Add in-memory token caching for DC services

This commit introduces an in-memory, dictionary-based token caching
mechanism to reduce the number of token requests made to subclouds'
identity APIs.

The caching is implemented by subclassing the v3.Password
authentication class, which normally handles HTTP requests to the
identity API. The cache first checks if a valid, non-expired token
exists and returns it if found. If not, it proceeds with the actual
request and caches the new token for future use.

Tokens can be invalidated early when all fernet keys are rotated
(e.g., during the initial sync between subcloud and system controller).
The cache leverages Keystone's session reauthentication mechanism to
automatically invalidate cached tokens when necessary.

This commit also raises the open file descriptor limit for the DC
orchestrator service. With the use of sessions, TCP connections are
reused and are not closed immediately after each request.

Test Plan:
01. PASS - Deploy a subcloud and verify token caching behavior.
02. PASS - Deploy a subcloud with remote install, ensuring the token
    cache works.
03. PASS - Prestage a subcloud for install and software deployment,
    validating token caching during the process.
04. PASS - Run prestage orchestration and verify proper use of the
    token cache.
05. PASS - Manage a subcloud for the first time and verify that the
    initial sync functions as expected. Ensure fernet key rotation
    causes cached tokens to invalidate, and confirm reauthentication
    requests are made.
06. PASS - Unmanage a subcloud, rotate all fernet keys manually, then
    manage the subcloud again. Verify token invalidation and
    reauthentication function as expected.
07. PASS - Create a subcloud backup and ensure no token cache issues
    arise.
08. PASS - Restore a subcloud from backup and verify proper
    functionality of the token cache.
09. PASS - Deploy an N-1 subcloud and validate token caching for this
    subcloud.
10. PASS - Verify that audits correctly identify an N-1 subcloud
    without the USM patch as missing the USM service.
11. PASS - Apply the USM patch to the N-1 subcloud and verify that
    the audit detects the USM service and prestage orchestration for
    software deployment functions correctly.
12. PASS - Test DC orchestration audit and sync by creating a new
    OpenStack user, and verify the user is replicated to the subcloud.
13. PASS - Apply a patch to subclouds using software deployment
    orchestration, verifying token cache performance.
14. PASS - Test dcmanager API commands that send requests to
    subclouds (e.g., 'dcmanager subcloud show <subcloud> --details'),
    ensuring token cache is used.
15. PASS - Conduct a soak test of all DC services to verify token
    expiration, renewal, and cache behavior over extended use.
16. PASS - Monitor TCP connections to ensure they are properly
    closed after each use, preventing lingering open connections during
    token caching or HTTP request handling.
17. PASS - Run end-to-end geo-redundancy operation and verify that it
    completes successfully.
18. PASS - Run kube rootca update orchestration and verify that it
    completes successfully.
19. PASS - Verify that the number of POST token requests made by the DC
    audit to the subcloud per hour is equal to the number of DC audit
    workers on the system controller.
20. PASS - Monitor the number of open file descriptors to ensure it
    does not reach the new limit while executing a DC kube rootca
    update strategy with the maximum number of supported subclouds.
    Additionally, verify that all sessions are closed after the
    strategy is complete.

Closes-Bug: 2084490

Change-Id: Ie3c17f58c09ae08df8cd9f0c92f50ab0c556c263
Signed-off-by: Gustavo Herzmann <gustavo.herzmann@windriver.com>
This commit is contained in:
Gustavo Herzmann 2024-10-08 14:38:15 -03:00
parent 4429018879
commit 2ac4be0d5a
38 changed files with 833 additions and 657 deletions

View File

@ -107,6 +107,11 @@ endpoint_cache_opts = [
"http_connect_timeout", "http_connect_timeout",
help="Request timeout value for communicating with Identity API server.", help="Request timeout value for communicating with Identity API server.",
), ),
cfg.IntOpt(
"token_cache_size",
default=5000,
help="Maximum number of entries in the in-memory token cache",
),
] ]
scheduler_opts = [ scheduler_opts = [

View File

@ -6,7 +6,6 @@
from keystoneauth1.session import Session as keystone_session from keystoneauth1.session import Session as keystone_session
from oslo_log import log from oslo_log import log
import requests
from dccommon import consts from dccommon import consts
from dccommon.drivers import base from dccommon.drivers import base
@ -26,6 +25,8 @@ class DcagentClient(base.DriverBase):
session: keystone_session, session: keystone_session,
endpoint: str = None, endpoint: str = None,
): ):
self.session = session
# Get an endpoint and token. # Get an endpoint and token.
if endpoint is None: if endpoint is None:
self.endpoint = session.get_endpoint( self.endpoint = session.get_endpoint(
@ -36,14 +37,11 @@ class DcagentClient(base.DriverBase):
else: else:
self.endpoint = endpoint self.endpoint = endpoint
self.token = session.get_token()
def audit(self, audit_data, timeout=DCAGENT_REST_DEFAULT_TIMEOUT): def audit(self, audit_data, timeout=DCAGENT_REST_DEFAULT_TIMEOUT):
"""Audit subcloud""" """Audit subcloud"""
url = self.endpoint + "/v1/dcaudit" url = self.endpoint + "/v1/dcaudit"
headers = {"X-Auth-Token": self.token} response = self.session.patch(
response = requests.patch( url, json=audit_data, timeout=timeout, raise_exc=False
url, headers=headers, json=audit_data, timeout=timeout
) )
if response.status_code == 200: if response.status_code == 200:

View File

@ -3,8 +3,8 @@
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
# #
from keystoneauth1 import session as ks_session
from oslo_log import log from oslo_log import log
import requests
from requests_toolbelt import MultipartEncoder from requests_toolbelt import MultipartEncoder
from dccommon import consts from dccommon import consts
@ -22,8 +22,8 @@ class DcmanagerClient(base.DriverBase):
def __init__( def __init__(
self, self,
region, region: str,
session, session: ks_session.Session,
timeout=DCMANAGER_CLIENT_REST_DEFAULT_TIMEOUT, timeout=DCMANAGER_CLIENT_REST_DEFAULT_TIMEOUT,
endpoint_type=consts.KS_ENDPOINT_PUBLIC, endpoint_type=consts.KS_ENDPOINT_PUBLIC,
endpoint=None, endpoint=None,
@ -33,8 +33,8 @@ class DcmanagerClient(base.DriverBase):
service_type="dcmanager", region_name=region, interface=endpoint_type service_type="dcmanager", region_name=region, interface=endpoint_type
) )
self.endpoint = endpoint self.endpoint = endpoint
self.token = session.get_token()
self.timeout = timeout self.timeout = timeout
self.session = session
def get_system_peer(self, system_peer_uuid): def get_system_peer(self, system_peer_uuid):
"""Get system peer.""" """Get system peer."""
@ -42,8 +42,7 @@ class DcmanagerClient(base.DriverBase):
raise ValueError("system_peer_uuid is required.") raise ValueError("system_peer_uuid is required.")
url = f"{self.endpoint}/system-peers/{system_peer_uuid}" url = f"{self.endpoint}/system-peers/{system_peer_uuid}"
headers = {"X-Auth-Token": self.token} response = self.session.get(url, timeout=self.timeout, raise_exc=False)
response = requests.get(url, headers=headers, timeout=self.timeout)
if response.status_code == 200: if response.status_code == 200:
return response.json() return response.json()
@ -63,10 +62,14 @@ class DcmanagerClient(base.DriverBase):
raise ValueError("subcloud_ref is required.") raise ValueError("subcloud_ref is required.")
url = f"{self.endpoint}/subclouds/{subcloud_ref}/detail" url = f"{self.endpoint}/subclouds/{subcloud_ref}/detail"
headers = {"X-Auth-Token": self.token} user_agent = consts.DCMANAGER_V1_HTTP_AGENT if is_region_name else None
if is_region_name:
headers["User-Agent"] = consts.DCMANAGER_V1_HTTP_AGENT response = self.session.get(
response = requests.get(url, headers=headers, timeout=self.timeout) url,
timeout=self.timeout,
user_agent=user_agent,
raise_exc=False,
)
if response.status_code == 200: if response.status_code == 200:
return response.json() return response.json()
@ -84,8 +87,7 @@ class DcmanagerClient(base.DriverBase):
"""Get subcloud list.""" """Get subcloud list."""
url = f"{self.endpoint}/subclouds" url = f"{self.endpoint}/subclouds"
headers = {"X-Auth-Token": self.token} response = self.session.get(url, timeout=self.timeout, raise_exc=False)
response = requests.get(url, headers=headers, timeout=self.timeout)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()
@ -99,8 +101,7 @@ class DcmanagerClient(base.DriverBase):
"""Get subcloud group list.""" """Get subcloud group list."""
url = f"{self.endpoint}/subcloud-groups" url = f"{self.endpoint}/subcloud-groups"
headers = {"X-Auth-Token": self.token} response = self.session.get(url, timeout=self.timeout, raise_exc=False)
response = requests.get(url, headers=headers, timeout=self.timeout)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()
@ -116,8 +117,7 @@ class DcmanagerClient(base.DriverBase):
"""Get subcloud peer group list.""" """Get subcloud peer group list."""
url = f"{self.endpoint}/subcloud-peer-groups" url = f"{self.endpoint}/subcloud-peer-groups"
headers = {"X-Auth-Token": self.token} response = self.session.get(url, timeout=self.timeout, raise_exc=False)
response = requests.get(url, headers=headers, timeout=self.timeout)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()
@ -136,8 +136,7 @@ class DcmanagerClient(base.DriverBase):
raise ValueError("peer_group_ref is required.") raise ValueError("peer_group_ref is required.")
url = f"{self.endpoint}/subcloud-peer-groups/{peer_group_ref}" url = f"{self.endpoint}/subcloud-peer-groups/{peer_group_ref}"
headers = {"X-Auth-Token": self.token} response = self.session.get(url, timeout=self.timeout, raise_exc=False)
response = requests.get(url, headers=headers, timeout=self.timeout)
if response.status_code == 200: if response.status_code == 200:
return response.json() return response.json()
@ -162,8 +161,7 @@ class DcmanagerClient(base.DriverBase):
raise ValueError("peer_group_ref is required.") raise ValueError("peer_group_ref is required.")
url = f"{self.endpoint}/subcloud-peer-groups/{peer_group_ref}/subclouds" url = f"{self.endpoint}/subcloud-peer-groups/{peer_group_ref}/subclouds"
headers = {"X-Auth-Token": self.token} response = self.session.get(url, timeout=self.timeout, raise_exc=False)
response = requests.get(url, headers=headers, timeout=self.timeout)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()
@ -196,8 +194,7 @@ class DcmanagerClient(base.DriverBase):
"""Get peer group association list.""" """Get peer group association list."""
url = f"{self.endpoint}/peer-group-associations" url = f"{self.endpoint}/peer-group-associations"
headers = {"X-Auth-Token": self.token} response = self.session.get(url, timeout=self.timeout, raise_exc=False)
response = requests.get(url, headers=headers, timeout=self.timeout)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()
@ -214,9 +211,9 @@ class DcmanagerClient(base.DriverBase):
"""Add a subcloud peer group.""" """Add a subcloud peer group."""
url = f"{self.endpoint}/subcloud-peer-groups" url = f"{self.endpoint}/subcloud-peer-groups"
headers = {"X-Auth-Token": self.token, "Content-Type": "application/json"} headers = {"Content-Type": "application/json"}
response = requests.post( response = self.session.post(
url, json=kwargs, headers=headers, timeout=self.timeout url, json=kwargs, timeout=self.timeout, headers=headers, raise_exc=False
) )
if response.status_code == 200: if response.status_code == 200:
@ -256,11 +253,12 @@ class DcmanagerClient(base.DriverBase):
fields.update(data) fields.update(data)
enc = MultipartEncoder(fields=fields) enc = MultipartEncoder(fields=fields)
headers = { headers = {
"X-Auth-Token": self.token,
"Content-Type": enc.content_type, "Content-Type": enc.content_type,
"User-Agent": consts.DCMANAGER_V1_HTTP_AGENT, "User-Agent": consts.DCMANAGER_V1_HTTP_AGENT,
} }
response = requests.post(url, headers=headers, data=enc, timeout=self.timeout) response = self.session.post(
url, data=enc, timeout=self.timeout, headers=headers, raise_exc=False
)
if response.status_code == 200: if response.status_code == 200:
return response.json() return response.json()
@ -276,9 +274,8 @@ class DcmanagerClient(base.DriverBase):
"""Add a peer group association.""" """Add a peer group association."""
url = f"{self.endpoint}/peer-group-associations" url = f"{self.endpoint}/peer-group-associations"
headers = {"X-Auth-Token": self.token, "Content-Type": "application/json"} response = self.session.post(
response = requests.post( url, json=kwargs, timeout=self.timeout, raise_exc=False
url, json=kwargs, headers=headers, timeout=self.timeout
) )
if response.status_code == 200: if response.status_code == 200:
@ -298,9 +295,8 @@ class DcmanagerClient(base.DriverBase):
url = f"{self.endpoint}/peer-group-associations/{association_id}" url = f"{self.endpoint}/peer-group-associations/{association_id}"
update_kwargs = {"sync_status": sync_status} update_kwargs = {"sync_status": sync_status}
headers = {"X-Auth-Token": self.token, "Content-Type": "application/json"} response = self.session.patch(
response = requests.patch( url, json=update_kwargs, timeout=self.timeout, raise_exc=False
url, json=update_kwargs, headers=headers, timeout=self.timeout
) )
if response.status_code == 200: if response.status_code == 200:
@ -327,13 +323,12 @@ class DcmanagerClient(base.DriverBase):
raise ValueError("peer_group_ref is required.") raise ValueError("peer_group_ref is required.")
url = f"{self.endpoint}/subcloud-peer-groups/{peer_group_ref}" url = f"{self.endpoint}/subcloud-peer-groups/{peer_group_ref}"
headers = { response = self.session.patch(
"X-Auth-Token": self.token, url,
"Content-Type": "application/json", json=kwargs,
"User-Agent": consts.DCMANAGER_V1_HTTP_AGENT, timeout=self.timeout,
} user_agent=consts.DCMANAGER_V1_HTTP_AGENT,
response = requests.patch( raise_exc=False,
url, json=kwargs, headers=headers, timeout=self.timeout
) )
if response.status_code == 200: if response.status_code == 200:
@ -359,9 +354,8 @@ class DcmanagerClient(base.DriverBase):
raise ValueError("peer_group_ref is required.") raise ValueError("peer_group_ref is required.")
url = f"{self.endpoint}/subcloud-peer-groups/{peer_group_ref}/audit" url = f"{self.endpoint}/subcloud-peer-groups/{peer_group_ref}/audit"
headers = {"X-Auth-Token": self.token, "Content-Type": "application/json"} response = self.session.patch(
response = requests.patch( url, json=kwargs, timeout=self.timeout, raise_exc=False
url, json=kwargs, headers=headers, timeout=self.timeout
) )
if response.status_code == 200: if response.status_code == 200:
@ -402,12 +396,12 @@ class DcmanagerClient(base.DriverBase):
fields.update(data) fields.update(data)
enc = MultipartEncoder(fields=fields) enc = MultipartEncoder(fields=fields)
headers = {"X-Auth-Token": self.token, "Content-Type": enc.content_type} headers = {"Content-Type": enc.content_type}
# Add header to flag the request is from another DC,
# server will treat subcloud_ref as a region_name
if is_region_name: if is_region_name:
headers["User-Agent"] = consts.DCMANAGER_V1_HTTP_AGENT headers["User-Agent"] = consts.DCMANAGER_V1_HTTP_AGENT
response = requests.patch(url, headers=headers, data=enc, timeout=self.timeout) response = self.session.patch(
url, data=enc, timeout=self.timeout, headers=headers, raise_exc=False
)
if response.status_code == 200: if response.status_code == 200:
return response.json() return response.json()
@ -428,8 +422,7 @@ class DcmanagerClient(base.DriverBase):
raise ValueError("association_id is required.") raise ValueError("association_id is required.")
url = f"{self.endpoint}/peer-group-associations/{association_id}" url = f"{self.endpoint}/peer-group-associations/{association_id}"
headers = {"X-Auth-Token": self.token} response = self.session.delete(url, timeout=self.timeout, raise_exc=False)
response = requests.delete(url, headers=headers, timeout=self.timeout)
if response.status_code == 200: if response.status_code == 200:
return response.json() return response.json()
@ -454,8 +447,7 @@ class DcmanagerClient(base.DriverBase):
raise ValueError("peer_group_ref is required.") raise ValueError("peer_group_ref is required.")
url = f"{self.endpoint}/subcloud-peer-groups/{peer_group_ref}" url = f"{self.endpoint}/subcloud-peer-groups/{peer_group_ref}"
headers = {"X-Auth-Token": self.token} response = self.session.delete(url, timeout=self.timeout, raise_exc=False)
response = requests.delete(url, headers=headers, timeout=self.timeout)
if response.status_code == 200: if response.status_code == 200:
return response.json() return response.json()
@ -488,11 +480,12 @@ class DcmanagerClient(base.DriverBase):
raise ValueError("subcloud_ref is required.") raise ValueError("subcloud_ref is required.")
url = f"{self.endpoint}/subclouds/{subcloud_ref}" url = f"{self.endpoint}/subclouds/{subcloud_ref}"
headers = { response = self.session.delete(
"X-Auth-Token": self.token, url,
"User-Agent": consts.DCMANAGER_V1_HTTP_AGENT, timeout=self.timeout,
} user_agent=consts.DCMANAGER_V1_HTTP_AGENT,
response = requests.delete(url, headers=headers, timeout=self.timeout) raise_exc=False,
)
if response.status_code == 200: if response.status_code == 200:
return response.json() return response.json()

