1 ##############################################################################
2 # Copyright (c) 2016 Huawei Technologies Co.,Ltd and others.
4 # All rights reserved. This program and the accompanying materials
5 # are made available under the terms of the Apache License, Version 2.0
6 # which accompanies this distribution, and is available at
7 # http://www.apache.org/licenses/LICENSE-2.0
8 ##############################################################################
15 from keystoneauth1 import loading
16 from keystoneauth1 import session
20 from cinderclient import client as cinderclient
21 from novaclient import client as novaclient
22 from glanceclient import client as glanceclient
23 from neutronclient.neutron import client as neutronclient
26 log = logging.getLogger(__name__)
28 DEFAULT_HEAT_API_VERSION = '1'
29 DEFAULT_API_VERSION = '2'
32 # *********************************************
34 # *********************************************
35 def get_credentials():
36 """Returns a creds dictionary filled with parsed from env
38 Keystone API version used is 3; v2 was deprecated in 2014 (Icehouse). Along
39 with this deprecation, environment variable 'OS_TENANT_NAME' is replaced by
42 creds = {'username': os.environ.get('OS_USERNAME'),
43 'password': os.environ.get('OS_PASSWORD'),
44 'auth_url': os.environ.get('OS_AUTH_URL'),
45 'project_name': os.environ.get('OS_PROJECT_NAME')
48 if os.getenv('OS_USER_DOMAIN_NAME'):
49 creds['user_domain_name'] = os.getenv('OS_USER_DOMAIN_NAME')
50 if os.getenv('OS_PROJECT_DOMAIN_NAME'):
51 creds['project_domain_name'] = os.getenv('OS_PROJECT_DOMAIN_NAME')
56 def get_session_auth():
57 loader = loading.get_plugin_loader('password')
58 creds = get_credentials()
59 auth = loader.load_from_options(**creds)
64 auth = get_session_auth()
66 cacert = os.environ['OS_CACERT']
68 return session.Session(auth=auth)
70 insecure = os.getenv('OS_INSECURE', '').lower() == 'true'
71 cacert = False if insecure else cacert
72 return session.Session(auth=auth, verify=cacert)
75 def get_endpoint(service_type, endpoint_type='publicURL'):
76 auth = get_session_auth()
77 # for multi-region, we need to specify region
78 # when finding the endpoint
79 return get_session().get_endpoint(auth=auth,
80 service_type=service_type,
81 endpoint_type=endpoint_type,
82 region_name=os.environ.get(
86 # *********************************************
88 # *********************************************
89 def get_heat_api_version(): # pragma: no cover
91 api_version = os.environ['HEAT_API_VERSION']
93 return DEFAULT_HEAT_API_VERSION
95 log.info("HEAT_API_VERSION is set in env as '%s'", api_version)
99 def get_cinder_client_version(): # pragma: no cover
101 api_version = os.environ['OS_VOLUME_API_VERSION']
103 return DEFAULT_API_VERSION
105 log.info("OS_VOLUME_API_VERSION is set in env as '%s'", api_version)
109 def get_cinder_client(): # pragma: no cover
111 return cinderclient.Client(get_cinder_client_version(), session=sess)
114 def get_nova_client_version(): # pragma: no cover
116 api_version = os.environ['OS_COMPUTE_API_VERSION']
118 return DEFAULT_API_VERSION
120 log.info("OS_COMPUTE_API_VERSION is set in env as '%s'", api_version)
124 def get_nova_client(): # pragma: no cover
126 return novaclient.Client(get_nova_client_version(), session=sess)
129 def get_neutron_client_version(): # pragma: no cover
131 api_version = os.environ['OS_NETWORK_API_VERSION']
133 return DEFAULT_API_VERSION
135 log.info("OS_NETWORK_API_VERSION is set in env as '%s'", api_version)
139 def get_neutron_client(): # pragma: no cover
141 return neutronclient.Client(get_neutron_client_version(), session=sess)
144 def get_glance_client_version(): # pragma: no cover
146 api_version = os.environ['OS_IMAGE_API_VERSION']
148 return DEFAULT_API_VERSION
150 log.info("OS_IMAGE_API_VERSION is set in env as '%s'", api_version)
154 def get_glance_client(): # pragma: no cover
156 return glanceclient.Client(get_glance_client_version(), session=sess)
159 def get_shade_client():
160 return shade.openstack_cloud()
163 # *********************************************
165 # *********************************************
166 def get_instances(nova_client):
168 return nova_client.servers.list(search_opts={'all_tenants': 1})
169 except Exception: # pylint: disable=broad-except
170 log.exception("Error [get_instances(nova_client)]")
173 def get_instance_status(nova_client, instance): # pragma: no cover
175 return nova_client.servers.get(instance.id).status
176 except Exception: # pylint: disable=broad-except
177 log.exception("Error [get_instance_status(nova_client)]")
180 def get_instance_by_name(nova_client, instance_name): # pragma: no cover
182 return nova_client.servers.find(name=instance_name)
183 except Exception: # pylint: disable=broad-except
184 log.exception("Error [get_instance_by_name(nova_client, '%s')]",
188 def get_aggregates(nova_client): # pragma: no cover
190 return nova_client.aggregates.list()
191 except Exception: # pylint: disable=broad-except
192 log.exception("Error [get_aggregates(nova_client)]")
195 def get_availability_zones(nova_client): # pragma: no cover
197 return nova_client.availability_zones.list()
198 except Exception: # pylint: disable=broad-except
199 log.exception("Error [get_availability_zones(nova_client)]")
202 def get_availability_zone_names(nova_client): # pragma: no cover
204 return [az.zoneName for az in get_availability_zones(nova_client)]
205 except Exception: # pylint: disable=broad-except
206 log.exception("Error [get_availability_zone_names(nova_client)]")
209 def create_aggregate(nova_client, aggregate_name, av_zone): # pragma: no cover
211 nova_client.aggregates.create(aggregate_name, av_zone)
212 except Exception: # pylint: disable=broad-except
213 log.exception("Error [create_aggregate(nova_client, %s, %s)]",
214 aggregate_name, av_zone)
220 def get_aggregate_id(nova_client, aggregate_name): # pragma: no cover
222 aggregates = get_aggregates(nova_client)
223 _id = next((ag.id for ag in aggregates if ag.name == aggregate_name))
224 except Exception: # pylint: disable=broad-except
225 log.exception("Error [get_aggregate_id(nova_client, %s)]",
231 def add_host_to_aggregate(nova_client, aggregate_name,
232 compute_host): # pragma: no cover
234 aggregate_id = get_aggregate_id(nova_client, aggregate_name)
235 nova_client.aggregates.add_host(aggregate_id, compute_host)
236 except Exception: # pylint: disable=broad-except
237 log.exception("Error [add_host_to_aggregate(nova_client, %s, %s)]",
238 aggregate_name, compute_host)
244 def create_aggregate_with_host(nova_client, aggregate_name, av_zone,
245 compute_host): # pragma: no cover
247 create_aggregate(nova_client, aggregate_name, av_zone)
248 add_host_to_aggregate(nova_client, aggregate_name, compute_host)
249 except Exception: # pylint: disable=broad-except
250 log.exception("Error [create_aggregate_with_host("
251 "nova_client, %s, %s, %s)]",
252 aggregate_name, av_zone, compute_host)
258 def create_keypair(name, key_path=None): # pragma: no cover
260 with open(key_path) as fpubkey:
261 keypair = get_nova_client().keypairs.create(
262 name=name, public_key=fpubkey.read())
264 except Exception: # pylint: disable=broad-except
265 log.exception("Error [create_keypair(nova_client)]")
268 def create_instance(json_body): # pragma: no cover
270 return get_nova_client().servers.create(**json_body)
271 except Exception: # pylint: disable=broad-except
272 log.exception("Error create instance failed")
276 def create_instance_and_wait_for_active(json_body): # pragma: no cover
278 VM_BOOT_TIMEOUT = 180
279 nova_client = get_nova_client()
280 instance = create_instance(json_body)
281 for _ in range(int(VM_BOOT_TIMEOUT / SLEEP)):
282 status = get_instance_status(nova_client, instance)
283 if status.lower() == "active":
285 elif status.lower() == "error":
286 log.error("The instance went to ERROR status.")
289 log.error("Timeout booting the instance.")
293 def attach_server_volume(server_id, volume_id,
294 device=None): # pragma: no cover
296 get_nova_client().volumes.create_server_volume(server_id,
298 except Exception: # pylint: disable=broad-except
299 log.exception("Error [attach_server_volume(nova_client, '%s', '%s')]",
300 server_id, volume_id)
306 def delete_instance(nova_client, instance_id): # pragma: no cover
308 nova_client.servers.force_delete(instance_id)
309 except Exception: # pylint: disable=broad-except
310 log.exception("Error [delete_instance(nova_client, '%s')]",
317 def remove_host_from_aggregate(nova_client, aggregate_name,
318 compute_host): # pragma: no cover
320 aggregate_id = get_aggregate_id(nova_client, aggregate_name)
321 nova_client.aggregates.remove_host(aggregate_id, compute_host)
322 except Exception: # pylint: disable=broad-except
323 log.exception("Error remove_host_from_aggregate(nova_client, %s, %s)",
324 aggregate_name, compute_host)
330 def remove_hosts_from_aggregate(nova_client,
331 aggregate_name): # pragma: no cover
332 aggregate_id = get_aggregate_id(nova_client, aggregate_name)
333 hosts = nova_client.aggregates.get(aggregate_id).hosts
335 all(remove_host_from_aggregate(nova_client, aggregate_name, host)
339 def delete_aggregate(nova_client, aggregate_name): # pragma: no cover
341 remove_hosts_from_aggregate(nova_client, aggregate_name)
342 nova_client.aggregates.delete(aggregate_name)
343 except Exception: # pylint: disable=broad-except
344 log.exception("Error [delete_aggregate(nova_client, %s)]",
351 def get_server_by_name(name): # pragma: no cover
353 return get_nova_client().servers.list(search_opts={'name': name})[0]
355 log.exception('Failed to get nova client')
359 def create_flavor(name, ram, vcpus, disk, **kwargs): # pragma: no cover
361 return get_nova_client().flavors.create(name, ram, vcpus,
363 except Exception: # pylint: disable=broad-except
364 log.exception("Error [create_flavor(nova_client, %s, %s, %s, %s, %s)]",
365 name, ram, disk, vcpus, kwargs['is_public'])
369 def get_image_by_name(name): # pragma: no cover
370 images = get_nova_client().images.list()
372 return next((a for a in images if a.name == name))
373 except StopIteration:
374 log.exception('No image matched')
377 def get_flavor_id(nova_client, flavor_name): # pragma: no cover
378 flavors = nova_client.flavors.list(detailed=True)
381 if f.name == flavor_name:
387 def get_flavor_by_name(name): # pragma: no cover
388 flavors = get_nova_client().flavors.list()
390 return next((a for a in flavors if a.name == name))
391 except StopIteration:
392 log.exception('No flavor matched')
395 def check_status(status, name, iterations, interval): # pragma: no cover
396 for _ in range(iterations):
398 server = get_server_by_name(name)
400 log.error('Cannot found %s server', name)
403 if server.status == status:
410 def delete_flavor(flavor_id): # pragma: no cover
412 get_nova_client().flavors.delete(flavor_id)
413 except Exception: # pylint: disable=broad-except
414 log.exception("Error [delete_flavor(nova_client, %s)]", flavor_id)
420 def delete_keypair(nova_client, key): # pragma: no cover
422 nova_client.keypairs.delete(key=key)
424 except Exception: # pylint: disable=broad-except
425 log.exception("Error [delete_keypair(nova_client)]")
429 # *********************************************
431 # *********************************************
432 def get_network_id(shade_client, network_name):
433 networks = shade_client.list_networks({'name': network_name})
435 return networks[0]['id']
438 def create_neutron_net(shade_client, network_name, shared=False,
439 admin_state_up=True, external=False, provider=None,
441 """Create a neutron network.
443 :param network_name:(string) name of the network being created.
444 :param shared:(bool) whether the network is shared.
445 :param admin_state_up:(bool) set the network administrative state.
446 :param external:(bool) whether this network is externally accessible.
447 :param provider:(dict) a dict of network provider options.
448 :param project_id:(string) specify the project ID this network
449 will be created on (admin-only).
450 :returns:(string) the network id.
