openstack/charm-keystone
Code Issues Proposed changes

Add explicit endpoint configuration

Browse Source
This commit is contained in:
james.page@ubuntu.com
2014-09-21 18:57:48 +01:00
parent 81cf4b123f
commit cec7fcaeb7
3 changed files with 28 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
hooks/keystone_context.py
View File

@@ -94,7 +94,11 @@ class KeystoneContext(context.OSContextGenerator):
interfaces = [] interfaces = []
def __call__(self): def __call__(self):
from keystone_utils import api_port, set_admin_token from keystone_utils import (
api_port, set_admin_token,
endpoint_url, resolve_address,
PUBLIC, ADMIN
)
ctxt = {} ctxt = {}
ctxt['token'] = set_admin_token(config('admin-token')) ctxt['token'] = set_admin_token(config('admin-token'))
ctxt['admin_port'] = determine_api_port(api_port('keystone-admin')) ctxt['admin_port'] = determine_api_port(api_port('keystone-admin'))
@@ -116,4 +120,9 @@ class KeystoneContext(context.OSContextGenerator):
if config('enable-pki') not in ['false', 'False', 'no', 'No']: if config('enable-pki') not in ['false', 'False', 'no', 'No']:
ctxt['signing'] = True ctxt['signing'] = True
ctxt['public_endpoint'] = endpoint_url(resolve_address(PUBLIC),
api_port('keystone-public'))
ctxt['admin_endpoint'] = endpoint_url(resolve_address(ADMIN),
api_port('keystone-admin'))
return ctxt return ctxt

29
hooks/keystone_utils.py
View File

@@ -495,26 +495,21 @@ def ensure_initial_admin(config):
auth_port=config("admin-port"), auth_port=config("admin-port"),
region=region) region=region)
def endpoint_url(ip, port):
proto = 'http'
if https():
proto = 'https'
if is_ipv6(ip):
ip = "[{}]".format(ip)
return "%s://%s:%s/v2.0" % (proto, ip, port)
def create_keystone_endpoint(public_ip, service_port, def create_keystone_endpoint(public_ip, service_port,
internal_ip, admin_ip, auth_port, region): internal_ip, admin_ip, auth_port, region):
proto = 'http' create_endpoint_template(region, "keystone",
if https(): endpoint_url(public_ip, service_port),
log("Setting https keystone endpoint") endpoint_url(admin_ip, auth_port),
proto = 'https' endpoint_url(internal_ip, service_port))
if is_ipv6(public_ip):
public_ip = "[{}]".format(public_ip)
if is_ipv6(internal_ip):
internal_ip = "[{}]".format(internal_ip)
if is_ipv6(admin_ip):
admin_ip = "[{}]".format(admin_ip)
public_url = "%s://%s:%s/v2.0" % (proto, public_ip, service_port)
admin_url = "%s://%s:%s/v2.0" % (proto, admin_ip, auth_port)
internal_url = "%s://%s:%s/v2.0" % (proto, internal_ip, service_port)
create_endpoint_template(region, "keystone", public_url,
admin_url, internal_url)
def update_user_password(username, password): def update_user_password(username, password):

10
templates/icehouse/keystone.conf
View File

@@ -11,6 +11,8 @@ use_syslog = {{ use_syslog }}
log_config = /etc/keystone/logging.conf log_config = /etc/keystone/logging.conf
debug = {{ debug }} debug = {{ debug }}
verbose = {{ verbose }} verbose = {{ verbose }}
public_endpoint = {{ public_endpoint }}
admin_endpoint = {{ admin_endpoint }}
[database] [database]
{% if database_host -%} {% if database_host -%}
@@ -74,11 +76,11 @@ user = {{ ldap_user }}
password = {{ ldap_password }} password = {{ ldap_password }}
suffix = {{ ldap_suffix }} suffix = {{ ldap_suffix }}
{% if ldap_config_flags -%} {% if ldap_config_flags -%}
{% for key, value in ldap_config_flags.iteritems() -%} {% for key, value in ldap_config_flags.iteritems() -%}
{{ key }} = {{ value }} {{ key }} = {{ value }}
{% endfor -%} {% endfor -%}
{% endif -%} {% endif -%}
{% if ldap_readonly -%} {% if ldap_readonly -%}
user_allow_create = False user_allow_create = False