Adds a parameter to specify endpoint type

When getting a service catalog from keystone there might be
multiple endpoint types. Adds new parameters to specify
the endpoint type to use in each of the new neutron/nova
groups.

Nova config attributes are removed as the endpoint would be retrieved
from the service catalog with respective endpoint_type and corresponding
roles would define nova access.

CONFIG is added as needed and cfg being removed.

Change-Id: Ie01bd6967eb2003dbe4f7a11ffe8e20a16aa83f5
This commit is contained in:
German Eichberger 2016-01-22 10:43:02 -08:00
parent 25bcbc1cc1
commit 22097dc88f
8 changed files with 68 additions and 46 deletions

View File

@ -11,10 +11,6 @@
#
# octavia_plugins = hot_plug_plugin
# Region in Identity service catalog to use for communication with the OpenStack services.
#
# os_region_name =
# Hostname to be used by the host machine for services running on it.
# The default value is the hostname of the host machine.
# host =
@ -220,8 +216,22 @@
# Custom nova endpoint if override is necessary
# endpoint =
# Region in Identity service catalog to use for communication with the OpenStack services.
# region_name =
# Endpoint type in Identity service catalog to use for communication with
# the OpenStack services.
# endpoint_type = publicURL
[neutron]
# The name of the neutron service in the keystone catalog
# service_name =
# Custom neutron endpoint if override is necessary
# endpoint =
# Region in Identity service catalog to use for communication with the OpenStack services.
# region_name =
# Endpoint type in Identity service catalog to use for communication with
# the OpenStack services.
# endpoint_type = publicURL

View File

@ -27,18 +27,21 @@ class NovaAuth(object):
nova_client = None
@classmethod
def get_nova_client(cls, region, service_name=None, endpoint=None):
def get_nova_client(cls, region, service_name=None, endpoint=None,
endpoint_type='publicURL'):
"""Create nova client object.
:param region: The region of the service
:param service_name: The name of the nova service in the catalog
:param endpoint: The endpoint of the service
:param endpoint_type: The type of the endpoint
:return: a Nova Client object.
:raises Exception: if the client cannot be created
"""
if not cls.nova_client:
kwargs = {'region_name': region,
'session': keystone.get_session()}
'session': keystone.get_session(),
'endpoint_type': endpoint_type}
if service_name:
kwargs['service_name'] = service_name
if endpoint:
@ -56,18 +59,21 @@ class NeutronAuth(object):
neutron_client = None
@classmethod
def get_neutron_client(cls, region, service_name=None, endpoint=None):
def get_neutron_client(cls, region, service_name=None, endpoint=None,
endpoint_type='publicURL'):
"""Create neutron client object.
:param region: The region of the service
:param service_name: The name of the neutron service in the catalog
:param endpoint: The endpoint of the service
:param endpoint_type: The endpoint_type of the service
:return: a Neutron Client object.
:raises Exception: if the client cannot be created
"""
if not cls.neutron_client:
kwargs = {'region_name': region,
'session': keystone.get_session()}
'session': keystone.get_session(),
'endpoint_type': endpoint_type}
if service_name:
kwargs['service_name'] = service_name
if endpoint:

View File

@ -54,27 +54,6 @@ core_opts = [
"means no limit")),
cfg.StrOpt('host', default=utils.get_hostname(),
help=_("The hostname Octavia is running on")),
cfg.StrOpt('nova_url',
default='http://127.0.0.1:8774/v2',
help=_('URL for connection to nova')),
cfg.StrOpt('nova_admin_username',
help=_('Username for connecting to nova in admin context')),
cfg.StrOpt('nova_admin_password',
help=_('Password for connection to nova in admin context'),
secret=True),
cfg.StrOpt('nova_admin_tenant_id',
help=_('The uuid of the admin nova tenant')),
cfg.StrOpt('nova_admin_auth_url',
default='http://localhost:5000/v2.0',
help=_('Authorization URL for connecting to nova in admin '
'context')),
cfg.StrOpt('nova_ca_certificates_file',
help=_('CA file for novaclient to verify server certificates')),
cfg.BoolOpt('nova_api_insecure', default=False,
help=_("If True, ignore any SSL validation issues")),
cfg.StrOpt('os_region_name',
help=_('Region in Identity service catalog to use for '
'communication with the OpenStack services.')),
cfg.StrOpt('octavia_plugins',
default='hot_plug_plugin',
help=_('Name of the controller plugin to use'))
@ -357,7 +336,12 @@ nova_opts = [
cfg.StrOpt('service_name',
help=_('The name of the nova service in the keystone catalog')),
cfg.StrOpt('endpoint', help=_('A new endpoint to override the endpoint '
'in the keystone catalog.'))
'in the keystone catalog.')),
cfg.StrOpt('region_name',
help=_('Region in Identity service catalog to use for '
'communication with the OpenStack services.')),
cfg.StrOpt('endpoint_type', default='publicURL',
help=_('Endpoint interface in identity service to use')),
]
neutron_opts = [
@ -365,7 +349,12 @@ neutron_opts = [
help=_('The name of the neutron service in the '
'keystone catalog')),
cfg.StrOpt('endpoint', help=_('A new endpoint to override the endpoint '
'in the keystone catalog.'))
'in the keystone catalog.')),
cfg.StrOpt('region_name',
help=_('Region in Identity service catalog to use for '
'communication with the OpenStack services.')),
cfg.StrOpt('endpoint_type', default='publicURL',
help=_('Endpoint interface in identity service to use')),
]
# Register the configuration options

