merge lp:nova and resolve conflicts

10 files changed, 127 insertions, 28 deletions

diff --git a/bin/nova-manage b/bin/nova-manage
index 2b42dfff5..a4d820209 100755
--- a/bin/nova-manage
+++ b/bin/nova-manage
@@ -446,10 +446,15 @@ class FixedIpCommands(object):
     def list(self, host=None):
         """Lists all fixed ips (optionally by host) arguments: [host]"""
         ctxt = context.get_admin_context()
-        if host == None:
-            fixed_ips = db.fixed_ip_get_all(ctxt)
-        else:
-            fixed_ips = db.fixed_ip_get_all_by_host(ctxt, host)
+
+        try:
+            if host == None:
+                fixed_ips = db.fixed_ip_get_all(ctxt)
+            else:
+                fixed_ips = db.fixed_ip_get_all_by_host(ctxt, host)
+        except exception.NotFound as ex:
+            print "error: %s" % ex
+            sys.exit(2)
 
         print "%-18s\t%-15s\t%-17s\t%-15s\t%s" % (_('network'),
                                                   _('IP address'),
@@ -466,9 +471,9 @@ class FixedIpCommands(object):
                 host = instance['host']
                 mac_address = instance['mac_address']
             print "%-18s\t%-15s\t%-17s\t%-15s\t%s" % (
-                                  fixed_ip['network']['cidr'],
-                                  fixed_ip['address'],
-                                  mac_address, hostname, host)
+                    fixed_ip['network']['cidr'],
+                    fixed_ip['address'],
+                    mac_address, hostname, host)
 
 
 class FloatingIpCommands(object):
@@ -716,6 +721,49 @@ class DbCommands(object):
         print migration.db_version()
 
 
+class InstanceCommands(object):
+    """Class for managing instances."""
+
+    def list(self, host=None, instance=None):
+        """Show a list of all instances"""
+        print "%-10s %-15s %-10s %-10s %-19s %-12s %-12s %-12s" \
+              "  %-10s %-10s %-10s %-5s" % (
+            _('instance'),
+            _('node'),
+            _('type'),
+            _('state'),
+            _('launched'),
+            _('image'),
+            _('kernel'),
+            _('ramdisk'),
+            _('project'),
+            _('user'),
+            _('zone'),
+            _('index'))
+
+        if host == None:
+            instances = db.instance_get_all(context.get_admin_context())
+        else:
+            instances = db.instance_get_all_by_host(
+                           context.get_admin_context(), host)
+
+        for instance in instances:
+            print "%-10s %-15s %-10s %-10s %-19s %-12s %-12s %-12s" \
+                  "  %-10s %-10s %-10s %-5d" % (
+                instance['hostname'],
+                instance['host'],
+                instance['instance_type'],
+                instance['state_description'],
+                instance['launched_at'],
+                instance['image_id'],
+                instance['kernel_id'],
+                instance['ramdisk_id'],
+                instance['project_id'],
+                instance['user_id'],
+                instance['availability_zone'],
+                instance['launch_index'])
+
+
 class VolumeCommands(object):
     """Methods for dealing with a cloud in an odd state"""
 
@@ -1002,7 +1050,8 @@ CATEGORIES = [
     ('volume', VolumeCommands),
     ('instance_type', InstanceTypeCommands),
     ('image', ImageCommands),
-    ('flavor', InstanceTypeCommands)]
+    ('flavor', InstanceTypeCommands),
+    ('instance', InstanceCommands)]
 
 
 def lazy_match(name, key_value_tuples):
diff --git a/nova/api/openstack/servers.py b/nova/api/openstack/servers.py
index ea88f1fdc..3ecd4fb01 100644
--- a/nova/api/openstack/servers.py
+++ b/nova/api/openstack/servers.py
@@ -148,10 +148,14 @@ class Controller(wsgi.Controller):
             return faults.Fault(exc.HTTPUnprocessableEntity())
 
         context = req.environ['nova.context']
+
+        key_name = None
+        key_data = None
         key_pairs = auth_manager.AuthManager.get_key_pairs(context)
-        if not key_pairs:
-            raise exception.NotFound(_("No keypairs defined"))
-        key_pair = key_pairs[0]
+        if key_pairs:
+            key_pair = key_pairs[0]
+            key_name = key_pair['name']
+            key_data = key_pair['public_key']
 
