Install Keystone into its own venv
Configure Apache to use the Keystone venv. Change-Id: I86f1bfdfd800f5b818bfb5c4d2750ff732049107
This commit is contained in:
Dean Troyer
parent
5686dbc45d
commit
f8ae647f2e
@ -2,7 +2,7 @@ Listen %PUBLICPORT%
|
|||||||
Listen %ADMINPORT%
|
Listen %ADMINPORT%
|
||||||
|
|
||||||
<VirtualHost *:%PUBLICPORT%>
|
<VirtualHost *:%PUBLICPORT%>
|
||||||
WSGIDaemonProcess keystone-public processes=5 threads=1 user=%USER% display-name=%{GROUP}
|
WSGIDaemonProcess keystone-public processes=5 threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV%
|
||||||
WSGIProcessGroup keystone-public
|
WSGIProcessGroup keystone-public
|
||||||
WSGIScriptAlias / %PUBLICWSGI%
|
WSGIScriptAlias / %PUBLICWSGI%
|
||||||
WSGIApplicationGroup %{GLOBAL}
|
WSGIApplicationGroup %{GLOBAL}
|
||||||
@ -18,7 +18,7 @@ Listen %ADMINPORT%
|
|||||||
</VirtualHost>
|
</VirtualHost>
|
||||||
|
|
||||||
<VirtualHost *:%ADMINPORT%>
|
<VirtualHost *:%ADMINPORT%>
|
||||||
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=%USER% display-name=%{GROUP}
|
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV%
|
||||||
WSGIProcessGroup keystone-admin
|
WSGIProcessGroup keystone-admin
|
||||||
WSGIScriptAlias / %ADMINWSGI%
|
WSGIScriptAlias / %ADMINWSGI%
|
||||||
WSGIApplicationGroup %{GLOBAL}
|
WSGIApplicationGroup %{GLOBAL}
|
||||||
|
|||||||
30
lib/keystone
30
lib/keystone
@ -37,8 +37,16 @@ set +o xtrace
|
|||||||
# Set up default directories
|
# Set up default directories
|
||||||
GITDIR["python-keystoneclient"]=$DEST/python-keystoneclient
|
GITDIR["python-keystoneclient"]=$DEST/python-keystoneclient
|
||||||
GITDIR["keystonemiddleware"]=$DEST/keystonemiddleware
|
GITDIR["keystonemiddleware"]=$DEST/keystonemiddleware
|
||||||
|
|
||||||
KEYSTONE_DIR=$DEST/keystone
|
KEYSTONE_DIR=$DEST/keystone
|
||||||
|
|
||||||
|
# Keystone virtual environment
|
||||||
|
if [[ ${USE_VENV} = True ]]; then
|
||||||
|
PROJECT_VENV["keystone"]=${KEYSTONE_DIR}.venv
|
||||||
|
KEYSTONE_BIN_DIR=${PROJECT_VENV["keystone"]}/bin
|
||||||
|
else
|
||||||
|
KEYSTONE_BIN_DIR=$(get_python_exec_prefix)
|
||||||
|
fi
|
||||||
|
|
||||||
KEYSTONE_CONF_DIR=${KEYSTONE_CONF_DIR:-/etc/keystone}
|
KEYSTONE_CONF_DIR=${KEYSTONE_CONF_DIR:-/etc/keystone}
|
||||||
KEYSTONE_CONF=$KEYSTONE_CONF_DIR/keystone.conf
|
KEYSTONE_CONF=$KEYSTONE_CONF_DIR/keystone.conf
|
||||||
KEYSTONE_PASTE_INI=${KEYSTONE_PASTE_INI:-$KEYSTONE_CONF_DIR/keystone-paste.ini}
|
KEYSTONE_PASTE_INI=${KEYSTONE_PASTE_INI:-$KEYSTONE_CONF_DIR/keystone-paste.ini}
|
||||||
@ -144,6 +152,7 @@ function _config_keystone_apache_wsgi {
|
|||||||
local keystone_keyfile=""
|
local keystone_keyfile=""
|
||||||
local keystone_service_port=$KEYSTONE_SERVICE_PORT
|
local keystone_service_port=$KEYSTONE_SERVICE_PORT
|
||||||
local keystone_auth_port=$KEYSTONE_AUTH_PORT
|
local keystone_auth_port=$KEYSTONE_AUTH_PORT
|
||||||
|
local venv_path=""
|
||||||
|
|
||||||
if is_ssl_enabled_service key; then
|
if is_ssl_enabled_service key; then
|
||||||
keystone_ssl="SSLEngine On"
|
keystone_ssl="SSLEngine On"
|
||||||
@ -154,6 +163,9 @@ function _config_keystone_apache_wsgi {
|
|||||||
keystone_service_port=$KEYSTONE_SERVICE_PORT_INT
|
keystone_service_port=$KEYSTONE_SERVICE_PORT_INT
|
||||||
keystone_auth_port=$KEYSTONE_AUTH_PORT_INT
|
keystone_auth_port=$KEYSTONE_AUTH_PORT_INT
|
||||||
fi
|
fi
|
||||||
|
if [[ ${USE_VENV} = True ]]; then
|
||||||
|
venv_path="python-path=${PROJECT_VENV["keystone"]}/lib/python2.7/site-packages"
|
||||||
|
fi
|
||||||
|
|
||||||
# copy proxy vhost and wsgi file
|
