@Autowired
private AuthenticationMethodFactory authenticationMethodFactory;
-
- @Autowired
- private MsoHeatUtils msoHeatUtils;
-
- @Autowired
- private MsoNeutronUtils msoNeutronUtils;
-
- @Autowired
- private MsoTenantUtilsFactory tenantUtilsFactory;
+
+ @Autowired
+ private MsoHeatUtils msoHeatUtils;
+
+ @Autowired
+ private MsoNeutronUtils msoNeutronUtils;
+
+ @Autowired
+ private MsoTenantUtilsFactory tenantUtilsFactory;
+
/**
- * Create a tenant with the specified name in the given cloud. If the tenant already exists,
- * an Exception will be thrown. The MSO User will also be added to the "member" list of
- * the new tenant to perform subsequent Nova/Heat commands in the tenant. If the MSO User
- * association fails, the entire transaction will be rolled back.
+ * Create a tenant with the specified name in the given cloud. If the tenant already exists, an Exception will be
+ * thrown. The MSO User will also be added to the "member" list of the new tenant to perform subsequent Nova/Heat
+ * commands in the tenant. If the MSO User association fails, the entire transaction will be rolled back.
* <p>
- * For the AIC Cloud (DCP/LCP): it is not clear that cloudId is needed, as all admin
- * requests go to the centralized identity service in DCP. However, if some artifact
- * must exist in each local LCP instance as well, then it will be needed to access the
- * correct region.
+ * For the AIC Cloud (DCP/LCP): it is not clear that cloudId is needed, as all admin requests go to the centralized
+ * identity service in DCP. However, if some artifact must exist in each local LCP instance as well, then it will be
+ * needed to access the correct region.
* <p>
*
* @param tenantName The tenant name to create
* @throws MsoTenantAlreadyExists Thrown if the requested tenant already exists
* @throws MsoOpenstackException Thrown if the Openstack API call returns an exception
*/
- public String createTenant (String tenantName,
- String cloudSiteId,
- Map <String, String> metadata,
- boolean backout) throws MsoException {
+ public String createTenant(String tenantName, String cloudSiteId, Map<String, String> metadata, boolean backout)
+ throws MsoException {
// Obtain the cloud site information where we will create the tenant
Optional<CloudSite> cloudSiteOpt = cloudConfig.getCloudSite(cloudSiteId);
if (!cloudSiteOpt.isPresent()) {
logger.error("{} MSOCloudSite {} not found {} ", MessageEnum.RA_CREATE_TENANT_ERR, cloudSiteId,
- ErrorCode.DataError.getValue());
- throw new MsoCloudSiteNotFound (cloudSiteId);
+ ErrorCode.DataError.getValue());
+ throw new MsoCloudSiteNotFound(cloudSiteId);
}
Keystone keystoneAdminClient = getKeystoneAdminClient(cloudSiteOpt.get());
Tenant tenant = null;
try {
// Check if the tenant already exists
- tenant = findTenantByName (keystoneAdminClient, tenantName);
+ tenant = findTenantByName(keystoneAdminClient, tenantName);
if (tenant != null) {
// Tenant already exists. Throw an exception
logger.error("{} Tenant name {} already exists on Cloud site id {}, {}",
- MessageEnum.RA_TENANT_ALREADY_EXIST, tenantName, cloudSiteId, ErrorCode.DataError.getValue());
- throw new MsoTenantAlreadyExists (tenantName, cloudSiteId);
+ MessageEnum.RA_TENANT_ALREADY_EXIST, tenantName, cloudSiteId, ErrorCode.DataError.getValue());
+ throw new MsoTenantAlreadyExists(tenantName, cloudSiteId);
}
// Does not exist, create a new one
- tenant = new Tenant ();
- tenant.setName (tenantName);
- tenant.setDescription ("SDN Tenant (via MSO)");
- tenant.setEnabled (true);
+ tenant = new Tenant();
+ tenant.setName(tenantName);
+ tenant.setDescription("SDN Tenant (via MSO)");
+ tenant.setEnabled(true);
- OpenStackRequest <Tenant> request = keystoneAdminClient.tenants ().create (tenant);
- tenant = executeAndRecordOpenstackRequest (request);
+ OpenStackRequest<Tenant> request = keystoneAdminClient.tenants().create(tenant);
+ tenant = executeAndRecordOpenstackRequest(request);
} catch (OpenStackBaseException e) {
