openstack/nova
Code Issues Proposed changes

conf: Move api options to a group

Browse Source 
Change-Id: Ida4ee57d6e1822e35e3198f6d3a89410e211d57d
Implements: bp centralize-config-options-ocata
This commit is contained in:
Maciej Szankin 2016-10-10 15:10:03 +02:00
parent 80306af88b
commit b7b282ed08
39 changed files with 217 additions and 150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
nova/api/auth.py
View File

@ -55,7 +55,7 @@ def pipeline_factory(loader, global_conf, **local_conf):
def pipeline_factory_v21(loader, global_conf, **local_conf):
"""A paste pipeline replica that keys off of auth_strategy."""
return _load_pipeline(loader, local_conf[CONF.auth_strategy].split())
return _load_pipeline(loader, local_conf[CONF.api.auth_strategy].split())
class InjectContext(wsgi.Middleware):
@ -82,7 +82,7 @@ class NovaKeystoneContext(wsgi.Middleware):
# Build a context, including the auth_token...
remote_address = req.remote_addr
if CONF.use_forwarded_for:
if CONF.api.use_forwarded_for:
remote_address = req.headers.get('X-Forwarded-For', remote_address)
service_catalog = None

8
nova/api/metadata/base.py
View File

@ -483,8 +483,8 @@ class InstanceMetadata(object):
# specified an old style driver here, then use that. This second
# bit can be removed once old style vendordata is fully deprecated
# and removed.
if (CONF.vendordata_providers and
'StaticJSON' in CONF.vendordata_providers):
if (CONF.api.vendordata_providers and
'StaticJSON' in CONF.api.vendordata_providers):
return jsonutils.dump_as_bytes(
self.vendordata_providers['StaticJSON'].get())
else:
@ -499,7 +499,7 @@ class InstanceMetadata(object):
self.set_mimetype(MIME_TYPE_APPLICATION_JSON)
j = {}
for provider in CONF.vendordata_providers:
for provider in CONF.api.vendordata_providers:
if provider == 'StaticJSON':
j['static'] = self.vendordata_providers['StaticJSON'].get()
else:
@ -576,7 +576,7 @@ class InstanceMetadata(object):
"""Yields (path, value) tuples for metadata elements."""
# EC2 style metadata
for version in VERSIONS + ["latest"]:
if version in CONF.config_drive_skip_versions.split(' '):
if version in CONF.api.config_drive_skip_versions.split(' '):
continue
data = self.get_ec2_metadata(version)

8
nova/api/metadata/handler.py
View File

@ -45,7 +45,7 @@ class MetadataRequestHandler(wsgi.Application):
def __init__(self):
self._cache = cache_utils.get_client(
expiration_time=CONF.metadata_cache_expiration)
expiration_time=CONF.api.metadata_cache_expiration)
if (CONF.neutron.service_metadata_proxy and
not CONF.neutron.metadata_proxy_shared_secret):
LOG.warning(_LW("metadata_proxy_shared_secret is not configured, "
@ -67,7 +67,7 @@ class MetadataRequestHandler(wsgi.Application):
except exception.NotFound:
return None
if CONF.metadata_cache_expiration > 0:
if CONF.api.metadata_cache_expiration > 0:
self._cache.set(cache_key, data)
return data
@ -84,7 +84,7 @@ class MetadataRequestHandler(wsgi.Application):
except exception.NotFound:
return None
if CONF.metadata_cache_expiration > 0:
if CONF.api.metadata_cache_expiration > 0:
self._cache.set(cache_key, data)
return data
@ -132,7 +132,7 @@ class MetadataRequestHandler(wsgi.Application):
def _handle_remote_ip_request(self, req):
remote_address = req.remote_addr
if CONF.use_forwarded_for:
if CONF.api.use_forwarded_for:
remote_address = req.headers.get('X-Forwarded-For', remote_address)
try:

10
nova/api/metadata/vendordata_dynamic.py
View File

@ -65,11 +65,11 @@ class DynamicVendorData(vendordata.VendorDataDriver):
# SSL verification
verify = url.startswith('https://')
if verify and CONF.vendordata_dynamic_ssl_certfile:
verify = CONF.vendordata_dynamic_ssl_certfile
if verify and CONF.api.vendordata_dynamic_ssl_certfile:
verify = CONF.api.vendordata_dynamic_ssl_certfile
timeout = (CONF.vendordata_dynamic_connect_timeout,
CONF.vendordata_dynamic_read_timeout)
timeout = (CONF.api.vendordata_dynamic_connect_timeout,
CONF.api.vendordata_dynamic_read_timeout)
res = requests.request('POST', url, data=jsonutils.dumps(body),
headers=headers, verify=verify,
@ -96,7 +96,7 @@ class DynamicVendorData(vendordata.VendorDataDriver):
def get(self):
j = {}
for target in CONF.vendordata_dynamic_targets:
for target in CONF.api.vendordata_dynamic_targets:
# NOTE(mikal): a target is composed of the following:
# name@url
# where name is the name to use in the metadata handed to

2
nova/api/metadata/vendordata_json.py
View File

@ -32,7 +32,7 @@ class JsonFileVendorData(vendordata.VendorDataDriver):
def __init__(self, *args, **kwargs):
super(JsonFileVendorData, self).__init__(*args, **kwargs)
data = {}
fpath = CONF.vendordata_jsonfile_path
fpath = CONF.api.vendordata_jsonfile_path
logprefix = "vendordata_jsonfile_path[%s]:" % fpath
if fpath:
try:

