Python oslo_config.cfg.CONF Examples
The following are 30
code examples of oslo_config.cfg.CONF().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
oslo_config.cfg
, or try the search function
.
.
Example #1
| Source File: service.py From ec2-api with Apache License 2.0 | 6 votes |
|
def _get_manager(self):
"""Initialize a Manager object appropriate for this service.
Use the service name to look up a Manager subclass from the
configuration and initialize an instance. If no class name
is configured, just return None.
:returns: a Manager instance, or None.
"""
fl = '%s_manager' % self.name
if fl not in CONF:
return None
manager_class_name = CONF.get(fl, None)
if not manager_class_name:
return None
manager_class = importutils.import_class(manager_class_name)
return manager_class()
Example #2
| Source File: test_middleware.py From ec2-api with Apache License 2.0 | 6 votes |
|
def test_no_result_data(self, mock_request):
req = wsgi.Request.blank('/test')
req.GET['Signature'] = 'test-signature'
req.GET['AWSAccessKeyId'] = 'test-key-id'
resp = self.kauth(req)
self._validate_ec2_error(resp, 400, 'AuthFailure')
mock_request.assert_called_with('POST',
CONF.keystone_ec2_tokens_url,
data=mock.ANY, headers=mock.ANY)
fake_request = mock.NonCallableMock(status_code=200, headers={})
fake_request.json.return_value = {'token': {}}
mock_request.return_value = fake_request
resp = self.kauth(req)
self._validate_ec2_error(resp, 400, 'AuthFailure')
fake_request.json.return_value = {'access': {}}
resp = self.kauth(req)
self._validate_ec2_error(resp, 400, 'AuthFailure')
Example #3
| Source File: wsgi.py From ec2-api with Apache License 2.0 | 6 votes |
|
def __init__(self, config_path=None):
"""Initialize the loader, and attempt to find the config.
:param config_path: Full or relative path to the paste config.
:returns: None
"""
self.config_path = None
config_path = config_path or CONF.api_paste_config
if not os.path.isabs(config_path):
self.config_path = CONF.find_file(config_path)
elif os.path.exists(config_path):
self.config_path = config_path
if not self.config_path:
raise exception.EC2APIConfigNotFound(path=config_path)
Example #4
| Source File: address.py From ec2-api with Apache License 2.0 | 6 votes |
|
def allocate_address(self, context, domain=None):
os_public_network = ec2utils.get_os_public_network(context)
neutron = clients.neutron(context)
with common.OnCrashCleaner() as cleaner:
os_floating_ip = {'floating_network_id': os_public_network['id']}
try:
os_floating_ip = neutron.create_floatingip(
{'floatingip': os_floating_ip})
except neutron_exception.OverQuotaClient:
raise exception.AddressLimitExceeded()
os_floating_ip = os_floating_ip['floatingip']
if ((not domain or domain == 'standard') and
not CONF.disable_ec2_classic):
return None, os_floating_ip
cleaner.addCleanup(neutron.delete_floatingip, os_floating_ip['id'])
address = {'os_id': os_floating_ip['id'],
'public_ip': os_floating_ip['floating_ip_address']}
address = db_api.add_item(context, 'eipalloc', address)
return address, os_floating_ip
Example #5
| Source File: client.py From zun with Apache License 2.0 | 6 votes |
|
def __init__(self, url='unix://var/run/docker.sock'):
if (CONF.docker.cert_file or
CONF.docker.key_file):
client_cert = (CONF.docker.cert_file, CONF.docker.key_file)
else:
client_cert = None
if (CONF.docker.ca_file or
CONF.docker.api_insecure or
client_cert):
ssl_config = docker.tls.TLSConfig(
client_cert=client_cert,
ca_cert=CONF.docker.ca_file,
verify=CONF.docker.api_insecure)
else:
ssl_config = False
super(DockerHTTPClient, self).__init__(
base_url=url,
version=DEFAULT_DOCKER_API_VERSION,
timeout=DEFAULT_TIMEOUT_SECONDS,
tls=ssl_config
)
self._setup_decorators()
Example #6
| Source File: migration.py From ec2-api with Apache License 2.0 | 6 votes |
|
def __get_backend(self):
if not self.__backend:
if self.__config_group is None:
backend_name = CONF[self.__pivot]
else:
backend_name = CONF[self.__config_group][self.__pivot]
if backend_name not in self.__backends:
