Source code for ironic.api.controllers.v1.volume_target
# Copyright (c) 2017 Hitachi, Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from http import client as http_client
from ironic_lib import metrics_utils
from oslo_utils import uuidutils
from pecan import rest
from ironic import api
from ironic.api.controllers import link
from ironic.api.controllers.v1 import collection
from ironic.api.controllers.v1 import notification_utils as notify
from ironic.api.controllers.v1 import utils as api_utils
from ironic.api import method
from ironic.common import args
from ironic.common import exception
from ironic.common.i18n import _
from ironic.common import policy
from ironic import objects
METRICS = metrics_utils.get_metrics_logger(__name__)
_DEFAULT_RETURN_FIELDS = ['uuid', 'node_uuid', 'volume_type',
'boot_index', 'volume_id']
TARGET_SCHEMA = {
'type': 'object',
'properties': {
'boot_index': {'type': 'integer'},
'extra': {'type': ['object', 'null']},
'node_uuid': {'type': 'string'},
'properties': {'type': ['object', 'null']},
'volume_id': {'type': 'string'},
'volume_type': {'type': 'string'},
'uuid': {'type': ['string', 'null']},
},
'required': ['boot_index', 'node_uuid', 'volume_id', 'volume_type'],
'additionalProperties': False,
}
TARGET_VALIDATOR_EXTRA = args.dict_valid(
node_uuid=args.uuid,
uuid=args.uuid,
)
TARGET_VALIDATOR = args.and_valid(
args.schema(TARGET_SCHEMA),
TARGET_VALIDATOR_EXTRA
)
PATCH_ALLOWED_FIELDS = [
'boot_index',
'extra',
'node_uuid',
'properties',
'volume_id',
'volume_type'
]
[docs]
def convert_with_links(rpc_target, fields=None, sanitize=True):
target = api_utils.object_to_dict(
rpc_target,
link_resource='volume/targets',
fields=(
'boot_index',
'extra',
'properties',
'volume_id',
'volume_type'
)
)
api_utils.populate_node_uuid(rpc_target, target)
if fields is not None:
api_utils.check_for_invalid_fields(fields, target)
if not sanitize:
return target
api_utils.sanitize_dict(target, fields)
return target
[docs]
def list_convert_with_links(rpc_targets, limit, url, fields=None,
detail=None, **kwargs):
if detail:
kwargs['detail'] = detail
return collection.list_convert_with_links(
items=[convert_with_links(p, fields=fields, sanitize=False)
for p in rpc_targets],
item_name='targets',
limit=limit,
url=url,
fields=fields,
sanitize_func=api_utils.sanitize_dict,
**kwargs
)
[docs]
class VolumeTargetsController(rest.RestController):
"""REST controller for VolumeTargets."""
invalid_sort_key_list = ['extra', 'properties']
def __init__(self, node_ident=None):
super(VolumeTargetsController, self).__init__()
self.parent_node_ident = node_ident
def _redact_target_properties(self, target):
# Filters what could contain sensitive information. For iSCSI
# volumes this can include iscsi connection details which may
# be sensitive.
redacted = ('** Value redacted: Requires permission '
'baremetal:volume:view_target_properties '
'access. Permission denied. **')
redacted_message = {
'redacted_contents': redacted
}
target.properties = redacted_message
def _get_volume_targets_collection(self, node_ident, marker, limit,
sort_key, sort_dir, resource_url=None,
fields=None, detail=None,
project=None):
limit = api_utils.validate_limit(limit)
sort_dir = api_utils.validate_sort_dir(sort_dir)
marker_obj = None
if marker:
marker_obj = objects.VolumeTarget.get_by_uuid(
api.request.context, marker)
if sort_key in self.invalid_sort_key_list:
raise exception.InvalidParameterValue(
_("The sort_key value %(key)s is an invalid field for "
"sorting") % {'key': sort_key})
node_ident = self.parent_node_ident or node_ident
if node_ident:
# FIXME(comstud): Since all we need is the node ID, we can
# make this more efficient by only querying
# for that column. This will get cleaned up
# as we move to the object interface.
node = api_utils.get_rpc_node(node_ident)
targets = objects.VolumeTarget.list_by_node_id(
api.request.context, node.id, limit, marker_obj,
sort_key=sort_key, sort_dir=sort_dir, project=project)
else:
targets = objects.VolumeTarget.list(api.request.context,
limit, marker_obj,
sort_key=sort_key,
sort_dir=sort_dir,
project=project)
cdict = api.request.context.to_policy_values()
if not policy.check_policy('baremetal:volume:view_target_properties',
cdict, cdict):
for target in targets:
self._redact_target_properties(target)
return list_convert_with_links(targets, limit,
url=resource_url,
fields=fields,
sort_key=sort_key,
sort_dir=sort_dir,
detail=detail)
[docs]
@METRICS.timer('VolumeTargetsController.get_all')
@method.expose()
@args.validate(node=args.uuid_or_name, marker=args.uuid,
limit=args.integer, sort_key=args.string,
sort_dir=args.string, fields=args.string_list,
detail=args.boolean)
def get_all(self, node=None, marker=None, limit=None, sort_key='id',
sort_dir='asc', fields=None, detail=None, project=None):
"""Retrieve a list of volume targets.
:param node: UUID or name of a node, to get only volume targets
for that node.
:param marker: pagination marker for large data sets.
:param limit: maximum number of resources to return in a single result.
This value cannot be larger than the value of max_limit
in the [api] section of the ironic configuration, or only
max_limit resources will be returned.
:param sort_key: column to sort results by. Default: id.
:param sort_dir: direction to sort. "asc" or "desc". Default: "asc".
:param fields: Optional, a list with a specified set of fields
of the resource to be returned.
:param detail: Optional, whether to retrieve with detail.
:param project: Optional, an associated node project (owner,
or lessee) to filter the query upon.
:returns: a list of volume targets, or an empty list if no volume
target is found.
:raises: InvalidParameterValue if sort_key does not exist
:raises: InvalidParameterValue if sort key is invalid for sorting.
:raises: InvalidParameterValue if both fields and detail are specified.
"""
project = api_utils.check_volume_list_policy(
parent_node=self.parent_node_ident)
if fields is None and not detail:
fields = _DEFAULT_RETURN_FIELDS
if fields and detail:
raise exception.InvalidParameterValue(
_("Can't fetch a subset of fields with 'detail' set"))
resource_url = 'volume/targets'
return self._get_volume_targets_collection(node, marker, limit,
sort_key, sort_dir,
resource_url=resource_url,
fields=fields,
detail=detail,
project=project)
[docs]
@METRICS.timer('VolumeTargetsController.get_one')
@method.expose()
@args.validate(target_uuid=args.uuid, fields=args.string_list)
def get_one(self, target_uuid, fields=None):
"""Retrieve information about the given volume target.
:param target_uuid: UUID of a volume target.
:param fields: Optional, a list with a specified set of fields
of the resource to be returned.
:returns: API-serializable volume target object.
:raises: OperationNotPermitted if accessed with specifying a parent
node.
:raises: VolumeTargetNotFound if no volume target with this UUID exists
"""
rpc_target, _ = api_utils.check_volume_policy_and_retrieve(
'baremetal:volume:get',
target_uuid,
target=True)
if self.parent_node_ident:
raise exception.OperationNotPermitted()
cdict = api.request.context.to_policy_values()
if not policy.check_policy('baremetal:volume:view_target_properties',
cdict, cdict):
self._redact_target_properties(rpc_target)
return convert_with_links(rpc_target, fields=fields)
[docs]
@METRICS.timer('VolumeTargetsController.post')
@method.expose(status_code=http_client.CREATED)
@method.body('target')
@args.validate(target=TARGET_VALIDATOR)
def post(self, target):
"""Create a new volume target.
:param target: a volume target within the request body.
:returns: API-serializable volume target object.
:raises: OperationNotPermitted if accessed with specifying a parent
node.
:raises: VolumeTargetBootIndexAlreadyExists if a volume target already
exists with the same node ID and boot index
:raises: VolumeTargetAlreadyExists if a volume target with the same
UUID exists
"""
context = api.request.context
raise_node_not_found = False
node = None
owner = None
lessee = None
node_uuid = target.get('node_uuid')
try:
node = api_utils.replace_node_uuid_with_id(target)
owner = node.owner
lessee = node.lessee
except exception.NotFound:
raise_node_not_found = True
api_utils.check_owner_policy('node', 'baremetal:volume:create',
owner, lessee=lessee,
conceal_node=False)
if raise_node_not_found:
raise exception.InvalidInput(fieldname='node_uuid',
value=node_uuid)
if self.parent_node_ident:
raise exception.OperationNotPermitted()
# NOTE(hshiina): UUID is mandatory for notification payload
if not target.get('uuid'):
target['uuid'] = uuidutils.generate_uuid()
new_target = objects.VolumeTarget(context, **target)
notify.emit_start_notification(context, new_target, 'create',
node_uuid=node.uuid)
with notify.handle_error_notification(context, new_target, 'create',
node_uuid=node.uuid):
new_target.create()
notify.emit_end_notification(context, new_target, 'create',
node_uuid=node.uuid)
# Set the HTTP Location Header
api.response.location = link.build_url('volume/targets',
new_target.uuid)
return convert_with_links(new_target)
[docs]
@METRICS.timer('VolumeTargetsController.patch')
@method.expose()
@method.body('patch')
@args.validate(target_uuid=args.uuid, patch=args.patch)
def patch(self, target_uuid, patch):
"""Update an existing volume target.
