Glance registry finally working

example.py

@@ -1,4 +1,5 @@
 import click
+import json
 import requests
 import sys
 import time
@@ -27,9 +28,9 @@ def deploy():
     node1 = resource.create('node1', 'resources/ro_node/', {'ip': '10.0.0.3', 'ssh_key': '/vagrant/.vagrant/machines/solar-dev1/virtualbox/private_key', 'ssh_user': 'vagrant'})
     node2 = resource.create('node2', 'resources/ro_node/', {'ip': '10.0.0.4', 'ssh_key': '/vagrant/.vagrant/machines/solar-dev2/virtualbox/private_key', 'ssh_user': 'vagrant'})
 
-    rabbitmq_service1 = resource.create('rabbitmq_service1', 'resources/rabbitmq_service/', {'ssh_user':'', 'ip':'','management_port':'15672', 'port':'5672', 'ssh_key':'', 'container_name': 'rabbitmq_service1', 'image': 'rabbitmq:3-management'})
-    openstack_vhost = resource.create('openstack_vhost', 'resources/rabbitmq_vhost/', {'ssh_user':'', 'ip':'', 'ssh_key':'', 'vhost_name' : 'openstack', 'container_name':''})
-    openstack_rabbitmq_user = resource.create('openstack_rabbitmq_user', 'resources/rabbitmq_user/', {'ssh_user':'', 'ip':'', 'ssh_key':'', 'vhost_name' : '', 'user_name':'openstack', 'password':'openstack_password', 'container_name':''})
+    rabbitmq_service1 = resource.create('rabbitmq_service1', 'resources/rabbitmq_service/', {'ssh_user': '', 'ip': '','management_port': '15672', 'port': '5672', 'ssh_key': '', 'container_name': 'rabbitmq_service1', 'image': 'rabbitmq:3-management'})
+    openstack_vhost = resource.create('openstack_vhost', 'resources/rabbitmq_vhost/', {'ssh_user': '', 'ip': '', 'ssh_key': '', 'vhost_name': 'openstack', 'container_name': ''})
+    openstack_rabbitmq_user = resource.create('openstack_rabbitmq_user', 'resources/rabbitmq_user/', {'ssh_user': '', 'ip': '', 'ssh_key': '', 'vhost_name': '', 'user_name': 'openstack', 'password': 'openstack_password', 'container_name': ''})
 
     mariadb_service1 = resource.create('mariadb_service1', 'resources/mariadb_service', {'image': 'mariadb', 'root_password': 'mariadb', 'port': 3306, 'ip': '', 'ssh_user': '', 'ssh_key': ''})
     keystone_db = resource.create('keystone_db', 'resources/mariadb_db/', {'db_name': 'keystone_db', 'login_password': '', 'login_user': 'root', 'login_port': '', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
@@ -48,16 +49,19 @@ def deploy():
     glance_db = resource.create('glance_db', 'resources/mariadb_db/', {'db_name': 'glance_db', 'login_password': '', 'login_user': 'root', 'login_port': '', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
     glance_db_user = resource.create('glance_db_user', 'resources/mariadb_user/', {'new_user_name': 'glance', 'new_user_password': 'glance', 'db_name': '', 'login_password': '', 'login_user': 'root', 'login_port': '', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
 
-    glance_keystone_user = resource.create('glance_keystone_user', 'resources/keystone_user', {'user_name': 'glance_admin', 'user_password': 'password1234', 'tenant_name': 'service_admins', 'role_name': 'glance_admin', 'keystone_host': '', 'keystone_admin_port': '', 'login_user': '', 'login_token': '', 'ip': '', 'ssh_key': '', 'ssh_user': ''})
+    services_tenant = resource.create('glance_keystone_tenant', 'resources/keystone_tenant', {'keystone_host': '', 'keystone_port': '', 'login_user': 'admin', 'admin_token': '', 'tenant_name': 'services', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
 
