diff options
Diffstat (limited to 'sdnvpn/lib/openstack_utils.py')
-rw-r--r-- | sdnvpn/lib/openstack_utils.py | 1455 |
1 files changed, 1455 insertions, 0 deletions
diff --git a/sdnvpn/lib/openstack_utils.py b/sdnvpn/lib/openstack_utils.py new file mode 100644 index 0000000..5fc1e49 --- /dev/null +++ b/sdnvpn/lib/openstack_utils.py @@ -0,0 +1,1455 @@ +#!/usr/bin/env python +# +# jose.lausuch@ericsson.com +# valentin.boucher@orange.com +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +# + +import base64 +import logging +import os.path +import shutil +import sys +import time +import urllib + +from keystoneauth1 import loading +from keystoneauth1 import session +from keystoneclient import client as keystoneclient +from neutronclient.neutron import client as neutronclient +from openstack import connection +from openstack import cloud as os_cloud +from openstack.exceptions import ResourceNotFound + +from functest.utils import env + +logger = logging.getLogger(__name__) + +DEFAULT_API_VERSION = '2' + + +# ********************************************* +# CREDENTIALS +# ********************************************* +class MissingEnvVar(Exception): + + def __init__(self, var): + self.var = var + + def __str__(self): + return str.format("Please set the mandatory env var: {}", self.var) + + +def get_os_connection(): + return connection.from_config() + + +def get_os_cloud(): + return os_cloud.openstack_cloud() + + +def is_keystone_v3(): + keystone_api_version = os.getenv('OS_IDENTITY_API_VERSION') + if (keystone_api_version is None or + keystone_api_version == '2'): + return False + else: + return True + + +def get_rc_env_vars(): + env_vars = ['OS_AUTH_URL', 'OS_USERNAME', 'OS_PASSWORD'] + if is_keystone_v3(): + env_vars.extend(['OS_PROJECT_NAME', + 'OS_USER_DOMAIN_NAME', + 'OS_PROJECT_DOMAIN_NAME']) + else: + env_vars.extend(['OS_TENANT_NAME']) + return env_vars + + +def check_credentials(): + """ + Check if the OpenStack credentials (openrc) are sourced + """ + env_vars = get_rc_env_vars() + return all(map(lambda v: v in os.environ and os.environ[v], env_vars)) + + +def get_env_cred_dict(): + env_cred_dict = { + 'OS_USERNAME': 'username', + 'OS_PASSWORD': 'password', + 'OS_AUTH_URL': 'auth_url', + 'OS_TENANT_NAME': 'tenant_name', + 'OS_USER_DOMAIN_NAME': 'user_domain_name', + 'OS_PROJECT_DOMAIN_NAME': 'project_domain_name', + 'OS_PROJECT_NAME': 'project_name', + 'OS_ENDPOINT_TYPE': 'endpoint_type', + 'OS_REGION_NAME': 'region_name', + 'OS_CACERT': 'https_cacert', + 'OS_INSECURE': 'https_insecure' + } + return env_cred_dict + + +def get_credentials(other_creds={}): + """Returns a creds dictionary filled with parsed from env + """ + creds = {} + env_vars = get_rc_env_vars() + env_cred_dict = get_env_cred_dict() + + for envvar in env_vars: + if os.getenv(envvar) is None: + raise MissingEnvVar(envvar) + else: + creds_key = env_cred_dict.get(envvar) + creds.update({creds_key: os.getenv(envvar)}) + + if 'tenant' in other_creds.keys(): + if is_keystone_v3(): + tenant = 'project_name' + else: + tenant = 'tenant_name' + other_creds[tenant] = other_creds.pop('tenant') + + creds.update(other_creds) + + return creds + + +def get_session_auth(other_creds={}): + loader = loading.get_plugin_loader('password') + creds = get_credentials(other_creds) + auth = loader.load_from_options(**creds) + return auth + + +def get_endpoint(service_type, interface='public'): + auth = get_session_auth() + return get_session().get_endpoint(auth=auth, + service_type=service_type, + interface=interface) + + +def get_session(other_creds={}): + auth = get_session_auth(other_creds) + https_cacert = os.getenv('OS_CACERT', '') + https_insecure = os.getenv('OS_INSECURE', '').lower() == 'true' + return session.Session(auth=auth, + verify=(https_cacert or not https_insecure)) + + +# ********************************************* +# CLIENTS +# ********************************************* +def get_keystone_client_version(): + api_version = os.getenv('OS_IDENTITY_API_VERSION') + if api_version is not None: + logger.info("OS_IDENTITY_API_VERSION is set in env as '%s'", + api_version) + return api_version + return DEFAULT_API_VERSION + + +def get_keystone_client(other_creds={}): + sess = get_session(other_creds) + return keystoneclient.Client(get_keystone_client_version(), + session=sess, + interface=os.getenv('OS_INTERFACE', 'admin')) + + +def get_neutron_client_version(): + api_version = os.getenv('OS_NETWORK_API_VERSION') + if api_version is not None: + logger.info("OS_NETWORK_API_VERSION is set in env as '%s'", + api_version) + return api_version + return DEFAULT_API_VERSION + + +def get_neutron_client(other_creds={}): + sess = get_session(other_creds) + return neutronclient.Client(get_neutron_client_version(), session=sess) + + +def download_url(url, dest_path): + """ + Download a file to a destination path given a URL + """ + name = url.rsplit('/')[-1] + dest = dest_path + "/" + name + try: + response = urllib.urlopen(url) + except Exception: + return False + + with open(dest, 'wb') as lfile: + shutil.copyfileobj(response, lfile) + return True + + +def download_and_add_image_on_glance(conn, image_name, image_url, data_dir): + try: + dest_path = data_dir + if not os.path.exists(dest_path): + os.makedirs(dest_path) + file_name = image_url.rsplit('/')[-1] + if not download_url(image_url, dest_path): + return False + except Exception: + raise Exception("Impossible to download image from {}".format( + image_url)) + + try: + image = create_glance_image( + conn, image_name, dest_path + file_name) + if not image: + return False + else: + return image + except Exception: + raise Exception("Impossible to put image {} in glance".format( + image_name)) + + +# ********************************************* +# NOVA +# ********************************************* +def get_instances(conn): + try: + instances = conn.compute.servers(all_tenants=1) + return instances + except Exception as e: + logger.error("Error [get_instances(compute)]: %s" % e) + return None + + +def get_instance_status(conn, instance): + try: + instance = conn.compute.get_server(instance.id) + return instance.status + except Exception as e: + logger.error("Error [get_instance_status(compute)]: %s" % e) + return None + + +def get_instance_by_name(conn, instance_name): + try: + instance = conn.compute.find_server(instance_name, + ignore_missing=False) + return instance + except Exception as e: + logger.error("Error [get_instance_by_name(compute, '%s')]: %s" + % (instance_name, e)) + return None + + +def get_flavor_id(conn, flavor_name): + flavors = conn.compute.flavors() + id = '' + for f in flavors: + if f.name == flavor_name: + id = f.id + break + return id + + +def get_flavor_id_by_ram_range(conn, min_ram, max_ram): + flavors = conn.compute.flavors() + id = '' + for f in flavors: + if min_ram <= f.ram and f.ram <= max_ram: + id = f.id + break + return id + + +def get_aggregates(cloud): + try: + aggregates = cloud.list_aggregates() + return aggregates + except Exception as e: + logger.error("Error [get_aggregates(compute)]: %s" % e) + return None + + +def get_aggregate_id(cloud, aggregate_name): + try: + aggregates = get_aggregates(cloud) + _id = [ag.id for ag in aggregates if ag.name == aggregate_name][0] + return _id + except Exception as e: + logger.error("Error [get_aggregate_id(compute, %s)]:" + " %s" % (aggregate_name, e)) + return None + + +def get_availability_zones(conn): + try: + availability_zones = conn.compute.availability_zones() + return availability_zones + except Exception as e: + logger.error("Error [get_availability_zones(compute)]: %s" % e) + return None + + +def get_availability_zone_names(conn): + try: + az_names = [az.zoneName for az in get_availability_zones(conn)] + return az_names + except Exception as e: + logger.error("Error [get_availability_zone_names(compute)]:" + " %s" % e) + return None + + +def create_flavor(conn, flavor_name, ram, disk, vcpus, public=True): + try: + flavor = conn.compute.create_flavor( + name=flavor_name, ram=ram, disk=disk, vcpus=vcpus, + is_public=public) + except Exception as e: + logger.error("Error [create_flavor(compute, '%s', '%s', '%s', " + "'%s')]: %s" % (flavor_name, ram, disk, vcpus, e)) + return None + return flavor.id + + +def get_or_create_flavor(flavor_name, ram, disk, vcpus, public=True): + flavor_exists = False + conn = get_os_connection() + + flavor_id = get_flavor_id(conn, flavor_name) + if flavor_id != '': + logger.info("Using existing flavor '%s'..." % flavor_name) + flavor_exists = True + else: + logger.info("Creating flavor '%s' with '%s' RAM, '%s' disk size, " + "'%s' vcpus..." % (flavor_name, ram, disk, vcpus)) + flavor_id = create_flavor( + conn, flavor_name, ram, disk, vcpus, public=public) + if not flavor_id: + raise Exception("Failed to create flavor '%s'..." % (flavor_name)) + else: + logger.debug("Flavor '%s' with ID=%s created successfully." + % (flavor_name, flavor_id)) + + return flavor_exists, flavor_id + + +def get_floating_ips(conn): + try: + floating_ips = conn.network.ips() + return floating_ips + except Exception as e: + logger.error("Error [get_floating_ips(network)]: %s" % e) + return None + + +def get_hypervisors(conn): + try: + nodes = [] + hypervisors = conn.compute.hypervisors() + for hypervisor in hypervisors: + if hypervisor.state == "up": + nodes.append(hypervisor.name) + return nodes + except Exception as e: + logger.error("Error [get_hypervisors(compute)]: %s" % e) + return None + + +def create_aggregate(cloud, aggregate_name, av_zone): + try: + cloud.create_aggregate(aggregate_name, av_zone) + return True + except Exception as e: + logger.error("Error [create_aggregate(compute, %s, %s)]: %s" + % (aggregate_name, av_zone, e)) + return None + + +def add_host_to_aggregate(cloud, aggregate_name, compute_host): + try: + aggregate_id = get_aggregate_id(cloud, aggregate_name) + cloud.add_host_to_aggregate(aggregate_id, compute_host) + return True + except Exception as e: + logger.error("Error [add_host_to_aggregate(compute, %s, %s)]: %s" + % (aggregate_name, compute_host, e)) + return None + + +def create_aggregate_with_host( + cloud, aggregate_name, av_zone, compute_host): + try: + create_aggregate(cloud, aggregate_name, av_zone) + add_host_to_aggregate(cloud, aggregate_name, compute_host) + return True + except Exception as e: + logger.error("Error [create_aggregate_with_host(" + "compute, %s, %s, %s)]: %s" + % (aggregate_name, av_zone, compute_host, e)) + return None + + +def create_instance(flavor_name, + image_id, + network_id, + instance_name="functest-vm", + confdrive=True, + userdata=None, + av_zone=None, + fixed_ip=None, + files=[]): + conn = get_os_connection() + try: + flavor = conn.compute.find_flavor(flavor_name, ignore_missing=False) + except Exception: + flavors = [flavor.name for flavor in conn.compute.flavors()] + logger.error("Error: Flavor '%s' not found. Available flavors are: " + "\n%s" % (flavor_name, flavors)) + return None + if fixed_ip is not None: + networks = {"uuid": network_id, "fixed_ip": fixed_ip} + else: + networks = {"uuid": network_id} + + server_attrs = { + 'name': instance_name, + 'flavor_id': flavor.id, + 'image_id': image_id, + 'networks': [networks], + 'personality': files + } + if userdata is not None: + server_attrs['config_drive'] = confdrive + server_attrs['user_data'] = base64.b64encode(userdata.encode()) + if av_zone is not None: + server_attrs['availability_zone'] = av_zone + + instance = conn.compute.create_server(**server_attrs) + return instance + + +def create_instance_and_wait_for_active(flavor_name, + image_id, + network_id, + instance_name="", + config_drive=False, + userdata="", + av_zone=None, + fixed_ip=None, + files=[]): + SLEEP = 3 + VM_BOOT_TIMEOUT = 180 + conn = get_os_connection() + instance = create_instance(flavor_name, + image_id, + network_id, + instance_name, + config_drive, + userdata, + av_zone=av_zone, + fixed_ip=fixed_ip, + files=files) + count = VM_BOOT_TIMEOUT / SLEEP + for n in range(count, -1, -1): + status = get_instance_status(conn, instance) + if status is None: + time.sleep(SLEEP) + continue + elif status.lower() == "active": + return instance + elif status.lower() == "error": + logger.error("The instance %s went to ERROR status." + % instance_name) + return None + time.sleep(SLEEP) + logger.error("Timeout booting the instance %s." % instance_name) + return None + + +def create_floating_ip(conn): + extnet_id = get_external_net_id(conn) + try: + fip = conn.network.create_ip(floating_network_id=extnet_id) + fip_addr = fip.floating_ip_address + fip_id = fip.id + except Exception as e: + logger.error("Error [create_floating_ip(network)]: %s" % e) + return None + return {'fip_addr': fip_addr, 'fip_id': fip_id} + + +def attach_floating_ip(conn, port_id): + extnet_id = get_external_net_id(conn) + try: + return conn.network.create_ip(floating_network_id=extnet_id, + port_id=port_id) + except Exception as e: + logger.error("Error [Attach_floating_ip(network), %s]: %s" + % (port_id, e)) + return None + + +def add_floating_ip(conn, server_id, floatingip_addr): + try: + conn.compute.add_floating_ip_to_server(server_id, floatingip_addr) + return True + except Exception as e: + logger.error("Error [add_floating_ip(compute, '%s', '%s')]: %s" + % (server_id, floatingip_addr, e)) + return False + + +def delete_instance(conn, instance_id): + try: + conn.compute.delete_server(instance_id, force=True) + return True + except Exception as e: + logger.error("Error [delete_instance(compute, '%s')]: %s" + % (instance_id, e)) + return False + + +def delete_floating_ip(conn, floatingip_id): + try: + conn.network.delete_ip(floatingip_id) + return True + except Exception as e: + logger.error("Error [delete_floating_ip(network, '%s')]: %s" + % (floatingip_id, e)) + return False + + +def remove_host_from_aggregate(cloud, aggregate_name, compute_host): + try: + aggregate_id = get_aggregate_id(cloud, aggregate_name) + cloud.remove_host_from_aggregate(aggregate_id, compute_host) + return True + except Exception as e: + logger.error("Error [remove_host_from_aggregate(compute, %s, %s)]:" + " %s" % (aggregate_name, compute_host, e)) + return False + + +def remove_hosts_from_aggregate(cloud, aggregate_name): + aggregate_id = get_aggregate_id(cloud, aggregate_name) + hosts = cloud.get_aggregate(aggregate_id).hosts + assert( + all(remove_host_from_aggregate(cloud, aggregate_name, host) + for host in hosts)) + + +def