starlingx
/
distcloud
Code Issues Proposed changes

Merge "Keystone token and client caching"

This commit is contained in:
Zuul 2020-03-03 16:28:51 +00:00 committed by Gerrit Code Review
parent 501fa35af2 abe9efce41
commit 845d9b9af4
8 changed files with 313 additions and 398 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
distributedcloud/dcorch/api/proxy/common/utils.py
View File

@ -138,7 +138,8 @@ def set_request_forward_environ(req, remote_host, remote_port):
def _get_fernet_keys(): def _get_fernet_keys():
"""Get fernet keys from sysinv.""" """Get fernet keys from sysinv."""
os_client = sdk.OpenStackDriver(consts.CLOUD_0) os_client = sdk.OpenStackDriver(region_name=consts.CLOUD_0,
thread_name='proxy')
try: try:
key_list = os_client.sysinv_client.get_fernet_keys() key_list = os_client.sysinv_client.get_fernet_keys()
return [str(getattr(key, 'key')) for key in key_list] return [str(getattr(key, 'key')) for key in key_list]
@ -146,11 +147,12 @@ def _get_fernet_keys():
keystone_exceptions.ConnectFailure) as e: keystone_exceptions.ConnectFailure) as e:
LOG.info("get_fernet_keys: cloud {} is not reachable [{}]" LOG.info("get_fernet_keys: cloud {} is not reachable [{}]"
.format(consts.CLOUD_0, str(e))) .format(consts.CLOUD_0, str(e)))
os_client.delete_region_clients(consts.CLOUD_0) sdk.OpenStackDriver.delete_region_clients(consts.CLOUD_0)
return None return None
except (AttributeError, TypeError) as e: except (AttributeError, TypeError) as e:
LOG.info("get_fernet_keys error {}".format(e)) LOG.info("get_fernet_keys error {}".format(e))
os_client.delete_region_clients(consts.CLOUD_0, clear_token=True) sdk.OpenStackDriver.delete_region_clients(consts.CLOUD_0,
clear_token=True)
return None return None
except Exception as e: except Exception as e:
LOG.exception(e) LOG.exception(e)

18
distributedcloud/dcorch/common/endpoint_cache.py
View File

@ -14,6 +14,7 @@
# under the License. # under the License.
import collections import collections
import threading
from keystoneauth1 import loading from keystoneauth1 import loading
from keystoneauth1 import session from keystoneauth1 import session
@ -29,6 +30,10 @@ LOG = logging.getLogger(__name__)
class EndpointCache(object): class EndpointCache(object):
plugin_loader = None
plugin_lock = threading.Lock()
def __init__(self, region_name=None, auth_url=None): def __init__(self, region_name=None, auth_url=None):
self.endpoint_map = collections.defaultdict(dict) self.endpoint_map = collections.defaultdict(dict)
self.admin_session = None self.admin_session = None
@ -46,10 +51,12 @@ class EndpointCache(object):
self._update_endpoints() self._update_endpoints()
def _initialize_keystone_client(self, region_name=None, auth_url=None): def _initialize_keystone_client(self, region_name=None, auth_url=None):
loader = loading.get_plugin_loader( with EndpointCache.plugin_lock:
cfg.CONF.keystone_authtoken.auth_type) if EndpointCache.plugin_loader is None:
EndpointCache.plugin_loader = loading.get_plugin_loader(
cfg.CONF.keystone_authtoken.auth_type)
auth = loader.load_from_options( auth = EndpointCache.plugin_loader.load_from_options(
auth_url=self.external_auth_url, auth_url=self.external_auth_url,
username=cfg.CONF.cache.admin_username, username=cfg.CONF.cache.admin_username,
user_domain_name=cfg.CONF.cache.admin_user_domain_name, user_domain_name=cfg.CONF.cache.admin_user_domain_name,
@ -83,11 +90,10 @@ class EndpointCache(object):
except IndexError: except IndexError:
LOG.error("Cannot find identity auth_url for %s", region_name) LOG.error("Cannot find identity auth_url for %s", region_name)
raise raise
sc_loader = loading.get_plugin_loader(
cfg.CONF.keystone_authtoken.auth_type)
# We assume that the Admin user names and passwords are the same # We assume that the Admin user names and passwords are the same
# on this subcloud since this is an audited resource # on this subcloud since this is an audited resource
sc_auth = sc_loader.load_from_options( sc_auth = EndpointCache.plugin_loader.load_from_options(
auth_url=sc_auth_url, auth_url=sc_auth_url,
username=cfg.CONF.cache.admin_username, username=cfg.CONF.cache.admin_username,
user_domain_name=cfg.CONF.cache.admin_user_domain_name, user_domain_name=cfg.CONF.cache.admin_user_domain_name,

7
distributedcloud/dcorch/drivers/openstack/fm.py
View File

@ -46,8 +46,7 @@ class FmClient(base.DriverBase):
LOG.info("get_alarm_summary region %s" % LOG.info("get_alarm_summary region %s" %
self.region_name) self.region_name)
alarms = self.fm.alarm.summary() alarms = self.fm.alarm.summary()
return alarms
except Exception as e: except Exception as e:
LOG.error("get_alarm_summary exception=%s" % e) LOG.error("get_alarm_summary exception={}".format(e))
pass raise e
return {} return alarms

