Example 1 with OpenstackAccount
use of com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount in project halyard by spinnaker.
the class OpenstackAccountValidator method validate.
@Override
public void validate(ConfigProblemSetBuilder psBuilder, OpenstackAccount account) {
DaemonTaskHandler.message("Validating " + account.getNodeName() + " with " + OpenstackAccountValidator.class.getSimpleName());
String environment = account.getEnvironment();
String accountType = account.getAccountType();
String username = account.getUsername();
String password = account.getPassword();
String projectName = account.getPassword();
String domainName = account.getDomainName();
String authUrl = account.getAuthUrl();
List<String> regions = account.getRegions();
Boolean insecure = account.getInsecure();
String heatTemplateLocation = account.getHeatTemplateLocation();
OpenstackAccount.OpenstackLbaasOptions lbaas = account.getLbaas();
ConsulConfig consulConfig = new ConsulConfig();
String userDataFile = account.getUserDataFile();
if (StringUtils.isEmpty(environment)) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide an environment name");
}
if (StringUtils.isEmpty(password) || StringUtils.isEmpty(username)) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a both a username and a password");
}
if (StringUtils.isEmpty(projectName)) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a project name");
}
if (!StringUtils.endsWith(authUrl, "/v3")) {
psBuilder.addProblem(Problem.Severity.WARNING, "You must use Keystone v3. The default auth url will be of the format IP:5000/v3.");
}
if (StringUtils.isEmpty(domainName)) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a domain name");
}
if (regions.size() == 0 || StringUtils.isEmpty(regions.get(0))) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide one region");
}
if (insecure) {
psBuilder.addProblem(Problem.Severity.WARNING, "You've chosen to not validate SSL connections. This setup is not recommended in production deployments.");
}
if (heatTemplateLocation != null && heatTemplateLocation.isEmpty()) {
psBuilder.addProblem(Problem.Severity.ERROR, "Not a valid Heat template location: ''");
}
if (lbaas.getPollInterval() < 0) {
psBuilder.addProblem(Problem.Severity.ERROR, "Poll interval cannot be less than 0.").setRemediation("Update this value to be reasonable. Default is 5.");
}
if (lbaas.getPollTimeout() < 0) {
psBuilder.addProblem(Problem.Severity.ERROR, "Poll timeout cannot be less than 0.").setRemediation("Update this value to be reasonable. Default is 60.");
}
boolean userDataProvided = userDataFile != null && !userDataFile.isEmpty();
if (userDataProvided) {
String resolvedUserData = ValidatingFileReader.contents(psBuilder, userDataFile);
if (resolvedUserData == null) {
return;
} else if (resolvedUserData.isEmpty()) {
psBuilder.addProblem(Problem.Severity.WARNING, "The supplied user data file is empty.").setRemediation("Please provide a non empty file, or remove the user data file.");
}
List<String> validTokens = Arrays.asList("account", "accounttype", "env", "region", "group", "autogrp", "cluster", "stack", "detail", "launchconfig");
List<String> tokens = Arrays.asList(StringUtils.substringsBetween(resolvedUserData, "%%", "%%"));
List<String> invalidTokens = tokens.stream().filter(t -> !validTokens.contains(t)).collect(Collectors.toList());
if (invalidTokens.size() != 0) {
psBuilder.addProblem(Problem.Severity.WARNING, "The supplied user data file contains tokens that won't be replaced. " + "Tokens \"" + StringUtils.join(invalidTokens, ", ") + "\" are not supported.").setRemediation("Please use only the supported tokens \"" + StringUtils.join(validTokens, ", ") + "\".");
}
}
OpenstackConfigurationProperties.LbaasConfig lbaasConfig = new OpenstackConfigurationProperties.LbaasConfig();
lbaasConfig.setPollInterval(lbaas.getPollInterval());
lbaasConfig.setPollTimeout(lbaas.getPollTimeout());
try {
OpenstackNamedAccountCredentials openstackCredentials = new OpenstackNamedAccountCredentials.Builder().name(account.getName()).environment(environment).accountType(accountType).authUrl(authUrl).username(username).password(password).projectName(projectName).domainName(domainName).regions(regions).insecure(insecure).heatTemplateLocation(heatTemplateLocation).consulConfig(consulConfig).lbaasConfig(lbaasConfig).userDataFile(userDataFile).build();
credentialsList.add(openstackCredentials);
// TODO(emjburns) verify that these credentials can connect w/o error to the openstack instance
} catch (Exception e) {
psBuilder.addProblem(Problem.Severity.ERROR, "Failed to instantiate openstack credentials for account \"" + account.getName() + "\".");
}
}
Also used :
OpenstackNamedAccountCredentials(com.netflix.spinnaker.clouddriver.openstack.security.OpenstackNamedAccountCredentials)
Arrays(java.util.Arrays)
OpenstackConfigurationProperties(com.netflix.spinnaker.clouddriver.openstack.config.OpenstackConfigurationProperties)
OpenstackAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount)
EqualsAndHashCode(lombok.EqualsAndHashCode)
ConfigProblemSetBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemSetBuilder)
StringUtils(org.apache.commons.lang3.StringUtils)
Collectors(java.util.stream.Collectors)
DaemonTaskHandler(com.netflix.spinnaker.halyard.core.tasks.v1.DaemonTaskHandler)
ConsulConfig(com.netflix.spinnaker.clouddriver.consul.config.ConsulConfig)
List(java.util.List)
Validator(com.netflix.spinnaker.halyard.config.model.v1.node.Validator)
Data(lombok.Data)
Problem(com.netflix.spinnaker.halyard.core.problem.v1.Problem)
ValidatingFileReader(com.netflix.spinnaker.halyard.config.validate.v1.util.ValidatingFileReader)
ConsulConfig(com.netflix.spinnaker.clouddriver.consul.config.ConsulConfig)
OpenstackConfigurationProperties(com.netflix.spinnaker.clouddriver.openstack.config.OpenstackConfigurationProperties)
OpenstackNamedAccountCredentials(com.netflix.spinnaker.clouddriver.openstack.security.OpenstackNamedAccountCredentials)
OpenstackAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount)
Example 2 with OpenstackAccount
use of com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount in project halyard by spinnaker.