delete_aggregate(cloud, aggregate_name): + try: + remove_hosts_from_aggregate(cloud, aggregate_name) + cloud.delete_aggregate(aggregate_name) + return True + except Exception as e: + logger.error("Error [delete_aggregate(compute, %s)]: %s" + % (aggregate_name, e)) + return False + + +# ********************************************* +# NEUTRON +# ********************************************* +def get_network_list(conn): + return conn.network.networks() + + +def get_router_list(conn): + return conn.network.routers() + + +def get_port_list(conn): + return conn.network.ports() + + +def get_network_id(conn, network_name): + networks = conn.network.networks() + id = '' + for n in networks: + if n.name == network_name: + id = n.id + break + return id + + +def get_subnet_id(conn, subnet_name): + subnets = conn.network.subnets() + id = '' + for s in subnets: + if s.name == subnet_name: + id = s.id + break + return id + + +def get_router_id(conn, router_name): + routers = conn.network.routers() + id = '' + for r in routers: + if r.name == router_name: + id = r.id + break + return id + + +def get_private_net(conn): + # Checks if there is an existing shared private network + networks = conn.network.networks() + for net in networks: + if (net.is_router_external is False) and (net.is_shared is True): + return net + return None + + +def get_external_net(conn): + if (env.get('EXTERNAL_NETWORK')): + return env.get('EXTERNAL_NETWORK') + for network in conn.network.networks(): + if network.is_router_external: + return network.name + return None + + +def get_external_net_id(conn): + if (env.get('EXTERNAL_NETWORK')): + networks = conn.network.networks(name=env.get('EXTERNAL_NETWORK')) + net_id = networks.next().id + return net_id + for network in conn.network.networks(): + if network.is_router_external: + return network.id + return None + + +def check_neutron_net(conn, net_name): + for network in conn.network.networks(): + if network.name == net_name: + for subnet in network.subnet_ids: + return True + return False + + +def create_neutron_net(conn, name): + try: + network = conn.network.create_network(name=name) + return network.id + except Exception as e: + logger.error("Error [create_neutron_net(network, '%s')]: %s" + % (name, e)) + return None + + +def create_neutron_subnet(conn, name, cidr, net_id, + dns=['8.8.8.8', '8.8.4.4']): + try: + subnet = conn.network.create_subnet(name=name, + cidr=cidr, + ip_version='4', + network_id=net_id, + dns_nameservers=dns) + return subnet.id + except Exception as e: + logger.error("Error [create_neutron_subnet(network, '%s', " + "'%s', '%s')]: %s" % (name, cidr, net_id, e)) + return None + + +def create_neutron_router(conn, name): + try: + router = conn.network.create_router(name=name) + return router.id + except Exception as e: + logger.error("Error [create_neutron_router(network, '%s')]: %s" + % (name, e)) + return None + + +def create_neutron_port(conn, name, network_id, ip): + try: + port = conn.network.create_port(name=name, + network_id=network_id, + fixed_ips=[{'ip_address': ip}]) + return port.id + except Exception as e: + logger.error("Error [create_neutron_port(network, '%s', '%s', " + "'%s')]: %s" % (name, network_id, ip, e)) + return None + + +def update_neutron_net(conn, network_id, shared=False): + try: + conn.network.update_network(network_id, is_shared=shared) + return True + except Exception as e: + logger.error("Error [update_neutron_net(network, '%s', '%s')]: " + "%s" % (network_id, str(shared), e)) + return False + + +def update_neutron_port(conn, port_id, device_owner): + try: + port = conn.network.update_port(port_id, device_owner=device_owner) + return port.id + except Exception as e: + logger.error("Error [update_neutron_port(network, '%s', '%s')]:" + " %s" % (port_id, device_owner, e)) + return None + + +def add_interface_router(conn, router_id, subnet_id): + try: + conn.network.add_interface_to_router(router_id, subnet_id=subnet_id) + return True + except Exception as e: + logger.error("Error [add_interface_router(network, '%s', " + "'%s')]: %s" % (router_id, subnet_id, e)) + return False + + +def add_gateway_router(conn, router_id): + ext_net_id = get_external_net_id(conn) + router_dict = {'network_id': ext_net_id} + try: + conn.network.update_router(router_id, + external_gateway_info=router_dict) + return True + except Exception as e: + logger.error("Error [add_gateway_router(network, '%s')]: %s" + % (router_id, e)) + return False + + +def delete_neutron_net(conn, network_id): + try: + conn.network.delete_network(network_id, ignore_missing=False) + return True + except Exception as e: + logger.error("Error [delete_neutron_net(network, '%s')]: %s" + % (network_id, e)) + return False + + +def delete_neutron_subnet(conn, subnet_id): + try: + conn.network.delete_subnet(subnet_id, ignore_missing=False) + return