144
distributedcloud/dcorch/drivers/openstack/sdk_platform.py
View File

@ -22,6 +22,7 @@ from oslo_log import log
from oslo_utils import timeutils from oslo_utils import timeutils
from dcorch.common import consts from dcorch.common import consts
from dcorch.drivers.openstack.fm import FmClient
from dcorch.drivers.openstack.keystone_v3 import KeystoneClient from dcorch.drivers.openstack.keystone_v3 import KeystoneClient
from dcorch.drivers.openstack.sysinv_v1 import SysinvClient from dcorch.drivers.openstack.sysinv_v1 import SysinvClient
@ -30,90 +31,137 @@ STALE_TOKEN_DURATION = 60
LOG = log.getLogger(__name__) LOG = log.getLogger(__name__)
LOCK_NAME = 'dcorch-openstackdriver-platform'
class OpenStackDriver(object): class OpenStackDriver(object):
@lockutils.synchronized('dcorch-openstackdriver-platform') os_clients_dict = collections.defaultdict(dict)
def __init__(self, region_name=consts.VIRTUAL_MASTER_CLOUD, _identity_tokens = {}
@lockutils.synchronized(LOCK_NAME)
def __init__(self, region_name=consts.CLOUD_0, thread_name='dcorch',
auth_url=None): auth_url=None):
# Check if objects are cached and try to use those # Check if objects are cached and try to use those
self.os_clients_dict = collections.defaultdict(dict)
self._identity_tokens = {}
self.region_name = region_name self.region_name = region_name
self.sysinv_client = None
self.fm_client = None
if ((region_name in self.os_clients_dict) and if ((region_name in OpenStackDriver.os_clients_dict) and
('keystone' in self.os_clients_dict[region_name]) and ('keystone' in self.os_clients_dict[region_name]) and
self._is_token_valid(region_name)): self._is_token_valid(region_name)):
self.keystone_client = \ self.keystone_client = \
self.os_clients_dict[region_name]['keystone'] self.os_clients_dict[region_name]['keystone']
else: else:
LOG.info("get new keystone client for subcloud %s", region_name) LOG.info("get new keystone client for subcloud %s", region_name)
self.keystone_client = KeystoneClient(region_name, auth_url) try:
self.os_clients_dict[region_name]['keystone'] = \ self.keystone_client = KeystoneClient(region_name, auth_url)
self.keystone_client OpenStackDriver.os_clients_dict[region_name]['keystone'] =\
if ((region_name in self.os_clients_dict) and self.keystone_client
('sysinv' in self.os_clients_dict[region_name]) and except Exception as exception:
self._is_token_valid(region_name)): LOG.error('keystone_client region %s error: %s' %
LOG.info('Using cached OS client objects %s' % region_name) (region_name, exception.message))
self.sysinv_client = self.os_clients_dict[
region_name]['sysinv']
else:
# Create new objects and cache them
LOG.debug("Creating fresh OS Clients objects %s" % region_name)
self.os_clients_dict[
region_name] = collections.defaultdict(dict)
if ((region_name in OpenStackDriver.os_clients_dict) and
(thread_name in OpenStackDriver.os_clients_dict[region_name])):
if ('sysinv' in OpenStackDriver.os_clients_dict[region_name]
[thread_name]):
LOG.debug('Using cached OS sysinv client objects %s %s' %
(region_name, thread_name))
self.sysinv_client = OpenStackDriver.os_clients_dict[
region_name][thread_name]['sysinv']
if ('fm' in OpenStackDriver.os_clients_dict[region_name]
[thread_name]):
LOG.debug('Using cached OS fm client objects %s %s' %
(region_name, thread_name))
self.fm_client = OpenStackDriver.os_clients_dict[
region_name][thread_name]['fm']
else:
OpenStackDriver.os_clients_dict[region_name][thread_name] = {}
if self.sysinv_client is None:
# Create new sysinv client object and cache it
try: try:
self.sysinv_client = SysinvClient(region_name, self.sysinv_client = SysinvClient(region_name,
self.keystone_client.session) self.keystone_client.session)
self.os_clients_dict[region_name][ (OpenStackDriver.os_clients_dict[region_name][thread_name]
'sysinv'] = self.sysinv_client ['sysinv']) = self.sysinv_client
except Exception as exception:
LOG.error('sysinv_client region %s error: %s' %
(region_name, exception.message))
@lockutils.synchronized('dcorch-openstackdriver-platform') except Exception as exception:
def delete_region_clients(self, region_name, clear_token=False): LOG.error('sysinv_client region %s thread %s error: %s' %
(region_name, thread_name, exception.message))
if self.fm_client is None:
# Create new fm client object and cache it
try:
self.fm_client = FmClient(
region_name,
self.keystone_client.session,
endpoint_type=consts.KS_ENDPOINT_DEFAULT)
(OpenStackDriver.os_clients_dict[region_name][thread_name]
['fm']) = self.fm_client
except Exception as exception:
LOG.error('fm_client region %s thread %s error: %s' %
(region_name, thread_name, exception.message))
@classmethod
@lockutils.synchronized(LOCK_NAME)
def delete_region_clients(cls, region_name, clear_token=False):
LOG.warn("delete_region_clients=%s, clear_token=%s" % LOG.warn("delete_region_clients=%s, clear_token=%s" %
(region_name, clear_token)) (region_name, clear_token))
if region_name in self.os_clients_dict: if region_name in cls.os_clients_dict:
del self.os_clients_dict[region_name] del cls.os_clients_dict[region_name]
if clear_token: if clear_token:
self._identity_tokens[region_name] = None cls._identity_tokens[region_name] = None
@classmethod
@lockutils.synchronized(LOCK_NAME)
def delete_region_clients_for_thread(cls, region_name, thread_name):
LOG.debug("delete_region_clients=%s, thread_name=%s" %
(region_name, thread_name))
if (region_name in cls.os_clients_dict and
thread_name in cls.os_clients_dict[region_name]):
del cls.os_clients_dict[region_name][thread_name]
def _is_token_valid(self, region_name): def _is_token_valid(self, region_name):
try: try:
keystone = \ keystone = \
self.os_clients_dict[region_name]['keystone'].keystone_client OpenStackDriver.os_clients_dict[region_name]['keystone'].\
if (not self._identity_tokens keystone_client
or region_name not in self._identity_tokens if (not OpenStackDriver._identity_tokens
or not self._identity_tokens[region_name]): or region_name not in OpenStackDriver._identity_tokens
self._identity_tokens[region_name] = \ or not OpenStackDriver._identity_tokens[region_name]):
OpenStackDriver._identity_tokens[region_name] = \
keystone.tokens.validate(keystone.session.get_token()) keystone.tokens.validate(keystone.session.get_token())
LOG.info("Get new token for subcloud %s expires_at=%s" % LOG.info("Get new token for subcloud %s expires_at=%s" %
(region_name, (region_name,
self._identity_tokens[region_name]['expires_at'])) OpenStackDriver._identity_tokens[region_name]
['expires_at']))
# Reset the cached dictionary # Reset the cached dictionary
self.os_clients_dict[region_name] = \ OpenStackDriver.os_clients_dict[region_name] = \
collections.defaultdict(dict) collections.defaultdict(dict)
return False return False
token = \ token = \
keystone.tokens.validate(self._identity_tokens[region_name]) keystone.tokens.validate(OpenStackDriver._identity_tokens
if token != self._identity_tokens[region_name]: [region_name])
if token != OpenStackDriver._identity_tokens[region_name]:
LOG.info("updating token %s to %s" % LOG.info("updating token %s to %s" %
(self._identity_tokens[region_name], token)) (OpenStackDriver._identity_tokens[region_name],
self._identity_tokens[region_name] = token token))
self.os_clients_dict[region_name] = \ OpenStackDriver._identity_tokens[region_name] = token
OpenStackDriver.os_clients_dict[region_name] = \
collections.defaultdict(dict) collections.defaultdict(dict)
return False return False
except Exception as exception: except Exception as exception:
LOG.info('_is_token_valid handle: %s', exception.message) LOG.info('_is_token_valid handle: %s', exception.message)
# Reset the cached dictionary # Reset the cached dictionary
self.os_clients_dict[region_name] = collections.defaultdict(dict) OpenStackDriver.os_clients_dict[region_name] = \
self._identity_tokens[region_name] = None collections.defaultdict(dict)
OpenStackDriver._identity_tokens[region_name] = None
return False return False
expiry_time = timeutils.normalize_time(timeutils.parse_isotime( expiry_time = timeutils.normalize_time(timeutils.parse_isotime(
@ -122,10 +170,12 @@ class OpenStackDriver(object):
LOG.info("The cached keystone token for subcloud %s " LOG.info("The cached keystone token for subcloud %s "
"will expire soon %s" % "will expire soon %s" %
(region_name, (region_name,
self._identity_tokens[region_name]['expires_at'])) OpenStackDriver._identity_tokens[region_name]
['expires_at']))
# Reset the cached dictionary # Reset the cached dictionary
self.os_clients_dict[region_name] = collections.defaultdict(dict) OpenStackDriver.os_clients_dict[region_name] = \
self._identity_tokens[region_name] = None collections.defaultdict(dict)
OpenStackDriver._identity_tokens[region_name] = None
return False return False
else: else:
return True return True

32
distributedcloud/dcorch/engine/alarm_aggregate_manager.py
View File

@ -21,8 +21,11 @@ from dcorch.common import exceptions
from dcorch.common.i18n import _ from dcorch.common.i18n import _
from dcorch.common import manager from dcorch.common import manager
from dcorch.db import api as db_api from dcorch.db import api as db_api
from dcorch.drivers.openstack import sdk
from dcorch.drivers.openstack import sdk_platform from dcorch.drivers.openstack.fm import FmClient
from dcorch.drivers.openstack.keystone_v3 import KeystoneClient
from dcorch.drivers.openstack import sdk_platform as sdk
from dcorch.drivers.openstack.sysinv_v1 import SysinvClient
from oslo_config import cfg from oslo_config import cfg
from oslo_log import log as logging from oslo_log import log as logging
@ -53,12 +56,17 @@ class AlarmAggregateManager(manager.Manager):
def enable_snmp(self, ctxt, subcloud_name): def enable_snmp(self, ctxt, subcloud_name):
LOG.info("Enabling fm-aggregation trap for region_name=%s" % LOG.info("Enabling fm-aggregation trap for region_name=%s" %
subcloud_name) subcloud_name)
os_client = sdk_platform.OpenStackDriver(subcloud_name)
payload = {"ip_address": CONF.snmp.snmp_ip, payload = {"ip_address": CONF.snmp.snmp_ip,
"community": CONF.snmp.snmp_comm_str} "community": CONF.snmp.snmp_comm_str}
try: try:
os_client.sysinv_client.snmp_trapdest_create(payload) ks_client = KeystoneClient(subcloud_name)
self.update_alarm_summary(self.context, subcloud_name) sysinv_client = SysinvClient(subcloud_name, ks_client.session)
fm_client = FmClient(subcloud_name, ks_client.session,
consts.KS_ENDPOINT_DEFAULT)
sysinv_client.snmp_trapdest_create(payload)
self.update_alarm_summary(self.context, subcloud_name,
fm_client=fm_client)
except (exceptions.ConnectionRefused, exceptions.NotAuthorized, except (exceptions.ConnectionRefused, exceptions.NotAuthorized,
exceptions.TimeOut): exceptions.TimeOut):
LOG.info("snmp_trapdest_create exception Timeout region_name=%s" % LOG.info("snmp_trapdest_create exception Timeout region_name=%s" %
@ -77,11 +85,16 @@ class AlarmAggregateManager(manager.Manager):
subcloud_name) subcloud_name)
pass pass
def update_alarm_summary(self, cntx, region_name): def update_alarm_summary(self, cntx, region_name, thread_name=None,
fm_client=None):
LOG.info("Updating alarm summary for %s" % region_name) LOG.info("Updating alarm summary for %s" % region_name)
try: try:
os_client = sdk.OpenStackDriver(region_name) if fm_client is not None:
alarms = os_client.fm_client.get_alarm_summary() alarms = fm_client.get_alarm_summary()
else:
os_client = sdk.OpenStackDriver(region_name=region_name,
thread_name=thread_name)
alarms = os_client.fm_client.get_alarm_summary()
alarm_updates = {'critical_alarms': alarms[0].critical, alarm_updates = {'critical_alarms': alarms[0].critical,
'major_alarms': alarms[0].major, 'major_alarms': alarms[0].major,
'minor_alarms': alarms[0].minor, 'minor_alarms': alarms[0].minor,
@ -144,7 +157,8 @@ class PeriodicAlarmUpdate(threading.Thread):
dcm_consts.AVAILABILITY_ONLINE: dcm_consts.AVAILABILITY_ONLINE:
self.parent.\ self.parent.\
update_alarm_summary(self.context, update_alarm_summary(self.context,
subcloud['region_name']) subcloud['region_name'],
self.name)
except Exception: except Exception:
pass pass
time.sleep(1.0) time.sleep(1.0)

19
distributedcloud/dcorch/engine/fernet_key_manager.py
View File

@ -26,8 +26,8 @@ from dcorch.common import exceptions
from dcorch.common.i18n import _ from dcorch.common.i18n import _
from dcorch.common import manager from dcorch.common import manager
from dcorch.common import utils from dcorch.common import utils
from dcorch.drivers.openstack import sdk_platform as sdk from dcorch.drivers.openstack.keystone_v3 import KeystoneClient
from dcorch.drivers.openstack.sysinv_v1 import SysinvClient
FERNET_REPO_MASTER_ID = "keys" FERNET_REPO_MASTER_ID = "keys"
KEY_ROTATE_CMD = "/usr/bin/keystone-fernet-keys-rotate-active" KEY_ROTATE_CMD = "/usr/bin/keystone-fernet-keys-rotate-active"
@ -89,8 +89,12 @@ class FernetKeyManager(manager.Manager):
"""get the keys from the local fernet key repo""" """get the keys from the local fernet key repo"""
keys = [] keys = []
try: try:
os_client = sdk.OpenStackDriver(consts.CLOUD_0) # No cached client is required as it is called during the initial
keys = os_client.sysinv_client.get_fernet_keys() # sync and after weekly key rotation
ks_client = KeystoneClient(consts.CLOUD_0)
sysinv_client = SysinvClient(consts.CLOUD_0,
ks_client.session)
keys = sysinv_client.get_fernet_keys()
except (exceptions.ConnectionRefused, exceptions.NotAuthorized, except (exceptions.ConnectionRefused, exceptions.NotAuthorized,
exceptions.TimeOut): exceptions.TimeOut):
LOG.info(_("Retrieving the fernet keys from %s timeout") % LOG.info(_("Retrieving the fernet keys from %s timeout") %
@ -130,8 +134,11 @@ class FernetKeyManager(manager.Manager):
@staticmethod @staticmethod
def update_fernet_repo(subcloud_name, key_list=None): def update_fernet_repo(subcloud_name, key_list=None):
try: try:
os_client = sdk.OpenStackDriver(subcloud_name) # No cached client is required as it is only called during the
os_client.sysinv_client.post_fernet_repo(key_list) # initial sync
ks_client = KeystoneClient(subcloud_name)
sysinv_client = SysinvClient(subcloud_name, ks_client.session)
sysinv_client.post_fernet_repo(key_list)
except (exceptions.ConnectionRefused, exceptions.NotAuthorized, except (exceptions.ConnectionRefused, exceptions.NotAuthorized,
exceptions.TimeOut): exceptions.TimeOut):
LOG.info(_("Update the fernet repo on %s timeout") % LOG.info(_("Update the fernet repo on %s timeout") %

