12:37 -07:00
dump.append('')
Make glanceclient accept a session object To make this work we create a different HTTPClient that extends the basic keystoneclient Adapter. The Adapter is a standard set of parameters that all clients should know how to use like region_name and user_agent. We extend this with the glance specific response manipulation like loading and sending iterables. Implements: bp session-objects Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
2014-11-25 13:25:12 +10:00
content_type = resp.headers.get('Content-Type')
if content_type != 'application/octet-stream':
dump.extend([resp.text, ''])
Remove openstack.common.strutils This module now lives in oslo.utils, so import it from there instead. Co-Authored-By: Ian Cordasco <ian.cordasco@rackspace.com> Change-Id: Ib35dc840992433542490670781badd9529ec8947
2015-01-06 14:32:05 +00:00
LOG.debug('\n'.join([encodeutils.safe_decode(x, errors='ignore')
Handle UnicodeDecodeError in log_http_response Similar to commit dec9c9f35 and log_curl_request, this ignores decoding errors when logging response headers by passing errors='ignore' to safe_encode. Change-Id: Ic915a7d8334e9473f300c9db670a3a8f5cda8976 Closes-Bug: #1369756
2014-09-15 14:55:28 -07:00
for x in dump]))
Decode input and encode output Currently glanceclient doesn't support non-ASCII characters for images names and properties (names and values as well). This patch introduces 2 functions (utils.py) that will help encoding and decoding strings in a more "secure" way. About the ensure_(str|unicode) functions: They both try to use first the encoding used in stdin (or python's default encoding if that's None) and fallback to utf-8 if those encodings fail to decode a given text. About the changes in glanceclient: The major change is that all inputs will be decoded and will kept as such inside the client's functions and will then be encoded before being printed / sent out the client. There are other small changes, all related to encoding to str, around in order to avoid fails during some conversions. i.e: quoting url encoded parameters. Fixes bug: 1061150 Change-Id: I5c3ea93a716edfe284d19f6291d4e36028f91eb2
2013-01-30 15:18:44 +01:00
@staticmethod
def encode_headers(headers):
Start using Pyflakes and Hacking Instead of globally ignoring pyflakes and hacking warnings, only blacklist those that trigger very frequently so far, in order to clean them up in followup commits. Fix and start gating on the rest already. Change-Id: Ied7c7250061e3bf379e8286e8ce3b9e4af817faf
2013-06-09 11:07:27 +02:00
"""Encodes headers.
Decode input and encode output Currently glanceclient doesn't support non-ASCII characters for images names and properties (names and values as well). This patch introduces 2 functions (utils.py) that will help encoding and decoding strings in a more "secure" way. About the ensure_(str|unicode) functions: They both try to use first the encoding used in stdin (or python's default encoding if that's None) and fallback to utf-8 if those encodings fail to decode a given text. About the changes in glanceclient: The major change is that all inputs will be decoded and will kept as such inside the client's functions and will then be encoded before being printed / sent out the client. There are other small changes, all related to encoding to str, around in order to avoid fails during some conversions. i.e: quoting url encoded parameters. Fixes bug: 1061150 Change-Id: I5c3ea93a716edfe284d19f6291d4e36028f91eb2
2013-01-30 15:18:44 +01:00
Note: This should be used right before
sending anything out.
:param headers: Headers to encode
:returns: Dictionary with encoded headers'
names and values
"""
Remove openstack.common.strutils This module now lives in oslo.utils, so import it from there instead. Co-Authored-By: Ian Cordasco <ian.cordasco@rackspace.com> Change-Id: Ib35dc840992433542490670781badd9529ec8947
2015-01-06 14:32:05 +00:00
return dict((encodeutils.safe_encode(h), encodeutils.safe_encode(v))
Ignore NoneType when encoding headers Some generated header values may in fact be None. Trying to encode None causes the client to fail with an exception and cannot be worked around by the user. Change-Id: I638b1fba0ef9a07d726445d8c2cdd774140f5b83 Closes-bug: 1415935
2015-02-02 09:39:15 -06:00
for h, v in six.iteritems(headers) if v is not None)
Basic get/list operations work * 'glance image-list' and 'glance image-show' work * Set up tests, pep8, venv
2012-03-26 22:48:48 -07:00
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
def _request(self, method, url, **kwargs):
Start using Pyflakes and Hacking Instead of globally ignoring pyflakes and hacking warnings, only blacklist those that trigger very frequently so far, in order to clean them up in followup commits. Fix and start gating on the rest already. Change-Id: Ied7c7250061e3bf379e8286e8ce3b9e4af817faf
2013-06-09 11:07:27 +02:00
"""Send an http request with the specified characteristics.
