|
|
cbc3ed |
From 2f741df2ce73da85bbd205d861b527aa141d9776 Mon Sep 17 00:00:00 2001
|
|
|
cbc3ed |
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
|
|
cbc3ed |
Date: Fri, 14 Jan 2022 14:47:41 +0100
|
|
|
cbc3ed |
Subject: [PATCH 1/2] fencing: add source_env()
|
|
|
cbc3ed |
|
|
|
cbc3ed |
---
|
|
|
cbc3ed |
lib/fencing.py.py | 8 ++++++++
|
|
|
cbc3ed |
1 file changed, 8 insertions(+)
|
|
|
cbc3ed |
|
|
|
cbc3ed |
diff --git a/lib/fencing.py.py b/lib/fencing.py.py
|
|
|
cbc3ed |
index d85b23568..55e38c407 100644
|
|
|
cbc3ed |
--- a/lib/fencing.py.py
|
|
|
cbc3ed |
+++ b/lib/fencing.py.py
|
|
|
cbc3ed |
@@ -1143,6 +1143,14 @@ def fence_logout(conn, logout_string, sleep=0):
|
|
|
cbc3ed |
except pexpect.ExceptionPexpect:
|
|
|
cbc3ed |
pass
|
|
|
cbc3ed |
|
|
|
cbc3ed |
+def source_env(env_file):
|
|
|
cbc3ed |
+ # POSIX: name shall not contain '=', value doesn't contain '\0'
|
|
|
cbc3ed |
+ output = subprocess.check_output("source {} && env -0".format(env_file), shell=True,
|
|
|
cbc3ed |
+ executable="/bin/sh")
|
|
|
cbc3ed |
+ # replace env
|
|
|
cbc3ed |
+ os.environ.clear()
|
|
|
cbc3ed |
+ os.environ.update(line.partition('=')[::2] for line in output.decode("utf-8").split('\0'))
|
|
|
cbc3ed |
+
|
|
|
cbc3ed |
# Convert array of format [[key1, value1], [key2, value2], ... [keyN, valueN]] to dict, where key is
|
|
|
cbc3ed |
# in format a.b.c.d...z and returned dict has key only z
|
|
|
cbc3ed |
def array_to_dict(array):
|
|
|
cbc3ed |
|
|
|
cbc3ed |
From fe2183a97e0a5734702e9cba8da21f01afd8f577 Mon Sep 17 00:00:00 2001
|
|
|
cbc3ed |
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
|
|
|
cbc3ed |
Date: Fri, 14 Jan 2022 14:54:10 +0100
|
|
|
cbc3ed |
Subject: [PATCH 2/2] fence_openstack: add support for reading config from
|
|
|
cbc3ed |
clouds.yaml and openrc
|
|
|
cbc3ed |
|
|
|
cbc3ed |
---
|
|
|
cbc3ed |
agents/openstack/fence_openstack.py | 116 ++++++++++++++++++++----
|
|
|
cbc3ed |
tests/data/metadata/fence_openstack.xml | 32 +++++--
|
|
|
cbc3ed |
2 files changed, 126 insertions(+), 22 deletions(-)
|
|
|
cbc3ed |
mode change 100755 => 100644 agents/openstack/fence_openstack.py
|
|
|
cbc3ed |
|
|
|
cbc3ed |
diff --git a/agents/openstack/fence_openstack.py b/agents/openstack/fence_openstack.py
|
|
|
cbc3ed |
old mode 100755
|
|
|
cbc3ed |
new mode 100644
|
|
|
cbc3ed |
index 36b353b52..d3a4be3aa
|
|
|
cbc3ed |
--- a/agents/openstack/fence_openstack.py
|
|
|
cbc3ed |
+++ b/agents/openstack/fence_openstack.py
|
|
|
cbc3ed |
@@ -8,7 +8,7 @@
|
|
