Fix service user creating objects

Service user used by Climate should not create objects such as
host aggregates. Consequently, until we migrate the code by using
trusts, we need to use a dedicated user for operations

Change-Id: I35878e178dea7eb10a52ad2419e191d8d683b35c
Closes-bug: #1270765
changes/01/67801/5
Sylvain Bauza 9 years ago committed by Gerrit Code Review
parent 88dc709ef5
commit 16d5f67ba7

@ -1,4 +0,0 @@
climate
=======
OpenStack Reservation Service

@ -0,0 +1,14 @@
Climate
=======
Overview
--------
OpenStack Reservation Service
Prerequisites
-------------
* Keystone v3 API endpoint
* Dedicated account for write operations on behalf of the admin
climate_username
* Service account

@ -0,0 +1,31 @@
# Copyright (c) 2014 Bull.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from oslo.config import cfg
admin_opts = [
cfg.StrOpt('climate_username',
default='climate_admin',
help='Name of the user for write operations'),
cfg.StrOpt('climate_password',
default='climate_password',
help='Password of the user for write operations'),
cfg.StrOpt('climate_tenant_name',
default='admin',
help='Tenant of the user for write operations'),
]
cfg.CONF.register_opts(admin_opts)

@ -30,10 +30,10 @@ class NovaInventory(object):
cfg.CONF.os_auth_host,
cfg.CONF.os_auth_port)
self.nova = client.Client('2',
username=cfg.CONF.os_admin_username,
api_key=cfg.CONF.os_admin_password,
username=cfg.CONF.climate_username,
api_key=cfg.CONF.climate_password,
auth_url=auth_url,
project_id=cfg.CONF.os_admin_tenant_name)
project_id=cfg.CONF.climate_tenant_name)
def get_host_details(self, host):
"""Get Nova capabilities of a single host

@ -56,10 +56,10 @@ class ReservationPool(object):
cfg.CONF.os_auth_host,
cfg.CONF.os_auth_port)
self.nova = client.Client('2',
username=cfg.CONF.os_admin_username,
api_key=cfg.CONF.os_admin_password,
username=cfg.CONF.climate_username,
api_key=cfg.CONF.climate_password,
auth_url=auth_url,
project_id=cfg.CONF.os_admin_tenant_name)
project_id=cfg.CONF.climate_tenant_name)
def get_aggregate_from_name_or_id(self, aggregate_obj):
"""Return an aggregate by name or an id."""

@ -6,6 +6,9 @@ os_auth_protocol=<http, for example>
os_admin_username=<username>
os_admin_password=<password>
os_admin_tenant_name=<tenant_name>
climate_username=<username>
climate_password=<password>
climate_tenant_name=<tenant_name>
[manager]
plugins=dummy.vm.plugin,physical.host.plugin

@ -2,7 +2,7 @@
name = climate
version = 2013.1
summary = Reservation Service for OpenStack clouds
description-file = README.md
description-file = README.rst
license = Apache Software License
classifiers =
Programming Language :: Python

Loading…
Cancel
Save