True + except Exception as e: + logger.error("Error [delete_neutron_subnet(network, '%s')]: %s" + % (subnet_id, e)) + return False + + +def delete_neutron_router(conn, router_id): + try: + conn.network.delete_router(router_id, ignore_missing=False) + return True + except Exception as e: + logger.error("Error [delete_neutron_router(network, '%s')]: %s" + % (router_id, e)) + return False + + +def delete_neutron_port(conn, port_id): + try: + conn.network.delete_port(port_id, ignore_missing=False) + return True + except Exception as e: + logger.error("Error [delete_neutron_port(network, '%s')]: %s" + % (port_id, e)) + return False + + +def remove_interface_router(conn, router_id, subnet_id): + try: + conn.network.remove_interface_from_router(router_id, + subnet_id=subnet_id) + return True + except Exception as e: + logger.error("Error [remove_interface_router(network, '%s', " + "'%s')]: %s" % (router_id, subnet_id, e)) + return False + + +def remove_gateway_router(conn, router_id): + try: + conn.network.update_router(router_id, external_gateway_info=None) + return True + except Exception as e: + logger.error("Error [remove_gateway_router(network, '%s')]: %s" + % (router_id, e)) + return False + + +def create_network_full(conn, + net_name, + subnet_name, + router_name, + cidr, + dns=['8.8.8.8', '8.8.4.4']): + + # Check if the network already exists + network_id = get_network_id(conn, net_name) + subnet_id = get_subnet_id(conn, subnet_name) + router_id = get_router_id(conn, router_name) + + if network_id != '' and subnet_id != '' and router_id != '': + logger.info("A network with name '%s' already exists..." % net_name) + else: + logger.info('Creating neutron network %s...' % net_name) + if network_id == '': + network_id = create_neutron_net(conn, net_name) + if not network_id: + return False + logger.debug("Network '%s' created successfully" % network_id) + + logger.debug('Creating Subnet....') + if subnet_id == '': + subnet_id = create_neutron_subnet(conn, subnet_name, cidr, + network_id, dns) + if not subnet_id: + return None + logger.debug("Subnet '%s' created successfully" % subnet_id) + + logger.debug('Creating Router...') + if router_id == '': + router_id = create_neutron_router(conn, router_name) + if not router_id: + return None + logger.debug("Router '%s' created successfully" % router_id) + + logger.debug('Adding router to subnet...') + + if not add_interface_router(conn, router_id, subnet_id): + return None + logger.debug("Interface added successfully.") + + logger.debug('Adding gateway to router...') + if not add_gateway_router(conn, router_id): + return None + logger.debug("Gateway added successfully.") + + network_dic = {'net_id': network_id, + 'subnet_id': subnet_id, + 'router_id': router_id} + return network_dic + + +def create_shared_network_full(net_name, subnt_name, router_name, subnet_cidr): + conn = get_os_connection() + + network_dic = create_network_full(conn, + net_name, + subnt_name, + router_name, + subnet_cidr) + if network_dic: + if not update_neutron_net(conn, + network_dic['net_id'], + shared=True): + logger.error("Failed to update network %s..." % net_name) + return None + else: + logger.debug("Network '%s' is available..." % net_name) + else: + logger.error("Network %s creation failed" % net_name) + return None + return network_dic + + +# ********************************************* +# SEC GROUPS +# ********************************************* + + +def get_security_groups(conn): + return conn.network.security_groups() + + +def get_security_group_id(conn, sg_name): + security_groups = get_security_groups(conn) + id = '' + for sg in security_groups: + if sg.name == sg_name: + id = sg.id + break + return id + + +def create_security_group(conn, sg_name, sg_description): + try: + secgroup = conn.network.\ + create_security_group(name=sg_name, description=sg_description) + return secgroup + except Exception as e: + logger.error("Error [create_security_group(network, '%s', " + "'%s')]: %s" % (sg_name, sg_description, e)) + return None + + +def create_secgroup_rule(conn, sg_id, direction, protocol, + port_range_min=None, port_range_max=None): + # We create a security group in 2 steps + # 1 - we check the format and set the secgroup rule attributes accordingly + # 2 - we call openstacksdk to create the security group + + # Format check + secgroup_rule_attrs = {'direction': direction, + 'security_group_id': sg_id, + 'protocol': protocol} + # parameters may be + # - both None => we do nothing + # - both Not None => we add them to the secgroup rule attributes + # but one cannot be None is the other is not None + if (port_range_min is not None and port_range_max is not None): + # add port_range in secgroup rule attributes + secgroup_rule_attrs['port_range_min'] = port_range_min + secgroup_rule_attrs['port_range_max'] = port_range_max + logger.debug("Security_group format set (port range included)") + else: + # either both port range are set to None => do nothing + # or one is set but not the other => log it and return False + if port_range_min is None and port_range_max is None: + logger.debug("Security_group format set (no port range mentioned)") + else: + logger.error("Bad security group format." + "One of the port range is not properly set:" + "range min: {}," + "range max: {}".format(port_range_min, + port_range_max)) + return False + + # Create security group using neutron client + try: + conn.network.create_security_group_rule(**secgroup_rule_attrs) + return True + except Exception: + logger.exception("Impossible to create_security_group_rule," + "security group rule probably already exists") + return False + + +def get_security_group_rules(conn, sg_id): + try: + security_rules = conn.network.security_group_rules() + security_rules = [rule for rule in security_rules + if rule.security_group_id == sg_id] + return security_rules + except Exception as e: + logger.error("Error [get_security_group_rules(network, sg_id)]:" + " %s" % e) + return None + + +def check_security_group_rules(conn, sg_id, direction, protocol, + port_min=None, port_max=None): + try: + security_rules = get_security_group_rules(conn, sg_id) + security_rules = [rule for rule in security_rules + if (rule.direction.lower() == direction and + rule.protocol.lower() == protocol and + rule.port_range_min == port_min and + rule.port_range_max == port_max)] + if len(security_rules) == 0: + return True + else: + return False + except Exception as e: + logger.error("Error [check_security_group_rules(" + " network, sg_id, direction," + " protocol, port_min=None, port_max=None)]: " + "%s" % e) + return None + + +def create_security_group_full(conn, + sg_name, sg_description): + sg_id = get_security_group_id(conn, sg_name) + if sg_id != '': + logger.info("Using existing security group '%s'..." % sg_name) + else: + logger.info("Creating security group '%s'..." % sg_name) + SECGROUP = create_security_group(conn, + sg_name, + sg_description) + if not SECGROUP: + logger.error("Failed to create the security group...") + return None + + sg_id = SECGROUP.id + + logger.debug("Security group '%s' with ID=%s created successfully." + % (SECGROUP.name, sg_id)) + + logger.debug("Adding ICMP rules in security group '%s'..." + % sg_name) + if not create_secgroup_rule(conn, sg_id, + 'ingress', 'icmp'): + logger.error("Failed to create the security group rule...") + return None + + logger.debug("Adding SSH rules in security group '%s'..." + % sg_name) + if not create_secgroup_rule( + conn, sg_id, 'ingress', 'tcp', '22', '22'): + logger.error("Failed to create the security group rule...") + return None + + if not create_secgroup_rule( + conn, sg_id, 'egress', 'tcp', '22', '22'): + logger.error("Failed to create the security group rule...") + return None + return sg_id + + +def add_secgroup_to_instance(conn, instance_id, secgroup_id): + try: + conn.compute.add_security_group_to_server(instance_id, secgroup_id) + return True + except Exception as e: + logger.error("Error [add_secgroup_to_instance(compute, '%s', " + "'%s')]: %s" % (instance_id, secgroup_id, e)) + return False + + +def update_sg_quota(conn, tenant_id, sg_quota, sg_rule_quota): + try: + conn.network.update_quota(tenant_id, + security_group_rules=sg_rule_quota, + security_groups=sg_quota) + return True + except Exception as e: + logger.error("Error [update_sg_quota(network, '%s', '%s', " + "'%s')]: %s" % (tenant_id, sg_quota, sg_rule_quota, e)) + return False + + +def delete_security_group(conn, secgroup_id): + try: + conn.network.delete_security_group(secgroup_id, ignore_missing=False) + return True + except Exception as e: + logger.error("Error [delete_security_group(network, '%s')]: %s" + % (secgroup_id, e)) + return False + + +# ********************************************* +# GLANCE +# ********************************************* +def get_images(conn): + try: + images = conn.image.images() + return images + except Exception as e: + logger.error("Error [get_images]: %s" % e) + return None + + +def get_image_id(conn, image_name): + images = conn.image.images() + id = '' + for i in images: + if i.name == image_name: + id = i.id + break + return id + + +def create_glance_image(conn, + image_name, + file_path, + disk="qcow2", + extra_properties={}, + container="bare", + public="public"): + if not os.path.isfile(file_path): + logger.error("Error: file %s does not exist." % file_path) + return None + try: + image_id = get_image_id(conn, image_name) + if image_id != '': + logger.info("Image %s already exists." % image_name) + else: + logger.info("Creating image '%s' from '%s'..." % (image_name, + file_path)) + with