我们从Python开源项目中,提取了以下50个代码示例,用于说明如何使用novaclient.client.Client()。
def authenticate_keystone_admin(self, keystone_sentry, user, password, tenant=None, api_version=None, keystone_ip=None): """Authenticates admin user with the keystone admin endpoint.""" self.log.debug('Authenticating keystone admin...') unit = keystone_sentry if not keystone_ip: keystone_ip = unit.relation('shared-db', 'mysql:shared-db')['private-address'] base_ep = "http://{}:35357".format(keystone_ip.strip().decode('utf-8')) if not api_version or api_version == 2: ep = base_ep + "/v2.0" return keystone_client.Client(username=user, password=password, tenant_name=tenant, auth_url=ep) else: ep = base_ep + "/v3" auth = keystone_id_v3.Password( user_domain_name='admin_domain', username=user, password=password, domain_name='admin_domain', auth_url=ep, ) sess = keystone_session.Session(auth=auth) return keystone_client_v3.Client(session=sess)
def keystone_auth(auth_details): try: if auth_details['OS_AUTH_URL'].endswith('v3'): k_client = k3_client else: k_client = k2_client tenant_name = auth_details['OS_TENANT_NAME'] keystone = k_client.Client(username=auth_details['OS_USERNAME'], password=auth_details['OS_PASSWORD'], tenant_name=tenant_name, auth_url=auth_details['OS_AUTH_URL']) except Exception as e: status_err(str(e)) try: with open(TOKEN_FILE, 'w') as token_file: json.dump(keystone.auth_ref, token_file) except IOError: # if we can't write the file we go on pass return keystone.auth_ref
def authenticate_nova_user(self, keystone, user, password, tenant): """Authenticates a regular user with nova-api.""" self.log.debug('Authenticating nova user ({})...'.format(user)) ep = keystone.service_catalog.url_for(service_type='identity', interface='publicURL') if keystone.session: return nova_client.Client(NOVA_CLIENT_VERSION, session=keystone.session, auth_url=ep) elif novaclient.__version__[0] >= "7": return nova_client.Client(NOVA_CLIENT_VERSION, username=user, password=password, project_name=tenant, auth_url=ep) else: return nova_client.Client(NOVA_CLIENT_VERSION, username=user, api_key=password, project_id=tenant, auth_url=ep)
def __init__(self, conf): # novaclient only support keystone v3 auth_url = conf.read_option('keystone_authtoken', 'auth_url') if auth_url.endswith('/v3'): auth_url = auth_url.replace('/v3', '/v2.0') self.nv_client = nova_client.Client(2, conf.read_option( 'keystone_authtoken', 'username'), conf.read_option( 'keystone_authtoken', 'password'), conf.read_option( 'keystone_authtoken', 'project_name'), auth_url, region_name=conf.read_option( 'keystone_authtoken', 'region_name') )
def glance(self): if self._glance: return self._glance endpoint_type = self._get_client_option('glance', 'endpoint_type') region_name = self._get_client_option('glance', 'region_name') glanceclient_version = self._get_client_option('glance', 'api_version') endpoint = self.url_for(service_type='image', interface=endpoint_type, region_name=region_name) args = { 'endpoint': endpoint, 'auth_url': self.auth_url, 'token': self.auth_token, 'username': None, 'password': None, 'cacert': self._get_client_option('glance', 'ca_file'), 'cert': self._get_client_option('glance', 'cert_file'), 'key': self._get_client_option('glance', 'key_file'), 'insecure': self._get_client_option('glance', 'insecure') } self._glance = glanceclient.Client(glanceclient_version, **args) return self._glance
def cinder(self): if self._cinder: return self._cinder cinder_api_version = self._get_client_option('cinder', 'api_version') endpoint_type = self._get_client_option('cinder', 'endpoint_type') kwargs = { 'session': self.keystone().session, 'endpoint_type': endpoint_type, 'cacert': self._get_client_option('cinder', 'ca_file'), 'insecure': self._get_client_option('cinder', 'insecure') } self._cinder = cinderclient.Client(version=cinder_api_version, **kwargs) return self._cinder
