Distributed Cloud enhancements for Horizon
- Adding endpoints for the subcloud's platform services to the central keystone. This was done so horizon can reach all subclouds - Allowing version requests to bypass the authtoken validator in the dcorch proxy. version requests do not require authentication and they are required by horizon to work in the SystemController region Change-Id: I508e0168e77d1f46b8f5720fd16047177b4920c2 Partial-Bug: 1846239 Signed-off-by: Tyler Smith <tyler.smith@windriver.com>
This commit is contained in:
parent
b020fc86c8
commit
96db1d7ee0
@ -152,37 +152,48 @@ class SubcloudManager(manager.Manager):
|
|||||||
payload['systemcontroller_gateway_address'],
|
payload['systemcontroller_gateway_address'],
|
||||||
1)
|
1)
|
||||||
|
|
||||||
# Create identity endpoints to this subcloud on the
|
# Create endpoints to this subcloud on the
|
||||||
# management-start-ip of the subcloud which will be allocated
|
# management-start-ip of the subcloud which will be allocated
|
||||||
# as the floating Management IP of the Subcloud if the
|
# as the floating Management IP of the Subcloud if the
|
||||||
# Address Pool is not shared. Incase the endpoint entry
|
# Address Pool is not shared. Incase the endpoint entries
|
||||||
# is incorrect, or the management IP of the subcloud is changed
|
# are incorrect, or the management IP of the subcloud is changed
|
||||||
# in the future, it will not go managed or will show up as
|
# in the future, it will not go managed or will show up as
|
||||||
# out of sync. To fix this use Openstack endpoint commands
|
# out of sync. To fix this use Openstack endpoint commands
|
||||||
# on the SystemController to change the subcloud endpoint
|
# on the SystemController to change the subcloud endpoints.
|
||||||
ks_service_id = None
|
# The non-identity endpoints are added to facilitate horizon access
|
||||||
|
# from the System Controller to the subcloud.
|
||||||
|
endpoint_config = []
|
||||||
|
endpoint_ip = payload['management_start_address']
|
||||||
|
if netaddr.IPAddress(endpoint_ip).version == 6:
|
||||||
|
endpoint_ip = '[' + endpoint_ip + ']'
|
||||||
|
|
||||||
for service in m_ks_client.services_list:
|
for service in m_ks_client.services_list:
|
||||||
|
if service.type == dcorch_consts.ENDPOINT_TYPE_PLATFORM:
|
||||||
|
endpoint_url = "http://{}:6385/v1".format(endpoint_ip)
|
||||||
|
endpoint_config.append((service.id, endpoint_url))
|
||||||
if service.type == dcorch_consts.ENDPOINT_TYPE_IDENTITY:
|
if service.type == dcorch_consts.ENDPOINT_TYPE_IDENTITY:
|
||||||
ks_service_id = service.id
|
endpoint_url = "http://{}:5000/v3".format(endpoint_ip)
|
||||||
break
|
endpoint_config.append((service.id, endpoint_url))
|
||||||
else:
|
if service.type == dcorch_consts.ENDPOINT_TYPE_PATCHING:
|
||||||
|
endpoint_url = "http://{}:5491".format(endpoint_ip)
|
||||||
|
endpoint_config.append((service.id, endpoint_url))
|
||||||
|
if service.type == dcorch_consts.ENDPOINT_TYPE_FM:
|
||||||
|
endpoint_url = "http://{}:18002".format(endpoint_ip)
|
||||||
|
endpoint_config.append((service.id, endpoint_url))
|
||||||
|
if service.type == dcorch_consts.ENDPOINT_TYPE_NFV:
|
||||||
|
endpoint_url = "http://{}:4545".format(endpoint_ip)
|
||||||
|
endpoint_config.append((service.id, endpoint_url))
|
||||||
|
|
||||||
|
if len(endpoint_config) < 5:
|
||||||
raise exceptions.BadRequest(
|
raise exceptions.BadRequest(
|
||||||
resource='subcloud',
|
resource='subcloud',
|
||||||
msg='No Identity service found on SystemController')
|
msg='Missing service in SystemController')
|
||||||
|
|
||||||
identity_endpoint_ip = payload['management_start_address']
|
|
||||||
|
|
||||||
if netaddr.IPAddress(identity_endpoint_ip).version == 6:
|
|
||||||
