Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def get_user_roles(self, uid, project_id=None):
"""Retrieve list of roles for user (or user and project)"""
if project_id is None:
roles = db.user_get_roles(context.get_admin_context(), uid)
return roles
else:
roles = db.user_get_roles_for_project(context.get_admin_context(),
uid, project_id)
return roles
keyfile = os.path.abspath(os.path.join(tmpdir, 'temp.key'))
csrfile = os.path.abspath(os.path.join(tmpdir, 'temp.csr'))
utils.execute('openssl', 'genrsa', '-out', keyfile, str(bits))
utils.execute('openssl', 'req', '-new', '-key', keyfile, '-out',
csrfile, '-batch', '-subj', subject)
with open(keyfile) as f:
private_key = f.read()
with open(csrfile) as f:
csr = f.read()
(serial, signed_csr) = sign_csr(csr, project_id)
fname = os.path.join(ca_folder(project_id), 'newcerts/%s.pem' % serial)
cert = {'user_id': user_id,
'project_id': project_id,
'file_name': fname}
db.certificate_create(context.get_admin_context(), cert)
return (private_key, signed_csr)
guest.name = instance['name']
guest.uuid = instance['uuid']
guest.memory = inst_type['memory_mb'] * 1024
guest.vcpus = inst_type['vcpus']
guest.cpu = self.get_guest_cpu_config()
root_device_name = driver.block_device_info_get_root(block_device_info)
if root_device_name:
root_device = block_device.strip_dev(root_device_name)
else:
# NOTE(yamahata):
# for nova.api.ec2.cloud.CloudController.get_metadata()
root_device = self.default_root_device
self.virtapi.instance_update(
nova_context.get_admin_context(), instance['uuid'],
{'root_device_name': '/dev/' + self.default_root_device})
guest.os_type = vm_mode.get_from_instance(instance)
if guest.os_type is None:
if CONF.libvirt_type == "lxc":
guest.os_type = vm_mode.EXE
elif CONF.libvirt_type == "uml":
guest.os_type = vm_mode.UML
elif CONF.libvirt_type == "xen":
guest.os_type = vm_mode.XEN
else:
guest.os_type = vm_mode.HVM
if CONF.libvirt_type == "xen" and guest.os_type == vm_mode.HVM:
guest.os_loader = CONF.xen_hvmloader_path
def _set_service_state(self, host, binary, is_disabled):
"Enables/Disables service on host"
ctxt = context.get_admin_context(read_deleted='no')
service = objects.Service.get_by_args(ctxt, host, binary)
service.disabled = is_disabled
service.save()
except exception.DBNotAllowed:
# This most likely means we are in a nova-compute service
# configured with [upgrade_levels]/compute=auto and a
# connection to the API database. We should not be attempting
# to "get out" of our cell to look at the minimum versions of
# nova-compute services in other cells, so DBNotAllowed was
# raised. Log a user-friendly message and re-raise the error.
with excutils.save_and_reraise_exception():
LOG.error('This service is configured for access to the '
'API database but is not allowed to directly '
'access the database. You should run this '
'service without the [api_database]/connection '
'config option.')
else:
service_version = objects.Service.get_minimum_version(
context.get_admin_context(), 'nova-compute')
history = service_obj.SERVICE_VERSION_HISTORY
# NOTE(johngarbutt) when there are no nova-compute services running we
# get service_version == 0. In that case we do not want to cache
# this result, because we will get a better answer next time.
# As a sane default, return the current version.
if service_version == 0:
if not NO_COMPUTES_WARNING:
# NOTE(danms): Only show this warning once
LOG.debug("Not caching compute RPC version_cap, because min "
"service_version is 0. Please ensure a nova-compute "
"service has been started. Defaulting to current "
"version.")
NO_COMPUTES_WARNING = True
return history[service_obj.SERVICE_VERSION]['compute_rpc']
def _persist(self):
LOG.debug(_('Entering _persist for host uuid '
+ self.compute_id))
api.vm_host_save(get_admin_context(), self.vmHost)
LOG.debug(_('Exiting _persist for host uuid '
+ self.compute_id))
def get_host_stats(self, refresh=False):
caps = []
context = nova_context.get_admin_context()
nodes = db.bm_node_get_all(context,
service_host=CONF.host)
for node in nodes:
res = self._node_resource(node)
nodename = str(node['uuid'])
data = {}
data['vcpus'] = res['vcpus']
data['vcpus_used'] = res['vcpus_used']
data['cpu_info'] = res['cpu_info']
data['disk_total'] = res['local_gb']
data['disk_used'] = res['local_gb_used']
data['disk_available'] = res['local_gb'] - res['local_gb_used']
data['host_memory_total'] = res['memory_mb']
data['host_memory_free'] = res['memory_mb'] - res['memory_mb_used']
data['hypervisor_type'] = res['hypervisor_type']
data['hypervisor_version'] = res['hypervisor_version']
"""Queries the API database for cell mappings.
.. note:: This method is unique in that it queries the database using
CellMappingList.get_all() rather than a direct query using
the sqlalchemy models. This is because
CellMapping.database_connection can be a template and the
object takes care of formatting the URL. We cannot use
RowProxy objects from sqlalchemy because we cannot set the
formatted 'database_connection' value back on those objects
(they are read-only).
:param include_cell0: True if cell0 should be returned, False if cell0
should be excluded from the results.
:returns: list of nova.objects.CellMapping objects
"""
ctxt = nova_context.get_admin_context()
cell_mappings = cell_mapping_obj.CellMappingList.get_all(ctxt)
if not include_cell0:
# Since CellMappingList does not implement remove() we have to
# create a new list and exclude cell0.
mappings = [mapping for mapping in cell_mappings
if not mapping.is_cell0()]
cell_mappings = cell_mapping_obj.CellMappingList(objects=mappings)
return cell_mappings
try:
node_id = q['i']
deploy_key = q['k']
address = q['a']
port = q.get('p', '3260')
iqn = q['n']
lun = q.get('l', '1')
err_msg = q.get('e')
except KeyError as e:
start_response('400 Bad Request', [('Content-type', 'text/plain')])
return "parameter '%s' is not defined" % e
if err_msg:
LOG.error(_('Deploy agent error message: %s'), err_msg)
context = nova_context.get_admin_context()
d = db.bm_node_get(context, node_id)
if d['deploy_key'] != deploy_key:
start_response('400 Bad Request', [('Content-type', 'text/plain')])
return 'key is not match'
params = {'address': address,
'port': port,
'iqn': iqn,
'lun': lun,
'image_path': d['image_path'],
'pxe_config_path': d['pxe_config_path'],
'root_mb': int(d['root_mb']),
'swap_mb': int(d['swap_mb']),
'ephemeral_mb': int(d['ephemeral_mb']),
'preserve_ephemeral': d['preserve_ephemeral'],
def get_user_data(self, address):
ctxt = context.get_admin_context()
try:
instance_ref = db.instance_get_by_fixed_ip(ctxt, address)
except exception.NotFound:
instance_ref = None
if not instance_ref:
return None
data = {'user-data': self._format_user_data(instance_ref)}
return data