diff --git a/lib/heat b/lib/heat index a088e82886..cef70692c7 100644 --- a/lib/heat +++ b/lib/heat @@ -49,13 +49,19 @@ HEAT_CONF_DIR=/etc/heat HEAT_CONF=$HEAT_CONF_DIR/heat.conf HEAT_ENV_DIR=$HEAT_CONF_DIR/environment.d HEAT_TEMPLATES_DIR=$HEAT_CONF_DIR/templates -HEAT_STACK_DOMAIN=$(trueorfalse True HEAT_STACK_DOMAIN) HEAT_API_HOST=${HEAT_API_HOST:-$HOST_IP} HEAT_API_PORT=${HEAT_API_PORT:-8004} # other default options -HEAT_DEFERRED_AUTH=${HEAT_DEFERRED_AUTH:-trusts} +if [[ "$HEAT_STANDALONE" = "True" ]]; then + # for standalone, use defaults which require no service user + HEAT_STACK_DOMAIN=`trueorfalse False $HEAT_STACK_DOMAIN` + HEAT_DEFERRED_AUTH=${HEAT_DEFERRED_AUTH:-password} +else + HEAT_STACK_DOMAIN=`trueorfalse True $HEAT_STACK_DOMAIN` + HEAT_DEFERRED_AUTH=${HEAT_DEFERRED_AUTH:-trusts} +fi # Tell Tempest this project is present TEMPEST_SERVICES+=,heat @@ -77,13 +83,11 @@ function cleanup_heat { sudo rm -rf $HEAT_AUTH_CACHE_DIR sudo rm -rf $HEAT_ENV_DIR sudo rm -rf $HEAT_TEMPLATES_DIR + sudo rm -rf $HEAT_CONF_DIR } # configure_heat() - Set config files, create data dirs, etc function configure_heat { - if [[ "$HEAT_STANDALONE" = "True" ]]; then - setup_develop $HEAT_DIR/contrib/heat_keystoneclient_v2 - fi if [[ ! -d $HEAT_CONF_DIR ]]; then sudo mkdir -p $HEAT_CONF_DIR @@ -127,24 +131,22 @@ function configure_heat { # auth plugin setup. This should be fixed in heat. Heat is also the only # service that requires the auth_uri to include a /v2.0. Remove this custom # setup when bug #1300246 is resolved. - iniset $HEAT_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI iniset $HEAT_CONF keystone_authtoken auth_uri $KEYSTONE_SERVICE_URI/v2.0 - iniset $HEAT_CONF keystone_authtoken admin_user heat - iniset $HEAT_CONF keystone_authtoken admin_password $SERVICE_PASSWORD - iniset $HEAT_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME - iniset $HEAT_CONF keystone_authtoken cafile $SSL_BUNDLE_FILE - iniset $HEAT_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR + if [[ "$HEAT_STANDALONE" = "True" ]]; then + iniset $HEAT_CONF paste_deploy flavor standalone + iniset $HEAT_CONF clients_heat url "http://$HEAT_API_HOST:$HEAT_API_PORT/v1/%(tenant_id)s" + else + iniset $HEAT_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI + iniset $HEAT_CONF keystone_authtoken admin_user heat + iniset $HEAT_CONF keystone_authtoken admin_password $SERVICE_PASSWORD + iniset $HEAT_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME + iniset $HEAT_CONF keystone_authtoken cafile $SSL_BUNDLE_FILE + iniset $HEAT_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR + fi # ec2authtoken iniset $HEAT_CONF ec2authtoken auth_uri $KEYSTONE_SERVICE_URI/v2.0 - # paste_deploy - if [[ "$HEAT_STANDALONE" = "True" ]]; then - iniset $HEAT_CONF paste_deploy flavor standalone - iniset $HEAT_CONF DEFAULT keystone_backend heat_keystoneclient_v2.client.KeystoneClientV2 - iniset $HEAT_CONF clients_heat url "http://$HEAT_API_HOST:$HEAT_API_PORT/v1/%(tenant_id)s" - fi - # OpenStack API iniset $HEAT_CONF heat_api bind_port $HEAT_API_PORT iniset $HEAT_CONF heat_api workers "$API_WORKERS" @@ -243,30 +245,33 @@ function stop_heat { # create_heat_accounts() - Set up common required heat accounts function create_heat_accounts { - create_service_user "heat" "admin" + if [[ "$HEAT_STANDALONE" != "True" ]]; then - if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + create_service_user "heat" "admin" - local heat_service=$(get_or_create_service "heat" \ - "orchestration" "Heat Orchestration Service") - get_or_create_endpoint $heat_service \ - "$REGION_NAME" \ - "$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" \ - "$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" \ - "$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" + if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then - local heat_cfn_service=$(get_or_create_service "heat-cfn" \ - "cloudformation" "Heat CloudFormation Service") - get_or_create_endpoint $heat_cfn_service \ - "$REGION_NAME" \ - "$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" \ - "$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" \ - "$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" + local heat_service=$(get_or_create_service "heat" \ + "orchestration" "Heat Orchestration Service") + get_or_create_endpoint $heat_service \ + "$REGION_NAME" \ + "$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" \ + "$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" \ + "$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" + + local heat_cfn_service=$(get_or_create_service "heat-cfn" \ + "cloudformation" "Heat CloudFormation Service") + get_or_create_endpoint $heat_cfn_service \ + "$REGION_NAME" \ + "$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" \ + "$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" \ + "$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" + fi + + # heat_stack_user role is for users created by Heat + get_or_create_role "heat_stack_user" fi - # heat_stack_user role is for users created by Heat - get_or_create_role "heat_stack_user" - if [[ $HEAT_DEFERRED_AUTH == trusts ]]; then iniset $HEAT_CONF DEFAULT deferred_auth_method trusts fi diff --git a/stack.sh b/stack.sh index eac7eec724..f049782387 100755 --- a/stack.sh +++ b/stack.sh @@ -978,7 +978,7 @@ if is_service_enabled keystone; then create_swift_accounts fi - if is_service_enabled heat && [[ "$HEAT_STANDALONE" != "True" ]]; then + if is_service_enabled heat; then create_heat_accounts fi