identity_endpoint_url = \
|
|
||||||
"http://[{}]:5000/v3".format(identity_endpoint_ip)
|
|
||||||
else:
|
|
||||||
identity_endpoint_url = \
|
|
||||||
"http://{}:5000/v3".format(identity_endpoint_ip)
|
|
||||||
|
|
||||||
|
for endpoint in endpoint_config:
|
||||||
for iface in ['internal', 'admin']:
|
for iface in ['internal', 'admin']:
|
||||||
m_ks_client.keystone_client.endpoints.create(
|
m_ks_client.keystone_client.endpoints.create(
|
||||||
ks_service_id,
|
endpoint[0],
|
||||||
identity_endpoint_url,
|
endpoint[1],
|
||||||
interface=iface,
|
interface=iface,
|
||||||
region=subcloud.name)
|
region=subcloud.name)
|
||||||
|
|
||||||
|
@ -130,7 +130,11 @@ class TestSubcloudManager(base.DCManagerTestCase):
|
|||||||
mock_dcorch_rpc_client):
|
mock_dcorch_rpc_client):
|
||||||
value = utils.create_subcloud_dict(value)
|
value = utils.create_subcloud_dict(value)
|
||||||
controllers = [Controller('controller-0'), Controller('controller-1')]
|
controllers = [Controller('controller-0'), Controller('controller-1')]
|
||||||
services = [Service('identity', '1234')]
|
services = [Service('identity', '1234'),
|
||||||
|
Service('faultmanagement', '1234'),
|
||||||
|
Service('patching', '1234'),
|
||||||
|
Service('platform', '1234'),
|
||||||
|
Service('nfv', '1234')]
|
||||||
mock_context.get_admin_context.return_value = self.ctxt
|
mock_context.get_admin_context.return_value = self.ctxt
|
||||||
mock_db_api.subcloud_get_by_name.side_effect = \
|
mock_db_api.subcloud_get_by_name.side_effect = \
|
||||||
exceptions.SubcloudNameNotFound()
|
exceptions.SubcloudNameNotFound()
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
# Copyright 2017 Wind River
|
# Copyright 2017-2019 Wind River
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
@ -21,6 +21,7 @@ from dcorch.api.proxy.apps.controller import IdentityAPIController
|
|||||||
from dcorch.api.proxy.apps.controller import NeutronAPIController
|
from dcorch.api.proxy.apps.controller import NeutronAPIController
|
||||||
from dcorch.api.proxy.apps.controller import OrchAPIController
|
from dcorch.api.proxy.apps.controller import OrchAPIController
|
||||||
from dcorch.api.proxy.apps.controller import SysinvAPIController
|
from dcorch.api.proxy.apps.controller import SysinvAPIController
|
||||||
|
from dcorch.api.proxy.apps.controller import VersionController
|
||||||
from dcorch.api.proxy.apps.dispatcher import APIDispatcher
|
from dcorch.api.proxy.apps.dispatcher import APIDispatcher
|
||||||
from dcorch.api.proxy.apps.patch import PatchAPIController
|
from dcorch.api.proxy.apps.patch import PatchAPIController
|
||||||
from dcorch.api.proxy.apps.router import Router
|
from dcorch.api.proxy.apps.router import Router
|
||||||
@ -121,3 +122,13 @@ class Acceptor(Router):
|
|||||||
|
|
||||||
for key, value in proxy_consts.IDENTITY_PATH_MAP.items():
|
for key, value in proxy_consts.IDENTITY_PATH_MAP.items():
|
||||||
self._add_resource(mapper, api_controller, value, key, CONF.type)
|
self._add_resource(mapper, api_controller, value, key, CONF.type)
|
||||||
|
|
||||||
|
|
||||||
|
class VersionAcceptor(Router):
|
||||||
|
def __init__(self, app, conf):
|
||||||
|
self._conf = conf
|
||||||
|
mapper = routes.Mapper()
|
||||||
|
api_controller = VersionController(app, conf)
|
||||||
|
mapper.connect(proxy_consts.VERSION_ROOT, controller=api_controller,
|
||||||
|
conditions=dict(method=['GET']))
|
||||||
|
super(VersionAcceptor, self).__init__(app, conf, mapper, None)
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
# Copyright 2017 Wind River
|
# Copyright 2017-2019 Wind River
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
@ -18,8 +18,10 @@ import webob.dec
|
|||||||
import webob.exc
|
import webob.exc
|
||||||
|
|
||||||
