tripleo-common/tripleo_common/actions/parameters.py
2017-07-26 13:22:58 +00:00

603 lines
23 KiB
Python

# Copyright 2016 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import json
import logging
import uuid
from heatclient import exc as heat_exc
from mistral_lib import actions
from swiftclient import exceptions as swiftexceptions
from tripleo_common.actions import base
from tripleo_common.actions import templates
from tripleo_common import constants
from tripleo_common import exception
from tripleo_common.utils import nodes
from tripleo_common.utils import parameters
from tripleo_common.utils import passwords as password_utils
from tripleo_common.utils import plan as plan_utils
LOG = logging.getLogger(__name__)
class GetParametersAction(templates.ProcessTemplatesAction):
"""Gets list of available heat parameters."""
def run(self, context):
cached = self.cache_get(context,
self.container,
"tripleo.parameters.get")
if cached is not None:
return cached
processed_data = super(GetParametersAction, self).run(context)
# If we receive a 'Result' instance it is because the parent action
# had an error.
if isinstance(processed_data, actions.Result):
return processed_data
processed_data['show_nested'] = True
# respect previously user set param values
swift = self.get_object_client(context)
heat = self.get_orchestration_client(context)
try:
env = plan_utils.get_env(swift, self.container)
except swiftexceptions.ClientException as err:
err_msg = ("Error retrieving environment for plan %s: %s" % (
self.container, err))
LOG.exception(err_msg)
return actions.Result(error=err_msg)
params = env.get('parameter_defaults')
fields = {
'template': processed_data['template'],
'files': processed_data['files'],
'environment': processed_data['environment'],
'show_nested': True
}
result = {
'heat_resource_tree': heat.stacks.validate(**fields),
'environment_parameters': params,
}
self.cache_set(context,
self.container,
"tripleo.parameters.get",
result)
return result
class ResetParametersAction(base.TripleOAction):
"""Provides method to delete user set parameters."""
def __init__(self, container=constants.DEFAULT_CONTAINER_NAME,
key=constants.DEFAULT_PLAN_ENV_KEY):
super(ResetParametersAction, self).__init__()
self.container = container
self.key = key
def run(self, context):
swift = self.get_object_client(context)
try:
env = plan_utils.get_env(swift, self.container)
except swiftexceptions.ClientException as err:
err_msg = ("Error retrieving environment for plan %s: %s" % (
self.container, err))
LOG.exception(err_msg)
return actions.Result(error=err_msg)
try:
plan_utils.update_in_env(swift, env, self.key,
delete_key=True)
except swiftexceptions.ClientException as err:
err_msg = ("Error updating environment for plan %s: %s" % (
self.container, err))
LOG.exception(err_msg)
return actions.Result(error=err_msg)
self.cache_delete(context,
self.container,
"tripleo.parameters.get")
return env
class UpdateParametersAction(base.TripleOAction):
"""Updates plan environment with parameters."""
def __init__(self, parameters,
container=constants.DEFAULT_CONTAINER_NAME,
key=constants.DEFAULT_PLAN_ENV_KEY):
super(UpdateParametersAction, self).__init__()
self.container = container
self.parameters = parameters
self.key = key
def run(self, context):
swift = self.get_object_client(context)
try:
env = plan_utils.get_env(swift, self.container)
except swiftexceptions.ClientException as err:
err_msg = ("Error retrieving environment for plan %s: %s" % (
self.container, err))
LOG.exception(err_msg)
return actions.Result(error=err_msg)
try:
plan_utils.update_in_env(swift, env, self.key,
self.parameters)
except swiftexceptions.ClientException as err:
err_msg = ("Error updating environment for plan %s: %s" % (
self.container, err))
LOG.exception(err_msg)
return actions.Result(error=err_msg)
self.cache_delete(context,
self.container,
"tripleo.parameters.get")
return env
class UpdateRoleParametersAction(UpdateParametersAction):
"""Updates role related parameters in plan environment ."""
def __init__(self, role, container=constants.DEFAULT_CONTAINER_NAME):
super(UpdateRoleParametersAction, self).__init__(parameters=None,
container=container)
self.role = role
def run(self, context):
baremetal_client = self.get_baremetal_client(context)
compute_client = self.get_compute_client(context)
self.parameters = parameters.set_count_and_flavor_params(
self.role, baremetal_client, compute_client)
return super(UpdateRoleParametersAction, self).run(context)
class GeneratePasswordsAction(base.TripleOAction):
"""Generates passwords needed for Overcloud deployment
This method generates passwords and ensures they are stored in the
plan environment. This method respects previously generated passwords and
adds new passwords as necessary.
