From 7ed684e908cbb1779f547055dd14abb6ba466415 Mon Sep 17 00:00:00 2001 From: okozachenko Date: Thu, 27 Aug 2020 18:07:28 +0300 Subject: [PATCH] Migrate nova accounts Change-Id: I3be7f2bd9998ac342fdc40ebaf608fe2b646755d --- devstack/lib/nova | 32 +++++++++++++++++++++++++++++--- images/nova/nova-api-wsgi | 7 ++++++- images/nova/nova-compute | 7 ++++++- images/nova/nova-conductor | 7 ++++++- images/nova/nova-metadata-wsgi | 7 ++++++- images/nova/nova-novncproxy | 7 ++++++- images/nova/nova-scheduler | 7 ++++++- 7 files changed, 65 insertions(+), 9 deletions(-) diff --git a/devstack/lib/nova b/devstack/lib/nova index 68d5e0cf..f5505c3e 100644 --- a/devstack/lib/nova +++ b/devstack/lib/nova @@ -67,12 +67,20 @@ function create_nova_conf { # only on nodes which runs controller services iniset $NOVA_CONF cache enabled $NOVA_ENABLE_CACHE iniset $NOVA_CONF cache backend $CACHE_BACKEND - iniset $NOVA_CONF cache memcache_servers mcrouter-memcached-nova.openstack.svc.cluster.local + iniset $NOVA_CONF cache memcache_servers mcrouter-memcached-nova.openstack.svc.cluster.local:11211 NOVA_ENABLED_APIS=$(echo $NOVA_ENABLED_APIS | sed "s/,metadata//") iniset $NOVA_CONF DEFAULT enabled_apis "$NOVA_ENABLED_APIS" - configure_keystone_authtoken_middleware $NOVA_CONF nova + # Adop v3applicationcredential instead of password type + kubernetes_ensure_resource secret/nova-application-credential + NOVA_APPLICATION_CREDENTIAL_SECRET=$(get_data_from_secret nova-application-credential openstack secret) + NOVA_APPLICATION_CREDENTIAL_ID=$(get_data_from_secret nova-application-credential openstack id) + iniset $NOVA_CONF keystone_authtoken auth_url $KEYSTONE_AUTH_URI_V3 + iniset $NOVA_CONF keystone_authtoken auth_type v3applicationcredential + iniset $NOVA_CONF keystone_authtoken application_credential_id $NOVA_APPLICATION_CREDENTIAL_ID + iniset $NOVA_CONF keystone_authtoken application_credential_secret $NOVA_APPLICATION_CREDENTIAL_SECRET + iniset $NOVA_CONF keystone_authtoken memcached_servers mcrouter-memcached-nova.openstack.svc.cluster.local:11211 if is_service_enabled cinder; then configure_cinder_access @@ -352,4 +360,22 @@ function start_nova { start_nova_console_proxies start_nova_conductor start_nova_compute -} \ No newline at end of file +} + +function create_nova_accounts { + # NOTE(Alex): Ignore ResellerAdmin + echo noop +} + +function init_nova_service_user_conf { + + kubernetes_ensure_resource secret/nova-application-credential + NOVA_APPLICATION_CREDENTIAL_SECRET=$(get_data_from_secret nova-application-credential openstack secret) + NOVA_APPLICATION_CREDENTIAL_ID=$(get_data_from_secret nova-application-credential openstack id) + iniset $NOVA_CONF service_user auth_url $KEYSTONE_SERVICE_URI + iniset $NOVA_CONF service_user auth_type v3applicationcredential + iniset $NOVA_CONF service_user application_credential_id $NOVA_APPLICATION_CREDENTIAL_ID + iniset $NOVA_CONF service_user application_credential_secret $NOVA_APPLICATION_CREDENTIAL_SECRET + iniset $NOVA_CONF service_user send_service_user_token True + iniset $NOVA_CONF service_user auth_strategy keystone +} diff --git a/images/nova/nova-api-wsgi b/images/nova/nova-api-wsgi index 415f87c3..4818ebab 100755 --- a/images/nova/nova-api-wsgi +++ b/images/nova/nova-api-wsgi @@ -17,12 +17,17 @@ import pkg_resources import sentry_sdk +from sentry_sdk.integrations.sqlalchemy import SqlalchemyIntegration from nova.api.openstack.compute.wsgi import