Fix service user creating objects
Service user used by Climate should not create objects such as host aggregates. Consequently, until we migrate the code by using trusts, we need to use a dedicated user for operations Change-Id: I35878e178dea7eb10a52ad2419e191d8d683b35c Closes-bug: #1270765
This commit is contained in:
parent
88dc709ef5
commit
16d5f67ba7
14
README.rst
Normal file
14
README.rst
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
Climate
|
||||||
|
=======
|
||||||
|
|
||||||
|
Overview
|
||||||
|
--------
|
||||||
|
OpenStack Reservation Service
|
||||||
|
|
||||||
|
|
||||||
|
Prerequisites
|
||||||
|
-------------
|
||||||
|
* Keystone v3 API endpoint
|
||||||
|
* Dedicated account for write operations on behalf of the admin
|
||||||
|
climate_username
|
||||||
|
* Service account
|
@ -0,0 +1,31 @@
|
|||||||
|
# Copyright (c) 2014 Bull.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||||
|
# implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
from oslo.config import cfg
|
||||||
|
|
||||||
|
|
||||||
|
admin_opts = [
|
||||||
|
cfg.StrOpt('climate_username',
|
||||||
|
default='climate_admin',
|
||||||
|
help='Name of the user for write operations'),
|
||||||
|
cfg.StrOpt('climate_password',
|
||||||
|
default='climate_password',
|
||||||
|
help='Password of the user for write operations'),
|
||||||
|
cfg.StrOpt('climate_tenant_name',
|
||||||
|
default='admin',
|
||||||
|
help='Tenant of the user for write operations'),
|
||||||
|
]
|
||||||
|
|
||||||
|
cfg.CONF.register_opts(admin_opts)
|
@ -30,10 +30,10 @@ class NovaInventory(object):
|
|||||||
cfg.CONF.os_auth_host,
|
cfg.CONF.os_auth_host,
|
||||||
cfg.CONF.os_auth_port)
|
cfg.CONF.os_auth_port)
|
||||||
self.nova = client.Client('2',
|
self.nova = client.Client('2',
|
||||||
username=cfg.CONF.os_admin_username,
|
username=cfg.CONF.climate_username,
|
||||||
api_key=cfg.CONF.os_admin_password,
|
api_key=cfg.CONF.climate_password,
|
||||||
auth_url=auth_url,
|
auth_url=auth_url,
|
||||||
project_id=cfg.CONF.os_admin_tenant_name)
|
project_id=cfg.CONF.climate_tenant_name)
|
||||||
|
|
||||||
def get_host_details(self, host):
|
def get_host_details(self, host):
|
||||||
"""Get Nova capabilities of a single host
|
"""Get Nova capabilities of a single host
|
||||||
|
@ -56,10 +56,10 @@ class ReservationPool(object):
|
|||||||
cfg.CONF.os_auth_host,
|
cfg.CONF.os_auth_host,
|
||||||
cfg.CONF.os_auth_port)
|
cfg.CONF.os_auth_port)
|
||||||
self.nova = client.Client('2',
|
self.nova = client.Client('2',
|
||||||
username=cfg.CONF.os_admin_username,
|
username=cfg.CONF.climate_username,
|
||||||
api_key=cfg.CONF.os_admin_password,
|
api_key=cfg.CONF.climate_password,
|
||||||
auth_url=auth_url,
|
auth_url=auth_url,
|
||||||
project_id=cfg.CONF.os_admin_tenant_name)
|
project_id=cfg.CONF.climate_tenant_name)
|
||||||
|
|
||||||
def get_aggregate_from_name_or_id(self, aggregate_obj):
|
def get_aggregate_from_name_or_id(self, aggregate_obj):
|
||||||
"""Return an aggregate by name or an id."""
|
"""Return an aggregate by name or an id."""
|
||||||
|
@ -6,6 +6,9 @@ os_auth_protocol=<http, for example>
|
|||||||
os_admin_username=<username>
|
os_admin_username=<username>
|
||||||
os_admin_password=<password>
|
os_admin_password=<password>
|
||||||
os_admin_tenant_name=<tenant_name>
|
os_admin_tenant_name=<tenant_name>
|
||||||
|
climate_username=<username>
|
||||||
|
climate_password=<password>
|
||||||
|
climate_tenant_name=<tenant_name>
|
||||||
|
|
||||||
[manager]
|
[manager]
|
||||||
plugins=dummy.vm.plugin,physical.host.plugin
|
plugins=dummy.vm.plugin,physical.host.plugin
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
name = climate
|
name = climate
|
||||||
version = 2013.1
|
version = 2013.1
|
||||||
summary = Reservation Service for OpenStack clouds
|
summary = Reservation Service for OpenStack clouds
|
||||||
description-file = README.md
|
description-file = README.rst
|
||||||
license = Apache Software License
|
license = Apache Software License
|
||||||
classifiers =
|
classifiers =
|
||||||
Programming Language :: Python
|
Programming Language :: Python
|
||||||
|
Loading…
Reference in New Issue
Block a user