Fix loading CertManager method

Currently local_cert_manager is never enabled if 'cert_manager_class'
is set to 'neutron_lbaas.common.cert_manager.local_cert_manager'.
Because due to initialization order of config parameters.
This fixes it to correct order.

Change-Id: I0b60e9034e113160ec8347da52d67c4835c90cbf
This commit is contained in:
OTSUKA, Yuanying 2015-08-25 14:48:40 +09:00
parent a0bd18c7cd
commit 2cc700c291
8 changed files with 66 additions and 17 deletions

View File

@ -68,7 +68,6 @@ service_provider=LOADBALANCER:Haproxy:neutron_lbaas.services.loadbalancer.driver
# service_provider = LOADBALANCERV2:kemptechnologies:neutron_lbaas.drivers.kemptechnologies.driver_v2.KempLoadMasterDriver:default
[certificates]
# cert_manager_class = neutron_lbaas.common.cert_manager.barbican_cert_manager
# cert_manager_type = barbican
## The following option is only valid when using neutron_lbaas.common.cert_manager.local_cert_manager
# storage_path = /var/lib/neutron-lbaas/certificates/

View File

@ -12,17 +12,15 @@
# License for the specific language governing permissions and limitations
# under the License.
import importlib
from oslo_config import cfg
from stevedore import driver
CONF = cfg.CONF
CERT_MANAGER_DEFAULT = ('neutron_lbaas.common.cert_manager.'
'barbican_cert_manager')
CERT_MANAGER_DEFAULT = 'barbican'
cert_manager_opts = [
cfg.StrOpt('cert_manager_class',
cfg.StrOpt('cert_manager_type',
default=CERT_MANAGER_DEFAULT,
help='Certificate Manager plugin. '
'Defaults to {0}.'.format(CERT_MANAGER_DEFAULT))
@ -30,9 +28,13 @@ cert_manager_opts = [
CONF.register_opts(cert_manager_opts, group='certificates')
# Use CERT_MANAGER_PLUGIN.CertManager and CERT_MANAGER_PLUGIN.Cert to reference
# the Certificate plugin chosen via the service configuration.
# TODO(rm_work): Investigate using Stevedore here.
CERT_MANAGER_PLUGIN = importlib.import_module(
CONF.certificates.cert_manager_class
)
_CERT_MANAGER_PLUGIN = None
def get_backend():
global _CERT_MANAGER_PLUGIN
if not _CERT_MANAGER_PLUGIN:
_CERT_MANAGER_PLUGIN = driver.DriverManager(
"neutron_lbaas.cert_manager.backend",
cfg.CONF.certificates.cert_manager_type).driver
return _CERT_MANAGER_PLUGIN

View File

@ -32,7 +32,7 @@ from neutron_lbaas.drivers.radware import base_v2_driver
from neutron_lbaas.drivers.radware import exceptions as r_exc
from neutron_lbaas.drivers.radware import rest_client as rest
CERT_MANAGER_PLUGIN = neutron_lbaas.common.cert_manager.CERT_MANAGER_PLUGIN
CERT_MANAGER_PLUGIN = neutron_lbaas.common.cert_manager.get_backend()
TEMPLATE_HEADER = {'Content-Type':
'application/vnd.com.radware.vdirect.'
'template-parameters+json'}

View File

@ -26,7 +26,7 @@ from neutron_lbaas.common.tls_utils import cert_parser
from neutron_lbaas.services.loadbalancer import constants
from neutron_lbaas.services.loadbalancer import data_models
CERT_MANAGER_PLUGIN = cert_manager.CERT_MANAGER_PLUGIN
CERT_MANAGER_PLUGIN = cert_manager.get_backend()
PROTOCOL_MAP = {
constants.PROTOCOL_TCP: 'tcp',

View File

@ -40,7 +40,7 @@ from neutron_lbaas.services.loadbalancer import agent_scheduler
from neutron_lbaas.services.loadbalancer import constants as lb_const
from neutron_lbaas.services.loadbalancer import data_models
LOG = logging.getLogger(__name__)
CERT_MANAGER_PLUGIN = neutron_lbaas.common.cert_manager.CERT_MANAGER_PLUGIN
CERT_MANAGER_PLUGIN = neutron_lbaas.common.cert_manager.get_backend()
def verify_lbaas_mutual_exclusion():

View File

@ -0,0 +1,44 @@
# Copyright 2015 NEC Corporation. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from oslo_config import cfg
from neutron_lbaas.common import cert_manager
from neutron_lbaas.common.cert_manager import barbican_cert_manager as bcm
from neutron_lbaas.common.cert_manager import get_backend
from neutron_lbaas.common.cert_manager import local_cert_manager as lcm
from neutron_lbaas.tests import base
class TestCertManager(base.BaseTestCase):
def setUp(self):
cert_manager._CERT_MANAGER_PLUGIN = None
super(TestCertManager, self).setUp()
def test_barbican_cert_manager(self):
cfg.CONF.set_override(
'cert_manager_type',
'barbican',
group='certificates')
self.assertEqual(get_backend().CertManager,
bcm.CertManager)
def test_local_cert_manager(self):
cfg.CONF.set_override(
'cert_manager_type',
'local',
group='certificates')
self.assertEqual(get_backend().CertManager,
lcm.CertManager)

View File

@ -20,3 +20,4 @@ python-barbicanclient>=3.0.1
pyasn1
pyasn1-modules
pyOpenSSL>=0.14
stevedore>=1.5.0 # Apache-2.0

View File

@ -51,6 +51,9 @@ pool_schedulers =
neutron.services.loadbalancer.agent_scheduler.LeastPoolAgentScheduler = neutron_lbaas.services.loadbalancer.agent_scheduler:LeastPoolAgentScheduler
neutron.db.alembic_migrations =
neutron-lbaas = neutron_lbaas.db.migration:alembic_migrations
neutron_lbaas.cert_manager.backend =
barbican = neutron_lbaas.common.cert_manager.barbican_cert_manager
local = neutron_lbaas.common.cert_manager.local_cert_manager
[build_sphinx]
all_files = 1