Keystone credentials needs to be set with the overcloud password
While working on upgrade Mitaka to newton we hit this issue https://bugs.launchpad.net/tripleo/+bug/1626422 It appear that the keystone credentials needs to be generated and store with the overcloud password only once Change-Id: I15888f31c6b275ac785107bb95256296fd67487f Closes-Bug: #1626422
This commit is contained in:
parent
8b0501c72c
commit
13620fc4ff
|
@ -33,8 +33,11 @@ class TestPasswordsUtil(TestCase):
|
|||
return_value="PASSWORD")
|
||||
@mock.patch("tripleoclient.utils.create_cephx_key",
|
||||
return_value="CEPHX_KEY")
|
||||
def test_generate_passwords(self, create_cephx_key_mock,
|
||||
generate_password_mock, isfile_mock):
|
||||
@mock.patch("tripleoclient.utils.create_keystone_credential",
|
||||
return_value="PASSWORD")
|
||||
def test_generate_passwords(self, create_keystone_creds_mock,
|
||||
create_cephx_key_mock, generate_password_mock,
|
||||
isfile_mock):
|
||||
|
||||
mock_open = mock.mock_open()
|
||||
|
||||
|
@ -61,6 +64,8 @@ class TestPasswordsUtil(TestCase):
|
|||
mock.call('OVERCLOUD_HEAT_PASSWORD=PASSWORD\n'),
|
||||
mock.call('OVERCLOUD_HEAT_STACK_DOMAIN_PASSWORD=PASSWORD\n'),
|
||||
mock.call('OVERCLOUD_IRONIC_PASSWORD=PASSWORD\n'),
|
||||
mock.call('OVERCLOUD_KEYSTONE_CREDENTIALS_0=PASSWORD\n'),
|
||||
mock.call('OVERCLOUD_KEYSTONE_CREDENTIALS_1=PASSWORD\n'),
|
||||
mock.call('OVERCLOUD_MANILA_PASSWORD=PASSWORD\n'),
|
||||
mock.call('OVERCLOUD_MISTRAL_PASSWORD=PASSWORD\n'),
|
||||
mock.call('OVERCLOUD_MYSQL_CLUSTERCHECK_PASSWORD=PASSWORD\n'),
|
||||
|
@ -76,6 +81,7 @@ class TestPasswordsUtil(TestCase):
|
|||
]
|
||||
self.assertEqual(sorted(mock_open().write.mock_calls), mock_calls)
|
||||
self.assertEqual(generate_password_mock.call_count +
|
||||
create_keystone_creds_mock.call_count +
|
||||
create_cephx_key_mock.call_count, len(mock_calls))
|
||||
|
||||
self.assertEqual(len(passwords), len(mock_calls))
|
||||
|
@ -93,8 +99,11 @@ class TestPasswordsUtil(TestCase):
|
|||
return_value="PASSWORD")
|
||||
@mock.patch("tripleoclient.utils.create_cephx_key",
|
||||
return_value="CEPHX_KEY")
|
||||
def test_load_passwords(self, create_cephx_key_mock,
|
||||
generate_password_mock, isfile_mock):
|
||||
@mock.patch("tripleoclient.utils.create_keystone_credential",
|
||||
return_value="PASSWORD")
|
||||
def test_load_passwords(self, create_keystone_creds_mock,
|
||||
create_cephx_key_mock, generate_password_mock,
|
||||
isfile_mock):
|
||||
PASSWORDS = [
|
||||
'OVERCLOUD_ADMIN_PASSWORD=PASSWORD\n',
|
||||
'OVERCLOUD_ADMIN_TOKEN=PASSWORD\n',
|
||||
|
@ -114,6 +123,8 @@ class TestPasswordsUtil(TestCase):
|
|||
'OVERCLOUD_HEAT_PASSWORD=PASSWORD\n',
|
||||
'OVERCLOUD_HEAT_STACK_DOMAIN_PASSWORD=PASSWORD\n',
|
||||
'OVERCLOUD_IRONIC_PASSWORD=PASSWORD\n',
|
||||
'OVERCLOUD_KEYSTONE_CREDENTIALS_0=PASSWORD\n',
|
||||
'OVERCLOUD_KEYSTONE_CREDENTIALS_1=PASSWORD\n',
|
||||
'OVERCLOUD_MANILA_PASSWORD=PASSWORD\n',
|
||||
'OVERCLOUD_MISTRAL_PASSWORD=PASSWORD\n',
|
||||
'OVERCLOUD_MYSQL_CLUSTERCHECK_PASSWORD=PASSWORD\n',
|
||||
|
|
|
@ -176,8 +176,8 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud):
|
|||
'HypervisorNeutronPhysicalBridge': 'br-ex',
|
||||
'HypervisorNeutronPublicInterface': 'nic1',
|
||||
'IronicPassword': 'password',
|
||||
'KeystoneCredential0': 'key',
|
||||
'KeystoneCredential1': 'key',
|
||||
'KeystoneCredential0': 'password',
|
||||
'KeystoneCredential1': 'password',
|
||||
'ManilaPassword': 'password',
|
||||
'MistralPassword': 'password',
|
||||
'MysqlClustercheckPassword': 'password',
|
||||
|
@ -349,8 +349,8 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud):
|
|||
'HypervisorNeutronPhysicalBridge': 'br-ex',
|
||||
'HypervisorNeutronPublicInterface': 'nic1',
|
||||
'IronicPassword': 'password',
|
||||
'KeystoneCredential0': 'key',
|
||||
'KeystoneCredential1': 'key',
|
||||
'KeystoneCredential0': 'password',
|
||||
'KeystoneCredential1': 'password',
|
||||
'ManilaPassword': 'password',
|
||||
'MistralPassword': 'password',
|
||||
'MysqlClustercheckPassword': 'password',
|
||||
|
@ -1286,8 +1286,8 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud):
|
|||
'HypervisorNeutronPhysicalBridge': 'br-ex',
|
||||
'HypervisorNeutronPublicInterface': 'nic1',
|
||||
'IronicPassword': 'password',
|
||||
'KeystoneCredential0': 'key',
|
||||
'KeystoneCredential1': 'key',
|
||||
'KeystoneCredential0': 'password',
|
||||
'KeystoneCredential1': 'password',
|
||||
'ManilaPassword': 'password',
|
||||
'MistralPassword': 'password',
|
||||
'MysqlClustercheckPassword': 'password',
|
||||
|
|
|
@ -17,6 +17,7 @@ from tripleoclient import utils
|
|||
|
||||
|
||||
def generate_overcloud_passwords_mock():
|
||||
passwords = utils._PASSWORD_NAMES + utils._CEPH_PASSWORD_NAMES
|
||||
passwords = utils._PASSWORD_NAMES + utils._CEPH_PASSWORD_NAMES + \
|
||||
utils._KEYSTONE_CREDENTIALS_NAME
|
||||
|
||||
return dict((password, 'password') for password in passwords)
|
||||
|
|
|
@ -75,6 +75,11 @@ _CEPH_PASSWORD_NAMES = (
|
|||
"OVERCLOUD_CEPH_RGW_KEY"
|
||||
)
|
||||
|
||||
_KEYSTONE_CREDENTIALS_NAME = (
|
||||
"OVERCLOUD_KEYSTONE_CREDENTIALS_0",
|
||||
"OVERCLOUD_KEYSTONE_CREDENTIALS_1"
|
||||
)
|
||||
|
||||
|
||||
def generate_overcloud_passwords(output_file="tripleo-overcloud-passwords",
|
||||
create_password_file=False):
|
||||
|
@ -108,6 +113,10 @@ def generate_overcloud_passwords(output_file="tripleo-overcloud-passwords",
|
|||
if not passwords.get(name):
|
||||
passwords[name] = create_cephx_key()
|
||||
|
||||
for name in _KEYSTONE_CREDENTIALS_NAME:
|
||||
if not passwords.get(name):
|
||||
passwords[name] = create_keystone_credential()
|
||||
|
||||
with open(output_file, 'w') as f:
|
||||
for name, password in passwords.items():
|
||||
f.write("{0}={1}\n".format(name, password))
|
||||
|
|
|
@ -112,6 +112,10 @@ class DeployOvercloud(command.Command):
|
|||
parameters['CephAdminKey'] = passwords['OVERCLOUD_CEPH_ADMIN_KEY']
|
||||
parameters['CephClientKey'] = passwords['OVERCLOUD_CEPH_CLIENT_KEY']
|
||||
parameters['CephRgwKey'] = passwords['OVERCLOUD_CEPH_RGW_KEY']
|
||||
parameters['KeystoneCredential0'] = passwords[
|
||||
'OVERCLOUD_KEYSTONE_CREDENTIALS_0']
|
||||
parameters['KeystoneCredential1'] = passwords[
|
||||
'OVERCLOUD_KEYSTONE_CREDENTIALS_1']
|
||||
|
||||
def _update_parameters(self, args, network_client, stack):
|
||||
parameters = {}
|
||||
|
@ -189,9 +193,7 @@ class DeployOvercloud(command.Command):
|
|||
|
||||
if stack_is_new:
|
||||
parameters.update({
|
||||
'CephClusterFSID': six.text_type(uuid.uuid1()),
|
||||
'KeystoneCredential0': utils.create_keystone_credential(),
|
||||
'KeystoneCredential1': utils.create_keystone_credential()})
|
||||
'CephClusterFSID': six.text_type(uuid.uuid1())})
|
||||
|
||||
return parameters
|
||||
|
||||
|
|
Loading…
Reference in New Issue