Since: 06.12.2012
Author: Vitaliy Demidov (vitaliy@scalr.com)
Example #1
0
 /**
  * Creates token from the response
  *
  * @param   ClientResponseInterface $response The response instance
  * @param   OpenStackConfig         $config   The openstack config
  *
  * @return \Scalr\Service\OpenStack\Client\AuthToken
  *
  * @throws  NotSupportedException
  */
 public static function makeToken(ClientResponseInterface $response, OpenStackConfig $config = null)
 {
     $version = $config === null ? 2 : $config->getIdentityVersion();
     switch ($version) {
         case 2:
             return LoaderV2::loadJson($response);
         case 3:
             return LoaderV3::loadJson($response);
         default:
             throw new NotSupportedException("OpenStack API v{$version} is not supported!");
     }
 }
Example #2
0
 /**
  * {@inheritdoc}
  * @see RequestInterface::makeRequest()
  */
 public function makeRequest(OpenStackConfig $config)
 {
     if (!empty($config->getApiKey())) {
         $requestBody = ['auth' => ["RAX-KSKEY:apiKeyCredentials" => ['username' => $config->getUsername(), 'apiKey' => $config->getApiKey()]]];
     } else {
         if (!empty($config->getPassword())) {
             $requestBody = ['auth' => ["passwordCredentials" => ['username' => $config->getUsername(), 'password' => $config->getPassword()]]];
         } else {
             throw new OpenStackException('Neither api key nor password was provided for the OpenStack config.');
         }
     }
     if ($config->getTenantName() !== null) {
         $requestBody['auth']['tenantName'] = $config->getTenantName();
     }
     return $requestBody;
 }
Example #3
0
 /**
  * List tenants action
  *
  * @param   Marker $marker  Marker Data.
  * @return  array  Return tenants list
  */
 public function listTenants(Marker $marker = null)
 {
     $result = null;
     if ($marker !== null) {
         $options = $marker->getQueryData();
     } else {
         $options = array();
     }
     $response = $this->getClient()->call($this->config->getIdentityEndpoint(), '/tenants', $options);
     if ($response->hasError() === false) {
         $result = json_decode($response->getContent());
         $result = $result->tenants;
     }
     return $result;
 }
 public function _keystoneUrl($from, $to, $action)
 {
     switch ($action) {
         case static::ACT_CONVERT_TO_OBJECT:
             /* @var $from Entity\CloudCredentials */
             $to->keystoneUrl = $from->properties[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL];
             break;
         case static::ACT_CONVERT_TO_ENTITY:
             /* @var $to Entity\CloudCredentials */
             $to->properties[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL] = $from->keystoneUrl;
             $to->properties[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION] = OpenStackConfig::parseIdentityVersion($from->keystoneUrl);
             break;
         case static::ACT_GET_FILTER_CRITERIA:
             return [[]];
     }
 }
Example #5
0
 /**
  * {@inheritdoc}
  * @see LoaderInterface::loadJson()
  */
 public static function loadJson(ClientResponseInterface $response)
 {
     $token = $response->getHeader('X-Subject-Token');
     $jsonString = $response->getContent();
     $obj = json_decode($jsonString);
     if (empty($token)) {
         $invalid = true;
     }
     if (isset($invalid) || !isset($obj->token->expires_at)) {
         throw new InvalidArgumentException("Malformed JSON document " . (string) $jsonString);
     }
     $regions = $services = [];
     if (!empty($obj->token->catalog)) {
         foreach ($obj->token->catalog as $srv) {
             foreach ($srv->endpoints as $srvEndpoint) {
                 $url = $srvEndpoint->url;
                 $srvVersion = OpenStackConfig::parseIdentityVersion($url);
                 if (isset($srvEndpoint->region)) {
                     $regions[$srvEndpoint->region] = true;
                     $endpointRegion = $srvEndpoint->region;
                 } else {
                     $endpointRegion = '';
                 }
                 if (!isset($services[$srv->type][$endpointRegion][$srvVersion])) {
                     $services[$srv->type][$endpointRegion][$srvVersion] = [];
                 }
                 $srvEndpoint->publicURL = $url;
                 //Interface - can be public, internal or admin
                 $services[$srv->type][$endpointRegion][$srvVersion][$srvEndpoint->interface] = $srvEndpoint;
             }
         }
     }
     $regions = array_keys($regions);
     $ret = new AuthToken();
     $ret->setExpires(new DateTime($obj->token->expires_at))->setId($token)->setAuthDocument($obj)->setRegionEndpoints($services)->setZones($regions);
     if (isset($obj->token->project->id)) {
         $ret->setTenantId($obj->token->project->id);
     }
     if (isset($obj->token->project->name)) {
         $ret->setTenantName($obj->token->project->name);
     }
     return $ret;
 }
Example #6
0
 /**
  * {@inheritdoc}
  * @see RequestInterface::makeRequest()
  */
 public function makeRequest(OpenStackConfig $config)
 {
     if ($config->getApiKey() !== null) {
         $requestBody = ['auth' => ['identity' => ['methods' => ['token'], 'token' => ['id' => $config->getApiKey()]]]];
     } else {
         if ($config->getPassword() !== null) {
             $requestBody = ['auth' => ['identity' => ['methods' => ['password'], 'password' => ['user' => ['password' => $config->getPassword()]]]]];
             if ($config->getUserId()) {
                 $requestBody['auth']['identity']['password']['user']['id'] = $config->getUserId();
             } else {
                 if ($config->getUsername()) {
                     $requestBody['auth']['identity']['password']['user']['name'] = $config->getUsername();
                 } else {
                     throw new OpenStackException('Neither user name nor user id was provided for the OpenStack config.');
                 }
             }
         } else {
             throw new OpenStackException('Neither api key nor password was provided for the OpenStack config.');
