attempting to get keystone working again.....
This commit is contained in:
Joshua Harlow
parent
53fb6d29c7
commit
9186e6440d
@ -1,6 +1,7 @@
|
||||
# From devstack commit 30439a6dc4
|
||||
# From devstack commit b3288381047690510845209cc372d07e5b11e396
|
||||
|
||||
[pipeline:glance-api]
|
||||
|
||||
#pipeline = versionnegotiation context apiv1app
|
||||
# NOTE: use the following pipeline for keystone
|
||||
pipeline = versionnegotiation authtoken auth-context apiv1app
|
||||
@ -11,37 +12,50 @@ pipeline = versionnegotiation authtoken auth-context apiv1app
|
||||
# pipeline = versionnegotiation authtoken auth-context imagecache apiv1app
|
||||
|
||||
[app:apiv1app]
|
||||
|
||||
paste.app_factory = glance.common.wsgi:app_factory
|
||||
glance.app_factory = glance.api.v1.router:API
|
||||
|
||||
[filter:versionnegotiation]
|
||||
|
||||
paste.filter_factory = glance.common.wsgi:filter_factory
|
||||
glance.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter
|
||||
|
||||
[filter:cache]
|
||||
|
||||
paste.filter_factory = glance.common.wsgi:filter_factory
|
||||
glance.filter_factory = glance.api.middleware.cache:CacheFilter
|
||||
|
||||
[filter:cachemanage]
|
||||
|
||||
paste.filter_factory = glance.common.wsgi:filter_factory
|
||||
glance.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter
|
||||
|
||||
[filter:context]
|
||||
|
||||
paste.filter_factory = glance.common.wsgi:filter_factory
|
||||
glance.filter_factory = glance.common.context:ContextMiddleware
|
||||
|
||||
[filter:authtoken]
|
||||
|
||||
paste.filter_factory = keystone.middleware.auth_token:filter_factory
|
||||
|
||||
service_host = %KEYSTONE_SERVICE_HOST%
|
||||
service_port = %KEYSTONE_SERVICE_PORT%
|
||||
service_protocol = %KEYSTONE_SERVICE_PROTOCOL%
|
||||
|
||||
auth_host = %KEYSTONE_AUTH_HOST%
|
||||
auth_port = %KEYSTONE_AUTH_PORT%
|
||||
auth_protocol = %KEYSTONE_AUTH_PROTOCOL%
|
||||
auth_uri = %KEYSTONE_SERVICE_PROTOCOL%://%KEYSTONE_SERVICE_HOST%:%KEYSTONE_SERVICE_PORT%/
|
||||
|
||||
admin_token = %SERVICE_TOKEN%
|
||||
admin_tenant_name = %SERVICE_TENANT_NAME%
|
||||
admin_user = %SERVICE_USERNAME%
|
||||
admin_password = %SERVICE_PASSWORD%
|
||||
|
||||
[filter:auth-context]
|
||||
|
||||
paste.filter_factory = glance.common.wsgi:filter_factory
|
||||
glance.filter_factory = keystone.middleware.glance_auth_token:KeystoneContextMiddleware
|
||||
|
||||
|
||||
@ -1,31 +1,42 @@
|
||||
# From devstack commit 30439a6dc4
|
||||
# From devstack commit b3288381047690510845209cc372d07e5b11e396
|
||||
|
||||
[pipeline:glance-registry]
|
||||
|
||||
#pipeline = context registryapp
|
||||
# NOTE: use the following pipeline for keystone
|
||||
pipeline = authtoken auth-context context registryapp
|
||||
|
||||
[app:registryapp]
|
||||
|
||||
paste.app_factory = glance.common.wsgi:app_factory
|
||||
glance.app_factory = glance.registry.api.v1:API
|
||||
|
||||
[filter:context]
|
||||
|
||||
context_class = glance.registry.context.RequestContext
|
||||
paste.filter_factory = glance.common.wsgi:filter_factory
|
||||
glance.filter_factory = glance.common.context:ContextMiddleware
|
||||
|
||||
[filter:authtoken]
