Pickup the region name passed in from heatclient

For standalone heat operation, middleware will need to set the region
from the X-Region-Name header. Then the keystoneclient will use this
region_name instead of the heat_region_name config option.

Closes-Bug: 1223068
Change-Id: Ia859e67cf8c6e0d1ed9d9e7f5eab2d138c6421ef
This commit is contained in:
QI ZHANG 2014-11-19 14:50:31 +08:00
parent 92fc3468ca
commit 2105d1e3a2
9 changed files with 84 additions and 13 deletions

View File

@ -34,7 +34,8 @@ class RequestContext(context.RequestContext):
tenant_id=None, auth_url=None, roles=None, is_admin=None,
read_only=False, show_deleted=False,
overwrite=True, trust_id=None, trustor_user_id=None,
request_id=None, auth_token_info=None, **kwargs):
request_id=None, auth_token_info=None, region_name=None,
**kwargs):
"""
:param overwrite: Set to False to ensure that the greenthread local
copy of the index is not overwritten.
@ -52,6 +53,7 @@ class RequestContext(context.RequestContext):
self.username = username
self.user_id = user_id
self.password = password
self.region_name = region_name
self.aws_creds = aws_creds
self.tenant_id = tenant_id
self.auth_token_info = auth_token_info
@ -101,7 +103,8 @@ class RequestContext(context.RequestContext):
'is_admin': self.is_admin,
'user': self.user,
'request_id': self.request_id,
'show_deleted': self.show_deleted}
'show_deleted': self.show_deleted,
'region_name': self.region_name}
@classmethod
def from_dict(cls, values):
@ -151,6 +154,7 @@ class ContextMiddleware(wsgi.Middleware):
token = headers.get('X-Auth-Token')
tenant = headers.get('X-Tenant-Name')
tenant_id = headers.get('X-Tenant-Id')
region_name = headers.get('X-Region-Name')
auth_url = headers.get('X-Auth-Url')
roles = headers.get('X-Roles')
if roles is not None:
@ -170,7 +174,8 @@ class ContextMiddleware(wsgi.Middleware):
auth_url=auth_url,
roles=roles,
request_id=req_id,
auth_token_info=token_info)
auth_token_info=token_info,
region_name=region_name)
def ContextMiddleware_filter_factory(global_conf, **local_conf):

View File

@ -401,8 +401,8 @@ class KeystoneClientV3(object):
body = {'auth': {'scope':
{'project': {'id': project_id}},
'identity': {'password': {'user': {
'domain': domain,
'password': password, 'name': username}},
'domain': domain,
'password': password, 'name': username}},
'methods': ['password']}}}
t = sess.post(token_url, headers=headers, json=body,
authenticated=False)
@ -656,7 +656,8 @@ class KeystoneClientV3(object):
self.domain_admin_client.users.update(user=user_id, enabled=True)
def url_for(self, **kwargs):
default_region_name = cfg.CONF.region_name_for_services
default_region_name = (self.context.region_name or
cfg.CONF.region_name_for_services)
kwargs.setdefault('region_name', default_region_name)
return self.client.service_catalog.url_for(**kwargs)

View File

@ -0,0 +1,31 @@
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import sqlalchemy
def upgrade(migrate_engine):
meta = sqlalchemy.MetaData(bind=migrate_engine)
user_creds = sqlalchemy.Table('user_creds', meta, autoload=True)
region_name = sqlalchemy.Column('region_name',
sqlalchemy.String(length=255))
region_name.create(user_creds)
def downgrade(migrate_engine):
meta = sqlalchemy.MetaData(bind=migrate_engine)
user_creds = sqlalchemy.Table('user_creds', meta, autoload=True)
user_creds.c.region_name.drop()

View File

@ -164,6 +164,7 @@ class UserCreds(BASE, HeatBase):
id = sqlalchemy.Column(sqlalchemy.Integer, primary_key=True)
username = sqlalchemy.Column(sqlalchemy.String(255))
password = sqlalchemy.Column(sqlalchemy.String(255))
region_name = sqlalchemy.Column(sqlalchemy.String(255))
decrypt_method = sqlalchemy.Column(sqlalchemy.String(64))
tenant = sqlalchemy.Column(sqlalchemy.String(1024))
auth_url = sqlalchemy.Column(sqlalchemy.Text)

View File

@ -306,6 +306,9 @@ class HeatMigrationsCheckers(test_migrations.WalkVersionsMixin,
self.assertEqual(3, n_depth('1e9deba9-a305-5f29-84d3-c8165647c47e'))
self.assertEqual(0, n_depth('1a4bd1ec-8b21-56cd-964a-f66cb1cfa2f9'))
def _check_049(self, engine, data):
self.assertColumnExists(engine, 'user_creds', 'region_name')
class TestHeatMigrationsMySQL(HeatMigrationsCheckers,
test_base.MySQLOpportunisticTestCase):

