Fixed split configs and decided on removing json and just keeping older bash script + some tiny changes to it.

This commit is contained in:
Joshua Harlow 2012-01-24 17:38:06 -08:00
parent cee58ed928
commit 9fea709b5c
7 changed files with 165 additions and 347 deletions

@ -0,0 +1,46 @@
# FROM commit 30439a6dc4
[pipeline:glance-api]
#pipeline = versionnegotiation context apiv1app
# NOTE: use the following pipeline for keystone
pipeline = versionnegotiation authtoken auth-context apiv1app
# To enable Image Cache Management API replace pipeline with below:
# pipeline = versionnegotiation context imagecache apiv1app
# NOTE: use the following pipeline for keystone auth (with caching)
# pipeline = versionnegotiation authtoken auth-context imagecache apiv1app
[app:apiv1app]
paste.app_factory = glance.common.wsgi:app_factory
glance.app_factory = glance.api.v1.router:API
[filter:versionnegotiation]
paste.filter_factory = glance.common.wsgi:filter_factory
glance.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter
[filter:cache]
paste.filter_factory = glance.common.wsgi:filter_factory
glance.filter_factory = glance.api.middleware.cache:CacheFilter
[filter:cachemanage]
paste.filter_factory = glance.common.wsgi:filter_factory
glance.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter
[filter:context]
paste.filter_factory = glance.common.wsgi:filter_factory
glance.filter_factory = glance.common.context:ContextMiddleware
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
service_host = %KEYSTONE_SERVICE_HOST%
service_port = %KEYSTONE_SERVICE_PORT%
service_protocol = %KEYSTONE_SERVICE_PROTOCOL%
auth_host = %KEYSTONE_AUTH_HOST%
auth_port = %KEYSTONE_AUTH_PORT%
auth_protocol = %KEYSTONE_AUTH_PROTOCOL%
auth_uri = %KEYSTONE_SERVICE_PROTOCOL%://%KEYSTONE_SERVICE_HOST%:%KEYSTONE_SERVICE_PORT%/
admin_token = %SERVICE_TOKEN%
[filter:auth-context]
paste.filter_factory = glance.common.wsgi:filter_factory
glance.filter_factory = keystone.middleware.glance_auth_token:KeystoneContextMiddleware

@ -0,0 +1,31 @@
# FROM commit 30439a6dc4
[pipeline:glance-registry]
#pipeline = context registryapp
# NOTE: use the following pipeline for keystone
pipeline = authtoken auth-context context registryapp
[app:registryapp]
paste.app_factory = glance.common.wsgi:app_factory
glance.app_factory = glance.registry.api.v1:API
[filter:context]
context_class = glance.registry.context.RequestContext
paste.filter_factory = glance.common.wsgi:filter_factory
glance.filter_factory = glance.common.context:ContextMiddleware
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
service_host = %KEYSTONE_SERVICE_HOST%
service_port = %KEYSTONE_SERVICE_PORT%
service_protocol = %KEYSTONE_SERVICE_PROTOCOL%
auth_host = %KEYSTONE_AUTH_HOST%
auth_port = %KEYSTONE_AUTH_PORT%
auth_protocol = %KEYSTONE_AUTH_PROTOCOL%
auth_uri = %KEYSTONE_SERVICE_PROTOCOL%://%KEYSTONE_SERVICE_HOST%:%KEYSTONE_SERVICE_PORT%/
admin_token = %SERVICE_TOKEN%
[filter:auth-context]
context_class = glance.registry.context.RequestContext
paste.filter_factory = glance.common.wsgi:filter_factory
glance.filter_factory = keystone.middleware.glance_auth_token:KeystoneContextMiddleware