// Convert Keystone OpenStackResponseException to MsoOpenstackException
- throw keystoneErrorToMsoException (e, "CreateTenant");
+ throw keystoneErrorToMsoException(e, "CreateTenant");
} catch (RuntimeException e) {
// Catch-all
- throw runtimeExceptionToMsoException (e, "CreateTenant");
+ throw runtimeExceptionToMsoException(e, "CreateTenant");
}
// Add MSO User to the tenant as a member and
try {
CloudIdentity cloudIdentity = cloudSiteOpt.get().getIdentityService();
- User msoUser = findUserByNameOrId (keystoneAdminClient, cloudIdentity.getMsoId ());
- Role memberRole = findRoleByNameOrId (keystoneAdminClient, cloudIdentity.getMemberRole ());
-
- if(msoUser != null && memberRole != null) {
- OpenStackRequest <Void> request = keystoneAdminClient.tenants ().addUser (tenant.getId (),
- msoUser.getId (),
- memberRole.getId ());
- executeAndRecordOpenstackRequest (request);
+ User msoUser = findUserByNameOrId(keystoneAdminClient, cloudIdentity.getMsoId());
+ Role memberRole = findRoleByNameOrId(keystoneAdminClient, cloudIdentity.getMemberRole());
+
+ if (msoUser != null && memberRole != null) {
+ OpenStackRequest<Void> request =
+ keystoneAdminClient.tenants().addUser(tenant.getId(), msoUser.getId(), memberRole.getId());
+ executeAndRecordOpenstackRequest(request);
}
- if (cloudIdentity.getTenantMetadata () && metadata != null && !metadata.isEmpty ()) {
- Metadata tenantMetadata = new Metadata ();
- tenantMetadata.setMetadata (metadata);
+ if (cloudIdentity.getTenantMetadata() && metadata != null && !metadata.isEmpty()) {
+ Metadata tenantMetadata = new Metadata();
+ tenantMetadata.setMetadata(metadata);
- OpenStackRequest <Metadata> metaRequest = keystoneAdminClient.tenants ()
- .createOrUpdateMetadata (tenant.getId (),
- tenantMetadata);
- executeAndRecordOpenstackRequest (metaRequest);
+ OpenStackRequest<Metadata> metaRequest =
+ keystoneAdminClient.tenants().createOrUpdateMetadata(tenant.getId(), tenantMetadata);
+ executeAndRecordOpenstackRequest(metaRequest);
}
} catch (Exception e) {
// Failed to attach MSO User to the new tenant. Can't operate without access,
// so roll back the tenant.
- if (!backout)
- {
- logger.warn("{} Create Tenant errored, Tenant deletion suppressed {} ", MessageEnum.RA_CREATE_TENANT_ERR,
- ErrorCode.DataError.getValue());
- }
- else
- {
- try {
- OpenStackRequest <Void> request = keystoneAdminClient.tenants ().delete (tenant.getId ());
- executeAndRecordOpenstackRequest (request);
- } catch (Exception e2) {
- // Just log this one. We will report the original exception.
- logger.error("{} Nested exception rolling back tenant {} ", MessageEnum.RA_CREATE_TENANT_ERR,
- ErrorCode.DataError.getValue(), e2);
+ if (!backout) {
+ logger.warn("{} Create Tenant errored, Tenant deletion suppressed {} ",
+ MessageEnum.RA_CREATE_TENANT_ERR, ErrorCode.DataError.getValue());
+ } else {
+ try {
+ OpenStackRequest<Void> request = keystoneAdminClient.tenants().delete(tenant.getId());
+ executeAndRecordOpenstackRequest(request);
+ } catch (Exception e2) {
+ // Just log this one. We will report the original exception.
+ logger.error("{} Nested exception rolling back tenant {} ", MessageEnum.RA_CREATE_TENANT_ERR,
+ ErrorCode.DataError.getValue(), e2);
+ }
}
- }
-
+
// Propagate the original exception on user/role/tenant mapping
if (e instanceof OpenStackBaseException) {
// Convert Keystone Exception to MsoOpenstackException
- throw keystoneErrorToMsoException ((OpenStackBaseException) e, "CreateTenantUser");
+ throw keystoneErrorToMsoException((OpenStackBaseException) e, "CreateTenantUser");
} else {
- MsoAdapterException me = new MsoAdapterException (e.getMessage (), e);
- me.addContext ("CreateTenantUser");
+ MsoAdapterException me = new MsoAdapterException(e.getMessage(), e);
+ me.addContext("CreateTenantUser");
throw me;
}
}
- return tenant.getId ();
+ return tenant.getId();
}
/**
- * Query for a tenant by ID in the given cloud. If the tenant exists,
- * return an MsoTenant object. If not, return null.
