Example 1 with KeystoneAuthHolder
use of org.onap.so.cloud.authentication.KeystoneAuthHolder in project so by onap.
the class MsoHeatUtils method getHeatClient.
/**
* Get a Heat client for the Openstack Identity service. This requires a 'member'-level userId + password, which
* will be retrieved from properties based on the specified cloud Id. The tenant in which to operate must also be
* provided.
* <p>
* On successful authentication, the Heat object will be cached for the tenantID + cloudId so that it can be reused
* without reauthenticating with Openstack every time.
*
* @return an authenticated Heat object
*/
public Heat getHeatClient(String cloudSiteId, String tenantId) throws MsoException {
KeystoneAuthHolder keystone = getKeystoneAuthHolder(cloudSiteId, tenantId, "orchestration");
Heat heatClient = new Heat(keystone.getServiceUrl());
heatClient.token(keystone.getId());
return heatClient;
}
Also used :
KeystoneAuthHolder(org.onap.so.cloud.authentication.KeystoneAuthHolder)
Heat(com.woorea.openstack.heat.Heat)
Example 2 with KeystoneAuthHolder
use of org.onap.so.cloud.authentication.KeystoneAuthHolder in project so by onap.
the class MsoNeutronUtils method getNeutronClient.
// -------------------------------------------------------------------
// PRIVATE UTILITY FUNCTIONS FOR USE WITHIN THIS CLASS
/**
* Get a Neutron (Quantum) client for the Openstack Network service. This requires a 'member'-level userId +
* password, which will be retrieved from properties based on the specified cloud Id. The tenant in which to operate
* must also be provided.
* <p>
* On successful authentication, the Quantum object will be cached for the tenantID + cloudId so that it can be
* reused without reauthenticating with Openstack every time.
*
* @param cloudSite - a cloud site definition
* @param tenantId - Openstack tenant ID
* @return an authenticated Quantum object
*/
private Quantum getNeutronClient(CloudSite cloudSite, String tenantId) throws MsoException {
String cloudId = cloudSite.getId();
String region = cloudSite.getRegionId();
// Obtain an MSO token for the tenant from the identity service
CloudIdentity cloudIdentity = cloudSite.getIdentityService();
MsoTenantUtils tenantUtils = tenantUtilsFactory.getTenantUtilsByServerType(cloudIdentity.getIdentityServerType());
final String keystoneUrl = tenantUtils.getKeystoneUrl(cloudId, cloudIdentity);
String neutronUrl = null;
String tokenId = null;
try {
if (ServerType.KEYSTONE.equals(cloudIdentity.getIdentityServerType())) {
Keystone keystoneTenantClient = new Keystone(keystoneUrl);
Access access = null;
Authentication credentials = authenticationMethodFactory.getAuthenticationFor(cloudIdentity);
OpenStackRequest<Access> request = keystoneTenantClient.tokens().authenticate(credentials).withTenantId(tenantId);
access = executeAndRecordOpenstackRequest(request, true);
try {
neutronUrl = KeystoneUtils.findEndpointURL(access.getServiceCatalog(), "network", region, "public");
if (!neutronUrl.endsWith("/")) {
neutronUrl += "/v2.0/";
}
} catch (RuntimeException e) {
// This comes back for not found (probably an incorrect region ID)
String error = "Network service not found: region=" + region + ",cloud=" + cloudIdentity.getId();
throw new MsoAdapterException(error, e);
}
tokenId = access.getToken().getId();
} else if (ServerType.KEYSTONE_V3.equals(cloudIdentity.getIdentityServerType())) {
try {
KeystoneAuthHolder holder = keystoneV3Authentication.getToken(cloudSite, tenantId, "network");
tokenId = holder.getId();
neutronUrl = holder.getServiceUrl();
if (!neutronUrl.endsWith("/")) {
neutronUrl += "/v2.0/";
}
} catch (ServiceEndpointNotFoundException e) {
// This comes back for not found (probably an incorrect region ID)
String error = "Network service not found: region=" + region + ",cloud=" + cloudIdentity.getId();
throw new MsoAdapterException(error, e);
}
}
} catch (OpenStackResponseException e) {
if (e.getStatus() == 401) {
// Authentication error.
