diff options
| author |   RHE <rebirthmonkey@gmail.com> | 2017-12-28 15:19:05 +0100 |
|---|---|---|
| committer | RHE <rebirthmonkey@gmail.com> | 2017-12-28 15:19:05 +0100 |
| commit | b7cf76d39eab9d292b8d58db4b0934557cad4509 (patch) | |
| tree | 556b0e617b5921ad3779b7aed3b669bb475331c6 /moon_interface | |
| parent | 9cf58823b4fa426816acfef81a562054d26afde8 (diff) | |
moonv4.3 review
Change-Id: I0d137df21136292b58194def44ac5b32183368fc
Signed-off-by: RHE <rebirthmonkey@gmail.com>
Diffstat (limited to 'moon_interface')
| -rw-r--r-- | moon_interface/Dockerfile | 8 | ||||
| -rw-r--r-- | moon_interface/Makefile | 12 | ||||
| -rw-r--r-- | moon_interface/README.md (renamed from moon_interface/README.rst) | 4 | ||||
| -rw-r--r-- | moon_interface/moon_interface/api/authz.py | 35 | ||||
| -rw-r--r-- | moon_interface/moon_interface/containers.py | 102 | ||||
| -rw-r--r-- | moon_interface/moon_interface/http_server.py | 10 | ||||
| -rw-r--r-- | moon_interface/moon_interface/server.py | 7 | ||||
| -rw-r--r-- | moon_interface/setup.py | 2 | ||||
| -rw-r--r-- | moon_interface/tools/api2rst.py | 145 | ||||
| -rw-r--r-- | moon_interface/tools/get_keystone_token.py | 71 | ||||
| -rw-r--r-- | moon_interface/tools/run.sh | 5 |
11 files changed, 12 insertions, 389 deletions
diff --git a/moon_interface/Dockerfile b/moon_interface/Dockerfile index 82160cc9..f4de15eb 100644 --- a/moon_interface/Dockerfile +++ b/moon_interface/Dockerfile @@ -1,12 +1,8 @@ -FROM ubuntu:latest - -RUN apt update && apt install python3.5 python3-pip -y -RUN pip3 install python_moonutilities python_moondb pip --upgrade +FROM python:3 ADD . /root WORKDIR /root/ -RUN pip3 install -r requirements.txt --upgrade -#RUN pip3 install /root/dist/* --upgrade +RUN pip3 install -r requirements.txt RUN pip3 install . CMD ["python3", "-m", "moon_interface"]
\ No newline at end of file diff --git a/moon_interface/Makefile b/moon_interface/Makefile deleted file mode 100644 index af91b904..00000000 --- a/moon_interface/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -all: built run - -built: - docker build -t moon_policy:16.04 . - -run: - docker run -p 8000:8000 moon_policy:16.04 - -.PHONY: clean - -clean: - find . -name "*.py" -exec echo rm {}\; diff --git a/moon_interface/README.rst b/moon_interface/README.md index ded4e99a..4c0e483d 100644 --- a/moon_interface/README.rst +++ b/moon_interface/README.md @@ -1,5 +1,5 @@ -Core module for the Moon project -================================ +# moon_interface + This package contains the core module for the Moon project It is designed to provide authorization features to all OpenStack components. diff --git a/moon_interface/moon_interface/api/authz.py b/moon_interface/moon_interface/api/authz.py index c9f4697f..a284ff3a 100644 --- a/moon_interface/moon_interface/api/authz.py +++ b/moon_interface/moon_interface/api/authz.py @@ -18,7 +18,7 @@ from moon_interface.authz_requests import AuthzRequest __version__ = "0.1.0" -LOG = logging.getLogger("moon.interface.api." + __name__) +LOG = logging.getLogger("moon.interface.api.authz." + __name__) def pdp_in_cache(cache, uuid): @@ -45,39 +45,6 @@ def pdp_in_manager(cache, uuid): return pdp_in_cache(cache, uuid) -def container_exist(cache, uuid): - """Check if a PDP exist with this Keystone Project ID in the Manager component - - :param cache: Cache to use - :param uuid: Keystone Project ID - :return: True or False - """ - for key, value in cache.containers.items(): - if "keystone_project_id" not in value: - continue - if value["keystone_project_id"] == uuid: - try: - req = requests.head("http://{}:{}/".format( - value.get("hostname"), - value.get("port")[0].get("PublicPort"))) - LOG.info("container_exist {}".format(req.status_code)) - if req.status_code in (200, 201): - return value - return - except requests.exceptions.ConnectionError: - pass - # maybe