1
# vim: tabstop=4 shiftwidth=4 softtabstop=4
3
# Copyright 2013 Red Hat, Inc
6
# Licensed under the Apache License, Version 2.0 (the "License"); you may
7
# not use this file except in compliance with the License. You may obtain
8
# a copy of the License at
10
# http://www.apache.org/licenses/LICENSE-2.0
12
# Unless required by applicable law or agreed to in writing, software
13
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
14
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
15
# License for the specific language governing permissions and limitations
24
from oslo.config import cfg
26
from glance.common import exception
27
import glance.openstack.common.log as logging
28
from glance.registry.client.v2 import client
30
LOG = logging.getLogger(__name__)
32
registry_client_opts = [
33
cfg.StrOpt('registry_client_protocol', default='http',
34
help=_('The protocol to use for communication with the '
35
'registry server. Either http or https.')),
36
cfg.StrOpt('registry_client_key_file',
37
help=_('The path to the key file to use in SSL connections '
38
'to the registry server.')),
39
cfg.StrOpt('registry_client_cert_file',
40
help=_('The path to the cert file to use in SSL connections '
41
'to the registry server.')),
42
cfg.StrOpt('registry_client_ca_file',
43
help=_('The path to the certifying authority cert file to '
44
'use in SSL connections to the registry server.')),
45
cfg.BoolOpt('registry_client_insecure', default=False,
46
help=_('When using SSL in connections to the registry server, '
47
'do not require validation via a certifying '
49
cfg.IntOpt('registry_client_timeout', default=600,
50
help=_('The period of time, in seconds, that the API server '
51
'will wait for a registry request to complete. A '
52
'value of 0 implies no timeout.')),
55
registry_client_ctx_opts = [
56
cfg.StrOpt('admin_user', secret=True,
57
help=_('The administrators user name.')),
58
cfg.StrOpt('admin_password', secret=True,
59
help=_('The administrators password.')),
60
cfg.StrOpt('admin_tenant_name', secret=True,
61
help=_('The tenant name of the adminstrative user.')),
62
cfg.StrOpt('auth_url',
63
help=_('The URL to the keystone service.')),
64
cfg.StrOpt('auth_strategy', default='noauth',
65
help=_('The strategy to use for authentication.')),
66
cfg.StrOpt('auth_region',
67
help=_('The region for the authentication service.')),
71
CONF.register_opts(registry_client_opts)
72
CONF.register_opts(registry_client_ctx_opts)
80
def configure_registry_client():
82
Sets up a registry client for use in registry lookups
84
global _CLIENT_KWARGS, _CLIENT_HOST, _CLIENT_PORT
86
host, port = CONF.registry_host, CONF.registry_port
87
except cfg.ConfigFileValueError:
88
msg = _("Configuration option was not valid")
90
raise exception.BadRegistryConnectionConfiguration(msg)
92
msg = _("Could not find required configuration option")
94
raise exception.BadRegistryConnectionConfiguration(msg)
99
'use_ssl': CONF.registry_client_protocol.lower() == 'https',
100
'key_file': CONF.registry_client_key_file,
101
'cert_file': CONF.registry_client_cert_file,
102
'ca_file': CONF.registry_client_ca_file,
103
'insecure': CONF.registry_client_insecure,
104
'timeout': CONF.registry_client_timeout,
108
def configure_registry_admin_creds():
111
if CONF.auth_url or os.getenv('OS_AUTH_URL'):
112
strategy = 'keystone'
114
strategy = CONF.auth_strategy
117
'user': CONF.admin_user,
118
'password': CONF.admin_password,
119
'username': CONF.admin_user,
120
'tenant': CONF.admin_tenant_name,
121
'auth_url': CONF.auth_url,
122
'strategy': strategy,
123
'region': CONF.auth_region,
127
def get_registry_client(cxt):
128
global _CLIENT_CREDS, _CLIENT_KWARGS, _CLIENT_HOST, _CLIENT_PORT
129
kwargs = _CLIENT_KWARGS.copy()
130
kwargs['auth_tok'] = cxt.auth_tok
132
kwargs['creds'] = _CLIENT_CREDS
133
return client.RegistryClient(_CLIENT_HOST, _CLIENT_PORT, **kwargs)