         image_id = common.get_image_id_from_image_hash(self._image_service,
             context, env['server']['imageId'])
@@ -180,8 +184,8 @@ class Controller(wsgi.Controller):
                 ramdisk_id=ramdisk_id,
                 display_name=env['server']['name'],
                 display_description=env['server']['name'],
-                key_name=key_pair['name'],
-                key_data=key_pair['public_key'],
+                key_name=key_name,
+                key_data=key_data,
                 metadata=metadata,
                 injected_files=injected_files)
         except QuotaError as error:
diff --git a/nova/console/manager.py b/nova/console/manager.py
index 57c75cf4f..bfa571ea9 100644
--- a/nova/console/manager.py
+++ b/nova/console/manager.py
@@ -69,7 +69,7 @@ class ConsoleProxyManager(manager.Manager):
         except exception.NotFound:
             logging.debug(_("Adding console"))
             if not password:
-                password = self.driver.generate_password()
+                password = utils.generate_password(8)
             if not port:
                 port = self.driver.get_port(context)
             console_data = {'instance_name': name,
diff --git a/nova/console/xvp.py b/nova/console/xvp.py
index 68d8c8565..0cedfbb13 100644
--- a/nova/console/xvp.py
+++ b/nova/console/xvp.py
@@ -91,10 +91,6 @@ class XVPConsoleProxy(object):
         """Trim password to length, and encode"""
         return self._xvp_encrypt(password)
 
-    def generate_password(self, length=8):
-        """Returns random console password"""
-        return os.urandom(length * 2).encode('base64')[:length]
-
     def _rebuild_xvp_conf(self, context):
         logging.debug(_("Rebuilding xvp conf"))
         pools = [pool for pool in
diff --git a/nova/db/api.py b/nova/db/api.py
index 0aa846d61..3cb0e5811 100644
--- a/nova/db/api.py
+++ b/nova/db/api.py
@@ -353,6 +353,11 @@ def fixed_ip_get_all(context):
     return IMPL.fixed_ip_get_all(context)
 
 
+def fixed_ip_get_all_by_host(context, host):
+    """Get all defined fixed ips used by a host."""
+    return IMPL.fixed_ip_get_all_by_host(context, host)
+
+
 def fixed_ip_get_by_address(context, address):
     """Get a fixed ip by address or raise if it does not exist."""
     return IMPL.fixed_ip_get_by_address(context, address)
diff --git a/nova/db/sqlalchemy/api.py b/nova/db/sqlalchemy/api.py
index 56998ce05..44540617f 100644
--- a/nova/db/sqlalchemy/api.py
+++ b/nova/db/sqlalchemy/api.py
@@ -672,6 +672,22 @@ def fixed_ip_get_all(context, session=None):
     return result
 
 
+@require_admin_context
+def fixed_ip_get_all_by_host(context, host=None):
+    session = get_session()
+
+    result = session.query(models.FixedIp).\
+                    join(models.FixedIp.instance).\
+                    filter_by(state=1).\
+                    filter_by(host=host).\
+                    all()
+
+    if not result:
+        raise exception.NotFound(_('No fixed ips for this host defined'))
+
+    return result
+
+
 @require_context
 def fixed_ip_get_by_address(context, address, session=None):
     if not session:
diff --git a/nova/tests/api/openstack/fakes.py b/nova/tests/api/openstack/fakes.py
index a4d5f426f..0bbb1c890 100644
--- a/nova/tests/api/openstack/fakes.py
+++ b/nova/tests/api/openstack/fakes.py
@@ -83,10 +83,17 @@ def wsgi_app(inner_application=None):
     return mapper
 
