From 296c1e3809082db4173f00141a981d3a2d168922 Mon Sep 17 00:00:00 2001 From: Jerry Zhao Date: Fri, 7 Aug 2015 20:43:54 -0400 Subject: [PATCH] Move policy.json creation to _configure_neutron_common To allow separating neutron l3, metadata, or dhcp agent from neutron server or controller, there is supposed to be policy.json on the nodes with l3, dhcp, metadata agent enabled, so it would be more appropriate to create policy.json in _configure_neutron_common. Change-Id: I890d647ffca05482f36ebaaf9c2c6e9e6cb23e2b --- lib/neutron-legacy | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/neutron-legacy b/lib/neutron-legacy index 4069439183..498cf46179 100644 --- a/lib/neutron-legacy +++ b/lib/neutron-legacy @@ -878,6 +878,12 @@ function _configure_neutron_common { cp $NEUTRON_DIR/etc/neutron.conf $NEUTRON_CONF + Q_POLICY_FILE=$NEUTRON_CONF_DIR/policy.json + cp $NEUTRON_DIR/etc/policy.json $Q_POLICY_FILE + + # allow neutron user to administer neutron to match neutron account + sed -i 's/"context_is_admin": "role:admin"/"context_is_admin": "role:admin or user_name:neutron"/g' $Q_POLICY_FILE + # Set plugin-specific variables ``Q_DB_NAME``, ``Q_PLUGIN_CLASS``. # For main plugin config file, set ``Q_PLUGIN_CONF_PATH``, ``Q_PLUGIN_CONF_FILENAME``. # For addition plugin config files, set ``Q_PLUGIN_EXTRA_CONF_PATH``, @@ -1106,13 +1112,7 @@ function _configure_neutron_plugin_agent { # It is called when q-svc is enabled. function _configure_neutron_service { Q_API_PASTE_FILE=$NEUTRON_CONF_DIR/api-paste.ini - Q_POLICY_FILE=$NEUTRON_CONF_DIR/policy.json - cp $NEUTRON_DIR/etc/api-paste.ini $Q_API_PASTE_FILE - cp $NEUTRON_DIR/etc/policy.json $Q_POLICY_FILE - - # allow neutron user to administer neutron to match neutron account - sed -i 's/"context_is_admin": "role:admin"/"context_is_admin": "role:admin or user_name:neutron"/g' $Q_POLICY_FILE # Update either configuration file with plugin iniset $NEUTRON_CONF DEFAULT core_plugin $Q_PLUGIN_CLASS