From e14f524eb92ae07704a2ec7dac0f97c60940a6ab Mon Sep 17 00:00:00 2001 From: Mark Washenberger Date: Thu, 3 Mar 2011 17:49:41 -0500 Subject: enforce personality quotas --- nova/compute/api.py | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'nova/compute') diff --git a/nova/compute/api.py b/nova/compute/api.py index 625778b66..44e583cd4 100644 --- a/nova/compute/api.py +++ b/nova/compute/api.py @@ -80,6 +80,26 @@ class API(base.Base): topic, {"method": "get_network_topic", "args": {'fake': 1}}) + def _check_personality_file_quota(self, context, personality_files): + limit = quota.allowed_personality_files(context) + if len(personality_files) > limit: + raise quota.QuotaError(_("Personality limit exceeded. You can " + "only have %d personalities when " + "creating an instance.") % limit, + "PersonalityLimitExceeded") + path_limit = quota.allowed_personality_path_bytes(context) + content_limit = quota.allowed_personality_content_bytes(context) + for path, content in personality_files: + if len(path) > path_limit: + raise quota.QuotaError( + _("Personality file path limit exceeded."), + "PersonalityLimitExceeded") + if len(content) > content_limit: + raise quota.QuotaError( + _("Personality file content limit exceeded."), + "PersonalityLimitExceeded") + return personality_files + def create(self, context, instance_type, image_id, kernel_id=None, ramdisk_id=None, min_count=1, max_count=1, @@ -124,6 +144,10 @@ class API(base.Base): LOG.warn(msg) raise quota.QuotaError(msg, "MetadataLimitExceeded") + if onset_files is not None: + onset_files = \ + self._check_personality_file_quota(context, onset_files) + image = self.image_service.show(context, image_id) if kernel_id is None: kernel_id = image.get('kernel_id', None) -- cgit From 5ae13551990be67e3509ddcd10d1872a91634d83 Mon Sep 17 00:00:00 2001 From: Mark Washenberger Date: Thu, 3 Mar 2011 18:27:57 -0500 Subject: rename onset_files to personality_files all the way down to compute manager --- nova/compute/api.py | 10 +++++----- nova/compute/manager.py | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'nova/compute') diff --git a/nova/compute/api.py b/nova/compute/api.py index 44e583cd4..13938dcde 100644 --- a/nova/compute/api.py +++ b/nova/compute/api.py @@ -106,7 +106,7 @@ class API(base.Base): display_name='', display_description='', key_name=None, key_data=None, security_group='default', availability_zone=None, user_data=None, metadata=[], - onset_files=None): + personality_files=None): """Create the number of instances requested if quota and other arguments check out ok. """ @@ -144,9 +144,9 @@ class API(base.Base): LOG.warn(msg) raise quota.QuotaError(msg, "MetadataLimitExceeded") - if onset_files is not None: - onset_files = \ - self._check_personality_file_quota(context, onset_files) + if personality_files is not None: + personality_files = \ + self._check_personality_file_quota(context, personality_files) image = self.image_service.show(context, image_id) if kernel_id is None: @@ -242,7 +242,7 @@ class API(base.Base): "args": {"topic": FLAGS.compute_topic, "instance_id": instance_id, "availability_zone": availability_zone, - "onset_files": onset_files}}) + "personality_files": personality_files}}) for group_id in security_groups: self.trigger_security_group_members_refresh(elevated, group_id) diff --git a/nova/compute/manager.py b/nova/compute/manager.py index d659712ad..1a392dda8 100644 --- a/nova/compute/manager.py +++ b/nova/compute/manager.py @@ -174,7 +174,7 @@ class ComputeManager(manager.Manager): """Launch a new instance with specified options.""" context = context.elevated() instance_ref = self.db.instance_get(context, instance_id) - instance_ref.onset_files = kwargs.get('onset_files', []) + instance_ref.onset_files = kwargs.get('personality_files', []) if instance_ref['name'] in self.driver.list_instances(): raise exception.Error(_("Instance has already been created")) LOG.audit(_("instance %s: starting..."), instance_id, -- cgit From abd5779068f3b979fc79dec7a68549999c58092d Mon Sep 17 00:00:00 2001 From: Mark Washenberger Date: Fri, 4 Mar 2011 01:36:29 -0500 Subject: remove ensure_b64_encoding --- nova/compute/manager.py | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) (limited to 'nova/compute') diff --git a/nova/compute/manager.py b/nova/compute/manager.py index d915dc069..3a712fd97 100644 --- a/nova/compute/manager.py +++ b/nova/compute/manager.py @@ -34,7 +34,6 @@ terminating it. :func:`nova.utils.import_object` """ -import base64 import datetime import random import string @@ -353,15 +352,10 @@ class ComputeManager(manager.Manager): LOG.warn(_('trying to inject a file into a non-running ' 'instance: %(instance_id)s (state: %(instance_state)s ' 'expected: %(expected_state)s)') % locals()) - # Files/paths *should* be base64-encoded at this