From 205810c3da4652fd0f5203f53299cd998ac7cf82 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Fri, 18 Feb 2011 11:44:06 +0100 Subject: added functionality to list only fixed ip addresses of one node and added exception handling to list method # nova-manage fixed list XXXX network IP address MAC address hostname host 10.xx.xx.0/24 10.xx.xx.5 02:16:3e:3f:33:b6 i-00000547 XXXX 10.xx.xx.0/24 10.xx.xx.9 02:16:3e:14:03:d6 i-00000548 XXXX 10.xx.xx.0/24 10.xx.xx.12 02:16:3e:20:1b:e7 i-00000549 XXXX --- bin/nova-manage | 19 ++++++++++++------- nova/db/api.py | 5 +++++ nova/db/sqlalchemy/api.py | 22 ++++++++++++++++++++++ 3 files changed, 39 insertions(+), 7 deletions(-) diff --git a/bin/nova-manage b/bin/nova-manage index 6d67252b8..60a00f1cf 100755 --- a/bin/nova-manage +++ b/bin/nova-manage @@ -439,10 +439,15 @@ class FixedIpCommands(object): def list(self, host=None): """Lists all fixed ips (optionally by host) arguments: [host]""" ctxt = context.get_admin_context() - if host == None: - fixed_ips = db.fixed_ip_get_all(ctxt) - else: - fixed_ips = db.fixed_ip_get_all_by_host(ctxt, host) + + try: + if host == None: + fixed_ips = db.fixed_ip_get_all(ctxt) + else: + fixed_ips = db.fixed_ip_get_all_by_host(ctxt, host) + except exception.NotFound as ex: + print "error: %s" % ex + sys.exit(2) print "%-18s\t%-15s\t%-17s\t%-15s\t%s" % (_('network'), _('IP address'), @@ -459,9 +464,9 @@ class FixedIpCommands(object): host = instance['host'] mac_address = instance['mac_address'] print "%-18s\t%-15s\t%-17s\t%-15s\t%s" % ( - fixed_ip['network']['cidr'], - fixed_ip['address'], - mac_address, hostname, host) + fixed_ip['network']['cidr'], + fixed_ip['address'], + mac_address, hostname, host) class FloatingIpCommands(object): diff --git a/nova/db/api.py b/nova/db/api.py index d7f3746d2..6053c0352 100644 --- a/nova/db/api.py +++ b/nova/db/api.py @@ -293,6 +293,11 @@ def fixed_ip_get_all(context): return IMPL.fixed_ip_get_all(context) +def fixed_ip_get_all_by_host(context, host): + """Get all defined fixed ips used by a host.""" + return IMPL.fixed_ip_get_all_by_host(context, host) + + def fixed_ip_get_by_address(context, address): """Get a fixed ip by address or raise if it does not exist.""" return IMPL.fixed_ip_get_by_address(context, address) diff --git a/nova/db/sqlalchemy/api.py b/nova/db/sqlalchemy/api.py index 2697fac73..d07c53759 100644 --- a/nova/db/sqlalchemy/api.py +++ b/nova/db/sqlalchemy/api.py @@ -594,6 +594,28 @@ def fixed_ip_get_all(context, session=None): return result +@require_admin_context +def fixed_ip_get_all_by_host(context, host=None): + session = get_session() + + # FIXME: I'm sure that SQLAlchemy can handle this in a nicer way + instances = session.query(models.Instance).\ + filter_by(state=1).\ + filter_by(host=host).\ + all() + + result = [] + for instance in instances: + result.append(session.query(models.FixedIp).\ + filter_by(instance_id=instance['id']).\ + first()) + + if not result: + raise exception.NotFound(_('No fixed ips for this host defined')) + + return result + + @require_context def fixed_ip_get_by_address(context, address, session=None): if not session: -- cgit From cf8cf8287169e3e0b996db7db5a135dea88db63a Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Fri, 18 Feb 2011 12:01:50 +0100 Subject: added new class Instances to manage instances and added a new listing method into the class # nova-manage instance list instance node type state launched image kernel ramdisk project user zone index i-00000547 XXXXXXX m1.small running 2011-02-18 08:36:37 ami-a03ndz0q ami-0isqekvw testing berendt None 0 i-00000548 XXXXXXX m1.small running 2011-02-18 08:37:17 ami-a03ndz0q ami-0isqekvw testing berendt None 1 i-00000549 XXXXXXX m1.small running 2011-02-18 08:37:52 