|
cbc3ed |
|
|
|
cbc3ed |
sys.path.append("@FENCEAGENTSLIBDIR@")
|
|
|
cbc3ed |
from fencing import *
|
|
|
cbc3ed |
-from fencing import fail_usage, run_delay
|
|
|
cbc3ed |
+from fencing import fail_usage, run_delay, source_env
|
|
|
cbc3ed |
|
|
|
cbc3ed |
try:
|
|
|
cbc3ed |
from novaclient import client
|
|
|
cbc3ed |
@@ -26,6 +26,23 @@ def translate_status(instance_status):
|
|
|
cbc3ed |
return "off"
|
|
|
cbc3ed |
return "unknown"
|
|
|
cbc3ed |
|
|
|
cbc3ed |
+def get_cloud(options):
|
|
|
cbc3ed |
+ import os, yaml
|
|
|
cbc3ed |
+
|
|
|
cbc3ed |
+ clouds_yaml = os.path.expanduser("~/.config/openstack/clouds.yaml")
|
|
|
cbc3ed |
+ if os.path.exists(clouds_yaml):
|
|
|
cbc3ed |
+ with open(clouds_yaml, "r") as yaml_stream:
|
|
|
cbc3ed |
+ try:
|
|
|
cbc3ed |
+ clouds = yaml.safe_load(yaml_stream)
|
|
|
cbc3ed |
+ except yaml.YAMLError as exc:
|
|
|
cbc3ed |
+ fail_usage("Failed: Unable to read: " + clouds_yaml)
|
|
|
cbc3ed |
+
|
|
|
cbc3ed |
+ cloud = clouds.get("clouds").get(options["--cloud"])
|
|
|
cbc3ed |
+ if not cloud:
|
|
|
cbc3ed |
+ fail_usage("Cloud: {} not found.".format(options["--cloud"]))
|
|
|
cbc3ed |
+
|
|
|
cbc3ed |
+ return cloud
|
|
|
cbc3ed |
+
|
|
|
cbc3ed |
|
|
|
cbc3ed |
def get_nodes_list(conn, options):
|
|
|
cbc3ed |
logging.info("Running %s action", options["--action"])
|
|
|
cbc3ed |
@@ -153,7 +170,7 @@ def define_new_opts():
|
|
|
cbc3ed |
"getopt": ":",
|
|
|
cbc3ed |
"longopt": "auth-url",
|
|
|
cbc3ed |
"help": "--auth-url=[authurl] Keystone Auth URL",
|
|
|
cbc3ed |
- "required": "1",
|
|
|
cbc3ed |
+ "required": "0",
|
|
|
cbc3ed |
"shortdesc": "Keystone Auth URL",
|
|
|
cbc3ed |
"order": 2,
|
|
|
cbc3ed |
}
|
|
|
cbc3ed |
@@ -161,7 +178,7 @@ def define_new_opts():
|
|
|
cbc3ed |
"getopt": ":",
|
|
|
cbc3ed |
"longopt": "project-name",
|
|
|
cbc3ed |
"help": "--project-name=[project] Tenant Or Project Name",
|
|
|
cbc3ed |
- "required": "1",
|
|
|
cbc3ed |
+ "required": "0",
|
|
|
cbc3ed |
"shortdesc": "Keystone Project",
|
|
|
cbc3ed |
"default": "admin",
|
|
|
cbc3ed |
"order": 3,
|
|
|
cbc3ed |
@@ -184,13 +201,38 @@ def define_new_opts():
|
|
|
cbc3ed |
"default": "Default",
|
|
|
cbc3ed |
"order": 5,
|
|
|
cbc3ed |
}
|
|
|
cbc3ed |
+ all_opt["clouds-yaml"] = {
|
|
|
cbc3ed |
+ "getopt": ":",
|
|
|
cbc3ed |
+ "longopt": "clouds-yaml",
|
|
|
cbc3ed |
+ "help": "--clouds-yaml=[clouds-yaml] Path to the clouds.yaml config file",
|
|
|
cbc3ed |
+ "required": "0",
|
|
|
cbc3ed |
+ "shortdesc": "clouds.yaml config file",