point, but - # double-check to make sure. - b64_path = utils.ensure_b64_encoding(path) - b64_contents = utils.ensure_b64_encoding(file_contents) - plain_path = base64.b64decode(b64_path) nm = instance_ref['name'] - msg = _('instance %(nm)s: injecting file to %(plain_path)s') % locals() + msg = _('instance %(nm)s: injecting file to %(path)s') % locals() LOG.audit(msg) - self.driver.inject_file(instance_ref, b64_path, b64_contents) + self.driver.inject_file(instance_ref, path, file_contents) @exception.wrap_exception @checks_instance_lock -- cgit From 616723fe4e7d52b0b8ddafda10fcfe07a87609c8 Mon Sep 17 00:00:00 2001 From: Mark Washenberger Date: Thu, 10 Mar 2011 14:53:13 -0500 Subject: add docstring --- nova/compute/api.py | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'nova/compute') diff --git a/nova/compute/api.py b/nova/compute/api.py index 2766ddc9c..efa051d10 100644 --- a/nova/compute/api.py +++ b/nova/compute/api.py @@ -81,6 +81,11 @@ class API(base.Base): {"method": "get_network_topic", "args": {'fake': 1}}) def _check_personality_file_quota(self, context, personality_files): + """ + Enforce quota limits on personality files + + Raises a QuotaError if any limit is exceeded + """ limit = quota.allowed_personality_files(context) if len(personality_files) > limit: raise quota.QuotaError(_("Personality limit exceeded. You can " -- cgit From c967679fa8144af57d79d89666ee29a0241d38a9 Mon Sep 17 00:00:00 2001 From: Mark Washenberger Date: Thu, 10 Mar 2011 17:36:41 -0500 Subject: switch to a more consistent usage of onset_files variable names --- nova/compute/api.py | 38 +++++++++++++++----------------------- nova/compute/manager.py | 2 +- 2 files changed, 16 insertions(+), 24 deletions(-) (limited to 'nova/compute') diff --git a/nova/compute/api.py b/nova/compute/api.py index b97cadf61..140bbb3aa 100644 --- a/nova/compute/api.py +++ b/nova/compute/api.py @@ -80,30 +80,23 @@ class API(base.Base): topic, {"method": "get_network_topic", "args": {'fake': 1}}) - def _check_personality_file_quota(self, context, personality_files): + def _check_onset_file_quota(self, context, onset_files): """ - Enforce quota limits on personality files + Enforce quota limits on onset files Raises a QuotaError if any limit is exceeded """ - limit = quota.allowed_personality_files(context) - if len(personality_files) > limit: - raise quota.QuotaError(_("Personality limit exceeded. You can " - "only have %d personalities when " - "creating an instance.") % limit, - "PersonalityLimitExceeded") - path_limit = quota.allowed_personality_path_bytes(context) - content_limit = quota.allowed_personality_content_bytes(context) - for path, content in personality_files: + limit = quota.allowed_onset_files(context) + if len(onset_files) > limit: + raise quota.QuotaError(code="OnsetFileLimitExceeded") + path_limit = quota.allowed_onset_file_path_bytes(context) + content_limit = quota.allowed_onset_file_content_bytes(context) + for path, content in onset_files: if len(path) > path_limit: - raise quota.QuotaError( - _("Personality file path limit exceeded."), - "PersonalityLimitExceeded") + raise quota.QuotaError(code="OnsetFilePathLimitExceeded") if len(content) > content_limit: - raise quota.QuotaError( - _("Personality file content limit exceeded."), - "PersonalityLimitExceeded") - return personality_files + raise quota.QuotaError(code="OnsetFileContentLimitExceeded") + return onset_files def create(self, context, instance_type, image_id, kernel_id=None, ramdisk_id=None, @@ -111,7 +104,7 @@ class API(base.Base): display_name='', display_description='', key_name=None, key_data=None, security_group='default', availability_zone=None, user_data=None, metadata=[], - personality_files=None): + onset_files=None): """Create the number of instances requested if quota and other arguments check out ok.""" @@ -149,9 +142,8 @@ class API(base.Base): LOG.warn(msg) raise quota.QuotaError(msg, "MetadataLimitExceeded") - if personality_files is not None: - personality_files = \ - self._check_personality_file_quota(context, personality_files) + if onset_files is not None: + onset_files = self._check_onset_file_quota(context, onset_files) image = self.image_service.show(context, image_id) if kernel_id is None: @@ -248,7 +240,7 @@ class API(base.Base): "args": {"topic": FLAGS.compute_topic, "instance_id": instance_id, "availability_zone": availability_zone, - "personality_files": personality_files}}) + "onset_files": onset_files}}) for group_id in security_groups: self.trigger_security_group_members_refresh(elevated, group_id) diff --git a/nova/compute/manager.py b/nova/compute/manager.py index d87290aae..601bb3084 100644 --- a/nova/compute/manager.py +++ b/nova/compute/manager.py @@ -173,7 +173,7 @@ class ComputeManager(manager.Manager): """Launch a new instance with specified options.""" context = context.elevated() instance_ref = self.db.instance_get(context, instance_id) - instance_ref.onset_files = kwargs.get('personality_files', []) + instance_ref.onset_files = kwargs.get('onset_files', []) if instance_ref['name'] in self.driver.list_instances(): raise exception.Error(_("Instance has already been created")) LOG.audit(_("instance %s: starting..."), instance_id, -- cgit From 1d69d499124317aa1a9cf7d4bc54db2ff0bc3be9 Mon Sep 17 00:00:00 2001 From: Mark Washenberger Date: Tue, 15 Mar 2011 14:33:45 -0400 Subject: refactor onset_files quota checking --- nova/compute/api.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'nova/compute') diff --git a/nova/compute/api.py b/nova/compute/api.py index b6ef889f6..c11059a28 100644 --- a/nova/compute/api.py +++ b/nova/compute/api.py @@ -86,6 +86,8 @@ class API(base.Base): Raises a QuotaError if any limit is exceeded """ + if onset_files is None: + return limit = quota.allowed_onset_files(context) if len(onset_files) > limit: raise quota.QuotaError(code="OnsetFileLimitExceeded") @@ -96,7 +98,6 @@ class API(base.Base): raise quota.QuotaError(code="OnsetFilePathLimitExceeded") if len(content) > content_limit: raise quota.QuotaError(code="OnsetFileContentLimitExceeded") - return onset_files def create(self, context, instance_type, image_id, kernel_id=None, ramdisk_id=None, @@ -142,8 +143,7 @@ class API(base.Base): LOG.warn(msg) raise quota.QuotaError(msg, "MetadataLimitExceeded") - if onset_files is not None: - onset_files = self._check_onset_file_quota(context, onset_files) + self._check_onset_file_quota(context, onset_files) image = self.image_service.show(context, image_id) -- cgit From e9ef6e04786a40d20f8022bec5d23d2e4503ce3a Mon Sep 17 00:00:00 2001 From: Mark Washenberger Date: Tue, 15 Mar 2011 17:56:00 -0400 Subject: s/onset_files/injected_files/g --- nova/compute/api.py | 22 +++++++++++----------- nova/compute/manager.py | 2 +- 2 files changed, 12 insertions(+), 12 deletions(-) (limited to 'nova/compute') diff --git a/nova/compute/api.py b/nova/compute/api.py index c11059a28..32577af82 100644 --- a/nova/compute/api.py +++ b/nova/compute/api.py @@ -80,20 +80,20 @@ class API(base.Base): topic, {"method": "get_network_topic", "args": {'fake': 1}}) - def _check_onset_file_quota(self, context, onset_files): + def _check_injected_file_quota(self, context, injected_files): """ - Enforce quota limits on onset files + Enforce quota limits on injected files Raises a QuotaError if any limit is exceeded """ - if onset_files is None: + if injected_files is None: return - limit = quota.allowed_onset_files(context) - if len(onset_files) > limit: + limit = quota.allowed_injected_files(context) + if len(injected_files) > limit: raise quota.QuotaError(code="OnsetFileLimitExceeded") - path_limit = quota.allowed_onset_file_path_bytes(context) - content_limit = quota.allowed_onset_file_content_bytes(context) - for path, content in onset_files: + path_limit = quota.allowed_injected_file_path_bytes(context) + content_limit = quota.allowed_injected_file_content_bytes(context) + for path, content in injected_files: if len(path) > path_limit: raise quota.QuotaError(code="OnsetFilePathLimitExceeded") if len(content) > content_limit: @@ -105,7 +105,7 @@ class API(base.Base): display_name='', display_description='', key_name=None, key_data=None, security_group='default', availability_zone=None, user_data=None, metadata=[], - onset_files=None): + injected_files=None): """Create the number of instances requested if quota and other arguments check out ok.""" @@ -143,7 +143,7 @@ class API(base.Base): LOG.warn(msg) raise quota.QuotaError(msg, "MetadataLimitExceeded") - self._check_onset_file_quota(context, onset_files) + self._check_injected_file_quota(context, injected_files) image = self.image_service.show(context, image_id) @@ -246,7 +246,7 @@ class API(base.Base): "args": {"topic": FLAGS.compute_topic, "instance_id": instance_id, "availability_zone": availability_zone, - "onset_files": onset_files}}) + "injected_files": injected_files}}) for group_id in security_groups: self.trigger_security_group_members_refresh(elevated, group_id) diff --git a/nova/compute/manager.py b/nova/compute/manager.py index 6bb169fa5..92deca813 100644 --- a/nova/compute/manager.py +++ b/nova/compute/manager.py @@ -179,7 +179,7 @@ class ComputeManager(manager.Manager): """Launch a new instance with specified options.""" context = context.elevated() instance_ref = self.db.instance_get(context, instance_id) - instance_ref.onset_files = kwargs.get('onset_files', []) + instance_ref.injected_files = kwargs.get('injected_files', []) if instance_ref['name'] in self.driver.list_instances(): raise exception.Error(_("Instance has already been created")) LOG.audit(_("instance %s: starting..."), instance_id, -- cgit