@ -1,283 +0,0 @@
# This is a extended json package definition file
# We allow simple comments (lines starting with a hash symbol)
#
# These commands will be used when setting up keystone. They will be invoked by the keystone-manage command.
# Different sections of the following json may or may not be activated (depending on which other components are to be setup.
#
# Options like %ADMIN_PASSWORD% will be filled in with an actual value.
#
# Command ordering may matter, so be careful!
#
# Based off of commit 30439a6dc4 of keystone_data.sh
{
# Users
"users": [
[
"user",
"add",
"admin",
"%ADMIN_PASSWORD%"
],
[
"user",
"add",
"demo",
"%ADMIN_PASSWORD%"
]
],
# Roles
"roles": [
[
"role",
"add",
"admin"
],
[
"role",
"add",
"Member"
],
[
"role",
"add",
"KeystoneAdmin"
],
[
"role",
"add",
"KeystoneServiceAdmin"
],
[
"role",
"add",
"sysadmin"
],
[
"role",
"add",
"netadmin"
],
# Grants
[
"role",
"grant",
"admin",
"admin",
"admin"
],
[
"role",
"grant",
"Member",
"demo",
"demo"
],
[
"role",
"grant",
"sysadmin",
"demo",
"demo"
],
[
"role",
"grant",
"netadmin",
"demo",
"demo"
],
[
"role",
"grant",
"Member",
"demo",
"invisible_to_admin"
],
[
"role",
"grant",
"admin",
"admin",
"demo"
],
[
"role",
"grant",
"admin",
"admin"
],
[
"role",
"grant",
"KeystoneAdmin",
"admin"
],
[
"role",
"grant",
"KeystoneServiceAdmin",
"admin"
]
],
"swift": [
# Swift service
[
"service",
"add",
"swift",
"object-store",
"\"Swift Service\""
],
# Endpoint template for swift
[
"endpointTemplates",
"add",
"RegionOne",
"swift",
"http://%SERVICE_HOST%:8080/v1/AUTH_%tenant_id%",
"http://%SERVICE_HOST%:8080/",
"http://%SERVICE_HOST%:8080/v1/AUTH_%tenant_id%",
"1",
"1"
]
],
"nova": [
# Nova service
[
"service",
"add",
"nova",
"compute",
"\"Nova Compute Service\""
],
# EC2 service
[
"service",
"add",
"ec2",
"ec2",
"\"EC2 Compatability Layer\""
],
# Endpoint template for nova
[
"endpointTemplates",
"add",
"RegionOne",
"nova",
"http://%SERVICE_HOST%:8774/v1.1/%tenant_id%",
"http://%SERVICE_HOST%:8774/v1.1/%tenant_id%",
"http://%SERVICE_HOST%:8774/v1.1/%tenant_id%",
"1",
"1"
],
# Endpoint template for ec2
[
"endpointTemplates",
"add",
"RegionOne",
"ec2",
"http://%SERVICE_HOST%:8773/services/Cloud",
"http://%SERVICE_HOST%:8773/services/Admin",
"http://%SERVICE_HOST%:8773/services/Cloud",
"1",
"1"
],
# EC2 related creds - note we are setting the secret key to ADMIN_PASSWORD
# but keystone doesn't parse them - it is just a blob from keystone's
# point of view.
[
"credentials",
"add",
"admin",
"EC2",
"admin",
"%ADMIN_PASSWORD%",
"admin"
],
[
"credentials",
"add",
"demo",
"EC2",
"demo",
"%ADMIN_PASSWORD%",
"demo"
]
],
# Tokens
"tokens": [
[
"token",
"add",
"%SERVICE_TOKEN%",
"admin",
"admin",
"2015-02-05T00:00"
]
],
# Services
"services": [
# Keystone Service
[
"service",
"add",
"keystone",
"identity",
"\"Keystone Identity Service\""
]
],
"glance": [
# Glance service
[
"service",
"add",
"glance",
"image",
"\"Glance Image Service\""
],
# Endpoint template for glance
[
"endpointTemplates",
"add",
"RegionOne",
"glance",
"http://%SERVICE_HOST%:9292/v1",
"http://%SERVICE_HOST%:9292/v1",
"http://%SERVICE_HOST%:9292/v1",
"1",
"1"
]
],
# Endpoint template for keystone
"endpoints": [
[
"endpointTemplates",
"add",
"RegionOne",
"keystone",
"%KEYSTONE_SERVICE_PROTOCOL%://%KEYSTONE_SERVICE_HOST%:%KEYSTONE_SERVICE_PORT%/v2.0",
"%KEYSTONE_AUTH_PROTOCOL%://%KEYSTONE_AUTH_HOST%:%KEYSTONE_AUTH_PORT%/v2.0",
"%KEYSTONE_SERVICE_PROTOCOL%://%KEYSTONE_SERVICE_HOST%:%KEYSTONE_SERVICE_PORT%/v2.0",
"1",
"1"
]
],
# Tenants
"tenants": [
[
"tenant",
"add",
"admin"
],
[
"tenant",
"add",
"demo"
],
[
"tenant",
"add",
"invisible_to_admin"
]
]
}

@ -32,7 +32,7 @@ extensions= osksadm,oskscatalog
# Address to bind the API server
# TODO Properties defined within app not available via pipeline.
service_host = %SERVICE_HOST%
service_host = 0.0.0.0
# Port the bind the API server to
service_port = 5000
@ -41,7 +41,7 @@ service_port = 5000
service_ssl = False
# Address to bind the Admin API server
admin_host = %ADMIN_HOST%
admin_host = 0.0.0.0
# Port the bind the Admin API server to
admin_port = 35357

