Switch to using internal endpoints
This commit makes endpoint types configurable and uses the internal endpoint as default for Blazar, except admin for reaching keystone to keep legacy behaviour for now. Update devstack configuration to use public endpoints, since internal endpoints are not created by devstack anymore (except for keystone). Change-Id: I6414be91a1b629df680641050cfd415252b0a3c5 Closes-Bug: #1960335
This commit is contained in:
parent
fb599ec609
commit
77e0d4a007
|
@ -51,6 +51,7 @@ class TestCNClient(tests.TestCase):
|
|||
self.patch(self.base, 'url_for').return_value = self.url
|
||||
|
||||
self.version = '2'
|
||||
self.endpoint_type = 'internalURL'
|
||||
|
||||
def test_client_from_kwargs(self):
|
||||
self.ctx.side_effect = RuntimeError
|
||||
|
@ -83,7 +84,8 @@ class TestCNClient(tests.TestCase):
|
|||
project_name=project_name,
|
||||
project_domain_name=project_domain,
|
||||
auth_url=auth_url,
|
||||
endpoint_override=endpoint)
|
||||
endpoint_override=endpoint,
|
||||
endpoint_type=self.endpoint_type)
|
||||
|
||||
def test_client_from_ctx(self):
|
||||
kwargs = {'version': self.version}
|
||||
|
@ -95,6 +97,7 @@ class TestCNClient(tests.TestCase):
|
|||
self.session.assert_called_once_with(auth=self.auth.return_value)
|
||||
self.client.assert_called_once_with(version=self.version,
|
||||
endpoint_override=self.url,
|
||||
endpoint_type=self.endpoint_type,
|
||||
session=self.session.return_value,
|
||||
global_request_id=mock.ANY)
|
||||
|
||||
|
|
|
@ -45,7 +45,7 @@ class TestPlacementClient(tests.TestCase):
|
|||
|
||||
def _add_default_kwargs(self, kwargs):
|
||||
kwargs['endpoint_filter'] = {'service_type': 'placement',
|
||||
'interface': 'public',
|
||||
'interface': 'internal',
|
||||
'region_name': 'region_foo'}
|
||||
kwargs['headers'] = {'accept': 'application/json'}
|
||||
kwargs['microversion'] = PLACEMENT_MICROVERSION
|
||||
|
|
|
@ -42,6 +42,12 @@ Possible values:
|
|||
]
|
||||
|
||||
keystone_opts = [
|
||||
cfg.StrOpt('endpoint_type',
|
||||
default='admin',
|
||||
choices=['public', 'admin', 'internal'],
|
||||
help='Type of the keystone endpoint to use. This endpoint will '
|
||||
'be looked up in the keystone catalog and should be one '
|
||||
'of public, internal or admin.'),
|
||||
cfg.StrOpt('keystone_client_version',
|
||||
default='3',
|
||||
help='Keystoneclient version'),
|
||||
|
@ -106,12 +112,13 @@ class BlazarKeystoneClient(object):
|
|||
if not kwargs.get('auth_url'):
|
||||
kwargs['auth_url'] = base.url_for(
|
||||
ctx.service_catalog, CONF.identity_service,
|
||||
endpoint_interface='internal',
|
||||
os_region_name=CONF.os_region_name)
|
||||
if not kwargs.get('trust_id'):
|
||||
try:
|
||||
kwargs.setdefault('endpoint', base.url_for(
|
||||
ctx.service_catalog, CONF.identity_service,
|
||||
endpoint_interface='admin',
|
||||
endpoint_interface=CONF.endpoint_type,
|
||||
os_region_name=CONF.os_region_name))
|
||||
except AttributeError:
|
||||
raise manager_exceptions.NoManagementUrl()
|
||||
|
|
|
@ -26,7 +26,18 @@ from blazar import context
|
|||
from blazar.utils.openstack import base
|
||||
from blazar.utils.openstack import exceptions
|
||||
|
||||
|
||||
neutron_opts = [
|
||||
cfg.StrOpt('endpoint_type',
|
||||
default='internal',
|
||||
choices=['public', 'admin', 'internal'],
|
||||
help='Type of the neutron endpoint to use. This endpoint will '
|
||||
'be looked up in the keystone catalog and should be one '
|
||||
'of public, internal or admin.'),
|
||||
]
|
||||
|
||||
CONF = cfg.CONF
|
||||
CONF.register_opts(neutron_opts, group='neutron')
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
||||
|
@ -73,6 +84,7 @@ class BlazarNeutronClient(object):
|
|||
sess = session.Session(auth=auth)
|
||||
kwargs.setdefault('session', sess)
|
||||
kwargs.setdefault('region_name', region_name)
|
||||
kwargs.setdefault('endpoint_type', CONF.neutron.endpoint_type + 'URL')
|
||||