from dcorch.api.proxy.apps.dispatcher import APIDispatcher
|
from dcorch.api.proxy.apps.dispatcher import APIDispatcher
|
||||||
|
from dcorch.api.proxy.apps.proxy import Proxy
|
||||||
from dcorch.api.proxy.common import constants as proxy_consts
|
from dcorch.api.proxy.common import constants as proxy_consts
|
||||||
from dcorch.api.proxy.common.service import Middleware
|
from dcorch.api.proxy.common.service import Middleware
|
||||||
|
from dcorch.api.proxy.common.service import Request as ProxyRequest
|
||||||
from dcorch.api.proxy.common import utils as proxy_utils
|
from dcorch.api.proxy.common import utils as proxy_utils
|
||||||
from dcorch.common import consts
|
from dcorch.common import consts
|
||||||
import dcorch.common.context as k_context
|
import dcorch.common.context as k_context
|
||||||
@ -689,3 +691,20 @@ class OrchAPIController(APIController):
|
|||||||
if self.get_status_code(response) in self.OK_STATUS_CODE:
|
if self.get_status_code(response) in self.OK_STATUS_CODE:
|
||||||
response = self._update_response(environ, request_body, response)
|
response = self._update_response(environ, request_body, response)
|
||||||
return response
|
return response
|
||||||
|
|
||||||
|
|
||||||
|
class VersionController(Middleware):
|
||||||
|
def __init__(self, app, conf):
|
||||||
|
self._default_dispatcher = Proxy()
|
||||||
|
self._remote_host, self._remote_port = \
|
||||||
|
proxy_utils.get_remote_host_port_options(CONF)
|
||||||
|
super(VersionController, self).__init__(app)
|
||||||
|
|
||||||
|
@webob.dec.wsgify(RequestClass=ProxyRequest)
|
||||||
|
def __call__(self, req):
|
||||||
|
LOG.debug("VersionController forward the version request to remote "
|
||||||
|
"host: (%s), port: (%d)" % (self._remote_host,
|
||||||
|
self._remote_port))
|
||||||
|
proxy_utils.set_request_forward_environ(req, self._remote_host,
|
||||||
|
self._remote_port)
|
||||||
|
return self._default_dispatcher
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
# Copyright 2017 Wind River
|
# Copyright 2017-2019 Wind River
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
@ -15,6 +15,8 @@
|
|||||||
|
|
||||||
from dcorch.common import consts
|
from dcorch.common import consts
|
||||||
|
|
||||||
|
VERSION_ROOT = '/{version:.*?}'
|
||||||
|
|
||||||
# Compute
|
# Compute
|
||||||
FLAVOR_RESOURCE_TAG = 'flavors'
|
FLAVOR_RESOURCE_TAG = 'flavors'
|
||||||
FLAVOR_ACCESS_RESOURCE_TAG = 'action'
|
FLAVOR_ACCESS_RESOURCE_TAG = 'action'
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
# License for the specific language governing permissions and limitations
|
# License for the specific language governing permissions and limitations
|
||||||
# under the License.
|
# under the License.
|
||||||
#
|
#
|
||||||
# Copyright (c) 2017-2018 Wind River Systems, Inc.
|
# Copyright (c) 2017-2019 Wind River Systems, Inc.
|
||||||
#
|
#
|
||||||
# The right to copy, distribute, modify, or otherwise make use
|
# The right to copy, distribute, modify, or otherwise make use
|
||||||
# of this software may be licensed only pursuant to the terms
|
# of this software may be licensed only pursuant to the terms
|
||||||
@ -135,6 +135,8 @@ ENDPOINT_TYPE_COMPUTE = "compute"
|
|||||||
ENDPOINT_TYPE_NETWORK = "network"
|
ENDPOINT_TYPE_NETWORK = "network"
|
||||||
ENDPOINT_TYPE_PATCHING = "patching"
|
ENDPOINT_TYPE_PATCHING = "patching"
|
||||||
ENDPOINT_TYPE_IDENTITY = "identity"
|
ENDPOINT_TYPE_IDENTITY = "identity"
|
||||||
|
ENDPOINT_TYPE_FM = "faultmanagement"
|
||||||
|
ENDPOINT_TYPE_NFV = "nfv"
|
||||||
|
|
||||||
ENDPOINT_TYPES_LIST = [ENDPOINT_TYPE_PLATFORM,
|
ENDPOINT_TYPES_LIST = [ENDPOINT_TYPE_PLATFORM,
|
||||||
ENDPOINT_TYPE_PATCHING,
|
ENDPOINT_TYPE_PATCHING,
|
||||||
|
Loading…
Reference in New Issue
Block a user