afcefb8b44
We suspect session might be reused accross threads that leads to rare SSL errors. This extra printout can help debug the issue. Change-Id: I67e08ec48fb411d6d5a083fea6a6b68051f07617
390 lines
15 KiB
Python
390 lines
15 KiB
Python
# Copyright 2015 VMware, Inc.
|
|
# All Rights Reserved
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
#
|
|
import re
|
|
import time
|
|
from urllib import parse as urlparse
|
|
|
|
from oslo_log import log
|
|
from oslo_serialization import jsonutils
|
|
import requests
|
|
|
|
from vmware_nsxlib._i18n import _
|
|
from vmware_nsxlib.v3 import exceptions
|
|
from vmware_nsxlib.v3 import utils
|
|
|
|
LOG = log.getLogger(__name__)
|
|
|
|
NULL_CURSOR_PREFIX = '0000'
|
|
|
|
|
|
def get_http_error_details(response):
|
|
msg = response.json() if response.content else ''
|
|
error_code = None
|
|
related_error_codes = []
|
|
related_status_codes = []
|
|
|
|
if isinstance(msg, dict) and 'error_message' in msg:
|
|
error_code = msg.get('error_code')
|
|
related_errors = [error['error_message'] for error in
|
|
msg.get('related_errors', [])]
|
|
related_error_codes = [str(error['error_code']) for error in
|
|
msg.get('related_errors', []) if
|
|
error.get('error_code')]
|
|
related_status_codes = [getattr(requests.codes, error['httpStatus'])
|
|
for error in msg.get('related_errors', []) if
|
|
error.get('httpStatus')]
|
|
|
|
msg = msg['error_message']
|
|
if related_errors:
|
|
msg += " relatedErrors: %s" % ' '.join(related_errors)
|
|
|
|
return {'status_code': response.status_code,
|
|
'error_code': error_code,
|
|
'related_error_codes': related_error_codes,
|
|
'related_status_codes': related_status_codes,
|
|
'details': msg}
|
|
|
|
|
|
def init_http_exception_from_response(response):
|
|
if response is None or response:
|
|
# The response object has a __bool__ method that return True for
|
|
# status code under 400. In that case there is no need for exception
|
|
return None
|
|
|
|
error_details = get_http_error_details(response)
|
|
if not error_details['error_code']:
|
|
return None
|
|
|
|
error = http_error_to_exception(error_details['status_code'],
|
|
error_details['error_code'],
|
|
error_details['related_error_codes'])
|
|
|
|
return error(manager='', **error_details)
|
|
|
|
|
|
def http_error_to_exception(status_code, error_code, related_error_codes=None):
|
|
errors = {
|
|
requests.codes.NOT_FOUND:
|
|
{'202': exceptions.BackendResourceNotFound,
|
|
'500090': exceptions.StaleRevision,
|
|
'default': exceptions.ResourceNotFound},
|
|
requests.codes.BAD_REQUEST:
|
|
{'60508': exceptions.NsxIndexingInProgress,
|
|
'60514': exceptions.NsxSearchTimeout,
|
|
'60515': exceptions.NsxSearchOutOfSync,
|
|
'8327': exceptions.NsxOverlapVlan,
|
|
'500045': exceptions.NsxPendingDelete,
|
|
'500030': exceptions.ResourceInUse,
|
|
'500087': exceptions.StaleRevision,
|
|
'500105': exceptions.NsxOverlapAddresses,
|
|
'500232': exceptions.StaleRevision, # Missing dependent objects
|
|
'503040': exceptions.NsxSegemntWithVM,
|
|
'100148': exceptions.StaleRevision},
|
|
requests.codes.CONFLICT: exceptions.StaleRevision,
