Search in sources :

Example 1 with KeystoneAuthHolder

use of org.onap.so.cloud.authentication.KeystoneAuthHolder in project so by onap.

the class MsoHeatUtils method getHeatClient.

/**
 * Get a Heat client for the Openstack Identity service. This requires a 'member'-level userId + password, which
 * will be retrieved from properties based on the specified cloud Id. The tenant in which to operate must also be
 * provided.
 * <p>
 * On successful authentication, the Heat object will be cached for the tenantID + cloudId so that it can be reused
 * without reauthenticating with Openstack every time.
 *
 * @return an authenticated Heat object
 */
public Heat getHeatClient(String cloudSiteId, String tenantId) throws MsoException {
    KeystoneAuthHolder keystone = getKeystoneAuthHolder(cloudSiteId, tenantId, "orchestration");
    Heat heatClient = new Heat(keystone.getServiceUrl());
    heatClient.token(keystone.getId());
    return heatClient;
}
Also used : KeystoneAuthHolder(org.onap.so.cloud.authentication.KeystoneAuthHolder) Heat(com.woorea.openstack.heat.Heat)

Example 2 with KeystoneAuthHolder

use of org.onap.so.cloud.authentication.KeystoneAuthHolder in project so by onap.

the class MsoNeutronUtils method getNeutronClient.

// -------------------------------------------------------------------
// PRIVATE UTILITY FUNCTIONS FOR USE WITHIN THIS CLASS
/**
 * Get a Neutron (Quantum) client for the Openstack Network service. This requires a 'member'-level userId +
 * password, which will be retrieved from properties based on the specified cloud Id. The tenant in which to operate
 * must also be provided.
 * <p>
 * On successful authentication, the Quantum object will be cached for the tenantID + cloudId so that it can be
 * reused without reauthenticating with Openstack every time.
 *
 * @param cloudSite - a cloud site definition
 * @param tenantId - Openstack tenant ID
 * @return an authenticated Quantum object
 */
private Quantum getNeutronClient(CloudSite cloudSite, String tenantId) throws MsoException {
    String cloudId = cloudSite.getId();
    String region = cloudSite.getRegionId();
    // Obtain an MSO token for the tenant from the identity service
    CloudIdentity cloudIdentity = cloudSite.getIdentityService();
    MsoTenantUtils tenantUtils = tenantUtilsFactory.getTenantUtilsByServerType(cloudIdentity.getIdentityServerType());
    final String keystoneUrl = tenantUtils.getKeystoneUrl(cloudId, cloudIdentity);
    String neutronUrl = null;
    String tokenId = null;
    try {
        if (ServerType.KEYSTONE.equals(cloudIdentity.getIdentityServerType())) {
            Keystone keystoneTenantClient = new Keystone(keystoneUrl);
            Access access = null;
            Authentication credentials = authenticationMethodFactory.getAuthenticationFor(cloudIdentity);
            OpenStackRequest<Access> request = keystoneTenantClient.tokens().authenticate(credentials).withTenantId(tenantId);
            access = executeAndRecordOpenstackRequest(request, true);
            try {
                neutronUrl = KeystoneUtils.findEndpointURL(access.getServiceCatalog(), "network", region, "public");
                if (!neutronUrl.endsWith("/")) {
                    neutronUrl += "/v2.0/";
                }
            } catch (RuntimeException e) {
                // This comes back for not found (probably an incorrect region ID)
                String error = "Network service not found: region=" + region + ",cloud=" + cloudIdentity.getId();
                throw new MsoAdapterException(error, e);
            }
            tokenId = access.getToken().getId();
        } else if (ServerType.KEYSTONE_V3.equals(cloudIdentity.getIdentityServerType())) {
            try {
                KeystoneAuthHolder holder = keystoneV3Authentication.getToken(cloudSite, tenantId, "network");
                tokenId = holder.getId();
                neutronUrl = holder.getServiceUrl();
                if (!neutronUrl.endsWith("/")) {
                    neutronUrl += "/v2.0/";
                }
            } catch (ServiceEndpointNotFoundException e) {
                // This comes back for not found (probably an incorrect region ID)
                String error = "Network service not found: region=" + region + ",cloud=" + cloudIdentity.getId();
                throw new MsoAdapterException(error, e);
            }
        }
    } catch (OpenStackResponseException e) {
        if (e.getStatus() == 401) {
            // Authentication error.
            String error = "Authentication Failure: tenant=" + tenantId + ",cloud=" + cloudIdentity.getId();
            throw new MsoAdapterException(error);
        } else {
            MsoException me = keystoneErrorToMsoException(e, "TokenAuth");
            throw me;
        }
    } catch (OpenStackConnectException e) {
        // Connection to Openstack failed
        MsoIOException me = new MsoIOException(e.getMessage(), e);
        me.addContext("TokenAuth");
        throw me;
    } catch (RuntimeException e) {
        // Catch-all
        MsoException me = runtimeExceptionToMsoException(e, "TokenAuth");
        throw me;
    }
    Quantum neutronClient = new Quantum(neutronUrl);
    neutronClient.token(tokenId);
    return neutronClient;
}
Also used : MsoException(org.onap.so.openstack.exceptions.MsoException) CloudIdentity(org.onap.so.db.catalog.beans.CloudIdentity) Access(com.woorea.openstack.keystone.model.Access) KeystoneAuthHolder(org.onap.so.cloud.authentication.KeystoneAuthHolder) Quantum(com.woorea.openstack.quantum.Quantum) MsoAdapterException(org.onap.so.openstack.exceptions.MsoAdapterException) ServiceEndpointNotFoundException(org.onap.so.cloud.authentication.ServiceEndpointNotFoundException) Keystone(com.woorea.openstack.keystone.Keystone) OpenStackResponseException(com.woorea.openstack.base.client.OpenStackResponseException) KeystoneV3Authentication(org.onap.so.cloud.authentication.KeystoneV3Authentication) Authentication(com.woorea.openstack.keystone.model.Authentication) MsoIOException(org.onap.so.openstack.exceptions.MsoIOException) OpenStackConnectException(com.woorea.openstack.base.client.OpenStackConnectException)