474
distributedcloud/dcorch/engine/sync_services/sysinv.py
View File

@ -53,18 +53,20 @@ class SysinvSyncThread(SyncThread):
self.endpoint_type = consts.ENDPOINT_TYPE_PLATFORM self.endpoint_type = consts.ENDPOINT_TYPE_PLATFORM
self.sync_handler_map = { self.sync_handler_map = {
consts.RESOURCE_TYPE_SYSINV_DNS: self.sync_dns, consts.RESOURCE_TYPE_SYSINV_DNS:
self.sync_platform_resource,
consts.RESOURCE_TYPE_SYSINV_SNMP_COMM: consts.RESOURCE_TYPE_SYSINV_SNMP_COMM:
self.sync_snmp_community, self.sync_platform_resource,
consts.RESOURCE_TYPE_SYSINV_SNMP_TRAPDEST: consts.RESOURCE_TYPE_SYSINV_SNMP_TRAPDEST:
self.sync_snmp_trapdest, self.sync_platform_resource,
consts.RESOURCE_TYPE_SYSINV_REMOTE_LOGGING: consts.RESOURCE_TYPE_SYSINV_REMOTE_LOGGING:
self.sync_remotelogging, self.sync_platform_resource,
consts.RESOURCE_TYPE_SYSINV_CERTIFICATE: consts.RESOURCE_TYPE_SYSINV_CERTIFICATE:
self.sync_certificate, self.sync_platform_resource,
consts.RESOURCE_TYPE_SYSINV_USER: self.sync_user, consts.RESOURCE_TYPE_SYSINV_USER:
self.sync_platform_resource,
consts.RESOURCE_TYPE_SYSINV_FERNET_REPO: consts.RESOURCE_TYPE_SYSINV_FERNET_REPO:
self.sync_fernet_resources self.sync_platform_resource
} }
self.region_name = self.subcloud_engine.subcloud.region_name self.region_name = self.subcloud_engine.subcloud.region_name
self.log_extra = {"instance": "{}/{}: ".format( self.log_extra = {"instance": "{}/{}: ".format(
@ -84,31 +86,49 @@ class SysinvSyncThread(SyncThread):
super(SysinvSyncThread, self).initialize() super(SysinvSyncThread, self).initialize()
LOG.info("SysinvSyncThread initialized", extra=self.log_extra) LOG.info("SysinvSyncThread initialized", extra=self.log_extra)
def update_dns(self, nameservers): def sync_platform_resource(self, request, rsrc):
try: try:
s_os_client = sdk.OpenStackDriver(self.region_name) s_os_client = sdk.OpenStackDriver(region_name=self.region_name,
idns = s_os_client.sysinv_client.update_dns(nameservers) thread_name=self.thread.name)
return idns # invoke the sync method for the requested resource_type
except (exceptions.ConnectionRefused, exceptions.NotAuthorized, # I.e. sync_idns
exceptions.TimeOut): s_func_name = "sync_" + rsrc.resource_type
LOG.info("update_dns exception Timeout", getattr(self, s_func_name)(s_os_client, request, rsrc)
extra=self.log_extra) except AttributeError:
s_os_client.delete_region_clients(self.region_name) LOG.error("{} not implemented for {}"
.format(request.orch_job.operation_type,
rsrc.resource_type))
raise exceptions.SyncRequestFailed
except (exceptions.ConnectionRefused, exceptions.TimeOut,
keystone_exceptions.connection.ConnectTimeout,
keystone_exceptions.ConnectFailure) as e:
LOG.info("{} {} region_name {} exception {}".format(
request.orch_job.operation_type, rsrc.resource_type,
self.region_name, str(e)), extra=self.log_extra)
raise exceptions.SyncRequestTimeout raise exceptions.SyncRequestTimeout
except (AttributeError, TypeError) as e: except exceptions.NotAuthorized:
LOG.info("update_dns error {} region_name".format(e), LOG.info("{} {} region_name {} not authorized".format(
extra=self.log_extra) request.orch_job.operation_type, rsrc.resource_type,
s_os_client.delete_region_clients(self.region_name, self.region_name), extra=self.log_extra)
clear_token=True) sdk.OpenStackDriver.delete_region_clients(self.region_name)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
except Exception as e: except Exception as e:
LOG.exception(e) LOG.exception(e)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
def sync_dns(self, request, rsrc): def update_dns(self, s_os_client, nameservers):
try:
idns = s_os_client.sysinv_client.update_dns(nameservers)
return idns
except (AttributeError, TypeError) as e:
LOG.info("update_dns error {}".format(e),
extra=self.log_extra)
raise exceptions.SyncRequestFailedRetry
def sync_idns(self, s_os_client, request, rsrc):
# The system is created with default dns; thus there # The system is created with default dns; thus there
# is a prepopulated dns entry. # is a prepopulated dns entry.
LOG.info("sync_dns resource_info={}".format( LOG.info("sync_idns resource_info={}".format(
request.orch_job.resource_info), request.orch_job.resource_info),
extra=self.log_extra) extra=self.log_extra)
dns_dict = jsonutils.loads(request.orch_job.resource_info) dns_dict = jsonutils.loads(request.orch_job.resource_info)
@ -119,21 +139,21 @@ class SysinvSyncThread(SyncThread):
for ipayload in payload: for ipayload in payload:
if ipayload.get('path') == '/nameservers': if ipayload.get('path') == '/nameservers':
nameservers = ipayload.get('value') nameservers = ipayload.get('value')
LOG.debug("sync_dns nameservers = {}".format(nameservers), LOG.debug("sync_idns nameservers = {}".format(nameservers),
extra=self.log_extra) extra=self.log_extra)
break break
else: else:
nameservers = payload.get('nameservers') nameservers = payload.get('nameservers')
LOG.debug("sync_dns nameservers from dict={}".format(nameservers), LOG.debug("sync_idns nameservers from dict={}".format(nameservers),
extra=self.log_extra) extra=self.log_extra)
if nameservers is None: if nameservers is None:
LOG.info("sync_dns No nameservers update found in resource_info" LOG.info("sync_idns No nameservers update found in resource_info"
"{}".format(request.orch_job.resource_info), "{}".format(request.orch_job.resource_info),
extra=self.log_extra) extra=self.log_extra)
nameservers = "" nameservers = ""
idns = self.update_dns(nameservers) idns = self.update_dns(s_os_client, nameservers)
# Ensure subcloud resource is persisted to the DB for later # Ensure subcloud resource is persisted to the DB for later
subcloud_rsrc_id = self.persist_db_subcloud_resource( subcloud_rsrc_id = self.persist_db_subcloud_resource(
@ -142,7 +162,7 @@ class SysinvSyncThread(SyncThread):
.format(rsrc.id, subcloud_rsrc_id, nameservers), .format(rsrc.id, subcloud_rsrc_id, nameservers),
extra=self.log_extra) extra=self.log_extra)
def sync_snmp_trapdest(self, request, rsrc): def sync_itrapdest(self, s_os_client, request, rsrc):
switcher = { switcher = {
consts.OPERATION_TYPE_POST: self.snmp_trapdest_create, consts.OPERATION_TYPE_POST: self.snmp_trapdest_create,
consts.OPERATION_TYPE_CREATE: self.snmp_trapdest_create, consts.OPERATION_TYPE_CREATE: self.snmp_trapdest_create,
@ -151,18 +171,12 @@ class SysinvSyncThread(SyncThread):
func = switcher[request.orch_job.operation_type] func = switcher[request.orch_job.operation_type]
try: try:
func(request, rsrc) func(s_os_client, request, rsrc)
except (keystone_exceptions.connection.ConnectTimeout,
keystone_exceptions.ConnectFailure) as e:
LOG.info("sync_snmp_trapdest: subcloud {} is not reachable [{}]"
.format(self.subcloud_engine.subcloud.region_name,
str(e)), extra=self.log_extra)
raise exceptions.SyncRequestTimeout
except Exception as e: except Exception as e:
LOG.exception(e) LOG.exception(e)
raise exceptions.SyncRequestFailedRetry raise e
def snmp_trapdest_create(self, request, rsrc): def snmp_trapdest_create(self, s_os_client, request, rsrc):
LOG.info("snmp_trapdest_create region {} resource_info={}".format( LOG.info("snmp_trapdest_create region {} resource_info={}".format(
self.subcloud_engine.subcloud.region_name, self.subcloud_engine.subcloud.region_name,
request.orch_job.resource_info), request.orch_job.resource_info),
@ -172,23 +186,14 @@ class SysinvSyncThread(SyncThread):
if not payload: if not payload:
payload = resource_info_dict payload = resource_info_dict
s_os_client = sdk.OpenStackDriver(self.region_name)
try: try:
itrapdest = s_os_client.sysinv_client.snmp_trapdest_create( itrapdest = s_os_client.sysinv_client.snmp_trapdest_create(
payload) payload)
itrapdest_id = itrapdest.uuid itrapdest_id = itrapdest.uuid
ip_address = itrapdest.ip_address ip_address = itrapdest.ip_address
except (exceptions.ConnectionRefused, exceptions.NotAuthorized,
exceptions.TimeOut):
LOG.info("snmp_trapdest_create exception Timeout",
extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name)
raise exceptions.SyncRequestTimeout
except (AttributeError, TypeError) as e: except (AttributeError, TypeError) as e:
LOG.info("snmp_trapdest_create error {}".format(e), LOG.info("snmp_trapdest_create error {}".format(e),
extra=self.log_extra) extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name,
clear_token=True)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
# Now persist the subcloud resource to the DB for later # Now persist the subcloud resource to the DB for later
@ -200,11 +205,11 @@ class SysinvSyncThread(SyncThread):
extra=self.log_extra) extra=self.log_extra)
return itrapdest return itrapdest
def snmp_trapdest_delete(self, request, rsrc): def snmp_trapdest_delete(self, s_os_client, request, rsrc):
subcloud_rsrc = self.get_db_subcloud_resource(rsrc.id) subcloud_rsrc = self.get_db_subcloud_resource(rsrc.id)
if not subcloud_rsrc: if not subcloud_rsrc:
return return
s_os_client = sdk.OpenStackDriver(self.region_name)
try: try:
s_os_client.sysinv_client.snmp_trapdest_delete( s_os_client.sysinv_client.snmp_trapdest_delete(
subcloud_rsrc.subcloud_resource_id) subcloud_rsrc.subcloud_resource_id)
@ -212,17 +217,9 @@ class SysinvSyncThread(SyncThread):
