openstack/devstack
Code Issues Proposed changes

Merge "remove keystone templated catalog"

Browse Source
This commit is contained in:
Jenkins 2016-02-11 20:01:37 +00:00 committed by Gerrit Code Review
commit dbf10cd022
9 changed files with 90 additions and 220 deletions

18
doc/source/configuration.rst

@ -379,24 +379,6 @@ that matches requirements.
PIP_UPGRADE=True
Service Catalog Backend
-----------------------
By default DevStack uses Keystone's ``sql`` service catalog backend.
An alternate ``template`` backend is also available, however, it does
not support the ``service-*`` and ``endpoint-*`` commands of the
``keystone`` CLI. To do so requires the ``sql`` backend be enabled
with ``KEYSTONE_CATALOG_BACKEND``:
::
KEYSTONE_CATALOG_BACKEND=template
DevStack's default configuration in ``sql`` mode is set in
``lib/keystone``
Guest Images
------------

63
files/default_catalog.templates

@ -1,63 +0,0 @@
# config for TemplatedCatalog, using camelCase because I don't want to do
# translations for legacy compat
catalog.RegionOne.identity.publicURL = http://%SERVICE_HOST%:$(public_port)s/v2.0
catalog.RegionOne.identity.adminURL = http://%SERVICE_HOST%:$(admin_port)s/v2.0
catalog.RegionOne.identity.internalURL = http://%SERVICE_HOST%:$(public_port)s/v2.0
catalog.RegionOne.identity.name = Identity Service
catalog.RegionOne.compute.publicURL = http://%SERVICE_HOST%:8774/v2/$(tenant_id)s
catalog.RegionOne.compute.adminURL = http://%SERVICE_HOST%:8774/v2/$(tenant_id)s
catalog.RegionOne.compute.internalURL = http://%SERVICE_HOST%:8774/v2/$(tenant_id)s
catalog.RegionOne.compute.name = Compute Service
catalog.RegionOne.computev21.publicURL = http://%SERVICE_HOST%:8774/v2.1/$(tenant_id)s
catalog.RegionOne.computev21.adminURL = http://%SERVICE_HOST%:8774/v2.1/$(tenant_id)s
catalog.RegionOne.computev21.internalURL = http://%SERVICE_HOST%:8774/v2.1/$(tenant_id)s
catalog.RegionOne.computev21.name = Compute Service V2.1
catalog.RegionOne.volume.publicURL = http://%SERVICE_HOST%:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.adminURL = http://%SERVICE_HOST%:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.internalURL = http://%SERVICE_HOST%:8776/v1/$(tenant_id)s
catalog.RegionOne.volume.name = Volume Service
catalog.RegionOne.volumev2.publicURL = http://%SERVICE_HOST%:8776/v2/$(tenant_id)s
catalog.RegionOne.volumev2.adminURL = http://%SERVICE_HOST%:8776/v2/$(tenant_id)s
catalog.RegionOne.volumev2.internalURL = http://%SERVICE_HOST%:8776/v2/$(tenant_id)s
catalog.RegionOne.volumev2.name = Volume Service V2
catalog.RegionOne.ec2.publicURL = http://%SERVICE_HOST%:8773/
catalog.RegionOne.ec2.adminURL = http://%SERVICE_HOST%:8773/
catalog.RegionOne.ec2.internalURL = http://%SERVICE_HOST%:8773/
catalog.RegionOne.ec2.name = EC2 Service
catalog.RegionOne.s3.publicURL = http://%SERVICE_HOST%:%S3_SERVICE_PORT%
catalog.RegionOne.s3.adminURL = http://%SERVICE_HOST%:%S3_SERVICE_PORT%
catalog.RegionOne.s3.internalURL = http://%SERVICE_HOST%:%S3_SERVICE_PORT%
catalog.RegionOne.s3.name = S3 Service
catalog.RegionOne.image.publicURL = http://%SERVICE_HOST%:9292
catalog.RegionOne.image.adminURL = http://%SERVICE_HOST%:9292
catalog.RegionOne.image.internalURL = http://%SERVICE_HOST%:9292
catalog.RegionOne.image.name = Image Service
catalog.RegionOne.cloudformation.publicURL = http://%SERVICE_HOST%:8000/v1
catalog.RegionOne.cloudformation.adminURL = http://%SERVICE_HOST%:8000/v1
catalog.RegionOne.cloudformation.internalURL = http://%SERVICE_HOST%:8000/v1
catalog.RegionOne.cloudformation.name = CloudFormation service
catalog.RegionOne.orchestration.publicURL = http://%SERVICE_HOST%:8004/v1/$(tenant_id)s
catalog.RegionOne.orchestration.adminURL = http://%SERVICE_HOST%:8004/v1/$(tenant_id)s
catalog.RegionOne.orchestration.internalURL = http://%SERVICE_HOST%:8004/v1/$(tenant_id)s
catalog.RegionOne.orchestration.name = Orchestration Service
catalog.RegionOne.metering.publicURL = http://%SERVICE_HOST%:8777/v1
catalog.RegionOne.metering.adminURL = http://%SERVICE_HOST%:8777/v1
catalog.RegionOne.metering.internalURL = http://%SERVICE_HOST%:8777/v1
catalog.RegionOne.metering.name = Telemetry Service

27
lib/cinder

@ -369,20 +369,21 @@ function create_cinder_accounts {
create_service_user "cinder"
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
get_or_create_service "cinder" "volume" "Cinder Volume Service"
get_or_create_endpoint \
"volume" \
"$REGION_NAME" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s"
get_or_create_service "cinder" "volume" "Cinder Volume Service"
get_or_create_endpoint "volume" "$REGION_NAME" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s"
get_or_create_service "cinderv2" "volumev2" "Cinder Volume Service V2"
get_or_create_endpoint "volumev2" "$REGION_NAME" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s"
fi
get_or_create_service "cinderv2" "volumev2" "Cinder Volume Service V2"
get_or_create_endpoint \
"volumev2" \
"$REGION_NAME" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s"
fi
}

16
lib/glance

@ -244,15 +244,13 @@ function create_glance_accounts {
get_or_add_user_project_role "ResellerAdmin" $glance_swift_user $SERVICE_TENANT_NAME
fi
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
get_or_create_service "glance" "image" "Glance Image Service"
get_or_create_endpoint "image" \
"$REGION_NAME" \
"$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT" \
"$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT" \
"$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT"
fi
get_or_create_service "glance" "image" "Glance Image Service"
get_or_create_endpoint \
"image" \
"$REGION_NAME" \
"$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT" \
"$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT" \
"$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT"
fi
}

30
lib/heat

@ -387,23 +387,21 @@ function create_heat_accounts {
if [[ "$HEAT_STANDALONE" != "True" ]]; then
create_service_user "heat" "admin"
get_or_create_service "heat" "orchestration" "Heat Orchestration Service"
get_or_create_endpoint \
"orchestration" \
"$REGION_NAME" \
"$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" \
"$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" \
"$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s"
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
get_or_create_service "heat" "orchestration" "Heat Orchestration Service"
get_or_create_endpoint "orchestration" \
"$REGION_NAME" \
"$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" \
"$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" \
"$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s"
get_or_create_service "heat-cfn" "cloudformation" "Heat CloudFormation Service"
get_or_create_endpoint "cloudformation" \
"$REGION_NAME" \
"$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" \
"$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" \
"$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1"
fi
get_or_create_service "heat-cfn" "cloudformation" "Heat CloudFormation Service"
get_or_create_endpoint \
"cloudformation" \
"$REGION_NAME" \
"$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" \
"$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" \
"$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1"
# heat_stack_user role is for users created by Heat
get_or_create_role "heat_stack_user"

63
lib/keystone

@ -52,13 +52,12 @@ KEYSTONE_CONF_DIR=${KEYSTONE_CONF_DIR:-/etc/keystone}
KEYSTONE_CONF=$KEYSTONE_CONF_DIR/keystone.conf
KEYSTONE_PASTE_INI=${KEYSTONE_PASTE_INI:-$KEYSTONE_CONF_DIR/keystone-paste.ini}
# NOTE(sdague): remove in Newton
KEYSTONE_CATALOG_BACKEND="sql"
# Toggle for deploying Keystone under HTTPD + mod_wsgi
KEYSTONE_USE_MOD_WSGI=${KEYSTONE_USE_MOD_WSGI:-${ENABLE_HTTPD_MOD_WSGI_SERVICES}}
# Select the Catalog backend driver
KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql}
KEYSTONE_CATALOG=$KEYSTONE_CONF_DIR/default_catalog.templates
# Select the token persistence backend driver
KEYSTONE_TOKEN_BACKEND=${KEYSTONE_TOKEN_BACKEND:-sql}
@ -254,39 +253,6 @@ function configure_keystone {
iniset $KEYSTONE_CONF token driver "$KEYSTONE_TOKEN_BACKEND"
iniset $KEYSTONE_CONF catalog driver "$KEYSTONE_CATALOG_BACKEND"
if [[ "$KEYSTONE_CATALOG_BACKEND" = "sql" ]]; then
# Configure ``keystone.conf`` to use sql
inicomment $KEYSTONE_CONF catalog template_file
else
deprecated "Using templated service catalog in devstack is deprecated"
cp -p $FILES/default_catalog.templates $KEYSTONE_CATALOG
# Add swift endpoints to service catalog if swift is enabled
if is_service_enabled s-proxy; then
echo "catalog.RegionOne.object_store.publicURL = http://%SERVICE_HOST%:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_\$(tenant_id)s" >> $KEYSTONE_CATALOG
echo "catalog.RegionOne.object_store.adminURL = http://%SERVICE_HOST%:$SWIFT_DEFAULT_BIND_PORT/" >> $KEYSTONE_CATALOG
echo "catalog.RegionOne.object_store.internalURL = http://%SERVICE_HOST%:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_\$(tenant_id)s" >> $KEYSTONE_CATALOG
echo "catalog.RegionOne.object_store.name = Swift Service" >> $KEYSTONE_CATALOG
fi
# Add neutron endpoints to service catalog if neutron is enabled
if is_service_enabled neutron; then
echo "catalog.RegionOne.network.publicURL = http://%SERVICE_HOST%:$Q_PORT/" >> $KEYSTONE_CATALOG
echo "catalog.RegionOne.network.adminURL = http://%SERVICE_HOST%:$Q_PORT/" >> $KEYSTONE_CATALOG
echo "catalog.RegionOne.network.internalURL = http://%SERVICE_HOST%:$Q_PORT/" >> $KEYSTONE_CATALOG
echo "catalog.RegionOne.network.name = Neutron Service" >> $KEYSTONE_CATALOG
fi
sed -e "
s,%SERVICE_HOST%,$SERVICE_HOST,g;
s,%S3_SERVICE_PORT%,$S3_SERVICE_PORT,g;
" -i $KEYSTONE_CATALOG
# Configure ``keystone.conf`` to use templates
iniset $KEYSTONE_CONF catalog template_file "$KEYSTONE_CATALOG"
fi
# Set up logging
if [ "$SYSLOG" != "False" ]; then
iniset $KEYSTONE_CONF DEFAULT use_syslog "True"
@ -588,7 +554,6 @@ function stop_keystone {
# - ``KEYSTONE_BIN_DIR``
# - ``ADMIN_PASSWORD``
# - ``IDENTITY_API_VERSION``
# - ``KEYSTONE_CATALOG_BACKEND``
# - ``KEYSTONE_AUTH_URI``
# - ``REGION_NAME``
# - ``KEYSTONE_SERVICE_PROTOCOL``
@ -616,19 +581,17 @@ function bootstrap_keystone {
--os-identity-api-version 3 --os-auth-url $KEYSTONE_AUTH_URI \
--os-password $ADMIN_PASSWORD)
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
export OS_TOKEN=$token_id
export OS_URL=$KEYSTONE_AUTH_URI/v3
export OS_IDENTITY_API_VERSION=3
export OS_TOKEN=$token_id
export OS_URL=$KEYSTONE_AUTH_URI/v3
export OS_IDENTITY_API_VERSION=3
get_or_create_service "keystone" "identity" "Keystone Identity Service"
get_or_create_endpoint "identity" \
"$REGION_NAME" \
"$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" \
"$KEYSTONE_AUTH_URI/v$IDENTITY_API_VERSION" \
"$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION"
fi
get_or_create_service "keystone" "identity" "Keystone Identity Service"
get_or_create_endpoint \
"identity" \
"$REGION_NAME" \
"$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION" \
"$KEYSTONE_AUTH_URI/v$IDENTITY_API_VERSION" \
"$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$IDENTITY_API_VERSION"
unset OS_TOKEN OS_URL OS_IDENTITY_API_VERSION
}