-    glance_config = resource.create('glance_config', 'resources/glance_config/', {'ip': '', 'ssh_key': '', 'ssh_user': '', 'keystone_ip': '', 'keystone_port': '', 'config_dir': {}, 'api_port': '', 'registry_port': '', 'mysql_ip': '', 'mysql_db': '', 'mysql_user': '', 'mysql_password': '', 'keystone_admin_user': '', 'keystone_admin_password': '', 'keystone_admin_tenant': ''})
+    glance_keystone_user = resource.create('glance_keystone_user', 'resources/keystone_user', {'user_name': 'glance_admin', 'user_password': 'password1234', 'tenant_name': 'service_admins', 'role_name': 'glance_admin', 'keystone_host': '', 'keystone_port': '', 'admin_token': '', 'ip': '', 'ssh_key': '', 'ssh_user': ''})
+    glance_keystone_role = resource.create('glance_keystone_role', 'resources/keystone_role', {'keystone_host': '', 'keystone_port': '', 'login_user': 'admin', 'admin_token': '', 'tenant_name': '', 'user_name': '', 'role_name': 'admin', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
+
+    glance_config = resource.create('glance_config', 'resources/glance_config/', {'ip': '', 'ssh_key': '', 'ssh_user': '', 'keystone_ip': '', 'keystone_port': '', 'config_dir': {}, 'api_port': '', 'registry_port': '', 'mysql_ip': '', 'mysql_db': '', 'mysql_user': '', 'mysql_password': '', 'keystone_admin_user': '', 'keystone_admin_password': '', 'keystone_admin_port': '', 'keystone_admin_tenant': ''})
     glance_api_container = resource.create('glance_api_container', 'resources/glance_api_service/', {'image': 'cgenie/centos-rdo-glance-api', 'ports': [{'value': [{'value': 9292}]}], 'host_binds': [], 'volume_binds': [], 'db_password': '', 'keystone_password': '', 'keystone_admin_token': '', 'keystone_host': '', 'ip': '', 'ssh_key': '', 'ssh_user': ''})
     glance_registry_container = resource.create('glance_registry_container', 'resources/glance_registry_service/', {'image': 'cgenie/centos-rdo-glance-registry', 'ports': [{'value': [{'value': 9191}]}], 'host_binds': [], 'volume_binds': [], 'db_host': '', 'db_root_password': '', 'db_password': '', 'db_name': '', 'db_user': '', 'keystone_admin_tenant': '', 'keystone_password': '', 'keystone_user': '', 'keystone_admin_token': '', 'keystone_host': '', 'ip': '', 'ssh_key': '', 'ssh_user': ''})
 
-    admin_tenant = resource.create('admin_tenant', 'resources/keystone_tenant', {'keystone_host': '', 'keystone_port':'', 'login_user': 'admin', 'admin_token':'', 'tenant_name' : 'admin', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
-    admin_user = resource.create('admin_user', 'resources/keystone_user', {'keystone_host': '', 'keystone_port':'', 'login_user': 'admin', 'admin_token':'', 'tenant_name' : '', 'user_name': 'admin', 'user_password':'admin', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
-    admin_role = resource.create('admin_role', 'resources/keystone_role', {'keystone_host': '', 'keystone_port':'', 'login_user': 'admin', 'admin_token':'', 'tenant_name' : '', 'user_name': '', 'role_name': 'admin', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
-    keystone_service_endpoint = resource.create('keystone_service_endpoint', 'resources/keystone_service_endpoint/', {'ip':'', 'ssh_key' : '', 'ssh_user':'', 'admin_port':'', 'admin_token':'', 'adminurl':'http://{{ip}}:{{admin_port}}/v2.0', 'internalurl':'http://{{ip}}:{{port}}/v2.0', 'publicurl':'http://{{ip}}:{{port}}/v2.0', 'description':'OpenStack Identity Service', 'keystone_host':'', 'keystone_port':'', 'name':'keystone', 'port':'', 'type':'identity'})
+    admin_tenant = resource.create('admin_tenant', 'resources/keystone_tenant', {'keystone_host': '', 'keystone_port': '', 'login_user': 'admin', 'admin_token': '', 'tenant_name': 'admin', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
+    admin_user = resource.create('admin_user', 'resources/keystone_user', {'keystone_host': '', 'keystone_port': '', 'login_user': 'admin', 'admin_token': '', 'tenant_name': '', 'user_name': 'admin', 'user_password': 'admin', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
+    admin_role = resource.create('admin_role', 'resources/keystone_role', {'keystone_host': '', 'keystone_port': '', 'login_user': 'admin', 'admin_token': '', 'tenant_name': '', 'user_name': '', 'role_name': 'admin', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
+    keystone_service_endpoint = resource.create('keystone_service_endpoint', 'resources/keystone_service_endpoint/', {'ip': '', 'ssh_key': '', 'ssh_user': '', 'admin_port': '', 'admin_token': '', 'adminurl': 'http://{{ip}}:{{admin_port}}/v2.0', 'internalurl': 'http://{{ip}}:{{port}}/v2.0', 'publicurl': 'http://{{ip}}:{{port}}/v2.0', 'description': 'OpenStack Identity Service', 'keystone_host': '', 'keystone_port': '', 'name': 'keystone', 'port': '', 'type': 'identity'})
 
