[ONOS-7621] Use OpenstackAuth info to authenticate keystone in CLI
Change-Id: I862742de3cc2f7c711bfbd537a9251c3bdc19fb8
diff --git a/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/cli/OpenStackEndPointCompleter.java b/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/cli/OpenStackEndPointCompleter.java
deleted file mode 100644
index 0a42609..0000000
--- a/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/cli/OpenStackEndPointCompleter.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Copyright 2018-present Open Networking Foundation
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.onosproject.openstacknetworking.cli;
-
-
-import org.apache.karaf.shell.console.Completer;
-import org.apache.karaf.shell.console.completer.StringsCompleter;
-
-import java.util.List;
-import java.util.SortedSet;
-
-/**
- * OpenStack end point completer.
- */
-public class OpenStackEndPointCompleter implements Completer {
-
- private static final String OPENSTACK_ENDPOINT_EXAMPLE_V2 =
- "http://IP address of OpenStack end point:35357/v2.0 ProjectName ID Password [Perspective]";
- private static final String OPENSTACK_ENDPOINT_EXAMPLE_V3 =
- "http://IP address of OpenStack end point/identity/v3 ProjectName ID Password [Perspective]";
- private static final String SEPARATOR = "\n or \n";
-
- @Override
- public int complete(String buffer, int cursor, List<String> candidates) {
- StringsCompleter delegate = new StringsCompleter();
-
- SortedSet<String> strings = delegate.getStrings();
-
- strings.add(OPENSTACK_ENDPOINT_EXAMPLE_V2);
- strings.add(SEPARATOR);
- strings.add(OPENSTACK_ENDPOINT_EXAMPLE_V3);
-
- return delegate.complete(buffer, cursor, candidates);
- }
-}
diff --git a/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/cli/OpenstackSyncStateCommand.java b/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/cli/OpenstackSyncStateCommand.java
index d85f39e..b1e57be 100644
--- a/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/cli/OpenstackSyncStateCommand.java
+++ b/apps/openstacknetworking/app/src/main/java/org/onosproject/openstacknetworking/cli/OpenstackSyncStateCommand.java
@@ -17,12 +17,14 @@
import com.fasterxml.jackson.databind.JsonNode;
import com.google.common.base.Strings;
-import org.apache.karaf.shell.commands.Argument;
import org.apache.karaf.shell.commands.Command;
import org.onosproject.cli.AbstractShellCommand;
import org.onosproject.openstacknetworking.api.OpenstackNetworkAdminService;
import org.onosproject.openstacknetworking.api.OpenstackRouterAdminService;
import org.onosproject.openstacknetworking.api.OpenstackSecurityGroupAdminService;
+import org.onosproject.openstacknode.api.OpenstackAuth;
+import org.onosproject.openstacknode.api.OpenstackNode;
+import org.onosproject.openstacknode.api.OpenstackNodeService;
import org.openstack4j.api.OSClient;
import org.openstack4j.api.client.IOSClientBuilder;
import org.openstack4j.api.exceptions.AuthenticationException;
@@ -43,14 +45,15 @@
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
import java.io.IOException;
+import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Objects;
+import java.util.Optional;
import java.util.stream.Collectors;
-import javax.net.ssl.X509TrustManager;
-import java.security.cert.X509Certificate;
-
+import static org.onosproject.openstacknode.api.OpenstackNode.NodeType.CONTROLLER;
import static org.openstack4j.core.transport.ObjectMapperSingleton.getContext;
/**
@@ -60,26 +63,6 @@
description = "Synchronizes all OpenStack network states")
public class OpenstackSyncStateCommand extends AbstractShellCommand {
- @Argument(index = 0, name = "endpoint", description = "OpenStack service endpoint",
- required = true, multiValued = false)
- private String endpoint = null;
-
- @Argument(index = 1, name = "tenant", description = "OpenStack admin tenant name",
- required = true, multiValued = false)
- private String tenant = null;
-
- @Argument(index = 2, name = "user", description = "OpenStack admin user name",
- required = true, multiValued = false)
- private String user = null;
-
- @Argument(index = 3, name = "password", description = "OpenStack admin user password",
- required = true, multiValued = false)
- private String password = null;
-
- @Argument(index = 4, name = "perspective", description = "OpenStack endpoint perspective",
- required = false, multiValued = false)
- private String perspective = null;
-
private static final String DOMAIN_DEFUALT = "default";
private static final String SECURITY_GROUP_FORMAT = "%-40s%-20s";
@@ -100,47 +83,56 @@
OpenstackSecurityGroupAdminService osSgAdminService = get(OpenstackSecurityGroupAdminService.class);
OpenstackNetworkAdminService osNetAdminService = get(OpenstackNetworkAdminService.class);
OpenstackRouterAdminService osRouterAdminService = get(OpenstackRouterAdminService.class);
+ OpenstackNodeService osNodeService = get(OpenstackNodeService.class);
+
+ Optional<OpenstackNode> node = osNodeService.nodes(CONTROLLER).stream().findFirst();
+ if (!node.isPresent()) {
+ error("Keystone auth info has not been configured. " +
+ "Please specify auth info via network-cfg.json.");
+ return;
+ }
+
+ OpenstackAuth auth = node.get().authentication();
+ String endpoint = buildEndpoint(node.get());
+ OpenstackAuth.Perspective perspective = auth.perspective();
+
+ log.info("Access the ENDPOINT: {}, with AUTH_INFO username: {}, password: {}, project: {}",
+ endpoint, auth.username(), auth.password(), auth.project());
OSClient osClient;
-
Config config = getSslConfig();
try {
- if (endpoint != null) {
- if (endpoint.contains(KEYSTONE_V2)) {
- IOSClientBuilder.V2 builder = OSFactory.builderV2()
- .endpoint(this.endpoint)
- .tenantName(this.tenant)
- .credentials(this.user, this.password)
- .withConfig(config);
+ if (endpoint.contains(KEYSTONE_V2)) {
+ IOSClientBuilder.V2 builder = OSFactory.builderV2()
+ .endpoint(endpoint)
+ .tenantName(auth.project())
+ .credentials(auth.username(), auth.password())
+ .withConfig(config);
- if (perspective != null) {
- builder.perspective(getFacing(perspective));
- }
-
- osClient = builder.authenticate();
- } else if (endpoint.contains(KEYSTONE_V3)) {
-
- Identifier project = Identifier.byName(this.tenant);
- Identifier domain = Identifier.byName(DOMAIN_DEFUALT);
-
- IOSClientBuilder.V3 builder = OSFactory.builderV3()
- .endpoint(this.endpoint)
- .credentials(this.user, this.password, domain)
- .scopeToProject(project, domain)
- .withConfig(config);
-
- if (perspective != null) {
- builder.perspective(getFacing(perspective));
- }
-
- osClient = builder.authenticate();
- } else {
- print("Unrecognized keystone version type");
- return;
+ if (perspective != null) {
+ builder.perspective(getFacing(perspective));
}
+
+ osClient = builder.authenticate();
+ } else if (endpoint.contains(KEYSTONE_V3)) {
+
+ Identifier project = Identifier.byName(auth.project());
+ Identifier domain = Identifier.byName(DOMAIN_DEFUALT);
+
+ IOSClientBuilder.V3 builder = OSFactory.builderV3()
+ .endpoint(endpoint)
+ .credentials(auth.username(), auth.password(), domain)
+ .scopeToProject(project, domain)
+ .withConfig(config);
+
+ if (perspective != null) {
+ builder.perspective(getFacing(perspective));
+ }
+
+ osClient = builder.authenticate();
} else {
- print("Need to specify a valid endpoint");
+ print("Unrecognized keystone version type");
return;
}
} catch (AuthenticationException e) {
@@ -244,6 +236,27 @@
});
}
+ private String buildEndpoint(OpenstackNode node) {
+
+ OpenstackAuth auth = node.authentication();
+
+ StringBuilder endpointSb = new StringBuilder();
+ endpointSb.append(auth.protocol().name().toLowerCase());
+ endpointSb.append("://");
+ endpointSb.append(node.managementIp());
+ endpointSb.append(":");
+ endpointSb.append(auth.port());
+ endpointSb.append("/");
+
+ // in case the version is v3, we need to append identity path into endpoint
+ if (auth.version().equals("v3")) {
+ endpointSb.append("identity/");
+ }
+
+ endpointSb.append(auth.version());
+ return endpointSb.toString();
+ }
+
private void printNetwork(Network osNet) {
final String strNet = String.format(NETWORK_FORMAT,
osNet.getId(),
@@ -341,18 +354,14 @@
return config;
}
- private Facing getFacing(String strFacing) {
+ private Facing getFacing(OpenstackAuth.Perspective perspective) {
- if (strFacing == null) {
- return null;
- }
-
- switch (strFacing) {
- case "public":
+ switch (perspective) {
+ case PUBLIC:
return Facing.PUBLIC;
- case "admin":
+ case ADMIN:
return Facing.ADMIN;
- case "internal":
+ case INTERNAL:
return Facing.INTERNAL;
default:
return null;
diff --git a/apps/openstacknetworking/app/src/main/resources/OSGI-INF/blueprint/shell-config.xml b/apps/openstacknetworking/app/src/main/resources/OSGI-INF/blueprint/shell-config.xml
index a525e86..d3884df 100644
--- a/apps/openstacknetworking/app/src/main/resources/OSGI-INF/blueprint/shell-config.xml
+++ b/apps/openstacknetworking/app/src/main/resources/OSGI-INF/blueprint/shell-config.xml
@@ -32,9 +32,6 @@
</command>
<command>
<action class="org.onosproject.openstacknetworking.cli.OpenstackSyncStateCommand"/>
- <completers>
- <ref component-id="openStackEndPointCompleter"/>
- </completers>
</command>
<command>
<action class="org.onosproject.openstacknetworking.cli.OpenstackSecurityGroupListCommand"/>
@@ -73,5 +70,4 @@
<bean id="ipAddressCompleter" class="org.onosproject.openstacknetworking.cli.IpAddressCompleter"/>
<bean id="macAddressCompleter" class="org.onosproject.openstacknetworking.cli.MacAddressCompleter"/>
<bean id="vlanIdCompleter" class="org.onosproject.openstacknetworking.cli.VlanIdCompleter"/>
- <bean id="openStackEndPointCompleter" class="org.onosproject.openstacknetworking.cli.OpenStackEndPointCompleter"/>
</blueprint>