init_application from sentry_sdk.integrations import wsgi VERSION = pkg_resources.get_distribution("nova").version -sentry_sdk.init(release="nova@%s" % VERSION) + +sentry_sdk.init( + release="nova@%s" % VERSION, + integrations=[SqlalchemyIntegration()] +) application = init_application() application = wsgi.SentryWsgiMiddleware(application) diff --git a/images/nova/nova-compute b/images/nova/nova-compute index 128d29af..4595939b 100755 --- a/images/nova/nova-compute +++ b/images/nova/nova-compute @@ -19,11 +19,16 @@ import re import sys import sentry_sdk +from sentry_sdk.integrations.sqlalchemy import SqlalchemyIntegration from nova.cmd.compute import main VERSION = pkg_resources.get_distribution("nova").version -sentry_sdk.init(release="nova@%s" % VERSION) + +sentry_sdk.init( + release="nova@%s" % VERSION, + integrations=[SqlalchemyIntegration()] +) sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0]) sys.exit(main()) diff --git a/images/nova/nova-conductor b/images/nova/nova-conductor index bdc7541a..cf8533b9 100755 --- a/images/nova/nova-conductor +++ b/images/nova/nova-conductor @@ -19,11 +19,16 @@ import re import sys import sentry_sdk +from sentry_sdk.integrations.sqlalchemy import SqlalchemyIntegration from nova.cmd.conductor import main VERSION = pkg_resources.get_distribution("nova").version -sentry_sdk.init(release="nova@%s" % VERSION) + +sentry_sdk.init( + release="nova@%s" % VERSION, + integrations=[SqlalchemyIntegration()] +) sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0]) sys.exit(main()) diff --git a/images/nova/nova-metadata-wsgi b/images/nova/nova-metadata-wsgi index 424c0378..8f7a12d6 100755 --- a/images/nova/nova-metadata-wsgi +++ b/images/nova/nova-metadata-wsgi @@ -17,12 +17,17 @@ import pkg_resources import sentry_sdk +from sentry_sdk.integrations.sqlalchemy import SqlalchemyIntegration from nova.api.metadata.wsgi import init_application from sentry_sdk.integrations import wsgi VERSION = pkg_resources.get_distribution("nova").version -sentry_sdk.init(release="nova@%s" % VERSION) + +sentry_sdk.init( + release="nova@%s" % VERSION, + integrations=[SqlalchemyIntegration()] +) application = init_application() application = wsgi.SentryWsgiMiddleware(application) diff --git a/images/nova/nova-novncproxy b/images/nova/nova-novncproxy index 188d2b15..01efc352 100755 --- a/images/nova/nova-novncproxy +++ b/images/nova/nova-novncproxy @@ -19,11 +19,16 @@ import re import sys import sentry_sdk +from sentry_sdk.integrations.sqlalchemy import SqlalchemyIntegration from nova.cmd.novncproxy import main VERSION = pkg_resources.get_distribution("nova").version -sentry_sdk.init(release="nova@%s" % VERSION) + +sentry_sdk.init( + release="nova@%s" % VERSION, + integrations=[SqlalchemyIntegration()] +) sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0]) sys.exit(main()) diff --git a/images/nova/nova-scheduler b/images/nova/nova-scheduler index b93d80c5..c96e7052 100755 --- a/images/nova/nova-scheduler +++ b/images/nova/nova-scheduler @@ -19,11 +19,16 @@ import re import sys import sentry_sdk +from sentry_sdk.integrations.sqlalchemy import SqlalchemyIntegration from nova.cmd.scheduler import main VERSION = pkg_resources.get_distribution("nova").version -sentry_sdk.init(release="nova@%s" % VERSION) + +sentry_sdk.init( + release="nova@%s" % VERSION, + integrations=[SqlalchemyIntegration()] +) sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0]) sys.exit(main())