+ * Query for a tenant by ID in the given cloud. If the tenant exists, return an MsoTenant object. If not, return
+ * null.
* <p>
- * For the AIC Cloud (DCP/LCP): it is not clear that cloudId is needed, as all admin
- * requests go to the centralized identity service in DCP. However, if some artifact
- * must exist in each local LCP instance as well, then it will be needed to access the
- * correct region.
+ * For the AIC Cloud (DCP/LCP): it is not clear that cloudId is needed, as all admin requests go to the centralized
+ * identity service in DCP. However, if some artifact must exist in each local LCP instance as well, then it will be
+ * needed to access the correct region.
* <p>
*
* @param tenantId The Openstack ID of the tenant to query
* @return the tenant properties of the queried tenant, or null if not found
* @throws MsoOpenstackException Thrown if the Openstack API call returns an exception
*/
- public MsoTenant queryTenant (String tenantId, String cloudSiteId) throws MsoException {
+ public MsoTenant queryTenant(String tenantId, String cloudSiteId) throws MsoException {
// Obtain the cloud site information where we will query the tenant
- CloudSite cloudSite = cloudConfig.getCloudSite(cloudSiteId).orElseThrow(
- () -> new MsoCloudSiteNotFound(cloudSiteId));
+ CloudSite cloudSite =
+ cloudConfig.getCloudSite(cloudSiteId).orElseThrow(() -> new MsoCloudSiteNotFound(cloudSiteId));
- Keystone keystoneAdminClient = getKeystoneAdminClient (cloudSite);
+ Keystone keystoneAdminClient = getKeystoneAdminClient(cloudSite);
// Check if the tenant exists and return its Tenant Id
try {
- Tenant tenant = findTenantById (keystoneAdminClient, tenantId);
+ Tenant tenant = findTenantById(keystoneAdminClient, tenantId);
if (tenant == null) {
return null;
}
- Map <String, String> metadata = new HashMap <String, String> ();
- if (cloudSite.getIdentityService().getTenantMetadata ()) {
- OpenStackRequest <Metadata> request = keystoneAdminClient.tenants ().showMetadata (tenant.getId ());
- Metadata tenantMetadata = executeAndRecordOpenstackRequest (request);
+ Map<String, String> metadata = new HashMap<String, String>();
+ if (cloudSite.getIdentityService().getTenantMetadata()) {
+ OpenStackRequest<Metadata> request = keystoneAdminClient.tenants().showMetadata(tenant.getId());
+ Metadata tenantMetadata = executeAndRecordOpenstackRequest(request);
if (tenantMetadata != null) {
- metadata = tenantMetadata.getMetadata ();
+ metadata = tenantMetadata.getMetadata();
}
}
- return new MsoTenant (tenant.getId (), tenant.getName (), metadata);
+ return new MsoTenant(tenant.getId(), tenant.getName(), metadata);
} catch (OpenStackBaseException e) {
// Convert Keystone OpenStackResponseException to MsoOpenstackException
- throw keystoneErrorToMsoException (e, "QueryTenant");
+ throw keystoneErrorToMsoException(e, "QueryTenant");
} catch (RuntimeException e) {
// Catch-all
- throw runtimeExceptionToMsoException (e, "QueryTenant");
+ throw runtimeExceptionToMsoException(e, "QueryTenant");
}
}
/**
- * Query for a tenant with the specified name in the given cloud. If the tenant exists,
- * return an MsoTenant object. If not, return null. This query is useful if the client
- * knows it has the tenant name, skipping an initial lookup by ID that would always fail.
+ * Query for a tenant with the specified name in the given cloud. If the tenant exists, return an MsoTenant object.
+ * If not, return null. This query is useful if the client knows it has the tenant name, skipping an initial lookup
+ * by ID that would always fail.
* <p>
- * For the AIC Cloud (DCP/LCP): it is not clear that cloudId is needed, as all admin
- * requests go to the centralized identity service in DCP. However, if some artifact
- * must exist in each local LCP instance as well, then it will be needed to access the
- * correct region.
+ * For the AIC Cloud (DCP/LCP): it is not clear that cloudId is needed, as all admin requests go to the centralized
+ * identity service in DCP. However, if some artifact must exist in each local LCP instance as well, then it will be
+ * needed to access the correct region.
* <p>
*
* @param tenantName The name of the tenant to query
* @return the tenant properties of the queried tenant, or null if not found
* @throws MsoOpenstackException Thrown if the Openstack API call returns an exception
*/
- public MsoTenant queryTenantByName (String tenantName, String cloudSiteId) throws MsoException {
+ public MsoTenant queryTenantByName(String tenantName, String cloudSiteId) throws MsoException {
// Obtain the cloud site information where we will query the tenant
- CloudSite cloudSite = cloudConfig.getCloudSite(cloudSiteId).orElseThrow(
- () -> new MsoCloudSiteNotFound(cloudSiteId));
- Keystone keystoneAdminClient = getKeystoneAdminClient (cloudSite);
+ CloudSite cloudSite =
+ cloudConfig.getCloudSite(cloudSiteId).orElseThrow(() -> new MsoCloudSiteNotFound(cloudSiteId));
+ Keystone keystoneAdminClient = getKeystoneAdminClient(cloudSite);
try {
- Tenant tenant = findTenantByName (keystoneAdminClient, tenantName);
+ Tenant tenant = findTenantByName(keystoneAdminClient, tenantName);
if (tenant == null) {
return null;
}
- Map <String, String> metadata = new HashMap <String, String> ();
- if (cloudSite.getIdentityService().getTenantMetadata ()) {
- OpenStackRequest <Metadata> request = keystoneAdminClient.tenants ().showMetadata (tenant.getId ());
- Metadata tenantMetadata = executeAndRecordOpenstackRequest (request);
+ Map<String, String> metadata = new HashMap<String, String>();
+ if (cloudSite.getIdentityService().getTenantMetadata()) {
+ OpenStackRequest<Metadata> request = keystoneAdminClient.tenants().showMetadata(tenant.getId());
+ Metadata tenantMetadata = executeAndRecordOpenstackRequest(request);
if (tenantMetadata != null) {
- metadata = tenantMetadata.getMetadata ();
+ metadata = tenantMetadata.getMetadata();
}
}
- return new MsoTenant (tenant.getId (), tenant.getName (), metadata);
+ return new MsoTenant(tenant.getId(), tenant.getName(), metadata);
} catch (OpenStackBaseException e) {
// Convert Keystone OpenStackResponseException to MsoOpenstackException
- throw keystoneErrorToMsoException (e, "QueryTenantName");
+ throw keystoneErrorToMsoException(e, "QueryTenantName");
} catch (RuntimeException e) {
// Catch-all
- throw runtimeExceptionToMsoException (e, "QueryTenantName");
+ throw runtimeExceptionToMsoException(e, "QueryTenantName");
}
}
/**
- * Delete the specified Tenant (by ID) in the given cloud. This method returns true or
- * false, depending on whether the tenant existed and was successfully deleted, or if
- * the tenant already did not exist. Both cases are treated as success (no Exceptions).
+ * Delete the specified Tenant (by ID) in the given cloud. This method returns true or false, depending on whether
+ * the tenant existed and was successfully deleted, or if the tenant already did not exist. Both cases are treated
+ * as success (no Exceptions).
* <p>
- * Note for the AIC Cloud (DCP/LCP): all admin requests go to the centralized identity
- * service in DCP. So deleting a tenant from one cloudSiteId will remove it from all
- * sites managed by that identity service.
+ * Note for the AIC Cloud (DCP/LCP): all admin requests go to the centralized identity service in DCP. So deleting a
+ * tenant from one cloudSiteId will remove it from all sites managed by that identity service.
* <p>
*
* @param tenantId The Openstack ID of the tenant to delete
* @return true if the tenant was deleted, false if the tenant did not exist.
* @throws MsoOpenstackException If the Openstack API call returns an exception.
*/
- public boolean deleteTenant (String tenantId, String cloudSiteId) throws MsoException {
+ public boolean deleteTenant(String tenantId, String cloudSiteId) throws MsoException {
// Obtain the cloud site information where we will query the tenant
- CloudSite cloudSite = cloudConfig.getCloudSite(cloudSiteId).orElseThrow(
- () -> new MsoCloudSiteNotFound(cloudSiteId));
- Keystone keystoneAdminClient = getKeystoneAdminClient (cloudSite);
+ CloudSite cloudSite =
+ cloudConfig.getCloudSite(cloudSiteId).orElseThrow(() -> new MsoCloudSiteNotFound(cloudSiteId));
+ Keystone keystoneAdminClient = getKeystoneAdminClient(cloudSite);
try {
// Check that the tenant exists. Also, need the ID to delete
- Tenant tenant = findTenantById (keystoneAdminClient, tenantId);
+ Tenant tenant = findTenantById(keystoneAdminClient, tenantId);
if (tenant == null) {
logger.error("{} Tenant id {} not found on cloud site id {}, {}", MessageEnum.RA_TENANT_NOT_FOUND,
- tenantId, cloudSiteId, ErrorCode.DataError.getValue());
+ tenantId, cloudSiteId, ErrorCode.DataError.getValue());
return false;
}
- OpenStackRequest <Void> request = keystoneAdminClient.tenants ().delete (tenant.getId ());
- executeAndRecordOpenstackRequest (request);
- logger.debug ("Deleted Tenant {} ({})", tenant.getId(), tenant.getName());
+ OpenStackRequest<Void> request = keystoneAdminClient.tenants().delete(tenant.getId());
+ executeAndRecordOpenstackRequest(request);
+ logger.debug("Deleted Tenant {} ({})", tenant.getId(), tenant.getName());
} catch (OpenStackBaseException e) {
// Convert Keystone OpenStackResponseException to MsoOpenstackException
- throw keystoneErrorToMsoException (e, "Delete Tenant");
+ throw keystoneErrorToMsoException(e, "Delete Tenant");
} catch (RuntimeException e) {
// Catch-all
- throw runtimeExceptionToMsoException (e, "DeleteTenant");
+ throw runtimeExceptionToMsoException(e, "DeleteTenant");
}
return true;
}
/**
- * Delete the specified Tenant (by Name) in the given cloud. This method returns true or
- * false, depending on whether the tenant existed and was successfully deleted, or if
- * the tenant already did not exist. Both cases are treated as success (no Exceptions).
+ * Delete the specified Tenant (by Name) in the given cloud. This method returns true or false, depending on whether
+ * the tenant existed and was successfully deleted, or if the tenant already did not exist. Both cases are treated
+ * as success (no Exceptions).
* <p>
- * Note for the AIC Cloud (DCP/LCP): all admin requests go to the centralized identity
- * service in DCP. So deleting a tenant from one cloudSiteId will remove it from all
- * sites managed by that identity service.
+ * Note for the AIC Cloud (DCP/LCP): all admin requests go to the centralized identity service in DCP. So deleting a
+ * tenant from one cloudSiteId will remove it from all sites managed by that identity service.
* <p>
*
* @param tenantName The name of the tenant to delete
* @return true if the tenant was deleted, false if the tenant did not exist.
* @throws MsoOpenstackException If the Openstack API call returns an exception.
*/
- public boolean deleteTenantByName (String tenantName, String cloudSiteId) throws MsoException {
+ public boolean deleteTenantByName(String tenantName, String cloudSiteId) throws MsoException {
// Obtain the cloud site information where we will query the tenant
- Optional<CloudSite> cloudSite = cloudConfig.getCloudSite (cloudSiteId);
+ Optional<CloudSite> cloudSite = cloudConfig.getCloudSite(cloudSiteId);
if (!cloudSite.isPresent()) {
- throw new MsoCloudSiteNotFound (cloudSiteId);
+ throw new MsoCloudSiteNotFound(cloudSiteId);
}
- Keystone keystoneAdminClient = getKeystoneAdminClient (cloudSite.get());
+ Keystone keystoneAdminClient = getKeystoneAdminClient(cloudSite.get());
try {
// Need the Tenant ID to delete (can't directly delete by name)
- Tenant tenant = findTenantByName (keystoneAdminClient, tenantName);
+ Tenant tenant = findTenantByName(keystoneAdminClient, tenantName);
if (tenant == null) {
// OK if tenant already doesn't exist.
logger.error("{} Tenant {} not found on Cloud site id {}, {}", MessageEnum.RA_TENANT_NOT_FOUND,
- tenantName, cloudSiteId, ErrorCode.DataError.getValue());
+ tenantName, cloudSiteId, ErrorCode.DataError.getValue());
return false;
}
// Execute the Delete. It has no return value.
- OpenStackRequest <Void> request = keystoneAdminClient.tenants ().delete (tenant.getId ());
- executeAndRecordOpenstackRequest (request);
+ OpenStackRequest<Void> request = keystoneAdminClient.tenants().delete(tenant.getId());
+ executeAndRecordOpenstackRequest(request);
logger.debug("Deleted Tenant {} ({})", tenant.getId(), tenant.getName());
} catch (OpenStackBaseException e) {
// Note: It doesn't seem to matter if tenant doesn't exist, no exception is thrown.
