valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-08 01:18:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update glace to use keystone, and keystone to be used by others

Browse Source
This commit is contained in:
Joseph Hall 2012-11-08 15:47:39 -07:00
parent 0c99b71705
commit f53a760e6d
2 changed files with 68 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
salt/modules/glance.py
View File

@ -14,7 +14,6 @@ keystone.auth_url: 'http://127.0.0.1:5000/v2.0/'
has_glance = False has_glance = False
try: try:
from glanceclient import client from glanceclient import client
from keystoneclient.v2_0 import client as ksclient
has_glance = True has_glance = True
except ImportError: except ImportError:
pass pass
@ -35,21 +34,7 @@ def _auth():
''' '''
Set up keystone credentials Set up keystone credentials
''' '''
user = __salt__['config.option']('keystone.user') ks = __salt__['keystone.auth']()
password = __salt__['config.option']('keystone.password')
tenant = __salt__['config.option']('keystone.tenant')
tenant_id = __salt__['config.option']('keystone.tenant_id')
auth_url = __salt__['config.option']('keystone.auth_url')
insecure = __salt__['config.option']('keystone.insecure')
kwargs = {
'username': user,
'password': password,
'tenant_name': tenant,
'tenant_id': tenant_id,
'auth_url': auth_url,
'insecure': insecure,
}
ks = ksclient.Client(**kwargs)
token = ks.auth_token token = ks.auth_token
endpoint = ks.service_catalog.url_for( endpoint = ks.service_catalog.url_for(
service_type='image', service_type='image',

125
salt/modules/keystone.py
View File

@ -1,12 +1,14 @@
''' '''
Module for handling openstack keystone calls. Module for handling openstack keystone calls.
This module is not usable until the user, password, tenant and auth url are This module is not usable until the following are specified either in a pillar
specified either in a pillar or in the minion's config file. For example: or in the minion's config file:
keystone.user: admin keystone.user: admin
keystone.password: verybadpass keystone.password: verybadpass
keystone.tenant: admin keystone.tenant: admin
keystone.tenant_id: f80919baedab48ec8931f200c65a50df
keystone.insecure: False #(optional)
keystone.auth_url: 'http://127.0.0.1:5000/v2.0/' keystone.auth_url: 'http://127.0.0.1:5000/v2.0/'
''' '''
has_keystone = False has_keystone = False
@ -28,21 +30,28 @@ def __virtual__():
__opts__ = {} __opts__ = {}
def _auth(): def auth():
''' '''
Set up keystone credentials Set up keystone credentials
Only intended to be used within Keystone-enabled modules
''' '''
user = __salt__['config.option']('keystone.user') user = __salt__['config.option']('keystone.user')
password = __salt__['config.option']('keystone.password') password = __salt__['config.option']('keystone.password')
tenant = __salt__['config.option']('keystone.tenant') tenant = __salt__['config.option']('keystone.tenant')
tenant_id = __salt__['config.option']('keystone.tenant_id')
auth_url = __salt__['config.option']('keystone.auth_url') auth_url = __salt__['config.option']('keystone.auth_url')
nt = client.Client( insecure = __salt__['config.option']('keystone.insecure')
username = user, kwargs = {
password = password, 'username': user,
tenant_name = tenant, 'password': password,
auth_url = auth_url, 'tenant_name': tenant,
) 'tenant_id': tenant_id,
return nt 'auth_url': auth_url,
'insecure': insecure,
}
ks = client.Client(**kwargs)
return ks
def ec2_credentials_get(id=None, name=None, access=None): def ec2_credentials_get(id=None, name=None, access=None):
@ -55,10 +64,10 @@ def ec2_credentials_get(id=None, name=None, access=None):
salt '*' keystone.ec2_credentials_get id=c965f79c4f864eaaa9c3b41904e67082 access=722787eb540849158668370dc627ec5f salt '*' keystone.ec2_credentials_get id=c965f79c4f864eaaa9c3b41904e67082 access=722787eb540849158668370dc627ec5f
salt '*' keystone.ec2_credentials_get name=nova access=722787eb540849158668370dc627ec5f salt '*' keystone.ec2_credentials_get name=nova access=722787eb540849158668370dc627ec5f