View File

@ -14,11 +14,11 @@
# #
import fmclient import fmclient
from keystoneauth1 import session as ks_session
from oslo_log import log from oslo_log import log
from dccommon import consts as dccommon_consts from dccommon import consts as dccommon_consts
from dccommon.drivers import base from dccommon.drivers import base
from dccommon import exceptions
LOG = log.getLogger(__name__) LOG = log.getLogger(__name__)
API_VERSION = "1" API_VERSION = "1"
@ -29,30 +29,32 @@ class FmClient(base.DriverBase):
def __init__( def __init__(
self, self,
region, region: str,
session, session: ks_session.Session,
endpoint_type=dccommon_consts.KS_ENDPOINT_DEFAULT, endpoint_type=dccommon_consts.KS_ENDPOINT_DEFAULT,
endpoint=None, endpoint: str = None,
token=None, token: str = None,
): ):
self.region_name = region self.region_name = region
token = token if token else session.get_token()
# If the token is specified, use it instead of using the session
if token:
if not endpoint: if not endpoint:
endpoint = session.get_endpoint( endpoint = session.get_endpoint(
service_type=dccommon_consts.ENDPOINT_TYPE_FM, service_type=dccommon_consts.ENDPOINT_TYPE_FM,
region_name=region, region_name=region,
interface=endpoint_type, interface=endpoint_type,
) )
try: session = None
self.fm = fmclient.Client( self.fm = fmclient.Client(
API_VERSION, API_VERSION,
session=session,
region_name=region, region_name=region,
endpoint_type=endpoint_type, endpoint_type=endpoint_type,
endpoint=endpoint, endpoint=endpoint,
auth_token=token, auth_token=token,
) )
except exceptions.ServiceUnavailable:
raise
def get_alarm_summary(self): def get_alarm_summary(self):
"""Get this region alarm summary""" """Get this region alarm summary"""

View File

@ -13,8 +13,8 @@
# under the License. # under the License.
# #
from keystoneauth1 import session as ks_session
from oslo_log import log from oslo_log import log
import requests
from requests_toolbelt import MultipartEncoder from requests_toolbelt import MultipartEncoder
from dccommon import consts from dccommon import consts
@ -35,18 +35,16 @@ PATCH_REST_DEFAULT_TIMEOUT = 900
class PatchingClient(base.DriverBase): class PatchingClient(base.DriverBase):
"""Patching V1 driver.""" """Patching V1 driver."""
def __init__(self, region, session, endpoint=None): def __init__(self, region: str, session: ks_session.Session, endpoint: str = None):
# Get an endpoint and token. self.session = session
if endpoint is None: self.endpoint = endpoint
if not self.endpoint:
self.endpoint = session.get_endpoint( self.endpoint = session.get_endpoint(
service_type="patching", service_type="patching",
region_name=region, region_name=region,
interface=consts.KS_ENDPOINT_ADMIN, interface=consts.KS_ENDPOINT_ADMIN,
) )
else:
self.endpoint = endpoint
self.token = session.get_token()
def query(self, state=None, release=None, timeout=PATCH_REST_DEFAULT_TIMEOUT): def query(self, state=None, release=None, timeout=PATCH_REST_DEFAULT_TIMEOUT):
"""Query patches""" """Query patches"""
@ -55,8 +53,7 @@ class PatchingClient(base.DriverBase):
url += "?show=%s" % state.lower() url += "?show=%s" % state.lower()
if release is not None: if release is not None:
url += "&release=%s" % release url += "&release=%s" % release
headers = {"X-Auth-Token": self.token} response = self.session.get(url, timeout=timeout, raise_exc=False)
response = requests.get(url, headers=headers, timeout=timeout)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()
@ -74,8 +71,7 @@ class PatchingClient(base.DriverBase):
def query_hosts(self, timeout=PATCH_REST_DEFAULT_TIMEOUT): def query_hosts(self, timeout=PATCH_REST_DEFAULT_TIMEOUT):
"""Query hosts""" """Query hosts"""
url = self.endpoint + "/v1/query_hosts" url = self.endpoint + "/v1/query_hosts"
headers = {"X-Auth-Token": self.token} response = self.session.get(url, timeout=timeout, raise_exc=False)
response = requests.get(url, headers=headers, timeout=timeout)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()
@ -94,8 +90,7 @@ class PatchingClient(base.DriverBase):
"""Apply patches""" """Apply patches"""
patch_str = "/".join(patches) patch_str = "/".join(patches)
url = self.endpoint + "/v1/apply/%s" % patch_str url = self.endpoint + "/v1/apply/%s" % patch_str
headers = {"X-Auth-Token": self.token} response = self.session.post(url, timeout=timeout, raise_exc=False)
response = requests.post(url, headers=headers, timeout=timeout)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()
@ -114,8 +109,7 @@ class PatchingClient(base.DriverBase):
"""Remove patches""" """Remove patches"""
patch_str = "/".join(patches) patch_str = "/".join(patches)
url = self.endpoint + "/v1/remove/%s" % patch_str url = self.endpoint + "/v1/remove/%s" % patch_str
headers = {"X-Auth-Token": self.token} response = self.session.post(url, timeout=timeout, raise_exc=False)
response = requests.post(url, headers=headers, timeout=timeout)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()
@ -134,8 +128,7 @@ class PatchingClient(base.DriverBase):
"""Delete patches""" """Delete patches"""
patch_str = "/".join(patches) patch_str = "/".join(patches)
url = self.endpoint + "/v1/delete/%s" % patch_str url = self.endpoint + "/v1/delete/%s" % patch_str
headers = {"X-Auth-Token": self.token} response = self.session.post(url, timeout=timeout, raise_exc=False)
response = requests.post(url, headers=headers, timeout=timeout)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()
@ -154,8 +147,7 @@ class PatchingClient(base.DriverBase):
"""Commit patches""" """Commit patches"""
patch_str = "/".join(patches) patch_str = "/".join(patches)
url = self.endpoint + "/v1/commit/%s" % patch_str url = self.endpoint + "/v1/commit/%s" % patch_str
headers = {"X-Auth-Token": self.token} response = self.session.post(url, timeout=timeout, raise_exc=False)
response = requests.post(url, headers=headers, timeout=timeout)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()
@ -183,8 +175,10 @@ class PatchingClient(base.DriverBase):
} }
) )
url = self.endpoint + "/v1/upload" url = self.endpoint + "/v1/upload"
headers = {"X-Auth-Token": self.token, "Content-Type": enc.content_type} headers = {"Content-Type": enc.content_type}
response = requests.post(url, data=enc, headers=headers, timeout=timeout) response = self.session.post(
url, data=enc, headers=headers, timeout=timeout, raise_exc=False
)
if response.status_code == 200: if response.status_code == 200:
data = response.json() data = response.json()

View File

@ -2,6 +2,7 @@
# #
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
# #
from urllib import parse
from keystoneauth1.session import Session as keystone_session from keystoneauth1.session import Session as keystone_session
from oslo_log import log from oslo_log import log
@ -40,59 +41,66 @@ class SoftwareClient(base.DriverBase):
endpoint_type: str = consts.KS_ENDPOINT_ADMIN, endpoint_type: str = consts.KS_ENDPOINT_ADMIN,
token: str = None, token: str = None,
): ):
# Get an endpoint and token. self.session = session
if not endpoint: self.endpoint = endpoint
self.token = token
if not self.endpoint:
self.endpoint = session.get_endpoint( self.endpoint = session.get_endpoint(
service_type=consts.ENDPOINT_TYPE_USM, service_type=consts.ENDPOINT_TYPE_USM,
region_name=region, region_name=region,
interface=endpoint_type, interface=endpoint_type,
) )
else:
self.endpoint = endpoint
# The usm systemcontroller endpoint ends with a slash but the regionone self.endpoint = parse.urljoin(self.endpoint, "/v1")
# and the subcloud endpoint don't. The slash is removed to standardize self.headers = {"X-Auth-Token": self.token} if token else None
# with the other endpoints.
self.endpoint = self.endpoint.rstrip("/") + "/v1" def request(self, url: str, method: str, timeout: int):
self.token = token if token else session.get_token() """Request directly if token is passed, otherwise use the session"""
self.headers = {"X-Auth-Token": self.token} if self.token:
return requests.request(
method=method, url=url, headers=self.headers, timeout=timeout
)
return self.session.request(
url, method=method, timeout=timeout, raise_exc=False
)
def list(self, timeout=REST_DEFAULT_TIMEOUT): def list(self, timeout=REST_DEFAULT_TIMEOUT):
"""List releases""" """List releases"""
url = self.endpoint + "/release" url = self.endpoint + "/release"
response = requests.get(url, headers=self.headers, timeout=timeout) response = self.request(url, "GET", timeout)
return self._handle_response(response, operation="List") return self._handle_response(response, operation="List")
def show(self, release, timeout=REST_SHOW_TIMEOUT): def show(self, release, timeout=REST_SHOW_TIMEOUT):
"""Show release""" """Show release"""
url = self.endpoint + f"/release/{release}" url = self.endpoint + f"/release/{release}"
response = requests.get(url, headers=self.headers, timeout=timeout) response = self.request(url, "GET", timeout)
return self._handle_response(response, operation="Show") return self._handle_response(response, operation="Show")
def delete(self, releases, timeout=REST_DELETE_TIMEOUT): def delete(self, releases, timeout=REST_DELETE_TIMEOUT):
"""Delete release""" """Delete release"""
release_str = "/".join(releases) release_str = "/".join(releases)
url = self.endpoint + f"/release/{release_str}" url = self.endpoint + f"/release/{release_str}"
response = requests.delete(url, headers=self.headers, timeout=timeout) response = self.request(url, "DELETE", timeout)
return self._handle_response(response, operation="Delete") return self._handle_response(response, operation="Delete")
def deploy_precheck(self, deployment, timeout=REST_DEFAULT_TIMEOUT): def deploy_precheck(self, deployment, timeout=REST_DEFAULT_TIMEOUT):
"""Deploy precheck""" """Deploy precheck"""
url = self.endpoint + f"/deploy/{deployment}/precheck" url = self.endpoint + f"/deploy/{deployment}/precheck"
response = requests.post(url, headers=self.headers, timeout=timeout) response = self.request(url, "POST", timeout)
return self._handle_response(response, operation="Deploy precheck") return self._handle_response(response, operation="Deploy precheck")
def show_deploy(self, timeout=REST_DEFAULT_TIMEOUT): def show_deploy(self, timeout=REST_DEFAULT_TIMEOUT):
"""Show deploy""" """Show deploy"""
url = self.endpoint + "/deploy" url = self.endpoint + "/deploy"
response = requests.get(url, headers=self.headers, timeout=timeout) response = self.request(url, "GET", timeout)
return self._handle_response(response, operation="Show deploy") return self._handle_response(response, operation="Show deploy")
def commit_patch(self, releases, timeout=REST_DEFAULT_TIMEOUT): def commit_patch(self, releases, timeout=REST_DEFAULT_TIMEOUT):
"""Commit patch""" """Commit patch"""
release_str = "/".join(releases) release_str = "/".join(releases)
url = self.endpoint + f"/commit_patch/{release_str}" url = self.endpoint + f"/commit_patch/{release_str}"
response = requests.post(url, headers=self.headers, timeout=timeout) response = self.request(url, "POST", timeout)
return self._handle_response(response, operation="Commit patch") return self._handle_response(response, operation="Commit patch")
def _handle_response(self, response, operation): def _handle_response(self, response, operation):

View File

@ -126,26 +126,32 @@ class SysinvClient(base.DriverBase):
self, self,
region: str, region: str,
session: keystone_session, session: keystone_session,
timeout: int = consts.SYSINV_CLIENT_REST_DEFAULT_TIMEOUT, timeout: float = consts.SYSINV_CLIENT_REST_DEFAULT_TIMEOUT,
endpoint_type: str = consts.KS_ENDPOINT_ADMIN, endpoint_type: str = consts.KS_ENDPOINT_ADMIN,
endpoint: str = None, endpoint: str = None,
token: str = None, token: str = None,
): ):
self.region_name = region self.region_name = region
# The sysinv client doesn't support a session, so we need to kwargs = {}
# get an endpoint and token.
# If the token is specified, use it instead of using the session
if token:
kwargs["token"] = token
kwargs["timeout"] = timeout
if not endpoint: if not endpoint:
endpoint = session.get_endpoint( endpoint = session.get_endpoint(
service_type=consts.ENDPOINT_TYPE_PLATFORM, service_type=consts.ENDPOINT_TYPE_PLATFORM,
region_name=region, region_name=region,
interface=endpoint_type, interface=endpoint_type,
) )
else:
session.timeout = timeout
kwargs["session"] = session
token = token if token else session.get_token() kwargs["endpoint"] = endpoint
self.sysinv_client = client.Client(
API_VERSION, endpoint=endpoint, token=token, timeout=timeout self.sysinv_client = client.Client(API_VERSION, **kwargs)
)
def get_host(self, hostname_or_id): def get_host(self, hostname_or_id):
"""Get a host by its hostname or id.""" """Get a host by its hostname or id."""