 
-def stub_out_key_pair_funcs(stubs):
+def stub_out_key_pair_funcs(stubs, have_key_pair=True):
     def key_pair(context, user_id):
         return [dict(name='key', public_key='public_key')]
-    stubs.Set(nova.db, 'key_pair_get_all_by_user', key_pair)
+
+    def no_key_pair(context, user_id):
+        return []
+
+    if have_key_pair:
+        stubs.Set(nova.db, 'key_pair_get_all_by_user', key_pair)
+    else:
+        stubs.Set(nova.db, 'key_pair_get_all_by_user', no_key_pair)
 
 
 def stub_out_image_service(stubs):
diff --git a/nova/tests/api/openstack/test_servers.py b/nova/tests/api/openstack/test_servers.py
index 9a6f2c052..03e00af2a 100644
--- a/nova/tests/api/openstack/test_servers.py
+++ b/nova/tests/api/openstack/test_servers.py
@@ -219,7 +219,8 @@ class ServersTest(test.TestCase):
         servers = json.loads(res.body)['servers']
         self.assertEqual([s['id'] for s in servers], [1, 2])
 
-    def test_create_instance(self):
+    def _test_create_instance_helper(self):
+        """Shared implementation for tests below that create instance"""
         def instance_create(context, inst):
             return {'id': '1', 'display_name': 'server_test'}
 
@@ -274,6 +275,13 @@ class ServersTest(test.TestCase):
 
         self.assertEqual(res.status_int, 200)
 
+    def test_create_instance(self):
+        self._test_create_instance_helper()
+
+    def test_create_instance_no_key_pair(self):
+        fakes.stub_out_key_pair_funcs(self.stubs, have_key_pair=False)
+        self._test_create_instance_helper()
+
     def test_update_no_body(self):
         req = webob.Request.blank('/v1.0/servers/1')
         req.method = 'PUT'
diff --git a/nova/utils.py b/nova/utils.py
index e99e71715..f8160c0b6 100644
--- a/nova/utils.py
+++ b/nova/utils.py
@@ -262,13 +262,25 @@ def generate_mac():
     return ':'.join(map(lambda x: "%02x" % x, mac))
 
 
-def generate_password(length=20):
-    """Generate a random sequence of letters and digits
-    to be used as a password. Note that this is not intended
-    to represent the ultimate in security.
+# Default symbols to use for passwords. Avoids visually confusing characters.
+# ~6 bits per symbol
+DEFAULT_PASSWORD_SYMBOLS = ("23456789"  # Removed: 0,1
+                            "ABCDEFGHJKLMNPQRSTUVWXYZ"  # Removed: I, O
+                            "abcdefghijkmnopqrstuvwxyz")  # Removed: l
+
+
+# ~5 bits per symbol
+EASIER_PASSWORD_SYMBOLS = ("23456789"  # Removed: 0, 1
+                           "ABCDEFGHJKLMNPQRSTUVWXYZ")  # Removed: I, O
+
+
+def generate_password(length=20, symbols=DEFAULT_PASSWORD_SYMBOLS):
+    """Generate a random password from the supplied symbols.
+
+    Believed to be reasonably secure (with a reasonable password length!)
     """
-    chrs = string.letters + string.digits
-    return "".join([random.choice(chrs) for i in xrange(length)])
+    r = random.SystemRandom()
+    return "".join([r.choice(symbols) for _i in xrange(length)])
 
 
 def last_octet(address):
diff --git a/nova/virt/libvirt_conn.py b/nova/virt/libvirt_conn.py
index 7994e9547..6e564d0cb 100644
--- a/nova/virt/libvirt_conn.py
+++ b/nova/virt/libvirt_conn.py
@@ -502,7 +502,7 @@ class LibvirtConnection(object):
                 cmd = 'netcat', '0.0.0.0', port, '-w', '1'
                 try:
                     stdout, stderr = utils.execute(*cmd, process_input='')
-                except ProcessExecutionError:
+                except exception.ProcessExecutionError:
                     return port
             raise Exception(_('Unable to find an open port'))
 
@@ -1597,6 +1597,8 @@ class IptablesFirewallDriver(FirewallDriver):
 
         self.iptables.ipv4['filter'].add_chain('sg-fallback')
         self.iptables.ipv4['filter'].add_rule('sg-fallback', '-j DROP')
+        self.iptables.ipv6['filter'].add_chain('sg-fallback')
+        self.iptables.ipv6['filter'].add_rule('sg-fallback', '-j DROP')
 
     def setup_basic_filtering(self, instance):
         """Use NWFilter from libvirt for this."""