Adds a parameter to specify endpoint type
When getting a service catalog from keystone there might be multiple endpoint types. Adds new parameters to specify the endpoint type to use in each of the new neutron/nova groups. Nova config attributes are removed as the endpoint would be retrieved from the service catalog with respective endpoint_type and corresponding roles would define nova access. CONFIG is added as needed and cfg being removed. Change-Id: Ie01bd6967eb2003dbe4f7a11ffe8e20a16aa83f5
This commit is contained in:
parent
25bcbc1cc1
commit
22097dc88f
|
@ -11,10 +11,6 @@
|
||||||
#
|
#
|
||||||
# octavia_plugins = hot_plug_plugin
|
# octavia_plugins = hot_plug_plugin
|
||||||
|
|
||||||
# Region in Identity service catalog to use for communication with the OpenStack services.
|
|
||||||
#
|
|
||||||
# os_region_name =
|
|
||||||
|
|
||||||
# Hostname to be used by the host machine for services running on it.
|
# Hostname to be used by the host machine for services running on it.
|
||||||
# The default value is the hostname of the host machine.
|
# The default value is the hostname of the host machine.
|
||||||
# host =
|
# host =
|
||||||
|
@ -220,8 +216,22 @@
|
||||||
# Custom nova endpoint if override is necessary
|
# Custom nova endpoint if override is necessary
|
||||||
# endpoint =
|
# endpoint =
|
||||||
|
|
||||||
|
# Region in Identity service catalog to use for communication with the OpenStack services.
|
||||||
|
# region_name =
|
||||||
|
|
||||||
|
# Endpoint type in Identity service catalog to use for communication with
|
||||||
|
# the OpenStack services.
|
||||||
|
# endpoint_type = publicURL
|
||||||
|
|
||||||
[neutron]
|
[neutron]
|
||||||
# The name of the neutron service in the keystone catalog
|
# The name of the neutron service in the keystone catalog
|
||||||
# service_name =
|
# service_name =
|
||||||
# Custom neutron endpoint if override is necessary
|
# Custom neutron endpoint if override is necessary
|
||||||
# endpoint =
|
# endpoint =
|
||||||
|
|
||||||
|
# Region in Identity service catalog to use for communication with the OpenStack services.
|
||||||
|
# region_name =
|
||||||
|
|
||||||
|
# Endpoint type in Identity service catalog to use for communication with
|
||||||
|
# the OpenStack services.
|
||||||
|
# endpoint_type = publicURL
|
||||||
|
|
|
@ -27,18 +27,21 @@ class NovaAuth(object):
|
||||||
nova_client = None
|
nova_client = None
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def get_nova_client(cls, region, service_name=None, endpoint=None):
|
def get_nova_client(cls, region, service_name=None, endpoint=None,
|
||||||
|
endpoint_type='publicURL'):
|
||||||
"""Create nova client object.
|
"""Create nova client object.
|
||||||
|
|
||||||
:param region: The region of the service
|
:param region: The region of the service
|
||||||
:param service_name: The name of the nova service in the catalog
|
:param service_name: The name of the nova service in the catalog
|
||||||
:param endpoint: The endpoint of the service
|
:param endpoint: The endpoint of the service
|
||||||
|
:param endpoint_type: The type of the endpoint
|
||||||
:return: a Nova Client object.
|
:return: a Nova Client object.
|
||||||
:raises Exception: if the client cannot be created
|
:raises Exception: if the client cannot be created
|
||||||
"""
|
"""
|
||||||
if not cls.nova_client:
|
if not cls.nova_client:
|
||||||
kwargs = {'region_name': region,
|
kwargs = {'region_name': region,
|
||||||
'session': keystone.get_session()}
|
'session': keystone.get_session(),
|
||||||
|
'endpoint_type': endpoint_type}
|
||||||
if service_name:
|
if service_name:
|
||||||
kwargs['service_name'] = service_name
|
kwargs['service_name'] = service_name
|
||||||
if endpoint:
|
if endpoint:
|
||||||
|
@ -56,18 +59,21 @@ class NeutronAuth(object):
|
||||||
neutron_client = None
|
neutron_client = None
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def get_neutron_client(cls, region, service_name=None, endpoint=None):
|
def get_neutron_client(cls, region, service_name=None, endpoint=None,
|
||||||
|
endpoint_type='publicURL'):
|
||||||
"""Create neutron client object.
|
"""Create neutron client object.
|
||||||
|
|
||||||
:param region: The region of the service
|
:param region: The region of the service
|
||||||
:param service_name: The name of the neutron service in the catalog
|
:param service_name: The name of the neutron service in the catalog
|
||||||
:param endpoint: The endpoint of the service
|
:param endpoint: The endpoint of the service
|
||||||
|
:param endpoint_type: The endpoint_type of the service
|
||||||
:return: a Neutron Client object.
|
:return: a Neutron Client object.
|
||||||
:raises Exception: if the client cannot be created
|
:raises Exception: if the client cannot be created
|
||||||
"""
|
"""
|
||||||
if not cls.neutron_client:
|
if not cls.neutron_client:
|
||||||
kwargs = {'region_name': region,
|
kwargs = {'region_name': region,
|
||||||
'session': keystone.get_session()}
|
'session': keystone.get_session(),
|
||||||
|
'endpoint_type': endpoint_type}
|
||||||
if service_name:
|
if service_name:
|
||||||
kwargs['service_name'] = service_name
|
kwargs['service_name'] = service_name
|
||||||
if endpoint:
|
if endpoint:
|
||||||
|
|
|
@ -54,27 +54,6 @@ core_opts = [
|
||||||
"means no limit")),
|
"means no limit")),
|
||||||
cfg.StrOpt('host', default=utils.get_hostname(),
|
cfg.StrOpt('host', default=utils.get_hostname(),
|
||||||
help=_("The hostname Octavia is running on")),
|
help=_("The hostname Octavia is running on")),
|
||||||
cfg.StrOpt('nova_url',
|
|
||||||
default='http://127.0.0.1:8774/v2',
|
|
||||||
help=_('URL for connection to nova')),
|
|
||||||
cfg.StrOpt('nova_admin_username',
|
|
||||||
help=_('Username for connecting to nova in admin context')),
|
|
||||||
cfg.StrOpt('nova_admin_password',
|
|
||||||
help=_('Password for connection to nova in admin context'),
|
|
||||||
secret=True),
|
|
||||||
cfg.StrOpt('nova_admin_tenant_id',
|
|
||||||
help=_('The uuid of the admin nova tenant')),
|
|
||||||
cfg.StrOpt('nova_admin_auth_url',
|
|
||||||
default='http://localhost:5000/v2.0',
|
|
||||||
help=_('Authorization URL for connecting to nova in admin '
|
|
||||||
'context')),
|
|
||||||
cfg.StrOpt('nova_ca_certificates_file',
|
|
||||||
help=_('CA file for novaclient to verify server certificates')),
|
|
||||||
cfg.BoolOpt('nova_api_insecure', default=False,
|
|
||||||
help=_("If True, ignore any SSL validation issues")),
|
|
||||||
cfg.StrOpt('os_region_name',
|
|
||||||
help=_('Region in Identity service catalog to use for '
|
|
||||||
'communication with the OpenStack services.')),
|
|
||||||
cfg.StrOpt('octavia_plugins',
|
cfg.StrOpt('octavia_plugins',
|
||||||
default='hot_plug_plugin',
|
default='hot_plug_plugin',
|
||||||
help=_('Name of the controller plugin to use'))
|
help=_('Name of the controller plugin to use'))
|
||||||
|
@ -357,7 +336,12 @@ nova_opts = [
|
||||||
cfg.StrOpt('service_name',
|
cfg.StrOpt('service_name',
|
||||||
help=_('The name of the nova service in the keystone catalog')),
|
help=_('The name of the nova service in the keystone catalog')),
|
||||||
cfg.StrOpt('endpoint', help=_('A new endpoint to override the endpoint '
|
cfg.StrOpt('endpoint', help=_('A new endpoint to override the endpoint '
|
||||||
'in the keystone catalog.'))
|
'in the keystone catalog.')),
|
||||||
|
cfg.StrOpt('region_name',
|
||||||
|
help=_('Region in Identity service catalog to use for '
|
||||||
|
'communication with the OpenStack services.')),
|
||||||
|
cfg.StrOpt('endpoint_type', default='publicURL',
|
||||||
|
help=_('Endpoint interface in identity service to use')),
|
||||||
]
|
]
|
||||||
|
|
||||||
neutron_opts = [
|
neutron_opts = [
|
||||||
|
@ -365,7 +349,12 @@ neutron_opts = [
|
||||||
help=_('The name of the neutron service in the '
|
help=_('The name of the neutron service in the '
|
||||||
'keystone catalog')),
|
'keystone catalog')),
|
||||||
cfg.StrOpt('endpoint', help=_('A new endpoint to override the endpoint '
|
cfg.StrOpt('endpoint', help=_('A new endpoint to override the endpoint '
|
||||||
'in the keystone catalog.'))
|
'in the keystone catalog.')),
|
||||||
|
cfg.StrOpt('region_name',
|
||||||
|
help=_('Region in Identity service catalog to use for '
|
||||||
|
'communication with the OpenStack services.')),
|
||||||
|
cfg.StrOpt('endpoint_type', default='publicURL',
|
||||||
|
help=_('Endpoint interface in identity service to use')),
|
||||||
]
|
]
|
||||||
|
|
||||||
# Register the configuration options
|
# Register the configuration options
|
||||||
|
|
|
@ -28,6 +28,7 @@ LOG = logging.getLogger(__name__)
|
||||||
CONF = cfg.CONF
|
CONF = cfg.CONF
|
||||||
CONF.import_group('keystone_authtoken', 'octavia.common.config')
|
CONF.import_group('keystone_authtoken', 'octavia.common.config')
|
||||||
CONF.import_group('networking', 'octavia.common.config')
|
CONF.import_group('networking', 'octavia.common.config')
|
||||||
|
CONF.import_group('nova', 'octavia.common.config')
|
||||||
|
|
||||||
|
|
||||||
class VirtualMachineManager(compute_base.ComputeBase):
|
class VirtualMachineManager(compute_base.ComputeBase):
|
||||||
|
@ -36,9 +37,10 @@ class VirtualMachineManager(compute_base.ComputeBase):
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
super(VirtualMachineManager, self).__init__()
|
super(VirtualMachineManager, self).__init__()
|
||||||
# Must initialize nova api
|
# Must initialize nova api
|
||||||
region = CONF.os_region_name
|
|
||||||
self._nova_client = clients.NovaAuth.get_nova_client(
|
self._nova_client = clients.NovaAuth.get_nova_client(
|
||||||
region, endpoint=CONF.nova.endpoint)
|
endpoint=CONF.nova.endpoint,
|
||||||
|
region=CONF.nova.region_name,
|
||||||
|
endpoint_type=CONF.nova.endpoint_type)
|
||||||
self.manager = self._nova_client.servers
|
self.manager = self._nova_client.servers
|
||||||
|
|
||||||
def build(self, name="amphora_name", amphora_flavor=None, image_id=None,
|
def build(self, name="amphora_name", amphora_flavor=None, image_id=None,
|
||||||
|
|
|
@ -34,6 +34,11 @@ AAP_EXT_ALIAS = 'allowed-address-pairs'
|
||||||
VIP_SECURITY_GRP_PREFIX = 'lb-'
|
VIP_SECURITY_GRP_PREFIX = 'lb-'
|
||||||
OCTAVIA_OWNER = 'Octavia'
|
OCTAVIA_OWNER = 'Octavia'
|
||||||
|
|
||||||
|
CONF = cfg.CONF
|
||||||
|
CONF.import_group('nova', 'octavia.common.config')
|
||||||
|
CONF.import_group('controller_worker', 'octavia.common.config')
|
||||||
|
CONF.import_group('networking', 'octavia.common.config')
|
||||||
|
|
||||||
|
|
||||||
class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
|
class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
|
||||||
|
|
||||||
|
@ -41,8 +46,11 @@ class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
