Updates for liberty fixes
This commit is contained in:
parent
a85b9648d7
commit
4e55e2f4c1
11
domain-setup.sh
Normal file
11
domain-setup.sh
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
openstack domain create --description "Stack projects and users" heat
|
||||||
|
|
||||||
|
openstack user create --domain heat --password `leader-get heat-domain-admin-passwd` heat_domain_admin
|
||||||
|
|
||||||
|
openstack role add --domain heat --user heat_domain_admin admin
|
||||||
|
|
||||||
|
openstack role create heat_stack_user
|
@ -1,7 +1,7 @@
|
|||||||
import os
|
import os
|
||||||
|
|
||||||
from charmhelpers.contrib.openstack import context
|
from charmhelpers.contrib.openstack import context
|
||||||
from charmhelpers.core.hookenv import config
|
from charmhelpers.core.hookenv import config, leader_get
|
||||||
from charmhelpers.core.host import pwgen
|
from charmhelpers.core.host import pwgen
|
||||||
from charmhelpers.contrib.hahelpers.cluster import (
|
from charmhelpers.contrib.hahelpers.cluster import (
|
||||||
determine_apache_port,
|
determine_apache_port,
|
||||||
@ -53,14 +53,14 @@ def get_encryption_key():
|
|||||||
return encryption
|
return encryption
|
||||||
|
|
||||||
|
|
||||||
class EncryptionContext(context.OSContextGenerator):
|
class HeatSecurityContext(context.OSContextGenerator):
|
||||||
|
|
||||||
def __call__(self):
|
def __call__(self):
|
||||||
ctxt = {}
|
ctxt = {}
|
||||||
|
|
||||||
# check if we have stored encryption key
|
# check if we have stored encryption key
|
||||||
encryption = get_encryption_key()
|
encryption = get_encryption_key()
|
||||||
ctxt['encryption_key'] = encryption
|
ctxt['encryption_key'] = encryption
|
||||||
|
ctxt['heat_domain_admin_passwd'] = leader_get('heat-domain-admin-passwd')
|
||||||
return ctxt
|
return ctxt
|
||||||
|
|
||||||
|
|
||||||
|
@ -23,11 +23,15 @@ from charmhelpers.core.hookenv import (
|
|||||||
open_port,
|
open_port,
|
||||||
unit_get,
|
unit_get,
|
||||||
status_set,
|
status_set,
|
||||||
|
leader_get,
|
||||||
|
leader_set,
|
||||||
|
is_leader,
|
||||||
)
|
)
|
||||||
|
|
||||||
from charmhelpers.core.host import (
|
from charmhelpers.core.host import (
|
||||||
restart_on_change,
|
restart_on_change,
|
||||||
service_reload,
|
service_reload,
|
||||||
|
pwgen,
|
||||||
)
|
)
|
||||||
|
|
||||||
from charmhelpers.fetch import (
|
from charmhelpers.fetch import (
|
||||||
@ -216,6 +220,12 @@ def relation_broken():
|
|||||||
CONFIGS.write_all()
|
CONFIGS.write_all()
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('leader-elected')
|
||||||
|
def leader_elected():
|
||||||
|
if is_leader() and not leader_get('heat-domain-admin-passwd'):
|
||||||
|
leader_set('heat-domain-admin-passwd', pwgen(32))
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
try:
|
try:
|
||||||
hooks.execute(sys.argv)
|
hooks.execute(sys.argv)
|
||||||
|
@ -37,7 +37,7 @@ from charmhelpers.core.host import (
|
|||||||
from heat_context import (
|
from heat_context import (
|
||||||
API_PORTS,
|
API_PORTS,
|
||||||
HeatIdentityServiceContext,
|
HeatIdentityServiceContext,
|
||||||
EncryptionContext,
|
HeatSecurityContext,
|
||||||
InstanceUserContext,
|
InstanceUserContext,
|
||||||
HeatApacheSSLContext,
|
HeatApacheSSLContext,
|
||||||
HeatHAProxyContext,
|
HeatHAProxyContext,
|
||||||
@ -86,7 +86,7 @@ CONFIG_FILES = OrderedDict([
|
|||||||