String error = "Authentication Failure: tenant=" + tenantId + ",cloud=" + cloudIdentity.getId();
throw new MsoAdapterException(error);
} else {
MsoException me = keystoneErrorToMsoException(e, "TokenAuth");
throw me;
}
} catch (OpenStackConnectException e) {
// Connection to Openstack failed
MsoIOException me = new MsoIOException(e.getMessage(), e);
me.addContext("TokenAuth");
throw me;
} catch (RuntimeException e) {
// Catch-all
MsoException me = runtimeExceptionToMsoException(e, "TokenAuth");
throw me;
}
Quantum neutronClient = new Quantum(neutronUrl);
neutronClient.token(tokenId);
return neutronClient;
}
Also used :
MsoException(org.onap.so.openstack.exceptions.MsoException)
CloudIdentity(org.onap.so.db.catalog.beans.CloudIdentity)
Access(com.woorea.openstack.keystone.model.Access)
KeystoneAuthHolder(org.onap.so.cloud.authentication.KeystoneAuthHolder)
Quantum(com.woorea.openstack.quantum.Quantum)
MsoAdapterException(org.onap.so.openstack.exceptions.MsoAdapterException)
ServiceEndpointNotFoundException(org.onap.so.cloud.authentication.ServiceEndpointNotFoundException)
Keystone(com.woorea.openstack.keystone.Keystone)
OpenStackResponseException(com.woorea.openstack.base.client.OpenStackResponseException)
KeystoneV3Authentication(org.onap.so.cloud.authentication.KeystoneV3Authentication)
Authentication(com.woorea.openstack.keystone.model.Authentication)
MsoIOException(org.onap.so.openstack.exceptions.MsoIOException)
OpenStackConnectException(com.woorea.openstack.base.client.OpenStackConnectException)
Example 3 with KeystoneAuthHolder
use of org.onap.so.cloud.authentication.KeystoneAuthHolder in project so by onap.
the class GlanceClientImpl method getGlanceClient.
/**
* Gets the glance client.
*
* @param cloudSite the cloud site
* @param tenantId the tenant id
* @return the glance client
* @throws MsoException the mso exception
*/
private Glance getGlanceClient(String cloudSiteId, String tenantId) throws MsoException {
KeystoneAuthHolder keystone = getKeystoneAuthHolder(cloudSiteId, tenantId, "image");
Glance glanceClient = new Glance(keystone.getServiceUrl() + "/v2.0/");
glanceClient.token(keystone.getId());
return glanceClient;
}
Also used :
KeystoneAuthHolder(org.onap.so.cloud.authentication.KeystoneAuthHolder)
Glance(com.woorea.openstack.glance.Glance)
Example 4 with KeystoneAuthHolder
use of org.onap.so.cloud.authentication.KeystoneAuthHolder in project so by onap.
the class CinderClientImpl method getCinderClient.
/**
* Gets the Cinder client.
*
* @param cloudSiteId the cloud site
* @param tenantId the tenant id
* @return the glance client
* @throws MsoException the mso exception
*/
private Cinder getCinderClient(String cloudSiteId, String tenantId) throws MsoException {
KeystoneAuthHolder keystone = getKeystoneAuthHolder(cloudSiteId, tenantId, "volumev2");
Cinder cinderClient = new Cinder(keystone.getServiceUrl());
cinderClient.token(keystone.getId());
return cinderClient;
}
Also used :
KeystoneAuthHolder(org.onap.so.cloud.authentication.KeystoneAuthHolder)
Cinder(com.woorea.openstack.cinder.Cinder)
Example 5 with KeystoneAuthHolder
use of org.onap.so.cloud.authentication.KeystoneAuthHolder in project so by onap.
the class MsoCommonUtils method getKeystoneAuthHolder.