 
     ####
@@ -111,7 +115,7 @@ def deploy():
     signals.connect(admin_tenant, admin_user)
     signals.connect(admin_user, admin_role)
     signals.connect(keystone_config1, keystone_service_endpoint)
-    signals.connect(keystone_service1, keystone_service_endpoint, {'ip': 'keystone_host','admin_port':'admin_port', 'port':'port'})
+    signals.connect(keystone_service1, keystone_service_endpoint, {'ip': 'keystone_host','admin_port': 'admin_port', 'port': 'port'})
     signals.connect(keystone_service1, keystone_service_endpoint, {'admin_port': 'keystone_port'})
 
     # glance db
@@ -122,11 +126,14 @@ def deploy():
     signals.connect(glance_db, glance_db_user, {'db_name': 'db_name'})
 
     # glance keystone user
-    signals.connect(haproxy_keystone_config, glance_keystone_user, {'listen_port': 'keystone_admin_port'})
-    signals.connect(haproxy_service, glance_keystone_user)  # standard ip, ssh_key, ssh_user
-    signals.connect(haproxy_service, glance_keystone_user, {'ip': 'keystone_host'})
-    signals.connect(keystone_config1, glance_keystone_user, {'admin_token': 'login_token'})
+    signals.connect(keystone_config1, services_tenant)
+    signals.connect(keystone_service1, services_tenant, {'admin_port': 'keystone_port', 'ip': 'keystone_host'})
+    signals.connect(services_tenant, glance_keystone_user)  # standard ip, ssh_key, ssh_user
+    signals.connect(glance_keystone_user, glance_keystone_role)
+    signals.connect(keystone_service1, glance_keystone_user, {'admin_port': 'keystone_port', 'ip': 'keystone_host'})
+    signals.connect(keystone_config1, glance_keystone_user, {'admin_token': 'admin_token'})
     signals.connect(glance_keystone_user, glance_config, {'user_name': 'keystone_admin_user', 'user_password': 'keystone_admin_password', 'tenant_name': 'keystone_admin_tenant'})
+    signals.connect(keystone_service2, glance_config, {'admin_port': 'keystone_admin_port'})
 
     # glance
     signals.connect(node2, glance_config)
@@ -140,7 +147,7 @@ def deploy():
 
     signals.connect(glance_db_user, glance_api_container, {'new_user_password': 'db_password'})
     signals.connect(glance_keystone_user, glance_api_container, {'user_password': 'keystone_password'})
-    signals.connect(glance_keystone_user, glance_api_container, {'login_token': 'keystone_admin_token'})
+    signals.connect(glance_keystone_user, glance_api_container, {'admin_token': 'keystone_admin_token'})
     signals.connect(haproxy_config, glance_api_container, {'ip': 'keystone_host'})
 
     signals.connect(node2, glance_registry_container)
@@ -150,12 +157,13 @@ def deploy():
     signals.connect(glance_db, glance_registry_container, {'db_name': 'db_name', 'login_password': 'db_root_password'})
     signals.connect(glance_db_user, glance_registry_container, {'new_user_name': 'db_user', 'new_user_password': 'db_password'})
     signals.connect(glance_keystone_user, glance_registry_container, {'tenant_name': 'keystone_admin_tenant', 'user_name': 'keystone_user', 'user_password': 'keystone_password'})
-    signals.connect(glance_keystone_user, glance_registry_container, {'login_token': 'keystone_admin_token'})
+    signals.connect(glance_keystone_user, glance_registry_container, {'admin_token': 'keystone_admin_token'})
     signals.connect(haproxy_config, glance_registry_container, {'ip': 'keystone_host'})
 
 
     has_errors = False
     for r in resource.Resource.__subclasses__():
+        print 'Validating {}'.format(r.name)
         errors = validation.validate_resource(r)
         if errors:
             has_errors = True
@@ -186,11 +194,14 @@ def deploy():
     actions.resource_action(admin_role, 'run')
     actions.resource_action(keystone_service_endpoint, 'run')
 
+    actions.resource_action(services_tenant, 'run')
     actions.resource_action(glance_keystone_user, 'run')
+    actions.resource_action(glance_keystone_role, 'run')
     actions.resource_action(glance_db, 'run')
     actions.resource_action(glance_db_user, 'run')
     actions.resource_action(glance_config, 'run')
     actions.resource_action(glance_api_container, 'run')
+    time.sleep(10) #TODO fix
     actions.resource_action(glance_registry_container, 'run')
     time.sleep(10)
 