Example 3 with KeystoneAuthHolder

use of org.onap.so.cloud.authentication.KeystoneAuthHolder in project so by onap.

the class GlanceClientImpl method getGlanceClient.

/**
 * Gets the glance client.
 *
 * @param cloudSite the cloud site
 * @param tenantId the tenant id
 * @return the glance client
 * @throws MsoException the mso exception
 */
private Glance getGlanceClient(String cloudSiteId, String tenantId) throws MsoException {
    KeystoneAuthHolder keystone = getKeystoneAuthHolder(cloudSiteId, tenantId, "image");
    Glance glanceClient = new Glance(keystone.getServiceUrl() + "/v2.0/");
    glanceClient.token(keystone.getId());
    return glanceClient;
}
Also used : KeystoneAuthHolder(org.onap.so.cloud.authentication.KeystoneAuthHolder) Glance(com.woorea.openstack.glance.Glance)

Example 4 with KeystoneAuthHolder

use of org.onap.so.cloud.authentication.KeystoneAuthHolder in project so by onap.

the class CinderClientImpl method getCinderClient.

/**
 * Gets the Cinder client.
 *
 * @param cloudSiteId the cloud site
 * @param tenantId the tenant id
 * @return the glance client
 * @throws MsoException the mso exception
 */
private Cinder getCinderClient(String cloudSiteId, String tenantId) throws MsoException {
    KeystoneAuthHolder keystone = getKeystoneAuthHolder(cloudSiteId, tenantId, "volumev2");
    Cinder cinderClient = new Cinder(keystone.getServiceUrl());
    cinderClient.token(keystone.getId());
    return cinderClient;
}
Also used : KeystoneAuthHolder(org.onap.so.cloud.authentication.KeystoneAuthHolder) Cinder(com.woorea.openstack.cinder.Cinder)

Example 5 with KeystoneAuthHolder

use of org.onap.so.cloud.authentication.KeystoneAuthHolder in project so by onap.

the class MsoCommonUtils method getKeystoneAuthHolder.