/**
* Gets the Keystone Authorization
*
* @param cloudSite the cloud site
* @param tenantId the tenant id
* @return the Neutron client
* @throws MsoException the mso exception
*/
protected KeystoneAuthHolder getKeystoneAuthHolder(String cloudSiteId, String tenantId, String serviceName) throws MsoException {
CloudIdentity cloudIdentity = null;
try {
CloudSite cloudSite = cloudConfig.getCloudSite(cloudSiteId).orElseThrow(() -> new MsoCloudSiteNotFound(cloudSiteId));
String cloudId = cloudSite.getId();
String region = cloudSite.getRegionId();
cloudIdentity = cloudSite.getIdentityService();
MsoTenantUtils tenantUtils = tenantUtilsFactory.getTenantUtilsByServerType(cloudIdentity.getIdentityServerType());
String keystoneUrl = tenantUtils.getKeystoneUrl(cloudId, cloudIdentity);
if (ServerType.KEYSTONE.equals(cloudIdentity.getIdentityServerType())) {
Access access = getKeystone(tenantId, cloudIdentity, keystoneUrl);
try {
KeystoneAuthHolder keystoneAuthV2 = new KeystoneAuthHolder();
keystoneAuthV2.setServiceUrl(KeystoneUtils.findEndpointURL(access.getServiceCatalog(), serviceName, region, "public"));
keystoneAuthV2.setId(access.getToken().getId());
return keystoneAuthV2;
} catch (RuntimeException e) {
String error = "Openstack did not match an orchestration service for: region=" + region + ",cloud=" + cloudIdentity.getIdentityUrl();
throw new MsoAdapterException(error, e);
}
} else if (ServerType.KEYSTONE_V3.equals(cloudIdentity.getIdentityServerType())) {
try {
return keystoneV3Authentication.getToken(cloudSite, tenantId, serviceName);
} catch (ServiceEndpointNotFoundException e) {
String error = "cloud did not match an orchestration service for: region=" + region + ",cloud=" + cloudIdentity.getIdentityUrl();
throw new MsoAdapterException(error, e);
}
} else {
throw new MsoAdapterException("Unknown Keystone Server Type");
}
} catch (OpenStackResponseException e) {
if (e.getStatus() == 401) {
String error = "Authentication Failure: tenant=" + tenantId + ",cloud=" + cloudIdentity.getId();
throw new MsoAdapterException(error);
} else {
throw keystoneErrorToMsoException(e, TOKEN_AUTH);
}
} catch (OpenStackConnectException e) {
MsoIOException me = new MsoIOException(e.getMessage(), e);
me.addContext(TOKEN_AUTH);
throw me;
} catch (RuntimeException e) {
throw runtimeExceptionToMsoException(e, TOKEN_AUTH);
}
}
Also used :
MsoCloudSiteNotFound(org.onap.so.openstack.exceptions.MsoCloudSiteNotFound)
CloudIdentity(org.onap.so.db.catalog.beans.CloudIdentity)
Access(com.woorea.openstack.keystone.model.Access)
KeystoneAuthHolder(org.onap.so.cloud.authentication.KeystoneAuthHolder)
MsoAdapterException(org.onap.so.openstack.exceptions.MsoAdapterException)
ServiceEndpointNotFoundException(org.onap.so.cloud.authentication.ServiceEndpointNotFoundException)
OpenStackResponseException(com.woorea.openstack.base.client.OpenStackResponseException)
CloudSite(org.onap.so.db.catalog.beans.CloudSite)
MsoIOException(org.onap.so.openstack.exceptions.MsoIOException)
OpenStackConnectException(com.woorea.openstack.base.client.OpenStackConnectException)
Aggregations
KeystoneAuthHolder (org.onap.so.cloud.authentication.KeystoneAuthHolder)7
OpenStackConnectException (com.woorea.openstack.base.client.OpenStackConnectException)2
OpenStackResponseException (com.woorea.openstack.base.client.OpenStackResponseException)2
Access (com.woorea.openstack.keystone.model.Access)2
Quantum (com.woorea.openstack.quantum.Quantum)2
ServiceEndpointNotFoundException (org.onap.so.cloud.authentication.ServiceEndpointNotFoundException)2
CloudIdentity (org.onap.so.db.catalog.beans.CloudIdentity)2
MsoAdapterException (org.onap.so.openstack.exceptions.MsoAdapterException)2
MsoIOException (org.onap.so.openstack.exceptions.MsoIOException)2
Cinder (com.woorea.openstack.cinder.Cinder)1
Glance (com.woorea.openstack.glance.Glance)1
Heat (com.woorea.openstack.heat.Heat)1
Keystone (com.woorea.openstack.keystone.Keystone)1
Authentication (com.woorea.openstack.keystone.model.Authentication)1
Nova (com.woorea.openstack.nova.Nova)1
KeystoneV3Authentication (org.onap.so.cloud.authentication.KeystoneV3Authentication)1
CloudSite (org.onap.so.db.catalog.beans.CloudSite)1
MsoCloudSiteNotFound (org.onap.so.openstack.exceptions.MsoCloudSiteNotFound)1
MsoException (org.onap.so.openstack.exceptions.MsoException)1
Cacheable (org.springframework.cache.annotation.Cacheable)1
