diff options
Diffstat (limited to 'ironic/conductor')
| -rw-r--r-- | ironic/conductor/deployments.py | 20 | ||||
| -rw-r--r-- | ironic/conductor/manager.py | 4 | ||||
| -rw-r--r-- | ironic/conductor/rpcapi.py | 1 | ||||
| -rw-r--r-- | ironic/conductor/utils.py | 24 |
4 files changed, 48 insertions, 1 deletions
diff --git a/ironic/conductor/deployments.py b/ironic/conductor/deployments.py index 3b72dcb03..7e2c4e489 100644 --- a/ironic/conductor/deployments.py +++ b/ironic/conductor/deployments.py @@ -83,6 +83,26 @@ def start_deploy(task, manager, configdrive=None, event='deploy', instance_info.pop('kernel', None) instance_info.pop('ramdisk', None) node.instance_info = instance_info + elif CONF.conductor.automatic_lessee: + # This should only be on deploy... + project = utils.get_token_project_from_request(task.context) + if (project and node.lessee is None): + LOG.debug('Adding lessee $(project)s to node %(uuid)s.', + {'project': project, + 'uuid': node.uuid}) + node.set_driver_internal_info('automatic_lessee', True) + node.lessee = project + elif project and node.lessee is not None: + # Since the model is a bit of a matrix and we're largely + # just empowering operators, lets at least log a warning + # since they may need to remedy something here. Or maybe + # not. + LOG.warning('Could not automatically save lessee ' + '$(project)s to node %(uuid)s. Node already ' + 'has a defined lessee of %(lessee)s.', + {'project': project, + 'uuid': node.uuid, + 'lessee': node.lessee}) # Infer the image type to make sure the deploy driver # validates only the necessary variables for different diff --git a/ironic/conductor/manager.py b/ironic/conductor/manager.py index 7f6470e38..1b15f7856 100644 --- a/ironic/conductor/manager.py +++ b/ironic/conductor/manager.py @@ -1097,6 +1097,10 @@ class ConductorManager(base_manager.BaseConductorManager): node.del_driver_internal_info('root_uuid_or_disk_id') node.del_driver_internal_info('is_whole_disk_image') node.del_driver_internal_info('deploy_boot_mode') + if node.driver_internal_info.get('automatic_lessee'): + # Remove lessee, as it was automatically added + node.lessee = None + node.del_driver_internal_info('automatic_lessee') network.remove_vifs_from_node(task) node.save() if node.allocation_id: diff --git a/ironic/conductor/rpcapi.py b/ironic/conductor/rpcapi.py index 21139e60d..47ef4c6c9 100644 --- a/ironic/conductor/rpcapi.py +++ b/ironic/conductor/rpcapi.py @@ -547,7 +547,6 @@ class ConductorAPI(object): if deploy_steps: version = '1.52' new_kws['deploy_steps'] = deploy_steps - cctxt = self._prepare_call(topic=topic, version=version) return cctxt.call(context, 'do_node_deploy', node_id=node_id, rebuild=rebuild, configdrive=configdrive, **new_kws) diff --git a/ironic/conductor/utils.py b/ironic/conductor/utils.py index aeb067a7a..d3da64f0e 100644 --- a/ironic/conductor/utils.py +++ b/ironic/conductor/utils.py @@ -1692,3 +1692,27 @@ def exclude_current_conductor(current_conductor, offline_conductors): current_conductor) return [x for x in offline_conductors if x != current_conductor] + + +def get_token_project_from_request(ctx): + """Identifies the request originator project via keystone token details. + + This method evaluates the ``auth_token_info`` field, which is used to + pass information returned from keystone as a token's + verification. This information is based upon the actual, original + requestor context provided ``auth_token``. + + When a service, such as Nova proxies a request, the request provided + auth token value is intended to be from the original user. + + :returns: The project ID value. + """ + + try: + if ctx.auth_token_info: + project = ctx.auth_token_info.get('token', {}).get('project', {}) + if project: + return project.get('id') + except AttributeError: + LOG.warning('Attempted to identify requestor project ID value, ' + 'however we were unable to do so. Possible older API?') |