Python keystoneauth1.loading.get_plugin_loader() Examples
The following are 13
code examples of keystoneauth1.loading.get_plugin_loader().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
keystoneauth1.loading
, or try the search function
.
.
Example #1
| Source File: __init__.py From kcli with Apache License 2.0 | 6 votes |
|
def __init__(self, host='127.0.0.1', version='2', port=None, user='root', password=None, debug=False, project=None,
domain='Default', auth_url=None, ca_file=None):
self.debug = debug
self.host = host
loader = loading.get_plugin_loader('password')
auth = loader.load_from_options(auth_url=auth_url, username=user, password=password, project_name=project,
user_domain_name=domain, project_domain_name=domain)
sess = session.Session(auth=auth, verify=ca_file)
self.nova = novaclient.Client(version, session=sess)
self.glance = glanceclient(version, session=sess)
self.cinder = cinderclient.Client(version, session=sess)
self.neutron = neutronclient(session=sess)
self.conn = self.nova
self.project = project
return
# should cleanly close your connection, if needed
Example #2
| Source File: openstack.py From packone with Apache License 2.0 | 6 votes |
|
def __init__(self, cloud):
self._cloud=cloud
self._credential=cloud.platform_credential
auth=loading.get_plugin_loader('password').load_from_options(
auth_url=self._credential['auth_url'],
username=self._credential['username'],
password=self._credential['password'],
project_name=self._credential['project_name']
)
kwargs={
'version': self._credential['api_version'],
'session': session.Session(auth=auth)
}
self._nova_client=nova_client.Client(**kwargs)
self._cinder_client=cinder_client.Client(**kwargs)
self._glance_client=glance_client.Client(**kwargs)
self.instances=InstanceManager(self)
self.volumes=VolumeManager(self)
self.flavors=self._nova_client.flavors
self.keypairs=self._nova_client.keypairs#create, delete
self.images=self._glance_client.images
Example #3
| Source File: keystone.py From ironic-inspector with Apache License 2.0 | 6 votes |
|
def add_auth_options(options, service_type):
def add_options(opts, opts_to_add):
for new_opt in opts_to_add:
for opt in opts:
if opt.name == new_opt.name:
break
else:
opts.append(new_opt)
opts = copy.deepcopy(options)
opts.insert(0, loading.get_auth_common_conf_options()[0])
# NOTE(dims): There are a lot of auth plugins, we just generate
# the config options for a few common ones
plugins = ['password', 'v2password', 'v3password']
for name in plugins:
plugin = loading.get_plugin_loader(name)
add_options(opts, loading.get_auth_plugin_conf_options(plugin))
add_options(opts, loading.get_session_conf_options())
adapter_opts = loading.get_adapter_conf_options(
include_deprecated=False)
cfg.set_defaults(adapter_opts, service_type=service_type,
valid_interfaces=DEFAULT_VALID_INTERFACES)
add_options(opts, adapter_opts)
opts.sort(key=lambda x: x.name)
return opts
Example #4
| Source File: keystone.py From vdi-broker with Apache License 2.0 | 5 votes |
|
def create_trust(ctxt):
LOG.debug("Creating Keystone trust")
trusts_auth_plugin = _get_trusts_auth_plugin()
loader = loading.get_plugin_loader("v3token")
auth = loader.load_from_options(
auth_url=trusts_auth_plugin.auth_url,
token=ctxt.auth_token,
project_name=ctxt.project_name,
project_domain_name=ctxt.project_domain)
session = ks_session.Session(
auth=auth, verify=not CONF.keystone.allow_untrusted)
try:
trustee_user_id = trusts_auth_plugin.get_user_id(session)
except ks_exceptions.Unauthorized as ex:
LOG.exception(ex)
raise exception.NotAuthorized("Trustee authentication failed")
trustor_user_id = ctxt.user
trustor_proj_id = ctxt.tenant
roles = ctxt.roles
LOG.debug("Granting Keystone trust. Trustor: %(trustor_user_id)s, trustee:"
" %(trustee_user_id)s, project: %(trustor_proj_id)s, roles:"
" %(roles)s",
{"trustor_user_id": trustor_user_id,
"trustee_user_id": trustee_user_id,
"trustor_proj_id": trustor_proj_id,
"roles": roles})
# Trusts are not supported before Keystone v3
client = kc_v3.Client(session=session)
trust = client.trusts.create(trustor_user=trustor_user_id,
trustee_user=trustee_user_id,
project=trustor_proj_id,
impersonation=True,
role_names=roles)
LOG.debug("Trust id: %s" % trust.id)
return trust.id
Example #5
| Source File: masakari_util.py From masakari with Apache License 2.0 | 5 votes |
|
def _get_session(self, auth_args):
""" Return Keystone API session object."""