def nova_live_migrate(node): loader = loading.get_plugin_loader('password') auth = loader.load_from_options( auth_url=os.environ["OS_AUTH_URL"], username=os.environ["OS_USERNAME"], password=os.environ["OS_PASSWORD"], user_domain_name=os.environ["OS_USER_DOMAIN_NAME"], project_domain_name=os.environ["OS_PROJECT_DOMAIN_NAME"], project_name=os.environ["OS_PROJECT_NAME"]) OS_COMPUTE_API_VERSION = "2" sess = session.Session(auth=auth) nova = client.Client(OS_COMPUTE_API_VERSION, session=sess) LOG.info("Disabling nova-compute service on: %s", node) nova.services.disable(node, "nova-compute") for server in nova.servers.list(search_opts={'host': node}): LOG.info("Live-migrating instance: %s from node: %s", server.name, node) server.live_migrate(block_migration=True) thread.start_new_thread(live_migration_watcher_thread, (nova, node))
def _cleanup_servers(session): LOG.info('Cleaning up instances') nova = nova_client.Client("2", session=session) server_list = nova.servers.list(search_opts={"all_tenants": True}) if not server_list: return for server in server_list: LOG.info('Removing instance %s (%s)', server.name, server.id) nova.servers.delete(server.id) server_list = _wait_until_empty( 60, None, nova.servers.list, search_opts={"all_tenants": True}) if server_list: LOG.warning("Some instances were not removed, trying to force delete") for server in server_list: LOG.info('Force deleting instance %s (%s)', server.name, server.id) nova.servers.force_delete(server.id) server_list = _wait_until_empty( 60, None, nova.servers.list, search_opts={"all_tenants": True}) if server_list: raise RuntimeError( 'Some instances were not removed after force delete: %s' % ', '.join(['%s (%s)' % (server.name, server.id) for server in server_list]))
def users_on_tenant(self, tenant): """List user per project.""" auth_session = session.Session(auth=self.auth_session.auth, verify=self.verify) keystone = keystoneclient.Client(session=auth_session, endpoint_type=self.endpoint_type, interface='internal', insecure=self.insecure) users = [] try: users = keystone.users.list(default_project=tenant) except Exception as e: print(e) users_list = [] for user in users: users_list.append(user.to_dict()) return users_list
def authenticate_cinder_admin(self, keystone_sentry, username, password, tenant): """Authenticates admin user with cinder.""" # NOTE(beisner): cinder python client doesn't accept tokens. service_ip = \ keystone_sentry.relation('shared-db', 'mysql:shared-db')['private-address'] ept = "http://{}:5000/v2.0".format(service_ip.strip().decode('utf-8')) return cinder_client.Client(username, password, tenant, ept)
def authenticate_keystone_user(self, keystone, user, password, tenant): """Authenticates a regular user with the keystone public endpoint.""" self.log.debug('Authenticating keystone user ({})...'.format(user)) ep = keystone.service_catalog.url_for(service_type='identity', endpoint_type='publicURL') return keystone_client.Client(username=user, password=password, tenant_name=tenant, auth_url=ep)
def authenticate_glance_admin(self, keystone): """Authenticates admin user with glance.""" self.log.debug('Authenticating glance admin...') ep = keystone.service_catalog.url_for(service_type='image', endpoint_type='adminURL') return glance_client.Client(ep, token=keystone.auth_token)
def authenticate_heat_admin(self, keystone): """Authenticates the admin user with heat.""" self.log.debug('Authenticating heat admin...') ep = keystone.service_catalog.url_for(service_type='orchestration', endpoint_type='publicURL') return heat_client.Client(endpoint=ep, token=keystone.auth_token)