2
nova/api/openstack/auth.py
View File

@ -50,7 +50,7 @@ class NoAuthMiddlewareBase(base_wsgi.Middleware):
user_id, _sep, project_id = token.partition(':')
project_id = project_id or user_id
remote_address = getattr(req, 'remote_address', '127.0.0.1')
if CONF.use_forwarded_for:
if CONF.api.use_forwarded_for:
remote_address = req.headers.get('X-Forwarded-For', remote_address)
is_admin = always_admin or (user_id == 'admin')
ctx = context.RequestContext(user_id,

22
nova/api/openstack/common.py
View File

@ -227,7 +227,7 @@ def limited(items, request):
"""
params = get_pagination_params(request)
offset = params.get('offset', 0)
limit = CONF.osapi_max_limit
limit = CONF.api.max_limit
limit = min(limit, params.get('limit') or limit)
return items[offset:(offset + limit)]
@ -236,7 +236,7 @@ def limited(items, request):
def get_limit_and_marker(request):
"""Get limited parameter from request."""
params = get_pagination_params(request)
limit = CONF.osapi_max_limit
limit = CONF.api.max_limit
limit = min(limit, params.get('limit', limit))
marker = params.get('marker', None)
@ -351,7 +351,7 @@ def raise_http_conflict_for_instance_invalid_state(exc, action, server_id):
def check_snapshots_enabled(f):
@functools.wraps(f)
def inner(*args, **kwargs):
if not CONF.allow_instance_snapshots:
if not CONF.api.allow_instance_snapshots:
LOG.warning(_LW('Rejecting snapshot request, snapshots currently'
' disabled'))
msg = _("Instance snapshots are not permitted at this time.")
@ -433,15 +433,15 @@ class ViewBuilder(object):
id_key="uuid"):
"""Retrieve 'next' link, if applicable. This is included if:
1) 'limit' param is specified and equals the number of items.
2) 'limit' param is specified but it exceeds CONF.osapi_max_limit,
in this case the number of items is CONF.osapi_max_limit.
2) 'limit' param is specified but it exceeds CONF.api.max_limit,
in this case the number of items is CONF.api.max_limit.
3) 'limit' param is NOT specified but the number of items is
CONF.osapi_max_limit.
CONF.api.max_limit.
"""
links = []
max_items = min(
int(request.params.get("limit", CONF.osapi_max_limit)),
CONF.osapi_max_limit)
int(request.params.get("limit", CONF.api.max_limit)),
CONF.api.max_limit)
if max_items and max_items == len(items):
last_item = items[-1]
if id_key in last_item:
@ -468,12 +468,10 @@ class ViewBuilder(object):
return urlparse.urlunsplit(url_parts).rstrip('/')
def _update_glance_link_prefix(self, orig_url):
return self._update_link_prefix(orig_url,
CONF.osapi_glance_link_prefix)
return self._update_link_prefix(orig_url, CONF.api.glance_link_prefix)
def _update_compute_link_prefix(self, orig_url):
return self._update_link_prefix(orig_url,
CONF.osapi_compute_link_prefix)
return self._update_link_prefix(orig_url, CONF.api.compute_link_prefix)
def get_instance(compute_api, context, instance_id, expected_attrs=None):

2
nova/api/openstack/compute/evacuate.py
View File

@ -128,7 +128,7 @@ class EvacuateController(wsgi.Controller):
raise exc.HTTPBadRequest(explanation=e.format_message())
if (not api_version_request.is_supported(req, min_version='2.14') and
CONF.enable_instance_password):
CONF.api.enable_instance_password):
return {'adminPass': password}
else:
return None

4
nova/api/openstack/compute/fping.py
View File

@ -43,13 +43,13 @@ class FpingController(wsgi.Controller):
self.last_call = {}
def check_fping(self):
if not os.access(CONF.fping_path, os.X_OK):
if not os.access(CONF.api.fping_path, os.X_OK):
raise exc.HTTPServiceUnavailable(
explanation=_("fping utility is not found."))
@staticmethod
def fping(ips):
fping_ret = utils.execute(CONF.fping_path, *ips,
fping_ret = utils.execute(CONF.api.fping_path, *ips,
check_exit_code=False)
if not fping_ret:
return set()

2
nova/api/openstack/compute/hide_server_addresses.py
View File

@ -30,7 +30,7 @@ ALIAS = 'os-hide-server-addresses'
class Controller(wsgi.Controller):
def __init__(self, *args, **kwargs):
super(Controller, self).__init__(*args, **kwargs)
hidden_states = CONF.osapi_hide_server_address_states
hidden_states = CONF.api.hide_server_address_states
# NOTE(jkoelker) _ is not considered uppercase ;)
valid_vm_states = [getattr(vm_states, state)

8
nova/api/openstack/compute/quota_sets.py
View File

@ -143,10 +143,10 @@ class QuotaSetsController(wsgi.Controller):
quota_set = body['quota_set']
# NOTE(alex_xu): The CONF.enable_network_quota was deprecated due to
# it is only used by nova-network, and nova-network will be deprecated
# also. So when CONF.enable_newtork_quota is removed, the networks
# quota will disappeare also.
# NOTE(alex_xu): The CONF.enable_network_quota was deprecated
# due to it is only used by nova-network, and nova-network will be
# deprecated also. So when CONF.enable_newtork_quota is removed,
# the networks quota will disappeare also.
if not CONF.enable_network_quota and 'networks' in quota_set:
raise webob.exc.HTTPBadRequest(
explanation=_('The networks quota is disabled'))

