From d1a17e195e2c136f3d6df49858fdf78346d249da Mon Sep 17 00:00:00 2001 From: Tony Mack Date: Wed, 19 Mar 2014 15:18:15 -0400 Subject: [PATCH] bug fixes and improvements --- .../observer/steps/sync_site_privileges.py | 2 +- .../observer/steps/sync_slice_deployments.py | 17 +++++++-- planetstack/observer/steps/sync_slivers.py | 15 ++++++-- .../observer/steps/sync_user_deployments.py | 36 +++++++++---------- 4 files changed, 46 insertions(+), 24 deletions(-) diff --git a/planetstack/observer/steps/sync_site_privileges.py b/planetstack/observer/steps/sync_site_privileges.py index 922f579..cf838cf 100644 --- a/planetstack/observer/steps/sync_site_privileges.py +++ b/planetstack/observer/steps/sync_site_privileges.py @@ -4,7 +4,7 @@ from django.db.models import F, Q from planetstack.config import Config from observer.openstacksyncstep import OpenStackSyncStep from core.models.site import * -from core.models.user import UserDeployments +from core.models.user import User, UserDeployments class SyncSitePrivileges(OpenStackSyncStep): requested_interval=0 diff --git a/planetstack/observer/steps/sync_slice_deployments.py b/planetstack/observer/steps/sync_slice_deployments.py index b02466d..9751a08 100644 --- a/planetstack/observer/steps/sync_slice_deployments.py +++ b/planetstack/observer/steps/sync_slice_deployments.py @@ -69,14 +69,27 @@ class SyncSliceDeployments(OpenStackSyncStep): if not deployment_users: logger.info("slice createor %s has not accout at deployment %s" % (slice_deployment.slice.creator, slice_deployment.deployment.name)) else: + deployment_user = deployment_users[0] # lookup user id at this deployment kuser= driver.shell.keystone.users.find(email=slice_deployment.slice.creator.email) - driver.add_user_role(kuser.id, tenant.id, 'admin') + # add required roles at the slice's tenant + driver.add_user_role(kuser.id, tenant.id, 'admin') + # refresh credentials using this tenant - client_driver = self.driver.client_driver(tenant=tenant.name, + client_driver = self.driver.client_driver(caller=deployment_user.user, + tenant=tenant.name, deployment=slice_deployment.deployment.name) + # create a public key for the slice creator + if deployment_user.user.public_key: + keyname = deployment_user.user.email.lower().replace('@', 'AT').replace('.', '') +\ + slice_deployment.slice.name + slice_deployment.keyname = keyname + key_fields = {'name': keyname, + 'public_key': deployment_user.user.public_key} + client_driver.create_keypair(**key_fields) + # create network network = client_driver.create_network(slice_deployment.slice.name) slice_deployment.network_id = network['id'] diff --git a/planetstack/observer/steps/sync_slivers.py b/planetstack/observer/steps/sync_slivers.py index d832b7d..391cdd8 100644 --- a/planetstack/observer/steps/sync_slivers.py +++ b/planetstack/observer/steps/sync_slivers.py @@ -4,7 +4,7 @@ from django.db.models import F, Q from planetstack.config import Config from observer.openstacksyncstep import OpenStackSyncStep from core.models.sliver import Sliver -from core.models.slice import SlicePrivilege +from core.models.slice import SlicePrivilege, SliceDeployments class SyncSlivers(OpenStackSyncStep): provides=[Sliver] @@ -49,9 +49,18 @@ class SyncSlivers(OpenStackSyncStep): for image in images: if image['name'] == sliver.image.name: image_id = image['id'] - + + # look up key name at the deployment + keyname = None + slice_deployments = SliceDeployments.objects.filter(slice = sliver.slice, + deployment = sliver.deploymentNetwork) + for slice_deployment in slice_deployments: + if slice_deployment.keyname: + keyname = slice_deployment.keyname + break + instance = driver.spawn_instance(name=sliver.name, - key_name = sliver.creator.keyname, + key_name = keyname, image_id = image_id, hostname = sliver.node.name, pubkeys = pubkeys, diff --git a/planetstack/observer/steps/sync_user_deployments.py b/planetstack/observer/steps/sync_user_deployments.py index ad1363d..5c04003 100644 --- a/planetstack/observer/steps/sync_user_deployments.py +++ b/planetstack/observer/steps/sync_user_deployments.py @@ -25,12 +25,8 @@ class SyncUserDeployments(OpenStackSyncStep): for site_deployment in site_deployments: site_deploy_lookup[site_deployment.site].append(site_deployment.deployment) - user_deployments = UserDeployments.objects.all() - user_deploy_lookup = defaultdict(list) - for user_deployment in user_deployments: - user_deploy_lookup[user_deployment.user].append(user_deployment.deployment) - - for user in User.objects.all(): + user_deployments = [] + for user in User.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None)): if user.is_admin: # admins should have an account at all deployments expected_deployments = deployments @@ -38,12 +34,10 @@ class SyncUserDeployments(OpenStackSyncStep): # normal users should have an account at their site's deployments expected_deployments = site_deploy_lookup[user.site] for expected_deployment in expected_deployments: - if expected_deployment not in user_deploy_lookup[user]: - ud = UserDeployments(user=user, deployment=expected_deployment) - ud.save() + ud = UserDeployments(user=user, deployment=expected_deployment) + user_deployments.append(ud) - # now we can return all slice deployments that need to be enacted - return UserDeployments.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None)) + return user_deployments def sync_record(self, user_deployment): logger.info("sync'ing user %s at deployment %s" % (user_deployment.user, user_deployment.deployment.name)) @@ -59,7 +53,7 @@ class SyncUserDeployments(OpenStackSyncStep): else: driver.update_user(user_deployment.kuser_id, user_fields) - # setup user deployment site roles + # setup user deployment home site roles if user_deployment.user.site: site_deployments = SiteDeployments.objects.filter(site=user_deployment.user.site, deployment=user_deployment.deployment) @@ -74,11 +68,17 @@ class SyncUserDeployments(OpenStackSyncStep): # may have admin role so attempt to remove it driver.delete_user_role(user_deployment.kuser_id, tenant_id, 'admin') - if user_deployment.user.public_key: - user_driver = driver.client_driver(caller=user, tenant=user.site.login_base, - deployment=user_deployment.deployment.name) - key_fields = {'name': user_deployment.user.keyname, - 'public_key': user_deployment.user.public_key} - user_driver.create_keypair(**key_fields) + #if user_deployment.user.public_key: + # if not user_deployment.user.keyname: + # keyname = user_deployment.user.email.lower().replace('@', 'AT').replace('.', '') + # user_deployment.user.keyname = keyname + # user_deployment.user.save() + # + # user_driver = driver.client_driver(caller=user_deployment.user, + # tenant=user_deployment.user.site.login_base, + # deployment=user_deployment.deployment.name) + # key_fields = {'name': user_deployment.user.keyname, + # 'public_key': user_deployment.user.public_key} + # user_driver.create_keypair(**key_fields) user_deployment.save() -- 2.43.0