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
if name: if name:
for user in nt.users.list(): for user in ks.users.list():
if user.name == name: if user.name == name:
id = user.id id = user.id
continue continue
@ -66,7 +75,7 @@ def ec2_credentials_get(id=None, name=None, access=None):
return {'Error': 'Unable to resolve user id'} return {'Error': 'Unable to resolve user id'}
if not access: if not access:
return {'Error': 'Access key is required'} return {'Error': 'Access key is required'}
ec2_credentials = nt.ec2.get(user_id=id, access=access) ec2_credentials = ks.ec2.get(user_id=id, access=access)
ret[ec2_credentials.user_id] = { ret[ec2_credentials.user_id] = {
'user_id': ec2_credentials.user_id, 'user_id': ec2_credentials.user_id,
'tenant': ec2_credentials.tenant_id, 'tenant': ec2_credentials.tenant_id,
@ -86,16 +95,16 @@ def ec2_credentials_list(id=None, name=None):
salt '*' keystone.ec2_credentials_list id=298ce377245c4ec9b70e1c639c89e654 salt '*' keystone.ec2_credentials_list id=298ce377245c4ec9b70e1c639c89e654
salt '*' keystone.ec2_credentials_list name=jack salt '*' keystone.ec2_credentials_list name=jack
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
if name: if name:
for user in nt.users.list(): for user in ks.users.list():
if user.name == name: if user.name == name:
id = user.id id = user.id
continue continue
if not id: if not id:
return {'Error': 'Unable to resolve user id'} return {'Error': 'Unable to resolve user id'}
for ec2_credential in nt.ec2.list(id): for ec2_credential in ks.ec2.list(id):
ret[ec2_credential.user_id] = { ret[ec2_credential.user_id] = {
'user_id': ec2_credential.user_id, 'user_id': ec2_credential.user_id,
'tenant_id': ec2_credential.tenant_id, 'tenant_id': ec2_credential.tenant_id,
@ -113,8 +122,8 @@ def endpoint_get(service):
salt '*' keystone.endpoint_get ec2 salt '*' keystone.endpoint_get ec2
''' '''
nt = _auth() ks = auth()
return nt.service_catalog.url_for(service_type=service) return ks.service_catalog.url_for(service_type=service)
def endpoint_list(): def endpoint_list():
@ -125,9 +134,9 @@ def endpoint_list():
salt '*' keystone.endpoint_list salt '*' keystone.endpoint_list
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
for endpoint in nt.endpoints.list(): for endpoint in ks.endpoints.list():
ret[endpoint.id] = { ret[endpoint.id] = {
'id': endpoint.id, 'id': endpoint.id,
'region': endpoint.region, 'region': endpoint.region,
@ -149,16 +158,16 @@ def role_get(id=None, name=None):
salt '*' keystone.role_get id=c965f79c4f864eaaa9c3b41904e67082 salt '*' keystone.role_get id=c965f79c4f864eaaa9c3b41904e67082
salt '*' keystone.role_get name=nova salt '*' keystone.role_get name=nova
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
if name: if name:
for role in nt.roles.list(): for role in ks.roles.list():
if role.name == name: if role.name == name:
id = role.id id = role.id
continue continue
if not id: if not id:
return {'Error': 'Unable to resolve role id'} return {'Error': 'Unable to resolve role id'}
role = nt.roles.get(id) role = ks.roles.get(id)
ret[role.name] = { ret[role.name] = {
'id': role.id, 'id': role.id,
'name': role.name, 'name': role.name,
@ -174,9 +183,9 @@ def role_list():
salt '*' keystone.role_list salt '*' keystone.role_list
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
for role in nt.roles.list(): for role in ks.roles.list():
ret[role.name] = { ret[role.name] = {
'id': role.id, 'id': role.id,
'name': role.name, 'name': role.name,
@ -194,16 +203,16 @@ def service_get(id=None, name=None):
salt '*' keystone.service_get id=c965f79c4f864eaaa9c3b41904e67082 salt '*' keystone.service_get id=c965f79c4f864eaaa9c3b41904e67082
salt '*' keystone.service_get name=nova salt '*' keystone.service_get name=nova
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
if name: if name:
for service in nt.services.list(): for service in ks.services.list():
if service.name == name: if service.name == name:
id = service.id id = service.id