2
nova/api/openstack/compute/rescue.py
View File

@ -77,7 +77,7 @@ class RescueController(wsgi.Controller):
raise exc.HTTPBadRequest(
explanation=non_rescuable.format_message())
if CONF.enable_instance_password:
if CONF.api.enable_instance_password:
return {'adminPass': password}
else:
return {}

4
nova/api/openstack/compute/servers.py
View File

@ -708,7 +708,7 @@ class ServersController(wsgi.Controller):
req.cache_db_instances(instances)
server = self._view_builder.create(req, instances[0])
if CONF.enable_instance_password:
if CONF.api.enable_instance_password:
server['server']['adminPass'] = password
robj = wsgi.ResponseObject(server)
@ -1032,7 +1032,7 @@ class ServersController(wsgi.Controller):
# Add on the admin_password attribute since the view doesn't do it
# unless instance passwords are disabled
if CONF.enable_instance_password:
if CONF.api.enable_instance_password:
view['server']['adminPass'] = password
robj = wsgi.ResponseObject(view)

4
nova/api/openstack/compute/tenant_networks.py
View File

@ -60,14 +60,14 @@ class TenantNetworkController(wsgi.Controller):
def _refresh_default_networks(self):
self._default_networks = []
if CONF.use_neutron_default_nets:
if CONF.api.use_neutron_default_nets:
try:
self._default_networks = self._get_default_networks()
except Exception:
LOG.exception(_LE("Failed to get default networks"))
def _get_default_networks(self):
project_id = CONF.neutron_default_tenant_id
project_id = CONF.api.neutron_default_tenant_id
ctx = nova_context.RequestContext(user_id=None,
project_id=project_id)
networks = {}

2
nova/api/openstack/placement/deploy.py
View File

@ -34,7 +34,7 @@ objects.register_all()
def deploy(conf, project_name):
"""Assemble the middleware pipeline leading to the placement app."""
if conf.auth_strategy == 'noauth2':
if conf.api.auth_strategy == 'noauth2':
auth_middleware = auth.NoAuthMiddleware
else:
# Do not provide global conf to middleware here.