@@ -199,9 +210,9 @@ def deploy():
     requests.get('http://%s:%s' % (keystone_service2.args['ip'].value, keystone_service2.args['port'].value))
     requests.get('http://%s:%s' % (haproxy_service.args['ip'].value, haproxy_service.args['ports'].value[0]['value'][0]['value']))
 
-    requests.post(
+    token_data = requests.post(
         'http://%s:%s/v2.0/tokens' % (haproxy_service.args['ip'].value, haproxy_keystone_config.args['listen_port'].value),
-        {
+        json.dumps({
             'auth': {
                 'tenantName': glance_keystone_user.args['tenant_name'],
                 'passwordCredentials': {
@@ -209,13 +220,20 @@ def deploy():
                     'password': glance_keystone_user.args['user_password'],
                 }
             }
-        }
+        }),
+        headers={'Content-Type': 'application/json'}
     )
 
+    token = token_data.json()['access']['token']['id']
+    print 'TOKEN: {}'.format(token)
+
     requests.get('http://%s:%s' % (rabbitmq_service1.args['ip'].value, rabbitmq_service1.args['management_port'].value))
 
     requests.get('http://%s:%s' % (glance_api_container.args['ip'].value, glance_api_container.args['ports'].value[0]['value'][0]['value']))
-    requests.get('http://%s:%s' % (glance_registry_container.args['ip'].value, glance_registry_container.args['ports'].value[0]['value'][0]['value']))
+    requests.get(
+        'http://%s:%s' % (glance_registry_container.args['ip'].value, glance_registry_container.args['ports'].value[0]['value'][0]['value']),
+        headers={'X-Auth-Token': token}
+    )
 
 
 @click.command()
@@ -225,11 +243,14 @@ def undeploy():
     resources = map(resource.wrap_resource, db.get_list('resource'))
     resources = {r.name: r for r in resources}
 
-    actions.resource_action(resources['glance_registry_container'], 'remove')
     actions.resource_action(resources['glance_api_container'], 'remove')
+    actions.resource_action(resources['glance_registry_container'], 'remove')
     actions.resource_action(resources['glance_config'], 'remove')
     actions.resource_action(resources['glance_db_user'], 'remove')
     actions.resource_action(resources['glance_db'], 'remove')
+    actions.resource_action(resources['glance_keystone_role'], 'run')
+    actions.resource_action(resources['glance_keystone_user'], 'run')
+    actions.resource_action(resources['glance_keystone_tenant'], 'run')
 
     actions.resource_action(resources['keystone_service_endpoint'], 'remove')
     actions.resource_action(resources['admin_role'], 'remove')

resources/glance_config/actions/run.yml

@@ -7,6 +7,7 @@
     keystone_port: {{ keystone_port }}
     keystone_admin_user: {{ keystone_admin_user }}
     keystone_admin_password: {{ keystone_admin_password }}
+    keystone_admin_port: {{ keystone_admin_port }}
     keystone_admin_tenant: {{ keystone_admin_tenant }}
     mysql_ip: {{ mysql_ip }}
     mysql_db: {{ mysql_db }}

resources/glance_config/meta.yaml

@@ -33,6 +33,9 @@ input:
     keystone_admin_password:
       schema: str!
       value: password1234
+    keystone_admin_port:
+      schema: int!
+      value:
     keystone_admin_tenant:
       schema: str!
       value: service_admins

resources/glance_config/templates/exports

@@ -1,4 +1,4 @@
 export OS_TENANT_NAME={{ keystone_admin_tenant }}
 export OS_USERNAME={{ keystone_admin_user }}
 export OS_PASSWORD={{ keystone_admin_password }}
-export OS_AUTH_URL=http://{{ keystone_ip }}:35357/v2.0
+export OS_AUTH_URL=http://{{ keystone_ip }}:{{ keystone_admin_port }}/v2.0

resources/glance_config/templates/glance-api-paste.ini

@@ -67,7 +67,7 @@ paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddl
 
 [filter:authtoken]
 paste.filter_factory = keystonemiddleware.auth_token:filter_factory
-identity_uri = http://{{ keystone_ip }}:35357
+identity_uri = http://{{ keystone_ip }}:{{ keystone_admin_port }}
 admin_user = {{ keystone_admin_user }}
 admin_tenant_name = {{ keystone_admin_tenant }}
 admin_password = {{ keystone_admin_password }}

resources/glance_config/templates/glance-api.conf

@@ -15,11 +15,11 @@ image_cache_dir = /var/lib/glance/image-cache/
 
 [database]
 connection = mysql://{{ mysql_user }}:{{ mysql_password }}@{{ mysql_ip }}/{{ mysql_db }}
-backend = sqlalchemy
+backend = mysql
 
