openstack/devstack
Code Issues Proposed changes

Move auth_token config to .conf, key cache directories

Browse Source 
auth_token configuration can now be read from the conf files
rather than the paste.ini files.

A key cache directory has been created for each of the 3 API services
under /var/cache/heat

This is the devstack change relating to
Heat Blueprint: keystone-middleware

This is related to this committed change:
https://review.openstack.org/#/c/26351/

Devstack users will find Heat to be broken until this corresponding change
is approved.

Change-Id: If6f77f86a3eeb08a58b516725bd806e39ccedb50
This commit is contained in:
Steve Baker 2013-04-09 13:41:47 +12:00
parent 459bdc3b50
commit c32490838a
2 changed files with 39 additions and 23 deletions

61
lib/heat

@ -29,6 +29,7 @@ set +o xtrace
# set up default directories
HEAT_DIR=$DEST/heat
HEATCLIENT_DIR=$DEST/python-heatclient
HEAT_AUTH_CACHE_DIR=${HEAT_AUTH_CACHE_DIR:-/var/cache/heat}
# Functions
@ -37,8 +38,7 @@ HEATCLIENT_DIR=$DEST/python-heatclient
# cleanup_heat() - Remove residual data files, anything left over from previous
# runs that a clean run would need to clean up
function cleanup_heat() {
# This function intentionally left blank
:
sudo rm -rf $HEAT_AUTH_CACHE_DIR
}
# configure_heatclient() - Set config files, create data dirs, etc
@ -73,18 +73,19 @@ function configure_heat() {
iniset $HEAT_API_CFN_CONF DEFAULT use_syslog $SYSLOG
iniset $HEAT_API_CFN_CONF DEFAULT bind_host $HEAT_API_CFN_HOST
iniset $HEAT_API_CFN_CONF DEFAULT bind_port $HEAT_API_CFN_PORT
iniset $HEAT_API_CFN_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
iniset $HEAT_API_CFN_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
iniset $HEAT_API_CFN_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
iniset $HEAT_API_CFN_CONF keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
iniset $HEAT_API_CFN_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
iniset $HEAT_API_CFN_CONF keystone_authtoken admin_user heat
iniset $HEAT_API_CFN_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
iniset $HEAT_API_CFN_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR/api-cfn
iniset_rpc_backend heat $HEAT_API_CFN_CONF DEFAULT
HEAT_API_CFN_PASTE_INI=$HEAT_CONF_DIR/heat-api-cfn-paste.ini
cp $HEAT_DIR/etc/heat/heat-api-cfn-paste.ini $HEAT_API_CFN_PASTE_INI
iniset $HEAT_API_CFN_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST
iniset $HEAT_API_CFN_PASTE_INI filter:authtoken auth_port $KEYSTONE_AUTH_PORT
iniset $HEAT_API_CFN_PASTE_INI filter:authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
iniset $HEAT_API_CFN_PASTE_INI filter:authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
iniset $HEAT_API_CFN_PASTE_INI filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME
iniset $HEAT_API_CFN_PASTE_INI filter:authtoken admin_user heat
iniset $HEAT_API_CFN_PASTE_INI filter:authtoken admin_password $SERVICE_PASSWORD
iniset $HEAT_API_CFN_PASTE_INI filter:ec2authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
iniset $HEAT_API_CFN_PASTE_INI filter:ec2authtoken keystone_ec2_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/ec2tokens
@ -96,18 +97,19 @@ function configure_heat() {
iniset $HEAT_API_CONF DEFAULT use_syslog $SYSLOG
iniset $HEAT_API_CONF DEFAULT bind_host $HEAT_API_HOST
iniset $HEAT_API_CONF DEFAULT bind_port $HEAT_API_PORT
iniset $HEAT_API_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
iniset $HEAT_API_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
iniset $HEAT_API_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
iniset $HEAT_API_CONF keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
iniset $HEAT_API_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
iniset $HEAT_API_CONF keystone_authtoken admin_user heat
iniset $HEAT_API_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
iniset $HEAT_API_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR/api
iniset_rpc_backend heat $HEAT_API_CONF DEFAULT
HEAT_API_PASTE_INI=$HEAT_CONF_DIR/heat-api-paste.ini
cp $HEAT_DIR/etc/heat/heat-api-paste.ini $HEAT_API_PASTE_INI
iniset $HEAT_API_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST
iniset $HEAT_API_PASTE_INI filter:authtoken auth_port $KEYSTONE_AUTH_PORT
iniset $HEAT_API_PASTE_INI filter:authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
iniset $HEAT_API_PASTE_INI filter:authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
iniset $HEAT_API_PASTE_INI filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME
iniset $HEAT_API_PASTE_INI filter:authtoken admin_user heat
iniset $HEAT_API_PASTE_INI filter:authtoken admin_password $SERVICE_PASSWORD
iniset $HEAT_API_PASTE_INI filter:ec2authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
iniset $HEAT_API_PASTE_INI filter:ec2authtoken keystone_ec2_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/ec2tokens
@ -135,18 +137,19 @@ function configure_heat() {
iniset $HEAT_API_CW_CONF DEFAULT use_syslog $SYSLOG
iniset $HEAT_API_CW_CONF DEFAULT bind_host $HEAT_API_CW_HOST
iniset $HEAT_API_CW_CONF DEFAULT bind_port $HEAT_API_CW_PORT
iniset $HEAT_API_CW_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
iniset $HEAT_API_CW_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
iniset $HEAT_API_CW_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
iniset $HEAT_API_CW_CONF keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
iniset $HEAT_API_CW_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
iniset $HEAT_API_CW_CONF keystone_authtoken admin_user heat
iniset $HEAT_API_CW_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
iniset $HEAT_API_CW_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR/api-cloudwatch
iniset_rpc_backend heat $HEAT_API_CW_CONF DEFAULT
HEAT_API_CW_PASTE_INI=$HEAT_CONF_DIR/heat-api-cloudwatch-paste.ini
cp $HEAT_DIR/etc/heat/heat-api-cloudwatch-paste.ini $HEAT_API_CW_PASTE_INI
iniset $HEAT_API_CW_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST
iniset $HEAT_API_CW_PASTE_INI filter:authtoken auth_port $KEYSTONE_AUTH_PORT
iniset $HEAT_API_CW_PASTE_INI filter:authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
iniset $HEAT_API_CW_PASTE_INI filter:authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
iniset $HEAT_API_CW_PASTE_INI filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME
iniset $HEAT_API_CW_PASTE_INI filter:authtoken admin_user heat
iniset $HEAT_API_CW_PASTE_INI filter:authtoken admin_password $SERVICE_PASSWORD
iniset $HEAT_API_CW_PASTE_INI filter:ec2authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
iniset $HEAT_API_CW_PASTE_INI filter:ec2authtoken keystone_ec2_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/ec2tokens
}
@ -159,6 +162,18 @@ function init_heat() {
$HEAT_DIR/bin/heat-db-setup $os_PACKAGE -r $DATABASE_PASSWORD
$HEAT_DIR/tools/nova_create_flavors.sh
create_heat_cache_dir
}
# create_heat_cache_dir() - Part of the init_heat() process
function create_heat_cache_dir() {
# Create cache dirs
sudo mkdir -p $HEAT_AUTH_CACHE_DIR/api
sudo chown $STACK_USER $HEAT_AUTH_CACHE_DIR/api
sudo mkdir -p $HEAT_AUTH_CACHE_DIR/api-cfn
sudo chown $STACK_USER $HEAT_AUTH_CACHE_DIR/api-cfn
sudo mkdir -p $HEAT_AUTH_CACHE_DIR/api-cloudwatch
sudo chown $STACK_USER $HEAT_AUTH_CACHE_DIR/api-cloudwatch
}
# install_heatclient() - Collect source and prepare

1
stack.sh

@ -643,6 +643,7 @@ fi
if is_service_enabled heat; then
install_heat
install_heatclient
cleanup_heat
configure_heat
configure_heatclient
fi