msg = _('Invalid backend: %s') % backend_name
raise exception.EC2Exception(msg)
backend = self.__backends[backend_name]
if isinstance(backend, tuple):
name = backend[0]
fromlist = backend[1]
else:
name = backend
fromlist = backend
self.__backend = __import__(name, None, None, fromlist)
return self.__backend
Example #7
| Source File: image.py From ec2-api with Apache License 2.0 | 6 votes |
|
def _s3_conn(context):
region = CONF.s3_region
ec2_creds = clients.keystone(context).ec2.list(context.user_id)
# Here we a) disable user's default config to let ec2api works independetly
# of user's local settings;
# b) specify region to be used by botocore;
# c) do not change standard botocore keys to get these settings
# from environment
connection_data = {
'config_file': (None, 'AWS_CONFIG_FILE', None, None),
'region': ('region', 'AWS_DEFAULT_REGION', region, None),
}
session = botocore.session.get_session(connection_data)
return session.create_client(
's3', region_name=region, endpoint_url=CONF.s3_url,
aws_access_key_id=ec2_creds[0].access,
aws_secret_access_key=ec2_creds[0].secret,
config=botocore.config.Config(signature_version='s3v4'))
Example #8
| Source File: faults.py From ec2-api with Apache License 2.0 | 6 votes |
|
def __call__(self, req):
"""Generate a WSGI response based on the exception passed to ctor."""
code = ec2api.api.exception_to_ec2code(self.wrapped_exc)
status = self.wrapped_exc.status_int
message = self.wrapped_exc.explanation
if status == 501:
message = "The requested function is not supported"
if 'AWSAccessKeyId' not in req.params:
raise webob.exc.HTTPBadRequest()
user_id, _sep, project_id = req.params['AWSAccessKeyId'].partition(':')
project_id = project_id or user_id
remote_address = getattr(req, 'remote_address', '127.0.0.1')
if CONF.use_forwarded_for:
remote_address = req.headers.get('X-Forwarded-For', remote_address)
resp = ec2_error_response(common_context.generate_request_id(), code,
message=message, status=status)
return resp
Example #9
| Source File: __init__.py From ec2-api with Apache License 2.0 | 6 votes |
|
def _validate_signature(self, signature, requester_id, requester_ip):
expected_signature = hmac.new(
CONF.metadata.metadata_proxy_shared_secret.encode("utf-8"),
requester_id.encode(),
hashlib.sha256).hexdigest()
if not (signature and
utils.constant_time_compare(expected_signature, signature)):
LOG.warning('X-Instance-ID-Signature: %(signature)s does '
'not match the expected value: '
'%(expected_signature)s for id: '
'%(requester_id)s. Request From: '
'%(requester_ip)s',
{'signature': signature,
'expected_signature': expected_signature,
'requester_id': requester_id,
'requester_ip': requester_ip})
msg = _('Invalid proxy request signature.')
raise webob.exc.HTTPForbidden(explanation=msg)
Example #10
| Source File: api.py From zun with Apache License 2.0 | 6 votes |
|
def _make_request(self, path, cni_envs, expected_status=None):
method = 'POST'
host = CONF.cni_daemon.cni_daemon_host
port = CONF.cni_daemon.cni_daemon_port
url = 'http://%s:%s/%s' % (host, port, path)
try:
LOG.debug('Making request to CNI Daemon. %(method)s %(path)s\n'
'%(body)s',
{'method': method, 'path': url, 'body': cni_envs})
resp = requests.post(url, json=cni_envs,
headers={'Connection': 'close'})
except requests.ConnectionError:
LOG.exception('Looks like %s:%s cannot be reached. '
'Is zun-cni-daemon running?', (host, port))
raise
LOG.debug('CNI Daemon returned "%(status)d %(reason)s".',
{'status': resp.status_code, 'reason': resp.reason})
if expected_status and resp.status_code != expected_status:
LOG.error('CNI daemon returned error "%(status)d %(reason)s".',
{'status': resp.status_code, 'reason': resp.reason})
raise exception.CNIError('Got invalid status code from CNI daemon')
return resp
Example #11
| Source File: __init__.py From ec2-api with Apache License 2.0 | 6 votes |
|
def _unpack_nsx_request(self, req):
remote_address = req.headers.get('X-Forwarded-For')
if remote_address is None:
msg = _('X-Forwarded-For is missing from request.')
