Rework keystone_authsection generation for Queens+

Generate keystone_authsection section configuration option names and values in Python code, and just iterate over it from Jinja template. The idea is to have more flexibility in case of complex branching logic (e.g. per OpenStack version), or to support option deprecation. Change-Id: I15d802d34de4a4b9319fd83a7063523df19cbe03 Related-to: https://bugs.launchpad.net/charm-glance/+bug/1786186
2019-04-30 09:01:30 +00:00 · 2019-04-30 09:01:30 +00:00 · 83b304ba18
commit 83b304ba18
parent bfaed1c01d
4 changed files with 207 additions and 0 deletions
--- a/charmhelpers/contrib/openstack/context.py
+++ b/charmhelpers/contrib/openstack/context.py
@ -351,10 +351,70 @@ class IdentityServiceContext(OSContextGenerator):
            return cachedir
        return None

+    def _get_pkg_name(self, python_name='keystonemiddleware'):
+        """Get corresponding distro installed package for python
+        package name.
+
+        :param python_name: nameof the python package
+        :type: string
+        """
+        pkg_names = map(lambda x: x + python_name, ('python3-', 'python-'))
+
+        for pkg in pkg_names:
+            if not filter_installed_packages((pkg,)):
+                return pkg
+
+        return None
+
+    def _get_keystone_authtoken_ctxt(self, ctxt, keystonemiddleware_os_rel):
+        """Build Jinja2 context for full rendering of [keystone_authtoken]
+        section with variable names included. Re-constructed from former
+        template 'section-keystone-auth-mitaka'.
+
+        :param ctxt: Jinja2 context returned from self.__call__()
+        :type: dict
+        :param keystonemiddleware_os_rel: OpenStack release name of
+            keystonemiddleware package installed
+        """
+        c = collections.OrderedDict((('auth_type', 'password'),))
+
+        # 'www_authenticate_uri' replaced 'auth_uri' since Stein,
+        # see keystonemiddleware upstream sources for more info
+        if CompareOpenStackReleases(keystonemiddleware_os_rel) >= 'stein':
+            c.update((
+                ('www_authenticate_uri', "{}://{}:{}/v3".format(
+                    ctxt.get('service_protocol', ''),
+                    ctxt.get('service_host', ''),
+                    ctxt.get('service_port', ''))),))
+        else:
+            c.update((
+                ('auth_uri', "{}://{}:{}/v3".format(
+                    ctxt.get('service_protocol', ''),
+                    ctxt.get('service_host', ''),
+                    ctxt.get('service_port', ''))),))
+
+        c.update((
+            ('auth_url', "{}://{}:{}/v3".format(
+                ctxt.get('auth_protocol', ''),
+                ctxt.get('auth_host', ''),
+                ctxt.get('auth_port', ''))),
+            ('project_domain_name', ctxt.get('admin_domain_name', '')),
+            ('user_domain_name', ctxt.get('admin_domain_name', '')),
+            ('project_name', ctxt.get('admin_tenant_name', '')),
+            ('username', ctxt.get('admin_user', '')),
+            ('password', ctxt.get('admin_password', '')),
+            ('signing_dir', ctxt.get('signing_dir', '')),))
+
+        return c
+
    def __call__(self):
        log('Generating template context for ' + self.rel_name, level=DEBUG)
        ctxt = {}

+        keystonemiddleware_os_release = None
+        if self._get_pkg_name():
+            keystonemiddleware_os_release = os_release(self._get_pkg_name())
+
        cachedir = self._setup_pki_cache()
        if cachedir:
            ctxt['signing_dir'] = cachedir
@ -385,6 +445,14 @@ class IdentityServiceContext(OSContextGenerator):
                    ctxt.update({'admin_domain_name':
                                 rdata.get('service_domain')})