|
|
|
cbc3ed |
+ "default": "~/.config/openstack/clouds.yaml",
|
|
|
cbc3ed |
+ "order": 6,
|
|
|
cbc3ed |
+ }
|
|
|
cbc3ed |
+ all_opt["cloud"] = {
|
|
|
cbc3ed |
+ "getopt": ":",
|
|
|
cbc3ed |
+ "longopt": "cloud",
|
|
|
cbc3ed |
+ "help": "--cloud=[cloud] Openstack cloud (from clouds.yaml).",
|
|
|
cbc3ed |
+ "required": "0",
|
|
|
cbc3ed |
+ "shortdesc": "Cloud from clouds.yaml",
|
|
|
cbc3ed |
+ "order": 7,
|
|
|
cbc3ed |
+ }
|
|
|
cbc3ed |
+ all_opt["openrc"] = {
|
|
|
cbc3ed |
+ "getopt": ":",
|
|
|
cbc3ed |
+ "longopt": "openrc",
|
|
|
cbc3ed |
+ "help": "--openrc=[openrc] Path to the openrc config file",
|
|
|
cbc3ed |
+ "required": "0",
|
|
|
cbc3ed |
+ "shortdesc": "openrc config file",
|
|
|
cbc3ed |
+ "order": 8,
|
|
|
cbc3ed |
+ }
|
|
|
cbc3ed |
all_opt["uuid"] = {
|
|
|
cbc3ed |
"getopt": ":",
|
|
|
cbc3ed |
"longopt": "uuid",
|
|
|
cbc3ed |
"help": "--uuid=[uuid] Replaced by -n, --plug",
|
|
|
cbc3ed |
"required": "0",
|
|
|
cbc3ed |
"shortdesc": "Replaced by port/-n/--plug",
|
|
|
cbc3ed |
- "order": 6,
|
|
|
cbc3ed |
+ "order": 9,
|
|
|
cbc3ed |
}
|
|
|
cbc3ed |
all_opt["cacert"] = {
|
|
|
cbc3ed |
"getopt": ":",
|
|
|
cbc3ed |
@@ -199,7 +241,7 @@ def define_new_opts():
|
|
|
cbc3ed |
"required": "0",
|
|
|
cbc3ed |
"shortdesc": "SSL X.509 certificates file",
|
|
|
cbc3ed |
"default": "",
|
|
|
cbc3ed |
- "order": 7,
|
|
|
cbc3ed |
+ "order": 10,
|
|
|
cbc3ed |
}
|
|
|
cbc3ed |
all_opt["apitimeout"] = {
|
|
|
cbc3ed |
"getopt": ":",
|
|
|
cbc3ed |
@@ -209,7 +251,7 @@ def define_new_opts():
|
|
|
cbc3ed |
"shortdesc": "Timeout in seconds to use for API calls, default is 60.",
|
|
|
cbc3ed |
"required": "0",
|
|
|
cbc3ed |
"default": 60,
|
|
|
cbc3ed |
- "order": 8,
|
|
|
cbc3ed |
+ "order": 11,
|
|
|
cbc3ed |
}
|
|
|
cbc3ed |
|
|
|
cbc3ed |
|
|
|
cbc3ed |
@@ -218,11 +260,16 @@ def main():
|
|
|
cbc3ed |
|
|
|
cbc3ed |
device_opt = [
|
|
|
cbc3ed |
"login",
|
|
|
cbc3ed |
+ "no_login",
|
|
|
cbc3ed |
"passwd",
|
|
|
cbc3ed |
+ "no_password",
|
|
|
cbc3ed |
"auth-url",
|
|
|
cbc3ed |
"project-name",
|
|
|
cbc3ed |
"user-domain-name",
|
|
|
cbc3ed |
"project-domain-name",
|
|
|
cbc3ed |
+ "clouds-yaml",
|
|
|
cbc3ed |
+ "cloud",
|
|
|
cbc3ed |
+ "openrc",
|
|
|
cbc3ed |
"port",
|
|
|
cbc3ed |
"no_port",
|
|
|
cbc3ed |
"uuid",
|
|
|
cbc3ed |
@@ -265,19 +312,56 @@ def main():
|
|
|
cbc3ed |
|
|
|
cbc3ed |
run_delay(options)
|
|
|
cbc3ed |
|
|
|
cbc3ed |
- username = options["--username"]
|
|
|
cbc3ed |
- password = options["--password"]
|
|
|