View File

@ -13,8 +13,10 @@
# under the License. # under the License.
# #
from functools import wraps
import json import json
from keystoneauth1 import session as ks_session
from nfv_client.openstack import rest_api from nfv_client.openstack import rest_api
from nfv_client.openstack import sw_update from nfv_client.openstack import sw_update
from oslo_log import log from oslo_log import log
@ -80,11 +82,41 @@ TRANSITORY_STATES = [
VIM_AUTHORIZATION_FAILED = "Authorization failed" VIM_AUTHORIZATION_FAILED = "Authorization failed"
# VIM API returns a 403 instead of a 401 for unauthenticated requests, so we
# can't use the internal re-auth functionality of the keystone session, we must
# manually check for the VIM_AUTHORIZATION_FAILED string in the raised exception
def retry_on_auth_failure():
def decorator(func):
@wraps(func)
def wrapper(self, *args, **kwargs):
try:
return func(self, *args, **kwargs)
except Exception as e:
# Invalidate token cache and retry
if VIM_AUTHORIZATION_FAILED in str(e):
self.session.invalidate()
return func(self, *args, **kwargs)
# Raise any other type of exception
raise e
return wrapper
return decorator
# TODO(gherzmann): Enhance VIM client to use session-based connections,
# enabling TCP connection reuse for improved efficiency
class VimClient(base.DriverBase): class VimClient(base.DriverBase):
"""VIM driver.""" """VIM driver."""
def __init__(self, region, session, endpoint=None): @property
try: def token(self):
# The property is used to guarantee we always get the most recent token
return self.session.get_token()
def __init__(self, region: str, session: ks_session.Session, endpoint: str = None):
self.session = session
# The nfv_client doesn't support a session, so we need to # The nfv_client doesn't support a session, so we need to
# get an endpoint and token. # get an endpoint and token.
if endpoint is None: if endpoint is None:
@ -96,7 +128,6 @@ class VimClient(base.DriverBase):
else: else:
self.endpoint = endpoint self.endpoint = endpoint
self.token = session.get_token()
# session.get_user_id() returns a UUID # session.get_user_id() returns a UUID
# that always corresponds to 'dcmanager' # that always corresponds to 'dcmanager'
self.username = consts.DCMANAGER_USER_NAME self.username = consts.DCMANAGER_USER_NAME
@ -107,9 +138,7 @@ class VimClient(base.DriverBase):
# that always corresponds to 'services' # that always corresponds to 'services'
self.tenant = consts.SERVICES_USER_NAME self.tenant = consts.SERVICES_USER_NAME
except exceptions.ServiceUnavailable: @retry_on_auth_failure()
raise
def create_strategy( def create_strategy(
self, self,
strategy_name, strategy_name,
@ -193,6 +222,7 @@ class VimClient(base.DriverBase):
) )
return self._add_strategy_response(response) return self._add_strategy_response(response)
@retry_on_auth_failure()
def get_strategy(self, strategy_name, raise_error_if_missing=True): def get_strategy(self, strategy_name, raise_error_if_missing=True):
"""Get VIM orchestration strategy""" """Get VIM orchestration strategy"""
@ -231,6 +261,7 @@ class VimClient(base.DriverBase):
) )
return self._add_strategy_response(response) return self._add_strategy_response(response)
@retry_on_auth_failure()
def get_current_strategy(self): def get_current_strategy(self):
"""Get the current active VIM orchestration strategy""" """Get the current active VIM orchestration strategy"""
@ -243,6 +274,7 @@ class VimClient(base.DriverBase):
LOG.debug("Strategy: %s" % strategy) LOG.debug("Strategy: %s" % strategy)
return strategy return strategy
@retry_on_auth_failure()
def delete_strategy(self, strategy_name): def delete_strategy(self, strategy_name):
"""Delete the current VIM orchestration strategy""" """Delete the current VIM orchestration strategy"""
@ -265,6 +297,7 @@ class VimClient(base.DriverBase):
LOG.debug("Strategy deleted") LOG.debug("Strategy deleted")
@retry_on_auth_failure()
def apply_strategy(self, strategy_name): def apply_strategy(self, strategy_name):
"""Apply the current orchestration strategy""" """Apply the current orchestration strategy"""
@ -332,6 +365,7 @@ class VimClient(base.DriverBase):
return sw_update._get_strategy_object_from_response(response) return sw_update._get_strategy_object_from_response(response)
@retry_on_auth_failure()
def abort_strategy(self, strategy_name): def abort_strategy(self, strategy_name):
"""Abort the current orchestration strategy""" """Abort the current orchestration strategy"""

View File

@ -16,11 +16,12 @@
# #
import collections import collections
from typing import Callable from collections.abc import Callable
from typing import List from typing import Any
from typing import Tuple from typing import Optional
from typing import Union from typing import Union
from keystoneauth1 import access
from keystoneauth1.identity import v3 from keystoneauth1.identity import v3
from keystoneauth1 import loading from keystoneauth1 import loading
from keystoneauth1 import session from keystoneauth1 import session
@ -37,6 +38,120 @@ LOG = logging.getLogger(__name__)
LOCK_NAME = "dc-keystone-endpoint-cache" LOCK_NAME = "dc-keystone-endpoint-cache"
class TCPKeepAliveSingleConnectionAdapter(session.TCPKeepAliveAdapter):
def __init__(self, *args, **kwargs):
# Set the maximum connections to 1 to reduce the number of open file descriptors
kwargs["pool_connections"] = 1
kwargs["pool_maxsize"] = 1
super().__init__(*args, **kwargs)
class BoundedFIFOCache(collections.OrderedDict):
"""A First-In-First-Out (FIFO) cache with a maximum size limit.
This cache maintains insertion order and automatically removes the oldest
items when the maximum size is reached.
"""
def __init__(self, *args, **kwargs) -> None:
"""Initialize the FIFO cache.
:param args: Additional positional arguments passed to OrderedDict constructor.
:param kwargs: Additional keyword arguments passed to OrderedDict constructor.
"""
self._maxsize = None
super().__init__(*args, **kwargs)
def __setitem__(self, key: Any, value: Any) -> None:
"""Set an item in the cache.
If the cache is at maximum capacity, the oldest item is discarded.
:param key: The key of the item.
:param value: The value of the item.
"""
super().__setitem__(key, value)
self.move_to_end(key)
# The CONF endpoint_cache section doesn't exist at the
# time the class is defined, so we define it here instead
if self._maxsize is None:
self._maxsize = CONF.endpoint_cache.token_cache_size
if self._maxsize > 0 and len(self) > self._maxsize:
discarded = self.popitem(last=False)
LOG.info(f"Maximum cache size reached, discarding token for {discarded[0]}")
class CachedV3Password(v3.Password):
"""Cached v3.Password authentication class that caches auth tokens.
This class uses a bounded FIFO cache to store and retrieve auth tokens,
reducing the number of token requests made to the authentication server.
"""
_CACHE = BoundedFIFOCache()
_CACHE_LOCK = lockutils.ReaderWriterLock()
def _get_from_cache(self) -> Optional[tuple[dict, str]]:
"""Retrieve the cached auth info for the current auth_url.
:return: The cached authentication information, if available.
"""
with CachedV3Password._CACHE_LOCK.read_lock():
return CachedV3Password._CACHE.get(self.auth_url)
def _update_cache(self, access_info: access.AccessInfoV3) -> None:
"""Update the cache with new auth info.
:param access_info: The access information to cache.
"""
with CachedV3Password._CACHE_LOCK.write_lock():
# pylint: disable=protected-access
CachedV3Password._CACHE[self.auth_url] = (
access_info._data,
access_info._auth_token,
)
def _remove_from_cache(self) -> Optional[tuple[dict, str]]:
"""Remove the auth info for the current auth_url from the cache."""
with CachedV3Password._CACHE_LOCK.write_lock():
return CachedV3Password._CACHE.pop(self.auth_url, None)
def get_auth_ref(self, _session: session.Session, **kwargs) -> access.AccessInfoV3:
"""Get the authentication reference, using the cache if possible.
This method first checks the cache for a valid token. If found and not
expiring soon, it returns the cached token. Otherwise, it requests a new
token from the auth server and updates the cache.
:param session: The session to use for authentication.
:param kwargs: Additional keyword arguments passed to the parent method.
:return: The authentication reference.
"""
cached_data = self._get_from_cache()
if cached_data and not utils.is_token_expiring_soon(cached_data[0]["token"]):
LOG.debug("Reuse cached token for %s", self.auth_url)
return access.AccessInfoV3(*cached_data)
# If not in cache or expired, fetch new token and update cache
LOG.debug("Getting a new token from %s", self.auth_url)
new_access_info = super().get_auth_ref(_session, **kwargs)
self._update_cache(new_access_info)
return new_access_info
def invalidate(self) -> bool:
"""Remove token from cache when the parent invalidate method is called.
This method is called by the session when a request returns a 401 (Unauthorized)
:return: The result of the parent invalidate method.
"""
LOG.debug("Invalidating token for %s", self.auth_url)
self._remove_from_cache()
return super().invalidate()
class EndpointCache(object): class EndpointCache(object):
"""Cache for storing endpoint information. """Cache for storing endpoint information.
@ -196,7 +311,7 @@ class EndpointCache(object):
:rtype: session.Session :rtype: session.Session
""" """
user_auth = v3.Password( user_auth = CachedV3Password(
auth_url=auth_url, auth_url=auth_url,
username=user_name, username=user_name,
user_domain_name=user_domain_name, user_domain_name=user_domain_name,
@ -215,12 +330,18 @@ class EndpointCache(object):
CONF.endpoint_cache.http_connect_timeout if timeout is None else timeout CONF.endpoint_cache.http_connect_timeout if timeout is None else timeout
) )
return session.Session( ks_session = session.Session(
auth=user_auth, auth=user_auth,
additional_headers=consts.USER_HEADER, additional_headers=consts.USER_HEADER,
timeout=(discovery_timeout, read_timeout), timeout=(discovery_timeout, read_timeout),
) )
# Mount the custom adapters
ks_session.session.mount("http://", TCPKeepAliveSingleConnectionAdapter())
ks_session.session.mount("https://", TCPKeepAliveSingleConnectionAdapter())
return ks_session
@staticmethod @staticmethod
def _is_central_cloud(region_name: str) -> bool: def _is_central_cloud(region_name: str) -> bool:
"""Check if the region is a central cloud. """Check if the region is a central cloud.
@ -287,7 +408,7 @@ class EndpointCache(object):
return endpoint return endpoint
@lockutils.synchronized(LOCK_NAME) @lockutils.synchronized(LOCK_NAME)
def get_all_regions(self) -> List[str]: def get_all_regions(self) -> list[str]:
"""Get region list. """Get region list.
return: List of regions return: List of regions
@ -382,7 +503,7 @@ class EndpointCache(object):
@lockutils.synchronized(LOCK_NAME) @lockutils.synchronized(LOCK_NAME)
def get_cached_master_keystone_client_and_region_endpoint_map( def get_cached_master_keystone_client_and_region_endpoint_map(
self, region_name: str self, region_name: str
) -> Tuple[ks_client.Client, dict]: ) -> tuple[ks_client.Client, dict]:
"""Get the cached master Keystone client and region endpoint map. """Get the cached master Keystone client and region endpoint map.
:param region_name: The name of the region. :param region_name: The name of the region.