"""
def __init__(self, container=constants.DEFAULT_CONTAINER_NAME):
super(GeneratePasswordsAction, self).__init__()
self.container = container
def run(self, context):
heat = self.get_orchestration_client(context)
swift = self.get_object_client(context)
mistral = self.get_workflow_client(context)
try:
env = plan_utils.get_env(swift, self.container)
except swiftexceptions.ClientException as err:
err_msg = ("Error retrieving environment for plan %s: %s" % (
self.container, err))
LOG.exception(err_msg)
return actions.Result(error=err_msg)
try:
stack_env = heat.stacks.environment(
stack_id=self.container)
except heat_exc.HTTPNotFound:
stack_env = None
passwords = password_utils.generate_passwords(mistral, stack_env)
# if passwords don't yet exist in plan environment
if 'passwords' not in env:
env['passwords'] = {}
# ensure all generated passwords are present in plan env,
# but respect any values previously generated and stored
for name, password in passwords.items():
if name not in env['passwords']:
env['passwords'][name] = password
try:
plan_utils.put_env(swift, env)
except swiftexceptions.ClientException as err:
err_msg = "Error uploading to container: %s" % err
LOG.exception(err_msg)
return actions.Result(error=err_msg)
self.cache_delete(context,
self.container,
"tripleo.parameters.get")
return env['passwords']
class GetPasswordsAction(base.TripleOAction):
"""Get passwords from the environment
This method returns the list passwords which are used for the deployment.
It will return a merged list of user provided passwords and generated
passwords, giving priority to the user provided passwords.
"""
def __init__(self, container=constants.DEFAULT_CONTAINER_NAME):
super(GetPasswordsAction, self).__init__()
self.container = container
def run(self, context):
swift = self.get_object_client(context)
try:
env = plan_utils.get_env(swift, self.container)
except swiftexceptions.ClientException as err:
err_msg = ("Error retrieving environment for plan %s: %s" % (
self.container, err))
LOG.exception(err_msg)
return actions.Result(error=err_msg)
parameter_defaults = env.get('parameter_defaults', {})
passwords = env.get('passwords', {})
return self._get_overriden_passwords(passwords, parameter_defaults)
def _get_overriden_passwords(self, env_passwords, parameter_defaults):
for name in constants.PASSWORD_PARAMETER_NAMES:
if name in parameter_defaults:
env_passwords[name] = parameter_defaults[name]
return env_passwords
class GenerateFencingParametersAction(base.TripleOAction):
"""Generates fencing configuration for a deployment.
:param nodes_json: list of nodes & attributes in json format
:param os_auth: dictionary of OS client auth data (if using pxe_ssh)
:param fence_action: action to take when fencing nodes
:param delay: time to wait before taking fencing action
:param ipmi_level: IPMI user level to use
:param ipmi_cipher: IPMI cipher suite to use
:param ipmi_lanplus: whether to use IPMIv2.0
"""
def __init__(self, nodes_json, os_auth, fence_action, delay,
ipmi_level, ipmi_cipher, ipmi_lanplus):
super(GenerateFencingParametersAction, self).__init__()
self.nodes_json = nodes_json
self.os_auth = os_auth
self.fence_action = fence_action
self.delay = delay
self.ipmi_level = ipmi_level
self.ipmi_cipher = ipmi_cipher
self.ipmi_lanplus = ipmi_lanplus
def run(self, context):
"""Returns the parameters for fencing controller nodes"""
hostmap = nodes.generate_hostmap(self.get_baremetal_client(context),
self.get_compute_client(context))
fence_params = {"EnableFencing": True, "FencingConfig": {}}
devices = []
for node in self.nodes_json:
node_data = {}
params = {}
if "mac" in node:
# Not all Ironic drivers present a MAC address, so we only
# capture it if it's present
mac_addr = node["mac"][0]
node_data["host_mac"] = mac_addr
# If the MAC isn't in the hostmap, this node hasn't been
# provisioned, so no fencing parameters are necessary
if mac_addr not in hostmap:
continue
# Build up fencing parameters based on which Ironic driver this
# node is using
if node["pm_type"] == "pxe_ssh":
# Ironic fencing driver
node_data["agent"] = "fence_ironic"
if self.fence_action:
params["action"] = self.fence_action
params["auth_url"] = self.os_auth["auth_url"]
params["login"] = self.os_auth["login"]
params["passwd"] = self.os_auth["passwd"]
params["tenant_name"] = self.os_auth["tenant_name"]
params["pcmk_host_map"] = "%(compute_name)s:%(bm_name)s" % (
{"compute_name": hostmap[mac_addr]["compute_name"],
"bm_name": hostmap[mac_addr]["baremetal_name"]})
if self.delay:
params["delay"] = self.delay
elif (node['pm_type'] == 'ipmi' or node["pm_type"].split('_')[1] in
("ipmitool", "ilo", "drac")):
# IPMI fencing driver
node_data["agent"] = "fence_ipmilan"
if self.fence_action:
params["action"] = self.fence_action
params["ipaddr"] = node["pm_addr"]
params["passwd"] = node["pm_password"]
params["login"] = node["pm_user"]
params["pcmk_host_list"] = hostmap[mac_addr]["compute_name"]
if "pm_port" in node:
params["ipport"] = node["pm_port"]
if self.ipmi_lanplus:
params["lanplus"] = self.ipmi_lanplus
if self.delay:
params["delay"] = self.delay
if self.ipmi_cipher:
params["cipher"] = self.ipmi_cipher
if self.ipmi_level:
params["privlvl"] = self.ipmi_level
else:
error = ("Unable to generate fencing parameters for %s" %
node["pm_type"])
raise ValueError(error)
node_data["params"] = params
devices.append(node_data)
fence_params["FencingConfig"]["devices"] = devices
return {"parameter_defaults": fence_params}
class GetFlattenedParametersAction(GetParametersAction):
"""Get the heat stack tree and parameters in flattened structure.
This method validates the stack of the container and returns the
parameters and the heat stack tree. The heat stack tree is flattened
for easy consumption.
"""
def __init__(self, container=constants.DEFAULT_CONTAINER_NAME):
super(GetFlattenedParametersAction, self).__init__(container)
def _process_params(self, flattened, params):
for item in params:
if item not in flattened['parameters']:
param_obj = {}
for key, value in params.get(item).items():
camel_case_key = key[0].lower() + key[1:]
param_obj[camel_case_key] = value
param_obj['name'] = item
flattened['parameters'][item] = param_obj
return list(params)
def _process(self, flattened, name, data):
key = str(uuid.uuid4())
value = {}
value.update({
'name': name,
'id': key
})
if 'Type' in data:
value['type'] = data['Type']
if 'Description' in data:
value['description'] = data['Description']
if 'Parameters' in data:
value['parameters'] = self._process_params(flattened,
data['Parameters'])
if 'ParameterGroups' in data:
value['parameter_groups'] = data['ParameterGroups']
if 'NestedParameters' in data:
nested = data['NestedParameters']
nested_ids = []
for nested_key in nested.keys():
nested_data = self._process(flattened, nested_key,
nested.get(nested_key))
# nested_data will always have one key (and only one)
nested_ids.append(list(nested_data)[0])
value['resources'] = nested_ids
flattened['resources'][key] = value
return {key: value}
def run(self, context):
# process all plan files and create or update a stack
processed_data = super(GetFlattenedParametersAction, self).run(context)
# If we receive a 'Result' instance it is because the parent action
# had an error.
if isinstance(processed_data, actions.Result):
return processed_data
if processed_data['heat_resource_tree']:
flattened = {'resources': {}, 'parameters': {}}
self._process(flattened, 'Root',
processed_data['heat_resource_tree'])
processed_data['heat_resource_tree'] = flattened
return processed_data
class GetProfileOfFlavorAction(base.TripleOAction):
"""Gets the profile name for a given flavor name.
Need flavor object to get profile name since get_keys method is
not available for external access. so we have created an action
to get profile name from flavor name.
:param flavor_name: Flavor name
:return: profile name
"""
def __init__(self, flavor_name):
super(GetProfileOfFlavorAction, self).__init__()
self.flavor_name = flavor_name
def run(self, context):
compute_client = self.get_compute_client(context)
try:
return parameters.get_profile_of_flavor(self.flavor_name,
compute_client)
except exception.DeriveParamsError as err:
LOG.error('Derive Params Error: %s', err)
return actions.Result(error=str(err))
class RotateFernetKeysAction(GetPasswordsAction):
"""Rotate fernet keys from the environment
This method rotates the fernet keys that are saved in the environment, in
the passwords parameter.