|
|
requests.codes.PRECONDITION_FAILED: exceptions.StaleRevision,
|
|
requests.codes.INTERNAL_SERVER_ERROR:
|
|
{'98': exceptions.CannotConnectToServer,
|
|
'99': exceptions.ClientCertificateNotTrusted,
|
|
'607': exceptions.APITransactionAborted},
|
|
requests.codes.FORBIDDEN:
|
|
{'98': exceptions.BadXSRFToken,
|
|
'403': exceptions.InvalidCredentials,
|
|
'505': exceptions.InvalidLicense},
|
|
requests.codes.TOO_MANY_REQUESTS: exceptions.TooManyRequests,
|
|
requests.codes.SERVICE_UNAVAILABLE: exceptions.ServiceUnavailable}
|
|
|
|
if status_code in errors:
|
|
if isinstance(errors[status_code], dict):
|
|
# choose based on error code
|
|
if error_code and str(error_code) in errors[status_code]:
|
|
return errors[status_code][str(error_code)]
|
|
# try the related errors
|
|
if related_error_codes:
|
|
for err in related_error_codes:
|
|
if err and str(err) in errors[status_code]:
|
|
return errors[status_code][str(err)]
|
|
|
|
if 'default' in errors[status_code]:
|
|
return errors[status_code]['default']
|
|
else:
|
|
return errors[status_code]
|
|
|
|
# default exception
|
|
return exceptions.ManagerError
|
|
|
|
|
|
class RESTClient(object):
|
|
|
|
_VERB_RESP_CODES = {
|
|
'get': [requests.codes.ok],
|
|
'post': [requests.codes.created, requests.codes.ok],
|
|
'put': [requests.codes.created, requests.codes.ok],
|
|
'patch': [requests.codes.created, requests.codes.ok],
|
|
'delete': [requests.codes.ok]
|
|
}
|
|
|
|
def __init__(self, connection, url_prefix=None,
|
|
default_headers=None,
|
|
client_obj=None):
|
|
self._conn = connection
|
|
self._url_prefix = url_prefix or ""
|
|
self._default_headers = default_headers or {}
|
|
|
|
def new_client_for(self, *uri_segments):
|
|
uri = self._build_url('/'.join(uri_segments))
|
|
|
|
return self.__class__(
|
|
self._conn,
|
|
url_prefix=uri,
|
|
default_headers=self._default_headers,
|
|
client_obj=self)
|
|
|
|
def list(self, resource='', headers=None, silent=False):
|
|
return self.url_list(resource, headers=headers, silent=silent)
|
|
|
|
def get(self, uuid, headers=None, silent=False, with_retries=False):
|
|
return self.url_get(uuid, headers=headers, silent=silent,
|
|
with_retries=with_retries)
|
|
|
|
def delete(self, uuid, headers=None, expected_results=None):
|
|
return self.url_delete(uuid, headers=headers,
|
|
expected_results=expected_results)
|
|
|
|
def update(self, uuid, body=None, headers=None, expected_results=None):
|
|
return self.url_put(uuid, body, headers=headers,
|
|
expected_results=expected_results)
|
|
|
|
def create(self, resource='', body=None, headers=None,
|
|
expected_results=None):
|
|
return self.url_post(resource, body, headers=headers,
|
|
expected_results=expected_results)
|
|
|
|
def patch(self, resource='', body=None, headers=None):
|
|
return self.url_patch(resource, body, headers=headers)
|
|
|
|
def url_list(self, url, headers=None, silent=False):
|
|
concatenate_response = self.url_get(url, headers=headers,
|
|
silent=silent)
|
|
cursor = concatenate_response.get('cursor', NULL_CURSOR_PREFIX)
|
|
op = '&' if urlparse.urlparse(url).query else '?'