View File

@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
# #
import os from io import BytesIO
import uuid import uuid
import yaml import yaml
@ -62,342 +62,181 @@ class TestDcmanagerClient(base.DCCommonTestCase):
def setUp(self): def setUp(self):
super(TestDcmanagerClient, self).setUp() super(TestDcmanagerClient, self).setUp()
@mock.patch("requests.get") self.mock_response = mock.MagicMock()
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__") self.mock_response.status_code = 200
def test_get_subcloud(self, mock_client_init, mock_get): self.mock_response.json.return_value = FAKE_SUBCLOUD_PEER_GROUP_DATA
mock_response = mock.MagicMock()
mock_response.status_code = 200
mock_response.json.return_value = FAKE_SUBCLOUD_DATA
mock_get.return_value = mock_response
mock_client_init.return_value = None self.mock_session = mock.MagicMock()
client = dcmanager_v1.DcmanagerClient(
dccommon_consts.SYSTEM_CONTROLLER_NAME, None self.client = dcmanager_v1.DcmanagerClient(
dccommon_consts.SYSTEM_CONTROLLER_NAME,
session=self.mock_session,
timeout=FAKE_TIMEOUT,
endpoint=FAKE_ENDPOINT,
) )
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
actual_subcloud = client.get_subcloud(SUBCLOUD_NAME) def test_get_subcloud(self):
self.mock_response.json.return_value = FAKE_SUBCLOUD_DATA
self.mock_session.get.return_value = self.mock_response
actual_subcloud = self.client.get_subcloud(SUBCLOUD_NAME)
self.assertEqual(SUBCLOUD_NAME, actual_subcloud.get("name")) self.assertEqual(SUBCLOUD_NAME, actual_subcloud.get("name"))
@mock.patch("requests.get") def test_get_subcloud_not_found(self):
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__") self.mock_response.status_code = 404
def test_get_subcloud_not_found(self, mock_client_init, mock_get): self.mock_response.text = "Subcloud not found"
mock_response = mock.MagicMock() self.mock_session.get.return_value = self.mock_response
mock_response.status_code = 404
mock_response.text = "Subcloud not found"
mock_get.return_value = mock_response
mock_client_init.return_value = None
client = dcmanager_v1.DcmanagerClient(
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
self.assertRaises( self.assertRaises(
dccommon_exceptions.SubcloudNotFound, client.get_subcloud, SUBCLOUD_NAME dccommon_exceptions.SubcloudNotFound,
self.client.get_subcloud,
SUBCLOUD_NAME,
) )
@mock.patch("requests.get") def test_get_subcloud_list(self):
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__") self.mock_response.status_code = 200
def test_get_subcloud_list(self, mock_client_init, mock_get): self.mock_response.json.return_value = {"subclouds": [FAKE_SUBCLOUD_DATA]}
mock_response = mock.MagicMock() self.mock_session.get.return_value = self.mock_response
mock_response.status_code = 200
mock_response.json.return_value = {"subclouds": [FAKE_SUBCLOUD_DATA]}
mock_get.return_value = mock_response
mock_client_init.return_value = None actual_subclouds = self.client.get_subcloud_list()
client = dcmanager_v1.DcmanagerClient(
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
actual_subclouds = client.get_subcloud_list()
self.assertEqual(1, len(actual_subclouds)) self.assertEqual(1, len(actual_subclouds))
self.assertEqual(SUBCLOUD_NAME, actual_subclouds[0].get("name")) self.assertEqual(SUBCLOUD_NAME, actual_subclouds[0].get("name"))
@mock.patch("requests.get") def test_get_subcloud_group_list(self):
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__") self.mock_response.status_code = 200
def test_get_subcloud_group_list(self, mock_client_init, mock_get): self.mock_response.json.return_value = {
mock_response = mock.MagicMock()
mock_response.status_code = 200
mock_response.json.return_value = {
"subcloud_groups": [{"name": SUBCLOUD_GROUP_NAME}] "subcloud_groups": [{"name": SUBCLOUD_GROUP_NAME}]
} }
mock_get.return_value = mock_response self.mock_session.get.return_value = self.mock_response
mock_client_init.return_value = None actual_subcloud_groups = self.client.get_subcloud_group_list()
client = dcmanager_v1.DcmanagerClient( self.assertListEqual(actual_subcloud_groups, [{"name": SUBCLOUD_GROUP_NAME}])
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
actual_subcloud_groups = client.get_subcloud_group_list() def test_get_subcloud_peer_group_list(self):
self.assertEqual(1, len(actual_subcloud_groups)) self.mock_response.status_code = 200
self.assertEqual(SUBCLOUD_GROUP_NAME, actual_subcloud_groups[0].get("name")) self.mock_response.json.return_value = {
@mock.patch("requests.get")
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__")
def test_get_subcloud_peer_group_list(self, mock_client_init, mock_get):
mock_response = mock.MagicMock()
mock_response.status_code = 200
mock_response.json.return_value = {
"subcloud_peer_groups": [FAKE_SUBCLOUD_PEER_GROUP_DATA] "subcloud_peer_groups": [FAKE_SUBCLOUD_PEER_GROUP_DATA]
} }
mock_get.return_value = mock_response self.mock_session.get.return_value = self.mock_response
mock_client_init.return_value = None actual_peer_group = self.client.get_subcloud_peer_group_list()
client = dcmanager_v1.DcmanagerClient( self.assertListEqual(actual_peer_group, [FAKE_SUBCLOUD_PEER_GROUP_DATA])
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
actual_peer_group = client.get_subcloud_peer_group_list() def test_get_subcloud_peer_group(self):
self.assertEqual(1, len(actual_peer_group)) self.mock_response.status_code = 200
self.assertEqual( self.mock_response.json.return_value = FAKE_SUBCLOUD_PEER_GROUP_DATA
SUBCLOUD_PEER_GROUP_NAME, actual_peer_group[0].get("peer-group-name") self.mock_session.get.return_value = self.mock_response
)
@mock.patch("requests.get") actual_peer_group = self.client.get_subcloud_peer_group(
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__")
def test_get_subcloud_peer_group(self, mock_client_init, mock_get):
mock_response = mock.MagicMock()
mock_response.status_code = 200
mock_response.json.return_value = FAKE_SUBCLOUD_PEER_GROUP_DATA
mock_get.return_value = mock_response
mock_client_init.return_value = None
client = dcmanager_v1.DcmanagerClient(
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
actual_peer_group = client.get_subcloud_peer_group(SUBCLOUD_PEER_GROUP_NAME)
self.assertEqual(
SUBCLOUD_PEER_GROUP_NAME, actual_peer_group.get("peer-group-name")
)
@mock.patch("requests.get")
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__")
def test_get_subcloud_peer_group_not_found(self, mock_client_init, mock_get):
mock_response = mock.MagicMock()
mock_response.status_code = 404
mock_response.text = "Subcloud Peer Group not found"
mock_get.return_value = mock_response
mock_client_init.return_value = None
client = dcmanager_v1.DcmanagerClient(
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
self.assertRaises(
dccommon_exceptions.SubcloudPeerGroupNotFound,
client.get_subcloud_peer_group,
SUBCLOUD_PEER_GROUP_NAME,
)
@mock.patch("requests.get")
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__")
def test_get_subcloud_list_by_peer_group(self, mock_client_init, mock_get):
mock_response = mock.MagicMock()
mock_response.status_code = 200
mock_response.json.return_value = {"subclouds": [FAKE_SUBCLOUD_DATA]}
mock_get.return_value = mock_response
mock_client_init.return_value = None
client = dcmanager_v1.DcmanagerClient(
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
actual_subclouds = client.get_subcloud_list_by_peer_group(
SUBCLOUD_PEER_GROUP_NAME SUBCLOUD_PEER_GROUP_NAME
) )
self.assertEqual(1, len(actual_subclouds)) self.assertDictEqual(actual_peer_group, FAKE_SUBCLOUD_PEER_GROUP_DATA)
self.assertEqual(SUBCLOUD_NAME, actual_subclouds[0].get("name"))
@mock.patch("requests.get") def test_get_subcloud_peer_group_not_found(self):
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__") self.mock_response.status_code = 404
def test_get_subcloud_list_by_peer_group_not_found( self.mock_response.text = "Subcloud Peer Group not found"
self, mock_client_init, mock_get self.mock_session.get.return_value = self.mock_response
):
mock_response = mock.MagicMock()
mock_response.status_code = 404
mock_response.text = "Subcloud Peer Group not found"
mock_get.return_value = mock_response
mock_client_init.return_value = None
client = dcmanager_v1.DcmanagerClient(
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
self.assertRaises( self.assertRaises(
dccommon_exceptions.SubcloudPeerGroupNotFound, dccommon_exceptions.SubcloudPeerGroupNotFound,
client.get_subcloud_list_by_peer_group, self.client.get_subcloud_peer_group,
SUBCLOUD_PEER_GROUP_NAME, SUBCLOUD_PEER_GROUP_NAME,
) )
@mock.patch("requests.post") def test_get_subcloud_list_by_peer_group(self):
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__") self.mock_response.status_code = 200
def test_add_subcloud_peer_group(self, mock_client_init, mock_post): self.mock_response.json.return_value = {"subclouds": [FAKE_SUBCLOUD_DATA]}
self.mock_session.get.return_value = self.mock_response
actual_subclouds = self.client.get_subcloud_list_by_peer_group(
SUBCLOUD_PEER_GROUP_NAME
)
self.assertListEqual(actual_subclouds, [FAKE_SUBCLOUD_DATA])
def test_get_subcloud_list_by_peer_group_not_found(self):
self.mock_response.status_code = 404
self.mock_response.text = "Subcloud Peer Group not found"
self.mock_session.get.return_value = self.mock_response
self.assertRaises(
dccommon_exceptions.SubcloudPeerGroupNotFound,
self.client.get_subcloud_list_by_peer_group,
SUBCLOUD_PEER_GROUP_NAME,
)
def test_add_subcloud_peer_group(self):
peer_group_kwargs = {"peer-group-name": SUBCLOUD_PEER_GROUP_NAME} peer_group_kwargs = {"peer-group-name": SUBCLOUD_PEER_GROUP_NAME}
mock_response = mock.MagicMock() self.mock_response.status_code = 200
mock_response.status_code = 200 self.mock_response.json.return_value = FAKE_SUBCLOUD_PEER_GROUP_DATA
mock_response.json.return_value = FAKE_SUBCLOUD_PEER_GROUP_DATA self.mock_session.post.return_value = self.mock_response
mock_post.return_value = mock_response
mock_client_init.return_value = None actual_peer_group = self.client.add_subcloud_peer_group(**peer_group_kwargs)
client = dcmanager_v1.DcmanagerClient( self.assertDictEqual(actual_peer_group, FAKE_SUBCLOUD_PEER_GROUP_DATA)
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
actual_peer_group = client.add_subcloud_peer_group(**peer_group_kwargs) @mock.patch("builtins.open", new_callable=mock.mock_open)
self.assertEqual( def test_add_subcloud_with_secondary_status(self, mock_open):
SUBCLOUD_PEER_GROUP_NAME, actual_peer_group.get("peer-group-name") self.mock_response.status_code = 200
) self.mock_response.json.return_value = FAKE_SUBCLOUD_DATA
self.mock_session.post.return_value = self.mock_response
@mock.patch("requests.post") # Mock the file content to be returned when reading
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__") yaml_data = yaml.dump(FAKE_SUBCLOUD_DATA).encode("utf-8")
def test_add_subcloud_with_secondary_status(self, mock_client_init, mock_post): mock_open.return_value = BytesIO(yaml_data)
mock_response = mock.MagicMock()
mock_response.status_code = 200
mock_response.json.return_value = FAKE_SUBCLOUD_DATA
mock_post.return_value = mock_response
mock_client_init.return_value = None
client = dcmanager_v1.DcmanagerClient(
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
# create the cache file for subcloud create
yaml_data = yaml.dump(FAKE_SUBCLOUD_DATA)
with open(SUBCLOUD_BOOTSTRAP_VALUE_PATH, "w") as file:
file.write(yaml_data)
subcloud_kwargs = { subcloud_kwargs = {
"data": {"bootstrap-address": SUBCLOUD_BOOTSTRAP_ADDRESS}, "data": {"bootstrap-address": SUBCLOUD_BOOTSTRAP_ADDRESS},
"files": {"bootstrap_values": SUBCLOUD_BOOTSTRAP_VALUE_PATH}, "files": {"bootstrap_values": SUBCLOUD_BOOTSTRAP_VALUE_PATH},
} }
actual_subcloud = client.add_subcloud_with_secondary_status(**subcloud_kwargs) actual_subcloud = self.client.add_subcloud_with_secondary_status(
self.assertEqual(SUBCLOUD_NAME, actual_subcloud.get("name")) **subcloud_kwargs
# purge the cache file
os.remove(SUBCLOUD_BOOTSTRAP_VALUE_PATH)
@mock.patch("requests.delete")
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__")
def test_delete_subcloud_peer_group(self, mock_client_init, mock_delete):
mock_response = mock.MagicMock()
mock_response.status_code = 200
mock_response.json.return_value = ""
mock_delete.return_value = mock_response
mock_client_init.return_value = None
client = dcmanager_v1.DcmanagerClient(
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
) )
client.endpoint = FAKE_ENDPOINT self.assertDictEqual(actual_subcloud, FAKE_SUBCLOUD_DATA)
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
result = client.delete_subcloud_peer_group(SUBCLOUD_PEER_GROUP_NAME) def test_delete_subcloud_peer_group(self):
mock_delete.assert_called_once_with( self.mock_response.status_code = 200
self.mock_response.json.return_value = ""
self.mock_session.delete.return_value = self.mock_response
result = self.client.delete_subcloud_peer_group(SUBCLOUD_PEER_GROUP_NAME)
self.mock_session.delete.assert_called_once_with(
FAKE_ENDPOINT + "/subcloud-peer-groups/" + SUBCLOUD_PEER_GROUP_NAME, FAKE_ENDPOINT + "/subcloud-peer-groups/" + SUBCLOUD_PEER_GROUP_NAME,
headers={"X-Auth-Token": FAKE_TOKEN},
timeout=FAKE_TIMEOUT, timeout=FAKE_TIMEOUT,
raise_exc=False,
) )
self.assertEqual(result, "") self.assertEqual(result, "")
@mock.patch("requests.delete") def test_delete_subcloud_peer_group_not_found(self):
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__") self.mock_response.status_code = 404
def test_delete_subcloud_peer_group_not_found(self, mock_client_init, mock_delete): self.mock_response.text = "Subcloud Peer Group not found"
mock_response = mock.MagicMock() self.mock_session.delete.return_value = self.mock_response
mock_response.status_code = 404
mock_response.text = "Subcloud Peer Group not found"
mock_delete.return_value = mock_response
mock_client_init.return_value = None
client = dcmanager_v1.DcmanagerClient(
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
self.assertRaises( self.assertRaises(
dccommon_exceptions.SubcloudPeerGroupNotFound, dccommon_exceptions.SubcloudPeerGroupNotFound,
client.delete_subcloud_peer_group, self.client.delete_subcloud_peer_group,
SUBCLOUD_PEER_GROUP_NAME, SUBCLOUD_PEER_GROUP_NAME,
) )
@mock.patch("requests.delete") def test_delete_subcloud(self):
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__") self.mock_response.status_code = 200
def test_delete_subcloud(self, mock_client_init, mock_delete): self.mock_response.json.return_value = ""
mock_response = mock.MagicMock() self.mock_session.delete.return_value = self.mock_response
mock_response.status_code = 200
mock_response.json.return_value = ""
mock_delete.return_value = mock_response
mock_client_init.return_value = None result = self.client.delete_subcloud(SUBCLOUD_NAME)
client = dcmanager_v1.DcmanagerClient( self.mock_session.delete.assert_called_once_with(
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
result = client.delete_subcloud(SUBCLOUD_NAME)
mock_delete.assert_called_once_with(
FAKE_ENDPOINT + "/subclouds/" + SUBCLOUD_NAME, FAKE_ENDPOINT + "/subclouds/" + SUBCLOUD_NAME,
headers={
"X-Auth-Token": FAKE_TOKEN,
"User-Agent": dccommon_consts.DCMANAGER_V1_HTTP_AGENT,
},
timeout=FAKE_TIMEOUT, timeout=FAKE_TIMEOUT,
user_agent=dccommon_consts.DCMANAGER_V1_HTTP_AGENT,
raise_exc=False,
) )
self.assertEqual(result, "") self.assertEqual(result, "")
@mock.patch("requests.delete") def test_delete_subcloud_not_found(self):
@mock.patch.object(dcmanager_v1.DcmanagerClient, "__init__") self.mock_response.status_code = 404
def test_delete_subcloud_not_found(self, mock_client_init, mock_delete): self.mock_response.text = "Subcloud not found"
mock_response = mock.MagicMock() self.mock_session.delete.return_value = self.mock_response
mock_response.status_code = 404
mock_response.text = "Subcloud not found"
mock_delete.return_value = mock_response
mock_client_init.return_value = None
client = dcmanager_v1.DcmanagerClient(
dccommon_consts.SYSTEM_CONTROLLER_NAME, None
)
client.endpoint = FAKE_ENDPOINT
client.token = FAKE_TOKEN
client.timeout = FAKE_TIMEOUT
self.assertRaises( self.assertRaises(
dccommon_exceptions.SubcloudNotFound, client.delete_subcloud, SUBCLOUD_NAME dccommon_exceptions.SubcloudNotFound,
self.client.delete_subcloud,
SUBCLOUD_NAME,
) )