+                # we keep all veriables in ctxt for compatibility and
+                # add nested dictionary for keystone_authtoken generic
+                # templating
+                if keystonemiddleware_os_release:
+                    ctxt['keystone_authtoken'] = \
+                        self._get_keystone_authtoken_ctxt(
+                            ctxt, keystonemiddleware_os_release)
+
                if self.context_complete(ctxt):
                    # NOTE(jamespage) this is required for >= icehouse
                    # so a missing value just indicates keystone needs
--- a/charmhelpers/contrib/openstack/templates/section-keystone-authtoken-v3only
+++ b/charmhelpers/contrib/openstack/templates/section-keystone-authtoken-v3only
@ -0,0 +1,9 @@
+{% if auth_host -%}
+[keystone_authtoken]
+{% for option_name, option_value in keystone_authtoken.items() -%}
+{{ option_name }} = {{ option_value }}
+{% endfor -%}
+{% if use_memcache == true %}
+memcached_servers = {{ memcache_url }}
+{% endif -%}
+{% endif -%}
--- a/templates/queens/glance-api.conf
+++ b/templates/queens/glance-api.conf
@ -0,0 +1,103 @@
+[DEFAULT]
+verbose = {{ verbose }}
+use_syslog = {{ use_syslog }}
+debug = {{ debug }}
+workers = {{ workers }}
+bind_host = {{ bind_host }}
+
+{% if ext -%}
+bind_port = {{ ext }}
+{% elif bind_port -%}
+bind_port = {{ bind_port }}
+{% else -%}
+bind_port = 9292
+{% endif -%}
+
+{% if transport_url %}
+transport_url = {{ transport_url }}
+{% endif %}
+
+log_file = /var/log/glance/api.log
+backlog = 4096
+
+registry_host = {{ registry_host }}
+registry_port = 9191
+registry_client_protocol = http
+
+{% if expose_image_locations -%}
+show_multiple_locations = {{ expose_image_locations }}
+show_image_direct_url = {{ expose_image_locations }}
+{% endif -%}
+
+{% if api_config_flags -%}
+{% for key, value in api_config_flags.items() -%}
+{{ key }} = {{ value }}
+{% endfor -%}
+{% endif -%}
+
+delayed_delete = False
+scrub_time = 43200
+scrubber_datadir = /var/lib/glance/scrubber
+image_cache_dir = /var/lib/glance/image-cache/
+db_enforce_mysql_charset = False
+
+{% if image_size_cap -%}
+image_size_cap = {{ image_size_cap }}
+{% endif -%}
+
+[glance_store]
+{%- if use_internal_endpoints %}
+catalog_info = {{ volume_catalog_info }}
+{%- endif %}
+
+filesystem_store_datadir = {{ filesystem_store_datadir }}
+
+stores = {{ known_stores }}
+{% if rbd_pool -%}
+default_store = rbd
+{% elif swift_store -%}
+default_store = swift
+{% elif cinder_store -%}
+default_store = cinder
+{% else -%}
+default_store = file
+{% endif -%}
+
+{% if swift_store -%}
+default_swift_reference = swift
+swift_store_config_file = /etc/glance/glance-swift.conf
+swift_store_create_container_on_put = true
+{% endif -%}
+
+{% if rbd_pool -%}
+rbd_store_ceph_conf = /etc/ceph/ceph.conf
+rbd_store_user = {{ rbd_user }}
+rbd_store_pool = {{ rbd_pool }}
+rbd_store_chunk_size = 8
+{% endif -%}
+
+[image_format]
+disk_formats = {{ disk_formats }}
+{% if container_formats -%}
+container_formats = {{ container_formats }}
+{% endif -%}
+
+{% include "section-keystone-authtoken-v3only" %}
+
+{% if auth_host -%}
+[paste_deploy]
+flavor = keystone
+{% endif %}
+
+[barbican]
+auth_endpoint = {{ service_protocol }}://{{ service_host }}:{{ service_port }}/v3
+
+{% include "parts/section-database" %}
+
+{% include "section-oslo-messaging-rabbit" %}
+
+{% include "section-oslo-notifications" %}
+
+{% include "section-oslo-middleware" %}
+
+{% include "parts/section-storage" %}
--- a/templates/queens/glance-registry.conf
+++ b/templates/queens/glance-registry.conf
@ -0,0 +1,27 @@
+[DEFAULT]
+verbose = {{ verbose }}
+use_syslog = {{ use_syslog }}
+debug = {{ debug }}
+workers = {{ workers }}
+
+bind_host = {{ bind_host }}
+bind_port = 9191
+log_file = /var/log/glance/registry.log
+backlog = 4096
+api_limit_max = 1000
+limit_param_default = 25
+
+{% if registry_config_flags -%}
+{% for key, value in registry_config_flags.items() -%}
+{{ key }} = {{ value }}
+{% endfor -%}
+{% endif -%}
+
+{% include "section-keystone-authtoken-v3only" %}
+
+{% if auth_host -%}
+[paste_deploy]
+flavor = keystone
+{% endif %}
+
+{% include "parts/section-database" %}