the class OpenstackAddAccountCommand method buildAccount.
@Override
protected Account buildAccount(String accountName) {
OpenstackAccount account = (OpenstackAccount) new OpenstackAccount().setName(accountName);
OpenstackAccount.OpenstackLbaasOptions lbaas = new OpenstackAccount.OpenstackLbaasOptions();
if (isSet(lbaasPollInterval)) {
lbaas.setPollInterval(lbaasPollInterval);
}
if (isSet(lbaasPollTimeout)) {
lbaas.setPollTimeout(lbaasPollTimeout);
}
account.setAuthUrl(authUrl).setUsername(username).setPassword(password).setEnvironment(environment).setAccountType(accountType).setHeatTemplateLocation(heatTemplateLocation).setProjectName(projectName).setDomainName(domainName).setRegions(regions).setInsecure(insecure).setUserDataFile(userDataFile).setConsulConfig(consulConfig).setLbaas(lbaas);
return account;
}
Also used :
OpenstackAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount)
Example 3 with OpenstackAccount
use of com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount in project halyard by spinnaker.
the class DeckProfileFactory method setProfile.
@Override
protected void setProfile(Profile profile, DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) {
StringResource configTemplate = new StringResource(profile.getBaseContents());
UiSecurity uiSecurity = deploymentConfiguration.getSecurity().getUiSecurity();
profile.setUser(ApacheSettings.APACHE_USER);
Features features = deploymentConfiguration.getFeatures();
Notifications notifications = deploymentConfiguration.getNotifications();
Map<String, Object> bindings = new HashMap<>();
String version = deploymentConfiguration.getVersion();
// Configure global settings
bindings.put("gate.baseUrl", endpoints.getServices().getGate().getBaseUrl());
bindings.put("timezone", deploymentConfiguration.getTimezone());
bindings.put("version", deploymentConfiguration.getVersion());
Optional<Versions.Version> validatedVersion = versionsService.getVersions().getVersion(version);
if (validatedVersion.isPresent()) {
String changelog = validatedVersion.get().getChangelog();
bindings.put("changelog.gist.id", changelog.substring(changelog.lastIndexOf("/") + 1));
bindings.put("changelog.gist.name", "changelog.md");
} else {
bindings.put("changelog.gist.id", "");
bindings.put("changelog.gist.name", "");
}
// Configure feature-flags
bindings.put("features.auth", Boolean.toString(features.isAuth(deploymentConfiguration)));
bindings.put("features.chaos", Boolean.toString(features.isChaos()));
bindings.put("features.jobs", Boolean.toString(features.isJobs()));
bindings.put("features.fiat", Boolean.toString(deploymentConfiguration.getSecurity().getAuthz().isEnabled()));
bindings.put("features.pipelineTemplates", Boolean.toString(features.getPipelineTemplates() != null ? features.getPipelineTemplates() : false));
bindings.put("features.artifacts", Boolean.toString(features.getArtifacts() != null ? features.getArtifacts() : false));
bindings.put("features.mineCanary", Boolean.toString(features.getMineCanary() != null ? features.getMineCanary() : false));
// Configure Kubernetes
KubernetesProvider kubernetesProvider = deploymentConfiguration.getProviders().getKubernetes();
bindings.put("kubernetes.default.account", kubernetesProvider.getPrimaryAccount());
bindings.put("kubernetes.default.namespace", "default");
bindings.put("kubernetes.default.proxy", "localhost:8001");
// Configure GCE
GoogleProvider googleProvider = deploymentConfiguration.getProviders().getGoogle();
bindings.put("google.default.account", googleProvider.getPrimaryAccount());
bindings.put("google.default.region", "us-central1");
bindings.put("google.default.zone", "us-central1-f");
// Configure Azure
AzureProvider azureProvider = deploymentConfiguration.getProviders().getAzure();
bindings.put("azure.default.account", azureProvider.getPrimaryAccount());
bindings.put("azure.default.region", "westus");
// Configure Appengine
AppengineProvider appengineProvider = deploymentConfiguration.getProviders().getAppengine();
bindings.put("appengine.default.account", appengineProvider.getPrimaryAccount());
bindings.put("appengine.enabled", Boolean.toString(appengineProvider.getPrimaryAccount() != null));
// Configure DC/OS
final DCOSProvider dcosProvider = deploymentConfiguration.getProviders().getDcos();
bindings.put("dcos.default.account", dcosProvider.getPrimaryAccount());
// TODO(willgorman) need to set the proxy url somehow
// Configure Openstack
OpenstackProvider openstackProvider = deploymentConfiguration.getProviders().getOpenstack();
bindings.put("openstack.default.account", openstackProvider.getPrimaryAccount());
if (openstackProvider.getPrimaryAccount() != null) {
OpenstackAccount openstackAccount = (OpenstackAccount) accountService.getProviderAccount(deploymentConfiguration.getName(), "openstack", openstackProvider.getPrimaryAccount());
String firstRegion = openstackAccount.getRegions().get(0);
bindings.put("openstack.default.region", firstRegion);
}
// Configure notifications
bindings.put("notifications.enabled", notifications.isEnabled() + "");
SlackNotification slackNotification = notifications.getSlack();
bindings.put("notifications.slack.enabled", slackNotification.isEnabled() + "");
bindings.put("notifications.slack.botName", slackNotification.getBotName());
// Configure canary
Canary canary = deploymentConfiguration.getCanary();
bindings.put("canary.atlasWebComponentsUrl", canary.getAtlasWebComponentsUrl());
bindings.put("canary.featureEnabled", Boolean.toString(canary.isEnabled()));
if (canary.isEnabled()) {
// TODO(duftler): Automatically choose the first metrics/storage/judge here if unspecified?
bindings.put("canary.reduxLogger", canary.isReduxLoggerEnabled());
bindings.put("canary.defaultMetricsAccount", canary.getDefaultMetricsAccount());
bindings.put("canary.defaultStorageAccount", canary.getDefaultStorageAccount());
bindings.put("canary.defaultJudge", canary.getDefaultJudge());
bindings.put("canary.defaultMetricsStore", canary.getDefaultMetricsStore());
bindings.put("canary.stages", canary.isStagesEnabled());
bindings.put("canary.templatesEnabled", canary.isTemplatesEnabled());
bindings.put("canary.showAllCanaryConfigs", canary.isShowAllConfigsEnabled());
}
profile.appendContents(configTemplate.setBindings(bindings).toString()).setRequiredFiles(backupRequiredFiles(uiSecurity, deploymentConfiguration.getName()));
}
Also used :
HashMap(java.util.HashMap)
AzureProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.azure.AzureProvider)
AppengineProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.appengine.AppengineProvider)
Canary(com.netflix.spinnaker.halyard.config.model.v1.canary.Canary)
StringResource(com.netflix.spinnaker.halyard.core.resource.v1.StringResource)
KubernetesProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.kubernetes.KubernetesProvider)
OpenstackProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackProvider)
UiSecurity(com.netflix.spinnaker.halyard.config.model.v1.security.UiSecurity)
SlackNotification(com.netflix.spinnaker.halyard.config.model.v1.notifications.SlackNotification)
DCOSProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.dcos.DCOSProvider)
Features(com.netflix.spinnaker.halyard.config.model.v1.node.Features)
Notifications(com.netflix.spinnaker.halyard.config.model.v1.node.Notifications)
GoogleProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.google.GoogleProvider)
OpenstackAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount)
Aggregations
OpenstackAccount (com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount)3
ConsulConfig (com.netflix.spinnaker.clouddriver.consul.config.ConsulConfig)1
OpenstackConfigurationProperties (com.netflix.spinnaker.clouddriver.openstack.config.OpenstackConfigurationProperties)1
OpenstackNamedAccountCredentials (com.netflix.spinnaker.clouddriver.openstack.security.OpenstackNamedAccountCredentials)1
Canary (com.netflix.spinnaker.halyard.config.model.v1.canary.Canary)1
Features (com.netflix.spinnaker.halyard.config.model.v1.node.Features)1
Notifications (com.netflix.spinnaker.halyard.config.model.v1.node.Notifications)1
Validator (com.netflix.spinnaker.halyard.config.model.v1.node.Validator)1
SlackNotification (com.netflix.spinnaker.halyard.config.model.v1.notifications.SlackNotification)1
AppengineProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.appengine.AppengineProvider)1
AzureProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.azure.AzureProvider)1
DCOSProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.dcos.DCOSProvider)1
GoogleProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.google.GoogleProvider)1
KubernetesProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.kubernetes.KubernetesProvider)1
OpenstackProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackProvider)1
UiSecurity (com.netflix.spinnaker.halyard.config.model.v1.security.UiSecurity)1
ConfigProblemSetBuilder (com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemSetBuilder)1
ValidatingFileReader (com.netflix.spinnaker.halyard.config.validate.v1.util.ValidatingFileReader)1
Problem (com.netflix.spinnaker.halyard.core.problem.v1.Problem)1
StringResource (com.netflix.spinnaker.halyard.core.resource.v1.StringResource)1