@ -0,0 +1,61 @@
#!/bin/bash
# From commit 30439a6dc4
# This was added (so that it dies on errors)
set -o errexit
BIN_DIR=${BIN_DIR:-.}
# Tenants
$BIN_DIR/keystone-manage tenant add admin
$BIN_DIR/keystone-manage tenant add demo
$BIN_DIR/keystone-manage tenant add invisible_to_admin
# Users
$BIN_DIR/keystone-manage user add admin %ADMIN_PASSWORD%
$BIN_DIR/keystone-manage user add demo %ADMIN_PASSWORD%
# Roles
$BIN_DIR/keystone-manage role add admin
$BIN_DIR/keystone-manage role add Member
$BIN_DIR/keystone-manage role add KeystoneAdmin
$BIN_DIR/keystone-manage role add KeystoneServiceAdmin
$BIN_DIR/keystone-manage role add sysadmin
$BIN_DIR/keystone-manage role add netadmin
$BIN_DIR/keystone-manage role grant admin admin admin
$BIN_DIR/keystone-manage role grant Member demo demo
$BIN_DIR/keystone-manage role grant sysadmin demo demo
$BIN_DIR/keystone-manage role grant netadmin demo demo
$BIN_DIR/keystone-manage role grant Member demo invisible_to_admin
$BIN_DIR/keystone-manage role grant admin admin demo
$BIN_DIR/keystone-manage role grant admin admin
$BIN_DIR/keystone-manage role grant KeystoneAdmin admin
$BIN_DIR/keystone-manage role grant KeystoneServiceAdmin admin
# Services
$BIN_DIR/keystone-manage service add nova compute "Nova Compute Service"
$BIN_DIR/keystone-manage service add ec2 ec2 "EC2 Compatability Layer"
$BIN_DIR/keystone-manage service add glance image "Glance Image Service"
$BIN_DIR/keystone-manage service add keystone identity "Keystone Identity Service"
if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
$BIN_DIR/keystone-manage service add swift object-store "Swift Service"
fi
#endpointTemplates
$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova http://%SERVICE_HOST%:8774/v1.1/%tenant_id% http://%SERVICE_HOST%:8774/v1.1/%tenant_id% http://%SERVICE_HOST%:8774/v1.1/%tenant_id% 1 1
$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne ec2 http://%SERVICE_HOST%:8773/services/Cloud http://%SERVICE_HOST%:8773/services/Admin http://%SERVICE_HOST%:8773/services/Cloud 1 1
$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://%SERVICE_HOST%:9292/v1 http://%SERVICE_HOST%:9292/v1 http://%SERVICE_HOST%:9292/v1 1 1
$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone %KEYSTONE_SERVICE_PROTOCOL%://%KEYSTONE_SERVICE_HOST%:%KEYSTONE_SERVICE_PORT%/v2.0 %KEYSTONE_AUTH_PROTOCOL%://%KEYSTONE_AUTH_HOST%:%KEYSTONE_AUTH_PORT%/v2.0 %KEYSTONE_SERVICE_PROTOCOL%://%KEYSTONE_SERVICE_HOST%:%KEYSTONE_SERVICE_PORT%/v2.0 1 1
if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%SERVICE_HOST%:8080/v1/AUTH_%tenant_id% http://%SERVICE_HOST%:8080/ http://%SERVICE_HOST%:8080/v1/AUTH_%tenant_id% 1 1
fi
# Tokens
$BIN_DIR/keystone-manage token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00
# EC2 related creds - note we are setting the secret key to ADMIN_PASSWORD
# but keystone doesn't parse them - it is just a blob from keystone's
# point of view
$BIN_DIR/keystone-manage credentials add admin EC2 'admin' '%ADMIN_PASSWORD%' admin || echo "no support for adding credentials"
$BIN_DIR/keystone-manage credentials add demo EC2 'demo' '%ADMIN_PASSWORD%' demo || echo "no support for adding credentials"

@ -30,7 +30,9 @@ LOG = logging.getLogger("devstack.components.glance")
TYPE = settings.GLANCE
API_CONF = "glance-api.conf"
REG_CONF = "glance-registry.conf"
CONFIGS = [API_CONF, REG_CONF]
API_PASTE_CONF = 'glance-api-paste.ini'
REG_PASTE_CONF = 'glance-registry-paste.ini'
CONFIGS = [API_CONF, REG_CONF, API_PASTE_CONF, REG_PASTE_CONF]
DB_NAME = "glance"
CFG_SECTION = 'DEFAULT'