View File

@ -79,13 +79,13 @@ URLS = ["/deploy", "/commit_patch"]
def mocked_requests_success(*args, **kwargs): def mocked_requests_success(*args, **kwargs):
response_content = None response_content = None
if args[0].endswith("/release"): if kwargs["url"].endswith("/release"):
response_content = json.dumps(LIST_RESPONSE) response_content = json.dumps(LIST_RESPONSE)
elif args[0].endswith("/release/DC.1"): elif kwargs["url"].endswith("/release/DC.1"):
response_content = json.dumps(SHOW_RESPONSE) response_content = json.dumps(SHOW_RESPONSE)
elif args[0].endswith("/release/DC.1/DC.2"): elif kwargs["url"].endswith("/release/DC.1/DC.2"):
response_content = json.dumps(INFO_RESPONSE) response_content = json.dumps(INFO_RESPONSE)
elif any([url in args[0] for url in URLS]): elif any([url in kwargs["url"] for url in URLS]):
response_content = json.dumps(INFO_RESPONSE) response_content = json.dumps(INFO_RESPONSE)
response = requests.Response() response = requests.Response()
response.status_code = 200 response.status_code = 200
@ -108,66 +108,65 @@ class TestSoftwareClient(base.DCCommonTestCase):
self.ctx = utils.dummy_context() self.ctx = utils.dummy_context()
self.session = mock.MagicMock() self.session = mock.MagicMock()
self.software_client = SoftwareClient( self.software_client = SoftwareClient(
session=mock.MagicMock(), session=mock.MagicMock(), endpoint=FAKE_ENDPOINT, token="TOKEN"
endpoint=FAKE_ENDPOINT,
) )
@mock.patch("requests.get") @mock.patch("requests.request")
def test_list_success(self, mock_get): def test_list_success(self, mock_request):
mock_get.side_effect = mocked_requests_success mock_request.side_effect = mocked_requests_success
response = self.software_client.list() response = self.software_client.list()
self.assertEqual(response, CLIENT_LIST_RESPONSE) self.assertEqual(response, CLIENT_LIST_RESPONSE)
@mock.patch("requests.get") @mock.patch("requests.request")
def test_list_failure(self, mock_get): def test_list_failure(self, mock_request):
mock_get.side_effect = mocked_requests_failure mock_request.side_effect = mocked_requests_failure
exc = self.assertRaises(exceptions.ApiException, self.software_client.list) exc = self.assertRaises(exceptions.ApiException, self.software_client.list)
self.assertTrue("List failed with status code: 500" in str(exc)) self.assertIn("List failed with status code: 500", str(exc))
@mock.patch("requests.get") @mock.patch("requests.request")
def test_show_success(self, mock_get): def test_show_success(self, mock_request):
mock_get.side_effect = mocked_requests_success mock_request.side_effect = mocked_requests_success
release = "DC.1" release = "DC.1"
response = self.software_client.show(release) response = self.software_client.show(release)
self.assertEqual(response, SHOW_RESPONSE) self.assertEqual(response, SHOW_RESPONSE)
@mock.patch("requests.get") @mock.patch("requests.request")
def test_show_failure(self, mock_get): def test_show_failure(self, mock_request):
mock_get.side_effect = mocked_requests_failure mock_request.side_effect = mocked_requests_failure
release = "DC.1" release = "DC.1"
exc = self.assertRaises( exc = self.assertRaises(
exceptions.ApiException, self.software_client.show, release exceptions.ApiException, self.software_client.show, release
) )
self.assertTrue("Show failed with status code: 500" in str(exc)) self.assertIn("Show failed with status code: 500", str(exc))
@mock.patch("requests.delete") @mock.patch("requests.request")
def test_delete_success(self, mock_delete): def test_delete_success(self, mock_request):
mock_delete.side_effect = mocked_requests_success mock_request.side_effect = mocked_requests_success
releases = ["DC.1", "DC.2"] releases = ["DC.1", "DC.2"]
response = self.software_client.delete(releases) response = self.software_client.delete(releases)
self.assertEqual(response, INFO_RESPONSE) self.assertEqual(response, INFO_RESPONSE)
@mock.patch("requests.delete") @mock.patch("requests.request")
def test_delete_failure(self, mock_delete): def test_delete_failure(self, mock_request):
mock_delete.side_effect = mocked_requests_failure mock_request.side_effect = mocked_requests_failure
releases = ["DC.1", "DC.2"] releases = ["DC.1", "DC.2"]
exc = self.assertRaises( exc = self.assertRaises(
exceptions.ApiException, self.software_client.delete, releases exceptions.ApiException, self.software_client.delete, releases
) )
self.assertTrue("Delete failed with status code: 500" in str(exc)) self.assertIn("Delete failed with status code: 500", str(exc))
@mock.patch("requests.post") @mock.patch("requests.request")
def test_commit_patch_success(self, mock_post): def test_commit_patch_success(self, mock_request):
mock_post.side_effect = mocked_requests_success mock_request.side_effect = mocked_requests_success
releases = ["DC.1", "DC.2"] releases = ["DC.1", "DC.2"]
response = self.software_client.commit_patch(releases) response = self.software_client.commit_patch(releases)
self.assertEqual(response, INFO_RESPONSE) self.assertEqual(response, INFO_RESPONSE)
@mock.patch("requests.post") @mock.patch("requests.request")
def test_commit_patch_failure(self, mock_post): def test_commit_patch_failure(self, mock_request):
mock_post.side_effect = mocked_requests_failure mock_request.side_effect = mocked_requests_failure
releases = ["DC.1", "DC.2"] releases = ["DC.1", "DC.2"]
exc = self.assertRaises( exc = self.assertRaises(
exceptions.ApiException, self.software_client.commit_patch, releases exceptions.ApiException, self.software_client.commit_patch, releases
) )
self.assertTrue("Commit patch failed with status code: 500" in str(exc)) self.assertIn("Commit patch failed with status code: 500", str(exc))

View File

@ -17,11 +17,14 @@
import collections import collections
import copy import copy
import netaddr import threading
import time
from keystoneauth1 import access
from keystoneclient.v3 import services from keystoneclient.v3 import services
from keystoneclient.v3 import tokens from keystoneclient.v3 import tokens
import mock import mock
import netaddr
from oslo_config import cfg from oslo_config import cfg
from dccommon import endpoint_cache from dccommon import endpoint_cache
@ -77,10 +80,12 @@ FAKE_SERVICES_LIST = [
FakeService(7, "dcorch", "dcorch", True), FakeService(7, "dcorch", "dcorch", True),
] ]
FAKE_AUTH_URL = "http://fake.auth/url"
class EndpointCacheTest(base.DCCommonTestCase): class EndpointCacheTest(base.DCCommonTestCase):
def setUp(self): def setUp(self):
super(EndpointCacheTest, self).setUp() super().setUp()
auth_uri_opts = [ auth_uri_opts = [
cfg.StrOpt("auth_uri", default="fake_auth_uri"), cfg.StrOpt("auth_uri", default="fake_auth_uri"),
cfg.StrOpt("username", default="fake_user"), cfg.StrOpt("username", default="fake_user"),
@ -231,3 +236,123 @@ class EndpointCacheTest(base.DCCommonTestCase):
expected_endpoints = {} expected_endpoints = {}
actual_endpoints = utils.build_subcloud_endpoints(empty_ips) actual_endpoints = utils.build_subcloud_endpoints(empty_ips)
self.assertEqual(expected_endpoints, actual_endpoints) self.assertEqual(expected_endpoints, actual_endpoints)
class TestBoundedFIFOCache(base.DCCommonTestCase):
def setUp(self):
# pylint: disable=protected-access
super().setUp()
self.cache = endpoint_cache.BoundedFIFOCache()
self.cache._maxsize = 3 # Set a small max size for testing
def test_insertion_and_order(self):
self.cache["a"] = 1
self.cache["b"] = 2
self.cache["c"] = 3
self.assertEqual(list(self.cache.keys()), ["a", "b", "c"])
def test_max_size_limit(self):
self.cache["a"] = 1
self.cache["b"] = 2
self.cache["c"] = 3
self.cache["d"] = 4
self.assertEqual(len(self.cache), 3)
self.assertEqual(list(self.cache.keys()), ["b", "c", "d"])
def test_update_existing_key(self):
self.cache["a"] = 1
self.cache["b"] = 2
self.cache["a"] = 3
self.assertEqual(list(self.cache.keys()), ["b", "a"])
self.assertEqual(self.cache["a"], 3)
class TestCachedV3Password(base.DCCommonTestCase):
# pylint: disable=protected-access
def setUp(self):
super().setUp()
self.auth = endpoint_cache.CachedV3Password(auth_url=FAKE_AUTH_URL)
endpoint_cache.CachedV3Password._CACHE.clear()
# Set a maxsize value so it doesn't try to read from the config file
endpoint_cache.CachedV3Password._CACHE._maxsize = 50
mock_get_auth_ref_object = mock.patch("endpoint_cache.v3.Password.get_auth_ref")
self.mock_parent_get_auth_ref = mock_get_auth_ref_object.start()
self.addCleanup(mock_get_auth_ref_object.stop)
@mock.patch("endpoint_cache.utils.is_token_expiring_soon")
def test_get_auth_ref_cached(self, mock_is_expiring):
mock_is_expiring.return_value = False
mock_session = mock.MagicMock()
# Simulate a cached token
cached_data = ({"token": "fake_token"}, "auth_token")
self.auth._CACHE[FAKE_AUTH_URL] = cached_data
result = self.auth.get_auth_ref(mock_session)
self.assertIsInstance(result, access.AccessInfoV3)
self.assertEqual(result._auth_token, "auth_token")
# Ensure we didn't call the parent method
self.mock_parent_get_auth_ref.assert_not_called()
def test_get_auth_ref_new_token(self):
mock_session = mock.MagicMock()
mock_access_info = mock.MagicMock(spec=access.AccessInfoV3)
mock_access_info._data = {"token": "new_token"}
mock_access_info._auth_token = "new_auth_token"
self.mock_parent_get_auth_ref.return_value = mock_access_info
result = self.auth.get_auth_ref(mock_session)
self.assertEqual(result, mock_access_info)
self.mock_parent_get_auth_ref.assert_called_once_with(mock_session)
self.assertEqual(
self.auth._CACHE[FAKE_AUTH_URL],
(mock_access_info._data, mock_access_info._auth_token),
)
def test_get_auth_concurrent_access(self):
auth_obj_list = [
endpoint_cache.CachedV3Password(auth_url=f"{FAKE_AUTH_URL}/{i}")
for i in range(1, 51)
]
call_count = 0
generated_tokens = []
def mock_get_auth_ref(_, **__):
nonlocal call_count, generated_tokens
time.sleep(0.1) # Simulate network delay
call_count += 1
token = f"auth_token_{call_count}"
generated_tokens.append(token)
return access.AccessInfoV3({"token": token}, token)
self.mock_parent_get_auth_ref.side_effect = mock_get_auth_ref
threads = [
threading.Thread(target=auth.get_auth_ref, args=(None,))
for auth in auth_obj_list
]
for t in threads:
t.start()
for t in threads:
t.join()
# All URLs should have generated their own tokens
self.assertEqual(len(endpoint_cache.CachedV3Password._CACHE), 50)
cached_tokens = [v[1] for v in endpoint_cache.CachedV3Password._CACHE.values()]
self.assertCountEqual(generated_tokens, cached_tokens)
self.assertEqual(self.mock_parent_get_auth_ref.call_count, 50)
@mock.patch("endpoint_cache.v3.Password.invalidate")
def test_invalidate(self, mock_parent_invalidate):
# Set up a fake cached token
self.auth._CACHE[FAKE_AUTH_URL] = ({"token": "fake_token"}, "auth_token")
self.auth.invalidate()
self.assertNotIn(FAKE_AUTH_URL, self.auth._CACHE)
mock_parent_invalidate.assert_called_once()

View File

@ -24,6 +24,8 @@ import logging
import os import os
import requests import requests
from keystoneauth1 import exceptions as ks_exceptions
from keystoneauth1 import session as ks_session
from oslo_utils import importutils from oslo_utils import importutils
from dcdbsync.dbsyncclient import exceptions from dcdbsync.dbsyncclient import exceptions
@ -52,6 +54,7 @@ class HTTPClient(object):
cacert=None, cacert=None,
insecure=False, insecure=False,
request_timeout=None, request_timeout=None,
session=None,
): ):
self.base_url = base_url self.base_url = base_url
self.token = token self.token = token
@ -59,6 +62,7 @@ class HTTPClient(object):
self.user_id = user_id self.user_id = user_id
self.ssl_options = {} self.ssl_options = {}
self.request_timeout = request_timeout self.request_timeout = request_timeout
self.session: ks_session.Session = session
if self.base_url.startswith("https"): if self.base_url.startswith("https"):
if cacert and not os.path.exists(cacert): if cacert and not os.path.exists(cacert):
@ -72,95 +76,73 @@ class HTTPClient(object):
self.ssl_options["verify"] = not insecure self.ssl_options["verify"] = not insecure
self.ssl_options["cert"] = cacert self.ssl_options["cert"] = cacert
def request(self, url: str, method: str, data=None, **kwargs):
"""Request directly if session is not passed, otherwise use the session"""
try:
if self.session:
return self.session.request(
url,
method=method,
data=data,
timeout=self.request_timeout,
raise_exc=False,
**kwargs,
)
return requests.request(
method=method,
url=url,
data=data,
timeout=self.request_timeout,
**kwargs,
)
except (
requests.exceptions.Timeout,
ks_exceptions.ConnectTimeout,
) as e:
msg = f"Request to {url} timed out"
raise exceptions.ConnectTimeout(msg) from e
except (
requests.exceptions.ConnectionError,
ks_exceptions.ConnectionError,
) as e:
msg = f"Unable to establish connection to {url}: {e}"
raise exceptions.ConnectFailure(msg) from e
except (
requests.exceptions.RequestException,
ks_exceptions.ClientException,
) as e:
msg = f"Unexpected exception for {url}: {e}"
raise exceptions.UnknownConnectionError(msg) from e
@log_request @log_request
def get(self, url, headers=None): def get(self, url, headers=None):
options = self._get_request_options("get", headers) options = self._get_request_options("get", headers)
try:
url = self.base_url + url url = self.base_url + url
timeout = self.request_timeout return self.request(url, "GET", **options)
return requests.get(url, timeout=timeout, **options)
except requests.exceptions.Timeout:
msg = "Request to %s timed out" % url
raise exceptions.ConnectTimeout(msg)
except requests.exceptions.ConnectionError as e:
msg = "Unable to establish connection to %s: %s" % (url, e)
raise exceptions.ConnectFailure(msg)
except requests.exceptions.RequestException as e:
msg = "Unexpected exception for %s: %s" % (url, e)
raise exceptions.UnknownConnectionError(msg)
@log_request @log_request
def post(self, url, body, headers=None): def post(self, url, body, headers=None):
options = self._get_request_options("post", headers) options = self._get_request_options("post", headers)
try:
url = self.base_url + url url = self.base_url + url
timeout = self.request_timeout return self.request(url, "POST", data=body, **options)
return requests.post(url, body, timeout=timeout, **options)
except requests.exceptions.Timeout:
msg = "Request to %s timed out" % url
raise exceptions.ConnectTimeout(msg)
except requests.exceptions.ConnectionError as e:
msg = "Unable to establish connection to %s: %s" % (url, e)
raise exceptions.ConnectFailure(msg)
except requests.exceptions.RequestException as e:
msg = "Unexpected exception for %s: %s" % (url, e)
raise exceptions.UnknownConnectionError(msg)
@log_request @log_request
def put(self, url, body, headers=None): def put(self, url, body, headers=None):
options = self._get_request_options("put", headers) options = self._get_request_options("put", headers)
try:
url = self.base_url + url url = self.base_url + url
timeout = self.request_timeout return self.request(url, "PUT", data=body, **options)
return requests.put(url, body, timeout=timeout, **options)
except requests.exceptions.Timeout:
msg = "Request to %s timed out" % url
raise exceptions.ConnectTimeout(msg)
except requests.exceptions.ConnectionError as e:
msg = "Unable to establish connection to %s: %s" % (url, e)
raise exceptions.ConnectFailure(msg)
except requests.exceptions.RequestException as e:
msg = "Unexpected exception for %s: %s" % (url, e)
raise exceptions.UnknownConnectionError(msg)
@log_request @log_request
def patch(self, url, body, headers=None): def patch(self, url, body, headers=None):
options = self._get_request_options("patch", headers) options = self._get_request_options("patch", headers)
try:
url = self.base_url + url url = self.base_url + url
timeout = self.request_timeout return self.request(url, "PATCH", data=body, **options)
return requests.patch(url, body, timeout=timeout, **options)
except requests.exceptions.Timeout:
msg = "Request to %s timed out" % url
raise exceptions.ConnectTimeout(msg)
except requests.exceptions.ConnectionError as e:
msg = "Unable to establish connection to %s: %s" % (url, e)
raise exceptions.ConnectFailure(msg)
except requests.exceptions.RequestException as e:
msg = "Unexpected exception for %s: %s" % (url, e)
raise exceptions.UnknownConnectionError(msg)
@log_request @log_request
def delete(self, url, headers=None): def delete(self, url, headers=None):
options = self._get_request_options("delete", headers) options = self._get_request_options("delete", headers)
try:
url = self.base_url + url url = self.base_url + url
timeout = self.request_timeout return self.request(url, "DELETE", **options)
return requests.delete(url, timeout=timeout, **options)
except requests.exceptions.Timeout:
msg = "Request to %s timed out" % url
raise exceptions.ConnectTimeout(msg)
except requests.exceptions.ConnectionError as e:
msg = "Unable to establish connection to %s: %s" % (url, e)
raise exceptions.ConnectFailure(msg)
except requests.exceptions.RequestException as e:
msg = "Unexpected exception for %s: %s" % (url, e)
raise exceptions.UnknownConnectionError(msg)
def _get_request_options(self, method, headers): def _get_request_options(self, method, headers):
headers = self._update_headers(headers) headers = self._update_headers(headers)
@ -178,6 +160,8 @@ class HTTPClient(object):
if not headers: if not headers:
headers = {} headers = {}
# If the session exists, let it handle the token
if not self.session:
token = headers.get("x-auth-token", self.token) token = headers.get("x-auth-token", self.token)
if token: if token:
headers["x-auth-token"] = token headers["x-auth-token"] = token