cbc3ed |
- projectname = options["--project-name"]
|
|
|
cbc3ed |
- auth_url = None
|
|
|
cbc3ed |
- try:
|
|
|
cbc3ed |
- auth_url = options["--auth-url"]
|
|
|
cbc3ed |
- except KeyError:
|
|
|
cbc3ed |
- fail_usage("Failed: You have to set the Keystone service endpoint for authorization")
|
|
|
cbc3ed |
- user_domain_name = options["--user-domain-name"]
|
|
|
cbc3ed |
- project_domain_name = options["--project-domain-name"]
|
|
|
cbc3ed |
+ if options.get("--clouds-yaml"):
|
|
|
cbc3ed |
+ if not os.path.exists(os.path.expanduser(options["--clouds-yaml"])):
|
|
|
cbc3ed |
+ fail_usage("Failed: {} does not exist".format(options.get("--clouds-yaml")))
|
|
|
cbc3ed |
+ if not options.get("--cloud"):
|
|
|
cbc3ed |
+ fail_usage("Failed: \"cloud\" not specified")
|
|
|
cbc3ed |
+ cloud = get_cloud(options)
|
|
|
cbc3ed |
+ username = cloud.get("username")
|
|
|
cbc3ed |
+ password = cloud.get("password")
|
|
|
cbc3ed |
+ projectname = cloud.get("project_name")
|
|
|
cbc3ed |
+ auth_url = None
|
|
|
cbc3ed |
+ try:
|
|
|
cbc3ed |
+ auth_url = cloud.get("auth_url")
|
|
|
cbc3ed |
+ except KeyError:
|
|
|
cbc3ed |
+ fail_usage("Failed: You have to set the Keystone service endpoint for authorization")
|
|
|
cbc3ed |
+ user_domain_name = cloud.get("user_domain_name")
|
|
|
cbc3ed |
+ project_domain_name = cloud.get("project_domain_name")
|
|
|
cbc3ed |
+ caverify = cloud.get("verify")
|
|
|
cbc3ed |
+ if caverify in [True, False]:
|
|
|
cbc3ed |
+ options["--ssl-insecure"] = caverify
|
|
|
cbc3ed |
+ else:
|
|
|
cbc3ed |
+ options["--cacert"] = caverify
|
|
|
cbc3ed |
+ if options.get("--openrc") and os.path.exists(os.path.expanduser(options["--openrc"])):
|
|
|
cbc3ed |
+ source_env(options["--openrc"])
|
|
|
cbc3ed |
+ env = os.environ
|
|
|
cbc3ed |
+ username = env.get("OS_USERNAME")
|
|
|
cbc3ed |
+ password = env.get("OS_PASSWORD")
|
|
|
cbc3ed |
+ projectname = env.get("OS_PROJECT_NAME")
|
|
|
cbc3ed |
+ auth_url = None
|
|
|
cbc3ed |
+ try:
|
|
|
cbc3ed |
+ auth_url = env["OS_AUTH_URL"]
|
|
|
cbc3ed |
+ except KeyError:
|
|
|
cbc3ed |
+ fail_usage("Failed: You have to set the Keystone service endpoint for authorization")
|
|
|
cbc3ed |
+ user_domain_name = env.get("OS_USER_DOMAIN_NAME")
|
|
|
cbc3ed |
+ project_domain_name = env.get("OS_PROJECT_DOMAIN_NAME")
|
|
|
cbc3ed |
+ else:
|
|
|
cbc3ed |
+ username = options["--username"]
|
|
|
cbc3ed |
+ password = options["--password"]
|
|
|
cbc3ed |
+ projectname = options["--project-name"]
|
|
|
cbc3ed |
+ auth_url = None