/**
 * Gets the Keystone Authorization
 *
 * @param cloudSite the cloud site
 * @param tenantId the tenant id
 * @return the Neutron client
 * @throws MsoException the mso exception
 */
protected KeystoneAuthHolder getKeystoneAuthHolder(String cloudSiteId, String tenantId, String serviceName) throws MsoException {
    CloudIdentity cloudIdentity = null;
    try {
        CloudSite cloudSite = cloudConfig.getCloudSite(cloudSiteId).orElseThrow(() -> new MsoCloudSiteNotFound(cloudSiteId));
        String cloudId = cloudSite.getId();
        String region = cloudSite.getRegionId();
        cloudIdentity = cloudSite.getIdentityService();
        MsoTenantUtils tenantUtils = tenantUtilsFactory.getTenantUtilsByServerType(cloudIdentity.getIdentityServerType());
        String keystoneUrl = tenantUtils.getKeystoneUrl(cloudId, cloudIdentity);
        if (ServerType.KEYSTONE.equals(cloudIdentity.getIdentityServerType())) {
            Access access = getKeystone(tenantId, cloudIdentity, keystoneUrl);
            try {
                KeystoneAuthHolder keystoneAuthV2 = new KeystoneAuthHolder();
                keystoneAuthV2.setServiceUrl(KeystoneUtils.findEndpointURL(access.getServiceCatalog(), serviceName, region, "public"));
                keystoneAuthV2.setId(access.getToken().getId());
                return keystoneAuthV2;
            } catch (RuntimeException e) {
                String error = "Openstack did not match an orchestration service for: region=" + region + ",cloud=" + cloudIdentity.getIdentityUrl();
                throw new MsoAdapterException(error, e);
            }
        } else if (ServerType.KEYSTONE_V3.equals(cloudIdentity.getIdentityServerType())) {
            try {
                return keystoneV3Authentication.getToken(cloudSite, tenantId, serviceName);
            } catch (ServiceEndpointNotFoundException e) {
                String error = "cloud did not match an orchestration service for: region=" + region + ",cloud=" + cloudIdentity.getIdentityUrl();
                throw new MsoAdapterException(error, e);
            }
        } else {
            throw new MsoAdapterException("Unknown Keystone Server Type");
        }
    } catch (OpenStackResponseException e) {
        if (e.getStatus() == 401) {
            String error = "Authentication Failure: tenant=" + tenantId + ",cloud=" + cloudIdentity.getId();
            throw new MsoAdapterException(error);
        } else {
            throw keystoneErrorToMsoException(e, TOKEN_AUTH);
        }
    } catch (OpenStackConnectException e) {
        MsoIOException me = new MsoIOException(e.getMessage(), e);
        me.addContext(TOKEN_AUTH);
        throw me;
    } catch (RuntimeException e) {
        throw runtimeExceptionToMsoException(e, TOKEN_AUTH);
    }
}
Also used : MsoCloudSiteNotFound(org.onap.so.openstack.exceptions.MsoCloudSiteNotFound) CloudIdentity(org.onap.so.db.catalog.beans.CloudIdentity) Access(com.woorea.openstack.keystone.model.Access) KeystoneAuthHolder(org.onap.so.cloud.authentication.KeystoneAuthHolder) MsoAdapterException(org.onap.so.openstack.exceptions.MsoAdapterException) ServiceEndpointNotFoundException(org.onap.so.cloud.authentication.ServiceEndpointNotFoundException) OpenStackResponseException(com.woorea.openstack.base.client.OpenStackResponseException) CloudSite(org.onap.so.db.catalog.beans.CloudSite) MsoIOException(org.onap.so.openstack.exceptions.MsoIOException) OpenStackConnectException(com.woorea.openstack.base.client.OpenStackConnectException)

Aggregations

KeystoneAuthHolder (org.onap.so.cloud.authentication.KeystoneAuthHolder)7 OpenStackConnectException (com.woorea.openstack.base.client.OpenStackConnectException)2 OpenStackResponseException (com.woorea.openstack.base.client.OpenStackResponseException)2 Access (com.woorea.openstack.keystone.model.Access)2 Quantum (com.woorea.openstack.quantum.Quantum)2 ServiceEndpointNotFoundException (org.onap.so.cloud.authentication.ServiceEndpointNotFoundException)2 CloudIdentity (org.onap.so.db.catalog.beans.CloudIdentity)2 MsoAdapterException (org.onap.so.openstack.exceptions.MsoAdapterException)2 MsoIOException (org.onap.so.openstack.exceptions.MsoIOException)2 Cinder (com.woorea.openstack.cinder.Cinder)1 Glance (com.woorea.openstack.glance.Glance)1 Heat (com.woorea.openstack.heat.Heat)1 Keystone (com.woorea.openstack.keystone.Keystone)1 Authentication (com.woorea.openstack.keystone.model.Authentication)1 Nova (com.woorea.openstack.nova.Nova)1 KeystoneV3Authentication (org.onap.so.cloud.authentication.KeystoneV3Authentication)1 CloudSite (org.onap.so.db.catalog.beans.CloudSite)1 MsoCloudSiteNotFound (org.onap.so.openstack.exceptions.MsoCloudSiteNotFound)1 MsoException (org.onap.so.openstack.exceptions.MsoException)1 Cacheable (org.springframework.cache.annotation.Cacheable)1