openstack/deb-nova
Code Issues Proposed changes

config options: centralize section: "keymgr"

Browse Source 
The config options  of the "nova.conf" section "keymgr" and
"barbican" got moved to the new central location "nova/conf/keymgr.py"

Change-Id: I018c3a408a8903be8d006760994de6947fb91168
Implements: blueprint centralize-config-options-newton
This commit is contained in:
Kevin_Zheng
2016-01-29 14:12:50 +08:00
parent ce018eccea
commit 8b0b54bd46
7 changed files with 98 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
nova/conf/__init__.py
View File

@@ -23,7 +23,7 @@ from oslo_config import cfg
# from nova.conf import api_database
from nova.conf import availability_zone
# from nova.conf import aws
# from nova.conf import barbican
from nova.conf import barbican
# from nova.conf import base
from nova.conf import cells
from nova.conf import cert
@@ -48,7 +48,7 @@ from nova.conf import hyperv
# from nova.conf import imagecache
# from nova.conf import image_file_url
from nova.conf import ironic
# from nova.conf import keymgr
from nova.conf import keymgr
# from nova.conf import keystone_authtoken
# from nova.conf import libvirt
# from nova.conf import matchmaker_redis
@@ -83,7 +83,7 @@ CONF = cfg.CONF
# api_database.register_opts(CONF)
availability_zone.register_opts(CONF)
# aws.register_opts(CONF)
# barbican.register_opts(CONF)
barbican.register_opts(CONF)
# base.register_opts(CONF)
cells.register_opts(CONF)
cert.register_opts(CONF)
@@ -108,7 +108,7 @@ hyperv.register_opts(CONF)
# imagecache.register_opts(CONF)
# image_file_url.register_opts(CONF)
ironic.register_opts(CONF)
# keymgr.register_opts(CONF)
keymgr.register_opts(CONF)
# keystone_authtoken.register_opts(CONF)
# libvirt.register_opts(CONF)
# matchmaker_redis.register_opts(CONF)

46
nova/conf/barbican.py Normal file
View File

@@ -0,0 +1,46 @@
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from keystoneauth1 import loading as ks_loading
from oslo_config import cfg
barbican_group = cfg.OptGroup(
'barbican',
title='Barbican options')
barbican_opts = [
cfg.StrOpt('catalog_info',
default='key-manager:barbican:public',
help='Info to match when looking for barbican in the service '
'catalog. Format is: separated values of the form: '
'<service_type>:<service_name>:<endpoint_type>'),
cfg.StrOpt('endpoint_template',
help='Override service catalog lookup with template for '
'barbican endpoint e.g. '
'http://localhost:9311/v1/%(project_id)s'),
cfg.StrOpt('os_region_name',
help='Region name of this node'),
]
def register_opts(conf):
conf.register_group(barbican_group)
conf.register_opts(barbican_opts, group=barbican_group)
ks_loading.register_session_conf_options(conf, barbican_group)
def list_opts():
return {
barbican_group.name: barbican_opts
}

40
nova/conf/keymgr.py Normal file
View File

@@ -0,0 +1,40 @@
# Copyright 2016 OpenStack Foundation
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from oslo_config import cfg
keymgr_group = cfg.OptGroup(
'keymgr',
title='Key manager options')
keymgr_opts = [
cfg.StrOpt('api_class',
default='nova.keymgr.conf_key_mgr.ConfKeyManager',
help='The full class name of the key manager API class'),
cfg.StrOpt(
'fixed_key',
help='Fixed key returned by key manager, specified in hex'),
]
def register_opts(conf):
conf.register_group(keymgr_group)
conf.register_opts(keymgr_opts, group=keymgr_group)
def list_opts():
return {
keymgr_group.name: keymgr_opts
}

11
nova/keymgr/__init__.py
View File

@@ -14,18 +14,11 @@
# under the License.
from oslo_config import cfg
from oslo_utils import importutils
import nova.conf
keymgr_opts = [
cfg.StrOpt('api_class',
default='nova.keymgr.conf_key_mgr.ConfKeyManager',
help='The full class name of the key manager API class'),
]
CONF = cfg.CONF
CONF.register_opts(keymgr_opts, group='keymgr')
CONF = nova.conf.CONF
def API():

25
nova/keymgr/barbican.py
View File

@@ -24,36 +24,19 @@ import binascii
from barbicanclient import client as barbican_client
from keystoneauth1 import loading as ks_loading
from keystoneauth1 import session
from oslo_config import cfg
from oslo_log import log as logging
from oslo_utils import excutils
import nova.conf
from nova import exception
from nova.i18n import _
from nova.i18n import _LE
from nova.keymgr import key as keymgr_key
from nova.keymgr import key_mgr
barbican_opts = [
cfg.StrOpt('catalog_info',
default='key-manager:barbican:public',
help='Info to match when looking for barbican in the service '
'catalog. Format is: separated values of the form: '
'<service_type>:<service_name>:<endpoint_type>'),
cfg.StrOpt('endpoint_template',
help='Override service catalog lookup with template for '
'barbican endpoint e.g. '
'http://localhost:9311/v1/%(project_id)s'),
cfg.StrOpt('os_region_name',
help='Region name of this node'),
]
CONF = cfg.CONF
BARBICAN_OPT_GROUP = 'barbican'
CONF.register_opts(barbican_opts, group=BARBICAN_OPT_GROUP)
ks_loading.register_session_conf_options(CONF, BARBICAN_OPT_GROUP)
CONF = nova.conf.CONF
LOG = logging.getLogger(__name__)
@@ -92,7 +75,7 @@ class BarbicanKeyManager(key_mgr.KeyManager):
try:
_SESSION = ks_loading.load_session_from_conf_options(
CONF,
BARBICAN_OPT_GROUP)
nova.conf.barbican.barbican_group)
auth = ctxt.get_auth_plugin()
service_type, service_name, interface = (CONF.

10
nova/keymgr/conf_key_mgr.py
View File

@@ -31,18 +31,12 @@ encrypted with a key provided by this key manager actually share the same
encryption key so *any* volume can be decrypted once the fixed key is known.
"""
from oslo_config import cfg
import nova.conf
from nova.i18n import _
from nova.keymgr import single_key_mgr
key_mgr_opts = [
cfg.StrOpt('fixed_key',
help='Fixed key returned by key manager, specified in hex'),
]
CONF = cfg.CONF
CONF.register_opts(key_mgr_opts, group='keymgr')
CONF = nova.conf.CONF
class ConfKeyManager(single_key_mgr.SingleKeyManager):

9
nova/opts.py
View File

@@ -35,9 +35,6 @@ import nova.exception
import nova.image.download.file
import nova.image.glance
import nova.ipv6.api
import nova.keymgr
import nova.keymgr.barbican
import nova.keymgr.conf_key_mgr
import nova.netconf
import nova.notifications
import nova.objects.network
@@ -80,17 +77,11 @@ def list_opts():
nova.utils.utils_opts,
nova.volume._volume_opts,
)),
('barbican', nova.keymgr.barbican.barbican_opts),
('cinder', nova.volume.cinder.cinder_opts),
('api_database', nova.db.sqlalchemy.api.api_db_opts),
('database', nova.db.sqlalchemy.api.oslo_db_options.database_opts),
('glance', nova.image.glance.glance_opts),
('image_file_url', [nova.image.download.file.opt_group]),
('keymgr',
itertools.chain(
nova.keymgr.conf_key_mgr.key_mgr_opts,
nova.keymgr.keymgr_opts,
)),
('spice',
itertools.chain(
nova.cmd.spicehtml5proxy.opts,