         }
     }
     if ($config->getProjectId() !== null) {
         $requestBody['auth']['scope']['project']['id'] = $config->getProjectId();
     } else {
         if ($config->getTenantName() !== null) {
             $requestBody['auth']['scope']['project']['name'] = $config->getTenantName();
         }
     }
     return $requestBody;
 }
Example #7
0
 private function saveOpenstack()
 {
     $pars = array();
     $enabled = false;
     $platform = $this->getParam('platform');
     $currentCloudCredentials = $this->env->keychain($platform);
     $bNew = !$currentCloudCredentials->isEnabled();
     if (!$bNew) {
         $oldUrl = $currentCloudCredentials->properties[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL];
     }
     if ($this->getParam("{$platform}_is_enabled")) {
         $enabled = true;
         $pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL] = trim($this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL, 'string', 'KeyStone URL required', $platform));
         $pars[Entity\CloudCredentialsProperty::OPENSTACK_SSL_VERIFYPEER] = trim($this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_SSL_VERIFYPEER, 'bool', '', $platform));
         $pars[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_USERNAME, 'string', 'Username required', $platform);
         $pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD, 'password', '', $platform, false);
         $pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_API_KEY, 'string', '', $platform);
         $pars[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION] = OpenStackConfig::parseIdentityVersion($pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL]);
         $pars[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME, 'string', '', $platform);
         $pars[Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME] = $this->checkVar(Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME, 'string', '', $platform);
         if (empty($this->checkVarError) && empty($pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD]) && empty($pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY])) {
             $this->checkVarError['api_key'] = $this->checkVarError['password'] = '******';
         }
     }
     /* @var $config Yaml */
     $config = $this->env->getContainer()->config;
     if (isset($platform) && $config->defined("scalr.{$platform}.use_proxy") && $config("scalr.{$platform}.use_proxy") && in_array($config('scalr.connections.proxy.use_on'), ['both', 'scalr'])) {
         $proxySettings = $config('scalr.connections.proxy');
     } else {
         $proxySettings = null;
     }
     if (count($this->checkVarError)) {
         $this->response->failure();
         $this->response->data(array('errors' => $this->checkVarError));
     } else {
         if ($this->getParam($platform . "_is_enabled")) {
             $os = new OpenStack(new OpenStackConfig($pars[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL], 'fake-region', $pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY], null, null, $pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD], $pars[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION], $proxySettings));
             //It throws an exception on failure
             $zones = $os->listZones();
             $zone = array_shift($zones);
             $os = new OpenStack(new OpenStackConfig($pars[Entity\CloudCredentialsProperty::OPENSTACK_USERNAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL], $zone->name, $pars[Entity\CloudCredentialsProperty::OPENSTACK_API_KEY], null, null, $pars[Entity\CloudCredentialsProperty::OPENSTACK_PASSWORD], $pars[Entity\CloudCredentialsProperty::OPENSTACK_TENANT_NAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_DOMAIN_NAME], $pars[Entity\CloudCredentialsProperty::OPENSTACK_IDENTITY_VERSION], $proxySettings));
             // Check SG Extension
             $pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_SECURITYGROUPS_ENABLED] = (int) $os->servers->isExtensionSupported(ServersExtension::securityGroups());
             // Check Floating Ips Extension
             $pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_FLOATING_IPS_ENABLED] = (int) $os->servers->isExtensionSupported(ServersExtension::floatingIps());
             // Check Cinder Extension
             $pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_CINDER_ENABLED] = (int) $os->hasService('volume');
             // Check Swift Extension
             $pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_SWIFT_ENABLED] = (int) $os->hasService('object-store');
             // Check LBaas Extension
             $pars[Entity\CloudCredentialsProperty::OPENSTACK_EXT_LBAAS_ENABLED] = !in_array($platform, array(SERVER_PLATFORMS::RACKSPACENG_US, SERVER_PLATFORMS::RACKSPACENG_UK)) && $os->hasService('network') ? (int) $os->network->isExtensionSupported('lbaas') : 0;
         }
         $this->db->BeginTrans();
         try {
             $this->env->enablePlatform($platform, $enabled);
             if ($enabled) {
                 $this->makeCloudCredentials($platform, $pars);
                 if ($this->getContainer()->analytics->enabled && ($bNew || $oldUrl !== $pars[Entity\CloudCredentialsProperty::OPENSTACK_KEYSTONE_URL])) {
                     $this->getContainer()->analytics->notifications->onCloudAdd($platform, $this->env, $this->user);
                 }
             }
             if (!$this->user->getAccount()->getSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED)) {
                 $this->user->getAccount()->setSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED, time());
             }
             $this->response->success('Cloud credentials have been ' . ($enabled ? 'saved' : 'removed from Scalr'));
             $this->response->data(array('enabled' => $enabled));
         } catch (Exception $e) {
             $this->db->RollbackTrans();
             throw new Exception(_('Failed to save ' . ucfirst($platform) . ' settings'));
         }
         $this->db->CommitTrans();
     }
 }