jkrue
commented
5 years ago If a project is removed(deleted) from the Perun database, the adapter disable the project and set the scratched field to 'True'.
$ openstack project show XXXXXXXXX
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| domain_id | 5718303825c1496290a10ad936552ada |
| enabled | False |
| flag | perun_propagation |
| id | ff0ea67d51044d75987021c42a4c34dc |
| is_domain | False |
| name | XXXXXXXXXX |
| parent_id | 5718303825c1496290a10ad936552ada |
| perun_id | XXXXX |
| scratched | True |
| tags | [] |
+-------------+----------------------------------+Unfortuneatly the openstack cmdline tool is very limited when filtering output, extra fields are not supported. However this python script will do the job ....
#!/usr/bin/env python3
import os
from keystoneauth1.identity import v3
from keystoneauth1 import session
from keystoneclient.v3 import client
auth = v3.Password(username=os.environ["OS_USERNAME"],
password=os.environ["OS_PASSWORD"],
auth_url=os.environ["OS_AUTH_URL"],
project_name=os.environ["OS_PROJECT_NAME"],
user_domain_name=os.environ["OS_USER_DOMAIN_NAME"],
project_domain_name=os.environ["OS_USER_DOMAIN_NAME"])
sess = session.Session(auth=auth)
# Create keystone client
keystone = client.Client(session=sess)
for p in keystone.projects.list():
if hasattr(p,'scratched') and p.scratched:
print(p.id)
The adapter currently does not delete project or user. This is good, and I do not want anything to be deleted automatically (yet).
Nonetheless I need a simple way to cleanup and release resources. My approach would be writing a simple script to be used in cron jobs....it just prints the project name/id for all project that can be deleted according to their state/tags, The site admins can trigger their site specific cleanup process afterwards (or just paste the output into 'xargs openstack project purge'...).
Comments on this? Time to dedust my python skills?