|
|
url += op + 'cursor='
|
|
|
|
while cursor and not cursor.startswith(NULL_CURSOR_PREFIX):
|
|
page = self.url_get(url + cursor, headers=headers, silent=silent)
|
|
concatenate_response['results'].extend(page.get('results', []))
|
|
cursor = page.get('cursor', NULL_CURSOR_PREFIX)
|
|
return concatenate_response
|
|
|
|
def url_get(self, url, headers=None, silent=False, with_retries=False):
|
|
return self._rest_call(url, method='GET', headers=headers,
|
|
silent=silent, with_retries=with_retries)
|
|
|
|
def url_delete(self, url, headers=None, expected_results=None):
|
|
return self._rest_call(url, method='DELETE', headers=headers,
|
|
expected_results=expected_results)
|
|
|
|
def url_put(self, url, body, headers=None, expected_results=None):
|
|
return self._rest_call(url, method='PUT', body=body, headers=headers,
|
|
expected_results=expected_results)
|
|
|
|
def url_post(self, url, body, headers=None, expected_results=None):
|
|
return self._rest_call(url, method='POST', body=body, headers=headers,
|
|
expected_results=expected_results)
|
|
|
|
def url_patch(self, url, body, headers=None):
|
|
return self._rest_call(url, method='PATCH', body=body, headers=headers)
|
|
|
|
def _raise_error(self, operation, status_code, details,
|
|
error_code=None, related_error_codes=None,
|
|
related_status_codes=None):
|
|
error = http_error_to_exception(status_code, error_code,
|
|
related_error_codes)
|
|
raise error(manager='', operation=operation, details=details,
|
|
error_code=error_code,
|
|
related_error_codes=related_error_codes,
|
|
status_code=status_code,
|
|
related_status_codes=related_status_codes)
|
|
|
|
def _validate_result(self, result, expected, operation, silent=False):
|
|
if result.status_code not in expected:
|
|
result_msg = result.json() if result.content else ''
|
|
if not silent:
|
|
LOG.warning("The HTTP request returned error code "
|
|
"%(result)s, whereas %(expected)s response "
|
|
"codes were expected. Response body %(body)s",
|
|
{'result': result.status_code,
|
|
'expected': '/'.join([str(code)
|
|
for code in expected]),
|
|
'body': result_msg})
|
|
|
|
error_details = get_http_error_details(result)
|
|
|
|
self._raise_error(operation, **error_details)
|
|
|
|
@classmethod
|
|
def merge_headers(cls, *headers):
|
|
merged = {}
|
|
for header in headers:
|
|
if header:
|
|
merged.update(header)
|
|
return merged
|
|
|
|
def _build_url(self, uri):
|
|
prefix = urlparse.urlparse(self._url_prefix)
|
|
uri = ("/%s/%s" % (prefix.path, uri)).replace('//', '/').strip('/')
|
|
if prefix.netloc:
|
|
uri = "%s/%s" % (prefix.netloc, uri)
|
|
if prefix.scheme:
|
|
uri = "%s://%s" % (prefix.scheme, uri)
|
|
return uri
|
|
|
|
def _mask_password(self, json):
|
|
'''Mask password value in json format'''
|
|
if not json:
|
|
return json
|
|
|
|
pattern = r'\"password\": [^,}]*'
|
|
return re.sub(pattern, '"password": "********"', json)
|
|
|
|
def _rest_call(self, url, method='GET', body=None, headers=None,
|
|
silent=False, expected_results=None, **kwargs):
|
|
request_headers = headers.copy() if headers else {}
|
|
request_headers.update(self._default_headers)
|
|
|
|
if utils.INJECT_HEADERS_CALLBACK:
|
|
inject_headers = utils.INJECT_HEADERS_CALLBACK()
|
|
request_headers.update(inject_headers)
|
|
|
|
request_url = self._build_url(url)
|
|
do_request = getattr(self._conn, method.lower())
|
|
if silent:
|
|
self._conn.set_silent(True)
|
|
ts = time.time()
|
|
result = do_request(
|
|
request_url,
|
|
data=body,
|
|
headers=request_headers)
|
|
te = time.time()
|
|
if silent:
|
|
self._conn.set_silent(False)
|
|
|
|
if not silent:
|
