Python keystoneauth1.loading.get_plugin_loader() Examples

The following are 13 code examples of keystoneauth1.loading.get_plugin_loader(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module keystoneauth1.loading , or try the search function .
Example #1
Source File: __init__.py    From kcli with Apache License 2.0 6 votes vote down vote up
def __init__(self, host='127.0.0.1', version='2', port=None, user='root', password=None, debug=False, project=None,
                 domain='Default', auth_url=None, ca_file=None):
        self.debug = debug
        self.host = host
        loader = loading.get_plugin_loader('password')
        auth = loader.load_from_options(auth_url=auth_url, username=user, password=password, project_name=project,
                                        user_domain_name=domain, project_domain_name=domain)
        sess = session.Session(auth=auth, verify=ca_file)
        self.nova = novaclient.Client(version, session=sess)
        self.glance = glanceclient(version, session=sess)
        self.cinder = cinderclient.Client(version, session=sess)
        self.neutron = neutronclient(session=sess)
        self.conn = self.nova
        self.project = project
        return

# should cleanly close your connection, if needed 
Example #2
Source File: openstack.py    From packone with Apache License 2.0 6 votes vote down vote up
def __init__(self, cloud):
        self._cloud=cloud
        self._credential=cloud.platform_credential
        auth=loading.get_plugin_loader('password').load_from_options(
            auth_url=self._credential['auth_url'],
            username=self._credential['username'],
            password=self._credential['password'],
            project_name=self._credential['project_name']
        )
        kwargs={
            'version': self._credential['api_version'],
            'session': session.Session(auth=auth)
        }
        self._nova_client=nova_client.Client(**kwargs)
        self._cinder_client=cinder_client.Client(**kwargs)
        self._glance_client=glance_client.Client(**kwargs)
        self.instances=InstanceManager(self)
        self.volumes=VolumeManager(self)
        self.flavors=self._nova_client.flavors
        self.keypairs=self._nova_client.keypairs#create, delete
        self.images=self._glance_client.images 
Example #3
Source File: keystone.py    From ironic-inspector with Apache License 2.0 6 votes vote down vote up
def add_auth_options(options, service_type):
    def add_options(opts, opts_to_add):
        for new_opt in opts_to_add:
            for opt in opts:
                if opt.name == new_opt.name:
                    break
            else:
                opts.append(new_opt)

    opts = copy.deepcopy(options)
    opts.insert(0, loading.get_auth_common_conf_options()[0])
    # NOTE(dims): There are a lot of auth plugins, we just generate
    # the config options for a few common ones
    plugins = ['password', 'v2password', 'v3password']
    for name in plugins:
        plugin = loading.get_plugin_loader(name)
        add_options(opts, loading.get_auth_plugin_conf_options(plugin))
    add_options(opts, loading.get_session_conf_options())
    adapter_opts = loading.get_adapter_conf_options(
        include_deprecated=False)
    cfg.set_defaults(adapter_opts, service_type=service_type,
                     valid_interfaces=DEFAULT_VALID_INTERFACES)
    add_options(opts, adapter_opts)
    opts.sort(key=lambda x: x.name)
    return opts 
Example #4
Source File: keystone.py    From vdi-broker with Apache License 2.0 5 votes vote down vote up
def create_trust(ctxt):
    LOG.debug("Creating Keystone trust")

    trusts_auth_plugin = _get_trusts_auth_plugin()

    loader = loading.get_plugin_loader("v3token")
    auth = loader.load_from_options(
        auth_url=trusts_auth_plugin.auth_url,
        token=ctxt.auth_token,
        project_name=ctxt.project_name,
        project_domain_name=ctxt.project_domain)
    session = ks_session.Session(
        auth=auth, verify=not CONF.keystone.allow_untrusted)

    try:
        trustee_user_id = trusts_auth_plugin.get_user_id(session)
    except ks_exceptions.Unauthorized as ex:
        LOG.exception(ex)
        raise exception.NotAuthorized("Trustee authentication failed")

    trustor_user_id = ctxt.user
    trustor_proj_id = ctxt.tenant
    roles = ctxt.roles

    LOG.debug("Granting Keystone trust. Trustor: %(trustor_user_id)s, trustee:"
              " %(trustee_user_id)s, project: %(trustor_proj_id)s, roles:"
              " %(roles)s",
              {"trustor_user_id": trustor_user_id,
               "trustee_user_id": trustee_user_id,
               "trustor_proj_id": trustor_proj_id,
               "roles": roles})

    # Trusts are not supported before Keystone v3
    client = kc_v3.Client(session=session)
    trust = client.trusts.create(trustor_user=trustor_user_id,
                                 trustee_user=trustee_user_id,
                                 project=trustor_proj_id,
                                 impersonation=True,
                                 role_names=roles)
    LOG.debug("Trust id: %s" % trust.id)
    return trust.id 
Example #5
Source File: masakari_util.py    From masakari with Apache License 2.0 5 votes vote down vote up
def _get_session(self, auth_args):
        """ Return Keystone API session object."""
        loader = loading.get_plugin_loader('password')
        auth = loader.load_from_options(**auth_args)
        sess = session.Session(auth=auth)

        return sess 
Example #6
Source File: openstack_api.py    From disk_perf_test_tool with Apache License 2.0 5 votes vote down vote up
def os_connect(os_creds: OSCreds, version: str = "2") -> OSConnection:
    loader = loading.get_plugin_loader('password')
    auth = loader.load_from_options(auth_url=os_creds.auth_url,
                                    username=os_creds.name,
                                    password=os_creds.passwd,
                                    project_id=os_creds.tenant)
    auth_sess = session.Session(auth=auth)

    glance = GlanceClient(version, session=auth_sess)
    nova = NovaClient(version, session=auth_sess)
    cinder = CinderClient(os_creds.name, os_creds.passwd, os_creds.tenant, os_creds.auth_url,
                          insecure=os_creds.insecure, api_version=version)
    return OSConnection(nova, cinder, glance) 
Example #7
Source File: loader.py    From openstacksdk with Apache License 2.0 5 votes vote down vote up
def _get_auth_loader(self, config):
        # Use the 'none' plugin for variants of None specified,
        # since it does not look up endpoints or tokens but rather
        # does a passthrough. This is useful for things like Ironic
        # that have a keystoneless operational mode, but means we're
        # still dealing with a keystoneauth Session object, so all the
        # _other_ things (SSL arg handling, timeout) all work consistently
        if config['auth_type'] in (None, "None", ''):
            config['auth_type'] = 'none'
        elif config['auth_type'] == 'token_endpoint':
            # Humans have been trained to use a thing called token_endpoint
            # That it does not exist in keystoneauth is irrelvant- it not
            # doing what they want causes them sorrow.
            config['auth_type'] = 'admin_token'
        return loading.get_plugin_loader(config['auth_type']) 
Example #8
Source File: openstacknagios.py    From openstack-nagios-plugins with GNU General Public License v3.0 5 votes vote down vote up
def get_session(self):
       loader = loading.get_plugin_loader('password')
       auth = loader.load_from_options(auth_url            = self.openstack['auth_url'],
                                       username            = self.openstack['username'],
                                       password            = self.openstack['password'],
                                       project_name        = self.openstack['project_name'],
                                       user_domain_name    = self.openstack['user_domain_name'],
                                       project_domain_name = self.openstack['project_domain_name'],
                                       )

       return  session.Session(auth   = auth,
                               verify = self.openstack['cacert'],
               ) 
Example #9
Source File: client.py    From tacker with Apache License 2.0 5 votes vote down vote up
def _set_session(self):
        self.session = session.Session()
        loader = loading.get_plugin_loader('password')
        self.session.auth = loader.load_from_options(
            auth_url=self.identity_url, username='xx', password='xx') 
Example #10
Source File: keystone_helper.py    From watcher with Apache License 2.0 5 votes vote down vote up
def create_session(self, user_id, password):
        user = self.get_user(user_id)
        loader = loading.get_plugin_loader('password')
        auth = loader.load_from_options(
            auth_url=CONF.watcher_clients_auth.auth_url,
            password=password,
            user_id=user_id,
            project_id=user.default_project_id)
        return session.Session(auth=auth) 
Example #11
Source File: utils.py    From monasca-notification with Apache License 2.0 5 votes vote down vote up
def get_keystone_session():

    auth_details = {}
    auth_details['auth_url'] = CONF.keystone.auth_url
    auth_details['username'] = CONF.keystone.username
    auth_details['password'] = CONF.keystone.password
    auth_details['project_name'] = CONF.keystone.project_name
    auth_details['user_domain_name'] = CONF.keystone.user_domain_name
    auth_details['project_domain_name'] = CONF.keystone.project_domain_name
    loader = kaloading.get_plugin_loader('password')
    auth_plugin = loader.load_from_options(**auth_details)
    session = kaloading.session.Session().load_from_options(
        auth=auth_plugin)
    return session 
Example #12
Source File: client.py    From python-tackerclient with Apache License 2.0 5 votes vote down vote up
def new_client(self):
        self.session = session.Session()
        loader = loading.get_plugin_loader('password')
        self.session.auth = loader.load_from_options(
            auth_url=self.identity_url, username='xx', password='xx')

        return proxy_client.Client(service_type='nfv-orchestration',
                                   interface='public',
                                   endpoint_type='public',
                                   region_name='RegionOne',
                                   auth_url=self.identity_url,
                                   token=self.token.token_id,
                                   endpoint_url=TACKER_URL) 
Example #13
Source File: keystone.py    From coriolis with GNU Affero General Public License v3.0 4 votes vote down vote up
def create_trust(ctxt):
    if ctxt.trust_id:
        return

    LOG.debug("Creating Keystone trust")

    trusts_auth_plugin = _get_trusts_auth_plugin()

    loader = loading.get_plugin_loader("v3token")
    auth = loader.load_from_options(
        auth_url=trusts_auth_plugin.auth_url,
        token=ctxt.auth_token,
        project_name=ctxt.project_name,
        project_domain_name=ctxt.project_domain_name)
    session = ks_session.Session(
        auth=auth, verify=not CONF.keystone.allow_untrusted)

    try:
        trustee_user_id = trusts_auth_plugin.get_user_id(session)
    except ks_exceptions.Unauthorized as ex:
        LOG.exception(ex)
        raise exception.NotAuthorized("Trustee authentication failed")

    trustor_user_id = ctxt.user
    trustor_proj_id = ctxt.tenant
    roles = ctxt.roles

    LOG.debug("Granting Keystone trust. Trustor: %(trustor_user_id)s, trustee:"
              " %(trustee_user_id)s, project: %(trustor_proj_id)s, roles:"
              " %(roles)s",
              {"trustor_user_id": trustor_user_id,
               "trustee_user_id": trustee_user_id,
               "trustor_proj_id": trustor_proj_id,
               "roles": roles})

    # Trusts are not supported before Keystone v3
    client = kc_v3.Client(session=session)
    trust = client.trusts.create(trustor_user=trustor_user_id,
                                 trustee_user=trustee_user_id,
                                 project=trustor_proj_id,
                                 impersonation=True,
                                 role_names=roles)
    LOG.debug("Trust id: %s" % trust.id)
    ctxt.trust_id = trust.id