Fix various bugs and add "floating IP handler" to the OpenStack provider #301
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
"id" is a built-in function in Python, which caused this error to slip through the unit tests.
The original code was faulty, because the ex_find_or_import_keypair_by_key_material function returned a key pair object, and that object was placed in params['KeyName'], which was later expected to contain only the key name, not the key pair object. This fix places only the key name in params['KeyName'].
In Python 3, the original code didn't work, because base64key was a byte string, and it became a value in the `params` dictionary, but that needs strings as values.
| @@ -16,6 +16,10 @@ | |||
| import base64 | |||
| import hashlib | |||
|
|
|||
| from Crypto.Util.py3compat import bchr | |||
There was a problem hiding this comment.
paramiko (and pycrypto) is an optional dependency, but get_pubkey_openssh_fingerprint should also work without those libraries so we can't rely on bchr function from pycrypto.
There was a problem hiding this comment.
Is it OK if I add a bchr function to our py3 module?
In Python 3, the original code didn't work, because there is no `encode`
function for binaries:
(Python3.3)>>> [x.encode("hex") for x in b"abc"]
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "<stdin>", line 1, in <listcomp>
AttributeError: 'int' object has no attribute 'encode'
String do have an `encode` method, but it is a different function from the
`encode` in Python 2:
(Python3.3)>>> [x.encode("hex") for x in "abc"]
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "<stdin>", line 1, in <listcomp>
LookupError: unknown encoding: hex
So I added a "hexadigits" function to our compatibility module (py3) and used
that in _to_md5_fingerprint.
In Python 3, the original code didn't work, because there we cannot concatenate a string and a byte string. The new code produces two binaries in Python 3 and two string in Python 2, so they can be concatenated in both versions.
If the cidr_ips parameter in this function is None, and therefore the IpPermissions.1.IpRanges.1.CidrIp is not present in the request to the EC2 API, the request is not performed. (The response does not indicate an error, but the security rule is not created). This behaviour is not documented in http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ApiReference-query-AuthorizeSecurityGroupIngress.html, but it is reproducable. The following request didn't work: Action=AuthorizeSecurityGroupIngress GroupId=sg-a4b44ece IpPermissions.1.FromPort=22 IpPermissions.1.IpProtocol=tcp IpPermissions.1.ToPort=22 AWSAccessKeyId=... Signature=... SignatureMethod=HmacSHA256 SignatureVersion=2 Timestamp=2014-04-16T07%3A43%3A21Z Version=2013-10-15 While this one did (the only difference is adding CidrIp): Action=AuthorizeSecurityGroupIngress GroupId=sg-a4b44ece IpPermissions.1.FromPort=22 IpPermissions.1.IpProtocol=tcp IpPermissions.1.ToPort=22 IpPermissions.1.IpRanges.1.CidrIp=0.0.0.0/0 AWSAccessKeyId=... Signature=... SignatureMethod=HmacSHA256 SignatureVersion=2 Timestamp=2014-04-16T07%3A43%3A21Z Version=2013-10-15
According to https://wiki.openstack.org/wiki/Os-security-groups#Delete_Security_Group and my own experiments with the HP cloud, the provider's answer upon success is not NO_CONTENT (HTTP status code 204) but ACCEPTED (HTTP status code 202). So I modified to code to accept ACCEPTED. I still kept NO_CONTENT (I would think it was put there because some provider did return NO_CONTENT).
The Compute API of the HP Cloud used by Libcloud [1] does not support floating IP pools, but it does support floating IPs. (To be more precise, one needs to use floating IPs if he wants to access the instance from outside the cloud.) So I added floating ip handling methods to the OpenStack_1_1_NodeDriver class. [1] HP Helion Public Cloud v13.5 Compute Service: https://docs.hpcloud.com/api/v13/compute/#3.10Extensions
|
I updated three commits:
|
|
I've squashed the commits, fixed some lint issues and merged your changes into trunk. Thanks! |
|
@hcs42 Btw, I know this has already been merged, but what do you think about this approach - https://issues.apache.org/jira/browse/LIBCLOUD-567?focusedCommentId=14012135&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14012135 ? |
|
Thanks! I posted my opinion in the JIRA ticket. |
hcs42
added a commit
to esl/elibcloud
that referenced
this pull request
May 29, 2014
The following PR shows that after I proposed my solution for the problem of using floating IP addressed with ex_create_floating_ip_handler, in the end we went for a different solution (ex_create_floating_ip): apache/libcloud#301 This commit changes elibcloud accordingly.
dahlia
pushed a commit
to geofront-auth/geofront
that referenced
this pull request
Jul 4, 2014
apache-libcloud 0.15.0 fixed some Python 3 compatibility bugs which might critical: apache/libcloud#301 https://libcloud.readthedocs.org/en/latest/changelog.html#changes-with-apache-libcloud-0-15-0
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This commit contains:
If I should break up this pull request into several pull requests and/or I should write Jira tickets, just let me know.