diff --git a/IM/ConfManager.py b/IM/ConfManager.py index 7bf2de34..c2494143 100644 --- a/IM/ConfManager.py +++ b/IM/ConfManager.py @@ -1100,7 +1100,7 @@ def wait_vm_running(self, vm, timeout): Arguments: - vm(:py:class:`IM.VirtualMachine`): VM to be running. - - timeout(int): Max time to wait the VM to be running. + - timeout(int): Max time to wait for the VM to be running. Returns: True if all the VMs are running or false otherwise """ delay = Config.CHECK_CTXT_PROCESS_INTERVAL @@ -1132,7 +1132,7 @@ def wait_vm_ssh_acccess(self, vm, timeout): Arguments: - vm(:py:class:`IM.VirtualMachine`): VM to check. - - timeout(int): Max time to wait the VM to be to have the SSH port opened. + - timeout(int): Max time to wait for the VM to be to have the SSH port opened. Returns: True if the VM have the SSH port open or false otherwise """ delay = 10 diff --git a/IM/connectors/OpenNebula.py b/IM/connectors/OpenNebula.py index 06dc9761..26357ac9 100644 --- a/IM/connectors/OpenNebula.py +++ b/IM/connectors/OpenNebula.py @@ -1069,7 +1069,7 @@ def alterVM(self, vm, radl, auth_data): if not success: return (False, info) - # TODO: wait the VM to be running + # TODO: wait for the VM to be running time.sleep(5) success, info = self.attach_new_disks(vm, system, session_id) diff --git a/IM/connectors/OpenStack.py b/IM/connectors/OpenStack.py index 8c8ea47b..9565478b 100644 --- a/IM/connectors/OpenStack.py +++ b/IM/connectors/OpenStack.py @@ -880,11 +880,23 @@ def get_ost_network_info(driver, pool_names): # let's assume that is not public ost_net.extra['is_public'] = False - # set the networks with the default work in its name first - res = ([ost_net for ost_net in ost_nets if "default" in ost_net.name] + - [ost_net for ost_net in ost_nets if "default" not in ost_net.name]) + # set first the networks with the default word in its name + # or with the "is_default" extra field set to True + # or with a tag "default" + first = [] + last = [] + for ost_net in ost_nets: + if ( + "default" in ost_net.name or + "is_default" in ost_net.extra and ost_net.extra['is_default'] or + "tags" in ost_net.extra and "default" in ost_net.extra['tags'] or + "description" in ost_net.extra and "default" in ost_net.extra['description'] + ): + first.append(ost_net) + else: + last.append(ost_net) - return get_subnets, res + return get_subnets, first + last @staticmethod def map_networks(radl, ost_nets): diff --git a/contextualization/basic.yml b/contextualization/basic.yml index e894d98e..e0f4dbe2 100644 --- a/contextualization/basic.yml +++ b/contextualization/basic.yml @@ -10,7 +10,7 @@ ignore_errors: yes changed_when: false - - name: Wait the VM to boot + - name: Wait for the VM to boot raw: systemctl is-system-running --wait ignore_errors: yes changed_when: false diff --git a/contextualization/conf-ansible.yml b/contextualization/conf-ansible.yml index 1da87a2c..d07659a6 100644 --- a/contextualization/conf-ansible.yml +++ b/contextualization/conf-ansible.yml @@ -20,7 +20,7 @@ ignore_errors: yes changed_when: false - - name: Wait the VM to boot + - name: Wait for the VM to boot raw: systemctl is-system-running --wait ignore_errors: yes changed_when: false @@ -125,6 +125,8 @@ pip: name: pip>18.0,<21.0 executable: pip3 + # in some old distros we need to trust in the pypi to avoid SSL errors + extra_args: --trusted-host files.pythonhosted.org --trusted-host pypi.org --trusted-host pypi.python.org when: ansible_python_version is version('3.7', '<') - name: Upgrade pip in py3.7-py3.8 @@ -155,11 +157,26 @@ extra_args: --prefer-binary --break-system-packages when: ansible_python_version is version('3.11', '>=') - - name: Install cryptography & pyOpenSSL & pyyaml & wheel + - name: Install cryptography & pyOpenSSL in py3.11- pip: name: - cryptography>36.0.0,<39.0.0 - pyOpenSSL>20.0,<22.1.0 + executable: pip3 + extra_args: "{{ extra_args }}" + when: ansible_python_version is version('3.11', '<') + + - name: Install cryptography & pyOpenSSL in py3.11+ + pip: + name: cryptography>36.0.0 + name: pyOpenSSL>20.0 + executable: pip3 + extra_args: "{{ extra_args }}" + when: ansible_python_version is version('3.11', '>=') + + - name: Install pyyaml, wheel, paramiko and packaging + pip: + name: - wheel - pyyaml - paramiko>=2.9.5 diff --git a/doc/source/REST.rst b/doc/source/REST.rst index d8f8f65d..3334f41b 100644 --- a/doc/source/REST.rst +++ b/doc/source/REST.rst @@ -15,6 +15,9 @@ password are not valid, it is returned the HTTP error code 401. In case that Vau support has been configured (:ref:`vault-creds`) also a Bearer authorization header is supported, using the same access token to authenticate with the Vault server. +In case of using EGI Check-in authentication, see :ref:`egi-auth` to know how to get +a valid token. + Next tables summaries the resources and the HTTP methods available. +-------------+------------------------------------+------------------------------------+-------------------------------------------+ diff --git a/doc/source/client.rst b/doc/source/client.rst index b4601c31..2d96a01f 100644 --- a/doc/source/client.rst +++ b/doc/source/client.rst @@ -465,8 +465,10 @@ So the auth line will be like that:: id = ost; type = OpenStack; host = https://ostserver:5000; username = indigo-dc; tenant = oidc; password = iam_token_value; auth_version = 3.x_oidc_access_token -EGI FedCloud specific parameters -******************************* +.. _egi-auth: + +EGI Cloud Compute specific parameters +************************************* To use the EGI CheckIn to authenticate with a Keystone server properly configured the parameters are the following (see more info at `EGI Documentation `_): @@ -486,9 +488,22 @@ From IM version 1.10.2 the EGI connector is available and you can also use this id = egi; type = EGI; host = CESGA; vo = vo.access.egi.eu; token = egi_aai_token_value In this case the information needed to access the OpenStack API of the EGI FedCloud site will be obtained from -`AppDB REST API `_). This connector is recommended for non advanced users. If you +`AppDB REST API `_. This connector is recommended for non advanced users. If you can get the data to access the OpenStack API directly it is recommened to use it. +There are several ways to get the EGI AAI token: + +* One of them is using the `oidc-agent `_, configuring the + `EGI CheckIn as a provider `_. + Then you can get the token using the command keyworkd in the auth file:: + + token = command(oidc-token OIDC_ACCOUNT) + +* Another way is using the IM-Dashboard (:ref:`use-dashboard`). In the "Advanced" menu, the "Settings" + item enables getting the some configuration settings as the OIDC issuer or the current user's + access token. + + Open Telekom Cloud ++++++++++++++++++ diff --git a/doc/source/xmlrpc.rst b/doc/source/xmlrpc.rst index 3bbb37c3..e993811b 100644 --- a/doc/source/xmlrpc.rst +++ b/doc/source/xmlrpc.rst @@ -70,7 +70,7 @@ This is the list of method names: Create and configure an infrastructure with the requirements specified in the RADL document passed as string. Return the ID associated to the created - infrastructure. If ``async`` is set to ``True`` the call will not wait the VMs + infrastructure. If ``async`` is set to ``True`` the call will not wait forthe VMs to be created. ``GetInfrastructureInfo`` diff --git a/doc/swagger_api.yaml b/doc/swagger_api.yaml index 29cd8425..114b04d6 100644 --- a/doc/swagger_api.yaml +++ b/doc/swagger_api.yaml @@ -99,7 +99,7 @@ paths: in: query description: >- The async parameter is optional and is a flag to specify if the call - will not wait the VMs to be created. + will not wait for the VMs to be created. required: false schema: type: string