|
||||||
super(AllowedAddressPairsDriver, self).__init__()
|
super(AllowedAddressPairsDriver, self).__init__()
|
||||||
self._check_aap_loaded()
|
self._check_aap_loaded()
|
||||||
self.nova_client = clients.NovaAuth.get_nova_client(
|
self.nova_client = clients.NovaAuth.get_nova_client(
|
||||||
cfg.CONF.os_region_name, service_name=cfg.CONF.nova.service_name,
|
endpoint=CONF.nova.endpoint,
|
||||||
endpoint=cfg.CONF.nova.endpoint)
|
region=CONF.nova.region_name,
|
||||||
|
endpoint_type=CONF.nova.endpoint_type,
|
||||||
|
service_name=CONF.nova.service_name,
|
||||||
|
)
|
||||||
|
|
||||||
def _check_aap_loaded(self):
|
def _check_aap_loaded(self):
|
||||||
aliases = [ext.get('alias') for ext in self._extensions]
|
aliases = [ext.get('alias') for ext in self._extensions]
|
||||||
|
@ -131,7 +139,7 @@ class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
|
||||||
|
|
||||||
# Currently we are using the VIP network for VRRP
|
# Currently we are using the VIP network for VRRP
|
||||||
# so we need to open up the protocols for it
|
# so we need to open up the protocols for it
|
||||||
if (cfg.CONF.controller_worker.loadbalancer_topology ==
|
if (CONF.controller_worker.loadbalancer_topology ==
|
||||||
constants.TOPOLOGY_ACTIVE_STANDBY):
|
constants.TOPOLOGY_ACTIVE_STANDBY):
|
||||||
try:
|
try:
|
||||||
self._create_security_group_rule(
|
self._create_security_group_rule(
|
||||||
|
@ -178,7 +186,7 @@ class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
|
||||||
a neutron port does not happen immediately.
|
a neutron port does not happen immediately.
|
||||||
"""
|
"""
|
||||||
attempts = 0
|
attempts = 0
|
||||||
while attempts <= cfg.CONF.networking.max_retries:
|
while attempts <= CONF.networking.max_retries:
|
||||||
try:
|
try:
|
||||||
self.neutron_client.delete_security_group(sec_grp)
|
self.neutron_client.delete_security_group(sec_grp)
|
||||||
LOG.info(_LI("Deleted security group %s"), sec_grp)
|
LOG.info(_LI("Deleted security group %s"), sec_grp)
|
||||||
|
@ -192,7 +200,7 @@ class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
|
||||||
"%(sg)s failed."),
|
"%(sg)s failed."),
|
||||||
{'attempt': attempts + 1, 'sg': sec_grp})
|
{'attempt': attempts + 1, 'sg': sec_grp})
|
||||||
attempts += 1
|
attempts += 1
|
||||||
time.sleep(cfg.CONF.networking.retry_interval)
|
time.sleep(CONF.networking.retry_interval)
|
||||||
message = _LE("All attempts to remove security group {0} have "
|
message = _LE("All attempts to remove security group {0} have "
|
||||||
"failed.").format(sec_grp)
|
"failed.").format(sec_grp)
|
||||||
LOG.exception(message)
|
LOG.exception(message)
|
||||||
|
|
|
@ -27,15 +27,20 @@ from octavia.network.drivers.neutron import utils
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
SEC_GRP_EXT_ALIAS = 'security-group'
|
SEC_GRP_EXT_ALIAS = 'security-group'
|
||||||
|
|
||||||
|
CONF = cfg.CONF
|
||||||
|
CONF.import_group('neutron', 'octavia.common.config')
|
||||||
|
|
||||||
|
|
||||||
class BaseNeutronDriver(base.AbstractNetworkDriver):
|
class BaseNeutronDriver(base.AbstractNetworkDriver):
|
||||||
|
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
self.sec_grp_enabled = True
|
self.sec_grp_enabled = True
|
||||||
self.neutron_client = clients.NeutronAuth.get_neutron_client(
|
self.neutron_client = clients.NeutronAuth.get_neutron_client(
|
||||||
cfg.CONF.os_region_name,
|
endpoint=CONF.neutron.endpoint,
