|
 |
e4ffb1 |
diff -uNr a/fence/agents/compute/fence_compute.py b/fence/agents/compute/fence_compute.py
|
|
|
e4ffb1 |
--- a/fence/agents/compute/fence_compute.py 2018-01-10 13:46:17.965287100 +0100
|
|
|
e4ffb1 |
+++ b/fence/agents/compute/fence_compute.py 2018-01-11 10:01:12.288043619 +0100
|
|
|
e4ffb1 |
@@ -11,12 +11,6 @@
|
|
|
e4ffb1 |
from fencing import *
|
|
|
e4ffb1 |
from fencing import fail_usage, is_executable, run_command, run_delay
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
-#BEGIN_VERSION_GENERATION
|
|
|
e4ffb1 |
-RELEASE_VERSION="4.0.11"
|
|
|
e4ffb1 |
-BUILD_DATE="(built Wed Nov 12 06:33:38 EST 2014)"
|
|
|
e4ffb1 |
-REDHAT_COPYRIGHT="Copyright (C) Red Hat, Inc. 2004-2010 All rights reserved."
|
|
|
e4ffb1 |
-#END_VERSION_GENERATION
|
|
|
e4ffb1 |
-
|
|
|
e4ffb1 |
override_status = ""
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
EVACUABLE_TAG = "evacuable"
|
|
|
e4ffb1 |
@@ -264,13 +258,37 @@
|
|
|
e4ffb1 |
except ImportError:
|
|
|
e4ffb1 |
fail_usage("Nova not found or not accessible")
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
- versions = [ "2.11", "2" ]
|
|
|
e4ffb1 |
- for version in versions:
|
|
|
e4ffb1 |
- clientargs = inspect.getargspec(client.Client).varargs
|
|
|
e4ffb1 |
+ from keystoneauth1 import loading
|
|
|
e4ffb1 |
+ from keystoneauth1 import session
|
|
|
e4ffb1 |
+ from keystoneclient import discover
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
+ # Prefer the oldest and strip the leading 'v'
|
|
|
e4ffb1 |
+ keystone_versions = discover.available_versions(options["--auth-url"])
|
|
|
e4ffb1 |
+ keystone_version = keystone_versions[0]['id'][1:]
|
|
|
e4ffb1 |
+ kwargs = dict(
|
|
|
e4ffb1 |
+ auth_url=options["--auth-url"],
|
|
|
e4ffb1 |
+ username=options["--username"],
|
|
|
e4ffb1 |
+ password=options["--password"]
|
|
|
e4ffb1 |
+ )
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
+ if discover.version_match("2", keystone_version):
|
|
|
e4ffb1 |
+ kwargs["tenant_name"] = options["--tenant-name"]
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
+ elif discover.version_match("3", keystone_version):
|
|
|
e4ffb1 |
+ kwargs["project_name"] = options["--tenant-name"]
|
|
|
e4ffb1 |
+ kwargs["user_domain_name"] = options["--user-domain"]
|
|
|
e4ffb1 |
+ kwargs["project_domain_name"] = options["--project-domain"]
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
+ loader = loading.get_plugin_loader('password')
|
|
|
e4ffb1 |
+ keystone_auth = loader.load_from_options(**kwargs)
|
|
|
e4ffb1 |
+ keystone_session = session.Session(auth=keystone_auth, verify=(not options["--insecure"]))
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
+ nova_versions = [ "2.11", "2" ]
|
|
|
e4ffb1 |
+ for version in nova_versions:
|
|
|
e4ffb1 |
+ clientargs = inspect.getargspec(client.Client).varargs
|
|
|
e4ffb1 |
# Some versions of Openstack prior to Ocata only
|
|
|
e4ffb1 |
# supported positional arguments for username,
|
|
|
e4ffb1 |
- # password and tenant.
|
|
|
e4ffb1 |
+ # password, and tenant.
|
|
|
e4ffb1 |
#
|
|
|
e4ffb1 |
# Versions since Ocata only support named arguments.
|
|
|
e4ffb1 |
#
|
|
|
e4ffb1 |
@@ -285,25 +303,22 @@
|
|
|
e4ffb1 |
# varargs=None,
|
|
|
e4ffb1 |
# keywords='kwargs', defaults=(None, None, None, None))
|
|
|
e4ffb1 |
nova = client.Client(version,
|
|
|
e4ffb1 |
- options["--username"],
|
|
|
e4ffb1 |
- options["--password"],
|
|
|
e4ffb1 |
- options["--tenant-name"],
|
|
|
e4ffb1 |
- options["--auth-url"],
|
|
|
e4ffb1 |
+ None, # User
|
|
|
e4ffb1 |
+ None, # Password
|
|
|
e4ffb1 |
+ None, # Tenant
|
|
|
e4ffb1 |
+ None, # Auth URL
|
|
|
e4ffb1 |
insecure=options["--insecure"],
|
|
|
e4ffb1 |
region_name=options["--region-name"],
|
|
|
e4ffb1 |
endpoint_type=options["--endpoint-type"],
|
|
|
e4ffb1 |
+ session=keystone_session, auth=keystone_auth,
|
|
|
e4ffb1 |
http_log_debug=options.has_key("--verbose"))
|
|
|
e4ffb1 |
else:
|
|
|
e4ffb1 |
# OSP >= 11
|
|
|
e4ffb1 |
# ArgSpec(args=['version'], varargs='args', keywords='kwargs', defaults=None)
|
|
|
e4ffb1 |
nova = client.Client(version,
|
|
|
e4ffb1 |
- username=options["--username"],
|
|
|
e4ffb1 |
- password=options["--password"],
|
|
|
e4ffb1 |
- tenant_name=options["--tenant-name"],
|
|
|
e4ffb1 |
- auth_url=options["--auth-url"],
|
|
|
e4ffb1 |
- insecure=options["--insecure"],
|
|
|
e4ffb1 |
region_name=options["--region-name"],
|
|
|
e4ffb1 |
endpoint_type=options["--endpoint-type"],
|
|
|
e4ffb1 |
+ session=keystone_session, auth=keystone_auth,
|
|
|
e4ffb1 |
http_log_debug=options.has_key("--verbose"))
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
try:
|
|
|
e4ffb1 |
@@ -316,7 +331,7 @@
|
|
|
e4ffb1 |
except Exception as e:
|
|
|
e4ffb1 |
logging.warning("Nova connection failed. %s: %s" % (e.__class__.__name__, e))
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
- logging.warning("Couldn't obtain a supported connection to nova, tried: %s\n" % repr(versions))
|
|
|
e4ffb1 |
+ logging.warning("Couldn't obtain a supported connection to nova, tried: %s\n" % repr(nova_versions))
|
|
|
e4ffb1 |
return None
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
def define_new_opts():
|
|
|
e4ffb1 |
@@ -332,12 +347,30 @@
|
|
|
e4ffb1 |
all_opt["tenant_name"] = {
|
|
|
e4ffb1 |
"getopt" : "t:",
|
|
|
e4ffb1 |
"longopt" : "tenant-name",
|
|
|
e4ffb1 |
- "help" : "-t, --tenant-name=[tenant] Keystone Admin Tenant",
|
|
|
e4ffb1 |
+ "help" : "-t, --tenant-name=[name] Keystone v2 Tenant or v3 Project Name",
|
|
|
e4ffb1 |
"required" : "0",
|
|
|
e4ffb1 |
- "shortdesc" : "Keystone Admin Tenant",
|
|
|
e4ffb1 |
+ "shortdesc" : "Keystone Admin Tenant or v3 Project",
|
|
|
e4ffb1 |
"default" : "",
|
|
|
e4ffb1 |
"order": 1,
|
|
|
e4ffb1 |
}
|
|
|
e4ffb1 |
+ all_opt["user-domain"] = {
|
|
|
e4ffb1 |
+ "getopt" : "u:",
|
|
|
e4ffb1 |
+ "longopt" : "user-domain",
|
|
|
e4ffb1 |
+ "help" : "-u, --user-domain=[name] Keystone v3 User Domain",
|
|
|
e4ffb1 |
+ "required" : "0",
|
|
|
e4ffb1 |
+ "shortdesc" : "Keystone v3 User Domain",
|
|
|
e4ffb1 |
+ "default" : "Default",
|
|
|
e4ffb1 |
+ "order": 2,
|
|
|
e4ffb1 |
+ }
|
|
|
e4ffb1 |
+ all_opt["project-domain"] = {
|
|
|
e4ffb1 |
+ "getopt" : "P:",
|
|
|
e4ffb1 |
+ "longopt" : "project-domain",
|
|
|
e4ffb1 |
+ "help" : "-d, --project-domain=[name] Keystone v3 Project Domain",
|
|
|
e4ffb1 |
+ "required" : "0",
|
|
|
e4ffb1 |
+ "shortdesc" : "Keystone v3 Project Domain",
|
|
|
e4ffb1 |
+ "default" : "Default",
|
|
|
e4ffb1 |
+ "order": 2,
|
|
|
e4ffb1 |
+ }
|
|
|
e4ffb1 |
all_opt["auth_url"] = {
|
|
|
e4ffb1 |
"getopt" : "k:",
|
|
|
e4ffb1 |
"longopt" : "auth-url",
|
|
|
e4ffb1 |
@@ -365,7 +398,7 @@
|
|
|
e4ffb1 |
"default" : "False",
|
|
|
e4ffb1 |
"order": 2,
|
|
|
e4ffb1 |
}
|
|
|
e4ffb1 |
- all_opt["domain"] = {
|
|
|
e4ffb1 |
+ all_opt["compute-domain"] = {
|
|
|
e4ffb1 |
"getopt" : "d:",
|
|
|
e4ffb1 |
"longopt" : "domain",
|
|
|
e4ffb1 |
"help" : "-d, --domain=[string] DNS domain in which hosts live, useful when the cluster uses short names and nova uses FQDN",
|
|
|
e4ffb1 |
@@ -418,8 +451,8 @@
|
|
|
e4ffb1 |
atexit.register(atexit_handler)
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
device_opt = ["login", "passwd", "tenant_name", "auth_url", "fabric_fencing",
|
|
|
e4ffb1 |
- "no_login", "no_password", "port", "domain", "no_shared_storage", "endpoint_type",
|
|
|
e4ffb1 |
- "record_only", "instance_filtering", "insecure", "region_name"]
|
|
|
e4ffb1 |
+ "no_login", "no_password", "port", "compute-domain", "project-domain", "user-domain",
|
|
|
e4ffb1 |
+ "no_shared_storage", "endpoint_type", "record_only", "instance_filtering", "insecure", "region_name"]
|
|
|
e4ffb1 |
define_new_opts()
|
|
|
e4ffb1 |
all_opt["shell_timeout"]["default"] = "180"
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
diff -uNr a/fence/agents/compute/fence_evacuate.py b/fence/agents/compute/fence_evacuate.py
|
|
|
e4ffb1 |
--- a/fence/agents/compute/fence_evacuate.py 2018-01-10 13:46:17.966287090 +0100
|
|
|
e4ffb1 |
+++ b/fence/agents/compute/fence_evacuate.py 2018-01-10 13:48:19.375158060 +0100
|
|
|
e4ffb1 |
@@ -191,13 +191,38 @@
|
|
|
e4ffb1 |
except ImportError:
|
|
|
e4ffb1 |
fail_usage("Nova not found or not accessible")
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
+ from keystoneauth1 import loading
|
|
|
e4ffb1 |
+ from keystoneauth1 import session
|
|
|
e4ffb1 |
+ from keystoneclient import discover
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
+ # Prefer the oldest and strip the leading 'v'
|
|
|
e4ffb1 |
+ keystone_versions = discover.available_versions(options["--auth-url"])
|
|
|
e4ffb1 |
+ keystone_version = keystone_versions[0]['id'][1:]
|
|
|
e4ffb1 |
+ kwargs = dict(
|
|
|
e4ffb1 |
+ auth_url=options["--auth-url"],
|
|
|
e4ffb1 |
+ username=options["--username"],
|
|
|
e4ffb1 |
+ password=options["--password"]
|
|
|
e4ffb1 |
+ )
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
+ if discover.version_match("2", keystone_version):
|
|
|
e4ffb1 |
+ kwargs["tenant_name"] = options["--tenant-name"]
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
+ elif discover.version_match("3", keystone_version):
|
|
|
e4ffb1 |
+ kwargs["project_name"] = options["--tenant-name"]
|
|
|
e4ffb1 |
+ kwargs["user_domain_name"] = options["--user-domain"]
|
|
|
e4ffb1 |
+ kwargs["project_domain_name"] = options["--project-domain"]
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
+ loader = loading.get_plugin_loader('password')
|
|
|
e4ffb1 |
+ keystone_auth = loader.load_from_options(**kwargs)
|
|
|
e4ffb1 |
+ keystone_session = session.Session(auth=keystone_auth, verify=(not options["--insecure"]))
|
|
|
e4ffb1 |
+
|
|
|
e4ffb1 |
versions = [ "2.11", "2" ]
|
|
|
e4ffb1 |
for version in versions:
|
|
|
e4ffb1 |
clientargs = inspect.getargspec(client.Client).varargs
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
# Some versions of Openstack prior to Ocata only
|
|
|
e4ffb1 |
# supported positional arguments for username,
|
|
|
e4ffb1 |
- # password and tenant.
|
|
|
e4ffb1 |
+ # password, and tenant.
|
|
|
e4ffb1 |
#
|
|
|
e4ffb1 |
# Versions since Ocata only support named arguments.
|
|
|
e4ffb1 |
#
|
|
|
e4ffb1 |
@@ -212,25 +237,22 @@
|
|
|
e4ffb1 |
# varargs=None,
|
|
|
e4ffb1 |
# keywords='kwargs', defaults=(None, None, None, None))
|
|
|
e4ffb1 |
nova = client.Client(version,
|
|
|
e4ffb1 |
- options["--username"],
|
|
|
e4ffb1 |
- options["--password"],
|
|
|
e4ffb1 |
- options["--tenant-name"],
|
|
|
e4ffb1 |
- options["--auth-url"],
|
|
|
e4ffb1 |
+ None, # User
|
|
|
e4ffb1 |
+ None, # Password
|
|
|
e4ffb1 |
+ None, # Tenant
|
|
|
e4ffb1 |
+ None, # Auth URL
|
|
|
e4ffb1 |
insecure=options["--insecure"],
|
|
|
e4ffb1 |
region_name=options["--region-name"],
|
|
|
e4ffb1 |
endpoint_type=options["--endpoint-type"],
|
|
|
e4ffb1 |
+ session=keystone_session, auth=keystone_auth,
|
|
|
e4ffb1 |
http_log_debug=options.has_key("--verbose"))
|
|
|
e4ffb1 |
else:
|
|
|
e4ffb1 |
# OSP >= 11
|
|
|
e4ffb1 |
# ArgSpec(args=['version'], varargs='args', keywords='kwargs', defaults=None)
|
|
|
e4ffb1 |
nova = client.Client(version,
|
|
|
e4ffb1 |
- username=options["--username"],
|
|
|
e4ffb1 |
- password=options["--password"],
|
|
|
e4ffb1 |
- tenant_name=options["--tenant-name"],
|
|
|
e4ffb1 |
- auth_url=options["--auth-url"],
|
|
|
e4ffb1 |
- insecure=options["--insecure"],
|
|
|
e4ffb1 |
region_name=options["--region-name"],
|
|
|
e4ffb1 |
endpoint_type=options["--endpoint-type"],
|
|
|
e4ffb1 |
+ session=keystone_session, auth=keystone_auth,
|
|
|
e4ffb1 |
http_log_debug=options.has_key("--verbose"))
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
try:
|
|
|
e4ffb1 |
@@ -259,12 +281,30 @@
|
|
|
e4ffb1 |
all_opt["tenant_name"] = {
|
|
|
e4ffb1 |
"getopt" : "t:",
|
|
|
e4ffb1 |
"longopt" : "tenant-name",
|
|
|
e4ffb1 |
- "help" : "-t, --tenant-name=[tenant] Keystone Admin Tenant",
|
|
|
e4ffb1 |
+ "help" : "-t, --tenant-name=[name] Keystone v2 Tenant or v3 Project Name",
|
|
|
e4ffb1 |
"required" : "0",
|
|
|
e4ffb1 |
- "shortdesc" : "Keystone Admin Tenant",
|
|
|
e4ffb1 |
+ "shortdesc" : "Keystone Admin Tenant or v3 Project",
|
|
|
e4ffb1 |
"default" : "",
|
|
|
e4ffb1 |
"order": 1,
|
|
|
e4ffb1 |
}
|
|
|
e4ffb1 |
+ all_opt["user-domain"] = {
|
|
|
e4ffb1 |
+ "getopt" : "u:",
|
|
|
e4ffb1 |
+ "longopt" : "user-domain",
|
|
|
e4ffb1 |
+ "help" : "-u, --user-domain=[name] Keystone v3 User Domain",
|
|
|
e4ffb1 |
+ "required" : "0",
|
|
|
e4ffb1 |
+ "shortdesc" : "Keystone v3 User Domain",
|
|
|
e4ffb1 |
+ "default" : "Default",
|
|
|
e4ffb1 |
+ "order": 2,
|
|
|
e4ffb1 |
+ }
|
|
|
e4ffb1 |
+ all_opt["project-domain"] = {
|
|
|
e4ffb1 |
+ "getopt" : "P:",
|
|
|
e4ffb1 |
+ "longopt" : "project-domain",
|
|
|
e4ffb1 |
+ "help" : "-d, --project-domain=[name] Keystone v3 Project Domain",
|
|
|
e4ffb1 |
+ "required" : "0",
|
|
|
e4ffb1 |
+ "shortdesc" : "Keystone v3 Project Domain",
|
|
|
e4ffb1 |
+ "default" : "Default",
|
|
|
e4ffb1 |
+ "order": 2,
|
|
|
e4ffb1 |
+ }
|
|
|
e4ffb1 |
all_opt["auth_url"] = {
|
|
|
e4ffb1 |
"getopt" : "k:",
|
|
|
e4ffb1 |
"longopt" : "auth-url",
|
|
|
e4ffb1 |
@@ -292,7 +332,7 @@
|
|
|
e4ffb1 |
"default" : "False",
|
|
|
e4ffb1 |
"order": 2,
|
|
|
e4ffb1 |
}
|
|
|
e4ffb1 |
- all_opt["domain"] = {
|
|
|
e4ffb1 |
+ all_opt["compute-domain"] = {
|
|
|
e4ffb1 |
"getopt" : "d:",
|
|
|
e4ffb1 |
"longopt" : "domain",
|
|
|
e4ffb1 |
"help" : "-d, --domain=[string] DNS domain in which hosts live, useful when the cluster uses short names and nova uses FQDN",
|
|
|
e4ffb1 |
@@ -323,8 +363,9 @@
|
|
|
e4ffb1 |
atexit.register(atexit_handler)
|
|
|
e4ffb1 |
|
|
|
e4ffb1 |
device_opt = ["login", "passwd", "tenant_name", "auth_url",
|
|
|
e4ffb1 |
- "no_login", "no_password", "port", "domain", "no_shared_storage", "endpoint_type",
|
|
|
e4ffb1 |
- "instance_filtering", "insecure", "region_name"]
|
|
|
e4ffb1 |
+ "no_login", "no_password", "port", "compute-domain", "project-domain",
|
|
|
e4ffb1 |
+ "user-domain", "no_shared_storage", "endpoint_type",
|
|
|
e4ffb1 |
+ "instance_filtering", "insecure", "region_name"]
|
|
|
e4ffb1 |
define_new_opts()
|
|
|
e4ffb1 |
all_opt["shell_timeout"]["default"] = "180"
|
|
|
e4ffb1 |
|