continue continue
if not id: if not id:
return {'Error': 'Unable to resolve service id'} return {'Error': 'Unable to resolve service id'}
service = nt.services.get(id) service = ks.services.get(id)
ret[service.name] = { ret[service.name] = {
'id': service.id, 'id': service.id,
'name': service.name, 'name': service.name,
@ -221,9 +230,9 @@ def service_list():
salt '*' keystone.service_list salt '*' keystone.service_list
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
for service in nt.services.list(): for service in ks.services.list():
ret[service.name] = { ret[service.name] = {
'id': service.id, 'id': service.id,
'name': service.name, 'name': service.name,
@ -243,16 +252,16 @@ def tenant_get(id=None, name=None):
salt '*' keystone.tenant_get id=c965f79c4f864eaaa9c3b41904e67082 salt '*' keystone.tenant_get id=c965f79c4f864eaaa9c3b41904e67082
salt '*' keystone.tenant_get name=nova salt '*' keystone.tenant_get name=nova
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
if name: if name:
for tenant in nt.tenants.list(): for tenant in ks.tenants.list():
if tenant.name == name: if tenant.name == name:
id = tenant.id id = tenant.id
continue continue
if not id: if not id:
return {'Error': 'Unable to resolve tenant id'} return {'Error': 'Unable to resolve tenant id'}
tenant = nt.tenants.get(id) tenant = ks.tenants.get(id)
ret[tenant.name] = { ret[tenant.name] = {
'id': tenant.id, 'id': tenant.id,
'name': tenant.name, 'name': tenant.name,
@ -270,9 +279,9 @@ def tenant_list():
salt '*' keystone.tenant_list salt '*' keystone.tenant_list
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
for tenant in nt.tenants.list(): for tenant in ks.tenants.list():
ret[tenant.name] = { ret[tenant.name] = {
'id': tenant.id, 'id': tenant.id,
'name': tenant.name, 'name': tenant.name,
@ -290,8 +299,8 @@ def token_get():
salt '*' keystone.token_get c965f79c4f864eaaa9c3b41904e67082 salt '*' keystone.token_get c965f79c4f864eaaa9c3b41904e67082
''' '''
nt = _auth() ks = auth()
token = nt.service_catalog.get_token() token = ks.service_catalog.get_token()
return { return {
'id': token['id'], 'id': token['id'],
'expires': token['expires'], 'expires': token['expires'],
@ -308,9 +317,9 @@ def user_list():
salt '*' keystone.user_list salt '*' keystone.user_list
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
for user in nt.users.list(): for user in ks.users.list():
ret[user.name] = { ret[user.name] = {
'id': user.id, 'id': user.id,
'name': user.name, 'name': user.name,
@ -331,16 +340,16 @@ def user_get(id=None, name=None):
salt '*' keystone.user_get id=c965f79c4f864eaaa9c3b41904e67082 salt '*' keystone.user_get id=c965f79c4f864eaaa9c3b41904e67082
salt '*' keystone.user_get name=nova salt '*' keystone.user_get name=nova
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
if name: if name:
for user in nt.users.list(): for user in ks.users.list():
if user.name == name: if user.name == name:
id = user.id id = user.id
continue continue
if not id: if not id:
return {'Error': 'Unable to resolve user id'} return {'Error': 'Unable to resolve user id'}
user = nt.users.get(id) user = ks.users.get(id)
ret[user.name] = { ret[user.name] = {
'id': user.id, 'id': user.id,
'name': user.name, 'name': user.name,
@ -359,8 +368,8 @@ def user_create(name, password, email, tenant_id=None, enabled=True):
salt '*' keystone.user_create name=jack password=zero email=jack@halloweentown.org tenant_id=a28a7b5a999a455f84b1f5210264375e enabled=True salt '*' keystone.user_create name=jack password=zero email=jack@halloweentown.org tenant_id=a28a7b5a999a455f84b1f5210264375e enabled=True
''' '''
nt = _auth() ks = auth()
item = nt.users.create( item = ks.users.create(
name=name, name=name,
password=password, password=password,
email=email, email=email,
@ -380,16 +389,16 @@ def user_delete(id=None, name=None):
salt '*' keystone.user_delete id=c965f79c4f864eaaa9c3b41904e67082 salt '*' keystone.user_delete id=c965f79c4f864eaaa9c3b41904e67082