453 networks = shade_client.create_network(
454 name=network_name, shared=shared, admin_state_up=admin_state_up,
455 external=external, provider=provider, project_id=project_id)
456 return networks['id']
457 except exc.OpenStackCloudException as o_exc:
458 log.error("Error [create_neutron_net(shade_client)]."
459 "Exception message, '%s'", o_exc.orig_message)
463 def delete_neutron_net(shade_client, network_id):
465 return shade_client.delete_network(network_id)
466 except exc.OpenStackCloudException:
467 log.error("Error [delete_neutron_net(shade_client, '%s')]", network_id)
471 def create_neutron_subnet(shade_client, network_name_or_id, cidr=None,
472 ip_version=4, enable_dhcp=False, subnet_name=None,
473 tenant_id=None, allocation_pools=None,
474 gateway_ip=None, disable_gateway_ip=False,
475 dns_nameservers=None, host_routes=None,
476 ipv6_ra_mode=None, ipv6_address_mode=None,
477 use_default_subnetpool=False):
478 """Create a subnet on a specified network.
480 :param network_name_or_id:(string) the unique name or ID of the
481 attached network. If a non-unique name is
482 supplied, an exception is raised.
483 :param cidr:(string) the CIDR.
484 :param ip_version:(int) the IP version.
485 :param enable_dhcp:(bool) whether DHCP is enable.
486 :param subnet_name:(string) the name of the subnet.
487 :param tenant_id:(string) the ID of the tenant who owns the network.
488 :param allocation_pools: A list of dictionaries of the start and end
489 addresses for the allocation pools.
490 :param gateway_ip:(string) the gateway IP address.
491 :param disable_gateway_ip:(bool) whether gateway IP address is enabled.
492 :param dns_nameservers: A list of DNS name servers for the subnet.
493 :param host_routes: A list of host route dictionaries for the subnet.
494 :param ipv6_ra_mode:(string) IPv6 Router Advertisement mode.
495 Valid values are: 'dhcpv6-stateful',
496 'dhcpv6-stateless', or 'slaac'.
497 :param ipv6_address_mode:(string) IPv6 address mode.
498 Valid values are: 'dhcpv6-stateful',
499 'dhcpv6-stateless', or 'slaac'.
500 :param use_default_subnetpool:(bool) use the default subnetpool for
501 ``ip_version`` to obtain a CIDR. It is
502 required to pass ``None`` to the ``cidr``
503 argument when enabling this option.
504 :returns:(string) the subnet id.
507 subnet = shade_client.create_subnet(
508 network_name_or_id, cidr=cidr, ip_version=ip_version,
509 enable_dhcp=enable_dhcp, subnet_name=subnet_name,
510 tenant_id=tenant_id, allocation_pools=allocation_pools,
511 gateway_ip=gateway_ip, disable_gateway_ip=disable_gateway_ip,
512 dns_nameservers=dns_nameservers, host_routes=host_routes,
513 ipv6_ra_mode=ipv6_ra_mode, ipv6_address_mode=ipv6_address_mode,
514 use_default_subnetpool=use_default_subnetpool)
516 except exc.OpenStackCloudException as o_exc:
517 log.error("Error [create_neutron_subnet(shade_client)]. "
518 "Exception message: %s", o_exc.orig_message)
522 def create_neutron_router(shade_client, name=None, admin_state_up=True,
523 ext_gateway_net_id=None, enable_snat=None,
524 ext_fixed_ips=None, project_id=None):
525 """Create a logical router.
527 :param name:(string) the router name.
528 :param admin_state_up:(bool) the administrative state of the router.
529 :param ext_gateway_net_id:(string) network ID for the external gateway.
530 :param enable_snat:(bool) enable Source NAT (SNAT) attribute.
531 :param ext_fixed_ips: List of dictionaries of desired IP and/or subnet
532 on the external network.
533 :param project_id:(string) project ID for the router.
535 :returns:(string) the router id.
