bug fixes and improvements
diff --git a/planetstack/observer/steps/sync_site_privileges.py b/planetstack/observer/steps/sync_site_privileges.py
index 922f579..cf838cf 100644
--- a/planetstack/observer/steps/sync_site_privileges.py
+++ b/planetstack/observer/steps/sync_site_privileges.py
@@ -4,7 +4,7 @@
from planetstack.config import Config
from observer.openstacksyncstep import OpenStackSyncStep
from core.models.site import *
-from core.models.user import UserDeployments
+from core.models.user import User, UserDeployments
class SyncSitePrivileges(OpenStackSyncStep):
requested_interval=0
diff --git a/planetstack/observer/steps/sync_slice_deployments.py b/planetstack/observer/steps/sync_slice_deployments.py
index b02466d..9751a08 100644
--- a/planetstack/observer/steps/sync_slice_deployments.py
+++ b/planetstack/observer/steps/sync_slice_deployments.py
@@ -69,14 +69,27 @@
if not deployment_users:
logger.info("slice createor %s has not accout at deployment %s" % (slice_deployment.slice.creator, slice_deployment.deployment.name))
else:
+ deployment_user = deployment_users[0]
# lookup user id at this deployment
kuser= driver.shell.keystone.users.find(email=slice_deployment.slice.creator.email)
- driver.add_user_role(kuser.id, tenant.id, 'admin')
+ # add required roles at the slice's tenant
+ driver.add_user_role(kuser.id, tenant.id, 'admin')
+
# refresh credentials using this tenant
- client_driver = self.driver.client_driver(tenant=tenant.name,
+ client_driver = self.driver.client_driver(caller=deployment_user.user,
+ tenant=tenant.name,
deployment=slice_deployment.deployment.name)
+ # create a public key for the slice creator
+ if deployment_user.user.public_key:
+ keyname = deployment_user.user.email.lower().replace('@', 'AT').replace('.', '') +\
+ slice_deployment.slice.name
+ slice_deployment.keyname = keyname
+ key_fields = {'name': keyname,
+ 'public_key': deployment_user.user.public_key}
+ client_driver.create_keypair(**key_fields)
+
# create network
network = client_driver.create_network(slice_deployment.slice.name)
slice_deployment.network_id = network['id']
diff --git a/planetstack/observer/steps/sync_slivers.py b/planetstack/observer/steps/sync_slivers.py
index d832b7d..391cdd8 100644
--- a/planetstack/observer/steps/sync_slivers.py
+++ b/planetstack/observer/steps/sync_slivers.py
@@ -4,7 +4,7 @@
from planetstack.config import Config
from observer.openstacksyncstep import OpenStackSyncStep
from core.models.sliver import Sliver
-from core.models.slice import SlicePrivilege
+from core.models.slice import SlicePrivilege, SliceDeployments
class SyncSlivers(OpenStackSyncStep):
provides=[Sliver]
@@ -49,9 +49,18 @@
for image in images:
if image['name'] == sliver.image.name:
image_id = image['id']
-
+
+ # look up key name at the deployment
+ keyname = None
+ slice_deployments = SliceDeployments.objects.filter(slice = sliver.slice,
+ deployment = sliver.deploymentNetwork)
+ for slice_deployment in slice_deployments:
+ if slice_deployment.keyname:
+ keyname = slice_deployment.keyname
+ break
+
instance = driver.spawn_instance(name=sliver.name,
- key_name = sliver.creator.keyname,
+ key_name = keyname,
image_id = image_id,
hostname = sliver.node.name,
pubkeys = pubkeys,
diff --git a/planetstack/observer/steps/sync_user_deployments.py b/planetstack/observer/steps/sync_user_deployments.py
index ad1363d..5c04003 100644
--- a/planetstack/observer/steps/sync_user_deployments.py
+++ b/planetstack/observer/steps/sync_user_deployments.py
@@ -25,12 +25,8 @@
for site_deployment in site_deployments:
site_deploy_lookup[site_deployment.site].append(site_deployment.deployment)
- user_deployments = UserDeployments.objects.all()
- user_deploy_lookup = defaultdict(list)
- for user_deployment in user_deployments:
- user_deploy_lookup[user_deployment.user].append(user_deployment.deployment)
-
- for user in User.objects.all():
+ user_deployments = []
+ for user in User.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None)):
if user.is_admin:
# admins should have an account at all deployments
expected_deployments = deployments
@@ -38,12 +34,10 @@
# normal users should have an account at their site's deployments
expected_deployments = site_deploy_lookup[user.site]
for expected_deployment in expected_deployments:
- if expected_deployment not in user_deploy_lookup[user]:
- ud = UserDeployments(user=user, deployment=expected_deployment)
- ud.save()
+ ud = UserDeployments(user=user, deployment=expected_deployment)
+ user_deployments.append(ud)
- # now we can return all slice deployments that need to be enacted
- return UserDeployments.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None))
+ return user_deployments
def sync_record(self, user_deployment):
logger.info("sync'ing user %s at deployment %s" % (user_deployment.user, user_deployment.deployment.name))
@@ -59,7 +53,7 @@
else:
driver.update_user(user_deployment.kuser_id, user_fields)
- # setup user deployment site roles
+ # setup user deployment home site roles
if user_deployment.user.site:
site_deployments = SiteDeployments.objects.filter(site=user_deployment.user.site,
deployment=user_deployment.deployment)
@@ -74,11 +68,17 @@
# may have admin role so attempt to remove it
driver.delete_user_role(user_deployment.kuser_id, tenant_id, 'admin')
- if user_deployment.user.public_key:
- user_driver = driver.client_driver(caller=user, tenant=user.site.login_base,
- deployment=user_deployment.deployment.name)
- key_fields = {'name': user_deployment.user.keyname,
- 'public_key': user_deployment.user.public_key}
- user_driver.create_keypair(**key_fields)
+ #if user_deployment.user.public_key:
+ # if not user_deployment.user.keyname:
+ # keyname = user_deployment.user.email.lower().replace('@', 'AT').replace('.', '')
+ # user_deployment.user.keyname = keyname
+ # user_deployment.user.save()
+ #
+ # user_driver = driver.client_driver(caller=user_deployment.user,
+ # tenant=user_deployment.user.site.login_base,
+ # deployment=user_deployment.deployment.name)
+ # key_fields = {'name': user_deployment.user.keyname,
+ # 'public_key': user_deployment.user.public_key}
+ # user_driver.create_keypair(**key_fields)
user_deployment.save()