// Convert Keystone OpenStackResponseException to MsoOpenstackException
- throw keystoneErrorToMsoException (e, "DeleteTenant");
+ throw keystoneErrorToMsoException(e, "DeleteTenant");
} catch (RuntimeException e) {
// Catch-all
- throw runtimeExceptionToMsoException (e, "DeleteTenant");
+ throw runtimeExceptionToMsoException(e, "DeleteTenant");
}
return true;
// PRIVATE UTILITY FUNCTIONS FOR USE WITHIN THIS CLASS
/*
- * Get a Keystone Admin client for the Openstack Identity service.
- * This requires an 'admin'-level userId + password along with an 'admin' tenant
- * in the target cloud. These values will be retrieved from properties based
- * on the specified cloud ID.
- * <p>
- * On successful authentication, the Keystone object will be cached for the cloudId
- * so that it can be reused without going back to Openstack every time.
+ * Get a Keystone Admin client for the Openstack Identity service. This requires an 'admin'-level userId + password
+ * along with an 'admin' tenant in the target cloud. These values will be retrieved from properties based on the
+ * specified cloud ID. <p> On successful authentication, the Keystone object will be cached for the cloudId so that
+ * it can be reused without going back to Openstack every time.
*
* @param cloudId
*
* @return an authenticated Keystone object
*/
- public Keystone getKeystoneAdminClient (CloudSite cloudSite) throws MsoException {
+ public Keystone getKeystoneAdminClient(CloudSite cloudSite) throws MsoException {
CloudIdentity cloudIdentity = cloudSite.getIdentityService();
- String cloudId = cloudIdentity.getId ();
- String adminTenantName = cloudIdentity.getAdminTenant ();
- String region = cloudSite.getRegionId ();
+ String cloudId = cloudIdentity.getId();
+ String adminTenantName = cloudIdentity.getAdminTenant();
+ String region = cloudSite.getRegionId();
- MsoTenantUtils tenantUtils = tenantUtilsFactory.getTenantUtilsByServerType(cloudIdentity.getIdentityServerType());
+ MsoTenantUtils tenantUtils =
+ tenantUtilsFactory.getTenantUtilsByServerType(cloudIdentity.getIdentityServerType());
final String keystoneUrl = tenantUtils.getKeystoneUrl(region, cloudIdentity);
Keystone keystone = new Keystone(keystoneUrl);
Access access = null;
String token = null;
try {
- Authentication credentials = authenticationMethodFactory.getAuthenticationFor(cloudIdentity);
- OpenStackRequest <Access> request = keystone.tokens ()
- .authenticate (credentials)
- .withTenantName (adminTenantName);
- access = executeAndRecordOpenstackRequest (request);
- token = access.getToken ().getId ();
+ Authentication credentials = authenticationMethodFactory.getAuthenticationFor(cloudIdentity);
+ OpenStackRequest<Access> request =
+ keystone.tokens().authenticate(credentials).withTenantName(adminTenantName);
+ access = executeAndRecordOpenstackRequest(request);
+ token = access.getToken().getId();
} catch (OpenStackResponseException e) {
- if (e.getStatus () == 401) {
+ if (e.getStatus() == 401) {
// Authentication error. Can't access admin tenant - something is mis-configured
- String error = "MSO Authentication Failed for " + cloudIdentity.getId ();
+ String error = "MSO Authentication Failed for " + cloudIdentity.getId();
- throw new MsoAdapterException (error);
+ throw new MsoAdapterException(error);
} else {
- throw keystoneErrorToMsoException (e, "TokenAuth");
+ throw keystoneErrorToMsoException(e, "TokenAuth");
}
} catch (OpenStackConnectException e) {
// Connection to Openstack failed
- throw keystoneErrorToMsoException (e, "TokenAuth");
+ throw keystoneErrorToMsoException(e, "TokenAuth");
}
// Get the Identity service URL. Throws runtime exception if not found per region.
String adminUrl = null;
try {
- // TODO: FOR TESTING!!!!
- adminUrl = KeystoneUtils.findEndpointURL (access.getServiceCatalog (), "identity", region, "public");
- adminUrl = adminUrl.replaceFirst("5000", "35357");
+ // TODO: FOR TESTING!!!!
