From ef99a3c3facb02efda714e9ab9ee710de03fb70e Mon Sep 17 00:00:00 2001 From: John Dewey Date: Fri, 22 Nov 2013 21:37:47 -0800 Subject: [PATCH] Nova doesn't attempt to auth on obj instantiation Need to call nova.authenticate() to validate credentials. --- cloud/nova_compute | 38 ++++++++++++++++++++++---------------- cloud/nova_keypair | 19 ++++++++++++++----- 2 files changed, 36 insertions(+), 21 deletions(-) diff --git a/cloud/nova_compute b/cloud/nova_compute index e6b550cd184..411a4f451b6 100644 --- a/cloud/nova_compute +++ b/cloud/nova_compute @@ -2,6 +2,7 @@ #coding: utf-8 -*- # (c) 2013, Benno Joy +# (c) 2013, John Dewey # # This module is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -18,6 +19,7 @@ try: from novaclient.v1_1 import client as nova_client + from novaclient import exceptions import time except ImportError: print("failed=True msg='novaclient is required for this module'") @@ -87,7 +89,7 @@ options: default: None nics: description: - - A list of network id's to which the VM's interface should be attached + - A list of network id's to which the VM's interface should be attached required: false default: None meta: @@ -177,7 +179,7 @@ def _create_server(module, nova): if server.status == 'ERROR': module.fail_json(msg = "Error in creating the server, please check logs") time.sleep(2) - + module.fail_json(msg = "Timeout waiting for the server to come up.. Please check manually") if server.status == 'ERROR': module.fail_json(msg = "Error in creating the server.. Please check manually") @@ -185,7 +187,7 @@ def _create_server(module, nova): public = [ x['addr'] for x in getattr(server, 'addresses').itervalues().next() if x['OS-EXT-IPS:type'] == 'floating'] module.exit_json(changed = True, id = info['id'], private_ip=''.join(private), public_ip=''.join(public), status = server.status, info = server._info) - + def _get_server_state(module, nova): server = None try: @@ -199,15 +201,15 @@ def _get_server_state(module, nova): module.fail_json( msg="The VM is available but not Active. state:" + server.status) private = [ x['addr'] for x in getattr(server, 'addresses').itervalues().next() if 'OS-EXT-IPS:type' in x and x['OS-EXT-IPS:type'] == 'fixed'] public = [ x['addr'] for x in getattr(server, 'addresses').itervalues().next() if 'OS-EXT-IPS:type' in x and x['OS-EXT-IPS:type'] == 'floating'] - module.exit_json(changed = False, id = server.id, public_ip = ''.join(public), private_ip = ''.join(private), info = server._info) + module.exit_json(changed = False, id = server.id, public_ip = ''.join(public), private_ip = ''.join(private), info = server._info) if server and module.params['state'] == 'absent': return True if module.params['state'] == 'absent': module.exit_json(changed = False, result = "not present") return True - - + + def main(): module = AnsibleModule( argument_spec = dict( @@ -217,7 +219,7 @@ def main(): auth_url = dict(default='http://127.0.0.1:35357/v2.0/'), region_name = dict(default=None), name = dict(required=True), - image_id = dict(default=None), + image_id = dict(default=None), flavor_id = dict(default=1), key_name = dict(default=None), security_groups = dict(default='default'), @@ -228,15 +230,19 @@ def main(): state = dict(default='present', choices=['absent', 'present']) ), ) - + + nova = nova_client.Client(module.params['login_username'], + module.params['login_password'], + module.params['login_tenant_name'], + module.params['auth_url'], + service_type='compute') try: - nova = nova_client.Client( module.params['login_username'], - module.params['login_password'], - module.params['login_tenant_name'], - module.params['auth_url'], - service_type='compute') - except Exception as e: - module.fail_json( msg = "Error in authenticating to nova: %s" % e.message) + nova.authenticate() + except exc.Unauthorized as e: + module.fail_json(msg = "Invalid OpenStack Nova credentials.: %s" % e.message) + except exc.AuthorizationFailure as e: + module.fail_json(msg = "Unable to authorize user: %s" % e.message) + if module.params['state'] == 'present': if not module.params['image_id']: module.fail_json( msg = "Parameter 'image_id' is required if state == 'present'") @@ -246,7 +252,7 @@ def main(): if module.params['state'] == 'absent': _get_server_state(module, nova) _delete_server(module, nova) - + # this is magic, see lib/ansible/module.params['common.py #<> main() diff --git a/cloud/nova_keypair b/cloud/nova_keypair index 3d332a03fc3..1262e93eb27 100644 --- a/cloud/nova_keypair +++ b/cloud/nova_keypair @@ -2,6 +2,7 @@ #coding: utf-8 -*- # (c) 2013, Benno Joy +# (c) 2013, John Dewey # # This module is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -18,6 +19,7 @@ try: from novaclient.v1_1 import client + from novaclient import exceptions import time except ImportError: print("failed=True msg='novaclient is required for this module to work'") @@ -97,12 +99,19 @@ def main(): state = dict(default='present', choices=['absent', 'present']) ), ) - + + nova = nova_client.Client(module.params['login_username'], + module.params['login_password'], + module.params['login_tenant_name'], + module.params['auth_url'], + service_type='compute') try: - nova = client.Client(module.params['login_username'], module.params['login_password'], - module.params['login_tenant_name'], module.params['auth_url'], service_type='compute') - except Exception as e: - module.fail_json( msg = " Error in authenticating to nova: %s" % e.message) + nova.authenticate() + except exc.Unauthorized as e: + module.fail_json(msg = "Invalid OpenStack Nova credentials.: %s" % e.message) + except exc.AuthorizationFailure as e: + module.fail_json(msg = "Unable to authorize user: %s" % e.message) + if module.params['state'] == 'present': for key in nova.keypairs.list(): if key.name == module.params['name']: