Updates for liberty fixes

This commit is contained in:
James Page 2016-02-10 12:27:52 +00:00
parent a85b9648d7
commit 4e55e2f4c1
8 changed files with 42 additions and 11 deletions

11
domain-setup.sh Normal file
View File

@ -0,0 +1,11 @@
#!/bin/bash
set -e
openstack domain create --description "Stack projects and users" heat
openstack user create --domain heat --password `leader-get heat-domain-admin-passwd` heat_domain_admin
openstack role add --domain heat --user heat_domain_admin admin
openstack role create heat_stack_user

View File

@ -1,7 +1,7 @@
import os import os
from charmhelpers.contrib.openstack import context from charmhelpers.contrib.openstack import context
from charmhelpers.core.hookenv import config from charmhelpers.core.hookenv import config, leader_get
from charmhelpers.core.host import pwgen from charmhelpers.core.host import pwgen
from charmhelpers.contrib.hahelpers.cluster import ( from charmhelpers.contrib.hahelpers.cluster import (
determine_apache_port, determine_apache_port,
@ -53,14 +53,14 @@ def get_encryption_key():
return encryption return encryption
class EncryptionContext(context.OSContextGenerator): class HeatSecurityContext(context.OSContextGenerator):
def __call__(self): def __call__(self):
ctxt = {} ctxt = {}
# check if we have stored encryption key # check if we have stored encryption key
encryption = get_encryption_key() encryption = get_encryption_key()
ctxt['encryption_key'] = encryption ctxt['encryption_key'] = encryption
ctxt['heat_domain_admin_passwd'] = leader_get('heat-domain-admin-passwd')
return ctxt return ctxt

View File

@ -23,11 +23,15 @@ from charmhelpers.core.hookenv import (
open_port, open_port,
unit_get, unit_get,
status_set, status_set,
leader_get,
leader_set,
is_leader,
) )
from charmhelpers.core.host import ( from charmhelpers.core.host import (
restart_on_change, restart_on_change,
service_reload, service_reload,
pwgen,
) )
from charmhelpers.fetch import ( from charmhelpers.fetch import (
@ -216,6 +220,12 @@ def relation_broken():
CONFIGS.write_all() CONFIGS.write_all()
@hooks.hook('leader-elected')
def leader_elected():
if is_leader() and not leader_get('heat-domain-admin-passwd'):
leader_set('heat-domain-admin-passwd', pwgen(32))
def main(): def main():
try: try:
hooks.execute(sys.argv) hooks.execute(sys.argv)

View File

@ -37,7 +37,7 @@ from charmhelpers.core.host import (
from heat_context import ( from heat_context import (
API_PORTS, API_PORTS,
HeatIdentityServiceContext, HeatIdentityServiceContext,
EncryptionContext, HeatSecurityContext,
InstanceUserContext, InstanceUserContext,
HeatApacheSSLContext, HeatApacheSSLContext,
HeatHAProxyContext, HeatHAProxyContext,
@ -86,7 +86,7 @@ CONFIG_FILES = OrderedDict([
context.OSConfigFlagContext(), context.OSConfigFlagContext(),
HeatIdentityServiceContext(service=SVC, service_user=SVC), HeatIdentityServiceContext(service=SVC, service_user=SVC),
HeatHAProxyContext(), HeatHAProxyContext(),
EncryptionContext(), HeatSecurityContext(),
InstanceUserContext(), InstanceUserContext(),
context.SyslogContext(), context.SyslogContext(),
context.LogLevelContext(), context.LogLevelContext(),

1
hooks/leader-elected Symbolic link
View File

@ -0,0 +1 @@
heat_relations.py

View File

@ -7,10 +7,15 @@ instance_user={{ instance_user }}
instance_driver=heat.engine.nova instance_driver=heat.engine.nova
plugin_dirs=/usr/lib64/heat,/usr/lib/heat plugin_dirs=/usr/lib64/heat,/usr/lib/heat
environment_dir=/etc/heat/environment.d environment_dir=/etc/heat/environment.d
deferred_auth_method=password
host=heat host=heat
auth_encryption_key={{ encryption_key }} auth_encryption_key={{ encryption_key }}
deferred_auth_method=trust
stack_domain_admin = heat_domain_admin
stack_domain_admin_password = {{ heat_domain_admin_passwd }}
stack_user_domain_name = heat
{% if auth_host -%} {% if auth_host -%}
[keystone_authtoken] [keystone_authtoken]
identity_uri = {{ service_protocol }}://{{ service_host }}:{{ auth_port }} identity_uri = {{ service_protocol }}://{{ service_host }}:{{ auth_port }}

View File

@ -5,7 +5,8 @@ from test_utils import CharmTestCase
TO_PATCH = [ TO_PATCH = [
'get_encryption_key', 'get_encryption_key',
'generate_ec2_tokens', 'generate_ec2_tokens',
'config' 'config',
'leader_get',
] ]
@ -16,9 +17,12 @@ class TestHeatContext(CharmTestCase):
def test_encryption_configuration(self): def test_encryption_configuration(self):
self.get_encryption_key.return_value = 'key' self.get_encryption_key.return_value = 'key'
self.leader_get.return_value = 'password'
self.assertEquals( self.assertEquals(
heat_context.EncryptionContext()(), heat_context.HeatSecurityContext()(),
{'encryption_key': 'key'}) {'encryption_key': 'key',
'heat_domain_admin_passwd': 'password'})
self.leader_get.assert_called_with('heat-domain-admin-passwd')
def test_instance_user_empty_configuration(self): def test_instance_user_empty_configuration(self):
self.config.return_value = None self.config.return_value = None

View File

@ -240,5 +240,5 @@ class HeatRelationTests(CharmTestCase):
self.sync_db_with_multi_ipv6_addresses.return_value = MagicMock() self.sync_db_with_multi_ipv6_addresses.return_value = MagicMock()
self.test_config.set('prefer-ipv6', True) self.test_config.set('prefer-ipv6', True)
relations.db_joined() relations.db_joined()
self.sync_db_with_multi_ipv6_addresses.assert_called_with_once( self.sync_db_with_multi_ipv6_addresses.assert_called_with(
'heat', 'heat') 'heat', 'heat', relation_prefix='heat')