Enable flake8 checks This commit enables new flake8 checks: * E265 block comment should start with '# ' * H405 multi line docstring summary not separated with an empty line * E123 closing bracket does not match indentation of opening bracket's line * H238 old style class declaration, use new style (inherit from `object`) * E128 continuation line under-indented for visual indent and makes related changes in the code. Change-Id: Ie993afc930f6b74d7a990bcaa9fc0e9f5ba1585c
2015-07-20 17:29:49 +03:00
Replace httplib2 with httplib as http driver * This allows us to send truly chunked responses to users * Handle bad connection url schemes with a new InvalidEndpoint exception * Fixes bug 1023240 Change-Id: I34500987f51d4e0c6e1f89ecf93853de3fcbb1c3
2012-07-10 20:51:00 -07:00
Wrapper around httplib.HTTP(S)Connection.request to handle tasks such
as setting headers and error handling.
Basic get/list operations work * 'glance image-list' and 'glance image-show' work * Set up tests, pep8, venv
2012-03-26 22:48:48 -07:00
"""
# Copy the kwargs so we can reuse the original in case of redirects
Make glanceclient accept a session object To make this work we create a different HTTPClient that extends the basic keystoneclient Adapter. The Adapter is a standard set of parameters that all clients should know how to use like region_name and user_agent. We extend this with the glance specific response manipulation like loading and sending iterables. Implements: bp session-objects Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
2014-11-25 13:25:12 +10:00
headers = copy.deepcopy(kwargs.pop('headers', {}))
Add profiling support to glanceclinet To be able to create profiling traces for Glance, client should be able to send special HTTP header that contains trace info. This patch is as well important to be able to make cross project traces. (Typical case nova calls glance via python client, if profiler is initialized in nova, glance client will add extra header, that will be parsed by special osprofiler middleware in glance api) Don't worry no security issue here, trace information is signed by HMAC key that is setted in api-paste.ini. So only person that knows HMAC key is able to send proper header. Change-Id: Ib13084fbe9b33c2f3dee165f7d6c778546cce6ca
2014-06-28 22:09:26 +04:00
Send `identity_headers` through the wire Change I09f70eee3e2777f52ce040296015d41649c2586a, introduced a bug where the identity_headers are not added to the request headers anymore causing the former to be completely ignored and useless. This patch fixes that issue by restoring the previous code. A new test has been added to avoid regressions. Closes-bug: #1394965 Change-Id: I1b1633636448398cf3f41217f1d671b43ebd9946
2014-11-21 13:55:43 +01:00
if self.identity_headers:
for k, v in six.iteritems(self.identity_headers):
headers.setdefault(k, v)
Make glanceclient accept a session object To make this work we create a different HTTPClient that extends the basic keystoneclient Adapter. The Adapter is a standard set of parameters that all clients should know how to use like region_name and user_agent. We extend this with the glance specific response manipulation like loading and sending iterables. Implements: bp session-objects Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
2014-11-25 13:25:12 +10:00
data = self._set_common_request_kwargs(headers, kwargs)
Handle communication failures cleanly Expand exceptions to cover more failures cases. This adds CommunicationFailure to represent any failures while attempting to communicate with the remote endpoint. This also adds a new base exception class BaseException which should be used for all non-HTTP related failures. Change-Id: Ie3e1d45c520d816a3f491a85fde94a6c4edf295e
2012-08-08 13:45:38 -07:00
Enable osprofiler interface in glanceclient shell To help end user uses profiling by glanceclient CLI directly, the change added '--profile <HMAC_KEY>' argument to the shell. This change also fixed a function regression, it was used to pass necessary trace info to glance server via http header: https://github.com/openstack/python-glanceclient/commit/dbb242b776908ca50ed8557ebfe7cfcd879366c8#diff-740dd7d9149f46fe4c01ef0ab7eb3bfbL196 In addition: 1. If client app want to enable profiling feature for glanceclient object, please see: http://paste.openstack.org/show/85722/ 2. Afer adding more trace point into Client object, as fundamental requirement of osprofiler, what we need to notice caller is providing correct messaging notifier in the context code. The relevant change for glance server is ready at: I45a19f5eb5304c2b78a9e12cbc0744941a807304 DocImpact Change-Id: If42b69b2695a5f88536ecbc2c1b3592d9dbd880a Signed-off-by: Zhi Yan Liu <lzy.dev@gmail.com>
2014-08-01 15:02:22 +08:00
if osprofiler_web:
headers.update(osprofiler_web.get_trace_id_headers())
Decode input and encode output Currently glanceclient doesn't support non-ASCII characters for images names and properties (names and values as well). This patch introduces 2 functions (utils.py) that will help encoding and decoding strings in a more "secure" way. About the ensure_(str|unicode) functions: They both try to use first the encoding used in stdin (or python's default encoding if that's None) and fallback to utf-8 if those encodings fail to decode a given text. About the changes in glanceclient: The major change is that all inputs will be decoded and will kept as such inside the client's functions and will then be encoded before being printed / sent out the client. There are other small changes, all related to encoding to str, around in order to avoid fails during some conversions. i.e: quoting url encoded parameters. Fixes bug: 1061150 Change-Id: I5c3ea93a716edfe284d19f6291d4e36028f91eb2