137
nova/conf/api.py
View File

@ -15,10 +15,15 @@
from oslo_config import cfg
api_group = cfg.OptGroup('api', title='API options', help="""
Options under this group are used to define Nova API.
""")
auth_opts = [
cfg.StrOpt("auth_strategy",
default="keystone",
choices=("keystone", "noauth2"),
deprecated_group="default",
help="""
This determines the strategy to use for authentication: keystone or noauth2.
'noauth2' is designed for testing only, as it does no actual credential
@ -27,6 +32,7 @@ specified as the username.
"""),
cfg.BoolOpt("use_forwarded_for",
default=False,
deprecated_group="default",
help="""
When True, the 'X-Forwarded-For' header is treated as the canonical remote
address. When False (the default), the 'remote_address' header is used.
@ -39,6 +45,7 @@ metadata_opts = [
cfg.StrOpt("config_drive_skip_versions",
default=("1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 "
"2007-12-15 2008-02-01 2008-09-01"),
deprecated_group="default",
help="""
When gathering the existing metadata for a config drive, the EC2-style
metadata is returned for all versions that don't appear in this option.
@ -60,22 +67,10 @@ by a space.
Possible values:
* Any string that represents zero or more versions, separated by spaces.
"""),
cfg.StrOpt("vendordata_driver",
default="nova.api.metadata.vendordata_json.JsonFileVendorData",
deprecated_for_removal=True,
deprecated_since="13.0.0",
help="""
When returning instance metadata, this is the class that is used
for getting vendor metadata when that class isn't specified in the individual
request. The value should be the full dot-separated path to the class to use.
Possible values:
* Any valid dot-separated class path that can be imported.
"""),
cfg.ListOpt('vendordata_providers',
default=[],
deprecated_group="default",
help="""
A list of vendordata providers.
@ -109,6 +104,7 @@ Related options:
"""),
cfg.ListOpt('vendordata_dynamic_targets',
default=[],
deprecated_group="default",
help="""
A list of targets for the dynamic vendordata provider. These targets are of
the form <name>@<url>.
@ -119,6 +115,7 @@ is documented in the vendordata.rst file in the nova developer reference.
"""),
cfg.StrOpt('vendordata_dynamic_ssl_certfile',
default='',
deprecated_group="default",
help="""
Path to an optional certificate file or CA bundle to verify dynamic
vendordata REST services ssl certificates against.
@ -137,6 +134,7 @@ Related options:
cfg.IntOpt('vendordata_dynamic_connect_timeout',
default=5,
min=3,
deprecated_group="default",
help="""
Maximum wait time for an external REST service to connect.
@ -156,6 +154,7 @@ Related options:
cfg.IntOpt('vendordata_dynamic_read_timeout',
default=5,
min=0,
deprecated_group="default",
help="""
Maximum wait time for an external REST service to return data once connected.
@ -174,6 +173,7 @@ Related options:
cfg.IntOpt("metadata_cache_expiration",
default=15,
min=0,
deprecated_group="default",
help="""
This option is the time (in seconds) to cache metadata. When set to 0,
metadata caching is disabled entirely; this is generally not recommended for
@ -185,6 +185,7 @@ usage, and result in longer times for host metadata changes to take effect.
file_opts = [
cfg.StrOpt("vendordata_jsonfile_path",
deprecated_group="default",
help="""
Cloud providers may store custom data in vendor data file that will then be
available to the instances via the metadata service, and to the rendering of
@ -200,14 +201,18 @@ Possible values:
]
osapi_opts = [
cfg.IntOpt("osapi_max_limit",
cfg.IntOpt("max_limit",
default=1000,
min=0,
deprecated_group="default",
deprecated_name="osapi_max_limit",
help="""
As a query can potentially return many thousands of items, you can limit the
maximum number of items in a single response by setting this option.
"""),
cfg.StrOpt("osapi_compute_link_prefix",
cfg.StrOpt("compute_link_prefix",
deprecated_group="default",
deprecated_name="osapi_compute_link_prefix",
help="""
This string is prepended to the normal URL that is returned in links to the
OpenStack Compute API. If it is empty (the default), the URLs are returned
@ -217,7 +222,9 @@ Possible values:
* Any string, including an empty string (the default).
"""),
cfg.StrOpt("osapi_glance_link_prefix",
cfg.StrOpt("glance_link_prefix",
deprecated_group="default",
deprecated_name="osapi_glance_link_prefix",
help="""
This string is prepended to the normal URL that is returned in links to
Glance resources. If it is empty (the default), the URLs are returned
@ -232,6 +239,7 @@ Possible values:
allow_instance_snapshots_opts = [
cfg.BoolOpt("allow_instance_snapshots",
default=True,
deprecated_group="default",
help="""
Operators can turn off the ability for a user to take snapshots of their
instances by setting this option to False. When disabled, any attempt to
@ -244,8 +252,10 @@ take a snapshot will result in a HTTP 400 response ("Bad Request").
# is not likely to be changed, I'm copy/pasting it here.
BUILDING = "building" # VM only exists in DB
osapi_hide_opts = [
cfg.ListOpt("osapi_hide_server_address_states",
cfg.ListOpt("hide_server_address_states",
default=[BUILDING],
deprecated_group="default",
deprecated_name="osapi_hide_server_address_states",
help="""
This option is a list of all instance states for which network address
information should not be returned from the API.
@ -273,26 +283,14 @@ Possible values:
fping_path_opts = [
cfg.StrOpt("fping_path",
default="/usr/sbin/fping",
deprecated_group="default",
help="The full path to the fping binary.")
]
os_network_opts = [
cfg.BoolOpt("enable_network_quota",
deprecated_for_removal=True,
deprecated_since="14.0.0",
deprecated_reason="""
CRUD operations on tenant networks are only available when using nova-network
and nova-network is itself deprecated.""",
default=False,
help="""
This option is used to enable or disable quota checking for tenant networks.
Related options:
* quota_networks
"""),
cfg.BoolOpt("use_neutron_default_nets",
default=False,
deprecated_group="default",
help="""
When True, the TenantNetworkController will query the Neutron API to get the
default networks to use.
@ -303,6 +301,7 @@ Related options:
"""),
cfg.StrOpt("neutron_default_tenant_id",
default="default",
deprecated_group="default",
help="""
Tenant ID for getting the default network from Neutron API (also referred in
some places as the 'project ID') to use.
@ -311,15 +310,57 @@ Related options:
* use_neutron_default_nets
"""),
cfg.IntOpt("quota_networks",
deprecated_for_removal=True,
deprecated_since="14.0.0",
deprecated_reason="""
]
enable_inst_pw_opts = [
cfg.BoolOpt("enable_instance_password",
default=True,
deprecated_group="default",
help="""
Enables returning of the instance password by the relevant server API calls
such as create, rebuild, evacuate, or rescue. If the hypervisor does not
support password injection, then the password returned will not be correct,
so if your hypervisor does not support password injection, set this to False.
""")
]
deprecated_opts = [
cfg.StrOpt("vendordata_driver",
default="nova.api.metadata.vendordata_json.JsonFileVendorData",
deprecated_for_removal=True,
deprecated_since="13.0.0",
help="""
When returning instance metadata, this is the class that is used
for getting vendor metadata when that class isn't specified in the individual
request. The value should be the full dot-separated path to the class to use.
Possible values:
* Any valid dot-separated class path that can be imported.
"""),
cfg.BoolOpt("enable_network_quota",
deprecated_for_removal=True,
deprecated_since="14.0.0",
deprecated_reason="""
CRUD operations on tenant networks are only available when using nova-network
and nova-network is itself deprecated.""",
default=3,
min=0,
help="""
default=False,
help="""
This option is used to enable or disable quota checking for tenant networks.
Related options:
* quota_networks
"""),
cfg.IntOpt("quota_networks",
deprecated_for_removal=True,
deprecated_since="14.0.0",
deprecated_reason="""
CRUD operations on tenant networks are only available when using nova-network
and nova-network is itself deprecated.""",
default=3,
min=0,
help="""
This option controls the number of private networks that can be created per
project (or per tenant).
@ -329,17 +370,7 @@ Related options:
"""),
]
enable_inst_pw_opts = [
cfg.BoolOpt("enable_instance_password",
default=True,
help="""
Enables returning of the instance password by the relevant server API calls
such as create, rebuild, evacuate, or rescue. If the hypervisor does not
support password injection, then the password returned will not be correct,
so if your hypervisor does not support password injection, set this to False.
""")
]
ALL_OPTS = (auth_opts +
API_OPTS = (auth_opts +
metadata_opts +
file_opts +
osapi_opts +
@ -351,9 +382,11 @@ ALL_OPTS = (auth_opts +
def register_opts(conf):
conf.register_opts(ALL_OPTS)
conf.register_group(api_group)
conf.register_opts(API_OPTS, group=api_group)
conf.register_opts(deprecated_opts)
def list_opts():
# TODO(macsz) add opt group
return {"DEFAULT": ALL_OPTS}
return {api_group: API_OPTS,
'DEFAULT': deprecated_opts}

