openstack
/
keystone
Code Issues Proposed changes

** keystone.conf refactoring ** 

Added support for exthandler
Added admin pipeline
Moved public/admin host/port configs in support of pipeline configuration
This commit is contained in:
Dolph Mathews 2011-07-07 14:13:02 -05:00
parent aa5fdac7b6
commit 1b0ef39d51
5 changed files with 54 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
bin/keystone
View File

@ -69,20 +69,20 @@ if __name__ == '__main__':
config_file = config.find_config_file(options, args)
print "Using config file:", config_file
# Load API server
# Load Public API server
server = wsgi.Server()
server.start(app, int(conf['server_bind_port']),
conf['server_bind_host'])
print "Service API listening on %s:%s" % (conf['server_bind_host'],
conf['server_bind_port'])
server.start(app, int(conf['public_port']), conf['public_host'])
print "Service API listening on %s:%s" % (
conf['public_host'], conf['public_port'])
# Load Admin API server
admin_server = wsgi.Server()
admin_bind = options.get('admin_port') or admin_conf.get('bind_port')
admin_server.start(admin_app, int(admin_bind),
admin_conf['bind_host'])
print "Admin API listening on %s:%s" % (admin_conf['bind_host'],
admin_bind)
admin_server.start(admin_app,
int(conf['admin_port']), conf['admin_host'])
print "Admin API listening on %s:%s" % (
conf['admin_host'], conf['admin_port'])
# Wait until done
server.wait()

7
bin/keystone-admin
View File

@ -63,9 +63,10 @@ if __name__ == '__main__':
print "Using config file:", config_file
server = wsgi.Server()
server.start(app, int(conf['bind_port']), conf['bind_host'])
print "Admin API listening on %s:%s" % (conf['bind_host'],
conf['bind_port'])
server.start(app, int(conf['admin_port']), conf['admin_host'])
print "Admin API listening on %s:%s" % (
conf['admin_host'], conf['admin_port'])
server.wait()
except RuntimeError, e:

10
bin/keystone-auth
View File

@ -54,6 +54,7 @@ if __name__ == '__main__':
try:
# Load Service API server
conf, app = config.load_paste_app('keystone-legacy-auth', options, args)
debug = options.get('debug') or conf.get('debug', False)
debug = debug in [True, "True", "1"]
verbose = options.get('verbose') or conf.get('verbose', False)
@ -63,10 +64,11 @@ if __name__ == '__main__':
print "Using config file:", config_file
server = wsgi.Server()
server.start(app, int(conf['server_bind_port']),
conf['server_bind_host'])
print "Service API listening on %s:%s" % (conf['server_bind_host'],
conf['server_bind_port'])
server.start(app, int(conf['public_port']), conf['public_host'])
print "Service API listening on %s:%s" % (
conf['public_host'], conf['public_port'])
server.wait()
except RuntimeError, e:
sys.exit("ERROR: %s" % e)

49
etc/keystone.conf
View File

@ -14,21 +14,31 @@ default_store = sqlite
# file for both the API and registry servers!
#log_file = /var/log/keystone.log
log_file = keystone.log
#List of backends to be configured
backends = keystone.backends.sqlalchemy,keystone.backends.alterdb
#Dictionary Maps every service to a header.Missing services would get header X_(SERVICE_NAME) Key => Service Name, Value => Header Name
service-header-mappings = {'nova' : 'X-Server-Management-Url' , 'swift' : 'X-Storage-Url', 'cdn' : 'X-CDN-Management-Url'}
service-header-mappings = {
'nova' : 'X-Server-Management-Url',
'swift' : 'X-Storage-Url',
'cdn' : 'X-CDN-Management-Url'}
# Address to bind the API server
#TODO Properties defined within app not available via pipeline.Till then server props stay outside.
server_bind_host = 0.0.0.0
# TODO Properties defined within app not available via pipeline.
public_host = 0.0.0.0
# Port the bind the API server to
server_bind_port = 5000
public_port = 5000
# Address to bind the Admin API server
admin_host = 0.0.0.0
# Port the bind the Admin API server to
admin_port = 5001
#Role that allows to perform admin operations.
keystone-admin-role=Admin
keystone-admin-role = Admin
[keystone.backends.sqlalchemy]
# SQLAlchemy connection string for the reference implementation
@ -36,6 +46,7 @@ keystone-admin-role=Admin
# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine
sql_connection = sqlite:///keystone.db
backend_entities = ['UserGroupAssociation', 'UserRoleAssociation', 'Endpoints', 'Role', 'Tenant', 'User', 'Credentials', 'Group', 'EndpointTemplates']
# Period in seconds after which SQLAlchemy should reestablish its connection
# to the database.
sql_idle_timeout = 30
@ -46,26 +57,30 @@ sql_idle_timeout = 30
# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine
sql_connection = sqlite:///keystone.token.db
backend_entities = ['Token']
# Period in seconds after which SQLAlchemy should reestablish its connection
# to the database.
sql_idle_timeout = 30
[app:admin]
paste.app_factory = keystone.server:admin_app_factory
# Address to bind the Admin API server
bind_host = 0.0.0.0
# Port the bind the Admin API server to
bind_port = 5001
[app:server]
paste.app_factory = keystone.server:app_factory
[pipeline:admin]
pipeline =
exthandler
admin_service
[pipeline:keystone-legacy-auth]
pipeline =
exthandler
legacy_auth
server
public_service
[app:public_service]
paste.app_factory = keystone.server:app_factory
[app:admin_service]
paste.app_factory = keystone.server:admin_app_factory
[filter:exthandler]
paste.filter_factory = keystone.queryext.exthandler:filter_factory
[filter:legacy_auth]
paste.filter_factory = keystone.frontends.legacy_token_auth:filter_factory

1
setup.py
View File

@ -57,6 +57,7 @@ setup(
entry_points={
'paste.app_factory': ['main=identity:app_factory'],
'paste.filter_factory': [
'extfilter=keystone.queryext.exthandler:filter_factory',
'remoteauth=keystone.middleware.remoteauth:remoteauth_factory',
'tokenauth=keystone.auth_protocols.auth_token:filter_factory',
'swiftauth=keystone.middleware.swift_auth:filter_factory',