2013-01-30 15:18:44 +01:00
# Note(flaper87): Before letting headers / url fly,
# they should be encoded otherwise httplib will
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
# complain.
headers = self.encode_headers(headers)
Decode input and encode output Currently glanceclient doesn't support non-ASCII characters for images names and properties (names and values as well). This patch introduces 2 functions (utils.py) that will help encoding and decoding strings in a more "secure" way. About the ensure_(str|unicode) functions: They both try to use first the encoding used in stdin (or python's default encoding if that's None) and fallback to utf-8 if those encodings fail to decode a given text. About the changes in glanceclient: The major change is that all inputs will be decoded and will kept as such inside the client's functions and will then be encoded before being printed / sent out the client. There are other small changes, all related to encoding to str, around in order to avoid fails during some conversions. i.e: quoting url encoded parameters. Fixes bug: 1061150 Change-Id: I5c3ea93a716edfe284d19f6291d4e36028f91eb2
2013-01-30 15:18:44 +01:00
Make glanceclient accept a session object To make this work we create a different HTTPClient that extends the basic keystoneclient Adapter. The Adapter is a standard set of parameters that all clients should know how to use like region_name and user_agent. We extend this with the glance specific response manipulation like loading and sending iterables. Implements: bp session-objects Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
2014-11-25 13:25:12 +10:00
if self.endpoint.endswith("/") or url.startswith("/"):
conn_url = "%s%s" % (self.endpoint, url)
else:
conn_url = "%s/%s" % (self.endpoint, url)
self.log_curl_request(method, conn_url, headers, data, kwargs)
Handle communication failures cleanly Expand exceptions to cover more failures cases. This adds CommunicationFailure to represent any failures while attempting to communicate with the remote endpoint. This also adds a new base exception class BaseException which should be used for all non-HTTP related failures. Change-Id: Ie3e1d45c520d816a3f491a85fde94a6c4edf295e
2012-08-08 13:45:38 -07:00
try:
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
resp = self.session.request(method,
conn_url,
data=data,
headers=headers,
**kwargs)
except requests.exceptions.Timeout as e:
Fix exception message in Http.py In common.http.py, the exception RequestTimeout has wrong message.This patch fixed it. Change-Id: Ie8ff188b9c82ce424cb8177278f36e4d1275b306
2015-07-06 14:37:50 +08:00
message = ("Error communicating with %(url)s: %(e)s" %
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
dict(url=conn_url, e=e))
raise exc.InvalidEndpoint(message=message)
Remove broken try/except workaround for old requests Not only is this code broken on the requests we require on distro-provided requests, it's not needed anymore. Remove it. Closes-bug: 1526254 Change-Id: I47a07bf9910f118392785fc20e015f036a2e8a7c
2015-12-14 15:22:52 -05:00
except requests.exceptions.ConnectionError as e:
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
message = ("Error finding address for %(url)s: %(e)s" %
dict(url=conn_url, e=e))
raise exc.CommunicationError(message=message)
socket errors and timeouts should be CommunicationErrors Also include extra information about socket errors within the exceptions. Change-Id: I9464a484460d40be5727e18ca6f057df9076766e
2012-08-10 21:06:44 +00:00
except socket.gaierror as e:
Report name resolution errors properly Errors in name resolution have been logged previously with the url path rather than the hostname. That resulted in incorrect errors like: InvalidEndpoint: Error finding address for /v1/images/detail?is_public=none&limit=20: [Errno -2] Name or service not known rather than one mentioning hostname itself. This patch changes the log message to fit the situation. Change-Id: I1eecbcb22d41b1341c214937b9cbfd046fd301a0
2013-02-19 15:40:16 +00:00
message = "Error finding address for %s: %s" % (
self.endpoint_hostname, e)
socket errors and timeouts should be CommunicationErrors Also include extra information about socket errors within the exceptions. Change-Id: I9464a484460d40be5727e18ca6f057df9076766e
2012-08-10 21:06:44 +00:00
raise exc.InvalidEndpoint(message=message)
except (socket.error, socket.timeout) as e:
Make ConnectionRefused error more informative. When the server refuses the connection the error message displayed now lists the endpoint that refused the connection. Fixes: bug 1043067 Change-Id: I62797106732bbb6eec8c99e491fd38850ad58ff8