raise webob.exc.HTTPBadRequest(explanation=msg)
provider_id = req.headers.get('X-Metadata-Provider')
if provider_id is None:
msg = _('X-Metadata-Provider is missing from request.')
raise webob.exc.HTTPBadRequest(explanation=msg)
remote_ip = remote_address.split(',')[0]
if CONF.metadata.metadata_proxy_shared_secret:
signature = req.headers.get('X-Metadata-Provider-Signature')
self._validate_signature(signature, provider_id, remote_ip)
return provider_id, remote_ip
Example #12
| Source File: vpc.py From ec2-api with Apache License 2.0 | 6 votes |
|
def _check_and_create_default_vpc(context):
if not CONF.disable_ec2_classic or context.is_os_admin:
return
lock_name = 'default-vpc-lock-{}-'.format(context.project_id)
@synchronized(lock_name, external=True)
def _check():
for vpc in db_api.get_items(context, 'vpc'):
if vpc.get('is_default'):
return vpc
try:
default_vpc = _create_vpc(context, DEFAULT_VPC_CIDR_BLOCK,
is_default=True)
return default_vpc
except Exception:
LOG.exception('Failed to create default vpc')
return None
return _check()
Example #13
| Source File: base.py From zun with Apache License 2.0 | 6 votes |
|
def _need_configure_l3(vif):
if not hasattr(vif, 'physnet'):
return True
physnet = vif.physnet
mapping_res = CONF.sriov_physnet_resource_mappings
try:
resource = mapping_res[physnet]
except KeyError:
LOG.exception("No resource name for physnet %s", physnet)
raise
mapping_driver = CONF.sriov_resource_driver_mappings
try:
driver_name = mapping_driver[resource]
except KeyError:
LOG.exception("No driver for resource_name %s", resource)
raise
if driver_name in consts.USERSPACE_DRIVERS:
LOG.info("_configure_l3 will not be called for vif %s "
"because of it's driver", vif)
return False
return True
Example #14
| Source File: availability_zone.py From ec2-api with Apache License 2.0 | 6 votes |
|
def describe_regions(context, region_name=None, filter=None):
# TODO(andrey-mp): collect regions from keystone catalog
if CONF.region_list:
regions = []
for region in CONF.region_list:
name, _sep, host = region.partition('=')
if not host:
host = CONF.ec2_host
endpoint = '%s://%s:%s%s' % (CONF.ec2_scheme,
host,
CONF.ec2_port,
CONF.ec2_path)
regions.append({'regionName': name,
'regionEndpoint': endpoint})
else:
# NOTE(andrey-mp): RegionOne is a default region name that is used
# in keystone, nova and some other projects
regions = [{'regionName': 'RegionOne',
'regionEndpoint': '%s://%s:%s%s' % (CONF.ec2_scheme,
CONF.ec2_host,
CONF.ec2_port,
CONF.ec2_path)}]
return {'regionInfo': regions}
Example #15
| Source File: manager.py From zun with Apache License 2.0 | 6 votes |
|
def __init__(self, context, node_id=None):
"""Create a pci device tracker.
If a node_id is passed in, it will fetch pci devices information
from database, otherwise, it will create an empty devices list
and the resource tracker will update the node_id information later.
"""
super(PciDevTracker, self).__init__()
self.stale = {}
self.node_id = node_id
self.dev_filter = whitelist.Whitelist(CONF.pci.passthrough_whitelist)
self.stats = stats.PciDeviceStats(dev_filter=self.dev_filter)
self._context = context
if node_id:
self.pci_devs = objects.PciDevice.list_by_compute_node(
context, node_id)
else:
self.pci_devs = []
self._build_device_tree(self.pci_devs)
self._initial_instance_usage()
Example #16
| Source File: api_metadata.py From ec2-api with Apache License 2.0 | 5 votes |
|
def main():
config.parse_args(sys.argv)
logging.setup(CONF, "ec2api")
server = service.WSGIService('metadata')
service.serve(server, workers=server.workers)
service.wait()
Example #17
| Source File: utils.py From kuryr-kubernetes with Apache License 2.0 | 5 votes |
|
def convert_netns(netns):
"""Convert /proc based netns path to Docker-friendly path.
When CONF.docker_mode is set this method will change /proc to
/CONF.netns_proc_dir. This allows netns manipulations to work when running
in Docker container on Kubernetes host.