self.neutron = neutron_client.Client(**kwargs)
|
||||
|
||||
|
||||
|
|
|
@ -29,6 +29,12 @@ from blazar.utils.openstack import base
|
|||
|
||||
|
||||
nova_opts = [
|
||||
cfg.StrOpt('endpoint_type',
|
||||
default='internal',
|
||||
choices=['public', 'admin', 'internal'],
|
||||
help='Type of the nova endpoint to use. This endpoint will be '
|
||||
'looked up in the keystone catalog and should be one of '
|
||||
'public, internal or admin.'),
|
||||
cfg.StrOpt('nova_client_version',
|
||||
default='2',
|
||||
deprecated_group='DEFAULT',
|
||||
|
@ -124,8 +130,10 @@ class BlazarNovaClient(object):
|
|||
endpoint_override = endpoint_override or \
|
||||
base.url_for(ctx.service_catalog,
|
||||
CONF.nova.compute_service,
|
||||
endpoint_interface=CONF.nova.endpoint_type,
|
||||
os_region_name=CONF.os_region_name)
|
||||
auth_url = base.url_for(ctx.service_catalog, CONF.identity_service,
|
||||
CONF.endpoint_type,
|
||||
os_region_name=CONF.os_region_name)
|
||||
kwargs.setdefault('global_request_id', ctx.global_request_id)
|
||||
|
||||
|
@ -151,6 +159,7 @@ class BlazarNovaClient(object):
|
|||
sess = session.Session(auth=auth)
|
||||
kwargs.setdefault('session', sess)
|
||||
|
||||
kwargs.setdefault('endpoint_type', CONF.nova.endpoint_type + 'URL')
|
||||
kwargs.setdefault('endpoint_override', endpoint_override)
|
||||
kwargs.setdefault('version', version)
|
||||
self.nova = nova_client.Client(**kwargs)
|
||||
|
|
|
@ -24,7 +24,17 @@ from blazar import context
|
|||
from blazar.utils.openstack import base
|
||||
from blazar.utils.openstack import exceptions
|
||||
|
||||
placement_opts = [
|
||||
cfg.StrOpt('endpoint_type',
|
||||
default='internal',
|
||||
choices=['public', 'admin', 'internal'],
|
||||
help='Type of the placement endpoint to use. This endpoint '
|
||||
'will be looked up in the keystone catalog and should be '
|
||||
'one of public, internal or admin.'),
|
||||
]
|
||||
|
||||
CONF = cfg.CONF
|
||||
CONF.register_opts(placement_opts, group='placement')
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
PLACEMENT_MICROVERSION = 1.29
|
||||
|
@ -78,7 +88,7 @@ class BlazarPlacementClient(object):
|
|||
# service of our response body media type preferences.
|
||||
headers = {'accept': 'application/json'}
|
||||
kwargs.setdefault('service_type', 'placement')
|
||||
kwargs.setdefault('interface', 'public')
|
||||
kwargs.setdefault('interface', CONF.placement.endpoint_type)
|
||||
kwargs.setdefault('additional_headers', headers)
|
||||
kwargs.setdefault('region_name', region_name)
|
||||
client = adapter.Adapter(sess, **kwargs)
|
||||
|
|
|
@ -43,7 +43,12 @@ function configure_blazar {
|
|||
# Keystone authtoken
|
||||
_blazar_setup_keystone $BLAZAR_CONF_FILE keystone_authtoken
|
||||
|
||||
iniset $BLAZAR_CONF_FILE neutron endpoint_type public
|
||||
|
||||
iniset $BLAZAR_CONF_FILE nova aggregate_freepool_name $BLAZAR_FREEPOOL_NAME
|
||||
iniset $BLAZAR_CONF_FILE nova endpoint_type public
|
||||
|
||||
iniset $BLAZAR_CONF_FILE placement endpoint_type public
|
||||
|
||||
iniset $BLAZAR_CONF_FILE DEFAULT host $(ipv6_unquote $SERVICE_HOST)
|
||||
iniset $BLAZAR_CONF_FILE DEFAULT debug $BLAZAR_DEBUG
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
fixes:
|
||||
- |
|
||||
Requests to other OpenStack services are now made using the internal
|
||||
interface instead of the public interface. This fixes issues when public
|
||||
endpoints are not reachable by Blazar. For more details, see `bug 1960335
|
||||
<https://bugs.launchpad.net/blazar/+bug/1960335>`_.
|
||||
|
||||
This can be configured with the following options:
|
||||
|
||||
* ``[DEFAULT]/endpoint_type`` to configure the Keystone endpoint type
|
||||
* ``[neutron]/endpoint_type`` to configure the Neutron endpoint type
|
||||
* ``[nova]/endpoint_type`` to configure the Nova endpoint type
|
||||
* ``[placement]/endpoint_type`` to configure the Placement endpoint type
|
Loading…
Reference in New Issue