Fix loading CertManager method
Currently local_cert_manager is never enabled if 'cert_manager_class' is set to 'neutron_lbaas.common.cert_manager.local_cert_manager'. Because due to initialization order of config parameters. This fixes it to correct order. Change-Id: I0b60e9034e113160ec8347da52d67c4835c90cbf
This commit is contained in:
parent
a0bd18c7cd
commit
2cc700c291
@ -68,7 +68,6 @@ service_provider=LOADBALANCER:Haproxy:neutron_lbaas.services.loadbalancer.driver
|
||||
# service_provider = LOADBALANCERV2:kemptechnologies:neutron_lbaas.drivers.kemptechnologies.driver_v2.KempLoadMasterDriver:default
|
||||
|
||||
[certificates]
|
||||
# cert_manager_class = neutron_lbaas.common.cert_manager.barbican_cert_manager
|
||||
# cert_manager_type = barbican
|
||||
## The following option is only valid when using neutron_lbaas.common.cert_manager.local_cert_manager
|
||||
# storage_path = /var/lib/neutron-lbaas/certificates/
|
||||
|
||||
|
@ -12,17 +12,15 @@
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import importlib
|
||||
|
||||
from oslo_config import cfg
|
||||
from stevedore import driver
|
||||
|
||||
CONF = cfg.CONF
|
||||
|
||||
CERT_MANAGER_DEFAULT = ('neutron_lbaas.common.cert_manager.'
|
||||
'barbican_cert_manager')
|
||||
CERT_MANAGER_DEFAULT = 'barbican'
|
||||
|
||||
cert_manager_opts = [
|
||||
cfg.StrOpt('cert_manager_class',
|
||||
cfg.StrOpt('cert_manager_type',
|
||||
default=CERT_MANAGER_DEFAULT,
|
||||
help='Certificate Manager plugin. '
|
||||
'Defaults to {0}.'.format(CERT_MANAGER_DEFAULT))
|
||||
@ -30,9 +28,13 @@ cert_manager_opts = [
|
||||
|
||||
CONF.register_opts(cert_manager_opts, group='certificates')
|
||||
|
||||
# Use CERT_MANAGER_PLUGIN.CertManager and CERT_MANAGER_PLUGIN.Cert to reference
|
||||
# the Certificate plugin chosen via the service configuration.
|
||||
# TODO(rm_work): Investigate using Stevedore here.
|
||||
CERT_MANAGER_PLUGIN = importlib.import_module(
|
||||
CONF.certificates.cert_manager_class
|
||||
)
|
||||
_CERT_MANAGER_PLUGIN = None
|
||||
|
||||
|
||||
def get_backend():
|
||||
global _CERT_MANAGER_PLUGIN
|
||||
if not _CERT_MANAGER_PLUGIN:
|
||||
_CERT_MANAGER_PLUGIN = driver.DriverManager(
|
||||
"neutron_lbaas.cert_manager.backend",
|
||||
cfg.CONF.certificates.cert_manager_type).driver
|
||||
return _CERT_MANAGER_PLUGIN
|
||||
|
@ -32,7 +32,7 @@ from neutron_lbaas.drivers.radware import base_v2_driver
|
||||
from neutron_lbaas.drivers.radware import exceptions as r_exc
|
||||
from neutron_lbaas.drivers.radware import rest_client as rest
|
||||
|
||||
CERT_MANAGER_PLUGIN = neutron_lbaas.common.cert_manager.CERT_MANAGER_PLUGIN
|
||||
CERT_MANAGER_PLUGIN = neutron_lbaas.common.cert_manager.get_backend()
|
||||
TEMPLATE_HEADER = {'Content-Type':
|
||||
'application/vnd.com.radware.vdirect.'
|
||||
'template-parameters+json'}
|
||||
|
@ -26,7 +26,7 @@ from neutron_lbaas.common.tls_utils import cert_parser
|
||||
from neutron_lbaas.services.loadbalancer import constants
|
||||
from neutron_lbaas.services.loadbalancer import data_models
|
||||
|
||||
CERT_MANAGER_PLUGIN = cert_manager.CERT_MANAGER_PLUGIN
|
||||
CERT_MANAGER_PLUGIN = cert_manager.get_backend()
|
||||
|
||||
PROTOCOL_MAP = {
|
||||
constants.PROTOCOL_TCP: 'tcp',
|
||||
|
@ -40,7 +40,7 @@ from neutron_lbaas.services.loadbalancer import agent_scheduler
|
||||
from neutron_lbaas.services.loadbalancer import constants as lb_const
|
||||
from neutron_lbaas.services.loadbalancer import data_models
|
||||
LOG = logging.getLogger(__name__)
|
||||
CERT_MANAGER_PLUGIN = neutron_lbaas.common.cert_manager.CERT_MANAGER_PLUGIN
|
||||
CERT_MANAGER_PLUGIN = neutron_lbaas.common.cert_manager.get_backend()
|
||||
|
||||
|
||||
def verify_lbaas_mutual_exclusion():
|
||||
|
@ -0,0 +1,44 @@
|
||||
# Copyright 2015 NEC Corporation. All rights reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from oslo_config import cfg
|
||||
|
||||
from neutron_lbaas.common import cert_manager
|
||||
from neutron_lbaas.common.cert_manager import barbican_cert_manager as bcm
|
||||
from neutron_lbaas.common.cert_manager import get_backend
|
||||
from neutron_lbaas.common.cert_manager import local_cert_manager as lcm
|
||||
from neutron_lbaas.tests import base
|
||||
|
||||
|
||||
class TestCertManager(base.BaseTestCase):
|
||||
|
||||
def setUp(self):
|
||||
cert_manager._CERT_MANAGER_PLUGIN = None
|
||||
super(TestCertManager, self).setUp()
|
||||
|
||||
def test_barbican_cert_manager(self):
|
||||
cfg.CONF.set_override(
|
||||
'cert_manager_type',
|
||||
'barbican',
|
||||
group='certificates')
|
||||
self.assertEqual(get_backend().CertManager,
|
||||
bcm.CertManager)
|
||||
|
||||
def test_local_cert_manager(self):
|
||||
cfg.CONF.set_override(
|
||||
'cert_manager_type',
|
||||
'local',
|
||||
group='certificates')
|
||||
self.assertEqual(get_backend().CertManager,
|
||||
lcm.CertManager)
|
@ -20,3 +20,4 @@ python-barbicanclient>=3.0.1
|
||||
pyasn1
|
||||
pyasn1-modules
|
||||
pyOpenSSL>=0.14
|
||||
stevedore>=1.5.0 # Apache-2.0
|
||||
|
@ -51,6 +51,9 @@ pool_schedulers =
|
||||
neutron.services.loadbalancer.agent_scheduler.LeastPoolAgentScheduler = neutron_lbaas.services.loadbalancer.agent_scheduler:LeastPoolAgentScheduler
|
||||
neutron.db.alembic_migrations =
|
||||
neutron-lbaas = neutron_lbaas.db.migration:alembic_migrations
|
||||
neutron_lbaas.cert_manager.backend =
|
||||
barbican = neutron_lbaas.common.cert_manager.barbican_cert_manager
|
||||
local = neutron_lbaas.common.cert_manager.local_cert_manager
|
||||
|
||||
[build_sphinx]
|
||||
all_files = 1
|
||||
|
Loading…
Reference in New Issue
Block a user