538 router = shade_client.create_router(
539 name, admin_state_up, ext_gateway_net_id, enable_snat,
540 ext_fixed_ips, project_id)
542 except exc.OpenStackCloudException as o_exc:
543 log.error("Error [create_neutron_router(shade_client)]. "
544 "Exception message: %s", o_exc.orig_message)
547 def delete_neutron_router(shade_client, router_id):
549 return shade_client.delete_router(router_id)
550 except exc.OpenStackCloudException as o_exc:
551 log.error("Error [delete_neutron_router(shade_client, '%s')]. "
552 "Exception message: %s", router_id, o_exc.orig_message)
556 def remove_gateway_router(neutron_client, router_id): # pragma: no cover
558 neutron_client.remove_gateway_router(router_id)
560 except Exception: # pylint: disable=broad-except
561 log.error("Error [remove_gateway_router(neutron_client, '%s')]",
566 def remove_router_interface(shade_client, router, subnet_id=None,
568 """Detach a subnet from an internal router interface.
570 At least one of subnet_id or port_id must be supplied. If you specify both
571 subnet and port ID, the subnet ID must correspond to the subnet ID of the
572 first IP address on the port specified by the port ID.
573 Otherwise an error occurs.
575 :param router: The dict object of the router being changed
576 :param subnet_id:(string) The ID of the subnet to use for the interface
577 :param port_id:(string) The ID of the port to use for the interface
578 :returns: True on success
581 shade_client.remove_router_interface(
582 router, subnet_id=subnet_id, port_id=port_id)
584 except exc.OpenStackCloudException as o_exc:
585 log.error("Error [remove_interface_router(shade_client)]. "
586 "Exception message: %s", o_exc.orig_message)
590 def create_floating_ip(neutron_client, extnet_id): # pragma: no cover
591 props = {'floating_network_id': extnet_id}
593 ip_json = neutron_client.create_floatingip({'floatingip': props})
594 fip_addr = ip_json['floatingip']['floating_ip_address']
595 fip_id = ip_json['floatingip']['id']
596 except Exception: # pylint: disable=broad-except
597 log.error("Error [create_floating_ip(neutron_client)]")
599 return {'fip_addr': fip_addr, 'fip_id': fip_id}
602 def delete_floating_ip(nova_client, floatingip_id): # pragma: no cover
604 nova_client.floating_ips.delete(floatingip_id)
606 except Exception: # pylint: disable=broad-except
607 log.error("Error [delete_floating_ip(nova_client, '%s')]",
612 def get_security_groups(neutron_client): # pragma: no cover
614 security_groups = neutron_client.list_security_groups()[
616 return security_groups
617 except Exception: # pylint: disable=broad-except
618 log.error("Error [get_security_groups(neutron_client)]")
622 def get_security_group_id(neutron_client, sg_name): # pragma: no cover
623 security_groups = get_security_groups(neutron_client)
625 for sg in security_groups:
626 if sg['name'] == sg_name:
632 def create_security_group(neutron_client, sg_name,
633 sg_description): # pragma: no cover
634 json_body = {'security_group': {'name': sg_name,
635 'description': sg_description}}
637 secgroup = neutron_client.create_security_group(json_body)
638 return secgroup['security_group']
639 except Exception: # pylint: disable=broad-except
640 log.error("Error [create_security_group(neutron_client, '%s', "
641 "'%s')]", sg_name, sg_description)
645 def create_secgroup_rule(neutron_client, sg_id, direction, protocol,
646 port_range_min=None, port_range_max=None,
647 **json_body): # pragma: no cover
648 # We create a security group in 2 steps
649 # 1 - we check the format and set the json body accordingly
650 # 2 - we call neturon client to create the security group
653 json_body.update({'security_group_rule': {'direction': direction,
654 'security_group_id': sg_id, 'protocol': protocol}})
656 # - both None => we do nothing
657 # - both Not None => we add them to the json description
658 # but one cannot be None is the other is not None
659 if (port_range_min is not None and port_range_max is not None):
660 # add port_range in json description
661 json_body['security_group_rule']['port_range_min'] = port_range_min
662 json_body['security_group_rule']['port_range_max'] = port_range_max
663 log.debug("Security_group format set (port range included)")
665 # either both port range are set to None => do nothing
666 # or one is set but not the other => log it and return False
667 if port_range_min is None and port_range_max is None:
668 log.debug("Security_group format set (no port range mentioned)")
670 log.error("Bad security group format."