View File

@ -103,6 +103,7 @@ class Client(object):
cacert=cacert, cacert=cacert,
insecure=insecure, insecure=insecure,
request_timeout=_DEFAULT_REQUEST_TIMEOUT, request_timeout=_DEFAULT_REQUEST_TIMEOUT,
session=session,
) )
# Create all managers # Create all managers

View File

@ -42,7 +42,7 @@ class PatchAudit(object):
def get_regionone_audit_data(self): def get_regionone_audit_data(self):
return PatchAuditData() return PatchAuditData()
def subcloud_patch_audit(self, keystone_session, subcloud): def subcloud_patch_audit(self, keystone_client, subcloud):
LOG.info("Triggered patch audit for: %s." % subcloud.name) LOG.info("Triggered patch audit for: %s." % subcloud.name)
# NOTE(nicodemos): Patch audit not supported for 24.09 subcloud # NOTE(nicodemos): Patch audit not supported for 24.09 subcloud
@ -51,7 +51,7 @@ class PatchAudit(object):
# NOTE(nicodemos): If the subcloud is on the 22.12 release with USM enabled, # NOTE(nicodemos): If the subcloud is on the 22.12 release with USM enabled,
# skip the patch audit. # skip the patch audit.
if utils.has_usm_service(subcloud.region_name, keystone_session): if utils.has_usm_service(subcloud.region_name, keystone_client):
return consts.SYNC_STATUS_NOT_AVAILABLE return consts.SYNC_STATUS_NOT_AVAILABLE
# NOTE(nicodemos): As of version 24.09, the patching orchestration only # NOTE(nicodemos): As of version 24.09, the patching orchestration only

View File

@ -65,7 +65,7 @@ class DCManagerAuditService(service.Service):
self.subcloud_audit_manager = None self.subcloud_audit_manager = None
def start(self): def start(self):
utils.set_open_file_limit(cfg.CONF.worker_rlimit_nofile) utils.set_open_file_limit(cfg.CONF.audit_worker_rlimit_nofile)
target = oslo_messaging.Target( target = oslo_messaging.Target(
version=self.rpc_api_version, server=self.host, topic=self.topic version=self.rpc_api_version, server=self.host, topic=self.topic
) )
@ -193,7 +193,7 @@ class DCManagerAuditWorkerService(service.Service):
self.subcloud_audit_worker_manager = None self.subcloud_audit_worker_manager = None
def start(self): def start(self):
utils.set_open_file_limit(cfg.CONF.worker_rlimit_nofile) utils.set_open_file_limit(cfg.CONF.audit_worker_rlimit_nofile)
self.init_tgm() self.init_tgm()
self.init_audit_managers() self.init_audit_managers()
target = oslo_messaging.Target( target = oslo_messaging.Target(

View File

@ -4,7 +4,7 @@
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
# #
from keystoneauth1.session import Session as keystone_session from keystoneclient.v3.client import Client as KeystoneClient
from oslo_log import log as logging from oslo_log import log as logging
from tsconfig.tsconfig import SW_VERSION from tsconfig.tsconfig import SW_VERSION
@ -142,7 +142,7 @@ class SoftwareAudit(object):
def subcloud_software_audit( def subcloud_software_audit(
self, self,
keystone_session: keystone_session, keystone_client: KeystoneClient,
subcloud: models.Subcloud, subcloud: models.Subcloud,
audit_data: SoftwareAuditData, audit_data: SoftwareAuditData,
): ):
@ -150,7 +150,7 @@ class SoftwareAudit(object):
# TODO(nicodemos): Remove this method after all support to patching is removed # TODO(nicodemos): Remove this method after all support to patching is removed
# NOTE(nicodemos): Software audit not support on 22.12 subcloud without USM # NOTE(nicodemos): Software audit not support on 22.12 subcloud without USM
if subcloud.software_version != SW_VERSION and not utils.has_usm_service( if subcloud.software_version != SW_VERSION and not utils.has_usm_service(
subcloud.region_name, keystone_session subcloud.region_name, keystone_client
): ):
LOG.info(f"Software audit not supported for {subcloud.name} without USM.") LOG.info(f"Software audit not supported for {subcloud.name} without USM.")
return dccommon_consts.SYNC_STATUS_NOT_AVAILABLE return dccommon_consts.SYNC_STATUS_NOT_AVAILABLE
@ -160,7 +160,7 @@ class SoftwareAudit(object):
subcloud.management_start_ip, dccommon_consts.ENDPOINT_NAME_USM subcloud.management_start_ip, dccommon_consts.ENDPOINT_NAME_USM
) )
software_client = SoftwareClient( software_client = SoftwareClient(
keystone_session, endpoint=software_endpoint keystone_client.session, endpoint=software_endpoint
) )
except Exception: except Exception:
LOG.exception( LOG.exception(

View File

@ -561,7 +561,7 @@ class SubcloudAuditWorkerManager(manager.Manager):
try: try:
endpoint_data[dccommon_consts.ENDPOINT_TYPE_PATCHING] = ( endpoint_data[dccommon_consts.ENDPOINT_TYPE_PATCHING] = (
self.patch_audit.subcloud_patch_audit( self.patch_audit.subcloud_patch_audit(
keystone_client.session, keystone_client.keystone_client,
subcloud, subcloud,
) )
) )
@ -685,7 +685,7 @@ class SubcloudAuditWorkerManager(manager.Manager):
try: try:
endpoint_data[dccommon_consts.ENDPOINT_TYPE_PATCHING] = ( endpoint_data[dccommon_consts.ENDPOINT_TYPE_PATCHING] = (
self.patch_audit.subcloud_patch_audit( self.patch_audit.subcloud_patch_audit(
keystone_client.session, keystone_client.keystone_client,
subcloud, subcloud,
) )
) )
@ -772,7 +772,7 @@ class SubcloudAuditWorkerManager(manager.Manager):
try: try:
endpoint_data[dccommon_consts.AUDIT_TYPE_SOFTWARE] = ( endpoint_data[dccommon_consts.AUDIT_TYPE_SOFTWARE] = (
self.software_audit.subcloud_software_audit( self.software_audit.subcloud_software_audit(
keystone_client.session, keystone_client.keystone_client,
subcloud, subcloud,
software_audit_data, software_audit_data,
) )

View File

@ -33,11 +33,6 @@ global_opts = [
default=60, default=60,
help="Seconds between running periodic reporting tasks.", help="Seconds between running periodic reporting tasks.",
), ),
cfg.IntOpt(
"worker_rlimit_nofile",
default=4096,
help="Maximum number of open files per worker process.",
),
] ]
# OpenStack credentials used for Endpoint Cache # OpenStack credentials used for Endpoint Cache
@ -133,6 +128,11 @@ endpoint_cache_opts = [
"http_connect_timeout", "http_connect_timeout",
help="Request timeout value for communicating with Identity API server.", help="Request timeout value for communicating with Identity API server.",
), ),
cfg.IntOpt(
"token_cache_size",
default=5000,
help="Maximum number of entries in the in-memory token cache",
),
] ]
scheduler_opts = [ scheduler_opts = [
@ -180,6 +180,26 @@ common_opts = [
"1:enabled via rvmc_debug_level, 2:globally enabled" "1:enabled via rvmc_debug_level, 2:globally enabled"
), ),
), ),
cfg.IntOpt(
"dcmanager_worker_rlimit_nofile",
default=4096,
help="Maximum number of open files per dcmanager_manager worker process.",
),
cfg.IntOpt(
"orchestrator_worker_rlimit_nofile",
default=8192,
help="Maximum number of open files per dcmanager_orchestrator worker process.",
),
cfg.IntOpt(
"audit_worker_rlimit_nofile",
default=4096,
help="Maximum number of open files per dcmanager_audit worker process.",
),
cfg.IntOpt(
"state_worker_rlimit_nofile",
default=4096,
help="Maximum number of open files per dcmanager_state worker process.",
),
] ]
scheduler_opt_group = cfg.OptGroup( scheduler_opt_group = cfg.OptGroup(

View File

@ -32,6 +32,7 @@ import uuid
import xml.etree.ElementTree as ElementTree import xml.etree.ElementTree as ElementTree
from keystoneauth1 import exceptions as keystone_exceptions from keystoneauth1 import exceptions as keystone_exceptions
from keystoneclient.v3.client import Client as KeystoneClient
import netaddr import netaddr
from oslo_concurrency import lockutils from oslo_concurrency import lockutils
from oslo_config import cfg from oslo_config import cfg
@ -1200,7 +1201,7 @@ def get_system_controller_software_list(
) )
return software_client.list() return software_client.list()
except requests.exceptions.ConnectionError: except (requests.exceptions.ConnectionError, keystone_exceptions.ConnectionError):
LOG.exception("Failed to get software list for %s", region_name) LOG.exception("Failed to get software list for %s", region_name)
raise raise
except Exception: except Exception:
@ -2254,27 +2255,28 @@ def validate_software_strategy(release_id: str):
pecan.abort(400, _(message)) pecan.abort(400, _(message))
def has_usm_service(subcloud_region, keystone_session=None): def has_usm_service(
subcloud_region: str, keystone_client: KeystoneClient = None
) -> bool:
# Lookup keystone client session if not specified # Lookup keystone client session if not specified
if not keystone_session: if not keystone_client:
try: try:
os_client = OpenStackDriver( keystone_client = OpenStackDriver(
region_name=subcloud_region, region_name=subcloud_region,
region_clients=None, region_clients=None,
fetch_subcloud_ips=fetch_subcloud_mgmt_ips, fetch_subcloud_ips=fetch_subcloud_mgmt_ips,
) ).keystone_client.keystone_client
keystone_session = os_client.keystone_client.session except Exception as e:
except Exception:
LOG.exception( LOG.exception(
f"Failed to get keystone client for subcloud_region: {subcloud_region}" f"Failed to get keystone client for subcloud_region: {subcloud_region}"
) )
raise exceptions.InternalError() raise exceptions.InternalError() from e
try: try:
# Try to get the usm endpoint for the subcloud. # Try to get the USM service for the subcloud.
software_v1.SoftwareClient(keystone_session, region=subcloud_region) keystone_client.services.find(name=dccommon_consts.ENDPOINT_NAME_USM)
return True return True
except keystone_exceptions.EndpointNotFound: except keystone_exceptions.NotFound:
LOG.warning("USM service not found for subcloud_region: %s", subcloud_region) LOG.warning("USM service not found for subcloud_region: %s", subcloud_region)
return False return False

View File

@ -100,7 +100,7 @@ class DCManagerService(service.Service):
self.system_peer_manager = SystemPeerManager(self.peer_monitor_manager) self.system_peer_manager = SystemPeerManager(self.peer_monitor_manager)
def start(self): def start(self):
utils.set_open_file_limit(cfg.CONF.worker_rlimit_nofile) utils.set_open_file_limit(cfg.CONF.dcmanager_worker_rlimit_nofile)
self.dcmanager_id = uuidutils.generate_uuid() self.dcmanager_id = uuidutils.generate_uuid()
self.init_managers() self.init_managers()
target = oslo_messaging.Target( target = oslo_messaging.Target(

View File

@ -552,7 +552,8 @@ class OrchThread(threading.Thread):
# First check if the strategy has been created. # First check if the strategy has been created.
try: try:
subcloud_strategy = OrchThread.get_vim_client(region).get_strategy( vim_client = OrchThread.get_vim_client(region)
subcloud_strategy = vim_client.get_strategy(
strategy_name=self.vim_strategy_name strategy_name=self.vim_strategy_name
) )
except (keystone_exceptions.EndpointNotFound, IndexError): except (keystone_exceptions.EndpointNotFound, IndexError):
@ -586,9 +587,7 @@ class OrchThread(threading.Thread):
# If we are here, we need to delete the strategy # If we are here, we need to delete the strategy
try: try:
OrchThread.get_vim_client(region).delete_strategy( vim_client.delete_strategy(strategy_name=self.vim_strategy_name)
strategy_name=self.vim_strategy_name
)
except Exception: except Exception:
message = "(%s) Vim strategy:(%s) delete failed for region:(%s)" % ( message = "(%s) Vim strategy:(%s) delete failed for region:(%s)" % (
self.update_type, self.update_type,

View File

@ -64,7 +64,7 @@ class DCManagerOrchestratorService(service.Service):
self.sw_update_manager = None self.sw_update_manager = None
def start(self): def start(self):
utils.set_open_file_limit(cfg.CONF.worker_rlimit_nofile) utils.set_open_file_limit(cfg.CONF.orchestrator_worker_rlimit_nofile)
self.init_tgm() self.init_tgm()
self.init_manager() self.init_manager()
target = oslo_messaging.Target( target = oslo_messaging.Target(

