[apic-mapping] Use keystone client v3

Changes in this patch switch the apic_mapping policy driver
to use keystone client v3. The usage is made consistent with
how the aim_mapping driver uses the client.

The following cofiguration section will now need to be added
to the neutron.conf when using the apic_mapping driver:

[apic_aim_auth]
password=<admin_password>
auth_plugin=v3password
user_domain_name=default
project_domain_name=default
project_name=admin
username=admin
auth_url=http://<controller-ip-address>:35357/v3

Change-Id: I9ec0b1bcf342614d1c4154170d0666ed33fccad3

gbpservice/neutron/services/grouppolicy/drivers/cisco/apic/apic_mapping.py

@@ -21,10 +21,6 @@ from apic_ml2.neutron.db import port_ha_ipaddress_binding as ha_ip_db
 from apic_ml2.neutron.plugins.ml2.drivers.cisco.apic import apic_model
 from apic_ml2.neutron.plugins.ml2.drivers.cisco.apic import config  # noqa
 from apicapi import apic_manager
-from apicapi import apic_mapper
-from keystoneclient.auth.identity.generic import password as keypassword
-from keystoneclient import client as keyclient
-from keystoneclient import session as keysession
 from neutron.agent.linux import dhcp
 from neutron.api.v2 import attributes
 from neutron.common import constants as n_constants
@@ -56,6 +52,7 @@ from gbpservice._i18n import _LW
 from gbpservice.neutron.db.grouppolicy.extensions import apic_reuse_bd_db
 from gbpservice.neutron.db.grouppolicy import group_policy_mapping_db as gpdb
 from gbpservice.neutron.extensions import group_policy as gpolicy
+from gbpservice.neutron.plugins.ml2plus.drivers.apic_aim import cache
 from gbpservice.neutron.services.grouppolicy.common import constants as g_const
 from gbpservice.neutron.services.grouppolicy.common import exceptions as gpexc
 from gbpservice.neutron.services.grouppolicy.drivers import (
@@ -300,26 +297,24 @@ class ApicMappingDriver(api.ResourceMappingDriver,
                 'vni_ranges': cfg.CONF.ml2_type_vxlan.vni_ranges,
             }
             apic_system_id = cfg.CONF.apic_system_id
-            keyclient_param = keyclient if client else None
-            keystone_authtoken = None
-            session = None
+            keystoneclientv3 = None
             if client:
-                keystone_authtoken = cfg.CONF.keystone_authtoken
-                pass_params = (
-                    apic_mapper.APICNameMapper.get_key_password_params(
-                        keystone_authtoken))
-                admin_auth = keypassword.Password(
-                    auth_url=pass_params[0],
-                    username=pass_params[1], password=pass_params[2],
-                    tenant_name=pass_params[3],
-                    user_domain_id='Default', project_domain_id='Default')
-                session = keysession.Session(auth=admin_auth)
+                # REVISIT: The following is a bit contrived to
+                # to avoid having to change any code in the
+                # aim drivers. We just want to reuse the
+                # _get_keystone_client() implementation here, but the
+                # original implemenation is not very reusable and hence we
+                # are having to use it in the following way.
+                ncache = cache.ProjectNameCache()
+                ncache._get_keystone_client()
+                keystoneclientv3 = ncache.keystone
+
             ApicMappingDriver.manager = apic_manager.APICManager(
                 apic_model.ApicDbModel(), logging, network_config, apic_config,
-                keyclient_param, keystone_authtoken, apic_system_id,
+                apic_system_id,
                 default_apic_model=('apic_ml2.neutron.plugins.ml2.drivers.'
                                     'cisco.apic.apic_model'),
-                keysession=session)
+                keystoneclientv3=keystoneclientv3)
             ApicMappingDriver.manager.ensure_infra_created_on_apic()
             ApicMappingDriver.manager.ensure_bgp_pod_policy_created_on_apic()
         return ApicMappingDriver.manager