# SNMP trapdest already deleted in subcloud, carry on. # SNMP trapdest already deleted in subcloud, carry on.
LOG.info("SNMP trapdest not in subcloud, may be already deleted", LOG.info("SNMP trapdest not in subcloud, may be already deleted",
extra=self.log_extra) extra=self.log_extra)
except (exceptions.ConnectionRefused, exceptions.NotAuthorized,
exceptions.TimeOut):
LOG.info("snmp_trapdest_delete exception Timeout",
extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name)
raise exceptions.SyncRequestTimeout
except (AttributeError, TypeError) as e: except (AttributeError, TypeError) as e:
LOG.info("snmp_trapdest_delete error {}".format(e), LOG.info("snmp_trapdest_delete error {}".format(e),
extra=self.log_extra) extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name,
clear_token=True)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
subcloud_rsrc.delete() subcloud_rsrc.delete()
@ -233,7 +230,7 @@ class SysinvSyncThread(SyncThread):
subcloud_rsrc.subcloud_resource_id), subcloud_rsrc.subcloud_resource_id),
extra=self.log_extra) extra=self.log_extra)
def sync_snmp_community(self, request, rsrc): def sync_icommunity(self, s_os_client, request, rsrc):
switcher = { switcher = {
consts.OPERATION_TYPE_POST: self.snmp_community_create, consts.OPERATION_TYPE_POST: self.snmp_community_create,
consts.OPERATION_TYPE_CREATE: self.snmp_community_create, consts.OPERATION_TYPE_CREATE: self.snmp_community_create,
@ -242,18 +239,12 @@ class SysinvSyncThread(SyncThread):
func = switcher[request.orch_job.operation_type] func = switcher[request.orch_job.operation_type]
try: try:
func(request, rsrc) func(s_os_client, request, rsrc)
except (keystone_exceptions.connection.ConnectTimeout,
keystone_exceptions.ConnectFailure) as e:
LOG.info("sync_snmp_community: subcloud {} is not reachable [{}]"
.format(self.subcloud_engine.subcloud.region_name,
str(e)), extra=self.log_extra)
raise exceptions.SyncRequestTimeout
except Exception as e: except Exception as e:
LOG.exception(e) LOG.exception(e)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
def snmp_community_create(self, request, rsrc): def snmp_community_create(self, s_os_client, request, rsrc):
LOG.info("snmp_community_create region {} resource_info={}".format( LOG.info("snmp_community_create region {} resource_info={}".format(
self.subcloud_engine.subcloud.region_name, self.subcloud_engine.subcloud.region_name,
request.orch_job.resource_info), request.orch_job.resource_info),
@ -263,23 +254,14 @@ class SysinvSyncThread(SyncThread):
if not payload: if not payload:
payload = resource_info_dict payload = resource_info_dict
s_os_client = sdk.OpenStackDriver(self.region_name)
try: try:
icommunity = s_os_client.sysinv_client.snmp_community_create( icommunity = s_os_client.sysinv_client.snmp_community_create(
payload) payload)
icommunity_id = icommunity.uuid icommunity_id = icommunity.uuid
community = icommunity.community community = icommunity.community
except (exceptions.ConnectionRefused, exceptions.NotAuthorized,
exceptions.TimeOut):
LOG.info("snmp_community_create exception Timeout",
extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name)
raise exceptions.SyncRequestTimeout
except (AttributeError, TypeError) as e: except (AttributeError, TypeError) as e:
LOG.info("snmp_community_create error {}".format(e), LOG.info("snmp_community_create error {}".format(e),
extra=self.log_extra) extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name,
clear_token=True)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
# Now persist the subcloud resource to the DB for later # Now persist the subcloud resource to the DB for later
@ -291,11 +273,10 @@ class SysinvSyncThread(SyncThread):
extra=self.log_extra) extra=self.log_extra)
return icommunity return icommunity
def snmp_community_delete(self, request, rsrc): def snmp_community_delete(self, s_os_client, request, rsrc):
subcloud_rsrc = self.get_db_subcloud_resource(rsrc.id) subcloud_rsrc = self.get_db_subcloud_resource(rsrc.id)
if not subcloud_rsrc: if not subcloud_rsrc:
return return
s_os_client = sdk.OpenStackDriver(self.region_name)
try: try:
s_os_client.sysinv_client.snmp_community_delete( s_os_client.sysinv_client.snmp_community_delete(
subcloud_rsrc.subcloud_resource_id) subcloud_rsrc.subcloud_resource_id)
@ -303,17 +284,9 @@ class SysinvSyncThread(SyncThread):
# Community already deleted in subcloud, carry on. # Community already deleted in subcloud, carry on.
LOG.info("SNMP community not in subcloud, may be already deleted", LOG.info("SNMP community not in subcloud, may be already deleted",
extra=self.log_extra) extra=self.log_extra)
except (exceptions.ConnectionRefused, exceptions.NotAuthorized,
exceptions.TimeOut):
LOG.info("snmp_community_delete exception Timeout",
extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name)
raise exceptions.SyncRequestTimeout
except (AttributeError, TypeError) as e: except (AttributeError, TypeError) as e:
LOG.info("snmp_community_delete error {}".format(e), LOG.info("snmp_community_delete error {}".format(e),
extra=self.log_extra) extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name,
clear_token=True)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
subcloud_rsrc.delete() subcloud_rsrc.delete()
@ -324,30 +297,18 @@ class SysinvSyncThread(SyncThread):
subcloud_rsrc.subcloud_resource_id), subcloud_rsrc.subcloud_resource_id),
extra=self.log_extra) extra=self.log_extra)
def update_remotelogging(self, values): def update_remotelogging(self, s_os_client, values):
s_os_client = sdk.OpenStackDriver(self.region_name)
try: try:
iremotelogging = s_os_client.sysinv_client.update_remotelogging( iremotelogging = s_os_client.sysinv_client.update_remotelogging(
values) values)
return iremotelogging return iremotelogging
except (exceptions.ConnectionRefused, exceptions.NotAuthorized,
exceptions.TimeOut):
LOG.info("update_remotelogging exception Timeout",
extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name)
raise exceptions.SyncRequestTimeout
except (AttributeError, TypeError) as e: except (AttributeError, TypeError) as e:
LOG.info("update_remotelogging error {} region_name".format(e), LOG.info("update_remotelogging error {} region_name".format(e),
extra=self.log_extra) extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name,
clear_token=True)
raise exceptions.SyncRequestFailedRetry
except Exception as e:
LOG.exception(e)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
def sync_remotelogging(self, request, rsrc): def sync_remotelogging(self, s_os_client, request, rsrc):
# The system is created with default remotelogging; thus there # The system is created with default remotelogging; thus there
# is a prepopulated remotelogging entry. # is a prepopulated remotelogging entry.
LOG.info("sync_remotelogging resource_info={}".format( LOG.info("sync_remotelogging resource_info={}".format(
@ -362,7 +323,7 @@ class SysinvSyncThread(SyncThread):
extra=self.log_extra) extra=self.log_extra)
return return
iremotelogging = self.update_remotelogging(payload) iremotelogging = self.update_remotelogging(s_os_client, payload)
# Ensure subcloud resource is persisted to the DB for later # Ensure subcloud resource is persisted to the DB for later
subcloud_rsrc_id = self.persist_db_subcloud_resource( subcloud_rsrc_id = self.persist_db_subcloud_resource(
@ -373,27 +334,16 @@ class SysinvSyncThread(SyncThread):
iremotelogging.uuid), iremotelogging.uuid),
extra=self.log_extra) extra=self.log_extra)
def update_certificate(self, signature, certificate=None, data=None): def update_certificate(self, s_os_client, signature,
certificate=None, data=None):
s_os_client = sdk.OpenStackDriver(self.region_name)
try: try:
icertificate = s_os_client.sysinv_client.update_certificate( icertificate = s_os_client.sysinv_client.update_certificate(
signature, certificate=certificate, data=data) signature, certificate=certificate, data=data)
return icertificate return icertificate
except (exceptions.ConnectionRefused, exceptions.NotAuthorized,
exceptions.TimeOut):
LOG.info("update_certificate exception Timeout",
extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name)
raise exceptions.SyncRequestTimeout
except (AttributeError, TypeError) as e: except (AttributeError, TypeError) as e:
LOG.info("update_certificate error {} region_name".format(e), LOG.info("update_certificate error {} region_name".format(e),
extra=self.log_extra) extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name,
clear_token=True)
raise exceptions.SyncRequestFailedRetry
except Exception as e:
LOG.exception(e)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
@staticmethod @staticmethod
@ -427,7 +377,7 @@ class SysinvSyncThread(SyncThread):
metadata)) metadata))
return certificate, metadata return certificate, metadata
def sync_certificate(self, request, rsrc): def sync_certificates(self, s_os_client, request, rsrc):
LOG.info("sync_certificate resource_info={}".format( LOG.info("sync_certificate resource_info={}".format(
request.orch_job.resource_info), request.orch_job.resource_info),
extra=self.log_extra) extra=self.log_extra)
@ -454,6 +404,7 @@ class SysinvSyncThread(SyncThread):
signature = rsrc.master_id signature = rsrc.master_id
if signature and signature != self.CERTIFICATE_SIG_NULL: if signature and signature != self.CERTIFICATE_SIG_NULL:
icertificate = self.update_certificate( icertificate = self.update_certificate(
