From 9186e6440ddd189c0aef7dd46fe03fe7e6c9d8fe Mon Sep 17 00:00:00 2001 From: Joshua Harlow Date: Tue, 6 Mar 2012 23:53:48 -0800 Subject: [PATCH] attempting to get keystone working again..... --- .../templates/glance/glance-api-paste.ini.tpl | 16 ++++++++++++- .../glance/glance-registry-paste.ini.tpl | 13 ++++++++++- conf/templates/keystone/keystone_init.sh.tpl | 9 +++++++- devstack/cfg.py | 1 + devstack/components/glance.py | 23 +++++-------------- devstack/components/keystone.py | 4 ++-- devstack/env_rc.py | 4 +--- 7 files changed, 45 insertions(+), 25 deletions(-) diff --git a/conf/templates/glance/glance-api-paste.ini.tpl b/conf/templates/glance/glance-api-paste.ini.tpl index 466c7629..5c688a80 100644 --- a/conf/templates/glance/glance-api-paste.ini.tpl +++ b/conf/templates/glance/glance-api-paste.ini.tpl @@ -1,6 +1,7 @@ -# From devstack commit 30439a6dc4 +# From devstack commit b3288381047690510845209cc372d07e5b11e396 [pipeline:glance-api] + #pipeline = versionnegotiation context apiv1app # NOTE: use the following pipeline for keystone pipeline = versionnegotiation authtoken auth-context apiv1app @@ -11,37 +12,50 @@ pipeline = versionnegotiation authtoken auth-context apiv1app # pipeline = versionnegotiation authtoken auth-context imagecache apiv1app [app:apiv1app] + paste.app_factory = glance.common.wsgi:app_factory glance.app_factory = glance.api.v1.router:API [filter:versionnegotiation] + paste.filter_factory = glance.common.wsgi:filter_factory glance.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter [filter:cache] + paste.filter_factory = glance.common.wsgi:filter_factory glance.filter_factory = glance.api.middleware.cache:CacheFilter [filter:cachemanage] + paste.filter_factory = glance.common.wsgi:filter_factory glance.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter [filter:context] + paste.filter_factory = glance.common.wsgi:filter_factory glance.filter_factory = glance.common.context:ContextMiddleware [filter:authtoken] + paste.filter_factory = keystone.middleware.auth_token:filter_factory + service_host = %KEYSTONE_SERVICE_HOST% service_port = %KEYSTONE_SERVICE_PORT% service_protocol = %KEYSTONE_SERVICE_PROTOCOL% + auth_host = %KEYSTONE_AUTH_HOST% auth_port = %KEYSTONE_AUTH_PORT% auth_protocol = %KEYSTONE_AUTH_PROTOCOL% auth_uri = %KEYSTONE_SERVICE_PROTOCOL%://%KEYSTONE_SERVICE_HOST%:%KEYSTONE_SERVICE_PORT%/ + admin_token = %SERVICE_TOKEN% +admin_tenant_name = %SERVICE_TENANT_NAME% +admin_user = %SERVICE_USERNAME% +admin_password = %SERVICE_PASSWORD% [filter:auth-context] + paste.filter_factory = glance.common.wsgi:filter_factory glance.filter_factory = keystone.middleware.glance_auth_token:KeystoneContextMiddleware diff --git a/conf/templates/glance/glance-registry-paste.ini.tpl b/conf/templates/glance/glance-registry-paste.ini.tpl index 37d851b7..d15595a3 100644 --- a/conf/templates/glance/glance-registry-paste.ini.tpl +++ b/conf/templates/glance/glance-registry-paste.ini.tpl @@ -1,31 +1,42 @@ -# From devstack commit 30439a6dc4 +# From devstack commit b3288381047690510845209cc372d07e5b11e396 [pipeline:glance-registry] + #pipeline = context registryapp # NOTE: use the following pipeline for keystone pipeline = authtoken auth-context context registryapp [app:registryapp] + paste.app_factory = glance.common.wsgi:app_factory glance.app_factory = glance.registry.api.v1:API [filter:context] + context_class = glance.registry.context.RequestContext paste.filter_factory = glance.common.wsgi:filter_factory glance.filter_factory = glance.common.context:ContextMiddleware [filter:authtoken] + paste.filter_factory = keystone.middleware.auth_token:filter_factory + service_host = %KEYSTONE_SERVICE_HOST% service_port = %KEYSTONE_SERVICE_PORT% service_protocol = %KEYSTONE_SERVICE_PROTOCOL% + auth_host = %KEYSTONE_AUTH_HOST% auth_port = %KEYSTONE_AUTH_PORT% auth_protocol = %KEYSTONE_AUTH_PROTOCOL% auth_uri = %KEYSTONE_SERVICE_PROTOCOL%://%KEYSTONE_SERVICE_HOST%:%KEYSTONE_SERVICE_PORT%/ + admin_token = %SERVICE_TOKEN% +admin_tenant_name = %SERVICE_TENANT_NAME% +admin_user = %SERVICE_USERNAME% +admin_password = %SERVICE_PASSWORD% [filter:auth-context] + context_class = glance.registry.context.RequestContext paste.filter_factory = glance.common.wsgi:filter_factory glance.filter_factory = keystone.middleware.glance_auth_token:KeystoneContextMiddleware diff --git a/conf/templates/keystone/keystone_init.sh.tpl b/conf/templates/keystone/keystone_init.sh.tpl index 207580a1..b6f20869 100644 --- a/conf/templates/keystone/keystone_init.sh.tpl +++ b/conf/templates/keystone/keystone_init.sh.tpl @@ -26,15 +26,22 @@ # SERVICE_TENANT_NAME - name of tenant containing service accounts # ENABLED_SERVICES - devstackPY's list of services being activated -set -o errexit +set -e ADMIN_PASSWORD=%ADMIN_PASSWORD% +export ADMIN_PASSWORD + SERVICE_PASSWORD=%SERVICE_PASSWORD% +export SERVICE_PASSWORD + SERVICE_TOKEN=%SERVICE_TOKEN% export SERVICE_TOKEN + SERVICE_ENDPOINT=%SERVICE_ENDPOINT% export SERVICE_ENDPOINT + SERVICE_TENANT_NAME=%SERVICE_TENANT_NAME% +export SERVICE_TENANT_NAME function get_id () { echo `$@ | awk '/ id / { print $4 }'` diff --git a/devstack/cfg.py b/devstack/cfg.py index 624b3645..15212029 100644 --- a/devstack/cfg.py +++ b/devstack/cfg.py @@ -37,6 +37,7 @@ PW_PROMPTS = { 'sql': 'Enter a password to use for your sql database user %s: ' % (DEF_PW_MSG), 'rabbit': 'Enter a password to use for your rabbit user %s: ' % (DEF_PW_MSG), 'old_sql': "Please enter your current mysql password so we that can reset it for next time: ", + 'service_password': "Enter a service_password to use for the service authentication %s:" % (DEF_PW_MSG), } diff --git a/devstack/components/glance.py b/devstack/components/glance.py index 279b6b10..ecf29d8f 100644 --- a/devstack/components/glance.py +++ b/devstack/components/glance.py @@ -19,11 +19,9 @@ import time from devstack import cfg from devstack import component as comp -from devstack import date from devstack import log as logging from devstack import settings from devstack import shell as sh -from devstack import utils from devstack.components import db from devstack.components import keystone @@ -35,8 +33,6 @@ TYPE = settings.GLANCE LOG = logging.getLogger("devstack.components.glance") #config files/sections -#during the transition for glance to the split config files -#we cat them together to handle both pre- and post-merge API_CONF = "glance-api.conf" REG_CONF = "glance-registry.conf" API_PASTE_CONF = 'glance-api-paste.ini' @@ -47,8 +43,10 @@ LOGGING_CONF = "logging.conf" LOGGING_SOURCE_FN = 'logging.cnf.sample' POLICY_JSON = 'policy.json' CONFIGS = [API_CONF, REG_CONF, API_PASTE_CONF, - REG_PASTE_CONF, POLICY_JSON, LOGGING_CONF, SCRUB_CONF, SCRUB_PASTE_CONF] -READ_CONFIGS = [API_CONF, REG_CONF, API_PASTE_CONF, REG_PASTE_CONF, SCRUB_CONF, SCRUB_PASTE_CONF] + REG_PASTE_CONF, POLICY_JSON, LOGGING_CONF, + SCRUB_CONF, SCRUB_PASTE_CONF] +READ_CONFIGS = [API_CONF, REG_CONF, API_PASTE_CONF, + REG_PASTE_CONF, SCRUB_CONF, SCRUB_PASTE_CONF] #reg, api are here as possible subcomponents GAPI = "api" @@ -125,17 +123,7 @@ class GlanceInstaller(comp.PythonInstallComponent): db.create_db(self.cfg, DB_NAME) def _get_source_config(self, config_fn): - if config_fn == API_CONF: - (fn, top) = utils.load_template(self.component_name, API_CONF) - (_, bottom) = self._get_source_config(API_PASTE_CONF) - combined = [top, "### Joined here on %s with file %s" % (date.rcf8222date(), API_PASTE_CONF), bottom] - return (fn, utils.joinlinesep(*combined)) - elif config_fn == REG_CONF: - (fn, top) = utils.load_template(self.component_name, REG_CONF) - (_, bottom) = self._get_source_config(REG_PASTE_CONF) - combined = [top, "### Joined here on %s with file %s" % (date.rcf8222date(), REG_PASTE_CONF), bottom] - return (fn, utils.joinlinesep(*combined)) - elif config_fn == POLICY_JSON: + if config_fn == POLICY_JSON: fn = sh.joinpths(self.cfgdir, POLICY_JSON) contents = sh.load_file(fn) return (fn, contents) @@ -202,6 +190,7 @@ class GlanceInstaller(comp.PythonInstallComponent): mp['SQL_CONN'] = self.cfg.get_dbdsn(DB_NAME) mp['SERVICE_HOST'] = self.cfg.get('host', 'ip') mp['HOST_IP'] = self.cfg.get('host', 'ip') + mp['SERVICE_USERNAME'] = 'glance' mp.update(keystone.get_shared_params(self.cfg)) return mp diff --git a/devstack/components/keystone.py b/devstack/components/keystone.py index 83047701..4999c839 100644 --- a/devstack/components/keystone.py +++ b/devstack/components/keystone.py @@ -261,12 +261,12 @@ def get_shared_params(config): #these match what is in keystone_init.sh mp['SERVICE_TENANT_NAME'] = 'service' mp['ADMIN_USER_NAME'] = 'admin' - mp['ADMIN_TENANT_NAME'] = mp['ADMIN_USER_NAME'] mp['DEMO_USER_NAME'] = 'demo' + mp['ADMIN_TENANT_NAME'] = mp['ADMIN_USER_NAME'] mp['DEMO_TENANT_NAME'] = mp['DEMO_USER_NAME'] mp['ADMIN_PASSWORD'] = config.get('passwords', 'horizon_keystone_admin') - mp['SERVICE_PASSWORD'] = mp['ADMIN_PASSWORD'] + mp['SERVICE_PASSWORD'] = config.get('passwords', 'service_password') keystone_auth_host = config.getdefaulted('keystone', 'keystone_auth_host', host_ip) mp['KEYSTONE_AUTH_HOST'] = keystone_auth_host diff --git a/devstack/env_rc.py b/devstack/env_rc.py index 33965409..999f3cf3 100644 --- a/devstack/env_rc.py +++ b/devstack/env_rc.py @@ -28,9 +28,7 @@ from devstack.components import keystone #general extraction cfg keys CFG_MAKE = { 'ADMIN_PASSWORD': ('passwords', 'horizon_keystone_admin'), - 'ADMIN_USER': ('keystone', 'admin_user'), - 'DEMO_USER': ('keystone', 'demo_user'), - 'INVISIBLE_USER': ('keystone', 'invisible_user'), + 'SERVICE_PASSWORD': ('passwords', 'service_password'), 'MYSQL_PASSWORD': ('passwords', 'sql'), 'RABBIT_PASSWORD': ('passwords', 'rabbit'), 'SERVICE_TOKEN': ('passwords', 'service_token'),