16
lib/neutron-legacy

@ -525,15 +525,13 @@ function create_neutron_accounts {
create_service_user "neutron"
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
get_or_create_service "neutron" "network" "Neutron Service"
get_or_create_endpoint "network" \
"$REGION_NAME" \
"$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \
"$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \
"$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/"
fi
get_or_create_service "neutron" "network" "Neutron Service"
get_or_create_endpoint \
"network" \
"$REGION_NAME" \
"$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \
"$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \
"$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/"
fi
}

59
lib/nova

@ -415,29 +415,28 @@ function create_nova_accounts {
# this service user when notifying nova of changes and that requires the admin role.
create_service_user "nova" "admin"
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
local nova_api_url
if [[ "$NOVA_USE_MOD_WSGI" == "False" ]]; then
nova_api_url="$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT"
else
nova_api_url="$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST/compute"
fi
get_or_create_service "nova_legacy" "compute_legacy" \
"Nova Compute Service (Legacy 2.0)"
get_or_create_endpoint "compute_legacy" \
"$REGION_NAME" \
"$nova_api_url/v2/\$(tenant_id)s" \
"$nova_api_url/v2/\$(tenant_id)s" \
"$nova_api_url/v2/\$(tenant_id)s"
get_or_create_service "nova" "compute" "Nova Compute Service"
get_or_create_endpoint "compute" \
"$REGION_NAME" \
"$nova_api_url/v2.1/\$(tenant_id)s" \
"$nova_api_url/v2.1/\$(tenant_id)s" \
"$nova_api_url/v2.1/\$(tenant_id)s"
local nova_api_url
if [[ "$NOVA_USE_MOD_WSGI" == "False" ]]; then
nova_api_url="$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT"
else
nova_api_url="$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST/compute"
fi
get_or_create_service "nova_legacy" "compute_legacy" "Nova Compute Service (Legacy 2.0)"
get_or_create_endpoint \
"compute_legacy" \
"$REGION_NAME" \
"$nova_api_url/v2/\$(tenant_id)s" \
"$nova_api_url/v2/\$(tenant_id)s" \
"$nova_api_url/v2/\$(tenant_id)s"
get_or_create_service "nova" "compute" "Nova Compute Service"
get_or_create_endpoint \
"compute" \
"$REGION_NAME" \
"$nova_api_url/v2.1/\$(tenant_id)s" \
"$nova_api_url/v2.1/\$(tenant_id)s" \
"$nova_api_url/v2.1/\$(tenant_id)s"
fi
if is_service_enabled n-api; then
@ -451,15 +450,13 @@ function create_nova_accounts {
# S3
if is_service_enabled swift3; then
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
get_or_create_service "s3" "s3" "S3"
get_or_create_endpoint "s3" \
"$REGION_NAME" \
"http://$SERVICE_HOST:$S3_SERVICE_PORT" \
"http://$SERVICE_HOST:$S3_SERVICE_PORT" \
"http://$SERVICE_HOST:$S3_SERVICE_PORT"
fi
get_or_create_service "s3" "s3" "S3"
get_or_create_endpoint \
"s3" \
"$REGION_NAME" \
"http://$SERVICE_HOST:$S3_SERVICE_PORT" \
"http://$SERVICE_HOST:$S3_SERVICE_PORT" \
"http://$SERVICE_HOST:$S3_SERVICE_PORT"
fi
}

18
lib/swift

@ -612,8 +612,6 @@ function create_swift_accounts {
export swiftusertest3_password=testing3
export swiftusertest4_password=testing4
KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql}
local another_role
another_role=$(get_or_create_role "anotherrole")
@ -621,15 +619,13 @@ function create_swift_accounts {
# temp urls, which break when uploaded by a non-admin role
create_service_user "swift" "admin"
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
get_or_create_service "swift" "object-store" "Swift Service"
get_or_create_endpoint "object-store" \
"$REGION_NAME" \
"$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_\$(tenant_id)s" \
"$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT" \
"$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_\$(tenant_id)s"
fi
get_or_create_service "swift" "object-store" "Swift Service"
get_or_create_endpoint \
"object-store" \
"$REGION_NAME" \
"$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_\$(tenant_id)s" \
"$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT" \
"$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_\$(tenant_id)s"
local swift_tenant_test1
swift_tenant_test1=$(get_or_create_project swifttenanttest1 default)