:param target_uuid: UUID of a volume target.
:param patch: a json PATCH document to apply to this volume target.
:returns: API-serializable volume target object.
:raises: OperationNotPermitted if accessed with specifying a
parent node.
:raises: PatchError if a given patch can not be applied.
:raises: InvalidParameterValue if the volume target's UUID is being
changed
:raises: NodeLocked if the node is already locked
:raises: NodeNotFound if the node associated with the volume target
does not exist
:raises: VolumeTargetNotFound if the volume target cannot be found
:raises: VolumeTargetBootIndexAlreadyExists if a volume target already
exists with the same node ID and boot index values
:raises: InvalidUUID if invalid node UUID is passed in the patch.
:raises: InvalidStateRequested If a node associated with the
volume target is not powered off.
"""
context = api.request.context
api_utils.check_volume_policy_and_retrieve('baremetal:volume:update',
target_uuid,
target=True)
if self.parent_node_ident:
raise exception.OperationNotPermitted()
api_utils.patch_validate_allowed_fields(patch, PATCH_ALLOWED_FIELDS)
values = api_utils.get_patch_values(patch, '/node_uuid')
for value in values:
if not uuidutils.is_uuid_like(value):
message = _("Expected a UUID for node_uuid, but received "
"%(uuid)s.") % {'uuid': str(value)}
raise exception.InvalidUUID(message=message)
rpc_target = objects.VolumeTarget.get_by_uuid(context, target_uuid)
target_dict = rpc_target.as_dict()
# NOTE(smoriya):
# 1) Remove node_id because it's an internal value and
# not present in the API object
# 2) Add node_uuid
rpc_node = api_utils.replace_node_id_with_uuid(target_dict)
target_dict = api_utils.apply_jsonpatch(target_dict, patch)
try:
if target_dict['node_uuid'] != rpc_node.uuid:
# TODO(TheJulia): I guess the intention is to
# permit the mapping to be changed
# should we even allow this at all?
rpc_node = objects.Node.get(
api.request.context, target_dict['node_uuid'])
except exception.NodeNotFound as e:
# Change error code because 404 (NotFound) is inappropriate
# response for a PATCH request to change a volume target
e.code = http_client.BAD_REQUEST # BadRequest
raise
api_utils.patched_validate_with_schema(
target_dict, TARGET_SCHEMA, TARGET_VALIDATOR)
api_utils.patch_update_changed_fields(
target_dict, rpc_target, fields=objects.VolumeTarget.fields,
schema=TARGET_SCHEMA, id_map={'node_id': rpc_node.id}
)
notify.emit_start_notification(context, rpc_target, 'update',
node_uuid=rpc_node.uuid)
with notify.handle_error_notification(context, rpc_target, 'update',
node_uuid=rpc_node.uuid):
topic = api.request.rpcapi.get_topic_for(rpc_node)
new_target = api.request.rpcapi.update_volume_target(
context, rpc_target, topic)
api_target = convert_with_links(new_target)
notify.emit_end_notification(context, new_target, 'update',
node_uuid=rpc_node.uuid)
return api_target
[docs]
@METRICS.timer('VolumeTargetsController.delete')
@method.expose(status_code=http_client.NO_CONTENT)
@args.validate(target_uuid=args.uuid)
def delete(self, target_uuid):
"""Delete a volume target.
:param target_uuid: UUID of a volume target.
:raises: OperationNotPermitted if accessed with specifying a
parent node.
:raises: NodeLocked if node is locked by another conductor
:raises: NodeNotFound if the node associated with the target does
not exist
:raises: VolumeTargetNotFound if the volume target cannot be found
:raises: InvalidStateRequested If a node associated with the
volume target is not powered off.
"""
context = api.request.context
api_utils.check_volume_policy_and_retrieve('baremetal:volume:delete',
target_uuid,
target=True)
if self.parent_node_ident:
raise exception.OperationNotPermitted()
rpc_target = objects.VolumeTarget.get_by_uuid(context, target_uuid)
rpc_node = objects.Node.get_by_id(context, rpc_target.node_id)
notify.emit_start_notification(context, rpc_target, 'delete',
node_uuid=rpc_node.uuid)
with notify.handle_error_notification(context, rpc_target, 'delete',
node_uuid=rpc_node.uuid):
topic = api.request.rpcapi.get_topic_for(rpc_node)
api.request.rpcapi.destroy_volume_target(context,
rpc_target, topic)
notify.emit_end_notification(context, rpc_target, 'delete',
node_uuid=rpc_node.uuid)