open(file_path) as image_data: + image = conn.image.upload_image(name=image_name, + is_public=public, + disk_format=disk, + container_format=container, + data=image_data, + **extra_properties) + image_id = image.id + return image_id + except Exception as e: + logger.error("Error [create_glance_image(image, '%s', '%s', " + "'%s')]: %s" % (image_name, file_path, public, e)) + return None + + +def get_or_create_image(name, path, format, extra_properties): + image_exists = False + conn = get_os_connection() + + image_id = get_image_id(conn, name) + if image_id != '': + logger.info("Using existing image '%s'..." % name) + image_exists = True + else: + logger.info("Creating image '%s' from '%s'..." % (name, path)) + image_id = create_glance_image(conn, + name, + path, + format, + extra_properties) + if not image_id: + logger.error("Failed to create a Glance image...") + else: + logger.debug("Image '%s' with ID=%s created successfully." + % (name, image_id)) + + return image_exists, image_id + + +def delete_glance_image(conn, image_id): + try: + conn.image.delete_image(image_id) + return True + except Exception as e: + logger.error("Error [delete_glance_image(image, '%s')]: %s" + % (image_id, e)) + return False + + +# ********************************************* +# CINDER +# ********************************************* +def get_volumes(conn): + try: + volumes = conn.block_store.volumes(all_tenants=1) + return volumes + except Exception as e: + logger.error("Error [get_volumes(volume)]: %s" % e) + return None + + +def update_cinder_quota(cloud, tenant_id, vols_quota, + snapshots_quota, gigabytes_quota): + quotas_values = {"volumes": vols_quota, + "snapshots": snapshots_quota, + "gigabytes": gigabytes_quota} + + try: + cloud.set_volume_quotas(tenant_id, **quotas_values) + return True + except Exception as e: + logger.error("Error [update_cinder_quota(volume, '%s', '%s', " + "'%s' '%s')]: %s" % (tenant_id, vols_quota, + snapshots_quota, gigabytes_quota, e)) + return False + + +def delete_volume(cloud, volume_id, forced=False): + try: + if forced: + try: + volume = cloud.get_volume(volume_id) + for attachment in volume.attachments: + server = cloud.get_server(attachment.server_id) + cloud.detach_volume(server, volume) + except Exception: + logger.error(sys.exc_info()[0]) + cloud.delete_volume(volume_id, force=True) + else: + cloud.delete_volume(volume_id) + return True + except Exception as e: + logger.error("Error [delete_volume(volume, '%s', '%s')]: %s" + % (volume_id, str(forced), e)) + return False + + +# ********************************************* +# KEYSTONE +# ********************************************* +def get_tenants(keystone_client): + try: + if is_keystone_v3(): + tenants = keystone_client.projects.list() + else: + tenants = keystone_client.tenants.list() + return tenants + except Exception as e: + logger.error("Error [get_tenants(keystone_client)]: %s" % e) + return None + + +def get_users(keystone_client): + try: + users = keystone_client.users.list() + return users + except Exception as e: + logger.error("Error [get_users(keystone_client)]: %s" % e) + return None + + +def get_tenant_id(keystone_client, tenant_name): + tenants = get_tenants(keystone_client) + id = '' + for t in tenants: + if t.name == tenant_name: + id = t.id + break + return id + + +def get_user_id(keystone_client, user_name): + users = get_users(keystone_client) + id = '' + for u in users: + if u.name == user_name: + id = u.id + break + return id + + +def get_role_id(keystone_client, role_name): + roles = keystone_client.roles.list() + id = '' + for r in roles: + if r.name == role_name: + id = r.id + break + return id + + +def get_domain_id(keystone_client, domain_name): + domains = keystone_client.domains.list() + id = '' + for d in domains: + if d.name == domain_name: + id = d.id + break + return id + + +def create_tenant(keystone_client, tenant_name, tenant_description): + try: + if is_keystone_v3(): + domain_name = os.environ['OS_PROJECT_DOMAIN_NAME'] + domain_id = get_domain_id(keystone_client, domain_name) + tenant = keystone_client.projects.create( + name=tenant_name, + description=tenant_description, + domain=domain_id, + enabled=True) + else: + tenant = keystone_client.tenants.create(tenant_name, + tenant_description, + enabled=True) + return tenant.id + except Exception as e: + logger.error("Error [create_tenant(keystone_client, '%s', '%s')]: %s" + % (tenant_name, tenant_description, e)) + return None + + +def get_or_create_tenant(keystone_client, tenant_name, tenant_description): + tenant_id = get_tenant_id(keystone_client, tenant_name) + if not tenant_id: + tenant_id = create_tenant(keystone_client, tenant_name, + tenant_description) + + return tenant_id + + +def get_or_create_tenant_for_vnf(keystone_client, tenant_name, + tenant_description): + """Get