loader = loading.get_plugin_loader('password')
auth = loader.load_from_options(**auth_args)
sess = session.Session(auth=auth)
return sess
Example #6
| Source File: openstack_api.py From disk_perf_test_tool with Apache License 2.0 | 5 votes |
|
def os_connect(os_creds: OSCreds, version: str = "2") -> OSConnection:
loader = loading.get_plugin_loader('password')
auth = loader.load_from_options(auth_url=os_creds.auth_url,
username=os_creds.name,
password=os_creds.passwd,
project_id=os_creds.tenant)
auth_sess = session.Session(auth=auth)
glance = GlanceClient(version, session=auth_sess)
nova = NovaClient(version, session=auth_sess)
cinder = CinderClient(os_creds.name, os_creds.passwd, os_creds.tenant, os_creds.auth_url,
insecure=os_creds.insecure, api_version=version)
return OSConnection(nova, cinder, glance)
Example #7
| Source File: loader.py From openstacksdk with Apache License 2.0 | 5 votes |
|
def _get_auth_loader(self, config):
# Use the 'none' plugin for variants of None specified,
# since it does not look up endpoints or tokens but rather
# does a passthrough. This is useful for things like Ironic
# that have a keystoneless operational mode, but means we're
# still dealing with a keystoneauth Session object, so all the
# _other_ things (SSL arg handling, timeout) all work consistently
if config['auth_type'] in (None, "None", ''):
config['auth_type'] = 'none'
elif config['auth_type'] == 'token_endpoint':
# Humans have been trained to use a thing called token_endpoint
# That it does not exist in keystoneauth is irrelvant- it not
# doing what they want causes them sorrow.
config['auth_type'] = 'admin_token'
return loading.get_plugin_loader(config['auth_type'])
Example #8
| Source File: openstacknagios.py From openstack-nagios-plugins with GNU General Public License v3.0 | 5 votes |
|
def get_session(self):
loader = loading.get_plugin_loader('password')
auth = loader.load_from_options(auth_url = self.openstack['auth_url'],
username = self.openstack['username'],
password = self.openstack['password'],
project_name = self.openstack['project_name'],
user_domain_name = self.openstack['user_domain_name'],
project_domain_name = self.openstack['project_domain_name'],
)
return session.Session(auth = auth,
verify = self.openstack['cacert'],
)
Example #9
| Source File: client.py From tacker with Apache License 2.0 | 5 votes |
|
def _set_session(self):
self.session = session.Session()
loader = loading.get_plugin_loader('password')
self.session.auth = loader.load_from_options(
auth_url=self.identity_url, username='xx', password='xx')
Example #10
| Source File: keystone_helper.py From watcher with Apache License 2.0 | 5 votes |
|
def create_session(self, user_id, password):
user = self.get_user(user_id)
loader = loading.get_plugin_loader('password')
auth = loader.load_from_options(
auth_url=CONF.watcher_clients_auth.auth_url,
password=password,
user_id=user_id,
project_id=user.default_project_id)
return session.Session(auth=auth)
Example #11
| Source File: utils.py From monasca-notification with Apache License 2.0 | 5 votes |
|
def get_keystone_session():
auth_details = {}
auth_details['auth_url'] = CONF.keystone.auth_url
auth_details['username'] = CONF.keystone.username
auth_details['password'] = CONF.keystone.password
auth_details['project_name'] = CONF.keystone.project_name
auth_details['user_domain_name'] = CONF.keystone.user_domain_name
auth_details['project_domain_name'] = CONF.keystone.project_domain_name
loader = kaloading.get_plugin_loader('password')
auth_plugin = loader.load_from_options(**auth_details)
session = kaloading.session.Session().load_from_options(
auth=auth_plugin)
return session
Example #12
| Source File: client.py From python-tackerclient with Apache License 2.0 | 5 votes |
|
def new_client(self):
self.session = session.Session()
loader = loading.get_plugin_loader('password')
self.session.auth = loader.load_from_options(
auth_url=self.identity_url, username='xx', password='xx')
return proxy_client.Client(service_type='nfv-orchestration',
interface='public',
endpoint_type='public',
region_name='RegionOne',
auth_url=self.identity_url,
token=self.token.token_id,
endpoint_url=TACKER_URL)
Example #13
| Source File: keystone.py From coriolis with GNU Affero General Public License v3.0 | 4 votes |
|
def create_trust(ctxt):
if ctxt.trust_id:
return
LOG.debug("Creating Keystone trust")
trusts_auth_plugin = _get_trusts_auth_plugin()
loader = loading.get_plugin_loader("v3token")
auth = loader.load_from_options(
auth_url=trusts_auth_plugin.auth_url,
token=ctxt.auth_token,
project_name=ctxt.project_name,
project_domain_name=ctxt.project_domain_name)
session = ks_session.Session(
auth=auth, verify=not CONF.keystone.allow_untrusted)
try:
trustee_user_id = trusts_auth_plugin.get_user_id(session)
except ks_exceptions.Unauthorized as ex:
LOG.exception(ex)
raise exception.NotAuthorized("Trustee authentication failed")
trustor_user_id = ctxt.user
trustor_proj_id = ctxt.tenant
roles = ctxt.roles
LOG.debug("Granting Keystone trust. Trustor: %(trustor_user_id)s, trustee:"
" %(trustee_user_id)s, project: %(trustor_proj_id)s, roles:"
" %(roles)s",
{"trustor_user_id": trustor_user_id,
"trustee_user_id": trustee_user_id,
"trustor_proj_id": trustor_proj_id,
"roles": roles})
# Trusts are not supported before Keystone v3
client = kc_v3.Client(session=session)
trust = client.trusts.create(trustor_user=trustor_user_id,
trustee_user=trustee_user_id,
project=trustor_proj_id,
impersonation=True,
role_names=roles)
LOG.debug("Trust id: %s" % trust.id)
ctxt.trust_id = trust.id
