254 lines
10 KiB
Python
254 lines
10 KiB
Python
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
from debtcollector import removals
|
|
|
|
from keystoneauth1 import adapter
|
|
from keystoneauth1 import session
|
|
from keystoneclient import client as ks_client
|
|
|
|
import manilaclient
|
|
from manilaclient.common import constants
|
|
from manilaclient.common import httpclient
|
|
from manilaclient import exceptions
|
|
from manilaclient.v2 import limits
|
|
from manilaclient.v2 import quota_classes
|
|
from manilaclient.v2 import quotas
|
|
from manilaclient.v2 import scheduler_stats
|
|
from manilaclient.v2 import security_services
|
|
from manilaclient.v2 import services
|
|
from manilaclient.v2 import share_networks
|
|
from manilaclient.v2 import share_servers
|
|
from manilaclient.v2 import share_snapshots
|
|
from manilaclient.v2 import share_type_access
|
|
from manilaclient.v2 import share_types
|
|
from manilaclient.v2 import shares
|
|
|
|
|
|
@removals.removed_class("Client", message="Please use 'v2.Client' instead",
|
|
removal_version='2.0.0')
|
|
class Client(object):
|
|
"""Top-level object to access the OpenStack Manila API.
|
|
|
|
Create an instance with your creds::
|
|
|
|
>>> client = Client(username=USERNAME,
|
|
password=PASSWORD,
|
|
project_name=PROJECT_NAME,
|
|
auth_url=AUTH_URL)
|
|
|
|
Or, alternatively, you can create a client instance using the
|
|
keystoneauth1.session API::
|
|
|
|
>>> from keystoneclient.auth.identity import v2
|
|
>>> from keystoneauth1 import session
|
|
>>> from manilaclient import client
|
|
>>> auth = v2.Password(auth_url=AUTH_URL,
|
|
username=USERNAME,
|
|
password=PASSWORD,
|
|
project_name=PROJECT_ID)
|
|
>>> sess = session.Session(auth=auth)
|
|
>>> manila = client.Client(VERSION, session=sess)
|
|
|
|
Then call methods on its managers::
|
|
|
|
>>> client.shares.list()
|
|
...
|
|
"""
|
|
def __init__(self, username=None, project_id=None, auth_url=None,
|
|
insecure=False, timeout=None, tenant_id=None,
|
|
project_name=None, region_name=None,
|
|
endpoint_type='publicURL', extensions=None,
|
|
service_type=constants.V1_SERVICE_TYPE, service_name=None,
|
|
retries=None, http_log_debug=False, input_auth_token=None,
|
|
session=None, auth=None, cacert=None,
|
|
service_catalog_url=None, user_agent='python-manilaclient',
|
|
use_keyring=False, force_new_token=False,
|
|
cached_token_lifetime=300,
|
|
api_version=manilaclient.API_DEPRECATED_VERSION,
|
|
user_id=None,
|
|
user_domain_id=None,
|
|
user_domain_name=None,
|
|
project_domain_id=None,
|
|
project_domain_name=None,
|
|
cert=None,
|
|
password=None,
|
|
**kwargs):
|
|
|
|
self.username = username
|
|
self.password = password
|
|
self.tenant_id = tenant_id or project_id
|
|
self.tenant_name = project_name
|
|
|
|
self.user_id = user_id
|
|
self.project_id = project_id or tenant_id
|
|
self.project_name = project_name
|
|
self.user_domain_id = user_domain_id
|
|
self.user_domain_name = user_domain_name
|
|
self.project_domain_id = project_domain_id
|
|
self.project_domain_name = project_domain_name
|
|
|
|
self.endpoint_type = endpoint_type
|
|
self.auth_url = auth_url
|
|
self.region_name = region_name
|
|
|
|
self.cacert = cacert
|
|
self.cert = cert
|
|
self.insecure = insecure
|
|
|
|
self.use_keyring = use_keyring
|
|
self.force_new_token = force_new_token
|
|
self.cached_token_lifetime = cached_token_lifetime
|
|
|
|
if input_auth_token and not service_catalog_url:
|
|
msg = ("For token-based authentication you should "
|
|
"provide 'input_auth_token' and 'service_catalog_url'.")