View File

@ -5,6 +5,7 @@
# #
import abc import abc
from functools import lru_cache
from typing import Optional from typing import Optional
from typing import Type from typing import Type
@ -26,6 +27,11 @@ from dcmanager.db import api as db_api
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
# The cache is scoped to the strategy state object, so we only cache clients
# for the subcloud region. This reduces redundant clients and minimizes
# the number of unnecessary TCP connections.
CLIENT_CACHE_SIZE = 1
class BaseState(object, metaclass=abc.ABCMeta): class BaseState(object, metaclass=abc.ABCMeta):
@ -164,60 +170,73 @@ class BaseState(object, metaclass=abc.ABCMeta):
return strategy_step.subcloud.name return strategy_step.subcloud.name
@staticmethod @staticmethod
def get_keystone_client(region_name=dccommon_consts.DEFAULT_REGION_NAME): @lru_cache(maxsize=CLIENT_CACHE_SIZE)
def get_keystone_client(region_name: str = dccommon_consts.DEFAULT_REGION_NAME):
"""Construct a (cached) keystone client (and token)""" """Construct a (cached) keystone client (and token)"""
try: try:
os_client = OpenStackDriver( return OpenStackDriver(
region_name=region_name, region_name=region_name,
region_clients=None, region_clients=None,
fetch_subcloud_ips=utils.fetch_subcloud_mgmt_ips, fetch_subcloud_ips=utils.fetch_subcloud_mgmt_ips,
) ).keystone_client
return os_client.keystone_client
except Exception: except Exception:
LOG.warning( LOG.warning(
f"Failure initializing KeystoneClient for region: {region_name}" f"Failure initializing KeystoneClient for region: {region_name}"
) )
raise raise
def get_sysinv_client(self, region_name): @lru_cache(maxsize=CLIENT_CACHE_SIZE)
"""construct a sysinv client""" def get_sysinv_client(self, region_name: str) -> SysinvClient:
"""Get the Sysinv client for the given region."""
keystone_client = self.get_keystone_client(region_name) keystone_client = self.get_keystone_client(region_name)
endpoint = keystone_client.endpoint_cache.get_endpoint("sysinv") endpoint = keystone_client.endpoint_cache.get_endpoint("sysinv")
return SysinvClient(region_name, keystone_client.session, endpoint=endpoint) return SysinvClient(region_name, keystone_client.session, endpoint=endpoint)
def get_fm_client(self, region_name): @lru_cache(maxsize=CLIENT_CACHE_SIZE)
def get_fm_client(self, region_name: str) -> FmClient:
"""Get the FM client for the given region."""
keystone_client = self.get_keystone_client(region_name) keystone_client = self.get_keystone_client(region_name)
endpoint = keystone_client.endpoint_cache.get_endpoint("fm") endpoint = keystone_client.endpoint_cache.get_endpoint("fm")
return FmClient(region_name, keystone_client.session, endpoint=endpoint) return FmClient(region_name, keystone_client.session, endpoint=endpoint)
def get_patching_client(self, region_name=dccommon_consts.DEFAULT_REGION_NAME): @lru_cache(maxsize=CLIENT_CACHE_SIZE)
def get_patching_client(
self, region_name: str = dccommon_consts.DEFAULT_REGION_NAME
) -> PatchingClient:
"""Get the Patching client for the given region."""
keystone_client = self.get_keystone_client(region_name) keystone_client = self.get_keystone_client(region_name)
return PatchingClient(region_name, keystone_client.session) return PatchingClient(region_name, keystone_client.session)
def get_software_client(self, region_name=dccommon_consts.DEFAULT_REGION_NAME): @lru_cache(maxsize=CLIENT_CACHE_SIZE)
def get_software_client(
self, region_name: str = dccommon_consts.DEFAULT_REGION_NAME
) -> SoftwareClient:
"""Get the Software client for the given region."""
keystone_client = self.get_keystone_client(region_name) keystone_client = self.get_keystone_client(region_name)
return SoftwareClient(keystone_client.session, region_name) return SoftwareClient(keystone_client.session, region_name)
@lru_cache(maxsize=CLIENT_CACHE_SIZE)
def get_barbican_client(self, region_name: str) -> BarbicanClient:
"""Get the Barbican client for the given region."""
keystone_client = self.get_keystone_client(region_name)
return BarbicanClient(region_name, keystone_client.session)
@lru_cache(maxsize=CLIENT_CACHE_SIZE)
def get_vim_client(self, region_name: str) -> VimClient:
"""Get the Vim client for the given region."""
keystone_client = self.get_keystone_client(region_name)
return VimClient(region_name, keystone_client.session)
@property @property
def local_sysinv(self): def local_sysinv(self) -> SysinvClient:
"""Return the local Sysinv client."""
return self.get_sysinv_client(dccommon_consts.DEFAULT_REGION_NAME) return self.get_sysinv_client(dccommon_consts.DEFAULT_REGION_NAME)
@property @property
def subcloud_sysinv(self): def subcloud_sysinv(self) -> SysinvClient:
"""Return the subcloud Sysinv client."""
return self.get_sysinv_client(self.region_name) return self.get_sysinv_client(self.region_name)
def get_barbican_client(self, region_name):
"""construct a barbican client"""
keystone_client = self.get_keystone_client(region_name)
return BarbicanClient(region_name, keystone_client.session)
def get_vim_client(self, region_name):
"""construct a vim client for a region."""
keystone_client = self.get_keystone_client(region_name)
return VimClient(region_name, keystone_client.session)
def add_shared_caches(self, shared_caches): def add_shared_caches(self, shared_caches):
# Shared caches not required by all states, so instantiate only if necessary # Shared caches not required by all states, so instantiate only if necessary
self._shared_caches = shared_caches self._shared_caches = shared_caches

View File

@ -78,7 +78,7 @@ class DCManagerStateService(service.Service):
def start(self): def start(self):
LOG.info("Starting %s", self.__class__.__name__) LOG.info("Starting %s", self.__class__.__name__)
utils.set_open_file_limit(cfg.CONF.worker_rlimit_nofile) utils.set_open_file_limit(cfg.CONF.state_worker_rlimit_nofile)
self._init_managers() self._init_managers()
target = oslo_messaging.Target( target = oslo_messaging.Target(
version=self.rpc_api_version, server=self.host, topic=self.topic version=self.rpc_api_version, server=self.host, topic=self.topic

View File

@ -15,13 +15,13 @@
# #
from keystoneauth1 import exceptions as keystone_exceptions from keystoneauth1 import exceptions as keystone_exceptions
import mock
from dccommon import consts as dccommon_consts from dccommon import consts as dccommon_consts
from dcmanager.audit import patch_audit from dcmanager.audit import patch_audit
from dcmanager.audit import subcloud_audit_manager from dcmanager.audit import subcloud_audit_manager
from dcmanager.tests import base from dcmanager.tests import base
from dcmanager.tests.unit.common.fake_subcloud import create_fake_subcloud from dcmanager.tests.unit.common.fake_subcloud import create_fake_subcloud
from dcmanager.tests.unit import fakes
class TestPatchAudit(base.DCManagerTestCase): class TestPatchAudit(base.DCManagerTestCase):
@ -39,14 +39,12 @@ class TestPatchAudit(base.DCManagerTestCase):
self.am = subcloud_audit_manager.SubcloudAuditManager() self.am = subcloud_audit_manager.SubcloudAuditManager()
self.am.patch_audit = self.pm self.am.patch_audit = self.pm
# Mock KeystoneClient.session self.keystone_client = mock.MagicMock()
self.keystone_session = fakes.FakeKeystone().session
def test_patch_audit_previous_release_usm_enabled(self): def test_patch_audit_previous_release_usm_enabled(self):
subcloud = create_fake_subcloud(self.ctx) subcloud = create_fake_subcloud(self.ctx)
self.keystone_session.get_endpoint.return_value = "http://fake_endpoint"
patch_response = self.pm.subcloud_patch_audit( patch_response = self.pm.subcloud_patch_audit(
self.keystone_session, self.keystone_client,
subcloud, subcloud,
) )
load_response = self.pm.subcloud_load_audit() load_response = self.pm.subcloud_load_audit()
@ -54,18 +52,16 @@ class TestPatchAudit(base.DCManagerTestCase):
expected_patch_response = dccommon_consts.SYNC_STATUS_NOT_AVAILABLE expected_patch_response = dccommon_consts.SYNC_STATUS_NOT_AVAILABLE
expected_load_response = dccommon_consts.SYNC_STATUS_NOT_AVAILABLE expected_load_response = dccommon_consts.SYNC_STATUS_NOT_AVAILABLE
self.assertTrue(self.keystone_session.get_endpoint.called) self.keystone_client.services.find.assert_called_once()
self.assertEqual(patch_response, expected_patch_response) self.assertEqual(patch_response, expected_patch_response)
self.assertEqual(load_response, expected_load_response) self.assertEqual(load_response, expected_load_response)
def test_patch_audit_previous_release(self): def test_patch_audit_previous_release(self):
subcloud = create_fake_subcloud(self.ctx) subcloud = create_fake_subcloud(self.ctx)
self.keystone_session.get_endpoint.side_effect = ( self.keystone_client.services.find.side_effect = keystone_exceptions.NotFound
keystone_exceptions.EndpointNotFound
)
patch_response = self.pm.subcloud_patch_audit( patch_response = self.pm.subcloud_patch_audit(
self.keystone_session, self.keystone_client,
subcloud, subcloud,
) )
load_response = self.pm.subcloud_load_audit() load_response = self.pm.subcloud_load_audit()
@ -73,14 +69,14 @@ class TestPatchAudit(base.DCManagerTestCase):
expected_patch_response = dccommon_consts.SYNC_STATUS_OUT_OF_SYNC expected_patch_response = dccommon_consts.SYNC_STATUS_OUT_OF_SYNC
expected_load_response = dccommon_consts.SYNC_STATUS_NOT_AVAILABLE expected_load_response = dccommon_consts.SYNC_STATUS_NOT_AVAILABLE
self.assertTrue(self.keystone_session.get_endpoint.called) self.keystone_client.services.find.assert_called_once()
self.assertEqual(patch_response, expected_patch_response) self.assertEqual(patch_response, expected_patch_response)
self.assertEqual(load_response, expected_load_response) self.assertEqual(load_response, expected_load_response)
def test_patch_audit_current_release(self): def test_patch_audit_current_release(self):
subcloud = create_fake_subcloud(self.ctx, software_version="TEST.SW.VERSION") subcloud = create_fake_subcloud(self.ctx, software_version="TEST.SW.VERSION")
patch_response = self.pm.subcloud_patch_audit( patch_response = self.pm.subcloud_patch_audit(
self.keystone_session, self.keystone_client,
subcloud, subcloud,
) )
load_response = self.pm.subcloud_load_audit() load_response = self.pm.subcloud_load_audit()
@ -88,6 +84,6 @@ class TestPatchAudit(base.DCManagerTestCase):
expected_patch_response = dccommon_consts.SYNC_STATUS_NOT_AVAILABLE expected_patch_response = dccommon_consts.SYNC_STATUS_NOT_AVAILABLE
expected_load_response = dccommon_consts.SYNC_STATUS_NOT_AVAILABLE expected_load_response = dccommon_consts.SYNC_STATUS_NOT_AVAILABLE
self.assertFalse(self.keystone_session.get_endpoint.called) self.assertFalse(self.keystone_client.get_endpoint.called)
self.assertEqual(patch_response, expected_patch_response) self.assertEqual(patch_response, expected_patch_response)
self.assertEqual(load_response, expected_load_response) self.assertEqual(load_response, expected_load_response)

View File

@ -5,13 +5,13 @@
# #
from keystoneauth1 import exceptions as keystone_exceptions from keystoneauth1 import exceptions as keystone_exceptions
import mock
from dccommon import consts as dccommon_consts from dccommon import consts as dccommon_consts
from dcmanager.audit import software_audit from dcmanager.audit import software_audit
from dcmanager.audit import subcloud_audit_manager from dcmanager.audit import subcloud_audit_manager
from dcmanager.tests import base from dcmanager.tests import base
from dcmanager.tests.unit.common.fake_subcloud import create_fake_subcloud from dcmanager.tests.unit.common.fake_subcloud import create_fake_subcloud
from dcmanager.tests.unit import fakes
FAKE_REGIONONE_RELEASES = [ FAKE_REGIONONE_RELEASES = [
{ {
@ -98,8 +98,7 @@ class TestSoftwareAudit(base.DCManagerTestCase):
self.audit_manager = subcloud_audit_manager.SubcloudAuditManager() self.audit_manager = subcloud_audit_manager.SubcloudAuditManager()
self.audit_manager.software_audit = self.software_audit self.audit_manager.software_audit = self.software_audit
# Mock KeystoneClient.session self.keystone_client = mock.MagicMock()
self.keystone_session = fakes.FakeKeystone().session
# Mock RegionOne SoftwareClient's list method # Mock RegionOne SoftwareClient's list method
regionone_software_client = self.mock_software_client.return_value regionone_software_client = self.mock_software_client.return_value
@ -116,11 +115,9 @@ class TestSoftwareAudit(base.DCManagerTestCase):
def test_software_audit_previous_release_not_usm(self): def test_software_audit_previous_release_not_usm(self):
software_audit_data = self.get_software_audit_data() software_audit_data = self.get_software_audit_data()
subcloud = create_fake_subcloud(self.ctx) subcloud = create_fake_subcloud(self.ctx)
self.keystone_session.get_endpoint.side_effect = ( self.keystone_client.services.find.side_effect = keystone_exceptions.NotFound
keystone_exceptions.EndpointNotFound
)
software_response = self.software_audit.subcloud_software_audit( software_response = self.software_audit.subcloud_software_audit(
self.keystone_session, self.keystone_client,
subcloud, subcloud,
software_audit_data, software_audit_data,
) )
@ -130,14 +127,13 @@ class TestSoftwareAudit(base.DCManagerTestCase):
def test_software_audit_previous_release_usm(self): def test_software_audit_previous_release_usm(self):
software_audit_data = self.get_software_audit_data() software_audit_data = self.get_software_audit_data()
subcloud = create_fake_subcloud(self.ctx) subcloud = create_fake_subcloud(self.ctx)
self.keystone_session.get_endpoint.return_value = "http://fake_endpoint"
sc_software_client = self.mock_software_client(subcloud.region_name) sc_software_client = self.mock_software_client(subcloud.region_name)
sc_software_client.list.return_value = ( sc_software_client.list.return_value = (
FAKE_SUBCLOUD_RELEASES_MISSING_OUT_OF_SYNC FAKE_SUBCLOUD_RELEASES_MISSING_OUT_OF_SYNC
) )
software_response = self.software_audit.subcloud_software_audit( software_response = self.software_audit.subcloud_software_audit(
self.keystone_session, self.keystone_client,
subcloud, subcloud,
software_audit_data, software_audit_data,
) )
@ -152,7 +148,7 @@ class TestSoftwareAudit(base.DCManagerTestCase):
sc_software_client = self.mock_software_client(subcloud.region_name) sc_software_client = self.mock_software_client(subcloud.region_name)
sc_software_client.list.return_value = FAKE_SUBCLOUD_RELEASES_IN_SYNC sc_software_client.list.return_value = FAKE_SUBCLOUD_RELEASES_IN_SYNC
software_response = self.software_audit.subcloud_software_audit( software_response = self.software_audit.subcloud_software_audit(
self.keystone_session, self.keystone_client,
subcloud, subcloud,
software_audit_data, software_audit_data,
) )
@ -169,7 +165,7 @@ class TestSoftwareAudit(base.DCManagerTestCase):
FAKE_SUBCLOUD_RELEASES_MISSING_OUT_OF_SYNC FAKE_SUBCLOUD_RELEASES_MISSING_OUT_OF_SYNC
) )
software_response = self.software_audit.subcloud_software_audit( software_response = self.software_audit.subcloud_software_audit(
self.keystone_session, self.keystone_client,
subcloud, subcloud,
software_audit_data, software_audit_data,
) )
@ -184,7 +180,7 @@ class TestSoftwareAudit(base.DCManagerTestCase):
sc_software_client = self.mock_software_client(subcloud.region_name) sc_software_client = self.mock_software_client(subcloud.region_name)
sc_software_client.list.return_value = FAKE_SUBCLOUD_RELEASES_EXTRA_OUT_OF_SYNC sc_software_client.list.return_value = FAKE_SUBCLOUD_RELEASES_EXTRA_OUT_OF_SYNC
software_response = self.software_audit.subcloud_software_audit( software_response = self.software_audit.subcloud_software_audit(
self.keystone_session, self.keystone_client,
subcloud, subcloud,
software_audit_data, software_audit_data,
) )