context.OSConfigFlagContext(),
|
context.OSConfigFlagContext(),
|
||||||
HeatIdentityServiceContext(service=SVC, service_user=SVC),
|
HeatIdentityServiceContext(service=SVC, service_user=SVC),
|
||||||
HeatHAProxyContext(),
|
HeatHAProxyContext(),
|
||||||
EncryptionContext(),
|
HeatSecurityContext(),
|
||||||
InstanceUserContext(),
|
InstanceUserContext(),
|
||||||
context.SyslogContext(),
|
context.SyslogContext(),
|
||||||
context.LogLevelContext(),
|
context.LogLevelContext(),
|
||||||
|
1
hooks/leader-elected
Symbolic link
1
hooks/leader-elected
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
heat_relations.py
|
@ -7,10 +7,15 @@ instance_user={{ instance_user }}
|
|||||||
instance_driver=heat.engine.nova
|
instance_driver=heat.engine.nova
|
||||||
plugin_dirs=/usr/lib64/heat,/usr/lib/heat
|
plugin_dirs=/usr/lib64/heat,/usr/lib/heat
|
||||||
environment_dir=/etc/heat/environment.d
|
environment_dir=/etc/heat/environment.d
|
||||||
deferred_auth_method=password
|
|
||||||
host=heat
|
host=heat
|
||||||
auth_encryption_key={{ encryption_key }}
|
auth_encryption_key={{ encryption_key }}
|
||||||
|
|
||||||
|
deferred_auth_method=trust
|
||||||
|
|
||||||
|
stack_domain_admin = heat_domain_admin
|
||||||
|
stack_domain_admin_password = {{ heat_domain_admin_passwd }}
|
||||||
|
stack_user_domain_name = heat
|
||||||
|
|
||||||
{% if auth_host -%}
|
{% if auth_host -%}
|
||||||
[keystone_authtoken]
|
[keystone_authtoken]
|
||||||
identity_uri = {{ service_protocol }}://{{ service_host }}:{{ auth_port }}
|
identity_uri = {{ service_protocol }}://{{ service_host }}:{{ auth_port }}
|
||||||
|
@ -5,7 +5,8 @@ from test_utils import CharmTestCase
|
|||||||
TO_PATCH = [
|
TO_PATCH = [
|
||||||
'get_encryption_key',
|
'get_encryption_key',
|
||||||
'generate_ec2_tokens',
|
'generate_ec2_tokens',
|
||||||
'config'
|
'config',
|
||||||
|
'leader_get',
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
@ -16,9 +17,12 @@ class TestHeatContext(CharmTestCase):
|
|||||||
|
|
||||||
def test_encryption_configuration(self):
|
def test_encryption_configuration(self):
|
||||||
self.get_encryption_key.return_value = 'key'
|
self.get_encryption_key.return_value = 'key'
|
||||||
|
self.leader_get.return_value = 'password'
|
||||||
self.assertEquals(
|
self.assertEquals(
|
||||||
heat_context.EncryptionContext()(),
|
heat_context.HeatSecurityContext()(),
|
||||||
{'encryption_key': 'key'})
|
{'encryption_key': 'key',
|
||||||
|
'heat_domain_admin_passwd': 'password'})
|
||||||
|
self.leader_get.assert_called_with('heat-domain-admin-passwd')
|
||||||
|
|
||||||
def test_instance_user_empty_configuration(self):
|
def test_instance_user_empty_configuration(self):
|
||||||
self.config.return_value = None
|
self.config.return_value = None
|
||||||
|
@ -240,5 +240,5 @@ class HeatRelationTests(CharmTestCase):
|
|||||||
self.sync_db_with_multi_ipv6_addresses.return_value = MagicMock()
|
self.sync_db_with_multi_ipv6_addresses.return_value = MagicMock()
|
||||||
self.test_config.set('prefer-ipv6', True)
|
self.test_config.set('prefer-ipv6', True)
|
||||||
relations.db_joined()
|
relations.db_joined()
|
||||||
self.sync_db_with_multi_ipv6_addresses.assert_called_with_once(
|
self.sync_db_with_multi_ipv6_addresses.assert_called_with(
|
||||||
'heat', 'heat')
|
'heat', 'heat', relation_prefix='heat')
|
||||||
|
Loading…
Reference in New Issue
Block a user