View File

@ -42,7 +42,8 @@ class TestRequestContext(common.HeatTestCase):
'user_id': 'fooUser',
'tenant': 'atenant',
'auth_url': 'http://xyz',
'aws_creds': 'blah'}
'aws_creds': 'blah',
'region_name': 'regionOne'}
super(TestRequestContext, self).setUp()
@ -59,7 +60,11 @@ class TestRequestContext(common.HeatTestCase):
roles=self.ctx.get('roles'),
show_deleted=self.ctx.get('show_deleted'),
is_admin=self.ctx.get('is_admin'),
auth_token_info=self.ctx.get('auth_token_info'))
auth_token_info=self.ctx.get('auth_token_info'),
trustor_user_id=self.ctx.get('trustor_user_id'),
trust_id=self.ctx.get('trust_id'),
user=self.ctx.get('user'),
region_name=self.ctx.get('region_name'))
ctx_dict = ctx.to_dict()
del(ctx_dict['request_id'])
self.assertEqual(self.ctx, ctx_dict)

View File

@ -1413,7 +1413,7 @@ class KeystoneClientTest(common.HeatTestCase):
self.assertIsNone(heat_ks_client.delete_stack_domain_project(
project_id='aprojectid'))
def _test_url_for(self, service_url, expected_kwargs, **kwargs):
def _test_url_for(self, service_url, expected_kwargs, ctx=None, **kwargs):
"""
Helper function for testing url_for depending on different ways to
pass region name.
@ -1424,7 +1424,7 @@ class KeystoneClientTest(common.HeatTestCase):
.AndReturn(service_url)
self.m.ReplayAll()
ctx = utils.dummy_context()
ctx = ctx or utils.dummy_context()
heat_ks_client = heat_keystoneclient.KeystoneClient(ctx)
self.assertEqual(heat_ks_client.url_for(**kwargs), service_url)
self.m.VerifyAll()
@ -1451,7 +1451,7 @@ class KeystoneClientTest(common.HeatTestCase):
kwargs = {
'region_name': 'RegionTwo'
}
self._test_url_for(service_url, kwargs, **kwargs)
self._test_url_for(service_url, kwargs, None, **kwargs)
def test_url_for_with_region_name_from_config(self):
"""
@ -1467,6 +1467,26 @@ class KeystoneClientTest(common.HeatTestCase):
service_url = 'http://regionone.example.com:1234/v1'
self._test_url_for(service_url, kwargs)
def test_url_for_with_region_name_from_context(self):
"""
Test that default region name for services from context is passed
if region name is not specified in arguments.
"""
cfg.CONF.set_override('region_name_for_services', 'RegionOne')
service_url = 'http://regiontwo.example.com:1234/v1'
region_name_for_services = 'RegionTwo'
expected_kwargs = {
'region_name': region_name_for_services
}
ctx = utils.dummy_context('test_username',
'test_tenant_id',
'password',
None,
None,
None,
region_name_for_services)
self._test_url_for(service_url, expected_kwargs, ctx)
class KeystoneClientTestDomainName(KeystoneClientTest):
def setUp(self):

View File

@ -742,6 +742,7 @@ class SqlAlchemyTest(common.HeatTestCase):
def test_user_creds_password(self):
self.ctx.trust_id = None
self.ctx.region_name = 'regionOne'
db_creds = db_api.user_creds_create(self.ctx)
load_creds = db_api.user_creds_get(db_creds.id)
@ -749,6 +750,7 @@ class SqlAlchemyTest(common.HeatTestCase):
self.assertEqual('password', load_creds.get('password'))
self.assertEqual('test_tenant', load_creds.get('tenant'))
self.assertEqual('test_tenant_id', load_creds.get('tenant_id'))
self.assertEqual('regionOne', load_creds.get('region_name'))
self.assertIsNotNone(load_creds.get('created_at'))
self.assertIsNone(load_creds.get('updated_at'))
self.assertEqual('http://server.test:5000/v2.0',
@ -780,12 +782,14 @@ class SqlAlchemyTest(common.HeatTestCase):
self.ctx.username = None
self.ctx.password = None
self.ctx.trust_id = None
self.ctx.region_name = None
db_creds = db_api.user_creds_create(self.ctx)
load_creds = db_api.user_creds_get(db_creds.id)
self.assertIsNone(load_creds.get('username'))
self.assertIsNone(load_creds.get('password'))
self.assertIsNone(load_creds.get('trust_id'))
self.assertIsNone(load_creds.get('region_name'))
def test_software_config_create(self):
tenant_id = self.ctx.tenant_id

View File

@ -68,7 +68,7 @@ def reset_dummy_db():
def dummy_context(user='test_username', tenant_id='test_tenant_id',
password='password', roles=None, user_id=None,
trust_id=None):
trust_id=None, region_name=None):
roles = roles or []
return context.RequestContext.from_dict({
'tenant_id': tenant_id,
@ -80,7 +80,8 @@ def dummy_context(user='test_username', tenant_id='test_tenant_id',
'is_admin': False,
'auth_url': 'http://server.test:5000/v2.0',
'auth_token': 'abcd1234',
'trust_id': trust_id
'trust_id': trust_id,
'region_name': region_name
})