s_os_client,
signature, signature,
certificate=certificate, certificate=certificate,
data=metadata) data=metadata)
@ -471,34 +422,23 @@ class SysinvSyncThread(SyncThread):
subcloud_rsrc_id, isignature, signature), subcloud_rsrc_id, isignature, signature),
extra=self.log_extra) extra=self.log_extra)
def update_user(self, passwd_hash, root_sig, passwd_expiry_days): def update_user(self, s_os_client, passwd_hash,
root_sig, passwd_expiry_days):
LOG.info("update_user={} {} {}".format( LOG.info("update_user={} {} {}".format(
passwd_hash, root_sig, passwd_expiry_days), passwd_hash, root_sig, passwd_expiry_days),
extra=self.log_extra) extra=self.log_extra)
try: try:
s_os_client = sdk.OpenStackDriver(self.region_name)
iuser = s_os_client.sysinv_client.update_user(passwd_hash, iuser = s_os_client.sysinv_client.update_user(passwd_hash,
root_sig, root_sig,
passwd_expiry_days) passwd_expiry_days)
return iuser return iuser
except (exceptions.ConnectionRefused, exceptions.NotAuthorized,
exceptions.TimeOut):
LOG.info("update_user exception Timeout",
extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name)
raise exceptions.SyncRequestTimeout
except (AttributeError, TypeError) as e: except (AttributeError, TypeError) as e:
LOG.info("update_user error {} region_name".format(e), LOG.info("update_user error {} region_name".format(e),
extra=self.log_extra) extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name,
clear_token=True)
raise exceptions.SyncRequestFailedRetry
except Exception as e:
LOG.exception(e)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
def sync_user(self, request, rsrc): def sync_iuser(self, s_os_client, request, rsrc):
# The system is populated with user entry for wrsroot. # The system is populated with user entry for wrsroot.
LOG.info("sync_user resource_info={}".format( LOG.info("sync_user resource_info={}".format(
request.orch_job.resource_info), request.orch_job.resource_info),
@ -531,7 +471,8 @@ class SysinvSyncThread(SyncThread):
extra=self.log_extra) extra=self.log_extra)
return return
iuser = self.update_user(passwd_hash, root_sig, passwd_expiry_days) iuser = self.update_user(s_os_client, passwd_hash, root_sig,
passwd_expiry_days)
# Ensure subcloud resource is persisted to the DB for later # Ensure subcloud resource is persisted to the DB for later
subcloud_rsrc_id = self.persist_db_subcloud_resource( subcloud_rsrc_id = self.persist_db_subcloud_resource(
@ -540,7 +481,7 @@ class SysinvSyncThread(SyncThread):
.format(rsrc.id, subcloud_rsrc_id, passwd_hash), .format(rsrc.id, subcloud_rsrc_id, passwd_hash),
extra=self.log_extra) extra=self.log_extra)
def sync_fernet_resources(self, request, rsrc): def sync_fernet_repo(self, s_os_client, request, rsrc):
switcher = { switcher = {
consts.OPERATION_TYPE_PUT: self.update_fernet_repo, consts.OPERATION_TYPE_PUT: self.update_fernet_repo,
consts.OPERATION_TYPE_PATCH: self.update_fernet_repo, consts.OPERATION_TYPE_PATCH: self.update_fernet_repo,
@ -549,7 +490,7 @@ class SysinvSyncThread(SyncThread):
func = switcher[request.orch_job.operation_type] func = switcher[request.orch_job.operation_type]
try: try:
func(request, rsrc) func(s_os_client, request, rsrc)
except (keystone_exceptions.connection.ConnectTimeout, except (keystone_exceptions.connection.ConnectTimeout,
keystone_exceptions.ConnectFailure) as e: keystone_exceptions.ConnectFailure) as e:
LOG.info("sync_fernet_resources: subcloud {} is not reachable [{}]" LOG.info("sync_fernet_resources: subcloud {} is not reachable [{}]"
@ -560,64 +501,44 @@ class SysinvSyncThread(SyncThread):
LOG.exception(e) LOG.exception(e)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
def create_fernet_repo(self, request, rsrc): def create_fernet_repo(self, s_os_client, request, rsrc):
LOG.info("create_fernet_repo region {} resource_info={}".format( LOG.info("create_fernet_repo region {} resource_info={}".format(
self.subcloud_engine.subcloud.region_name, self.subcloud_engine.subcloud.region_name,
request.orch_job.resource_info), request.orch_job.resource_info),
extra=self.log_extra) extra=self.log_extra)
resource_info = jsonutils.loads(request.orch_job.resource_info) resource_info = jsonutils.loads(request.orch_job.resource_info)
s_os_client = sdk.OpenStackDriver(self.region_name)
try: try:
s_os_client.sysinv_client.post_fernet_repo( s_os_client.sysinv_client.post_fernet_repo(
FernetKeyManager.from_resource_info(resource_info)) FernetKeyManager.from_resource_info(resource_info))
# Ensure subcloud resource is persisted to the DB for later # Ensure subcloud resource is persisted to the DB for later
subcloud_rsrc_id = self.persist_db_subcloud_resource( subcloud_rsrc_id = self.persist_db_subcloud_resource(
rsrc.id, rsrc.master_id) rsrc.id, rsrc.master_id)
except (exceptions.ConnectionRefused, exceptions.NotAuthorized,
exceptions.TimeOut):
LOG.info("create_fernet_repo Timeout,{}:{}".format(
rsrc.id, subcloud_rsrc_id))
s_os_client.delete_region_clients(self.region_name,
clear_token=True)
raise exceptions.SyncRequestTimeout
except (AttributeError, TypeError) as e: except (AttributeError, TypeError) as e:
LOG.info("create_fernet_repo error {}".format(e), LOG.info("create_fernet_repo error {}".format(e),
extra=self.log_extra) extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name,
clear_token=True)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
LOG.info("fernet_repo {} {} {} created".format(rsrc.id, LOG.info("fernet_repo {} {} {} created".format(rsrc.id,
subcloud_rsrc_id, resource_info), subcloud_rsrc_id, resource_info),
extra=self.log_extra) extra=self.log_extra)
def update_fernet_repo(self, request, rsrc): def update_fernet_repo(self, s_os_client, request, rsrc):
LOG.info("update_fernet_repo region {} resource_info={}".format( LOG.info("update_fernet_repo region {} resource_info={}".format(
self.subcloud_engine.subcloud.region_name, self.subcloud_engine.subcloud.region_name,
request.orch_job.resource_info), request.orch_job.resource_info),
extra=self.log_extra) extra=self.log_extra)
resource_info = jsonutils.loads(request.orch_job.resource_info) resource_info = jsonutils.loads(request.orch_job.resource_info)
s_os_client = sdk.OpenStackDriver(self.region_name)
try: try:
s_os_client.sysinv_client.put_fernet_repo( s_os_client.sysinv_client.put_fernet_repo(
FernetKeyManager.from_resource_info(resource_info)) FernetKeyManager.from_resource_info(resource_info))
# Ensure subcloud resource is persisted to the DB for later # Ensure subcloud resource is persisted to the DB for later
subcloud_rsrc_id = self.persist_db_subcloud_resource( subcloud_rsrc_id = self.persist_db_subcloud_resource(
rsrc.id, rsrc.master_id) rsrc.id, rsrc.master_id)
except (exceptions.ConnectionRefused, exceptions.NotAuthorized,
exceptions.TimeOut):
LOG.info("update_fernet_repo Timeout,{}:{}".format(
rsrc.id, subcloud_rsrc_id))
s_os_client.delete_region_clients(self.region_name,
clear_token=True)
raise exceptions.SyncRequestTimeout
except (AttributeError, TypeError) as e: except (AttributeError, TypeError) as e:
LOG.info("update_fernet_repo error {}".format(e), LOG.info("update_fernet_repo error {}".format(e),
extra=self.log_extra) extra=self.log_extra)
s_os_client.delete_region_clients(self.region_name,
clear_token=True)
raise exceptions.SyncRequestFailedRetry raise exceptions.SyncRequestFailedRetry
LOG.info("fernet_repo {} {} {} update".format(rsrc.id, LOG.info("fernet_repo {} {} {} update".format(rsrc.id,
@ -626,193 +547,104 @@ class SysinvSyncThread(SyncThread):
# SysInv Audit Related # SysInv Audit Related
def get_master_resources(self, resource_type): def get_master_resources(self, resource_type):
os_client = sdk.OpenStackDriver(consts.CLOUD_0) try:
if resource_type == consts.RESOURCE_TYPE_SYSINV_DNS: os_client = sdk.OpenStackDriver(region_name=consts.CLOUD_0,
return [self.get_dns_resource(os_client)] thread_name=self.audit_thread.name)
elif resource_type == consts.RESOURCE_TYPE_SYSINV_SNMP_COMM: if resource_type == consts.RESOURCE_TYPE_SYSINV_DNS:
return self.get_snmp_community_resources(os_client) return [self.get_dns_resource(os_client)]
elif resource_type == consts.RESOURCE_TYPE_SYSINV_SNMP_TRAPDEST: elif resource_type == consts.RESOURCE_TYPE_SYSINV_SNMP_COMM:
return self.get_snmp_trapdest_resources(os_client) return self.get_snmp_community_resources(os_client)
elif resource_type == consts.RESOURCE_TYPE_SYSINV_REMOTE_LOGGING: elif resource_type == consts.RESOURCE_TYPE_SYSINV_SNMP_TRAPDEST:
return [self.get_remotelogging_resource(os_client)] return self.get_snmp_trapdest_resources(os_client)
elif resource_type == consts.RESOURCE_TYPE_SYSINV_CERTIFICATE: elif resource_type == consts.RESOURCE_TYPE_SYSINV_REMOTE_LOGGING:
return self.get_certificates_resources(os_client) return [self.get_remotelogging_resource(os_client)]
elif resource_type == consts.RESOURCE_TYPE_SYSINV_USER: elif resource_type == consts.RESOURCE_TYPE_SYSINV_CERTIFICATE:
return [self.get_user_resource(os_client)] return self.get_certificates_resources(os_client)
elif resource_type == consts.RESOURCE_TYPE_SYSINV_FERNET_REPO: elif resource_type == consts.RESOURCE_TYPE_SYSINV_USER:
return [self.get_fernet_resources(os_client)] return [self.get_user_resource(os_client)]
else: elif resource_type == consts.RESOURCE_TYPE_SYSINV_FERNET_REPO:
LOG.error("Wrong resource type {}".format(resource_type), return [self.get_fernet_resources(os_client)]
extra=self.log_extra) else:
LOG.error("Wrong resource type {}".format(resource_type),
extra=self.log_extra)
return None
except Exception as e:
LOG.exception(e)
return None return None
def get_subcloud_resources(self, resource_type): def get_subcloud_resources(self, resource_type):
os_client = sdk.OpenStackDriver(self.region_name) try:
if resource_type == consts.RESOURCE_TYPE_SYSINV_DNS: os_client = sdk.OpenStackDriver(region_name=self.region_name,
return [self.get_dns_resource(os_client)] thread_name=self.audit_thread.name)
elif resource_type == consts.RESOURCE_TYPE_SYSINV_SNMP_COMM: if resource_type == consts.RESOURCE_TYPE_SYSINV_DNS:
return self.get_snmp_community_resources(os_client) return [self.get_dns_resource(os_client)]
elif resource_type == consts.RESOURCE_TYPE_SYSINV_SNMP_TRAPDEST: elif resource_type == consts.RESOURCE_TYPE_SYSINV_SNMP_COMM:
return self.get_snmp_trapdest_resources(os_client) return self.get_snmp_community_resources(os_client)
elif resource_type == consts.RESOURCE_TYPE_SYSINV_REMOTE_LOGGING: elif resource_type == consts.RESOURCE_TYPE_SYSINV_SNMP_TRAPDEST:
return [self.get_remotelogging_resource(os_client)] return self.get_snmp_trapdest_resources(os_client)
elif resource_type == consts.RESOURCE_TYPE_SYSINV_CERTIFICATE: elif resource_type == consts.RESOURCE_TYPE_SYSINV_REMOTE_LOGGING:
return self.get_certificates_resources(os_client) return [self.get_remotelogging_resource(os_client)]
elif resource_type == consts.RESOURCE_TYPE_SYSINV_USER: elif resource_type == consts.RESOURCE_TYPE_SYSINV_CERTIFICATE:
return [self.get_user_resource(os_client)] return self.get_certificates_resources(os_client)
elif resource_type == consts.RESOURCE_TYPE_SYSINV_FERNET_REPO: elif resource_type == consts.RESOURCE_TYPE_SYSINV_USER:
return [self.get_fernet_resources(os_client)] return [self.get_user_resource(os_client)]
else: elif resource_type == consts.RESOURCE_TYPE_SYSINV_FERNET_REPO:
LOG.error("Wrong resource type {}".format(resource_type), return [self.get_fernet_resources(os_client)]
extra=self.log_extra) else:
LOG.error("Wrong resource type {}".format(resource_type),
extra=self.log_extra)
return None
except (exceptions.ConnectionRefused, exceptions.TimeOut,
keystone_exceptions.connection.ConnectTimeout,
keystone_exceptions.ConnectFailure) as e:
LOG.info("get subcloud_resources {}: subcloud {} is not reachable"
"[{}]".format(resource_type,
self.subcloud_engine.subcloud.region_name,
str(e)), extra=self.log_extra)
# None will force skip of audit
return None return None
except exceptions.NotAuthorized as e:
LOG.info("get subcloud_resources {}: subcloud {} not authorized"
"[{}]".format(resource_type,
self.subcloud_engine.subcloud.region_name,
str(e)), extra=self.log_extra)
sdk.OpenStackDriver.delete_region_clients(self.region_name)
return None
except (AttributeError, TypeError) as e:
LOG.info("get subcloud_resources {} error {}".format(
resource_type, e), extra=self.log_extra)
return None
except Exception as e:
LOG.exception(e)
return None
def post_audit(self):
sdk.OpenStackDriver.delete_region_clients_for_thread(
self.region_name, self.audit_thread.name)
sdk.OpenStackDriver.delete_region_clients_for_thread(
consts.CLOUD_0, self.audit_thread.name)
def get_dns_resource(self, os_client): def get_dns_resource(self, os_client):
try: return os_client.sysinv_client.get_dns()
idns = os_client.sysinv_client.get_dns()
return idns
except (keystone_exceptions.connection.ConnectTimeout,
keystone_exceptions.ConnectFailure) as e:
LOG.info("get_dns: subcloud {} is not reachable [{}]"
.format(self.subcloud_engine.subcloud.region_name,
str(e)), extra=self.log_extra)
# TODO(knasim-wrs): This is a bad design to delete the
# client here as the parent may be passing in a shared
# client. Return error here and let parent
# (get_master_resources or get_subcloud_resources) clean
# it up.
os_client.delete_region_clients(self.region_name)
# None will force skip of audit
return None
except (AttributeError, TypeError) as e:
LOG.info("get_dns_resources error {}".format(e),
extra=self.log_extra)
os_client.delete_region_clients(self.region_name, clear_token=True)
return None
except Exception as e:
LOG.exception(e)
return None
def get_snmp_trapdest_resources(self, os_client): def get_snmp_trapdest_resources(self, os_client):
try: return os_client.sysinv_client.snmp_trapdest_list()
itrapdests = os_client.sysinv_client.snmp_trapdest_list()
return itrapdests
except (keystone_exceptions.connection.ConnectTimeout,
keystone_exceptions.ConnectFailure) as e:
LOG.info("snmp_trapdest_list: subcloud {} is not reachable [{}]"
.format(self.subcloud_engine.subcloud.region_name,
str(e)), extra=self.log_extra)
return None
except (AttributeError, TypeError) as e:
LOG.info("get_snmp_trapdest_resources error {}".format(e),
extra=self.log_extra)
os_client.delete_region_clients(self.region_name, clear_token=True)
return None
except Exception as e:
LOG.exception(e)
return None
def get_snmp_community_resources(self, os_client): def get_snmp_community_resources(self, os_client):
try: return os_client.sysinv_client.snmp_community_list()
icommunitys = os_client.sysinv_client.snmp_community_list()
return icommunitys
except (keystone_exceptions.connection.ConnectTimeout,
keystone_exceptions.ConnectFailure) as e:
LOG.info("snmp_community_list: subcloud {} is not reachable [{}]"
.format(self.subcloud_engine.subcloud.region_name,
str(e)), extra=self.log_extra)
return None
except (AttributeError, TypeError) as e:
LOG.info("get_snmp_community_resources error {}".format(e),
extra=self.log_extra)
os_client.delete_region_clients(self.region_name, clear_token=True)
return None
except Exception as e:
LOG.exception(e)
return None
def get_remotelogging_resource(self, os_client): def get_remotelogging_resource(self, os_client):
try: return os_client.sysinv_client.get_remotelogging()
iremotelogging = os_client.sysinv_client.get_remotelogging()
return iremotelogging
except (keystone_exceptions.connection.ConnectTimeout,
keystone_exceptions.ConnectFailure) as e:
LOG.info("get_remotelogging: subcloud {} is not reachable [{}]"
.format(self.subcloud_engine.subcloud.region_name,
str(e)), extra=self.log_extra)
# None will force skip of audit
os_client.delete_region_clients(self.region_name)
return None
except (AttributeError, TypeError) as e:
LOG.info("get_remotelogging_resource error {}".format(e),
extra=self.log_extra)
os_client.delete_region_clients(self.region_name, clear_token=True)
return None
except Exception as e:
LOG.exception(e)
return None
def get_certificates_resources(self, os_client): def get_certificates_resources(self, os_client):
try: return os_client.sysinv_client.get_certificates()
return os_client.sysinv_client.get_certificates()
except (keystone_exceptions.connection.ConnectTimeout,
keystone_exceptions.ConnectFailure) as e:
LOG.info("get_certificates: subcloud {} is not reachable [{}]"
.format(self.subcloud_engine.subcloud.region_name,
str(e)), extra=self.log_extra)
# None will force skip of audit
os_client.delete_region_clients(self.region_name)
return None
except (AttributeError, TypeError) as e:
LOG.info("get_certificates_resources error {}".format(e),
extra=self.log_extra)
os_client.delete_region_clients(self.region_name, clear_token=True)
return None
except Exception as e:
LOG.exception(e)
return None
def get_user_resource(self, os_client): def get_user_resource(self, os_client):
try: return os_client.sysinv_client.get_user()
iuser = os_client.sysinv_client.get_user()
return iuser
except (keystone_exceptions.connection.ConnectTimeout,
keystone_exceptions.ConnectFailure) as e:
LOG.info("get_user: subcloud {} is not reachable [{}]"
.format(self.subcloud_engine.subcloud.region_name,
str(e)), extra=self.log_extra)
# None will force skip of audit
os_client.delete_region_clients(self.region_name)
return None
except (AttributeError, TypeError) as e:
LOG.info("get_user_resources error {}".format(e),
extra=self.log_extra)
os_client.delete_region_clients(self.region_name, clear_token=True)
return None
except Exception as e:
LOG.exception(e)
return None
def get_fernet_resources(self, os_client): def get_fernet_resources(self, os_client):
try: keys = os_client.sysinv_client.get_fernet_keys()
keys = os_client.sysinv_client.get_fernet_keys() return FernetKeyManager.to_resource_info(keys)
return FernetKeyManager.to_resource_info(keys)
except (keystone_exceptions.connection.ConnectTimeout,
keystone_exceptions.ConnectFailure) as e:
LOG.info("get_fernet_resource: subcloud {} is not reachable [{}]"
.format(self.subcloud_engine.subcloud.region_name,
str(e)), extra=self.log_extra)
os_client.delete_region_clients(self.region_name)
# None will force skip of audit
return None
except (AttributeError, TypeError) as e:
LOG.info("get_fernet_resource error {}".format(e),
extra=self.log_extra)
os_client.delete_region_clients(self.region_name, clear_token=True)
return None
except Exception as e:
LOG.exception(e)
return None
def get_resource_id(self, resource_type, resource): def get_resource_id(self, resource_type, resource):
if resource_type == consts.RESOURCE_TYPE_SYSINV_SNMP_COMM: if resource_type == consts.RESOURCE_TYPE_SYSINV_SNMP_COMM:

9
distributedcloud/dcorch/engine/sync_thread.py
View File

@ -140,12 +140,12 @@ class SyncThread(object):
# keystone client # keystone client
self.ks_client = keystoneclient.Client( self.ks_client = keystoneclient.Client(
session=self.admin_session, session=self.admin_session,
region_name=consts.VIRTUAL_MASTER_CLOUD) region_name=consts.CLOUD_0)
# dcdbsync client # dcdbsync client
self.dbs_client = dbsyncclient.Client( self.dbs_client = dbsyncclient.Client(
endpoint_type=consts.DBS_ENDPOINT_INTERNAL, endpoint_type=consts.DBS_ENDPOINT_INTERNAL,
session=self.admin_session, session=self.admin_session,
region_name=consts.VIRTUAL_MASTER_CLOUD) region_name=consts.CLOUD_0)
def initialize_sc_clients(self): def initialize_sc_clients(self):
# base implementation of initializing the subcloud specific # base implementation of initializing the subcloud specific
@ -485,6 +485,11 @@ class SyncThread(object):
LOG.debug("{}: done sync audit".format(self.audit_thread.name), LOG.debug("{}: done sync audit".format(self.audit_thread.name),
extra=self.log_extra) extra=self.log_extra)
self.post_audit()
def post_audit(self):
# The specific SyncThread subclasses may perform post audit actions
return
def audit_find_missing(self, resource_type, m_resources, def audit_find_missing(self, resource_type, m_resources,
db_resources, sc_resources, db_resources, sc_resources,