|
|
raise exceptions.ClientException(msg)
|
|
|
|
self.project_id = tenant_id if tenant_id is not None else project_id
|
|
self.keystone_client = None
|
|
self.session = session
|
|
|
|
# NOTE(u_glide): token authorization has highest priority.
|
|
# That's why session and/or password will be ignored
|
|
# if token is provided.
|
|
if not input_auth_token:
|
|
if session:
|
|
self.keystone_client = adapter.LegacyJsonAdapter(
|
|
session=session,
|
|
auth=auth,
|
|
interface=endpoint_type,
|
|
service_type=service_type,
|
|
service_name=service_name,
|
|
region_name=region_name)
|
|
input_auth_token = self.keystone_client.session.get_token(auth)
|
|
|
|
else:
|
|
self.keystone_client = self._get_keystone_client()
|
|
input_auth_token = self.keystone_client.auth_token
|
|
|
|
if not input_auth_token:
|
|
raise RuntimeError("Not Authorized")
|
|
|
|
if session and not service_catalog_url:
|
|
service_catalog_url = self.keystone_client.session.get_endpoint(
|
|
auth, interface=endpoint_type,
|
|
service_type=service_type)
|
|
elif not service_catalog_url:
|
|
catalog = self.keystone_client.service_catalog.get_endpoints(
|
|
service_type)
|
|
for catalog_entry in catalog.get(service_type, []):
|
|
if (catalog_entry.get("interface") == (
|
|
endpoint_type.lower().split("url")[0]) or
|
|
catalog_entry.get(endpoint_type)):
|
|
if (region_name and not region_name == (
|
|
catalog_entry.get(
|
|
"region",
|
|
catalog_entry.get("region_id")))):
|
|
continue
|
|
service_catalog_url = catalog_entry.get(
|
|
"url", catalog_entry.get(endpoint_type))
|
|
break
|
|
|
|
if not service_catalog_url:
|
|
raise RuntimeError("Could not find Manila endpoint in catalog")
|
|
|
|
self.api_version = api_version
|
|
self.client = httpclient.HTTPClient(service_catalog_url,
|
|
input_auth_token,
|
|
user_agent,
|
|
insecure=insecure,
|
|
cacert=cacert,
|
|
cert=cert,
|
|
timeout=timeout,
|
|
retries=retries,
|
|
http_log_debug=http_log_debug,
|
|
api_version=self.api_version)
|
|
|
|
self.limits = limits.LimitsManager(self)
|
|
self.services = services.ServiceManager(self)
|
|
self.security_services = security_services.SecurityServiceManager(self)
|
|
self.share_networks = share_networks.ShareNetworkManager(self)
|
|
|
|
self.quota_classes = quota_classes.QuotaClassSetManager(self)
|
|
self.quotas = quotas.QuotaSetManager(self)
|
|
|
|
self.shares = shares.ShareManager(self)
|
|
self.share_snapshots = share_snapshots.ShareSnapshotManager(self)
|
|
|
|
self.share_types = share_types.ShareTypeManager(self)
|
|
self.share_type_access = share_type_access.ShareTypeAccessManager(self)
|
|
self.share_servers = share_servers.ShareServerManager(self)
|
|
self.pools = scheduler_stats.PoolManager(self)
|
|
|
|
self._load_extensions(extensions)
|
|
|
|
def _load_extensions(self, extensions):
|
|
if not extensions:
|
|
return
|
|
|
|
for extension in extensions:
|
|
if extension.manager_class:
|
|
setattr(self, extension.name, extension.manager_class(self))
|
|
|
|
def _get_keystone_client(self):
|
|
# First create a Keystone session
|
|
if self.insecure:
|
|
verify = False
|
|
else:
|
|
verify = self.cacert or True
|
|
ks_session = session.Session(verify=verify, cert=self.cert)
|
|
|
|
# Discover the supported keystone versions using the given url
|
|
ks_discover = session.discover.Discover(ks_session, self.auth_url)
|
|
|
|
# Inspect the auth_url to see the supported version. If both v3 and v2
|
|
# are supported, then use the highest version if possible.
|
|
v2_auth_url = ks_discover.url_for('v2.0')
|
|
v3_auth_url = ks_discover.url_for('v3.0')
|
|
|
|
if v3_auth_url:
|
|
keystone_client = ks_client.Client(
|
|
session=ks_session,
|
|
version=(3, 0),
|
|
auth_url=v3_auth_url,
|
|
username=self.username,
|
|
password=self.password,
|
|
user_id=self.user_id,
|
|
user_domain_name=self.user_domain_name,
|
|
user_domain_id=self.user_domain_id,
|
|
project_id=self.project_id or self.tenant_id,
|
|
project_name=self.project_name,
|
|
project_domain_name=self.project_domain_name,
|
|
project_domain_id=self.project_domain_id,
|
|
region_name=self.region_name)
|
|
elif v2_auth_url:
|
|
keystone_client = ks_client.Client(
|
|
session=ks_session,
|
|
version=(2, 0),
|
|
auth_url=v2_auth_url,
|
|
username=self.username,
|
|
password=self.password,
|
|
tenant_id=self.tenant_id,
|
|
tenant_name=self.tenant_name,
|
|
region_name=self.region_name,
|
|
cert=self.cert,
|
|
use_keyring=self.use_keyring,
|
|
force_new_token=self.force_new_token,
|
|
stale_duration=self.cached_token_lifetime)
|
|
else:
|
|
raise exceptions.CommandError(
|
|
'Unable to determine the Keystone version to authenticate '
|
|
'with using the given auth_url.')
|
|
keystone_client.authenticate()
|
|
return keystone_client
|