+ adminUrl = KeystoneUtils.findEndpointURL(access.getServiceCatalog(), "identity", region, "public");
+ adminUrl = adminUrl.replaceFirst("5000", "35357");
} catch (RuntimeException e) {
- String error = "Identity service not found: region=" + region + ",cloud=" + cloudIdentity.getId ();
+ String error = "Identity service not found: region=" + region + ",cloud=" + cloudIdentity.getId();
logger.error("{} Region: {} Cloud identity {} {} Exception in findEndpointURL ",
- MessageEnum.IDENTITY_SERVICE_NOT_FOUND, region, cloudIdentity.getId(),
- ErrorCode.DataError.getValue(), e);
- throw new MsoAdapterException (error, e);
+ MessageEnum.IDENTITY_SERVICE_NOT_FOUND, region, cloudIdentity.getId(),
+ ErrorCode.DataError.getValue(), e);
+ throw new MsoAdapterException(error, e);
}
// A new Keystone object is required for the new URL. Use the auth token from above.
// Note: this doesn't go back to Openstack, it's just a local object.
- keystone = new Keystone (adminUrl);
- keystone.token (token);
+ keystone = new Keystone(adminUrl);
+ keystone.token(token);
return keystone;
}
/*
- * Find a tenant (or query its existance) by its Name or Id. Check first against the
- * ID. If that fails, then try by name.
+ * Find a tenant (or query its existance) by its Name or Id. Check first against the ID. If that fails, then try by
+ * name.
*
* @param adminClient an authenticated Keystone object
*
*
* @return a Tenant object or null if not found
*/
- public Tenant findTenantByNameOrId (Keystone adminClient, String tenantNameOrId) {
+ public Tenant findTenantByNameOrId(Keystone adminClient, String tenantNameOrId) {
if (tenantNameOrId == null) {
return null;
}
- Tenant tenant = findTenantById (adminClient, tenantNameOrId);
+ Tenant tenant = findTenantById(adminClient, tenantNameOrId);
if (tenant == null) {
- tenant = findTenantByName (adminClient, tenantNameOrId);
+ tenant = findTenantByName(adminClient, tenantNameOrId);
}
return tenant;
*
* @return a Tenant object or null if not found
*/
- private Tenant findTenantById (Keystone adminClient, String tenantId) {
+ private Tenant findTenantById(Keystone adminClient, String tenantId) {
if (tenantId == null) {
return null;
}
try {
- OpenStackRequest <Tenant> request = adminClient.tenants ().show (tenantId);
- return executeAndRecordOpenstackRequest (request);
+ OpenStackRequest<Tenant> request = adminClient.tenants().show(tenantId);
+ return executeAndRecordOpenstackRequest(request);
} catch (OpenStackResponseException e) {
- if (e.getStatus () == 404) {
+ if (e.getStatus() == 404) {
return null;
} else {
logger.error("{} {} Openstack Error, GET Tenant by Id ({}): ", MessageEnum.RA_CONNECTION_EXCEPTION,
- ErrorCode.DataError.getValue(), tenantId, e);
+ ErrorCode.DataError.getValue(), tenantId, e);
throw e;
}
}
}
/*
- * Find a tenant (or query its existance) by its Name. This method avoids an
- * initial lookup by ID when it's known that we have the tenant Name.
+ * Find a tenant (or query its existance) by its Name. This method avoids an initial lookup by ID when it's known
+ * that we have the tenant Name.
*
* @param adminClient an authenticated Keystone object
*
*
* @return a Tenant object or null if not found
*/
- public Tenant findTenantByName (Keystone adminClient, String tenantName) {
+ public Tenant findTenantByName(Keystone adminClient, String tenantName) {
if (tenantName == null) {
return null;
}
try {
- OpenStackRequest <Tenant> request = adminClient.tenants ().show ("").queryParam ("name", tenantName);
- return executeAndRecordOpenstackRequest (request);
+ OpenStackRequest<Tenant> request = adminClient.tenants().show("").queryParam("name", tenantName);
+ return executeAndRecordOpenstackRequest(request);
} catch (OpenStackResponseException e) {
- if (e.getStatus () == 404) {
+ if (e.getStatus() == 404) {
return null;
} else {
logger.error("{} {} Openstack Error, GET Tenant By Name ({}) ", MessageEnum.RA_CONNECTION_EXCEPTION,
- ErrorCode.DataError.getValue(), tenantName, e);
+ ErrorCode.DataError.getValue(), tenantName, e);
throw e;
}
}
}
/*
- * Look up an Openstack User by Name or Openstack ID. Check the ID first, and if that
- * fails, try the Name.