2
nova/tests/functional/api/openstack/placement/fixtures.py
View File

@ -47,7 +47,7 @@ class APIFixture(fixture.GabbiFixture):
self.output_stream_fixture.setUp()
self.conf = CONF
self.conf.set_override('auth_strategy', 'noauth2')
self.conf.set_override('auth_strategy', 'noauth2', group='api')
# Be explicit about all three database connections to avoid
# potential conflicts with config on disk.
self.conf.set_override('connection', "sqlite://", group='database')

2
nova/tests/functional/api/openstack/placement/test_report_client.py
View File

@ -48,7 +48,7 @@ class SchedulerReportClientTests(test.TestCase):
def setUp(self):
super(SchedulerReportClientTests, self).setUp()
self.flags(auth_strategy='noauth2')
self.flags(auth_strategy='noauth2', group='api')
self.app = lambda: deploy.loadapp(CONF)
self.client = NoAuthReportClient()

7
nova/tests/functional/api_sample_tests/api_sample_base.py
View File

@ -78,9 +78,10 @@ class ApiSampleTestBaseV21(testscenarios.WithScenarios,
]
def setUp(self):
self.flags(use_ipv6=False,
osapi_compute_link_prefix=self._get_host(),
osapi_glance_link_prefix=self._get_glance_host())
self.flags(use_ipv6=False)
self.flags(glance_link_prefix=self._get_glance_host(),
compute_link_prefix=self._get_host(),
group='api')
# load any additional fixtures specified by the scenario
for fix in self._additional_fixtures:

6
nova/tests/functional/api_sample_tests/test_hide_server_addresses.py
View File

@ -24,9 +24,9 @@ class ServersSampleHideAddressesJsonTest(test_servers.ServersSampleJsonTest):
sample_dir = 'os-hide-server-addresses'
def setUp(self):
# We override osapi_hide_server_address_states in order
# We override hide_server_address_states in order
# to have an example of in the json samples of the
# addresses being hidden
CONF.set_override("osapi_hide_server_address_states",
[vm_states.ACTIVE])
CONF.set_override("hide_server_address_states",
[vm_states.ACTIVE], group='api')
super(ServersSampleHideAddressesJsonTest, self).setUp()

9
nova/tests/functional/test_metadata.py
View File

@ -107,7 +107,8 @@ class MetadataTest(test.TestCase):
vendordata_dynamic_targets=[
'testing@http://127.0.0.1:123',
'hamster@http://127.0.0.1:123'
]
],
group='api'
)
self.useFixture(fixtures.MonkeyPatch('requests.request',
@ -130,7 +131,8 @@ class MetadataTest(test.TestCase):
vendordata_dynamic_targets=[
'testing@http://127.0.0.1:123',
'testing@http://127.0.0.1:124'
]
],
group='api'
)
self.useFixture(fixtures.MonkeyPatch('requests.request',
@ -156,7 +158,8 @@ class MetadataTest(test.TestCase):
vendordata_providers=['DynamicJSON'],
vendordata_dynamic_targets=[
'testing@http://127.0.0.1:125'
]
],
group='api'
)
self.useFixture(fixtures.MonkeyPatch('requests.request',

2
nova/tests/unit/api/openstack/compute/test_access_ips.py
View File

@ -91,7 +91,7 @@ class AccessIPsAPIValidationTestV21(test.TestCase):
def test_create_server_with_access_ip_pass_disabled(self):
# test with admin passwords disabled See lp bug 921814
self.flags(enable_instance_password=False)
self.flags(enable_instance_password=False, group='api')
params = {v4_key: '192.168.0.10',
v6_key: '2001:db8::9abc'}
res = self._test_create(params)

2
nova/tests/unit/api/openstack/compute/test_admin_password.py
View File

@ -139,7 +139,7 @@ class AdminPasswordTestV21(test.NoDBTestCase):
def test_server_change_password_pass_disabled(self):
# run with enable_instance_password disabled to verify adminPass
# is missing from response. See lp bug 921814
self.flags(enable_instance_password=False)
self.flags(enable_instance_password=False, group='api')
body = {'changePassword': {'adminPass': '1234pass'}}
res = self._get_action()(self.fake_req, '1', body=body)
self._check_status(202, res, self._get_action())

2
nova/tests/unit/api/openstack/compute/test_evacuate.py
View File

@ -222,7 +222,7 @@ class EvacuateTestV21(test.NoDBTestCase):
@mock.patch('nova.objects.Instance.save')
def _test_evacuate_enable_instance_password_conf(self, mock_save,
enable_pass):
self.flags(enable_instance_password=enable_pass)
self.flags(enable_instance_password=enable_pass, group='api')
res = self._get_evacuate_response({'host': 'underscore_hostname',
'onSharedStorage': 'False'})

7
nova/tests/unit/api/openstack/compute/test_flavors.py
View File

@ -100,8 +100,9 @@ class FlavorsTestV21(test.TestCase):
self.assertEqual(flavor, expected)
def test_get_flavor_with_custom_link_prefix(self):
self.flags(osapi_compute_link_prefix='http://zoo.com:42',
osapi_glance_link_prefix='http://circus.com:34')
self.flags(compute_link_prefix='http://zoo.com:42',
glance_link_prefix='http://circus.com:34',
group='api')
req = self.fake_request.blank(self._prefix + '/flavors/1')
flavor = self.controller.show(req, '1')
expected = {
@ -297,7 +298,7 @@ class FlavorsTestV21(test.TestCase):
def test_get_flavor_with_default_limit(self):
self.stubs.Set(common, "get_limit_and_marker",
fake_get_limit_and_marker)
self.flags(osapi_max_limit=1)
self.flags(max_limit=1, group='api')
req = fakes.HTTPRequest.blank('/v2/fake/flavors?limit=2')
response = self.controller.index(req)
response_list = response["flavors"]