salt '*' keystone.user_delete name=nova salt '*' keystone.user_delete name=nova
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
if name: if name:
for user in nt.users.list(): for user in ks.users.list():
if user.name == name: if user.name == name:
id = user.id id = user.id
continue continue
if not id: if not id:
return {'Error': 'Unable to resolve user id'} return {'Error': 'Unable to resolve user id'}
nt.users.delete(id) ks.users.delete(id)
ret = 'User ID {0} deleted'.format(id) ret = 'User ID {0} deleted'.format(id)
if name: if name:
ret += ' ({0})'.format(name) ret += ' ({0})'.format(name)
@ -407,11 +416,11 @@ def user_update(id=None, name=None, email=None, enabled=None):
salt '*' keystone.user_update id=c965f79c4f864eaaa9c3b41904e67082 name=newname salt '*' keystone.user_update id=c965f79c4f864eaaa9c3b41904e67082 name=newname
salt '*' keystone.user_update c965f79c4f864eaaa9c3b41904e67082 name=newname email=newemail@domain.com salt '*' keystone.user_update c965f79c4f864eaaa9c3b41904e67082 name=newname email=newemail@domain.com
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
if not id: if not id:
return {'Error': 'Unable to resolve user id'} return {'Error': 'Unable to resolve user id'}
nt.users.update(user=id, name=name, email=email, enabled=enabled) ks.users.update(user=id, name=name, email=email, enabled=enabled)
ret = 'Info updated for user ID {0}'.format(id) ret = 'Info updated for user ID {0}'.format(id)
return ret return ret
@ -426,16 +435,16 @@ def user_password_update(id=None, name=None, password=None):
salt '*' keystone.user_delete id=c965f79c4f864eaaa9c3b41904e67082 password=12345 salt '*' keystone.user_delete id=c965f79c4f864eaaa9c3b41904e67082 password=12345
salt '*' keystone.user_delete name=nova pasword=12345 salt '*' keystone.user_delete name=nova pasword=12345
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
if name: if name:
for user in nt.users.list(): for user in ks.users.list():
if user.name == name: if user.name == name:
id = user.id id = user.id
continue continue
if not id: if not id:
return {'Error': 'Unable to resolve user id'} return {'Error': 'Unable to resolve user id'}
nt.users.update_password(user=id, password=password) ks.users.update_password(user=id, password=password)
ret = 'Password updated for user ID {0}'.format(id) ret = 'Password updated for user ID {0}'.format(id)
if name: if name:
ret += ' ({0})'.format(name) ret += ' ({0})'.format(name)
@ -453,22 +462,22 @@ def user_role_list(user_id=None, tenant_id=None, user_name=None, tenant_name=Non
salt '*' keystone.user_role_list user_name=admin salt '*' keystone.user_role_list user_name=admin
salt '*' keystone.user_role_list tenant_name=admin salt '*' keystone.user_role_list tenant_name=admin
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
if user_name: if user_name:
for user in nt.users.list(): for user in ks.users.list():
if user.name == user_name: if user.name == user_name:
user_id = user.id user_id = user.id
continue continue
if tenant_name: if tenant_name:
for tenant in nt.tenants.list(): for tenant in ks.tenants.list():
if tenant.name == tenant_name: if tenant.name == tenant_name:
tenant_id = tenant.id tenant_id = tenant.id
continue continue
if not user_id and not tenant_id: if not user_id and not tenant_id:
return {'Error': 'Unable to resolve user or tenant id'} return {'Error': 'Unable to resolve user or tenant id'}
#ret = [] #ret = []
for role in nt.roles.roles_for_user(user=user_id, tenant=tenant_id): for role in ks.roles.roles_for_user(user=user_id, tenant=tenant_id):
#ret.append(role.__dict__) #ret.append(role.__dict__)
ret[role.name] = { ret[role.name] = {
'id': role.id, 'id': role.id,
@ -488,10 +497,10 @@ def _item_list():
salt '*' keystone.item_list salt '*' keystone.item_list
''' '''
nt = _auth() ks = auth()
ret = {} ret = {}
ret = [] ret = []
for item in nt.items.list(): for item in ks.items.list():
ret.append(item.__dict__) ret.append(item.__dict__)
#ret[item.name] = { #ret[item.name] = {
# 'id': item.id, # 'id': item.id,