hostname is not working so trying with IP address - try: - req = requests.head("http://{}:{}/".format( - value.get("ip"), - value.get("port")[0].get("PublicPort"))) - if req.status_code in (200, 201): - return value - return - except requests.exceptions.ConnectionError: - return - - def create_authz_request(cache, interface_name, manager_url, uuid, subject_name, object_name, action_name): """Create the authorization request and make the first call to the Authz function diff --git a/moon_interface/moon_interface/containers.py b/moon_interface/moon_interface/containers.py deleted file mode 100644 index 4f93d742..00000000 --- a/moon_interface/moon_interface/containers.py +++ /dev/null @@ -1,102 +0,0 @@ -# Copyright 2017 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -import docker -import logging -import re -import requests -import time -from python_moonutilities import configuration, exceptions - -__version__ = "0.1.0" - -LOG = logging.getLogger("moon.interface.container") - - -class DockerManager: - - def __init__(self): - docker_conf = configuration.get_configuration("docker")['docker'] - self.docker = docker.DockerClient(base_url=docker_conf['url']) - - def create_container(self, data): - """Create the container through the docker client - - :param data: { - "name": "authz", - "hostname": "authz123456789", - "port": { - "PrivatePort": 8090, - "Type": "tcp", - "IP": "0.0.0.0", - "PublicPort": 8090 - }, - "keystone_project_id": "keystone_project_id1", - "pdp_id": "123456789", - "container_name": "wukongsun/moon_authz:v4.1" - } - :return: container output - """ - output = self.docker.containers.run( - image=data.get("container_name"), - hostname=data.get("hostname", data.get("name"))[:63], - name=data.get("name"), - network='moon', - ports={'{}/{}'.format( - data.get("port").get("PrivatePort"), - data.get("port").get("Type") - ): int(data.get("port").get("PrivatePort"))}, - environment={ - "UUID": data.get("hostname"), - "BIND": data.get("port").get("IP"), - "TYPE": data.get("plugin_name"), - "PORT": data.get("port").get("PrivatePort"), - "PDP_ID": data.get("pdp_id"), - "META_RULE_ID": data.get("meta_rule_id"), - "KEYSTONE_PROJECT_ID": data.get("keystone_project_id"), - }, - detach=True - ) - try: - req = requests.head("http://{}:{}/".format(data.get("hostname"), data.get("port").get("PublicPort"))) - except requests.exceptions.ConnectionError: - pass - else: - if req.status_code != 200: - raise exceptions.DockerError("Container {} is not running!".format(data.get("hostname"))) - output.ip = "0.0.0.0" - return output - - # Note: host is not reachable through hostname so trying to find th IP address - res = output.exec_run("ip addr") - find = re.findall("inet (\d+\.\d+\.\d+\.\d+)", res.decode("utf-8")) - ip = "127.0.0.1" - for ip in find: - if ip.startswith("127"): - continue - break - cpt = 0 - while True: - try: - req = requests.head("http://{}:{}/".format(ip, data.get("port").get("PublicPort"))) - except requests.exceptions.ConnectionError: - pass - else: - if req.status_code not in (200, 201): - LOG.error("url={}".format("http://{}:{}/".format(ip, data.get("port").get("PublicPort")))) - LOG.error("req={}".format(req)) - raise exceptions.DockerError("Container {} is not running!".format(data.get("hostname"))) - output.ip = ip - return output - finally: - cpt += 1 - time.sleep(0.1) - if cpt > 20: - break - output.ip = ip - return output - - def delete_container(self, uuid): - raise NotImplementedError diff --git a/moon_interface/moon_interface/http_server.py b/moon_interface/moon_interface/http_server.py index 890bb82f..72576f6c 100644 --- a/moon_interface/moon_interface/http_server.py +++ b/moon_interface/moon_interface/http_server.py @@ -15,6 +15,10 @@ from python_moonutilities import configuration, exceptions logger = logging.getLogger("moon.interface.http") +__API__ = ( + Status, Logs, API + ) + class Server: """Base class for HTTP server""" @@ -59,10 +63,6 @@ class Server: def run(self): raise NotImplementedError() -__API__ = ( - Status, Logs, API - ) - class Root(Resource): """ @@ -132,5 +132,3 @@ class HTTPServer(Server): def run(self): self.app.run(host=self._host, port=self._port) # nosec - # self.app.run(debug=True, host=self._host, port=self._port) # nosec - diff --git a/moon_interface/moon_interface/server.py b/moon_interface/moon_interface/server.py index e53b4504..8b53d7f3 100644 --- a/moon_interface/moon_interface/server.py +++ b/moon_interface/moon_interface/server.py @@ -7,7 +7,7 @@ import logging from python_moonutilities import configuration, exceptions from moon_interface.http_server import HTTPServer -LOG = logging.getLogger("moon.interface") +LOG = logging.getLogger("moon.interface.server") def main(): @@ -23,10 +23,7 @@ def main(): port = 80 configuration.add_component(uuid="interface", name=hostname, port=port, bind=bind) LOG.info("Starting server with IP {} on port {} bind to {}".format(hostname, port, bind)) - server = HTTPServer(host=bind, port=port) - # LOG.info("Starting server") - # server = HTTPServer(host="0.0.0.0", port=8081) - return server + return HTTPServer(host=bind, port=port) if __name__ == '__main__': diff --git a/moon_interface/setup.py b/moon_interface/setup.py index 3460c991..db15ff54 100644 --- a/moon_interface/setup.py +++ b/moon_interface/setup.py @@ -21,7 +21,7 @@ setup( description="", - long_description=open('README.rst').read(), + long_description=open('README.md').read(), # install_requires= , diff --git a/moon_interface/tools/api2rst.py b/moon_interface/tools/api2rst.py deleted file mode 100644 index 6d407bdf..00000000 --- a/moon_interface/tools/api2rst.py +++ /dev/null @@ -1,145 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. - -import os -import sys -import requests -import logging -import time -import json - -os.unsetenv("http_proxy") -logging.basicConfig(level=logging.INFO) -logger = logging.getLogger(__name__) - -HOST = "172.18.0.11" -PORT = 38001 -COMPONENT = sys.argv[2] if len(sys.argv) > 1 else "Interface" -FILENAME = sys.argv[2] if len(sys.argv) > 2 else "api.rst" -CURRENT_TIME = time.strftime("%Y/%m/%d %H:%M:%S %Z") -REVISION = time.strftime("%Y%m%d_%H%M%S_%Z") -AUTHOR = "Thomas Duval <thomas.duval@orange.com>" - -logger.info("Writing to {}".format(FILENAME)) - -toc = ( - "generic", - "models", - "policies", - "pdp", - "meta_rules", - "meta_data", - "perimeter", - "data", - "assignments", - "rules", - "authz", -) - - -def get_api_list(): - url = "http://{}:{}/api".format(HOST, PORT) - cnx = requests.get(url) - try: - return cnx.json() - except json.decoder.JSONDecodeError: - logger.error("Error decoding JSON on {}\n{}".format(url, cnx.content)) - sys.exit(1) - - -def analyse_description(desc): - result = "" - if not desc: - return "No description" - for line in desc.splitlines(): - if line.strip().startswith(":"): - if ":request body:" in line: - result += ":request body:\n\n.. code-block:: json\n\n" - result += line.replace(":request body: ", "") + "\n\n" - elif ":return:" in line: - result += ":return:\n\n.. code-block:: json\n\n" - result += line.replace(":return: ", "") + "\n" - else: - result += line.strip() + "\n\n" - else: - result += line + "\n" - return result - - -def filter_and_sort(list_group_api): - results = list() - keys = list_group_api.keys() - for element in toc: - if element in keys: - results.append(element) - for element in keys: - if element not in results: - results.append(element) - return results - - -def main(): - list_group_api = get_api_list() - - _toc = filter_and_sort(list_group_api) - - file_desc = open(FILENAME, "w") - length_of_title = len("Moon {component} API".format(component=COMPONENT)) - file_desc.write(HEADERS.format( - component=COMPONENT, - date=CURRENT_TIME, - revision=REVISION, - title_headers="="*length_of_title, - author=AUTHOR - )) - - for key in _toc: - logger.info(key) - file_desc.write("{}\n".format(key)) - file_desc.write("{}\n\n".format("="*len(key))) - if "description" in list_group_api[key]: - file_desc.write("{}\n\n".format(list_group_api[key]["description"])) - version = "unknown" - logger.debug(list_group_api.keys()) - if "version" in list_group_api[key]: - version = list_group_api[key]["version"] - file_desc.write("Version: {}\n\n".format(version)) - for api in list_group_api[key]: - logger.info("\t{}".format(api)) - if api in ("description", "version"): - continue - file_desc.write("{}\n".format(api)) - file_desc.write("{}\n\n".format("-" * len(api))) - - file_desc.write("{}\n\n".format(list_group_api[key][api]["description"])) - - file_desc.write("URLs are:\n\n") - for _url in list_group_api[key][api]["urls"]: - file_desc.write("* {}\n".format(_url)) - - file_desc.write("\nMethods are:\n\n") - for _method in list_group_api[key][api]["methods"]: - file_desc.write("→ {}\n".format(_method)) - file_desc.write("{}\n\n".format("~"*(len(_method) + 2))) - file_desc.write("{}\n\n".format(analyse_description(list_group_api[key][api]["methods"][_method]))) - -HEADERS = """{title_headers} -Moon {component} API -{title_headers} - -:Info: See <https://git.opnfv.org/cgit/moon/> for code. -:Author: {author} -:Date: {date} -:Revision: $Revision: {revision} $ -:Description: List of the API served by the Moon {component} component - -This document list all of the API connectors served by the Moon {component} component -Here are Moon API with some examples of posted data and returned data. -All requests must be prefixed with the host and port, for example: http://localhost:38001/authz/123456789/123456789/servers/list - -""" - -if __name__ == "__main__": - main() diff --git a/moon_interface/tools/get_keystone_token.py b/moon_interface/tools/get_keystone_token.py deleted file mode 100644 index 1856aab8..00000000 --- a/moon_interface/tools/get_keystone_token.py +++ /dev/null @@ -1,71 +0,0 @@ -import requests -from oslo_config import cfg -from oslo_log import log as logging -from python_moonutilities import exceptions - -CONF = cfg.CONF -LOG = logging.getLogger(__name__) - - -def login(user=None, password=None, domain=None, project=None, url=None): - print("""Configuration: - user: {user} - domain: {domain} - project: {project} - url: {url}""".format( - user=CONF.keystone.user, - domain=CONF.keystone.domain, - project=CONF.keystone.project, - url=CONF.keystone.url, - )) - if not user: - user = CONF.keystone.user - if not password: - password = CONF.keystone.password - if not domain: - domain = CONF.keystone.domain - if not project: - project = CONF.keystone.project - if not url: - url = CONF.keystone.url - headers = { - "Content-Type": "application/json" - } - data_auth = { - "auth": { - "identity": { - "methods": [ - "password" - ], - "password": { - "user": { - "domain": { - "id": domain - }, - "name": user, - "password": password - } - } - }, - "scope": { - "project": { - "domain": { - "id": domain - }, - "name": project - } - } - } - } - - req = requests.post("{}/auth/tokens".format(url), - json=data_auth, headers=headers, - verify=False) - - if req.status_code not in (200, 201): - LOG.error(req.text) - raise exceptions.KeystoneError - headers['X-Auth-Token'] = req.headers['X-Subject-Token'] - return headers - -print(login()['X-Auth-Token']) diff --git a/moon_interface/tools/run.sh b/moon_interface/tools/run.sh deleted file mode 100644 index d1db1f00..00000000 --- a/moon_interface/tools/run.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/env bash - -http_proxy= /usr/bin/python3 /home/vdsq3226/projets/opnfv/opnfv-moon/moon_interface/tools/api2rst.py -pandoc api.rst --toc -o api.pdf -evince api.pdf |