5
nova/tests/unit/api/openstack/compute/test_images.py
View File

@ -152,8 +152,9 @@ class ImagesControllerTestV21(test.NoDBTestCase):
@mock.patch('nova.image.api.API.get', return_value=IMAGE_FIXTURES[1])
def test_get_image_with_custom_prefix(self, _get_mocked):
self.flags(osapi_compute_link_prefix='https://zoo.com:42',
osapi_glance_link_prefix='http://circus.com:34')
self.flags(compute_link_prefix='https://zoo.com:42',
glance_link_prefix='http://circus.com:34',
group='api')
fake_req = self.http_request.blank(self.url_base + 'images/124')
actual_image = self.controller.show(fake_req, '124')

6
nova/tests/unit/api/openstack/compute/test_multiple_create.py
View File

@ -46,8 +46,8 @@ class MultiCreateExtensionTestV21(test.TestCase):
"""Shared implementation for tests below that create instance."""
super(MultiCreateExtensionTestV21, self).setUp()
self.flags(verbose=True,
enable_instance_password=True)
self.flags(verbose=True)
self.flags(enable_instance_password=True, group='api')
self.instance_cache_num = 0
self.instance_cache_by_id = {}
self.instance_cache_by_uuid = {}
@ -352,7 +352,7 @@ class MultiCreateExtensionTestV21(test.TestCase):
"""Test creating multiple instances but not asking for
reservation_id
"""
self.flags(enable_instance_password=False)
self.flags(enable_instance_password=False, group='api')
image_href = '76fa36fc-c930-4bf3-8c8a-ea2a2420deb6'
flavor_ref = 'http://localhost/123/flavors/3'
body = {

2
nova/tests/unit/api/openstack/compute/test_rescue.py
View File

@ -207,7 +207,7 @@ class RescueTestV21(test.NoDBTestCase):
self.assertEqual(CONF.password_length, len(resp['adminPass']))
def test_rescue_disable_password(self):
self.flags(enable_instance_password=False)
self.flags(enable_instance_password=False, group='api')
body = dict(rescue=None)
resp_json = self.controller._rescue(self.fake_req, UUID, body=body)
self.assertNotIn('adminPass', resp_json)

9
nova/tests/unit/api/openstack/compute/test_server_actions.py
View File

@ -89,7 +89,8 @@ class ServerActionsControllerTestV21(test.TestCase):
fakes.stub_out_compute_api_snapshot(self.stubs)
fake.stub_out_image_service(self)
self.flags(allow_instance_snapshots=True,
enable_instance_password=True)
enable_instance_password=True,
group='api')
self._image_href = '155d900f-4e14-4e4c-a73d-069cbf4541e6'
self.controller = self._get_controller()
@ -354,7 +355,7 @@ class ServerActionsControllerTestV21(test.TestCase):
def test_rebuild_accepted_minimum_pass_disabled(self):
# run with enable_instance_password disabled to verify adminPass
# is missing from response. See lp bug 921814
self.flags(enable_instance_password=False)
self.flags(enable_instance_password=False, group='api')
return_server = fakes.fake_instance_get(image_ref='2',
vm_state=vm_states.ACTIVE, host='fake_host')
@ -470,7 +471,7 @@ class ServerActionsControllerTestV21(test.TestCase):
def test_rebuild_admin_pass_pass_disabled(self):
# run with enable_instance_password disabled to verify adminPass
# is missing from response. See lp bug 921814
self.flags(enable_instance_password=False)
self.flags(enable_instance_password=False, group='api')
return_server = fakes.fake_instance_get(image_ref='2',
vm_state=vm_states.ACTIVE, host='fake_host')
@ -1103,7 +1104,7 @@ class ServerActionsControllerTestV21(test.TestCase):
"""Don't permit a snapshot if the allow_instance_snapshots flag is
False
"""
self.flags(allow_instance_snapshots=False)
self.flags(allow_instance_snapshots=False, group='api')
body = {
'createImage': {
'name': 'Snapshot 1',

16
nova/tests/unit/api/openstack/compute/test_serversV21.py
View File

@ -2359,8 +2359,8 @@ class ServersControllerCreateTest(test.TestCase):
"""Shared implementation for tests below that create instance."""
super(ServersControllerCreateTest, self).setUp()
self.flags(verbose=True,
enable_instance_password=True)
self.flags(verbose=True)
self.flags(enable_instance_password=True, group='api')
self.instance_cache_num = 0
self.instance_cache_by_id = {}
self.instance_cache_by_uuid = {}
@ -2744,9 +2744,9 @@ class ServersControllerCreateTest(test.TestCase):
def test_create_instance_with_pass_disabled(self):
# test with admin passwords disabled See lp bug 921814
self.flags(enable_instance_password=False)
self.flags(enable_instance_password=False, group='api')
self.flags(enable_instance_password=False)
self.flags(enable_instance_password=False, group='api')
self.req.body = jsonutils.dump_as_bytes(self.body)
res = self.controller.create(self.req, body=self.body).obj
@ -2853,7 +2853,7 @@ class ServersControllerCreateTest(test.TestCase):
self.controller.create, req, body=body)
def test_create_instance_pass_disabled(self):
self.flags(enable_instance_password=False)
self.flags(enable_instance_password=False, group='api')
self.req.body = jsonutils.dump_as_bytes(self.body)
res = self.controller.create(self.req, body=self.body).obj
@ -3016,7 +3016,7 @@ class ServersControllerCreateTest(test.TestCase):
self.body['server']['adminPass'])
def test_create_instance_admin_password_pass_disabled(self):
self.flags(enable_instance_password=False)
self.flags(enable_instance_password=False, group='api')
self.body['server']['flavorRef'] = 3
self.body['server']['adminPass'] = 'testpass'
self.req.body = jsonutils.dump_as_bytes(self.body)
@ -3621,8 +3621,8 @@ class ServersControllerCreateTestWithMock(test.TestCase):
"""Shared implementation for tests below that create instance."""
super(ServersControllerCreateTestWithMock, self).setUp()
self.flags(verbose=True,
enable_instance_password=True)
self.flags(verbose=True)
self.flags(enable_instance_password=True, group='api')
self.instance_cache_num = 0
self.instance_cache_by_id = {}
self.instance_cache_by_uuid = {}

9
nova/tests/unit/api/openstack/compute/test_tenant_networks.py
View File

@ -50,7 +50,7 @@ DEFAULT_NETWORK = [
NETWORKS_WITH_DEFAULT_NET = copy.deepcopy(NETWORKS)
NETWORKS_WITH_DEFAULT_NET.extend(DEFAULT_NETWORK)
DEFAULT_TENANT_ID = CONF.neutron_default_tenant_id
DEFAULT_TENANT_ID = CONF.api.neutron_default_tenant_id
def fake_network_api_get_all(context):
@ -69,11 +69,12 @@ class TenantNetworksTestV21(test.NoDBTestCase):
self.controller = self.ctrlr()
self.flags(enable_network_quota=True)
self.req = fakes.HTTPRequest.blank('')
self.original_value = CONF.use_neutron_default_nets
self.original_value = CONF.api.use_neutron_default_nets
def tearDown(self):
super(TenantNetworksTestV21, self).tearDown()
CONF.set_override("use_neutron_default_nets", self.original_value)
CONF.set_override("use_neutron_default_nets", self.original_value,
group='api')
def _fake_network_api_create(self, context, **kwargs):
self.assertEqual(context.project_id, kwargs['project_id'])
@ -159,7 +160,7 @@ class TenantNetworksTestV21(test.NoDBTestCase):
@mock.patch('nova.network.api.API.get_all')
def _test_network_index(self, get_all_mock, default_net=True):
CONF.set_override("use_neutron_default_nets", default_net)
CONF.set_override("use_neutron_default_nets", default_net, group='api')
get_all_mock.side_effect = fake_network_api_get_all
expected = NETWORKS

4
nova/tests/unit/api/openstack/compute/test_user_data.py
View File

@ -53,8 +53,8 @@ class ServersControllerCreateTest(test.TestCase):
"""Shared implementation for tests below that create instance."""
super(ServersControllerCreateTest, self).setUp()
self.flags(verbose=True,
enable_instance_password=True)
self.flags(verbose=True)
self.flags(enable_instance_password=True, group='api')
self.instance_cache_num = 0
self.instance_cache_by_id = {}
self.instance_cache_by_uuid = {}

2
nova/tests/unit/api/openstack/compute/test_versions.py
View File

@ -383,7 +383,7 @@ class VersionsViewBuilderTests(test.NoDBTestCase):
self.assertEqual(expected, output)
def test_view_builder_with_osapi_compute_link_prefix(self):
self.flags(osapi_compute_link_prefix='http://zoo.com:42')
self.flags(compute_link_prefix='http://zoo.com:42', group='api')
href = "http://zoo.com:42/v2.1/"
self._test_view_builder_osapi_compute_link_prefix(href)

6
nova/tests/unit/api/openstack/test_common.py
View File

@ -134,7 +134,7 @@ class LimiterTest(test.NoDBTestCase):
def test_limiter_custom_max_limit(self):
# Test a max_limit other than 1000.
max_limit = 2000
self.flags(osapi_max_limit=max_limit)
self.flags(max_limit=max_limit, group='api')
items = range(max_limit)
req = webob.Request.blank('/?offset=1&limit=3')
self.assertEqual(
@ -494,7 +494,7 @@ class TestCollectionLinks(test.NoDBTestCase):
req = mock.MagicMock()
params = mock.PropertyMock(return_value=dict())
type(req).params = params
self.flags(osapi_max_limit=1)
self.flags(max_limit=1, group='api')
builder = common.ViewBuilder()
results = builder._get_collection_links(req, items,
@ -514,7 +514,7 @@ class TestCollectionLinks(test.NoDBTestCase):
# Given limit is greater than default max, only return default max
params = mock.PropertyMock(return_value=dict(limit=2))
type(req).params = params
self.flags(osapi_max_limit=1)
self.flags(max_limit=1, group='api')
builder = common.ViewBuilder()
results = builder._get_collection_links(req, items,

2
nova/tests/unit/api/test_auth.py
View File

@ -142,7 +142,7 @@ class TestPipeLineFactory(test.NoDBTestCase):
def test_pipeline_factory_v21(self):
fake_pipeline = 'test1 test2 test3'
CONF.set_override('auth_strategy', 'noauth2')
CONF.set_override('auth_strategy', 'noauth2', group='api')
app = nova.api.auth.pipeline_factory_v21(
TestPipeLineFactory.FakeLoader(), None, noauth2=fake_pipeline)
self._test_pipeline(fake_pipeline, app)