|
||||||
service_name=cfg.CONF.neutron.service_name,
|
region=CONF.neutron.region_name,
|
||||||
endpoint=cfg.CONF.neutron.endpoint)
|
endpoint_type=CONF.neutron.endpoint_type,
|
||||||
|
service_name=CONF.neutron.service_name
|
||||||
|
)
|
||||||
extensions = self.neutron_client.list_extensions()
|
extensions = self.neutron_client.list_extensions()
|
||||||
self._extensions = extensions.get('extensions')
|
self._extensions = extensions.get('extensions')
|
||||||
self._check_sec_grps()
|
self._check_sec_grps()
|
||||||
|
|
|
@ -127,7 +127,7 @@ class NoopManager(object):
|
||||||
|
|
||||||
|
|
||||||
class NoopNetworkDriver(driver_base.AbstractNetworkDriver):
|
class NoopNetworkDriver(driver_base.AbstractNetworkDriver):
|
||||||
def __init__(self, region=None):
|
def __init__(self):
|
||||||
super(NoopNetworkDriver, self).__init__()
|
super(NoopNetworkDriver, self).__init__()
|
||||||
self.driver = NoopManager()
|
self.driver = NoopManager()
|
||||||
|
|
||||||
|
|
|
@ -41,7 +41,8 @@ class TestNovaAuth(base.TestCase):
|
||||||
|
|
||||||
# Mock out the keystone session and get the client
|
# Mock out the keystone session and get the client
|
||||||
keystone._SESSION = mock.MagicMock()
|
keystone._SESSION = mock.MagicMock()
|
||||||
bc1 = clients.NovaAuth.get_nova_client(region=None)
|
bc1 = clients.NovaAuth.get_nova_client(region=None,
|
||||||
|
endpoint_type='publicURL')
|
||||||
|
|
||||||
# Our returned client should also be the saved client
|
# Our returned client should also be the saved client
|
||||||
self.assertIsInstance(
|
self.assertIsInstance(
|
||||||
|
@ -56,7 +57,7 @@ class TestNovaAuth(base.TestCase):
|
||||||
# Getting the session again should return the same object
|
# Getting the session again should return the same object
|
||||||
bc2 = clients.NovaAuth.get_nova_client(
|
bc2 = clients.NovaAuth.get_nova_client(
|
||||||
region="test-region", service_name='novaEndpoint1',
|
region="test-region", service_name='novaEndpoint1',
|
||||||
endpoint="test-endpoint")
|
endpoint="test-endpoint", endpoint_type='adminURL')
|
||||||
self.assertIs(bc1, bc2)
|
self.assertIs(bc1, bc2)
|
||||||
|
|
||||||
|
|
||||||
|
@ -79,7 +80,8 @@ class TestNeutronAuth(base.TestCase):
|
||||||
|
|
||||||
# Mock out the keystone session and get the client
|
# Mock out the keystone session and get the client
|
||||||
keystone._SESSION = mock.MagicMock()
|
keystone._SESSION = mock.MagicMock()
|
||||||
bc1 = clients.NeutronAuth.get_neutron_client(region=None)
|
bc1 = clients.NeutronAuth.get_neutron_client(
|
||||||
|
region=None, endpoint_type='publicURL')
|
||||||
|
|
||||||
# Our returned client should also be the saved client
|
# Our returned client should also be the saved client
|
||||||
self.assertIsInstance(
|
self.assertIsInstance(
|
||||||
|
@ -94,5 +96,5 @@ class TestNeutronAuth(base.TestCase):
|
||||||
# Getting the session again should return the same object
|
# Getting the session again should return the same object
|
||||||
bc2 = clients.NeutronAuth.get_neutron_client(
|
bc2 = clients.NeutronAuth.get_neutron_client(
|
||||||
region="test-region", service_name="neutronEndpoint1",
|
region="test-region", service_name="neutronEndpoint1",
|
||||||
endpoint="test-endpoint")
|
endpoint="test-endpoint", endpoint_type='publicURL')
|
||||||
self.assertIs(bc1, bc2)
|
self.assertIs(bc1, bc2)
|
||||||
|
|
Loading…
Reference in New Issue