Make keystone optional

Add a new auth_strategy option allowing to disable keystone auth to make
CK fully standalone if needed/wanted.

Update the sample config file with the new option.

Change-Id: I8926f1518382640395e34b4e5321d99f2bc2d7eb

cloudkitty/api/app.py

@@ -38,6 +38,11 @@ auth_opts = [
                default="api_paste.ini",
                help="Configuration file for WSGI definition of API."
                ),
+    cfg.StrOpt('auth_strategy',
+               choices=['noauth', 'keystone'],
+               default='keystone',
+               help=("The strategy to use for auth. Supports noauth and "
+                     "keystone")),
 ]
 
 api_opts = [
@@ -73,9 +78,11 @@ def setup_app(pecan_config=None, extra_hooks=None):
     app_hooks = [
         hooks.RPCHook(client),
         hooks.StorageHook(storage_backend),
-        hooks.ContextHook(),
     ]
 
+    if CONF.auth_strategy == 'keystone':
+        app_hooks.append(hooks.ContextHook())
+
     app = pecan.make_app(
         app_conf.app.root,
         static_root=app_conf.app.static_root,
@@ -86,8 +93,11 @@ def setup_app(pecan_config=None, extra_hooks=None):
         guess_content_type_from_ext=False
     )
 
+    if CONF.auth_strategy == 'keystone':
         return middleware.AuthTokenMiddleware(app, dict(CONF),
                                               app_conf.app.acl_public_routes)
+    else:
+        return app
 
 
 def setup_wsgi():

cloudkitty/common/policy.py

@@ -60,6 +60,9 @@ def enforce(context, action, target):
        :raises PolicyNotAuthorized: if verification fails.
 
     """
+    if CONF.auth_strategy != "keystone":
+        return
+
     init()
 
     return _ENFORCER.enforce(action, target, context.to_dict(),

cloudkitty/orchestrator.py

@@ -24,6 +24,7 @@ try:
     import oslo_messaging as messaging
 except ImportError:
     from oslo import messaging
+import six
 from stevedore import driver
 from stevedore import extension
 
@@ -185,7 +186,7 @@ class Worker(BaseWorker):
                     except Exception as e:
                         LOG.warn('Error while collecting service {service}:'
                                  ' {error}'.format(service=service,
-                                                   error=str(e)))
+                                                   error=six.text_type(e)))
                         raise collector.NoDataCollected('', service)
                 except collector.NoDataCollected:
                     begin = timestamp

etc/cloudkitty/cloudkitty.conf.sample

@@ -61,6 +61,11 @@
 # Configuration file for WSGI definition of API. (string value)
 #api_paste_config = api_paste.ini
 
+# The strategy to use for auth. Supports noauth and keystone (string
+# value)
+# Allowed values: noauth, keystone
+#auth_strategy = keystone
+
 # Name of this node. This can be an opaque identifier. It is not
 # necessarily a hostname, FQDN, or IP address. However, the node name
 # must be valid within an AMQP key, and if using ZeroMQ, a valid
@@ -189,7 +194,7 @@
 #wait_periods = 2
 
 # Services to monitor. (list value)
-#services = compute,image
+#services = compute,image,volume,network.bw.in,network.bw.out,network.floating
 
 
 [database]