|
|
|
cbc3ed |
+ try:
|
|
|
cbc3ed |
+ auth_url = options["--auth-url"]
|
|
|
cbc3ed |
+ except KeyError:
|
|
|
cbc3ed |
+ fail_usage("Failed: You have to set the Keystone service endpoint for authorization")
|
|
|
cbc3ed |
+ user_domain_name = options["--user-domain-name"]
|
|
|
cbc3ed |
+ project_domain_name = options["--project-domain-name"]
|
|
|
cbc3ed |
+
|
|
|
cbc3ed |
ssl_insecure = "--ssl-insecure" in options
|
|
|
cbc3ed |
cacert = options["--cacert"]
|
|
|
cbc3ed |
apitimeout = options["--apitimeout"]
|
|
|
cbc3ed |
+
|
|
|
cbc3ed |
try:
|
|
|
cbc3ed |
conn = nova_login(
|
|
|
cbc3ed |
username,
|
|
|
cbc3ed |
diff --git a/tests/data/metadata/fence_openstack.xml b/tests/data/metadata/fence_openstack.xml
|
|
|
cbc3ed |
index c8dc2e60f..55a57b4d7 100644
|
|
|
cbc3ed |
--- a/tests/data/metadata/fence_openstack.xml
|
|
|
cbc3ed |
+++ b/tests/data/metadata/fence_openstack.xml
|
|
|
cbc3ed |
@@ -8,7 +8,7 @@
|
|
|
cbc3ed |
<content type="string" default="reboot" />
|
|
|
cbc3ed |
<shortdesc lang="en">Fencing action</shortdesc>
|
|
|
cbc3ed |
</parameter>
|
|
|
cbc3ed |
- <parameter name="login" unique="0" required="1" deprecated="1">
|
|
|
cbc3ed |
+ <parameter name="login" unique="0" required="0" deprecated="1">
|
|
|
cbc3ed |
<getopt mixed="-l, --username=[name]" />
|
|
|
cbc3ed |
<content type="string" />
|
|
|
cbc3ed |
<shortdesc lang="en">Login name</shortdesc>
|
|
|
cbc3ed |
@@ -48,27 +48,27 @@
|
|
|
cbc3ed |
<content type="boolean" />
|
|
|
cbc3ed |
<shortdesc lang="en">Use SSL connection without verifying certificate</shortdesc>
|
|
|
cbc3ed |
</parameter>
|
|
|
cbc3ed |
- <parameter name="username" unique="0" required="1" obsoletes="login">
|
|
|
cbc3ed |
+ <parameter name="username" unique="0" required="0" obsoletes="login">
|
|
|
cbc3ed |
<getopt mixed="-l, --username=[name]" />
|
|
|
cbc3ed |
<content type="string" />
|
|
|
cbc3ed |
<shortdesc lang="en">Login name</shortdesc>
|
|
|
cbc3ed |
</parameter>
|
|
|
cbc3ed |
- <parameter name="auth-url" unique="0" required="1" deprecated="1">
|
|
|
cbc3ed |
+ <parameter name="auth-url" unique="0" required="0" deprecated="1">
|
|
|
cbc3ed |
<getopt mixed="--auth-url=[authurl]" />
|
|
|
cbc3ed |
<content type="string" />
|
|
|
cbc3ed |
<shortdesc lang="en">Keystone Auth URL</shortdesc>
|
|
|
cbc3ed |
</parameter>
|
|
|
cbc3ed |
- <parameter name="auth_url" unique="0" required="1" obsoletes="auth-url">
|
|
|
cbc3ed |
+ <parameter name="auth_url" unique="0" required="0" obsoletes="auth-url">
|
|
|
cbc3ed |