|
||||
|
||||
paste.filter_factory = keystone.middleware.auth_token:filter_factory
|
||||
|
||||
service_host = %KEYSTONE_SERVICE_HOST%
|
||||
service_port = %KEYSTONE_SERVICE_PORT%
|
||||
service_protocol = %KEYSTONE_SERVICE_PROTOCOL%
|
||||
|
||||
auth_host = %KEYSTONE_AUTH_HOST%
|
||||
auth_port = %KEYSTONE_AUTH_PORT%
|
||||
auth_protocol = %KEYSTONE_AUTH_PROTOCOL%
|
||||
auth_uri = %KEYSTONE_SERVICE_PROTOCOL%://%KEYSTONE_SERVICE_HOST%:%KEYSTONE_SERVICE_PORT%/
|
||||
|
||||
admin_token = %SERVICE_TOKEN%
|
||||
admin_tenant_name = %SERVICE_TENANT_NAME%
|
||||
admin_user = %SERVICE_USERNAME%
|
||||
admin_password = %SERVICE_PASSWORD%
|
||||
|
||||
[filter:auth-context]
|
||||
|
||||
context_class = glance.registry.context.RequestContext
|
||||
paste.filter_factory = glance.common.wsgi:filter_factory
|
||||
glance.filter_factory = keystone.middleware.glance_auth_token:KeystoneContextMiddleware
|
||||
|
||||
@ -26,15 +26,22 @@
|
||||
# SERVICE_TENANT_NAME - name of tenant containing service accounts
|
||||
# ENABLED_SERVICES - devstackPY's list of services being activated
|
||||
|
||||
set -o errexit
|
||||
set -e
|
||||
|
||||
ADMIN_PASSWORD=%ADMIN_PASSWORD%
|
||||
export ADMIN_PASSWORD
|
||||
|
||||
SERVICE_PASSWORD=%SERVICE_PASSWORD%
|
||||
export SERVICE_PASSWORD
|
||||
|
||||
SERVICE_TOKEN=%SERVICE_TOKEN%
|
||||
export SERVICE_TOKEN
|
||||
|
||||
SERVICE_ENDPOINT=%SERVICE_ENDPOINT%
|
||||
export SERVICE_ENDPOINT
|
||||
|
||||
SERVICE_TENANT_NAME=%SERVICE_TENANT_NAME%
|
||||
export SERVICE_TENANT_NAME
|
||||
|
||||
function get_id () {
|
||||
echo `$@ | awk '/ id / { print $4 }'`
|
||||
|
||||
@ -37,6 +37,7 @@ PW_PROMPTS = {
|
||||
'sql': 'Enter a password to use for your sql database user %s: ' % (DEF_PW_MSG),
|
||||
'rabbit': 'Enter a password to use for your rabbit user %s: ' % (DEF_PW_MSG),
|
||||
'old_sql': "Please enter your current mysql password so we that can reset it for next time: ",
|
||||
'service_password': "Enter a service_password to use for the service authentication %s:" % (DEF_PW_MSG),
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -19,11 +19,9 @@ import time
|
||||
|
||||
from devstack import cfg
|
||||
from devstack import component as comp
|
||||
from devstack import date
|
||||
from devstack import log as logging
|
||||
from devstack import settings
|
||||
from devstack import shell as sh
|
||||
from devstack import utils
|
||||
|
||||
from devstack.components import db
|
||||
from devstack.components import keystone
|
||||
@ -35,8 +33,6 @@ TYPE = settings.GLANCE
|
||||
LOG = logging.getLogger("devstack.components.glance")
|
||||
|
||||
#config files/sections
|
||||
#during the transition for glance to the split config files
|
||||
#we cat them together to handle both pre- and post-merge
|
||||
API_CONF = "glance-api.conf"
|
||||
REG_CONF = "glance-registry.conf"
|
||||
API_PASTE_CONF = 'glance-api-paste.ini'
|
||||
@ -47,8 +43,10 @@ LOGGING_CONF = "logging.conf"
|
||||
LOGGING_SOURCE_FN = 'logging.cnf.sample'
|
||||
POLICY_JSON = 'policy.json'
|
||||
CONFIGS = [API_CONF, REG_CONF, API_PASTE_CONF,
|
||||
REG_PASTE_CONF, POLICY_JSON, LOGGING_CONF, SCRUB_CONF, SCRUB_PASTE_CONF]
|
||||
READ_CONFIGS = [API_CONF, REG_CONF, API_PASTE_CONF, REG_PASTE_CONF, SCRUB_CONF, SCRUB_PASTE_CONF]
|
||||
REG_PASTE_CONF, POLICY_JSON, LOGGING_CONF,
|
||||
SCRUB_CONF, SCRUB_PASTE_CONF]
|
||||
READ_CONFIGS = [API_CONF, REG_CONF, API_PASTE_CONF,
|
||||
REG_PASTE_CONF, SCRUB_CONF, SCRUB_PASTE_CONF]
|
||||
|
||||
#reg, api are here as possible subcomponents
|
||||
GAPI = "api"
|
||||
@ -125,17 +123,7 @@ class GlanceInstaller(comp.PythonInstallComponent):
|
||||
db.create_db(self.cfg, DB_NAME)
|
||||
|
||||
def _get_source_config(self, config_fn):
|
||||
if config_fn == API_CONF:
|
||||
(fn, top) = utils.load_template(self.component_name, API_CONF)
|
||||
(_, bottom) = self._get_source_config(API_PASTE_CONF)
|
||||
combined = [top, "### Joined here on %s with file %s" % (date.rcf8222date(), API_PASTE_CONF), bottom]
|
||||
return (fn, utils.joinlinesep(*combined))
|
||||
elif config_fn == REG_CONF:
|
||||
(fn, top) = utils.load_template(self.component_name, REG_CONF)
|
||||
(_, bottom) = self._get_source_config(REG_PASTE_CONF)
|
||||
combined = [top, "### Joined here on %s with file %s" % (date.rcf8222date(), REG_PASTE_CONF), bottom]
|
||||
return (fn, utils.joinlinesep(*combined))
|
||||
elif config_fn == POLICY_JSON:
|
||||
if config_fn == POLICY_JSON:
|
||||
fn = sh.joinpths(self.cfgdir, POLICY_JSON)
|
||||
contents = sh.load_file(fn)
|
||||
return (fn, contents)
|
||||
@ -202,6 +190,7 @@ class GlanceInstaller(comp.PythonInstallComponent):
|
||||
mp['SQL_CONN'] = self.cfg.get_dbdsn(DB_NAME)
|
||||
mp['SERVICE_HOST'] = self.cfg.get('host', 'ip')
|
||||
mp['HOST_IP'] = self.cfg.get('host', 'ip')
|
||||
mp['SERVICE_USERNAME'] = 'glance'
|
||||
mp.update(keystone.get_shared_params(self.cfg))
|
||||
return mp
|
||||
|
||||
|
||||
@ -261,12 +261,12 @@ def get_shared_params(config):
|
||||
#these match what is in keystone_init.sh
|
||||
mp['SERVICE_TENANT_NAME'] = 'service'
|
||||
mp['ADMIN_USER_NAME'] = 'admin'
|
||||
mp['ADMIN_TENANT_NAME'] = mp['ADMIN_USER_NAME']
|
||||
mp['DEMO_USER_NAME'] = 'demo'
|
||||
mp['ADMIN_TENANT_NAME'] = mp['ADMIN_USER_NAME']
|
||||
mp['DEMO_TENANT_NAME'] = mp['DEMO_USER_NAME']
|
||||
|
||||
mp['ADMIN_PASSWORD'] = config.get('passwords', 'horizon_keystone_admin')
|
||||
mp['SERVICE_PASSWORD'] = mp['ADMIN_PASSWORD']
|
||||
mp['SERVICE_PASSWORD'] = config.get('passwords', 'service_password')
|
||||
|
||||
keystone_auth_host = config.getdefaulted('keystone', 'keystone_auth_host', host_ip)
|
||||
mp['KEYSTONE_AUTH_HOST'] = keystone_auth_host
|
||||
|
||||
@ -28,9 +28,7 @@ from devstack.components import keystone
|
||||
#general extraction cfg keys
|
||||
CFG_MAKE = {
|
||||
'ADMIN_PASSWORD': ('passwords', 'horizon_keystone_admin'),
|
||||
'ADMIN_USER': ('keystone', 'admin_user'),
|
||||
'DEMO_USER': ('keystone', 'demo_user'),
|
||||
'INVISIBLE_USER': ('keystone', 'invisible_user'),
|
||||
'SERVICE_PASSWORD': ('passwords', 'service_password'),
|
||||
'MYSQL_PASSWORD': ('passwords', 'sql'),
|
||||
'RABBIT_PASSWORD': ('passwords', 'rabbit'),
|
||||
'SERVICE_TOKEN': ('passwords', 'service_token'),
|
||||
|
||||
Loading…
Reference in New Issue
Block a user