ami-a03ndz0q ami-0isqekvw testing berendt None 2 --- bin/nova-manage | 43 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/bin/nova-manage b/bin/nova-manage index 60a00f1cf..68847bdde 100755 --- a/bin/nova-manage +++ b/bin/nova-manage @@ -618,6 +618,45 @@ class DbCommands(object): print migration.db_version() +class InstanceCommands(object): + """Class for managing instances.""" + + def list(self, host=None, instance=None): + """Show a list of all instances""" + print "%-10s %-15s %-10s %-10s %-19s %-12s %-12s" \ + " %-12s %-10s %-10s %-10s %-5s" % ( + _('instance'), + _('node'), + _('type'), + _('state'), + _('launched'), + _('image'), + _('kernel'), + _('ramdisk'), + _('project'), + _('user'), + _('zone'), + _('index'), + ) + + for instance in db.instance_get_all(context.get_admin_context()): + print "%-10s %-15s %-10s %-10s %-19s %-12s %-12s %-12s" \ + " %-10s %-10s %-10s %-5d" % ( + instance['hostname'], + instance['host'], + instance['instance_type'], + instance['state_description'], + instance['launched_at'], + instance['image_id'], + instance['kernel_id'], + instance['ramdisk_id'], + instance['project_id'], + instance['user_id'], + instance['availability_zone'], + instance['launch_index'] + ) + + class VolumeCommands(object): """Methods for dealing with a cloud in an odd state""" @@ -677,7 +716,9 @@ CATEGORIES = [ ('service', ServiceCommands), ('log', LogCommands), ('db', DbCommands), - ('volume', VolumeCommands)] + ('volume', VolumeCommands) + ('instance', InstanceCommands), +] def lazy_match(name, key_value_tuples): -- cgit From 493aa34da71e7dc3c28c6a55254b6d7ed4d81b72 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Sat, 26 Feb 2011 22:13:28 +0100 Subject: beautification... --- bin/nova-manage | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/bin/nova-manage b/bin/nova-manage index 68847bdde..2e4e091cf 100755 --- a/bin/nova-manage +++ b/bin/nova-manage @@ -623,8 +623,8 @@ class InstanceCommands(object): def list(self, host=None, instance=None): """Show a list of all instances""" - print "%-10s %-15s %-10s %-10s %-19s %-12s %-12s" \ - " %-12s %-10s %-10s %-10s %-5s" % ( + print "%-10s %-15s %-10s %-10s %-19s %-12s %-12s %-12s" \ + " %-10s %-10s %-10s %-5s" % ( _('instance'), _('node'), _('type'), @@ -636,7 +636,7 @@ class InstanceCommands(object): _('project'), _('user'), _('zone'), - _('index'), + _('index') ) for instance in db.instance_get_all(context.get_admin_context()): @@ -716,8 +716,8 @@ CATEGORIES = [ ('service', ServiceCommands), ('log', LogCommands), ('db', DbCommands), - ('volume', VolumeCommands) - ('instance', InstanceCommands), + ('volume', VolumeCommands), + ('instance', InstanceCommands) ] -- cgit From 2714b2df0d21ecb08966c4d145d2d75fa1bb201d Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Sun, 27 Feb 2011 00:07:03 +0100 Subject: fixed FIXME --- nova/db/sqlalchemy/api.py | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/nova/db/sqlalchemy/api.py b/nova/db/sqlalchemy/api.py index d07c53759..828d24c78 100644 --- a/nova/db/sqlalchemy/api.py +++ b/nova/db/sqlalchemy/api.py @@ -598,17 +598,11 @@ def fixed_ip_get_all(context, session=None): def fixed_ip_get_all_by_host(context, host=None): session = get_session() - # FIXME: I'm sure that SQLAlchemy can handle this in a nicer way - instances = session.query(models.Instance).\ - filter_by(state=1).\ - filter_by(host=host).\ - all() - - result = [] - for instance in instances: - result.append(session.query(models.FixedIp).\ - filter_by(instance_id=instance['id']).\ - first()) + result = session.query(models.FixedIp).\ + join(models.FixedIp.instance).\ + filter_by(state=1).\ + filter_by(host=host).\ + all() if not result: raise exception.NotFound(_('No fixed ips for this host defined')) -- cgit From f72e5b618387a7b5a06f0e5b7e68af51c6667327 Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Sun, 27 Feb 2011 00:13:05 +0100 Subject: added listing of instances running on a specific host chronos:~ # nova-manage fixed list ares network IP address MAC address hostname host 192.168.3.0/24 192.168.3.6 02:16:3e:75:d7:9a i-00000c1c ares --- bin/nova-manage | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/bin/nova-manage b/bin/nova-manage index 2e4e091cf..12ccfa0e9 100755 --- a/bin/nova-manage +++ b/bin/nova-manage @@ -639,7 +639,13 @@ class InstanceCommands(object): _('index') ) - for instance in db.instance_get_all(context.get_admin_context()): + if host == None: + instances = db.instance_get_all(context.get_admin_context()) + else: + instances = db.instance_get_all_by_host( + context.get_admin_context(), host) + + for instance in instances: print "%-10s %-15s %-10s %-10s %-19s %-12s %-12s %-12s" \ " %-10s %-10s %-10s %-5d" % ( instance['hostname'], -- cgit From 67a8d635af0a64ad220b163c00b96eadf7daf93f Mon Sep 17 00:00:00 2001 From: Soren Hansen Date: Fri, 11 Mar 2011 09:54:08 +0100 Subject: Make Authors check account for tests being run with different os.getcwd() depending on how they're run. Add missing people to Authors. --- .mailmap | 1 + Authors | 1 + nova/tests/test_misc.py | 12 +++++++----- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.mailmap b/.mailmap index ed4404ad5..ccf2109a7 100644 --- a/.mailmap +++ b/.mailmap @@ -28,6 +28,7 @@ + diff --git a/Authors b/Authors index 7993955e2..4ee0643cf 100644 --- a/Authors +++ b/Authors @@ -19,6 +19,7 @@ Devin Carlen Ed Leafe Eldar Nugaev Eric Day +Eric Windisch Ewan Mellor Hisaharu Ishii Hisaki Ohara diff --git a/nova/tests/test_misc.py b/nova/tests/test_misc.py index a658e4978..1fbaf304f 100644 --- a/nova/tests/test_misc.py +++ b/nova/tests/test_misc.py @@ -24,18 +24,19 @@ from nova.utils import parse_mailmap, str_dict_replace, synchronized class ProjectTestCase(test.TestCase): def test_authors_up_to_date(self): - if os.path.exists('.bzr'): + topdir = os.path.normpath(os.path.dirname(__file__) + '/../../') + if os.path.exists(os.path.join(topdir, '.bzr')): contributors = set() - mailmap = parse_mailmap('.mailmap') + mailmap = parse_mailmap(os.path.join(topdir, '.mailmap')) import bzrlib.workingtree - tree = bzrlib.workingtree.WorkingTree.open('.') + tree = bzrlib.workingtree.WorkingTree.open(topdir) tree.lock_read() try: parents = tree.get_parent_ids() g = tree.branch.repository.get_graph() - for p in parents[1:]: + for p in parents: rev_ids = [r for r, _ in g.iter_ancestry(parents) if r != "null:"] revs = tree.branch.repository.get_revisions(rev_ids) @@ -44,7 +45,8 @@ class ProjectTestCase(test.TestCase): email = author.split(' ')[-1] contributors.add(str_dict_replace(email, mailmap)) - authors_file = open('Authors', 'r').read() + authors_file = open(os.path.join(topdir, 'Authors'), + 'r').read() missing = set() for contributor in contributors: -- cgit From be9734b03bce871d32e21da2ba341dfa42aa020a Mon Sep 17 00:00:00 2001 From: Brian Lamar Date: Fri, 11 Mar 2011 17:19:14 -0500 Subject: Fixed lp732866 by catching relevant `exception.NotFound` exception. Tests did not uncover this vulnerability due to "incorrect" FakeAuthManager. I say "incorrect" because potentially different implementations (LDAP or Database driven) of AuthManager might return different errors from `get_user_from_access_key`. Also, removed all references to 'bacon', 'ham', 'herp', and 'derp' and replaced them with hopefully more helpful terms. --- nova/api/openstack/auth.py | 6 +++- nova/tests/api/openstack/fakes.py | 5 +++- nova/tests/api/openstack/test_auth.py | 56 +++++++++++++++++++++-------------- 3 files changed, 43 insertions(+), 24 deletions(-) diff --git a/nova/api/openstack/auth.py b/nova/api/openstack/auth.py index 4c6b58eff..f3a9bdeca 100644 --- a/nova/api/openstack/auth.py +++ b/nova/api/openstack/auth.py @@ -135,7 +135,11 @@ class AuthMiddleware(wsgi.Middleware): req - wsgi.Request object """ ctxt = context.get_admin_context() - user = self.auth.get_user_from_access_key(key) + + try: + user = self.auth.get_user_from_access_key(key) + except exception.NotFound: + user = None if user and user.name == username: token_hash = hashlib.sha1('%s%s%f' % (username, key, diff --git a/nova/tests/api/openstack/fakes.py b/nova/tests/api/openstack/fakes.py index e50d11a3d..7cb974bb2 100644 --- a/nova/tests/api/openstack/fakes.py +++ b/nova/tests/api/openstack/fakes.py @@ -321,7 +321,10 @@ class FakeAuthManager(object): (user.id == p.project_manager_id)] def get_user_from_access_key(self, key): - return FakeAuthManager.auth_data.get(key, None) + try: + return FakeAuthManager.auth_data[key] + except KeyError: + raise exc.NotFound class FakeRateLimiter(object): diff --git a/nova/tests/api/openstack/test_auth.py b/nova/tests/api/openstack/test_auth.py index aaaa4e415..d1b3c0e10 100644 --- a/nova/tests/api/openstack/test_auth.py +++ b/nova/tests/api/openstack/test_auth.py @@ -51,11 +51,12 @@ class Test(test.TestCase): def test_authorize_user(self): f = fakes.FakeAuthManager() - f.add_user('derp', nova.auth.manager.User(1, 'herp', None, None, None)) + f.add_user('user1_key', + nova.auth.manager.User(1, 'user1', None, None, None)) req = webob.Request.blank('/v1.0/') - req.headers['X-Auth-User'] = 'herp' - req.headers['X-Auth-Key'] = 'derp' + req.headers['X-Auth-User'] = 'user1' + req.headers['X-Auth-Key'] = 'user1_key' result = req.get_response(fakes.wsgi_app()) self.assertEqual(result.status, '204 No Content') self.assertEqual(len(result.headers['X-Auth-Token']), 40) @@ -65,13 +66,13 @@ class Test(test.TestCase): def test_authorize_token(self): f = fakes.FakeAuthManager() - u = nova.auth.manager.User(1, 'herp', None, None, None) - f.add_user('derp', u) - f.create_project('test', u) + u = nova.auth.manager.User(1, 'user1', None, None, None) + f.add_user('user1_key', u) + f.create_project('user1_project', u) req = webob.Request.blank('/v1.0/', {'HTTP_HOST': 'foo'}) - req.headers['X-Auth-User'] = 'herp' - req.headers['X-Auth-Key'] = 'derp' + req.headers['X-Auth-User'] = 'user1' + req.headers['X-Auth-Key'] = 'user1_key' result = req.get_response(fakes.wsgi_app()) self.assertEqual(result.status, '204 No Content') self.assertEqual(len(result.headers['X-Auth-Token']), 40) @@ -92,7 +93,7 @@ class Test(test.TestCase): def test_token_expiry(self): self.destroy_called = False - token_hash = 'bacon' + token_hash = 'token_hash' def destroy_token_mock(meh, context, token): self.destroy_called = True @@ -109,15 +110,26 @@ class Test(test.TestCase): bad_token) req = webob.Request.blank('/v1.0/') - req.headers['X-Auth-Token'] = 'bacon' + req.headers['X-Auth-Token'] = 'token_hash' result = req.get_response(fakes.wsgi_app()) self.assertEqual(result.status, '401 Unauthorized') self.assertEqual(self.destroy_called, True) - def test_bad_user(self): + def test_bad_user_bad_key(self): + req = webob.Request.blank('/v1.0/') + req.headers['X-Auth-User'] = 'unknown_user' + req.headers['X-Auth-Key'] = 'unknown_user_key' + result = req.get_response(fakes.wsgi_app()) + self.assertEqual(result.status, '401 Unauthorized') + + def test_bad_user_good_key(self): + f = fakes.FakeAuthManager() + u = nova.auth.manager.User(1, 'user1', None, None, None) + f.add_user('user1_key', u) + req = webob.Request.blank('/v1.0/') - req.headers['X-Auth-User'] = 'herp' - req.headers['X-Auth-Key'] = 'derp' + req.headers['X-Auth-User'] = 'unknown_user' + req.headers['X-Auth-Key'] = 'user1_key' result = req.get_response(fakes.wsgi_app()) self.assertEqual(result.status, '401 Unauthorized') @@ -128,7 +140,7 @@ class Test(test.TestCase): def test_bad_token(self): req = webob.Request.blank('/v1.0/') - req.headers['X-Auth-Token'] = 'baconbaconbacon' + req.headers['X-Auth-Token'] = 'unknown_token' result = req.get_response(fakes.wsgi_app()) self.assertEqual(result.status, '401 Unauthorized') @@ -137,11 +149,11 @@ class TestFunctional(test.TestCase): def test_token_expiry(self): ctx = context.get_admin_context() tok = db.auth_token_create(ctx, dict( - token_hash='bacon', + token_hash='test_token_hash', cdn_management_url='', server_management_url='', storage_url='', - user_id='ham', + user_id='user1', )) db.auth_token_update(ctx, tok.token_hash, dict( @@ -149,13 +161,13 @@ class TestFunctional(test.TestCase): )) req = webob.Request.blank('/v1.0/') - req.headers['X-Auth-Token'] = 'bacon' + req.headers['X-Auth-Token'] = 'test_token_hash' result = req.get_response(fakes.wsgi_app()) self.assertEqual(result.status, '401 Unauthorized') def test_token_doesnotexist(self): req = webob.Request.blank('/v1.0/') - req.headers['X-Auth-Token'] = 'ham' + req.headers['X-Auth-Token'] = 'nonexistant_token_hash' result = req.get_response(fakes.wsgi_app()) self.assertEqual(result.status, '401 Unauthorized') @@ -178,13 +190,13 @@ class TestLimiter(test.TestCase): def test_authorize_token(self): f = fakes.FakeAuthManager() - u = nova.auth.manager.User(1, 'herp', None, None, None) - f.add_user('derp', u) + u = nova.auth.manager.User(1, 'user1', None, None, None) + f.add_user('user1_key', u) f.create_project('test', u) req = webob.Request.blank('/v1.0/') - req.headers['X-Auth-User'] = 'herp' - req.headers['X-Auth-Key'] = 'derp' + req.headers['X-Auth-User'] = 'user1' + req.headers['X-Auth-Key'] = 'user1_key' result = req.get_response(fakes.wsgi_app()) self.assertEqual(len(result.headers['X-Auth-Token']), 40) -- cgit From 909b72faa77ba0a2bc787309b95fdfae9bb9ca01 Mon Sep 17 00:00:00 2001 From: Brian Lamar Date: Fri, 11 Mar 2011 17:41:10 -0500 Subject: Removed EOL whitespace in accordance with PEP-8. --- nova/tests/api/openstack/test_auth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nova/tests/api/openstack/test_auth.py b/nova/tests/api/openstack/test_auth.py index d1b3c0e10..0448ed701 100644 --- a/nova/tests/api/openstack/test_auth.py +++ b/nova/tests/api/openstack/test_auth.py @@ -51,7 +51,7 @@ class Test(test.TestCase): def test_authorize_user(self): f = fakes.FakeAuthManager() - f.add_user('user1_key', + f.add_user('user1_key', nova.auth.manager.User(1, 'user1', None, None, None)) req = webob.Request.blank('/v1.0/') -- cgit From 62d7d521273e19d8e700ab301be38830576efa3b Mon Sep 17 00:00:00 2001 From: Ken Pepple Date: Mon, 14 Mar 2011 11:27:21 -0700 Subject: small typo in nova-manage vm live-migration --- bin/nova-manage | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/nova-manage b/bin/nova-manage index 1eb4e5418..2b42dfff5 100755 --- a/bin/nova-manage +++ b/bin/nova-manage @@ -572,7 +572,7 @@ class VmCommands(object): """ ctxt = context.get_admin_context() - instance_id = ec2_id_to_id(ec2_id) + instance_id = ec2utils.ec2_id_to_id(ec2_id) if FLAGS.connection_type != 'libvirt': msg = _('Only KVM is supported for now. Sorry!') -- cgit From 408a2591d60f5d238e60e4be9197ccc7262f2406 Mon Sep 17 00:00:00 2001 From: Josh Kearney Date: Mon, 14 Mar 2011 16:21:33 -0500 Subject: PEP8 cleanup --- nova/tests/db/fakes.py | 4 ++-- nova/tests/test_xenapi.py | 11 +++++------ nova/virt/xenapi/vm_utils.py | 3 +-- 3 files changed, 8 insertions(+), 10 deletions(-) diff --git a/nova/tests/db/fakes.py b/nova/tests/db/fakes.py index 142f6b1c6..5e9a3aa3b 100644 --- a/nova/tests/db/fakes.py +++ b/nova/tests/db/fakes.py @@ -77,8 +77,8 @@ def stub_out_db_instance_api(stubs): 'mac_address': values['mac_address'], 'vcpus': type_data['vcpus'], 'local_gb': type_data['local_gb'], - 'os_type': values['os_type'] - } + 'os_type': values['os_type']} + return FakeModel(base_options) def fake_network_get_by_instance(context, instance_id): diff --git a/nova/tests/test_xenapi.py b/nova/tests/test_xenapi.py index cd125a301..8b0affd5c 100644 --- a/nova/tests/test_xenapi.py +++ b/nova/tests/test_xenapi.py @@ -78,8 +78,7 @@ class XenAPIVolumeTestCase(test.TestCase): 'ramdisk_id': 3, 'instance_type': 'm1.large', 'mac_address': 'aa:bb:cc:dd:ee:ff', - 'os_type': 'linux' - } + 'os_type': 'linux'} def _create_volume(self, size='0'): """Create a volume object.""" @@ -315,8 +314,8 @@ class XenAPIVMTestCase(test.TestCase): 'ramdisk_id': ramdisk_id, 'instance_type': instance_type, 'mac_address': 'aa:bb:cc:dd:ee:ff', - 'os_type': os_type - } + 'os_type': os_type} + conn = xenapi_conn.get_connection(False) instance = db.instance_create(values) conn.spawn(instance) @@ -440,8 +439,8 @@ class XenAPIMigrateInstance(test.TestCase): 'ramdisk_id': None, 'instance_type': 'm1.large', 'mac_address': 'aa:bb:cc:dd:ee:ff', - 'os_type': 'linux' - } + 'os_type': 'linux'} + stubs.stub_out_migration_methods(self.stubs) glance_stubs.stubout_glance_client(self.stubs, glance_stubs.FakeGlance) diff --git a/nova/virt/xenapi/vm_utils.py b/nova/virt/xenapi/vm_utils.py index f07b57796..763c5fe40 100644 --- a/nova/virt/xenapi/vm_utils.py +++ b/nova/virt/xenapi/vm_utils.py @@ -136,8 +136,7 @@ class VMHelper(HelperBase): 'VCPUs_at_startup': vcpus, 'VCPUs_max': vcpus, 'VCPUs_params': {}, - 'xenstore_data': {} - } + 'xenstore_data': {}} # Complete VM configuration record according to the image type # non-raw/raw with PV kernel/raw in HVM mode -- cgit From 7c6aa5eb302637dde0d800f7155235858bbabbeb Mon Sep 17 00:00:00 2001 From: Justin Santa Barbara Date: Mon, 14 Mar 2011 14:32:15 -0700 Subject: Removed duplicated test, renamed same-named (but non-identical) tests --- nova/tests/test_compute.py | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/nova/tests/test_compute.py b/nova/tests/test_compute.py index e486050be..14559d1dc 100644 --- a/nova/tests/test_compute.py +++ b/nova/tests/test_compute.py @@ -115,7 +115,7 @@ class ComputeTestCase(test.TestCase): finally: db.instance_destroy(self.context, ref[0]['id']) - def test_create_instance_associates_security_groups(self): + def test_create_instance_associates_security_groups_1(self): """Make sure create associates security groups""" group = self._create_group() instance_ref = models.Instance() @@ -124,18 +124,7 @@ class ComputeTestCase(test.TestCase): instance_ref['hostname'] = 'i-00000001' return instance_ref - def test_create_instance_defaults_display_name(self): - """Verify that an instance cannot be created without a display_name.""" - cases = [dict(), dict(display_name=None)] - for instance in cases: - ref = self.compute_api.create(self.context, - FLAGS.default_instance_type, None, **instance) - try: - self.assertNotEqual(ref[0]['display_name'], None) - finally: - db.instance_destroy(self.context, ref[0]['id']) - - def test_create_instance_associates_security_groups(self): + def test_create_instance_associates_security_groups_2(self): """Make sure create associates security groups""" group = self._create_group() ref = self.compute_api.create( -- cgit From 567e3bc3a7e66896482d83420190a7c4a8df1e5a Mon Sep 17 00:00:00 2001 From: Justin Santa Barbara Date: Mon, 14 Mar 2011 15:17:00 -0700 Subject: So the first of those tests doesn't pass. Removing as it looks like it was meant to be deleted. --- nova/tests/test_compute.py | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/nova/tests/test_compute.py b/nova/tests/test_compute.py index 14559d1dc..3651f4cef 100644 --- a/nova/tests/test_compute.py +++ b/nova/tests/test_compute.py @@ -115,16 +115,7 @@ class ComputeTestCase(test.TestCase): finally: db.instance_destroy(self.context, ref[0]['id']) - def test_create_instance_associates_security_groups_1(self): - """Make sure create associates security groups""" - group = self._create_group() - instance_ref = models.Instance() - instance_ref['id'] = 1 - instance_ref['volumes'] = [{'id': 1}, {'id': 2}] - instance_ref['hostname'] = 'i-00000001' - return instance_ref - - def test_create_instance_associates_security_groups_2(self): + def test_create_instance_associates_security_groups(self): """Make sure create associates security groups""" group = self._create_group() ref = self.compute_api.create( -- cgit From da605eb84f7d5de741225ff936447db01690a04f Mon Sep 17 00:00:00 2001 From: Justin Santa Barbara Date: Mon, 14 Mar 2011 20:48:33 -0700 Subject: Don't generate insecure passwords where it's easy to use urandom instead --- nova/console/manager.py | 2 +- nova/console/xvp.py | 4 ---- nova/utils.py | 15 ++++++++++----- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/nova/console/manager.py b/nova/console/manager.py index 57c75cf4f..bfa571ea9 100644 --- a/nova/console/manager.py +++ b/nova/console/manager.py @@ -69,7 +69,7 @@ class ConsoleProxyManager(manager.Manager): except exception.NotFound: logging.debug(_("Adding console")) if not password: - password = self.driver.generate_password() + password = utils.generate_password(8) if not port: port = self.driver.get_port(context) console_data = {'instance_name': name, diff --git a/nova/console/xvp.py b/nova/console/xvp.py index 68d8c8565..0cedfbb13 100644 --- a/nova/console/xvp.py +++ b/nova/console/xvp.py @@ -91,10 +91,6 @@ class XVPConsoleProxy(object): """Trim password to length, and encode""" return self._xvp_encrypt(password) - def generate_password(self, length=8): - """Returns random console password""" - return os.urandom(length * 2).encode('base64')[:length] - def _rebuild_xvp_conf(self, context): logging.debug(_("Rebuilding xvp conf")) pools = [pool for pool in diff --git a/nova/utils.py b/nova/utils.py index 87e726394..9c8b27d56 100644 --- a/nova/utils.py +++ b/nova/utils.py @@ -263,12 +263,17 @@ def generate_mac(): def generate_password(length=20): - """Generate a random sequence of letters and digits - to be used as a password. Note that this is not intended - to represent the ultimate in security. + """Generate a random alphanumeric password, avoiding 'confusing' O,0,I,1. + + Believed to be reasonably secure (with a reasonable password length!) """ - chrs = string.letters + string.digits - return "".join([random.choice(chrs) for i in xrange(length)]) + # 26 letters, 10 digits = 36 + # Remove O, 0, I, 1 => 32 digits + # 32 digits means we're just using the low 5 bit of each byte + chrs = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789" + + random_bytes = os.urandom(length) + return "".join([chrs[ord(random_bytes[i]) % 32] for i in xrange(length)]) def last_octet(address): -- cgit From 3d0cde272e3227978c5875c811c93e1e3df692ed Mon Sep 17 00:00:00 2001 From: Justin Santa Barbara Date: Mon, 14 Mar 2011 21:01:48 -0700 Subject: Clarify the logic in using 32 symbols --- nova/utils.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/nova/utils.py b/nova/utils.py index 9c8b27d56..0510c3cbe 100644 --- a/nova/utils.py +++ b/nova/utils.py @@ -267,9 +267,10 @@ def generate_password(length=20): Believed to be reasonably secure (with a reasonable password length!) """ - # 26 letters, 10 digits = 36 - # Remove O, 0, I, 1 => 32 digits - # 32 digits means we're just using the low 5 bit of each byte + # 26 letters, 10 digits = 36 choices + # Remove O, 0, I, 1 => 32 choices + # 32 choices means we're just using the low 5 bit of each byte, + # so there's no bias introduced by using a modulo chrs = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789" random_bytes = os.urandom(length) -- cgit From 22aad6700124411aceed0b2bd3953cbbc48b6130 Mon Sep 17 00:00:00 2001 From: Justin Santa Barbara Date: Tue, 15 Mar 2011 11:24:07 -0700 Subject: Use random.SystemRandom for easy secure randoms, configurable symbol set by default including mixed-case --- nova/utils.py | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/nova/utils.py b/nova/utils.py index 0510c3cbe..199ee8701 100644 --- a/nova/utils.py +++ b/nova/utils.py @@ -262,19 +262,25 @@ def generate_mac(): return ':'.join(map(lambda x: "%02x" % x, mac)) -def generate_password(length=20): - """Generate a random alphanumeric password, avoiding 'confusing' O,0,I,1. +# Default symbols to use for passwords. Avoids visually confusing characters. +# ~6 bits per symbol +DEFAULT_PASSWORD_SYMBOLS = ("23456789" # Removed: 0,1 + "ABCDEFGHJKLMNPQRSTUVWXYZ" # Removed: I, O + "abcdefghijkmnopqrstuvwxyz") # Removed: l + + +# ~5 bits per symbol +EASIER_PASSWORD_SYMBOLS = ("23456789" # Removed: 0, 1 + "ABCDEFGHJKLMNPQRSTUVWXYZ") # Removed: I, O + + +def generate_password(length=20, symbols=DEFAULT_PASSWORD_SYMBOLS): + """Generate a random password from the supplied symbols. Believed to be reasonably secure (with a reasonable password length!) """ - # 26 letters, 10 digits = 36 choices - # Remove O, 0, I, 1 => 32 choices - # 32 choices means we're just using the low 5 bit of each byte, - # so there's no bias introduced by using a modulo - chrs = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789" - - random_bytes = os.urandom(length) - return "".join([chrs[ord(random_bytes[i]) % 32] for i in xrange(length)]) + r = random.SystemRandom() + return "".join([r.choice(symbols) for _i in xrange(length)]) def last_octet(address): -- cgit From 8b3e35b157c688fd38d5aa0eb10ddef33653003d Mon Sep 17 00:00:00 2001 From: Christian Berendt Date: Wed, 16 Mar 2011 10:29:04 +0100 Subject: fixed pep8 errors (with version 0.5.0) --- bin/nova-manage | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/bin/nova-manage b/bin/nova-manage index 44b1d9ac6..c38e25d6b 100755 --- a/bin/nova-manage +++ b/bin/nova-manage @@ -739,8 +739,7 @@ class InstanceCommands(object): _('project'), _('user'), _('zone'), - _('index') - ) + _('index')) if host == None: instances = db.instance_get_all(context.get_admin_context()) @@ -762,8 +761,7 @@ class InstanceCommands(object): instance['project_id'], instance['user_id'], instance['availability_zone'], - instance['launch_index'] - ) + instance['launch_index']) class VolumeCommands(object): @@ -1053,8 +1051,7 @@ CATEGORIES = [ ('instance_type', InstanceTypeCommands), ('image', ImageCommands), ('flavor', InstanceTypeCommands), - ('instance', InstanceCommands) -] + ('instance', InstanceCommands)] def lazy_match(name, key_value_tuples): -- cgit From 016669543a1f6d4ffc281637ba98c6b6fe30be82 Mon Sep 17 00:00:00 2001 From: Thierry Carrez Date: Wed, 16 Mar 2011 10:38:48 +0100 Subject: Fix unknown exception error in euca-get-ajax-console --- nova/virt/libvirt_conn.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nova/virt/libvirt_conn.py b/nova/virt/libvirt_conn.py index 7994e9547..d7bdc3faa 100644 --- a/nova/virt/libvirt_conn.py +++ b/nova/virt/libvirt_conn.py @@ -502,7 +502,7 @@ class LibvirtConnection(object): cmd = 'netcat', '0.0.0.0', port, '-w', '1' try: stdout, stderr = utils.execute(*cmd, process_input='') - except ProcessExecutionError: + except exception.ProcessExecutionError: return port raise Exception(_('Unable to find an open port')) -- cgit