+ * Look up an Openstack User by Name or Openstack ID. Check the ID first, and if that fails, try the Name.
*
* @param adminClient an authenticated Keystone object
*
*
* @return a User object or null if not found
*/
- private User findUserByNameOrId (Keystone adminClient, String userNameOrId) {
+ private User findUserByNameOrId(Keystone adminClient, String userNameOrId) {
if (userNameOrId == null) {
return null;
}
try {
- OpenStackRequest <User> request = adminClient.users ().show (userNameOrId);
- return executeAndRecordOpenstackRequest (request);
+ OpenStackRequest<User> request = adminClient.users().show(userNameOrId);
+ return executeAndRecordOpenstackRequest(request);
} catch (OpenStackResponseException e) {
- if (e.getStatus () == 404) {
+ if (e.getStatus() == 404) {
// Not found by ID. Search for name
- return findUserByName (adminClient, userNameOrId);
+ return findUserByName(adminClient, userNameOrId);
} else {
logger.error("{} {} Openstack Error, GET User ({}) ", MessageEnum.RA_CONNECTION_EXCEPTION,
- ErrorCode.DataError.getValue(), userNameOrId, e);
+ ErrorCode.DataError.getValue(), userNameOrId, e);
throw e;
}
}
}
/*
- * Look up an Openstack User by Name. This avoids initial Openstack query by ID
- * if we know we have the User Name.
+ * Look up an Openstack User by Name. This avoids initial Openstack query by ID if we know we have the User Name.
*
* @param adminClient an authenticated Keystone object
*
*
* @return a User object or null if not found
*/
- public User findUserByName (Keystone adminClient, String userName) {
+ public User findUserByName(Keystone adminClient, String userName) {
if (userName == null) {
return null;
}
try {
- OpenStackRequest <User> request = adminClient.users ().show ("").queryParam ("name", userName);
- return executeAndRecordOpenstackRequest (request);
+ OpenStackRequest<User> request = adminClient.users().show("").queryParam("name", userName);
+ return executeAndRecordOpenstackRequest(request);
} catch (OpenStackResponseException e) {
- if (e.getStatus () == 404) {
+ if (e.getStatus() == 404) {
return null;
} else {
logger.error("{} {} Openstack Error, GET User By Name ({}): ", MessageEnum.RA_CONNECTION_EXCEPTION,
- ErrorCode.DataError.getValue(), userName, e);
+ ErrorCode.DataError.getValue(), userName, e);
throw e;
}
}
}
/*
- * Look up an Openstack Role by Name or Id. There is no direct query for Roles, so
- * need to retrieve a full list from Openstack and look for a match. By default,
- * Openstack should have a "_member_" role for normal VM-level privileges and an
- * "admin" role for expanded privileges (e.g. administer tenants, users, and roles).
- * <p>
+ * Look up an Openstack Role by Name or Id. There is no direct query for Roles, so need to retrieve a full list from
+ * Openstack and look for a match. By default, Openstack should have a "_member_" role for normal VM-level
+ * privileges and an "admin" role for expanded privileges (e.g. administer tenants, users, and roles). <p>
*
* @param adminClient an authenticated Keystone object
*
*
* @return a Role object
*/
- private Role findRoleByNameOrId (Keystone adminClient, String roleNameOrId) {
+ private Role findRoleByNameOrId(Keystone adminClient, String roleNameOrId) {
if (roleNameOrId == null) {
return null;
}
// Search by name or ID. Must search in list
- OpenStackRequest <Roles> request = adminClient.roles ().list ();
- Roles roles = executeAndRecordOpenstackRequest (request);
+ OpenStackRequest<Roles> request = adminClient.roles().list();
+ Roles roles = executeAndRecordOpenstackRequest(request);
for (Role role : roles) {
- if (roleNameOrId.equals (role.getName ()) || roleNameOrId.equals (role.getId ())) {
+ if (roleNameOrId.equals(role.getName()) || roleNameOrId.equals(role.getId())) {
return role;
}
}
return null;
}
- @Override
- public String getKeystoneUrl(String regionId, CloudIdentity cloudIdentity) throws MsoException {
- return cloudIdentity.getIdentityUrl();
- }
+ @Override
+ public String getKeystoneUrl(String regionId, CloudIdentity cloudIdentity) throws MsoException {
+ return cloudIdentity.getIdentityUrl();
+ }
}