Merge "Fix neutron setting overrides" into stable/2023.2
This commit is contained in:
Zuul
Gerrit Code Review
commit
4449b2f8b5
@ -935,24 +935,29 @@ def register_cli_opts():
|
|||||||
def handle_neutron_deprecations():
|
def handle_neutron_deprecations():
|
||||||
# Apply neutron deprecated options to their new setting if needed
|
# Apply neutron deprecated options to their new setting if needed
|
||||||
|
|
||||||
# Basicaly: if the value of the deprecated option is not the default:
|
# Basically: if the new option is not set and the value of the deprecated
|
||||||
|
# option is not the default, it means that the deprecated setting is still
|
||||||
|
# used in the config file:
|
||||||
# * convert it to a valid "new" value if needed
|
# * convert it to a valid "new" value if needed
|
||||||
# * set it as the default for the new option
|
# * set it as the default for the new option
|
||||||
# Thus [neutron].<new_option> has an higher precedence than
|
# Thus [neutron].<new_option> has an higher precedence than
|
||||||
# [neutron].<deprecated_option>
|
# [neutron].<deprecated_option>
|
||||||
loc = cfg.CONF.get_location('endpoint', 'neutron')
|
loc = cfg.CONF.get_location('endpoint', 'neutron')
|
||||||
if loc and loc.location != cfg.Locations.opt_default:
|
new_loc = cfg.CONF.get_location('endpoint_override', 'neutron')
|
||||||
|
if not new_loc and loc and loc.location != cfg.Locations.opt_default:
|
||||||
cfg.CONF.set_default('endpoint_override', cfg.CONF.neutron.endpoint,
|
cfg.CONF.set_default('endpoint_override', cfg.CONF.neutron.endpoint,
|
||||||
'neutron')
|
'neutron')
|
||||||
|
|
||||||
loc = cfg.CONF.get_location('endpoint_type', 'neutron')
|
loc = cfg.CONF.get_location('endpoint_type', 'neutron')
|
||||||
if loc and loc.location != cfg.Locations.opt_default:
|
new_loc = cfg.CONF.get_location('valid_interfaces', 'neutron')
|
||||||
|
if not new_loc and loc and loc.location != cfg.Locations.opt_default:
|
||||||
endpoint_type = cfg.CONF.neutron.endpoint_type.replace('URL', '')
|
endpoint_type = cfg.CONF.neutron.endpoint_type.replace('URL', '')
|
||||||
cfg.CONF.set_default('valid_interfaces', [endpoint_type],
|
cfg.CONF.set_default('valid_interfaces', [endpoint_type],
|
||||||
'neutron')
|
'neutron')
|
||||||
|
|
||||||
loc = cfg.CONF.get_location('ca_certificates_file', 'neutron')
|
loc = cfg.CONF.get_location('ca_certificates_file', 'neutron')
|
||||||
if loc and loc.location != cfg.Locations.opt_default:
|
new_loc = cfg.CONF.get_location('cafile', 'neutron')
|
||||||
|
if not new_loc and loc and loc.location != cfg.Locations.opt_default:
|
||||||
cfg.CONF.set_default('cafile', cfg.CONF.neutron.ca_certificates_file,
|
cfg.CONF.set_default('cafile', cfg.CONF.neutron.ca_certificates_file,
|
||||||
'neutron')
|
'neutron')
|
||||||
|
|
||||||
|
|||||||
@ -80,14 +80,14 @@ class KeystoneSession(object):
|
|||||||
|
|
||||||
config = getattr(cfg.CONF, self.section)
|
config = getattr(cfg.CONF, self.section)
|
||||||
for opt in config:
|
for opt in config:
|
||||||
# For each option in the [neutron] section, get its setting
|
# For each option in the [section] section, get its setting
|
||||||
# location, if the location is 'opt_default' or
|
# location, if the location is 'opt_default', it means that
|
||||||
# 'set_default', it means that the option is not configured
|
# the option is not configured in the config file.
|
||||||
# in the config file, it should be replaced with the one
|
# if the option is also defined in [service_auth], the
|
||||||
# from [service_auth]
|
# option of the [section] can be replaced by the one from
|
||||||
|
# [service_auth]
|
||||||
loc = cfg.CONF.get_location(opt, self.section)
|
loc = cfg.CONF.get_location(opt, self.section)
|
||||||
if not loc or loc.location in (cfg.Locations.opt_default,
|
if not loc or loc.location == cfg.Locations.opt_default:
|
||||||
cfg.Locations.set_default):
|
|
||||||
if hasattr(cfg.CONF.service_auth, opt):
|
if hasattr(cfg.CONF.service_auth, opt):
|
||||||
cur_value = getattr(config, opt)
|
cur_value = getattr(config, opt)
|
||||||
value = getattr(cfg.CONF.service_auth, opt)
|
value = getattr(cfg.CONF.service_auth, opt)
|
||||||
|
|||||||
@ -78,3 +78,38 @@ class TestConfig(base.TestCase):
|
|||||||
self.assertEqual(
|
self.assertEqual(
|
||||||
3,
|
3,
|
||||||
conf.conf.haproxy_amphora.active_connection_retry_interval)
|
conf.conf.haproxy_amphora.active_connection_retry_interval)
|
||||||
|
|
||||||
|
def test_handle_neutron_deprecations(self):
|
||||||
|
conf = self.useFixture(oslo_fixture.Config(config.cfg.CONF))
|
||||||
|
|
||||||
|
# The deprecated settings are copied to the new settings
|
||||||
|
conf.config(endpoint='my_endpoint',
|
||||||
|
endpoint_type='internal',
|
||||||
|
ca_certificates_file='/path/to/certs',
|
||||||
|
group='neutron')
|
||||||
|
|
||||||
|
config.handle_neutron_deprecations()
|
||||||
|
|
||||||
|
self.assertEqual('my_endpoint', conf.conf.neutron.endpoint_override)
|
||||||
|
self.assertEqual(['internal'], conf.conf.neutron.valid_interfaces)
|
||||||
|
self.assertEqual('/path/to/certs', conf.conf.neutron.cafile)
|
||||||
|
|
||||||
|
# Test case for https://bugs.launchpad.net/octavia/+bug/2051604
|
||||||
|
def test_handle_neutron_deprecations_with_precedence(self):
|
||||||
|
conf = self.useFixture(oslo_fixture.Config(config.cfg.CONF))
|
||||||
|
|
||||||
|
# The deprecated settings should not override the new settings when
|
||||||
|
# they exist
|
||||||
|
conf.config(endpoint='my_old_endpoint',
|
||||||
|
endpoint_type='old_type',
|
||||||
|
ca_certificates_file='/path/to/old_certs',
|
||||||
|
endpoint_override='my_endpoint',
|
||||||
|
valid_interfaces=['internal'],
|
||||||
|
cafile='/path/to/certs',
|
||||||
|
group='neutron')
|
||||||
|
|
||||||
|
config.handle_neutron_deprecations()
|
||||||
|
|
||||||
|
self.assertEqual('my_endpoint', conf.conf.neutron.endpoint_override)
|
||||||
|
self.assertEqual(['internal'], conf.conf.neutron.valid_interfaces)
|
||||||
|
self.assertEqual('/path/to/certs', conf.conf.neutron.cafile)
|
||||||
|
|||||||
@ -52,3 +52,35 @@ class TestKeystoneSession(base.TestCase):
|
|||||||
[call("Overriding [%s].%s with '%s'", 'neutron', 'cafile',
|
[call("Overriding [%s].%s with '%s'", 'neutron', 'cafile',
|
||||||
'bar')]
|
'bar')]
|
||||||
)
|
)
|
||||||
|
|
||||||
|
# Test case for https://bugs.launchpad.net/octavia/+bug/2051604
|
||||||
|
@mock.patch("octavia.common.keystone.ks_loading"
|
||||||
|
".load_auth_from_conf_options")
|
||||||
|
@mock.patch("octavia.common.keystone.LOG")
|
||||||
|
def test_get_auth_neutron_override_endpoint(self,
|
||||||
|
mock_log,
|
||||||
|
mock_load_auth):
|
||||||
|
opt_mock = mock.MagicMock()
|
||||||
|
opt_mock.dest = "foo"
|
||||||
|
conf = oslo_fixture.Config(cfg.CONF)
|
||||||
|
conf.conf.set_default('endpoint_override', 'default_endpoint',
|
||||||
|
'service_auth')
|
||||||
|
conf.conf.set_default('endpoint_override', 'new_endpoint',
|
||||||
|
'neutron')
|
||||||
|
|
||||||
|
mock_load_auth.side_effect = [
|
||||||
|
ks_exceptions.auth_plugins.MissingRequiredOptions(
|
||||||
|
[opt_mock]),
|
||||||
|
None,
|
||||||
|
None
|
||||||
|
]
|
||||||
|
|
||||||
|
sess = ks.KeystoneSession("neutron")
|
||||||
|
sess.get_auth()
|
||||||
|
|
||||||
|
# [service_auth].endpoint_override should not override
|
||||||
|
# [neutron].endpoint_override
|
||||||
|
self.assertNotIn(
|
||||||
|
call("Overriding [%s].%s with '%s'", 'neutron',
|
||||||
|
'endpoint_override', 'default_endpoint'),
|
||||||
|
mock_log.debug.mock_calls)
|
||||||
|
|||||||
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
fixes:
|
||||||
|
- |
|
||||||
|
Fixed a bug when the deprecated settings (``endpoint``, ``endpoint_type``,
|
||||||
|
``ca_certificates_file``) are used in the ``[neutron]`` section of the
|
||||||
|
configuration file. The connection to the neutron service may have used
|
||||||
|
some settings from the ``[service_auth]`` section or used undefined
|
||||||
|
settings.
|
||||||
Loading…
Reference in New Issue
Block a user