View File

@ -225,6 +225,11 @@ endpoint_cache_opts = [
"http_connect_timeout", "http_connect_timeout",
help="Request timeout value for communicating with Identity API server.", help="Request timeout value for communicating with Identity API server.",
), ),
cfg.IntOpt(
"token_cache_size",
default=5000,
help="Maximum number of entries in the in-memory token cache",
),
] ]
scheduler_opts = [ scheduler_opts = [

View File

@ -17,6 +17,7 @@
import itertools import itertools
import uuid import uuid
from keystoneauth1 import session as ks_session
from oslo_db import exception as oslo_db_exception from oslo_db import exception as oslo_db_exception
from oslo_log import log as logging from oslo_log import log as logging
@ -236,3 +237,15 @@ def enqueue_work(
# pylint: disable-next=no-member # pylint: disable-next=no-member
f"{rsrc.id}/{resource_type}/{source_resource_id}/{operation_type}" f"{rsrc.id}/{resource_type}/{source_resource_id}/{operation_type}"
) )
def close_session(session: ks_session.Session, operation: str, region_ref: str) -> None:
if session:
try:
LOG.debug("Closing session after %s for %s", operation, region_ref)
session.session.close()
except Exception:
LOG.warning(
f"Failed to close session for {region_ref} after {operation}",
exc_info=True,
)

View File

@ -11,6 +11,7 @@ from dccommon import consts as dccommon_consts
from dcorch.common import consts as dco_consts from dcorch.common import consts as dco_consts
from dcorch.common import context from dcorch.common import context
from dcorch.common import exceptions from dcorch.common import exceptions
from dcorch.common import utils
from dcorch.db import api as db_api from dcorch.db import api as db_api
from dcorch.engine import scheduler from dcorch.engine import scheduler
from dcorch.engine.sync_services.identity import IdentitySyncThread from dcorch.engine.sync_services.identity import IdentitySyncThread
@ -107,7 +108,8 @@ class GenericSyncWorkerManager(object):
def _sync_subcloud( def _sync_subcloud(
self, context, subcloud_name, endpoint_type, management_ip, software_version self, context, subcloud_name, endpoint_type, management_ip, software_version
): ):
LOG.info(f"Start to sync subcloud {subcloud_name}/{endpoint_type}.") subcloud_ref_str = f"{subcloud_name}/{endpoint_type}"
LOG.info(f"Start to sync subcloud {subcloud_ref_str}.")
sync_obj = sync_object_class_map[endpoint_type]( sync_obj = sync_object_class_map[endpoint_type](
subcloud_name, endpoint_type, management_ip, software_version subcloud_name, endpoint_type, management_ip, software_version
) )
@ -115,8 +117,10 @@ class GenericSyncWorkerManager(object):
try: try:
sync_obj.sync() sync_obj.sync()
except Exception: except Exception:
LOG.exception(f"Sync failed for {subcloud_name}/{endpoint_type}") LOG.exception(f"Sync failed for {subcloud_ref_str}")
new_state = dco_consts.SYNC_STATUS_FAILED new_state = dco_consts.SYNC_STATUS_FAILED
finally:
utils.close_session(sync_obj.sc_admin_session, "sync", subcloud_ref_str)
db_api.subcloud_sync_update( db_api.subcloud_sync_update(
context, subcloud_name, endpoint_type, values={"sync_request": new_state} context, subcloud_name, endpoint_type, values={"sync_request": new_state}

View File

@ -10,6 +10,7 @@ from oslo_log import log as logging
from dcorch.common import consts from dcorch.common import consts
from dcorch.common import context from dcorch.common import context
from dcorch.common import utils
from dcorch.db import api as db_api from dcorch.db import api as db_api
from dcorch.engine.fernet_key_manager import FernetKeyManager from dcorch.engine.fernet_key_manager import FernetKeyManager
from dcorch.engine import scheduler from dcorch.engine import scheduler
@ -208,4 +209,9 @@ class InitialSyncWorkerManager(object):
def initial_sync(self, subcloud_name, sync_objs): def initial_sync(self, subcloud_name, sync_objs):
LOG.debug(f"Initial sync subcloud {subcloud_name} {self.engine_id}") LOG.debug(f"Initial sync subcloud {subcloud_name} {self.engine_id}")
for sync_obj in sync_objs.values(): for sync_obj in sync_objs.values():
try:
sync_obj.initial_sync() sync_obj.initial_sync()
finally:
utils.close_session(
sync_obj.sc_admin_session, "initial sync", subcloud_name
)

View File

@ -588,8 +588,7 @@ class SysinvSyncThread(SyncThread):
return None return None
def post_audit(self): def post_audit(self):
# TODO(lzhu1): This should be revisited once the master cache service super().post_audit()
# is implemented.
OpenStackDriver.delete_region_clients_for_thread(self.region_name, "audit") OpenStackDriver.delete_region_clients_for_thread(self.region_name, "audit")
OpenStackDriver.delete_region_clients_for_thread( OpenStackDriver.delete_region_clients_for_thread(
dccommon_consts.CLOUD_0, "audit" dccommon_consts.CLOUD_0, "audit"
@ -780,7 +779,7 @@ class SysinvSyncThread(SyncThread):
if finding == AUDIT_RESOURCE_MISSING: if finding == AUDIT_RESOURCE_MISSING:
# The missing resource should be created by underlying subcloud # The missing resource should be created by underlying subcloud
# thus action is to update for a 'missing' resource # thus action is to update for a 'missing' resource
# should not get here since audit discrepency will handle this # should not get here since audit discrepancy will handle this
resource_id = self.get_resource_id(resource_type, resource) resource_id = self.get_resource_id(resource_type, resource)
self.schedule_work( self.schedule_work(
self.endpoint_type, self.endpoint_type,

View File

@ -569,7 +569,7 @@ class SyncThread(object):
# If the request was aborted due to an expired certificate, # If the request was aborted due to an expired certificate,
# update the status to 'out-of-sync' and just return so the # update the status to 'out-of-sync' and just return so the
# sync_request is updated to "completed". This way, the sync # sync_request is updated to "completed". This way, the sync
# job won't attemp to retry the sync in the next cycle. # job won't attempt to retry the sync in the next cycle.
if request_aborted: if request_aborted:
self.set_sync_status(dccommon_consts.SYNC_STATUS_OUT_OF_SYNC) self.set_sync_status(dccommon_consts.SYNC_STATUS_OUT_OF_SYNC)
LOG.info( LOG.info(
@ -620,7 +620,10 @@ class SyncThread(object):
LOG.debug( LOG.debug(
"Engine id={}: sync_audit started".format(engine_id), extra=self.log_extra "Engine id={}: sync_audit started".format(engine_id), extra=self.log_extra
) )
try:
self.sync_audit(engine_id) self.sync_audit(engine_id)
finally:
self.post_audit()
def sync_audit(self, engine_id): def sync_audit(self, engine_id):
LOG.debug( LOG.debug(
@ -776,11 +779,12 @@ class SyncThread(object):
"{}: done sync audit".format(threading.currentThread().getName()), "{}: done sync audit".format(threading.currentThread().getName()),
extra=self.log_extra, extra=self.log_extra,
) )
self.post_audit()
def post_audit(self): def post_audit(self):
# Some specific SyncThread subclasses may perform post audit actions # Some specific SyncThread subclasses may perform post audit actions
pass utils.close_session(
self.sc_admin_session, "audit", f"{self.subcloud_name}/{self.endpoint_type}"
)
@classmethod @classmethod
@lockutils.synchronized(AUDIT_LOCK_NAME) @lockutils.synchronized(AUDIT_LOCK_NAME)

View File

@ -35,7 +35,7 @@ from dcorch.tests import utils
get_engine = api.get_engine get_engine = api.get_engine
CAPABILITES = { CAPABILITIES = {
"endpoint_types": [ "endpoint_types": [
dccommon_consts.ENDPOINT_TYPE_PLATFORM, dccommon_consts.ENDPOINT_TYPE_PLATFORM,
dccommon_consts.ENDPOINT_TYPE_IDENTITY, dccommon_consts.ENDPOINT_TYPE_IDENTITY,

View File

@ -58,7 +58,7 @@ class TestGenericSyncWorkerManager(base.OrchestratorTestCase):
def test_create_sync_objects(self): def test_create_sync_objects(self):
sync_objs = self.gswm.create_sync_objects( sync_objs = self.gswm.create_sync_objects(
"subcloud1", base.CAPABILITES, "192.168.1.11", "24.09" "subcloud1", base.CAPABILITIES, "192.168.1.11", "24.09"
) )
# Verify both endpoint types have corresponding sync object # Verify both endpoint types have corresponding sync object

View File

@ -113,7 +113,7 @@ class TestInitialSyncManager(base.OrchestratorTestCase):
management_ip="192.168.1." + str(i), management_ip="192.168.1." + str(i),
) )
chunks[chunk_num][subcloud.region_name] = ( chunks[chunk_num][subcloud.region_name] = (
base.CAPABILITES, base.CAPABILITIES,
subcloud.management_ip, subcloud.management_ip,
subcloud.software_version, subcloud.software_version,
False, False,

View File

@ -16,6 +16,10 @@ from dcorch.tests import utils
class FakeSyncObject(object): class FakeSyncObject(object):
def __init__(self):
# sc_admin_session is used when attempting to close the session
self.sc_admin_session = mock.MagicMock()
def initial_sync(self): def initial_sync(self):
pass pass
@ -136,7 +140,7 @@ class TestInitialSyncWorkerManager(base.OrchestratorTestCase):
self.iswm._initial_sync_subcloud( self.iswm._initial_sync_subcloud(
self.ctx, self.ctx,
subcloud.region_name, subcloud.region_name,
base.CAPABILITES, base.CAPABILITIES,
subcloud.management_ip, subcloud.management_ip,
subcloud.software_version, subcloud.software_version,
False, False,
@ -168,7 +172,7 @@ class TestInitialSyncWorkerManager(base.OrchestratorTestCase):
self.iswm._initial_sync_subcloud( self.iswm._initial_sync_subcloud(
self.ctx, self.ctx,
subcloud.region_name, subcloud.region_name,
base.CAPABILITES, base.CAPABILITIES,
subcloud.management_ip, subcloud.management_ip,
subcloud.software_version, subcloud.software_version,
False, False,
@ -198,7 +202,7 @@ class TestInitialSyncWorkerManager(base.OrchestratorTestCase):
self.iswm._initial_sync_subcloud( self.iswm._initial_sync_subcloud(
self.ctx, self.ctx,
subcloud.region_name, subcloud.region_name,
base.CAPABILITES, base.CAPABILITIES,
subcloud.management_ip, subcloud.management_ip,
subcloud.software_version, subcloud.software_version,
True, True,
@ -233,7 +237,7 @@ class TestInitialSyncWorkerManager(base.OrchestratorTestCase):
self.iswm._initial_sync_subcloud( self.iswm._initial_sync_subcloud(
self.ctx, self.ctx,
subcloud.region_name, subcloud.region_name,
base.CAPABILITES, base.CAPABILITIES,
subcloud.management_ip, subcloud.management_ip,
subcloud.software_version, subcloud.software_version,
False, False,
@ -294,13 +298,13 @@ class TestInitialSyncWorkerManager(base.OrchestratorTestCase):
) )
subcloud_capabilities = { subcloud_capabilities = {
subcloud1.region_name: ( subcloud1.region_name: (
base.CAPABILITES, base.CAPABILITIES,
subcloud1.management_ip, subcloud1.management_ip,
subcloud1.software_version, subcloud1.software_version,
False, False,
), ),
subcloud2.region_name: ( subcloud2.region_name: (
base.CAPABILITES, base.CAPABILITIES,
subcloud2.management_ip, subcloud2.management_ip,
subcloud2.software_version, subcloud2.software_version,
False, False,
@ -314,7 +318,7 @@ class TestInitialSyncWorkerManager(base.OrchestratorTestCase):
self.iswm._initial_sync_subcloud, self.iswm._initial_sync_subcloud,
mock.ANY, mock.ANY,
subcloud1.region_name, subcloud1.region_name,
base.CAPABILITES, base.CAPABILITIES,
subcloud1.management_ip, subcloud1.management_ip,
subcloud1.software_version, subcloud1.software_version,
False, False,
@ -323,7 +327,7 @@ class TestInitialSyncWorkerManager(base.OrchestratorTestCase):
self.iswm._initial_sync_subcloud, self.iswm._initial_sync_subcloud,
mock.ANY, mock.ANY,
subcloud2.region_name, subcloud2.region_name,
base.CAPABILITES, base.CAPABILITIES,
subcloud2.management_ip, subcloud2.management_ip,
subcloud2.software_version, subcloud2.software_version,
False, False,

View File

@ -106,7 +106,7 @@ def create_subcloud_static(ctxt, name, **kwargs):
"management_state": dccommon_consts.MANAGEMENT_MANAGED, "management_state": dccommon_consts.MANAGEMENT_MANAGED,
"availability_status": dccommon_consts.AVAILABILITY_ONLINE, "availability_status": dccommon_consts.AVAILABILITY_ONLINE,
"initial_sync_state": "", "initial_sync_state": "",
"capabilities": base.CAPABILITES, "capabilities": base.CAPABILITIES,
"management_ip": "192.168.0.1", "management_ip": "192.168.0.1",
} }
values.update(kwargs) values.update(kwargs)