671 "One of the port range is not properly set:"
672 "range min: %s, range max: %s", port_range_min,
676 # Create security group using neutron client
678 neutron_client.create_security_group_rule(json_body)
680 except Exception: # pylint: disable=broad-except
681 log.exception("Impossible to create_security_group_rule,"
682 "security group rule probably already exists")
686 def create_security_group_full(neutron_client, sg_name,
687 sg_description): # pragma: no cover
688 sg_id = get_security_group_id(neutron_client, sg_name)
690 log.info("Using existing security group '%s'...", sg_name)
692 log.info("Creating security group '%s'...", sg_name)
693 SECGROUP = create_security_group(neutron_client,
697 log.error("Failed to create the security group...")
700 sg_id = SECGROUP['id']
702 log.debug("Security group '%s' with ID=%s created successfully.",
703 SECGROUP['name'], sg_id)
705 log.debug("Adding ICMP rules in security group '%s'...", sg_name)
706 if not create_secgroup_rule(neutron_client, sg_id,
708 log.error("Failed to create the security group rule...")
711 log.debug("Adding SSH rules in security group '%s'...", sg_name)
712 if not create_secgroup_rule(
713 neutron_client, sg_id, 'ingress', 'tcp', '22', '22'):
714 log.error("Failed to create the security group rule...")
717 if not create_secgroup_rule(
718 neutron_client, sg_id, 'egress', 'tcp', '22', '22'):
719 log.error("Failed to create the security group rule...")
724 # *********************************************
726 # *********************************************
727 def get_image_id(glance_client, image_name): # pragma: no cover
728 images = glance_client.images.list()
729 return next((i.id for i in images if i.name == image_name), None)
732 def create_image(glance_client, image_name, file_path, disk_format,
733 container_format, min_disk, min_ram, protected, tag,
734 public, **kwargs): # pragma: no cover
735 if not os.path.isfile(file_path):
736 log.error("Error: file %s does not exist.", file_path)
739 image_id = get_image_id(glance_client, image_name)
740 if image_id is not None:
741 log.info("Image %s already exists.", image_name)
743 log.info("Creating image '%s' from '%s'...", image_name, file_path)
745 image = glance_client.images.create(
746 name=image_name, visibility=public, disk_format=disk_format,
747 container_format=container_format, min_disk=min_disk,
748 min_ram=min_ram, tags=tag, protected=protected, **kwargs)
750 with open(file_path) as image_data:
751 glance_client.images.upload(image_id, image_data)
753 except Exception: # pylint: disable=broad-except
755 "Error [create_glance_image(glance_client, '%s', '%s', '%s')]",
756 image_name, file_path, public)
760 def delete_image(glance_client, image_id): # pragma: no cover
762 glance_client.images.delete(image_id)
764 except Exception: # pylint: disable=broad-except
765 log.exception("Error [delete_flavor(glance_client, %s)]", image_id)
771 # *********************************************
773 # *********************************************
774 def get_volume_id(volume_name): # pragma: no cover
775 volumes = get_cinder_client().volumes.list()
776 return next((v.id for v in volumes if v.name == volume_name), None)
779 def create_volume(cinder_client, volume_name, volume_size,
780 volume_image=False): # pragma: no cover
783 volume = cinder_client.volumes.create(name=volume_name,
785 imageRef=volume_image)
787 volume = cinder_client.volumes.create(name=volume_name,
790 except Exception: # pylint: disable=broad-except
791 log.exception("Error [create_volume(cinder_client, %s)]",
792 (volume_name, volume_size))
796 def delete_volume(cinder_client, volume_id,
797 forced=False): # pragma: no cover
801 cinder_client.volumes.detach(volume_id)
802 except Exception: # pylint: disable=broad-except
803 log.error(sys.exc_info()[0])
804 cinder_client.volumes.force_delete(volume_id)
807 volume = get_cinder_client().volumes.get(volume_id)
808 if volume.status.lower() == 'available':
810 cinder_client.volumes.delete(volume_id)
812 except Exception: # pylint: disable=broad-except
813 log.exception("Error [delete_volume(cinder_client, '%s')]", volume_id)
817 def detach_volume(server_id, volume_id): # pragma: no cover
819 get_nova_client().volumes.delete_server_volume(server_id, volume_id)
821 except Exception: # pylint: disable=broad-except
822 log.exception("Error [detach_server_volume(nova_client, '%s', '%s')]",
823 server_id, volume_id)