-from planetstack import settings
-#from django.core import management
-#management.setup_environ(settings)
+w
import os
-os.environ.setdefault("DJANGO_SETTINGS_MODULE", "planetstack.settings")
+#os.environ.setdefault("DJANGO_SETTINGS_MODULE", "planetstack.settings")
+import string
+import random
+import hashlib
+from datetime import datetime
+from netaddr import IPAddress, IPNetwork
+from planetstack import settings
+from django.core import management
+from core.models import *
+from planetstack.config import Config
try:
from openstack.client import OpenStackClient
from openstack.driver import OpenStackDriver
- from planetstack.config import Config
- from core.models import *
has_openstack = True
except:
has_openstack = False
-#manager_enabled = Config().api_nova_enabled
-manager_enabled = False
+manager_enabled = Config().api_nova_enabled
+
+
+def random_string(size=6):
+ return ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(size))
def require_enabled(callable):
def wrapper(*args, **kwds):
class OpenStackManager:
def __init__(self, auth={}, caller=None):
- if auth:
- self.client = OpenStackClient(**auth)
- else:
- self.client = OpenStackClient()
+ self.client = None
+ self.driver = None
+ self.caller = None
self.has_openstack = has_openstack
- self.enabled = manager_enabled
- self.driver = OpenStackDriver(client=self.client)
- self.caller=caller
- if not self.caller:
- self.caller = self.driver.admin_user
- self.caller.kuser_id = self.caller.id
+ self.enabled = manager_enabled
+
+ if has_openstack and manager_enabled:
+ if auth:
+ try:
+ self.init_user(auth, caller)
+ except:
+ # if this fails then it meanse the caller doesn't have a
+ # role at the slice's tenant. if the caller is an admin
+ # just use the admin client/manager.
+ if caller and caller.is_admin:
+ self.init_admin()
+ else: raise
+ else:
+ self.init_admin()
+
+ @require_enabled
+ def init_caller(self, caller, tenant):
+ auth = {'username': caller.email,
+ 'password': hashlib.md5(caller.password).hexdigest()[:6],
+ 'tenant': tenant}
+ self.client = OpenStackClient(**auth)
+ self.driver = OpenStackDriver(client=self.client)
+ self.caller = caller
+
+ @require_enabled
+ def init_admin(self, tenant=None):
+ # use the admin credentials
+ self.client = OpenStackClient(tenant=tenant)
+ self.driver = OpenStackDriver(client=self.client)
+ self.caller = self.driver.admin_user
+ self.caller.kuser_id = self.caller.id
@require_enabled
def save_role(self, role):
- if not role.role_id:
+ if not role.role:
keystone_role = self.driver.create_role(role.role_type)
- role.role_id = keystone_role.id
+ role.role = keystone_role.id
@require_enabled
def delete_role(self, role):
- if role.role_id:
- self.driver.delete_role({'id': role.role_id})
+ if role.role:
+ self.driver.delete_role({'id': role.role})
@require_enabled
- def save_key(self, key):
- if not key.key_id:
- key_fields = {'name': key.name,
- 'key': key.key}
- nova_key = self.driver.create_keypair(**key_fields)
- key.key_id = nova_key.id
+ def save_key(self, key, name):
+ key_fields = {'name': name,
+ 'public_key': key}
+ nova_key = self.driver.create_keypair(**key_fields)
@require_enabled
def delete_key(self, key):
- if key.key_id:
- self.driver.delete_keypair(key.key_id)
+ if key.nkey_id:
+ self.driver.delete_keypair(key.nkey_id)
@require_enabled
def save_user(self, user):
+ name = user.email[:user.email.find('@')]
+ user_fields = {'name': name,
+ 'email': user.email,
+ 'password': hashlib.md5(user.password).hexdigest()[:6],
+ 'enabled': True}
if not user.kuser_id:
- name = user.email[:user.email.find('@')]
- user_fields = {'name': name,
- 'email': user.email,
- 'password': user.password,
- 'enabled': True}
keystone_user = self.driver.create_user(**user_fields)
user.kuser_id = keystone_user.id
-
+ else:
+ self.driver.update_user(user.kuser_id, user_fields)
+
+ if user.site:
+ self.driver.add_user_role(user.kuser_id, user.site.tenant_id, 'user')
+ if user.is_admin:
+ self.driver.add_user_role(user.kuser_id, user.site.tenant_id, 'admin')
+ else:
+ # may have admin role so attempt to remove it
+ self.driver.delete_user_role(user.kuser_id, user.site.tenant_id, 'admin')
+
+ if user.public_key:
+ self.init_caller(user, user.site.login_base)
+ self.save_key(user.public_key, user.keyname)
+ self.init_admin()
+
+ user.save()
+ user.enacted = datetime.now()
+ user.save(update_fields=['enacted'])
+
@require_enabled
def delete_user(self, user):
if user.kuser_id:
self.driver.delete_user(user.kuser_id)
-
-
@require_enabled
def save_site(self, site, add_role=True):
if not site.tenant_id:
description=site.name,
enabled=site.enabled)
+ # commit the updated record
+ site.save()
+ site.enacted = datetime.now()
+ site.save(update_fields=['enacted']) # enusre enacted > updated
+
+
@require_enabled
def delete_site(self, site):
if site.tenant_id:
self.driver.delete_tenant(site.tenant_id)
+ @require_enabled
+ def save_site_privilege(self, site_priv):
+ if site_priv.user.kuser_id and site_priv.site.tenant_id:
+ self.driver.add_user_role(site_priv.user.kuser_id,
+ site_priv.site.tenant_id,
+ site_priv.role.role_type)
+ site_priv.enacted = datetime.now()
+ site_priv.save(update_fields=['enacted'])
+
+
+ @require_enabled
+ def delete_site_privilege(self, site_priv):
+ self.driver.delete_user_role(site_priv.user.kuser_id,
+ site_priv.site.tenant_id,
+ site_priv.role.role_type)
+
@require_enabled
def save_slice(self, slice):
if not slice.tenant_id:
router = self.driver.create_router(slice.name)
slice.router_id = router['id']
+ # create subnet
+ next_subnet = self.get_next_subnet()
+ cidr = str(next_subnet.cidr)
+ ip_version = next_subnet.version
+ start = str(next_subnet[2])
+ end = str(next_subnet[-2])
+ subnet = self.driver.create_subnet(name=slice.name,
+ network_id = network['id'],
+ cidr_ip = cidr,
+ ip_version = ip_version,
+ start = start,
+ end = end)
+ slice.subnet_id = subnet['id']
+ # add subnet as interface to slice's router
+ self.driver.add_router_interface(router['id'], subnet['id'])
+ # add external route
+ self.driver.add_external_route(subnet)
+
+
if slice.id and slice.tenant_id:
self.driver.update_tenant(slice.tenant_id,
description=slice.description,
- enabled=slice.enabled)
+ enabled=slice.enabled)
+
+ slice.save()
+ slice.enacted = datetime.now()
+ slice.save(update_fields=['enacted'])
@require_enabled
def delete_slice(self, slice):
if slice.tenant_id:
- self.driver.delete_router(slice.router_id)
- self.driver.delete_network(slice.network_id)
- self.driver.delete_tenant(slice.tenant_id)
+ self._delete_slice(slice.tenant_id, slice.network_id,
+ slice.router_id, slice.subnet_id)
+ @require_enabled
+ def _delete_slice(self, tenant_id, network_id, router_id, subnet_id):
+ self.driver.delete_router_interface(slice.router_id, slice.subnet_id)
+ self.driver.delete_subnet(slice.subnet_id)
+ self.driver.delete_router(slice.router_id)
+ self.driver.delete_network(slice.network_id)
+ self.driver.delete_tenant(slice.tenant_id)
+ # delete external route
+ subnet = None
+ subnets = self.driver.shell.quantum.list_subnets()['subnets']
+ for snet in subnets:
+ if snet['id'] == slice.subnet_id:
+ subnet = snet
+ if subnet:
+ self.driver.delete_external_route(subnet)
+
+
+ @require_enabled
+ def save_slice_membership(self, slice_memb):
+ if slice_memb.user.kuser_id and slice_memb.slice.tenant_id:
+ self.driver.add_user_role(slice_memb.user.kuser_id,
+ slice_memb.slice.tenant_id,
+ slice_memb.role.role_type)
+ slice_memb.enacted = datetime.now()
+ slice_memb.save(update_fields=['enacted'])
+
+
+ @require_enabled
+ def delete_slice_membership(self, slice_memb):
+ self.driver.delete_user_role(slice_memb.user.kuser_id,
+ slice_memb.slice.tenant_id,
+ slice_memb.role.role_type)
+
+
+ @require_enabled
+ def get_next_subnet(self):
+ # limit ourself to 10.0.x.x for now
+ valid_subnet = lambda net: net.startswith('10.0')
+ subnets = self.driver.shell.quantum.list_subnets()['subnets']
+ ints = [int(IPNetwork(subnet['cidr']).ip) for subnet in subnets \
+ if valid_subnet(subnet['cidr'])]
+ ints.sort()
+ last_ip = IPAddress(ints[-1])
+ last_network = IPNetwork(str(last_ip) + "/24")
+ next_network = IPNetwork(str(IPAddress(last_network) + last_network.size) + "/24")
+ return next_network
@require_enabled
def save_subnet(self, subnet):
self.driver.delete_subnet(subnet.subnet_id)
#del_route = 'route del -net %s' % self.cidr
#commands.getstatusoutput(del_route)
-
+
@require_enabled
def save_sliver(self, sliver):
if not sliver.instance_id:
+ slice_memberships = SliceMembership.objects.filter(slice=sliver.slice)
+ pubkeys = [sm.user.public_key for sm in slice_memberships if sm.user.public_key]
+ pubkeys.append(sliver.creator.public_key)
instance = self.driver.spawn_instance(name=sliver.name,
- key_name = sliver.key.name,
+ key_name = sliver.creator.keyname,
image_id = sliver.image.image_id,
- hostname = sliver.node.name )
+ hostname = sliver.node.name,
+ pubkeys = pubkeys )
sliver.instance_id = instance.id
sliver.instance_name = getattr(instance, 'OS-EXT-SRV-ATTR:instance_name')
+ if sliver.instance_id and ("numberCores" in sliver.changed_fields):
+ self.driver.update_instance_metadata(sliver.instance_id, {"cpu_cores": str(sliver.numberCores)})
+
+ sliver.save()
+ sliver.enacted = datetime.now()
+ sliver.save(update_fields=['enacted'])
+
@require_enabled
def delete_sliver(self, sliver):
if sliver.instance_id:
if 'viccidev10' not in node.name:
nodes_dict[node.name] = node
- deployment = DeploymentNetwork.objects.filter(name='VICCI')[0]
+ deployment = Deployment.objects.filter(name='VICCI')[0]
login_bases = ['princeton', 'stanford', 'gt', 'uw', 'mpisws']
sites = Site.objects.filter(login_base__in=login_bases)
# collect nova nodes:
site = sites[i]
node = Node(name=compute_nodes_dict[name].hypervisor_hostname,
site=site,
- deploymentNetwork=deployment)
+ deployment=deployment)
node.save()
i+=1
Node.objects.filter(name__in=old_node_names).delete()
def refresh_images(self):
+ from core.models.image import Image
# collect local images
images = Image.objects.all()
images_dict = {}
git://git.onelab.eu / plstackapi.git / blobdiff