@ -29,20 +29,19 @@ TYPE = settings.KEYSTONE
ROOT_CONF = "keystone.conf"
CONFIGS = [ROOT_CONF]
BIN_DIR = "bin"
CONFIG_DIR = "config"
CONFIG_DIR = "etc"
DB_NAME = "keystone"
CFG_SECTION = 'DEFAULT'
MANAGE_JSON_CONF = 'keystone-manage-cmds.json'
MANAGER_NAME = 'keystone-manage'
MANAGE_DATA_CONF = 'keystone_data.sh'
MANAGER_CMD = [sh.joinpths("/", "bin", 'bash')]
#what to start
APP_OPTIONS = {
'keystone': ['--config-file', sh.joinpths('%ROOT%', "config", ROOT_CONF), "--verbose"],
'keystone': ['-c', sh.joinpths('%ROOT%', CONFIG_DIR, ROOT_CONF),
"--verbose", '-d',
'--log-config=' + sh.joinpths('%ROOT%', CONFIG_DIR, 'logging.cnf')]
}
#how we invoke the manage command
KEYSTONE_MNG_CMD = [sh.joinpths("%BIN_DIR%", MANAGER_NAME), '--config-file=%CONFIG_FILE%']
class KeystoneUninstaller(comp.PythonUninstallComponent):
def __init__(self, *args, **kargs):
@ -81,57 +80,21 @@ class KeystoneInstaller(comp.PythonInstallComponent):
db.create_db(self.cfg, DB_NAME)
def _setup_data(self):
#load the json file which has the keystone setup commands
cmds_pth = sh.joinpths(settings.STACK_CONFIG_DIR, TYPE, MANAGE_JSON_CONF)
cmd_map = utils.load_json(cmds_pth)
#order matters here
base_cmds = list()
tenant_cmds = cmd_map.get('tenants', list())
base_cmds.extend(tenant_cmds)
user_cmds = cmd_map.get('users', list())
base_cmds.extend(user_cmds)
role_cmds = cmd_map.get('roles', list())
base_cmds.extend(role_cmds)
token_cmds = cmd_map.get('tokens', list())
base_cmds.extend(token_cmds)
service_cmds = cmd_map.get('services', list())
base_cmds.extend(service_cmds)
endpoint_cmds = cmd_map.get('endpoints', list())
base_cmds.extend(endpoint_cmds)
if(settings.GLANCE in self.instances):
glance_cmds = cmd_map.get('glance', list())
base_cmds.extend(glance_cmds)
if(settings.NOVA in self.instances):
nova_cmds = cmd_map.get('nova', list())
base_cmds.extend(nova_cmds)
if(settings.SWIFT in self.instances):
swift_cmds = cmd_map.get('swift', list())
base_cmds.extend(swift_cmds)
#the above commands are only templates
#now we fill in the actual application that will run it
full_cmds = list()
for cmd in base_cmds:
if(cmd):
actual_cmd = KEYSTONE_MNG_CMD + cmd
full_cmds.append({
'cmd': actual_cmd,
})
LOG.info("Running (%s) %s commands to setup keystone." % (len(full_cmds), MANAGER_NAME))
if(len(full_cmds)):
#execute as templates with replacements coming from the given map
params = self._get_param_map(MANAGE_JSON_CONF)
utils.execute_template(*full_cmds, params=params, ignore_missing=True)
# TODO clean this up once it works
src_fn = sh.joinpths(settings.STACK_CONFIG_DIR, TYPE, MANAGE_DATA_CONF)
contents = sh.load_file(src_fn)
params = self._get_param_map(MANAGE_DATA_CONF)
contents = utils.param_replace(contents, params, True)
tgt_fn = sh.joinpths(self.bindir, MANAGE_DATA_CONF)
sh.write_file(tgt_fn, contents)
# This environment additions are important
# in that they eventually affect how keystone-manage runs so make sure its set.
env = dict()
env['ENABLED_SERVICES'] = ",".join(self.instances.keys())
env['BIN_DIR'] = self.bindir
setup_cmd = MANAGER_CMD + [tgt_fn]
LOG.info("Running (%s) command to setup keystone." % (" ".join(setup_cmd)))
sh.execute(*setup_cmd, env_overrides=env)
def _config_adjust(self, contents, name):
if(name not in CONFIGS):
@ -167,12 +130,10 @@ class KeystoneInstaller(comp.PythonInstallComponent):
mp['SQL_CONN'] = self.cfg.get_dbdsn(DB_NAME)
mp['SERVICE_HOST'] = host_ip
mp['ADMIN_HOST'] = host_ip
elif(config_fn == MANAGE_JSON_CONF):
elif(config_fn == MANAGE_DATA_CONF):
host_ip = self.cfg.get('host', 'ip')
mp['ADMIN_PASSWORD'] = self.cfg.get('passwords', 'horizon_keystone_admin')
mp['SERVICE_HOST'] = host_ip
mp['BIN_DIR'] = self.bindir
mp['CONFIG_FILE'] = sh.joinpths(self.cfgdir, ROOT_CONF)
mp.update(get_shared_params(self.cfg))
else:
mp['DEST'] = self.appdir