override IdentityServiceContext and ensure keystone_ec2_url is set in nova.conf

This commit is contained in:
Adam Gandelman 2013-08-15 15:47:37 -07:00
parent 6d862769c4
commit 040605251a
5 changed files with 38 additions and 5 deletions

@ -133,3 +133,17 @@ class NeutronCCContext(context.NeutronContext):
sec_groups = (config('neutron-security-groups') or
config('quantum-security-groups'))
return sec_groups.lower() == 'yes'
class IdentityServiceContext(context.IdentityServiceContext):
def __call__(self):
ctxt = super(IdentityServiceContext, self).__call__()
if not ctxt:
return
# the ec2 api needs to know the location of the keystone ec2
# tokens endpoint, set in nova.conf
ec2_tokens = 'http://%s:%s/v2.0/ec2tokens' % (ctxt['service_host'],
ctxt['service_port'])
ctxt['keystone_ec2_url'] = ec2_tokens
return ctxt

@ -161,9 +161,11 @@ def identity_changed():
log('identity-service relation incomplete. Peer not ready?')
return
CONFIGS.write('/etc/nova/api-paste.ini')
CONFIGS.write('/etc/nova/nova.conf')
if network_manager() == 'quantum':
CONFIGS.write('/etc/quantum/api-paste.ini')
CONFIGS.write('/etc/quantum/quantum.conf')
save_novarc()
if network_manager() == 'neutron':
CONFIGS.write('/etc/neutron/neutron.conf')
[compute_joined(rid) for rid in relation_ids('cloud-compute')]
@ -201,6 +203,18 @@ def _auth_config():
return cfg
def save_novarc():
auth = _auth_config()
# XXX hard-coded http
ks_url = 'http://%s:%s/v2.0' % (auth['auth_host'], auth['auth_port'])
with open('/etc/quantum/novarc', 'wb') as out:
out.write('export OS_USERNAME=%s\n' % auth['service_username'])
out.write('export OS_PASSWORD=%s\n' % auth['service_password'])
out.write('export OS_TENANT_NAME=%s\n' % auth['service_tenant_name'])
out.write('export OS_AUTH_URL=%s\n' % ks_url)
out.write('export OS_REGION_NAME=%s\n' % config('region'))
@hooks.hook('cloud-compute-relation-joined')
def compute_joined(rid=None):
if not eligible_leader(CLUSTER_RES):

@ -63,28 +63,29 @@ BASE_RESOURCE_MAP = OrderedDict([
context.ImageServiceContext(),
context.OSConfigFlagContext(),
nova_cc_context.HAProxyContext(),
nova_cc_context.IdentityServiceContext(),
nova_cc_context.NeutronCCContext(),
nova_cc_context.VolumeServiceContext()],
}),
('/etc/nova/api-paste.ini', {
'services': [s for s in BASE_SERVICES if 'api' in s],
'contexts': [context.IdentityServiceContext()],
'contexts': [nova_cc_context.IdentityServiceContext()],
}),
('/etc/quantum/quantum.conf', {
'services': ['quantum-server'],
'contexts': [context.AMQPContext(),
nova_cc_context.HAProxyContext(),
context.IdentityServiceContext(),
nova_cc_context.IdentityServiceContext(),
nova_cc_context.NeutronCCContext()],
}),
('/etc/quantum/api-paste.ini', {
'services': ['quantum-server'],
'contexts': [context.IdentityServiceContext()],
'contexts': [nova_cc_context.IdentityServiceContext()],
}),
('/etc/neutron/neutron.conf', {
'services': ['neutron-server'],
'contexts': [context.AMQPContext(),
context.IdentityServiceContext(),
nova_cc_context.IdentityServiceContext(),
nova_cc_context.NeutronCCContext(),
nova_cc_context.HAProxyContext()],
}),

@ -1 +1 @@
296
301

@ -20,6 +20,10 @@ volumes_path=/var/lib/nova/volumes
enabled_apis=ec2,osapi_compute,metadata
auth_strategy=keystone
compute_driver=libvirt.LibvirtDriver
{ if keystone_ec2_url -%}
keystone_ec2_url = {{ keystone_ec2_url }}
{% endif -%}
{% if database_host -%}
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}
{% endif -%}