<getopt mixed="--auth-url=[authurl]" />
|
|
|
cbc3ed |
<content type="string" />
|
|
|
cbc3ed |
<shortdesc lang="en">Keystone Auth URL</shortdesc>
|
|
|
cbc3ed |
</parameter>
|
|
|
cbc3ed |
- <parameter name="project-name" unique="0" required="1" deprecated="1">
|
|
|
cbc3ed |
+ <parameter name="project-name" unique="0" required="0" deprecated="1">
|
|
|
cbc3ed |
<getopt mixed="--project-name=[project]" />
|
|
|
cbc3ed |
<content type="string" default="admin" />
|
|
|
cbc3ed |
<shortdesc lang="en">Keystone Project</shortdesc>
|
|
|
cbc3ed |
</parameter>
|
|
|
cbc3ed |
- <parameter name="project_name" unique="0" required="1" obsoletes="project-name">
|
|
|
cbc3ed |
+ <parameter name="project_name" unique="0" required="0" obsoletes="project-name">
|
|
|
cbc3ed |
<getopt mixed="--project-name=[project]" />
|
|
|
cbc3ed |
<content type="string" default="admin" />
|
|
|
cbc3ed |
<shortdesc lang="en">Keystone Project</shortdesc>
|
|
|
cbc3ed |
@@ -93,6 +93,26 @@
|
|
|
cbc3ed |
<content type="string" default="Default" />
|
|
|
cbc3ed |
<shortdesc lang="en">Keystone Project Domain Name</shortdesc>
|
|
|
cbc3ed |
</parameter>
|
|
|
cbc3ed |
+ <parameter name="clouds-yaml" unique="0" required="0" deprecated="1">
|
|
|
cbc3ed |
+ <getopt mixed="--clouds-yaml=[clouds-yaml]" />
|
|
|
cbc3ed |
+ <content type="string" default="~/.config/openstack/clouds.yaml" />
|
|
|
cbc3ed |
+ <shortdesc lang="en">clouds.yaml config file</shortdesc>
|
|
|
cbc3ed |
+ </parameter>
|
|
|
cbc3ed |
+ <parameter name="clouds_yaml" unique="0" required="0" obsoletes="clouds-yaml">
|
|
|
cbc3ed |
+ <getopt mixed="--clouds-yaml=[clouds-yaml]" />
|
|
|
cbc3ed |
+ <content type="string" default="~/.config/openstack/clouds.yaml" />
|
|
|
cbc3ed |
+ <shortdesc lang="en">clouds.yaml config file</shortdesc>
|
|
|
cbc3ed |
+ </parameter>
|
|
|
cbc3ed |
+ <parameter name="cloud" unique="0" required="0">
|
|
|
cbc3ed |
+ <getopt mixed="--cloud=[cloud]" />
|
|
|
cbc3ed |
+ <content type="string" />
|
|
|
cbc3ed |
+ <shortdesc lang="en">Cloud from clouds.yaml</shortdesc>
|
|
|
cbc3ed |
+ </parameter>
|
|
|
cbc3ed |
+ <parameter name="openrc" unique="0" required="0">
|
|
|
cbc3ed |
+ <getopt mixed="--openrc=[openrc]" />
|
|
|
cbc3ed |
+ <content type="string" />
|
|
|
cbc3ed |
+ <shortdesc lang="en">openrc config file</shortdesc>
|
|
|
cbc3ed |
+ </parameter>
|
|
|
cbc3ed |
<parameter name="uuid" unique="0" required="0">
|
|
|
cbc3ed |
<getopt mixed="--uuid=[uuid]" />
|
|
|
cbc3ed |
<content type="string" />
|