2012-09-12 09:40:04 -04:00
endpoint = self.endpoint
Fix python 3.x related Hacking warnings Convert print operator usages to print functions. Fix one instance of outdated "except x,y:" syntactical construct. Remove usages of local() in string formatting alongway. Change-Id: Id0673a9183a6ea6bd9bf3f5c6d8e7c5f114ebf01
2013-08-04 16:12:23 +02:00
message = ("Error communicating with %(endpoint)s %(e)s" %
{'endpoint': endpoint, 'e': e})
socket errors and timeouts should be CommunicationErrors Also include extra information about socket errors within the exceptions. Change-Id: I9464a484460d40be5727e18ca6f057df9076766e
2012-08-10 21:06:44 +00:00
raise exc.CommunicationError(message=message)
Replace httplib2 with httplib as http driver * This allows us to send truly chunked responses to users * Handle bad connection url schemes with a new InvalidEndpoint exception * Fixes bug 1023240 Change-Id: I34500987f51d4e0c6e1f89ecf93853de3fcbb1c3
2012-07-10 20:51:00 -07:00
Make glanceclient accept a session object To make this work we create a different HTTPClient that extends the basic keystoneclient Adapter. The Adapter is a standard set of parameters that all clients should know how to use like region_name and user_agent. We extend this with the glance specific response manipulation like loading and sending iterables. Implements: bp session-objects Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
2014-11-25 13:25:12 +10:00
resp, body_iter = self._handle_response(resp)
self.log_http_response(resp)
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
return resp, body_iter
Reuse class Manager from common code Class `Managers` from `glanceclient.common.base` module is similar to class `apiclient:ManagerWithFind` from common code. In this patch: - class glanceclient.common.base:Managers replaced by apiclient:ManagerWithFind - module glanceclient.common.base marked as 'deprecated' Related to bp common-client-library-2 Change-Id: I41da4a9188e97ca2c07b6234fc2ac0a877553d3f
2014-04-16 17:29:15 +03:00
def head(self, url, **kwargs):
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
return self._request('HEAD', url, **kwargs)
Reuse class Manager from common code Class `Managers` from `glanceclient.common.base` module is similar to class `apiclient:ManagerWithFind` from common code. In this patch: - class glanceclient.common.base:Managers replaced by apiclient:ManagerWithFind - module glanceclient.common.base marked as 'deprecated' Related to bp common-client-library-2 Change-Id: I41da4a9188e97ca2c07b6234fc2ac0a877553d3f
2014-04-16 17:29:15 +03:00
def get(self, url, **kwargs):
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
return self._request('GET', url, **kwargs)
Reuse class Manager from common code Class `Managers` from `glanceclient.common.base` module is similar to class `apiclient:ManagerWithFind` from common code. In this patch: - class glanceclient.common.base:Managers replaced by apiclient:ManagerWithFind - module glanceclient.common.base marked as 'deprecated' Related to bp common-client-library-2 Change-Id: I41da4a9188e97ca2c07b6234fc2ac0a877553d3f
2014-04-16 17:29:15 +03:00
def post(self, url, **kwargs):
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
return self._request('POST', url, **kwargs)
Reuse class Manager from common code Class `Managers` from `glanceclient.common.base` module is similar to class `apiclient:ManagerWithFind` from common code. In this patch: - class glanceclient.common.base:Managers replaced by apiclient:ManagerWithFind - module glanceclient.common.base marked as 'deprecated' Related to bp common-client-library-2 Change-Id: I41da4a9188e97ca2c07b6234fc2ac0a877553d3f
2014-04-16 17:29:15 +03:00
def put(self, url, **kwargs):
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
return self._request('PUT', url, **kwargs)
Reuse class Manager from common code Class `Managers` from `glanceclient.common.base` module is similar to class `apiclient:ManagerWithFind` from common code. In this patch: - class glanceclient.common.base:Managers replaced by apiclient:ManagerWithFind - module glanceclient.common.base marked as 'deprecated' Related to bp common-client-library-2 Change-Id: I41da4a9188e97ca2c07b6234fc2ac0a877553d3f
2014-04-16 17:29:15 +03:00
def patch(self, url, **kwargs):
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
return self._request('PATCH', url, **kwargs)
SSL Certificate Validation This adds support for validation of ssl certs returned by remote servers over SSL. The --ca-file param represents the CA cert used to sign the remote server's cert. Use --insecure if the remote server is using a self-signed cert or you don't have the CA cert. Related to bp glance-client-parity Change-Id: I45253a6e2d88da599addfcc464571e62ae920166