 [keystone_authtoken]
 auth_uri = http://{{ keystone_ip }}:{{ keystone_port }}/v2.0
-identity_uri = http://{{ keystone_ip }}:35357
+identity_uri = http://{{ keystone_ip }}:{{ keystone_admin_port }}
 admin_tenant_name = {{ keystone_admin_tenant }}
 admin_user = {{ keystone_admin_user }}
 admin_password = {{ keystone_admin_password }}

resources/glance_config/templates/glance-registry-paste.ini

@@ -24,7 +24,7 @@ paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddl
 
 [filter:authtoken]
 paste.filter_factory = keystonemiddleware.auth_token:filter_factory
-identity_uri = http://{{ keystone_ip }}:35357
+identity_uri = http://{{ keystone_ip }}:{{ keystone_admin_port }}
 admin_user = {{ keystone_admin_user }}
 admin_tenant_name = {{ keystone_admin_tenant }}
 admin_password = {{ keystone_admin_password }}

resources/glance_config/templates/glance-registry.conf

@@ -7,12 +7,12 @@ api_limit_max = 1000
 limit_param_default = 25
 
 [database]
-backend = sqlalchemy
+backend = mysql
 connection = mysql://{{ mysql_user }}:{{ mysql_password }}@{{ mysql_ip }}/{{ mysql_db }}
 
 [keystone_authtoken]
 auth_uri = http://{{ keystone_ip }}:{{ keystone_port }}/v2.0
-identity_uri = http://{{ keystone_ip }}:35357
+identity_uri = http://{{ keystone_ip }}:{{ keystone_admin_port }}
 admin_tenant_name = {{ keystone_admin_tenant }}
 admin_user = {{ keystone_admin_user }}
 admin_password = {{ keystone_admin_password }}

resources/glance_registry_service/actions/run.yml

@@ -3,7 +3,8 @@
   sudo: yes
   tasks:
     - docker:
-       command: /bin/bash -c "glance-manage db_sync && /usr/bin/keystone-registry"
+       #command: /bin/bash -c "glance-manage db_sync && /usr/bin/glance-registry"
+       command: /usr/bin/glance-registry
        name: {{ name }}
        image: {{ image }}
        state: running

resources/keystone_role/actions/run.yml

@@ -1,5 +1,7 @@
 - hosts: [{{ ip }}]
   sudo: yes
   tasks:
+    - name: install python-keystoneclient
+      shell: pip install python-keystoneclient
     - name: keystone role
       keystone_user: endpoint=http://{{keystone_host}}:{{keystone_port}}/v2.0/ token={{admin_token}} user={{user_name}} tenant={{tenant_name}} role={{role_name}} state=present

resources/keystone_service_endpoint/actions/remove.yaml

@@ -1 +1,5 @@
 #todo
+- hosts: [{{ ip }}]
+  sudo: yes
+  tasks:
+    - shell: echo 1

resources/keystone_tenant/actions/run.yml

@@ -1,5 +1,7 @@
 - hosts: [{{ ip }}]
   sudo: yes
   tasks:
+    - name: install python-keystoneclient
+      shell: pip install python-keystoneclient
     - name: keystone tenant
       keystone_user: endpoint=http://{{keystone_host}}:{{keystone_port}}/v2.0/ token={{admin_token}} tenant={{tenant_name}} state=present

resources/keystone_user/actions/run.yml

@@ -3,4 +3,5 @@
   tasks:
     - name: install python-keystoneclient
       shell: pip install python-keystoneclient
+    - name: keystone user
       keystone_user: endpoint=http://{{ keystone_host }}:{{ keystone_port }}/v2.0/ token={{ admin_token }} user={{ user_name }} password={{ user_password }} tenant={{ tenant_name }} state=present

resources/keystone_user/meta.yaml

@@ -5,15 +5,12 @@ input:
     keystone_host:
       schema: str!
       value:
-    keystone_admin_port:
+    keystone_port:
       schema: int!
       value:
     admin_token:
       schema: str!
       value:
-    role_name:
-      schema: str!
-      value:
     user_name:
       schema: str!
       value: