X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=planetstack%2Fopenstack%2Fmanager.py;h=3ae7dead146675be140f763b5ccfc2bab3a60ce9;hb=dfefe9db61e02e03d66bc2ac625576483abb931f;hp=857e2257b92edf97a25cb7df3600456e270d97b8;hpb=89f70f188504958d9ec66757cacace9575a92a52;p=plstackapi.git diff --git a/planetstack/openstack/manager.py b/planetstack/openstack/manager.py index 857e225..3ae7dea 100644 --- a/planetstack/openstack/manager.py +++ b/planetstack/openstack/manager.py @@ -1,20 +1,28 @@ import os -os.environ.setdefault("DJANGO_SETTINGS_MODULE", "planetstack.settings") +#os.environ.setdefault("DJANGO_SETTINGS_MODULE", "planetstack.settings") +import string +import random +import hashlib +from datetime import datetime from netaddr import IPAddress, IPNetwork from planetstack import settings from django.core import management +from core.models import * from planetstack.config import Config try: from openstack.client import OpenStackClient from openstack.driver import OpenStackDriver - from core.models import * has_openstack = True except: has_openstack = False manager_enabled = Config().api_nova_enabled + +def random_string(size=6): + return ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(size)) + def require_enabled(callable): def wrapper(*args, **kwds): if manager_enabled and has_openstack: @@ -48,15 +56,18 @@ class OpenStackManager: self.init_admin() @require_enabled - def init_user(self, auth, caller): + def init_caller(self, caller, tenant): + auth = {'username': caller.email, + 'password': hashlib.md5(caller.password).hexdigest()[:6], + 'tenant': tenant} self.client = OpenStackClient(**auth) self.driver = OpenStackDriver(client=self.client) self.caller = caller @require_enabled - def init_admin(self): + def init_admin(self, tenant=None): # use the admin credentials - self.client = OpenStackClient() + self.client = OpenStackClient(tenant=tenant) self.driver = OpenStackDriver(client=self.client) self.caller = self.driver.admin_user self.caller.kuser_id = self.caller.id @@ -73,28 +84,29 @@ class OpenStackManager: self.driver.delete_role({'id': role.role}) @require_enabled - def save_key(self, key): - if not key.key_id: - key_fields = {'name': key.user.email[:key.user.email.find('@')], - 'key': key.key} - nova_key = self.driver.create_keypair(**key_fields) - key.key_id = nova_key.id + def save_key(self, key, name): + key_fields = {'name': name, + 'public_key': key} + nova_key = self.driver.create_keypair(**key_fields) @require_enabled def delete_key(self, key): - if key.key_id: - self.driver.delete_keypair(key.key_id) + if key.nkey_id: + self.driver.delete_keypair(key.nkey_id) @require_enabled def save_user(self, user): + name = user.email[:user.email.find('@')] + user_fields = {'name': name, + 'email': user.email, + 'password': hashlib.md5(user.password).hexdigest()[:6], + 'enabled': True} if not user.kuser_id: - name = user.email[:user.email.find('@')] - user_fields = {'name': name, - 'email': user.email, - 'password': user.password, - 'enabled': True} keystone_user = self.driver.create_user(**user_fields) user.kuser_id = keystone_user.id + else: + self.driver.update_user(user.kuser_id, user_fields) + if user.site: self.driver.add_user_role(user.kuser_id, user.site.tenant_id, 'user') if user.is_admin: @@ -102,6 +114,15 @@ class OpenStackManager: else: # may have admin role so attempt to remove it self.driver.delete_user_role(user.kuser_id, user.site.tenant_id, 'admin') + + if user.public_key: + self.init_caller(user, user.site.login_base) + self.save_key(user.public_key, user.keyname) + self.init_admin() + + user.save() + user.enacted = datetime.now() + user.save(update_fields=['enacted']) @require_enabled def delete_user(self, user): @@ -124,11 +145,33 @@ class OpenStackManager: description=site.name, enabled=site.enabled) + # commit the updated record + site.save() + site.enacted = datetime.now() + site.save(update_fields=['enacted']) # enusre enacted > updated + + @require_enabled def delete_site(self, site): if site.tenant_id: self.driver.delete_tenant(site.tenant_id) + @require_enabled + def save_site_privilege(self, site_priv): + if site_priv.user.kuser_id and site_priv.site.tenant_id: + self.driver.add_user_role(site_priv.user.kuser_id, + site_priv.site.tenant_id, + site_priv.role.role_type) + site_priv.enacted = datetime.now() + site_priv.save(update_fields=['enacted']) + + + @require_enabled + def delete_site_privilege(self, site_priv): + self.driver.delete_user_role(site_priv.user.kuser_id, + site_priv.site.tenant_id, + site_priv.role.role_type) + @require_enabled def save_slice(self, slice): if not slice.tenant_id: @@ -169,24 +212,59 @@ class OpenStackManager: slice.subnet_id = subnet['id'] # add subnet as interface to slice's router self.driver.add_router_interface(router['id'], subnet['id']) - + # add external route + self.driver.add_external_route(subnet) + if slice.id and slice.tenant_id: self.driver.update_tenant(slice.tenant_id, description=slice.description, - enabled=slice.enabled) + enabled=slice.enabled) + + slice.save() + slice.enacted = datetime.now() + slice.save(update_fields=['enacted']) @require_enabled def delete_slice(self, slice): if slice.tenant_id: - self.driver.delete_router_interface(slice.router_id, slice.subnet_id) - self.driver.delete_subnet(slice.subnet_id) - self.driver.delete_router(slice.router_id) - self.driver.delete_network(slice.network_id) - self.driver.delete_tenant(slice.tenant_id) + self._delete_slice(slice.tenant_id, slice.network_id, + slice.router_id, slice.subnet_id) + @require_enabled + def _delete_slice(self, tenant_id, network_id, router_id, subnet_id): + self.driver.delete_router_interface(slice.router_id, slice.subnet_id) + self.driver.delete_subnet(slice.subnet_id) + self.driver.delete_router(slice.router_id) + self.driver.delete_network(slice.network_id) + self.driver.delete_tenant(slice.tenant_id) + # delete external route + subnet = None + subnets = self.driver.shell.quantum.list_subnets()['subnets'] + for snet in subnets: + if snet['id'] == slice.subnet_id: + subnet = snet + if subnet: + self.driver.delete_external_route(subnet) + @require_enabled + def save_slice_membership(self, slice_memb): + if slice_memb.user.kuser_id and slice_memb.slice.tenant_id: + self.driver.add_user_role(slice_memb.user.kuser_id, + slice_memb.slice.tenant_id, + slice_memb.role.role_type) + slice_memb.enacted = datetime.now() + slice_memb.save(update_fields=['enacted']) + + @require_enabled + def delete_slice_membership(self, slice_memb): + self.driver.delete_user_role(slice_memb.user.kuser_id, + slice_memb.slice.tenant_id, + slice_memb.role.role_type) + + + @require_enabled def get_next_subnet(self): # limit ourself to 10.0.x.x for now valid_subnet = lambda net: net.startswith('10.0') @@ -226,16 +304,24 @@ class OpenStackManager: @require_enabled def save_sliver(self, sliver): if not sliver.instance_id: + slice_memberships = SliceMembership.objects.filter(slice=sliver.slice) + pubkeys = [sm.user.public_key for sm in slice_memberships if sm.user.public_key] + pubkeys.append(sliver.creator.public_key) instance = self.driver.spawn_instance(name=sliver.name, - key_name = sliver.key.name, + key_name = sliver.creator.keyname, image_id = sliver.image.image_id, - hostname = sliver.node.name ) + hostname = sliver.node.name, + pubkeys = pubkeys ) sliver.instance_id = instance.id sliver.instance_name = getattr(instance, 'OS-EXT-SRV-ATTR:instance_name') if sliver.instance_id and ("numberCores" in sliver.changed_fields): self.driver.update_instance_metadata(sliver.instance_id, {"cpu_cores": str(sliver.numberCores)}) + sliver.save() + sliver.enacted = datetime.now() + sliver.save(update_fields=['enacted']) + @require_enabled def delete_sliver(self, sliver): if sliver.instance_id: @@ -250,7 +336,7 @@ class OpenStackManager: if 'viccidev10' not in node.name: nodes_dict[node.name] = node - deployment = DeploymentNetwork.objects.filter(name='VICCI')[0] + deployment = Deployment.objects.filter(name='VICCI')[0] login_bases = ['princeton', 'stanford', 'gt', 'uw', 'mpisws'] sites = Site.objects.filter(login_base__in=login_bases) # collect nova nodes: @@ -270,7 +356,7 @@ class OpenStackManager: site = sites[i] node = Node(name=compute_nodes_dict[name].hypervisor_hostname, site=site, - deploymentNetwork=deployment) + deployment=deployment) node.save() i+=1