merged trunk

3 files changed, 30 insertions, 11 deletions

diff --git a/nova/compute/linux_net.py b/nova/compute/linux_net.py
index 48e07da66..861ce779b 100644
--- a/nova/compute/linux_net.py
+++ b/nova/compute/linux_net.py
@@ -29,7 +29,7 @@ from nova import flags
 FLAGS=flags.FLAGS
 
 flags.DEFINE_string('dhcpbridge_flagfile',
-                    '/etc/nova-dhcpbridge.conf',
+                    '/etc/nova/nova-dhcpbridge.conf',
                     'location of flagfile for dhcpbridge')
 
 def execute(cmd, addl_env=None):
diff --git a/nova/compute/network.py b/nova/compute/network.py
index 43011f696..b5b3c3b5d 100644
--- a/nova/compute/network.py
+++ b/nova/compute/network.py
@@ -29,7 +29,7 @@ from nova import datastore
 from nova import exception
 from nova import flags
 from nova import utils
-from nova.auth import users
+from nova.auth import manager
 from nova.compute import exception as compute_exception
 from nova.compute import linux_net
 
@@ -210,11 +210,11 @@ class BaseNetwork(datastore.BasicModel):
 
     @property
     def user(self):
-        return users.UserManager.instance().get_user(self['user_id'])
+        return manager.AuthManager().get_user(self['user_id'])
 
     @property
     def project(self):
-        return users.UserManager.instance().get_project(self['project_id'])
+        return manager.AuthManager().get_project(self['project_id'])
 
     @property
     def _hosts_key(self):
@@ -516,7 +516,7 @@ def get_vlan_for_project(project_id):
         if not known_vlans.has_key(vstr):
             return Vlan.create(project_id, vnum)
         old_project_id = known_vlans[vstr]
-        if not users.UserManager.instance().get_project(old_project_id):
+        if not manager.AuthManager().get_project(old_project_id):
             vlan = Vlan.lookup(old_project_id)
             if vlan:
                 # NOTE(todd): This doesn't check for vlan id match, because
@@ -542,7 +542,7 @@ def get_network_by_interface(iface, security_group='default'):
 
 def get_network_by_address(address):
     logging.debug("Get Network By Address: %s" % address)
-    for project in users.UserManager.instance().get_projects():
+    for project in manager.AuthManager().get_projects():
         net = get_project_network(project.id)
         if address in net.assigned:
             logging.debug("Found %s in %s" % (address, project.id))
@@ -582,7 +582,7 @@ def get_project_network(project_id, security_group='default'):
     """ get a project's private network, allocating one if needed """
     # TODO(todd): It looks goofy to get a project from a UserManager.
     #             Refactor to still use the LDAP backend, but not User specific.
-    project = users.UserManager.instance().get_project(project_id)
+    project = manager.AuthManager().get_project(project_id)
     if not project:
         raise exception.Error("Project %s doesn't exist, uhoh." %
                                    project_id)
@@ -592,5 +592,5 @@ def get_project_network(project_id, security_group='default'):
 
 def restart_nets():
     """ Ensure the network for each user is enabled"""
-    for project in users.UserManager.instance().get_projects():
+    for project in manager.AuthManager().get_projects():
         get_project_network(project.id).express()
diff --git a/nova/compute/service.py b/nova/compute/service.py
index 02e35baa2..9998dc6c3 100644
--- a/nova/compute/service.py
+++ b/nova/compute/service.py
@@ -25,11 +25,13 @@ Compute Service:
 """
 
 import base64
+import boto.utils
 import json
 import logging
 import os
 import shutil
 import sys
+import time
 from twisted.internet import defer
 from twisted.internet import task
 
@@ -45,6 +47,7 @@ from nova import flags
 from nova import process
 from nova import service
 from nova import utils
+from nova.auth import signer, manager
 from nova.compute import disk
 from nova.compute import model
 from nova.compute import network
@@ -450,9 +453,25 @@ class Instance(object):
 
     def _fetch_s3_image(self, image, path):
         url = _image_url('%s/image' % image)
-        d = process.simple_execute(
-                'curl --silent %s -o %s' % (url, path))
-        return d
+
+        # This should probably move somewhere else, like e.g. a download_as
+        # method on User objects and at the same time get rewritten to use
+        # twisted web client.
+        headers = {}
+        headers['Date'] = time.strftime("%a, %d %b %Y %H:%M:%S GMT", time.gmtime())
+
+        user_id = self.datamodel['user_id']
+        user = manager.AuthManager().get_user(user_id)
+        uri = '/' + url.partition('/')[2]
+        auth = signer.Signer(user.secret.encode()).s3_authorization(headers, 'GET', uri)
+        headers['Authorization'] = 'AWS %s:%s' % (user.access, auth)
+
+        cmd = ['/usr/bin/curl', '--silent', url]
+        for (k,v) in headers.iteritems():
+            cmd += ['-H', '%s: %s' % (k,v)]
+
+        cmd += ['-o', path]
+        return process.SharedPool().execute(executable=cmd[0], args=cmd[1:])
 
     def _fetch_local_image(self, image, path):
         source = _image_path('%s/image' % image)