# copy proxy vhost and wsgi file
|
||||||
sudo cp $KEYSTONE_DIR/httpd/keystone.py $KEYSTONE_WSGI_DIR/main
|
sudo cp $KEYSTONE_DIR/httpd/keystone.py $KEYSTONE_WSGI_DIR/main
|
||||||
@ -169,7 +181,8 @@ function _config_keystone_apache_wsgi {
|
|||||||
s|%SSLENGINE%|$keystone_ssl|g;
|
s|%SSLENGINE%|$keystone_ssl|g;
|
||||||
s|%SSLCERTFILE%|$keystone_certfile|g;
|
s|%SSLCERTFILE%|$keystone_certfile|g;
|
||||||
s|%SSLKEYFILE%|$keystone_keyfile|g;
|
s|%SSLKEYFILE%|$keystone_keyfile|g;
|
||||||
s|%USER%|$STACK_USER|g
|
s|%USER%|$STACK_USER|g;
|
||||||
|
s|%VIRTUALENV%|$venv_path|g
|
||||||
" -i $keystone_apache_conf
|
" -i $keystone_apache_conf
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -460,20 +473,20 @@ function init_keystone {
|
|||||||
recreate_database keystone
|
recreate_database keystone
|
||||||
|
|
||||||
# Initialize keystone database
|
# Initialize keystone database
|
||||||
$KEYSTONE_DIR/bin/keystone-manage db_sync
|
$KEYSTONE_BIN_DIR/keystone-manage db_sync
|
||||||
|
|
||||||
local extension_value
|
local extension_value
|
||||||
for extension_value in ${KEYSTONE_EXTENSIONS//,/ }; do
|
for extension_value in ${KEYSTONE_EXTENSIONS//,/ }; do
|
||||||
if [[ -z "${extension_value}" ]]; then
|
if [[ -z "${extension_value}" ]]; then
|
||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
$KEYSTONE_DIR/bin/keystone-manage db_sync --extension "${extension_value}"
|
$KEYSTONE_BIN_DIR/keystone-manage db_sync --extension "${extension_value}"
|
||||||
done
|
done
|
||||||
|
|
||||||
if [[ "$KEYSTONE_TOKEN_FORMAT" != "uuid" ]]; then
|
if [[ "$KEYSTONE_TOKEN_FORMAT" != "uuid" ]]; then
|
||||||
# Set up certificates
|
# Set up certificates
|
||||||
rm -rf $KEYSTONE_CONF_DIR/ssl
|
rm -rf $KEYSTONE_CONF_DIR/ssl
|
||||||
$KEYSTONE_DIR/bin/keystone-manage pki_setup
|
$KEYSTONE_BIN_DIR/keystone-manage pki_setup
|
||||||
|
|
||||||
# Create cache dir
|
# Create cache dir
|
||||||
sudo install -d -o $STACK_USER $KEYSTONE_AUTH_CACHE_DIR
|
sudo install -d -o $STACK_USER $KEYSTONE_AUTH_CACHE_DIR
|
||||||
@ -492,9 +505,14 @@ function install_keystoneclient {
|
|||||||
|
|
||||||
# install_keystonemiddleware() - Collect source and prepare
|
# install_keystonemiddleware() - Collect source and prepare
|
||||||
function install_keystonemiddleware {
|
function install_keystonemiddleware {
|
||||||
|
# install_keystonemiddleware() is called when keystonemiddleware is needed
|
||||||
|
# to provide an opportunity to install it from the source repo
|
||||||
if use_library_from_git "keystonemiddleware"; then
|
if use_library_from_git "keystonemiddleware"; then
|
||||||
git_clone_by_name "keystonemiddleware"
|
git_clone_by_name "keystonemiddleware"
|
||||||
setup_dev_lib "keystonemiddleware"
|
setup_dev_lib "keystonemiddleware"
|
||||||
|
else
|
||||||
|
# When not installing from repo, keystonemiddleware is still needed...
|
||||||
|
pip_install keystonemiddleware
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -542,7 +560,7 @@ function start_keystone {
|
|||||||
tail_log key-access /var/log/$APACHE_NAME/keystone_access.log
|
tail_log key-access /var/log/$APACHE_NAME/keystone_access.log
|
||||||
else
|
else
|
||||||
# Start Keystone in a screen window
|
# Start Keystone in a screen window
|
||||||
run_process key "$KEYSTONE_DIR/bin/keystone-all --config-file $KEYSTONE_CONF"
|
run_process key "$KEYSTONE_BIN_DIR/keystone-all --config-file $KEYSTONE_CONF"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "Waiting for keystone to start..."
|
echo "Waiting for keystone to start..."
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user