View File

@ -28,6 +28,7 @@ LOG = logging.getLogger(__name__)
CONF = cfg.CONF
CONF.import_group('keystone_authtoken', 'octavia.common.config')
CONF.import_group('networking', 'octavia.common.config')
CONF.import_group('nova', 'octavia.common.config')
class VirtualMachineManager(compute_base.ComputeBase):
@ -36,9 +37,10 @@ class VirtualMachineManager(compute_base.ComputeBase):
def __init__(self):
super(VirtualMachineManager, self).__init__()
# Must initialize nova api
region = CONF.os_region_name
self._nova_client = clients.NovaAuth.get_nova_client(
region, endpoint=CONF.nova.endpoint)
endpoint=CONF.nova.endpoint,
region=CONF.nova.region_name,
endpoint_type=CONF.nova.endpoint_type)
self.manager = self._nova_client.servers
def build(self, name="amphora_name", amphora_flavor=None, image_id=None,

View File

@ -34,6 +34,11 @@ AAP_EXT_ALIAS = 'allowed-address-pairs'
VIP_SECURITY_GRP_PREFIX = 'lb-'
OCTAVIA_OWNER = 'Octavia'
CONF = cfg.CONF
CONF.import_group('nova', 'octavia.common.config')
CONF.import_group('controller_worker', 'octavia.common.config')
CONF.import_group('networking', 'octavia.common.config')
class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
@ -41,8 +46,11 @@ class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
super(AllowedAddressPairsDriver, self).__init__()
self._check_aap_loaded()
self.nova_client = clients.NovaAuth.get_nova_client(
cfg.CONF.os_region_name, service_name=cfg.CONF.nova.service_name,
endpoint=cfg.CONF.nova.endpoint)
endpoint=CONF.nova.endpoint,
region=CONF.nova.region_name,
endpoint_type=CONF.nova.endpoint_type,
service_name=CONF.nova.service_name,
)
def _check_aap_loaded(self):
aliases = [ext.get('alias') for ext in self._extensions]
@ -131,7 +139,7 @@ class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
# Currently we are using the VIP network for VRRP
# so we need to open up the protocols for it
if (cfg.CONF.controller_worker.loadbalancer_topology ==
if (CONF.controller_worker.loadbalancer_topology ==
constants.TOPOLOGY_ACTIVE_STANDBY):
try:
self._create_security_group_rule(
@ -178,7 +186,7 @@ class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
a neutron port does not happen immediately.
"""
attempts = 0
while attempts <= cfg.CONF.networking.max_retries:
while attempts <= CONF.networking.max_retries:
try:
self.neutron_client.delete_security_group(sec_grp)
LOG.info(_LI("Deleted security group %s"), sec_grp)
@ -192,7 +200,7 @@ class AllowedAddressPairsDriver(neutron_base.BaseNeutronDriver):
"%(sg)s failed."),
{'attempt': attempts + 1, 'sg': sec_grp})
attempts += 1
time.sleep(cfg.CONF.networking.retry_interval)
time.sleep(CONF.networking.retry_interval)
message = _LE("All attempts to remove security group {0} have "
"failed.").format(sec_grp)
LOG.exception(message)

View File

@ -27,15 +27,20 @@ from octavia.network.drivers.neutron import utils
LOG = logging.getLogger(__name__)
SEC_GRP_EXT_ALIAS = 'security-group'
CONF = cfg.CONF
CONF.import_group('neutron', 'octavia.common.config')
class BaseNeutronDriver(base.AbstractNetworkDriver):
def __init__(self):
self.sec_grp_enabled = True
self.neutron_client = clients.NeutronAuth.get_neutron_client(
cfg.CONF.os_region_name,
service_name=cfg.CONF.neutron.service_name,
endpoint=cfg.CONF.neutron.endpoint)
endpoint=CONF.neutron.endpoint,
region=CONF.neutron.region_name,
endpoint_type=CONF.neutron.endpoint_type,
service_name=CONF.neutron.service_name
)
extensions = self.neutron_client.list_extensions()
self._extensions = extensions.get('extensions')
self._check_sec_grps()

View File

@ -127,7 +127,7 @@ class NoopManager(object):
class NoopNetworkDriver(driver_base.AbstractNetworkDriver):
def __init__(self, region=None):
def __init__(self):
super(NoopNetworkDriver, self).__init__()
self.driver = NoopManager()

View File

@ -41,7 +41,8 @@ class TestNovaAuth(base.TestCase):
# Mock out the keystone session and get the client
keystone._SESSION = mock.MagicMock()
bc1 = clients.NovaAuth.get_nova_client(region=None)
bc1 = clients.NovaAuth.get_nova_client(region=None,
endpoint_type='publicURL')
# Our returned client should also be the saved client
self.assertIsInstance(
@ -56,7 +57,7 @@ class TestNovaAuth(base.TestCase):
# Getting the session again should return the same object
bc2 = clients.NovaAuth.get_nova_client(
region="test-region", service_name='novaEndpoint1',
endpoint="test-endpoint")
endpoint="test-endpoint", endpoint_type='adminURL')
self.assertIs(bc1, bc2)
@ -79,7 +80,8 @@ class TestNeutronAuth(base.TestCase):
# Mock out the keystone session and get the client
keystone._SESSION = mock.MagicMock()
bc1 = clients.NeutronAuth.get_neutron_client(region=None)
bc1 = clients.NeutronAuth.get_neutron_client(
region=None, endpoint_type='publicURL')
# Our returned client should also be the saved client
self.assertIsInstance(
@ -94,5 +96,5 @@ class TestNeutronAuth(base.TestCase):
# Getting the session again should return the same object
bc2 = clients.NeutronAuth.get_neutron_client(
region="test-region", service_name="neutronEndpoint1",
endpoint="test-endpoint")
endpoint="test-endpoint", endpoint_type='publicURL')
self.assertIs(bc1, bc2)