|
LOG.debug("[%x] REST call: %s %s. Headers: %s. Body: %s. "
|
|
"Response: %s. Took %2.4f",
|
|
id(self._conn), method, request_url,
|
|
utils.censor_headers(request_headers),
|
|
self._mask_password(body),
|
|
result.json() if result.content else '',
|
|
te - ts)
|
|
|
|
if not expected_results:
|
|
expected_results = RESTClient._VERB_RESP_CODES[method.lower()]
|
|
self._validate_result(
|
|
result, expected_results,
|
|
_("%(verb)s %(url)s") % {'verb': method, 'url': request_url},
|
|
silent=silent)
|
|
return result
|
|
|
|
|
|
class JSONRESTClient(RESTClient):
|
|
|
|
_DEFAULT_HEADERS = {
|
|
'Accept': 'application/json',
|
|
'Content-Type': 'application/json'
|
|
}
|
|
|
|
def __init__(self, connection, url_prefix=None,
|
|
default_headers=None,
|
|
client_obj=None):
|
|
|
|
super(JSONRESTClient, self).__init__(
|
|
connection,
|
|
url_prefix=url_prefix,
|
|
default_headers=RESTClient.merge_headers(
|
|
JSONRESTClient._DEFAULT_HEADERS, default_headers),
|
|
client_obj=None)
|
|
|
|
def _rest_call(self, *args, **kwargs):
|
|
if kwargs.get('body') is not None:
|
|
kwargs['body'] = jsonutils.dumps(kwargs['body'], sort_keys=True)
|
|
result = super(JSONRESTClient, self)._rest_call(*args, **kwargs)
|
|
return result.json() if result.content else result
|
|
|
|
|
|
class NSX3Client(JSONRESTClient):
|
|
|
|
NSX_V1_API_PREFIX = 'api/v1/'
|
|
NSX_POLICY_V1_API_PREFIX = 'policy/api/v1/'
|
|
|
|
# NOTE: For user-facing client, NsxClusteredAPI instance
|
|
# will be passed as connection parameter below, thus all
|
|
# requests on this client will pass via cluster code to
|
|
# determine endpoint
|
|
# For validation client, TimeoutSession with specific
|
|
# endpoint parameters will be passed as connection.
|
|
def __init__(self, connection, url_prefix=None,
|
|
default_headers=None,
|
|
nsx_api_managers=None,
|
|
max_attempts=utils.DEFAULT_MAX_ATTEMPTS,
|
|
rate_limit_retry=True,
|
|
client_obj=None,
|
|
url_path_base=NSX_V1_API_PREFIX):
|
|
|
|
# If the client obj is defined - copy configuration from it
|
|
if client_obj:
|
|
self.nsx_api_managers = client_obj.nsx_api_managers or []
|
|
self.max_attempts = client_obj.max_attempts
|
|
self.rate_limit_retry = client_obj.rate_limit_retry
|
|
else:
|
|
self.nsx_api_managers = nsx_api_managers or []
|
|
self.max_attempts = max_attempts
|
|
self.rate_limit_retry = rate_limit_retry
|
|
|
|
url_prefix = url_prefix or url_path_base
|
|
if url_prefix and url_path_base not in url_prefix:
|
|
if url_prefix.startswith('http'):
|
|
url_prefix += '/' + url_path_base
|
|
else:
|
|
url_prefix = "%s/%s" % (url_path_base,
|
|
url_prefix or '')
|
|
|
|
super(NSX3Client, self).__init__(
|
|
connection, url_prefix=url_prefix,
|
|
default_headers=default_headers,
|
|
client_obj=client_obj)
|
|
|
|
def _raise_error(self, operation, status_code, details,
|
|
error_code=None, related_error_codes=None,
|
|
related_status_codes=None):
|
|
"""Override the Rest client errors to add the manager IPs"""
|
|
error = http_error_to_exception(status_code, error_code,
|
|
related_error_codes)
|
|
raise error(manager=self.nsx_api_managers,
|
|
operation=operation,
|
|
details=details,
|
|
error_code=error_code,
|
|
related_error_codes=related_error_codes,
|
|
related_status_codes=related_status_codes,
|
|
status_code=status_code)
|
|
|
|
def _rest_call(self, url, **kwargs):
|
|
if 'with_retries' in kwargs and kwargs['with_retries']:
|
|
LOG.warning("with_retries setting is deprecated and will be "
|
|
"removed. Please use exceptions setting in nsxlib "
|
|
"config instead")
|
|
|
|
return super(NSX3Client, self)._rest_call(url, **kwargs)
|