https://www.digitalocean.com/community/questions/how-enforce-an-updated-policy-in-etc-nova-policy-json
https://ask.openstack.org/en/question/96797/how-enforce-and-apply-an-updated-policy-in-etcnovapolicyjson/ from keystoneclient.v2_0.client import Client import os import csv import sys import logging import time from nova import db from nova import config from nova import context import novaclient.v1_1.client as nvclient from keystoneauth1 import loading from keystoneauth1 import session #from novaclient import nvclient import urllib3 from os import environ as env from nova import policy def get_nova_credentials_v2(): d = {} d['version'] = '2' d['username'] = os.environ['OS_USERNAME'] d['password'] = os.environ['OS_PASSWORD'] d['auth_url'] = os.environ['OS_AUTH_URL'] d['tenant_name'] = os.environ['OS_TENANT_NAME'] d['insecure'] = 'True' #d['os_cacert'] = os.environ['OS_CACERT'] return d # set up logging to file - see previous section for more details logging.basicConfig(level=logging.DEBUG, format='%(asctime)s %(name)-12s %(levelname)-8s %(message)s', datefmt='%m-%d %H:%M', filename='/home/martin/createprojectanduser'+time.strftime("%d-%m-%y-%H-%M-%S")+'.log', filemode='w') # define a Handler which writes INFO messages or higher to the sys.stderr console = logging.StreamHandler() console.setLevel(logging.INFO) # set a format which is simpler for console use formatter = logging.Formatter('%(name)-12s: %(levelname)-8s %(message)s') # tell the handler to use this format console.setFormatter(formatter) # add the handler to the root logger logging.getLogger('').addHandler(console) credentials = get_nova_credentials_v2() keystone_client = Client(**credentials) tenants = keystone_client.tenants.list() rolelist = keystone_client.roles.list() userlist = keystone_client.users.list() my_admin = [x for x in rolelist if x.name=="admin"][0] my_member = [x for x in rolelist if x.name=="_member_"][0] my_admin_user = [x for x in userlist if x.name=="admin"][0] my_tenant = [x for x in tenants if x.name=="CoinMarkets"][0] #nc = nvclient.Client(None, None, None, auth_url=os.environ['OS_AUTH_URL'], tenant_id=my_tenant.id, auth_token=keystone_client.auth_token, insecure='True') my_tenant = [x for x in tenants if x.name=="MEDULLA"][0] #loader = loading.get_plugin_loader('password') #auth = loader.load_from_options(auth_url=os.environ['OS_AUTH_URL'],username=" he...@gmail.com",password="8_hrRfsa",project_id=my_tenant.id) #sess = session.Session(auth=auth) #nc = nvclient.Client("1.1", session=sess) #nc = nvclient.Client(None, None, None, auth_url=os.environ['OS_AUTH_URL'], tenant_id=my_tenant.id, auth_token=keystone_client.auth_token) #nc = nvclient.Client("he...@gmail.com", "8_hrRfsa", my_tenant.id, os.environ['OS_AUTH_URL'], insecure='True') #,region_name=os.environ['OS_REGION_NAME'] #nc = nvclient.Client(auth_url=os.environ['OS_AUTH_URL'],username=" he...@gmail.com",api_key="8_hrRfsa",project_id=my_tenant.id ,cacert=os.environ['OS_CACERT']) auth_system = env.get('OS_AUTH_SYSTEM', 'keystone') if auth_system != "keystone": print("here") auth_plugin = novaclient.auth_plugin.load_plugin(auth_system) else: auth_plugin = None #nc = nvclient.Client(auth_url=env['OS_AUTH_URL'],username=env['OS_USERNAME'],api_key=env['OS_PASSWORD'],project_id=env['OS_TENANT_NAME'],region_name=env['OS_REGION_NAME'],auth_system=auth_system,auth_plugin=auth_plugin) #,region_name=env['OS_REGION_NAME'] #nc.authenticate() nc = nvclient.Client(auth_url=os.environ['OS_AUTH_URL'],username=" he...@gmail.com ",api_key="8_hrRfsa",project_id="MEDULLA",auth_system=auth_system,auth_plugin=auth_plugin,cacert=os.environ['OS_CACERT']) server_policies = [("compute_extension:quotas:update", ""),] policy_engine = policy.get_rules() policy.enforce('compute_extension:quotas:update', policy_engine, nc) >>> policy_engine = policy.get_rules() >>> policy.enforce('compute_extension:quotas:update', policy_engine, nc) Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python2.7/dist-packages/nova/policy.py", line 92, in enforce init() File "/usr/lib/python2.7/dist-packages/nova/policy.py", line 58, in init _POLICY_PATH = CONF.find_file(_POLICY_PATH) File "/usr/lib/python2.7/dist-packages/oslo/config/cfg.py", line 1908, in find_file if self.config_dir: File "/usr/lib/python2.7/dist-packages/oslo/config/cfg.py", line 1648, in __getattr__ raise NoSuchOptError(name) oslo.config.cfg.NoSuchOptError: no such option: config_dir >>>
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
