Browse Source

Simplify identity endpoint

Per the Keystone Install Guide[1] the admin endpoint is superseded in
favor of a single public endpoint. As a result, the admin endpoint is no
longer deployed by default.

[1] https://docs.openstack.org/keystone/queens/install/keystone-install-ubuntu.html#install-and-configure-components

Change-Id: I188edfcfbd6f8261a648c03b6e46532b960d3ac6
Implements: blueprint simplify-identity-endpoint
changes/77/574977/5
Samuel Cassiba 1 year ago
parent
commit
93882de603

+ 3
- 5
recipes/cinder-common.rb View File

@@ -48,13 +48,12 @@ end
48 48
 glance_api_endpoint = internal_endpoint 'image_api'
49 49
 cinder_api_bind = node['openstack']['bind_service']['all']['block-storage']
50 50
 cinder_api_bind_address = bind_address cinder_api_bind
51
-identity_endpoint = internal_endpoint 'identity'
52
-identity_admin_endpoint = admin_endpoint 'identity'
51
+identity_endpoint = public_endpoint 'identity'
53 52
 node.default['openstack']['block-storage']['conf_secrets']
54 53
   .[]('keystone_authtoken')['password'] =
55 54
   get_password 'service', 'openstack-block-storage'
56
-auth_uri = identity_endpoint.to_s
57
-auth_url = identity_admin_endpoint.to_s
55
+
56
+auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
58 57
 
59 58
 directory '/etc/cinder' do
60 59
   group node['openstack']['block-storage']['group']
@@ -68,7 +67,6 @@ node.default['openstack']['block-storage']['conf'].tap do |conf|
68 67
   conf['DEFAULT']['glance_api_servers'] = glance_api_endpoint.to_s
69 68
   conf['DEFAULT']['osapi_volume_listen'] = cinder_api_bind_address
70 69
   conf['DEFAULT']['osapi_volume_listen_port'] = cinder_api_bind['port']
71
-  conf['keystone_authtoken']['auth_uri'] = auth_uri
72 70
   conf['keystone_authtoken']['auth_url'] = auth_url
73 71
 end
74 72
 

+ 2
- 2
recipes/identity_registration.rb View File

@@ -26,8 +26,8 @@ class ::Chef::Recipe
26 26
   include ::Openstack
27 27
 end
28 28
 
29
-identity_admin_endpoint = admin_endpoint 'identity'
30
-auth_url = ::URI.decode identity_admin_endpoint.to_s
29
+identity_endpoint = public_endpoint 'identity'
30
+auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
31 31
 
32 32
 interfaces = {
33 33
   public: { url: public_endpoint('block-storage') },

+ 0
- 9
spec/cinder_common_spec.rb View File

@@ -69,15 +69,6 @@ describe 'openstack-block-storage::cinder-common' do
69 69
       end
70 70
 
71 71
       context 'keystone authtoken attributes' do
72
-        context 'endpoint related' do
73
-          it 'has auth_uri' do
74
-            expect(chef_run).to render_config_file(file.name).with_section_content('keystone_authtoken', %r{^auth_uri = http://127.0.0.1:5000/v3$})
75
-          end
76
-          it 'has auth_url' do
77
-            expect(chef_run).to render_config_file(file.name).with_section_content('keystone_authtoken', %r{^auth_url = http://127.0.0.1:35357/v3$})
78
-          end
79
-        end
80
-
81 72
         it do
82 73
           expect(chef_run).not_to render_file(file.name).with_content(/^auth_version = v2.0$/)
83 74
         end

+ 1
- 1
spec/identity_registration_spec.rb View File

@@ -13,7 +13,7 @@ describe 'openstack-block-storage::identity_registration' do
13 13
     include_context 'block-storage-stubs'
14 14
 
15 15
     connection_params = {
16
-      openstack_auth_url: 'http://127.0.0.1:35357/v3/auth/tokens',
16
+      openstack_auth_url: 'http://127.0.0.1:5000/v3/auth/tokens',
17 17
       openstack_username: 'admin',
18 18
       openstack_api_key: 'emc_test_pass',
19 19
       openstack_project_name: 'admin',

+ 8
- 6
spec/spec_helper.rb View File

@@ -9,16 +9,19 @@ ChefSpec::Coverage.start! { add_filter 'openstack-block-storage' }
9 9
 
10 10
 require 'chef/application'
11 11
 
12
-LOG_LEVEL = :fatal
12
+RSpec.configure do |config|
13
+  config.color = true
14
+  config.formatter = :documentation
15
+  config.log_level = :fatal
16
+end
17
+
13 18
 REDHAT_OPTS = {
14 19
   platform: 'redhat',
15
-  version: '7.3',
16
-  log_level: LOG_LEVEL,
20
+  version: '7.4',
17 21
 }.freeze
18 22
 UBUNTU_OPTS = {
19 23
   platform: 'ubuntu',
20 24
   version: '16.04',
21
-  log_level: LOG_LEVEL,
22 25
 }.freeze
23 26
 
24 27
 shared_context 'block-storage-stubs' do
@@ -110,8 +113,7 @@ shared_examples 'creates_cinder_conf' do |service, user, group, action = :restar
110 113
         /^project_name = service$/,
111 114
         /^user_domain_name = Default/,
112 115
         /^project_domain_name = Default/,
113
-        %r{^auth_uri = http://127.0.0.1:5000/v3$},
114
-        %r{^auth_url = http://127.0.0.1:35357/v3$},
116
+        %r{^auth_url = http://127.0.0.1:5000/v3$},
115 117
         /^password = cinder-pass$/,
116 118
       ].each do |line|
117 119
         expect(chef_run).to render_config_file(file.name)

Loading…
Cancel
Save