:param netns: netns path to convert.
:return: Converted netns path.
"""
if CONF.cni_daemon.docker_mode:
return netns.replace('/proc', CONF.cni_daemon.netns_proc_dir)
else:
return netns
Example #18
| Source File: service.py From ec2-api with Apache License 2.0 | 5 votes |
|
def __init__(self, name, loader=None, max_url_len=None):
"""Initialize, but do not start the WSGI server.
:param name: The name of the WSGI server given to the loader.
:param loader: Loads the WSGI application using the given name.
:returns: None
"""
self.name = name
self.manager = self._get_manager()
self.loader = loader or wsgi.Loader()
self.app = self.loader.load_app(name)
self.host = getattr(CONF, '%s_listen' % name, "0.0.0.0")
self.port = getattr(CONF, '%s_listen_port' % name, 0)
self.use_ssl = getattr(CONF, '%s_use_ssl' % name, False)
self.workers = (getattr(CONF, '%s_workers' % name, None) or
processutils.get_worker_count())
if self.workers and self.workers < 1:
worker_name = '%s_workers' % name
msg = (_("%(worker_name)s value of %(workers)s is invalid, "
"must be greater than 0") %
{'worker_name': worker_name,
'workers': str(self.workers)})
raise exception.InvalidInput(msg)
self.server = wsgi.Server(name,
self.app,
host=self.host,
port=self.port,
use_ssl=self.use_ssl,
max_url_len=max_url_len)
# Pull back actual port used
self.port = self.server.port
Example #19
| Source File: service.py From ec2-api with Apache License 2.0 | 5 votes |
|
def serve(server, workers=None):
global _launcher
if _launcher:
raise RuntimeError(_('serve() can only be called once'))
_launcher = service.launch(CONF, server, workers=workers)
Example #20
| Source File: utils.py From kuryr-kubernetes with Apache License 2.0 | 5 votes |
|
def get_leader_name():
url = 'http://localhost:%d' % CONF.kubernetes.controller_ha_elector_port
try:
return requests.get(url).json()['name']
except Exception:
LOG.exception('Error when fetching current leader pod name.')
# NOTE(dulek): Assuming there's no leader when we can't contact leader
# elector container.
return None
Example #21
| Source File: test_metadata_api.py From ec2-api with Apache License 2.0 | 5 votes |
|
def _init_cache_region(self):
self.cache_region = cache_core.create_region()
cache_core.configure_cache_region(CONF, self.cache_region)
Example #22
| Source File: s3server.py From ec2-api with Apache License 2.0 | 5 votes |
|
def get_wsgi_server():
return wsgi.Server("S3 Objectstore",
S3Application(CONF.buckets_path),
port=CONF.s3_listen_port,
host=CONF.s3_listen)
Example #23
| Source File: test_middleware.py From ec2-api with Apache License 2.0 | 5 votes |
|
def test_communication_failure(self, mock_request):
req = wsgi.Request.blank('/test')
req.GET['Signature'] = 'test-signature'
req.GET['AWSAccessKeyId'] = 'test-key-id'
resp = self.kauth(req)
self._validate_ec2_error(resp, 400, 'AuthFailure')
mock_request.assert_called_with('POST',
CONF.keystone_ec2_tokens_url,
data=mock.ANY, headers=mock.ANY)
Example #24
| Source File: test_context.py From ec2-api with Apache License 2.0 | 5 votes |
|
def test_get_os_admin_context(self, session, auth):
conf = config_fixture.Config()
clients._admin_session = None
conf.config(auth_type='fake', group=GROUP_AUTHTOKEN)
imp.reload(ec2_context)
# NOTE(ft): initialize a regular context to populate oslo_context's
# local storage to prevent admin context to populate it.
# Used to implicitly validate overwrite=False argument of the call
# RequestContext constructor from inside get_os_admin_context
if not context.get_current():
ec2_context.RequestContext(None, None)
ctx = ec2_context.get_os_admin_context()
conf = cfg.CONF
auth.assert_called_once_with(conf, GROUP_AUTHTOKEN)
auth_plugin = auth.return_value
session.assert_called_once_with(conf, GROUP_AUTHTOKEN,
auth=auth_plugin)
self.assertIsNone(ctx.user_id)
self.assertIsNone(ctx.project_id)
self.assertIsNone(ctx.auth_token)
self.assertEqual([], ctx.service_catalog)
self.assertTrue(ctx.is_os_admin)
self.assertIsNotNone(ctx.session)
self.assertIsNotNone(ctx.session.auth)
self.assertNotEqual(context.get_current(), ctx)
session.reset_mock()
ec2_context.get_os_admin_context()
self.assertFalse(session.called)
Example #25
| Source File: api.py From ec2-api with Apache License 2.0 | 5 votes |
|
def _db_api(self):
if not self.__db_api:
ec2_db_api = db_api.DBAPI(CONF.database.backend,
backend_mapping=_BACKEND_MAPPING)
if CONF.database.use_tpool:
self.__db_api = tpool.Proxy(ec2_db_api)
else:
self.__db_api = ec2_db_api
return self.__db_api
Example #26
| Source File: api.py From ec2-api with Apache License 2.0 | 5 votes |
|
def get_metadata_item(context, path_tokens, os_instance_id, remote_ip,
cache_region):
version = path_tokens[0]
if version == "latest":
version = VERSIONS[-1]
elif version not in VERSIONS:
raise exception.EC2MetadataNotFound()
cache_key = 'ec2api-metadata-%s' % os_instance_id
cache = cache_region.get(
cache_key, expiration_time=CONF.metadata.cache_expiration)
if cache and cache != cache_core.NO_VALUE:
_check_instance_owner(context, os_instance_id, cache['owner_id'])
LOG.debug("Using cached metadata for instance %s", os_instance_id)
else:
ec2_instance, ec2_reservation = (
_get_ec2_instance_and_reservation(context, os_instance_id))
_check_instance_owner(context, os_instance_id,
ec2_reservation['ownerId'])
metadata = _build_metadata(context, ec2_instance, ec2_reservation,
os_instance_id, remote_ip)
cache = {'metadata': metadata,
'owner_id': ec2_reservation['ownerId']}
cache_region.set(cache_key, cache)
metadata = cache['metadata']
metadata = _cut_down_to_version(metadata, version)
metadata_item = _find_path_in_tree(metadata, path_tokens[1:])
return _format_metadata_item(metadata_item)
Example #27
| Source File: __init__.py From ec2-api with Apache License 2.0 | 5 votes |
|
def _sign_instance_id(self, instance_id):
return hmac.new(
CONF.metadata.metadata_proxy_shared_secret.encode("utf-8"),
instance_id.encode(),
hashlib.sha256).hexdigest()
Example #28
| Source File: exception.py From ec2-api with Apache License 2.0 | 5 votes |
|
def __init__(self, message=None, **kwargs):
self.kwargs = kwargs
if not message:
try:
message = self.msg_fmt % kwargs
except Exception:
exc_info = sys.exc_info()
# kwargs doesn't match a variable in the message
# log the issue and the kwargs
LOG.exception('Exception in string format operation for '
'%s exception', self.__class__.__name__)
for name, value in kwargs.items():
LOG.error('%s: %s' % (name, value))
if CONF.fatal_exception_format_errors:
six.reraise(*exc_info)
else:
# at least get the core message out if something happened
message = self.msg_fmt
elif not isinstance(message, six.string_types):
LOG.error("Message '%(msg)s' for %(ex)s exception is not "
"a string",
{'msg': message, 'ex': self.__class__.__name__})
if CONF.fatal_exception_format_errors:
raise TypeError(_('Invalid exception message format'))
else:
message = self.msg_fmt
super(EC2APIException, self).__init__(message)
Example #29
| Source File: security_group.py From ec2-api with Apache License 2.0 | 5 votes |
|
def authorize_security_group_ingress(context, group_id=None,
group_name=None, ip_permissions=None):
if group_name and not group_id and CONF.disable_ec2_classic:
sg = describe_security_groups(
context,
group_name=[group_name])['securityGroupInfo'][0]
group_id = sg['groupId']
group_name = None
return _authorize_security_group(context, group_id, group_name,
ip_permissions, 'ingress')
Example #30
| Source File: security_group.py From ec2-api with Apache License 2.0 | 5 votes |
|
def is_selected_item(self, context, os_item_name, item):
if item and item['id'] in self.ids:
return True
if os_item_name in self.names:
if not CONF.disable_ec2_classic:
return (not item or not item['vpc_id'])
else:
return (self.default_vpc_id and item and
item['vpc_id'] == self.default_vpc_id)
return False