"""
def __init__(self, container=constants.DEFAULT_CONTAINER_NAME):
super(RotateFernetKeysAction, self).__init__()
self.container = container
def run(self, context):
swift = self.get_object_client(context)
try:
env = plan_utils.get_env(swift, self.container)
except swiftexceptions.ClientException as err:
err_msg = ("Error retrieving environment for plan %s: %s" % (
self.container, err))
LOG.exception(err_msg)
return actions.Result(error=err_msg)
parameter_defaults = env.get('parameter_defaults', {})
passwords = self._get_overriden_passwords(env.get('passwords', {}),
parameter_defaults)
next_index = self.get_next_index(passwords['KeystoneFernetKeys'])
keys_map = self.rotate_keys(passwords['KeystoneFernetKeys'],
next_index)
max_keys = self.get_max_keys_value(parameter_defaults)
keys_map = self.purge_excess_keys(max_keys, keys_map)
env['passwords']['KeystoneFernetKeys'] = keys_map
try:
plan_utils.put_env(swift, env)
except swiftexceptions.ClientException as err:
err_msg = "Error uploading to container: %s" % err
LOG.exception(err_msg)
return actions.Result(error=err_msg)
self.cache_delete(context,
self.container,
"tripleo.parameters.get")
return keys_map
@staticmethod
def get_key_index_from_path(path):
return int(path[path.rfind('/') + 1:])
def get_next_index(self, keys_map):
return self.get_key_index_from_path(
max(keys_map, key=self.get_key_index_from_path)) + 1
def get_key_path(self, index):
return password_utils.KEYSTONE_FERNET_REPO + str(index)
def rotate_keys(self, keys_map, next_index):
next_index_path = self.get_key_path(next_index)
zero_index_path = self.get_key_path(0)
# promote staged key to be new primary
keys_map[next_index_path] = keys_map[zero_index_path]
# Set new staged key
keys_map[zero_index_path] = {
'content': password_utils.create_keystone_credential()}
return keys_map
def get_max_keys_value(self, parameter_defaults):
# The number of max keys should always be positive. The minimum amount
# of keys is 3.
return max(parameter_defaults.get('KeystoneFernetMaxActiveKeys', 5), 3)
def purge_excess_keys(self, max_keys, keys_map):
current_repo_size = len(keys_map)
if current_repo_size <= max_keys:
return keys_map
key_paths = sorted(keys_map.keys(), key=self.get_key_index_from_path)
keys_to_be_purged = current_repo_size - max_keys
for key_path in key_paths[1:keys_to_be_purged + 1]:
del keys_map[key_path]
return keys_map
class GetNetworkConfigAction(templates.ProcessTemplatesAction):
"""Gets network configuration details from available heat parameters."""
def __init__(self, role_name, container=constants.DEFAULT_CONTAINER_NAME):
super(GetNetworkConfigAction, self).__init__(container=container)
self.role_name = role_name
def run(self, context):
processed_data = super(GetNetworkConfigAction, self).run(context)
# If we receive a 'Result' instance it is because the parent action
# had an error.
if isinstance(processed_data, actions.Result):
return processed_data
fields = {
'template': processed_data['template'],
'files': processed_data['files'],
'environment': processed_data['environment'],
'stack_name': self.container,
}
orc = self.get_orchestration_client(context)
preview_data = orc.stacks.preview(**fields)
result = self.get_network_config(preview_data, self.container,
self.role_name)
return result
def get_network_config(self, preview_data, stack_name, role_name):
result = None
if preview_data:
for res in preview_data.resources:
net_script = self.process_preview_list(res,
stack_name,
role_name)
if net_script:
ns_len = len(net_script)
start_index = (net_script.find(
"echo '{\"network_config\"", 0, ns_len) + 6)
end_index = net_script.find("'", start_index, ns_len)
if (end_index > start_index):
net_config = net_script[start_index:end_index]
if net_config:
result = json.loads(net_config)
break
return result
def process_preview_list(self, res, stack_name, role_name):
if type(res) == list:
for item in res:
out = self.process_preview_list(item, stack_name, role_name)
if out:
return out
elif type(res) == dict:
res_stack_name = stack_name + '-' + role_name
if res['resource_name'] == "OsNetConfigImpl" and \
res['resource_identity'] and \
res_stack_name in res['resource_identity']['stack_name']:
return res['properties']['config']
return None