2012-08-02 14:16:13 -07:00
Replace old httpclient with requests This review implements blueprint python-request and replaces the old http client implementation in favor of a new one based on python-requests. Major changes: * raw_request and json_request removed since everything is now being handled by the same method "_request" * New methods that match HTTP's methods were added: - get - put - post - head - patch - delete * Content-Type is now being "inferred" based on the data being sent: - if it is file-like object it chunks the request - if it is a python type not instance of basestring then it'll try to serialize it to json - Every other case will keep the incoming content-type and will send the data as is. * Glanceclient's HTTPSConnection implementation will be used if no-compression flag is set to True. Co-Author: Flavio Percoco<flaper87@gmail.com> Change-Id: I09f70eee3e2777f52ce040296015d41649c2586a
2014-07-01 14:45:12 +05:30
def delete(self, url, **kwargs):
return self._request('DELETE', url, **kwargs)
Close streamed requests explicitly If we don't explicitly close a response after streaming its download, then we can run into HTTPConnectionPool full warnings. It also will hurt performance if we have to continuously create new sockets for new responses. Calling close will return the connection to the pool so it can be reused. Note this is only necessary when streaming a response. If we don't stream it, then requests will return the connection to the pool for us. Change-Id: I803bd4dd0e769c233501d5e5ff07a19705fbe233 Closes-bug: 1341777
2015-01-15 16:09:23 -06:00
def _close_after_stream(response, chunk_size):
"""Iterate over the content and ensure the response is closed after."""
# Yield each chunk in the response body
for chunk in response.iter_content(chunk_size=chunk_size):
yield chunk
# Once we're done streaming the body, ensure everything is closed.
# This will return the connection to the HTTPConnectionPool in urllib3
# and ideally reduce the number of HTTPConnectionPool full warnings.
response.close()
Make glanceclient accept a session object To make this work we create a different HTTPClient that extends the basic keystoneclient Adapter. The Adapter is a standard set of parameters that all clients should know how to use like region_name and user_agent. We extend this with the glance specific response manipulation like loading and sending iterables. Implements: bp session-objects Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
2014-11-25 13:25:12 +10:00
class SessionClient(adapter.Adapter, _BaseHTTPClient):
def __init__(self, session, **kwargs):
kwargs.setdefault('user_agent', USER_AGENT)
kwargs.setdefault('service_type', 'image')
super(SessionClient, self).__init__(session, **kwargs)
def request(self, url, method, **kwargs):
headers = kwargs.pop('headers', {})
kwargs['raise_exc'] = False
data = self._set_common_request_kwargs(headers, kwargs)
try:
resp = super(SessionClient, self).request(url,
method,
headers=headers,
data=data,
**kwargs)
except ksc_exc.RequestTimeout as e:
Fix exception message in Http.py In common.http.py, the exception RequestTimeout has wrong message.This patch fixed it. Change-Id: Ie8ff188b9c82ce424cb8177278f36e4d1275b306
2015-07-06 14:37:50 +08:00
conn_url = self.get_endpoint(auth=kwargs.get('auth'))
conn_url = "%s/%s" % (conn_url.rstrip('/'), url.lstrip('/'))
message = ("Error communicating with %(url)s %(e)s" %
Make glanceclient accept a session object To make this work we create a different HTTPClient that extends the basic keystoneclient Adapter. The Adapter is a standard set of parameters that all clients should know how to use like region_name and user_agent. We extend this with the glance specific response manipulation like loading and sending iterables. Implements: bp session-objects Change-Id: Ie8eb4bbf7d1a037099a6d4b272cab70525fbfc85
2014-11-25 13:25:12 +10:00
dict(url=conn_url, e=e))
raise exc.InvalidEndpoint(message=message)
except ksc_exc.ConnectionRefused as e:
conn_url = self.get_endpoint(auth=kwargs.get('auth'))
conn_url = "%s/%s" % (conn_url.rstrip('/'), url.lstrip('/'))
message = ("Error finding address for %(url)s: %(e)s" %
dict(url=conn_url, e=e))
raise exc.CommunicationError(message=message)
return self._handle_response(resp)
def get_http_client(endpoint=None, session=None, **kwargs):
if session:
return SessionClient(session, **kwargs)
elif endpoint:
return HTTPClient(endpoint, **kwargs)
else:
raise AttributeError('Constructing a client must contain either an '
'endpoint or a session')
Copy Permalink