2
nova/tests/unit/conf_fixture.py
View File

@ -46,7 +46,7 @@ class ConfFixture(config_fixture.Config):
self.conf.set_default('num_networks', 2)
self.conf.set_default('use_ipv6', True)
self.conf.set_default('vlan_interface', 'eth0')
self.conf.set_default('auth_strategy', 'noauth2')
self.conf.set_default('auth_strategy', 'noauth2', group='api')
config.parse_args([], default_config_files=[], configure_db=False,
init_rpc=False)
self.conf.set_default('connection', "sqlite://", group='database')

2
nova/tests/unit/image/test_glance.py
View File

@ -341,7 +341,7 @@ class TestGetImageService(test.NoDBTestCase):
class TestCreateGlanceClient(test.NoDBTestCase):
@mock.patch('glanceclient.Client')
def test_headers_passed_glanceclient(self, init_mock):
self.flags(auth_strategy='keystone')
self.flags(auth_strategy='keystone', group='api')
auth_token = 'token'
ctx = context.RequestContext('fake', 'fake', auth_token=auth_token)

16
nova/tests/unit/test_metadata.py
View File

@ -844,7 +844,8 @@ class OpenStackMetadataTestCase(test.TestCase):
self.flags(vendordata_providers=['StaticJSON', 'DynamicJSON'],
vendordata_jsonfile_path=jsonfile,
vendordata_dynamic_targets=[
'web@http://fake.com/foobar']
'web@http://fake.com/foobar'],
group='api'
)
inst = self.instance.obj_clone()
@ -907,7 +908,8 @@ class OpenStackMetadataTestCase(test.TestCase):
self.flags(vendordata_providers=['StaticJSON', 'DynamicJSON'],
vendordata_jsonfile_path=jsonfile,
vendordata_dynamic_targets=[
'web@http://fake.com/foobar']
'web@http://fake.com/foobar'],
group='api'
)
inst = self.instance.obj_clone()
@ -1084,7 +1086,7 @@ class MetadataHandlerTestCase(test.TestCase):
raise Exception("Expected addr of %s, got %s" %
(expected_addr, address))
self.flags(use_forwarded_for=True)
self.flags(use_forwarded_for=True, group='api')
response = fake_request(self, self.mdinst,
relpath="/2009-04-04/user-data",
address="168.168.168.1",
@ -1284,7 +1286,7 @@ class MetadataHandlerTestCase(test.TestCase):
def test_metadata_handler_with_instance_id(self, get_by_uuid):
# test twice to ensure that the cache works
get_by_uuid.return_value = self.mdinst
self.flags(metadata_cache_expiration=15)
self.flags(metadata_cache_expiration=15, group='api')
hnd = handler.MetadataRequestHandler()
self._metadata_handler_with_instance_id(hnd)
self._metadata_handler_with_instance_id(hnd)
@ -1294,7 +1296,7 @@ class MetadataHandlerTestCase(test.TestCase):
def test_metadata_handler_with_instance_id_no_cache(self, get_by_uuid):
# test twice to ensure that disabling the cache works
get_by_uuid.return_value = self.mdinst
self.flags(metadata_cache_expiration=0)
self.flags(metadata_cache_expiration=0, group='api')
hnd = handler.MetadataRequestHandler()
self._metadata_handler_with_instance_id(hnd)
self._metadata_handler_with_instance_id(hnd)
@ -1315,7 +1317,7 @@ class MetadataHandlerTestCase(test.TestCase):
def test_metadata_handler_with_remote_address(self, get_by_uuid):
# test twice to ensure that the cache works
get_by_uuid.return_value = self.mdinst
self.flags(metadata_cache_expiration=15)
self.flags(metadata_cache_expiration=15, group='api')
hnd = handler.MetadataRequestHandler()
self._metadata_handler_with_remote_address(hnd)
self._metadata_handler_with_remote_address(hnd)
@ -1325,7 +1327,7 @@ class MetadataHandlerTestCase(test.TestCase):
def test_metadata_handler_with_remote_address_no_cache(self, get_by_uuid):
# test twice to ensure that disabling the cache works
get_by_uuid.return_value = self.mdinst
self.flags(metadata_cache_expiration=0)
self.flags(metadata_cache_expiration=0, group='api')
hnd = handler.MetadataRequestHandler()
self._metadata_handler_with_remote_address(hnd)
self._metadata_handler_with_remote_address(hnd)

26
releasenotes/notes/add-api-config-to-api-group-af20a57a9e3e1b85.yaml Normal file
View File

@ -0,0 +1,26 @@
---
upgrade:
- |
API configuration options have been moved to the 'api' group. They
should no longer be included in the 'DEFAULT' group. Options affected by
this change:
* ``auth_strategy``
* ``use_forwarded_for``
* ``config_drive_skip_versions``
* ``vendordata_providers``
* ``vendordata_dynamic_targets``
* ``vendordata_dynamic_ssl_certfile``
* ``vendordata_dynamic_connect_timeout``
* ``vendordata_dynamic_read_timeout``
* ``metadata_cache_expiration``
* ``vendordata_jsonfile_path``
* ``max_limit`` (was ``osapi_max_limit``)
* ``compute_link_prefix`` (was ``osapi_compute_link_prefix``)
* ``glance_link_prefix`` (was ``osapi_glance_link_prefix``)
* ``allow_instance_snapshots``
* ``hide_server_address_states`` (was ``osapi_hide_server_address_states``)
* ``fping_path``
* ``use_neutron_default_nets``
* ``neutron_default_tenant_id``
* ``enable_instance_password``