Keystone v3 support in VMTP

Change-Id: I13a0c757c199381b0c7501e080d37455843f708f

requirements.txt

@@ -14,7 +14,7 @@ python-glanceclient>=0.15.0
 python-neutronclient<3,>=2.3.6
 python-novaclient>=2.18.1
 python-openstackclient>=0.4.1
-python-keystoneclient>=1.0.0
+python-keystoneclient>=1.7.2
 pytz>=2016.4
 scp>=0.8.0
 tabulate>=0.7.3

vmtp/credentials.py

@@ -27,25 +27,12 @@ class Credentials(object):
         dct['username'] = self.rc_username
         dct['password'] = self.rc_password
         dct['auth_url'] = self.rc_auth_url
-        dct['tenant_name'] = self.rc_tenant_name
+        if self.rc_identity_api_version == 3:
-        dct['cacert'] = self.rc_cacert
+            dct['project_name'] = self.rc_project_name
-        dct['ca_cert'] = self.rc_cacert
+            dct['project_domain_id'] = self.rc_project_domain_id
-        dct['region_name'] = self.rc_region_name
+            dct['user_domain_id'] = self.rc_user_domain_id
-        return dct
+        else:
-
+            dct['tenant_name'] = self.rc_tenant_name
-    def get_nova_credentials(self):
-        dct = {}
-        dct['username'] = self.rc_username
-        dct['api_key'] = self.rc_password
-        dct['auth_url'] = self.rc_auth_url
-        dct['project_id'] = self.rc_tenant_name
-        dct['cacert'] = self.rc_cacert
-        dct['region_name'] = self.rc_region_name
-        return dct
-
-    def get_nova_credentials_v2(self):
-        dct = self.get_nova_credentials()
-        dct['version'] = 2
         return dct
 
     #
@@ -57,21 +44,23 @@ class Credentials(object):
         self.rc_username = None
         self.rc_tenant_name = None
         self.rc_auth_url = None
-        self.rc_cacert = None
+        self.rc_cacert = False
         self.rc_region_name = None
+        self.rc_project_name = None
+        self.rc_project_domain_id = None
+        self.rc_user_domain_id = None
+        self.rc_identity_api_version = 2
         success = True
 
         if openrc_file:
             if os.path.exists(openrc_file):
                 export_re = re.compile('export OS_([A-Z_]*)="?(.*)')
                 for line in open(openrc_file):
-                    line = line.strip()
+                    mstr = export_re.match(line.strip())
-                    mstr = export_re.match(line)
                     if mstr:
                         # get rif of posible trailing double quote
                         # the first one was removed by the re
-                        name = mstr.group(1)
+                        name, value = mstr.group(1), mstr.group(2)
-                        value = mstr.group(2)
                         if value.endswith('"'):
                             value = value[:-1]
                         # get rid of password assignment
@@ -80,6 +69,11 @@ class Credentials(object):
                         # export OS_PASSWORD=$OS_PASSWORD_INPUT
                         if value.startswith('$'):
                             continue
+                        # Check if api version is provided
+                        # Default is keystone v2
+                        if name == 'IDENTITY_API_VERSION':
+                            self.rc_identity_api_version = int(value)
+
                         # now match against wanted variable names
                         if name == 'USERNAME':
                             self.rc_username = value
@@ -93,6 +87,12 @@ class Credentials(object):
                             self.rc_region_name = value
                         elif name == "PASSWORD" and not pwd:
                             pwd = value
+                        elif name == "PROJECT_NAME":
+                            self.rc_project_name = value
+                        elif name == "PROJECT_DOMAIN_ID" or name == "PROJECT_DOMAIN_NAME":
+                            self.rc_project_domain_id = value
+                        elif name == "USER_DOMAIN_ID" or name == "USER_DOMAIN_ID":
+                            self.rc_user_domain_id = value
             else:
                 LOG.error('Error: rc file does not exist %s', openrc_file)
                 success = False
@@ -100,18 +100,37 @@ class Credentials(object):
             # no openrc file passed - we assume the variables have been
             # sourced by the calling shell
             # just check that they are present
-            for varname in ['OS_USERNAME', 'OS_AUTH_URL', 'OS_TENANT_NAME']:
+            if 'OS_IDENTITY_API_VERSION' in os.environ:
-                if varname not in os.environ:
+                self.rc_identity_api_version = int(os.environ['OS_IDENTITY_API_VERSION'])
-                    LOG.warning('%s is missing', varname)
+
-                    success = False
+            if self.rc_identity_api_version == 2:
-            if success:
+                for varname in ['OS_USERNAME', 'OS_AUTH_URL', 'OS_TENANT_NAME']:
-                self.rc_username = os.environ['OS_USERNAME']
+                    if varname not in os.environ:
-                self.rc_auth_url = os.environ['OS_AUTH_URL']
+                        LOG.warning('%s is missing', varname)
-                self.rc_tenant_name = os.environ['OS_TENANT_NAME']
+                        success = False
+                if success:
+                    self.rc_username = os.environ['OS_USERNAME']
+                    self.rc_auth_url = os.environ['OS_AUTH_URL']
+                    self.rc_tenant_name = os.environ['OS_TENANT_NAME']
+
+                if 'OS_REGION_NAME' in os.environ:
+                    self.rc_region_name = os.environ['OS_REGION_NAME']
+
+            elif self.rc_identity_api_version == 3:
+                for varname in ['OS_USERNAME', 'OS_AUTH_URL', 'OS_PROJECT_NAME',
+                                'OS_PROJECT_DOMAIN_ID', 'OS_USER_DOMAIN_ID']:
+                    if varname not in os.environ:
+                        LOG.warning('%s is missing', varname)
+                        success = False
+                if success:
+                    self.rc_username = os.environ['OS_USERNAME']
+                    self.rc_auth_url = os.environ['OS_AUTH_URL']
+                    self.rc_project_name = os.environ['OS_PROJECT_NAME']
+                    self.rc_project_domain_id = os.environ['OS_PROJECT_DOMAIN_ID']
+                    self.rc_user_domain_id = os.environ['OS_USER_DOMAIN_ID']
+
             if 'OS_CACERT' in os.environ:
                 self.rc_cacert = os.environ['OS_CACERT']
-            if 'OS_REGION_NAME' in os.environ:
-                self.rc_region_name = os.environ['OS_REGION_NAME']
 
         # always override with CLI argument if provided
         if pwd:

vmtp/vmtp.py

@@ -30,15 +30,18 @@ import compute
 from config import config_load
 from config import config_loads
 import credentials
-from glanceclient.v1 import client as glanceclient
+from glanceclient import client as glanceclient
 import iperf_tool
-from keystoneclient.v2_0 import client as keystoneclient
+from keystoneclient.auth.identity import v2 as keystone_v2
+from keystoneclient.auth.identity import v3 as keystone_v3
+from keystoneclient import client as keystoneclient
+from keystoneclient import session
 from log import CONLOG
 from log import FILELOG
 from log import LOG
 import network
-from neutronclient.v2_0 import client as neutronclient
+from neutronclient.neutron import client as neutronclient
-from novaclient.client import Client
+from novaclient import client as novaclient
 from novaclient.exceptions import ClientException
 import nuttcp_tool
 from perf_instance import PerfInstance as PerfInstance
@@ -195,10 +198,15 @@ class VmtpTest(object):
         # If we need to reuse existing vms just return without setup
         if not self.config.reuse_existing_vm:
             creds = self.cred.get_credentials()
-            creds_nova = self.cred.get_nova_credentials_v2()
+            if self.cred.rc_identity_api_version == 3:
+                auth = keystone_v3.Password(**creds)
+            else:
+                auth = keystone_v2.Password(**creds)
+            sess = session.Session(auth=auth, verify=self.cred.rc_cacert)
+
             # Create the nova and neutron instances
-            nova_client = Client(**creds_nova)
+            nova_client = novaclient.Client('2', session=sess)
-            neutron = neutronclient.Client(**creds)
+            neutron = neutronclient.Client('2.0', session=sess)
 
             self.comp = compute.Compute(nova_client, self.config)
 
@@ -210,12 +218,9 @@ class VmtpTest(object):
                 if self.config.vm_image_url != "":
                     LOG.info('%s: image for VM not found, trying to upload it ...',
                              self.config.image_name)
-                    keystone = keystoneclient.Client(**creds)
+                    keystoneclient.Client(self.cred.rc_identity_api_version,
-                    glance_endpoint = keystone.service_catalog.url_for(
+                                          session=sess, auth_url=creds['auth_url'])
-                        service_type='image', endpoint_type='publicURL')
+                    self.glance_client = glanceclient.Client('1', session=sess)
-                    self.glance_client = glanceclient.Client(
-                        glance_endpoint, token=keystone.auth_token,
-                        cacert=creds['cacert'])
                     self.comp.upload_image_via_url(
                         self.glance_client,
                         self.config.image_name,