def get_cinder_client(previous_tries=0): if previous_tries > 3: return None # right now, cinderclient does not accept a previously derived token # or endpoint url. So we have to pass it creds and let it do it's own # auth each time it's called. # NOTE: (mancdaz) update when https://review.openstack.org/#/c/74602/ # lands auth_details = get_auth_details() cinder = c_client.Client('2', auth_details['OS_USERNAME'], auth_details['OS_PASSWORD'], auth_details['OS_TENANT_NAME'], auth_details['OS_AUTH_URL'], insecure=auth_details['OS_API_INSECURE'], endpoint_type=auth_details[ 'OS_ENDPOINT_TYPE']) try: # Do something just to ensure we actually have auth'd ok volumes = cinder.volumes.list() # Exceptions are only thrown when we iterate over volumes [i.id for i in volumes] except (c_exc.Unauthorized, c_exc.AuthorizationFailure) as e: cinder = get_cinder_client(previous_tries + 1) except Exception as e: status_err(str(e)) return cinder
def get_heat_client(token=None, endpoint=None, previous_tries=0): if previous_tries > 3: return None # first try to use auth details from auth_ref so we # don't need to auth with keystone every time auth_ref = get_auth_ref() auth_details = get_auth_details() keystone = get_keystone_client(auth_ref) if not token: token = keystone.auth_token if not endpoint: endpoint = get_endpoint_url_for_service('orchestration', auth_ref, get_endpoint_type( auth_details)) heat = heat_client.Client('1', endpoint=endpoint, token=token, insecure=auth_details['OS_API_INSECURE']) try: heat.build_info.build_info() except h_exc.HTTPUnauthorized: auth_ref = force_reauth() keystone = get_keystone_client(auth_ref) token = keystone.auth_token heat = get_heat_client(token, endpoint, previous_tries + 1) except h_exc.HTTPException: raise except Exception as e: status_err(str(e)) return heat
def authenticate_cinder_admin(self, keystone_sentry, username, password, tenant, api_version=2): """Authenticates admin user with cinder.""" # NOTE(beisner): cinder python client doesn't accept tokens. keystone_ip = keystone_sentry.info['public-address'] ept = "http://{}:5000/v2.0".format(keystone_ip.strip().decode('utf-8')) _clients = { 1: cinder_client.Client, 2: cinder_clientv2.Client} return _clients[api_version](username, password, tenant, ept)
def authenticate_keystone(self, keystone_ip, username, password, api_version=False, admin_port=False, user_domain_name=None, domain_name=None, project_domain_name=None, project_name=None): """Authenticate with Keystone""" self.log.debug('Authenticating with keystone...') port = 5000 if admin_port: port = 35357 base_ep = "http://{}:{}".format(keystone_ip.strip().decode('utf-8'), port) if not api_version or api_version == 2: ep = base_ep + "/v2.0" auth = v2.Password( username=username, password=password, tenant_name=project_name, auth_url=ep ) sess = keystone_session.Session(auth=auth) client = keystone_client.Client(session=sess) # This populates the client.service_catalog client.auth_ref = auth.get_access(sess) return client else: ep = base_ep + "/v3" auth = v3.Password( user_domain_name=user_domain_name, username=username, password=password, domain_name=domain_name, project_domain_name=project_domain_name, project_name=project_name, auth_url=ep ) sess = keystone_session.Session(auth=auth) client = keystone_client_v3.Client(session=sess) # This populates the client.service_catalog client.auth_ref = auth.get_access(sess) return client
def authenticate_glance_admin(self, keystone): """Authenticates admin user with glance.""" self.log.debug('Authenticating glance admin...') ep = keystone.service_catalog.url_for(service_type='image', interface='adminURL') if keystone.session: return glance_client.Client(ep, session=keystone.session) else: return glance_client.Client(ep, token=keystone.auth_token)
def authenticate_heat_admin(self, keystone): """Authenticates the admin user with heat.""" self.log.debug('Authenticating heat admin...') ep = keystone.service_catalog.url_for(service_type='orchestration', interface='publicURL') if keystone.session: return heat_client.Client(endpoint=ep, session=keystone.session) else: return heat_client.Client(endpoint=ep, token=keystone.auth_token)