or Create a Tenant + + Args: + keystone_client: keystone client reference + tenant_name: the name of the tenant + tenant_description: the description of the tenant + + return False if tenant retrieved though get + return True if tenant created + raise Exception if error during processing + """ + try: + tenant_id = get_tenant_id(keystone_client, tenant_name) + if not tenant_id: + tenant_id = create_tenant(keystone_client, tenant_name, + tenant_description) + return True + else: + return False + except Exception: + raise Exception("Impossible to create a Tenant for the VNF {}".format( + tenant_name)) + + +def create_user(keystone_client, user_name, user_password, + user_email, tenant_id): + try: + if is_keystone_v3(): + user = keystone_client.users.create(name=user_name, + password=user_password, + email=user_email, + project_id=tenant_id, + enabled=True) + else: + user = keystone_client.users.create(user_name, + user_password, + user_email, + tenant_id, + enabled=True) + return user.id + except Exception as e: + logger.error("Error [create_user(keystone_client, '%s', '%s', '%s'" + "'%s')]: %s" % (user_name, user_password, + user_email, tenant_id, e)) + return None + + +def get_or_create_user(keystone_client, user_name, user_password, + tenant_id, user_email=None): + user_id = get_user_id(keystone_client, user_name) + if not user_id: + user_id = create_user(keystone_client, user_name, user_password, + user_email, tenant_id) + return user_id + + +def get_or_create_user_for_vnf(keystone_client, vnf_ref): + """Get or Create user for VNF + + Args: + keystone_client: keystone client reference + vnf_ref: VNF reference used as user name & password, tenant name + + return False if user retrieved through get + return True if user created + raise Exception if error during processing + """ + try: + user_id = get_user_id(keystone_client, vnf_ref) + tenant_id = get_tenant_id(keystone_client, vnf_ref) + created = False + if not user_id: + user_id = create_user(keystone_client, vnf_ref, vnf_ref, + "", tenant_id) + created = True + try: + role_id = get_role_id(keystone_client, 'admin') + tenant_id = get_tenant_id(keystone_client, vnf_ref) + add_role_user(keystone_client, user_id, role_id, tenant_id) + except Exception: + logger.warn("Cannot associate user to role admin on tenant") + return created + except Exception: + raise Exception("Impossible to create a user for the VNF {}".format( + vnf_ref)) + + +def add_role_user(keystone_client, user_id, role_id, tenant_id): + try: + if is_keystone_v3(): + keystone_client.roles.grant(role=role_id, + user=user_id, + project=tenant_id) + else: + keystone_client.roles.add_user_role(user_id, role_id, tenant_id) + return True + except Exception as e: + logger.error("Error [add_role_user(keystone_client, '%s', '%s'" + "'%s')]: %s " % (user_id, role_id, tenant_id, e)) + return False + + +def delete_tenant(keystone_client, tenant_id): + try: + if is_keystone_v3(): + keystone_client.projects.delete(tenant_id) + else: + keystone_client.tenants.delete(tenant_id) + return True + except Exception as e: + logger.error("Error [delete_tenant(keystone_client, '%s')]: %s" + % (tenant_id, e)) + return False + + +def delete_user(keystone_client, user_id): + try: + keystone_client.users.delete(user_id) + return True + except Exception as e: + logger.error("Error [delete_user(keystone_client, '%s')]: %s" + % (user_id, e)) + return False + + +# ********************************************* +# HEAT +# ********************************************* +def create_stack(conn, **kwargs): + try: + stack = conn.orchestration.create_stack(**kwargs) + stack_id = stack.id + if stack_id is None: + logger.error("Stack create start failed") + raise SystemError("Stack create start failed") + return stack_id + except Exception as e: + logger.error("Error [create_stack(orchestration)]: %s" % e) + return None + + +def update_stack(conn, stack_id, **kwargs): + try: + conn.orchestration.update_stack(stack_id, **kwargs) + return True + except Exception as e: + logger.error("Error [update_stack(orchestration)]: %s" % e) + return False + + +def delete_stack(conn, stack_id): + try: + conn.orchestration.delete_stack(stack_id) + return True + except Exception as e: + logger.error("Error [delete_stack(orchestration)]: %s" % e) + return False + + +def list_stacks(conn, **kwargs): + try: + result = conn.orchestration.stacks(**kwargs) + return result + except Exception as e: + logger.error("Error [list_stack(orchestration)]: %s" % e) + return None + + +def get_output(conn, stack_id, output_key): + try: + stack = conn.orchestration.get_stack(stack_id) + for output in stack.outputs: + if output['output_key'] == output_key: + return output + except ResourceNotFound as e: + logger.error("Error [get_output(orchestration)]: %s" % e) + return None |