From afa09086ccfff5fda87eef78346212bb361523a4 Mon Sep 17 00:00:00 2001 From: James Page Date: Mon, 21 Nov 2016 15:07:30 +0000 Subject: [PATCH] Baseline standalone snap --- .gitignore | 5 +++ conf/etc/keystone/keystone.conf | 6 +++ conf/snap-openstack.yaml | 25 +++++++++++ conf/templates/admin.ini.j2 | 12 ++++++ conf/templates/keystone-snap.conf.j2 | 11 +++++ conf/templates/public.ini.j2 | 12 ++++++ snapcraft.yaml | 63 ++++++++++++++++++++++++++++ 7 files changed, 134 insertions(+) create mode 100644 .gitignore create mode 100644 conf/etc/keystone/keystone.conf create mode 100644 conf/snap-openstack.yaml create mode 100644 conf/templates/admin.ini.j2 create mode 100644 conf/templates/keystone-snap.conf.j2 create mode 100644 conf/templates/public.ini.j2 create mode 100644 snapcraft.yaml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..07ee36e --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +parts +prime +stage +*.snap +.tox diff --git a/conf/etc/keystone/keystone.conf b/conf/etc/keystone/keystone.conf new file mode 100644 index 0000000..f170604 --- /dev/null +++ b/conf/etc/keystone/keystone.conf @@ -0,0 +1,6 @@ +# Snap distribution defaults - do not change, override in $SNAP_COMMON/etc/keystone.conf.d +[DEFAULT] +secure_proxy_ssl_header = HTTP_X_FORWARDED_PROTO + +[database] +max_retries = -1 diff --git a/conf/snap-openstack.yaml b/conf/snap-openstack.yaml new file mode 100644 index 0000000..be79c44 --- /dev/null +++ b/conf/snap-openstack.yaml @@ -0,0 +1,25 @@ +setup: + dirs: + - "{snap_common}/etc/keystone.conf.d" + - "{snap_common}/etc/keystone" + - "{snap_common}/etc/uwsgi" + - "{snap_common}/log" + - "{snap_common}/lock" + - "{snap_common}/run" + - "{snap_common}/fernet-keys" + templates: + "keystone-snap.conf.j2": "{snap_common}/etc/keystone.conf.d/keystone-snap.conf" + "admin.ini.j2": "{snap_common}/etc/uwsgi/admin.ini" + "public.ini.j2": "{snap_common}/etc/uwsgi/public.ini" +entry_points: + keystone-manage: + binary: keystone-manage + config-files: + - "{snap}/etc/keystone/keystone.conf" + - "{snap_common}/etc/keystone/keystone.conf" + config-dirs: + - "{snap_common}/etc/keystone.conf.d" + keystone-api: + type: uwsgi + uwsgi-dir: "{snap_common}/etc/uwsgi" + log-file: "{snap_common}/log/keystone.log" diff --git a/conf/templates/admin.ini.j2 b/conf/templates/admin.ini.j2 new file mode 100644 index 0000000..199e25d --- /dev/null +++ b/conf/templates/admin.ini.j2 @@ -0,0 +1,12 @@ +[uwsgi] +wsgi-file = {{ snap }}/bin/keystone-wsgi-admin +uwsgi-socket = {{ snap_common }}/run/keystone-admin.sock +buffer-size = 65535 +http = 0.0.0.0:35357 +master = true +enable-threads = true +processes = 4 +thunder-lock = true +plugins = python +lazy-apps = true +pyargv = --config-file={{ snap }}/etc/keystone/keystone.conf --config-dir={{ snap_common }}/etc/keystone.conf.d diff --git a/conf/templates/keystone-snap.conf.j2 b/conf/templates/keystone-snap.conf.j2 new file mode 100644 index 0000000..8e30e13 --- /dev/null +++ b/conf/templates/keystone-snap.conf.j2 @@ -0,0 +1,11 @@ +[DEFAULT] +# Set state path to writable directory +state_path = {{ snap_common }} + +[oslo_concurrency] +# Oslo Concurrency lock path +lock_path = {{ snap_common }}/lock + +[fernet_tokens] +# Fernet key repository +key_repository = {{ snap_common }}/fernet-keys diff --git a/conf/templates/public.ini.j2 b/conf/templates/public.ini.j2 new file mode 100644 index 0000000..90d6d14 --- /dev/null +++ b/conf/templates/public.ini.j2 @@ -0,0 +1,12 @@ +[uwsgi] +wsgi-file = {{ snap }}/bin/keystone-wsgi-public +uwsgi-socket = {{ snap_common }}/run/keystone-public.sock +buffer-size = 65535 +http = 0.0.0.0:5000 +master = true +enable-threads = true +processes = 4 +thunder-lock = true +plugins = python +lazy-apps = true +pyargv = --config-file={{ snap }}/etc/keystone/keystone.conf --config-dir={{ snap_common }}/etc/keystone.conf.d diff --git a/snapcraft.yaml b/snapcraft.yaml new file mode 100644 index 0000000..11c1742 --- /dev/null +++ b/snapcraft.yaml @@ -0,0 +1,63 @@ +name: keystone +version: ocata +summary: OpenStack Identity Service (keystone) +description: | + Keystone provides authentication, authorization and service discovery + mechanisms via HTTP primarily for use by projects in the OpenStack + family. It is most commonly deployed as an HTTP interface to existing + identity systems, such as LDAP. +confinement: strict +grade: devel + +apps: + uwsgi: + command: snap-openstack keystone-api + daemon: simple + plugs: + - network + - network-bind + manage: + command: snap-openstack keystone-manage + plugs: + - network + +parts: + keystone: + plugin: python + python-version: python2 + source: http://tarballs.openstack.org/keystone/keystone-master.tar.gz + python-packages: + - pymysql + - uwsgi + - git+https://github.com/openstack-snaps/snap.openstack#egg=snap.openstack + constraints: https://raw.githubusercontent.com/openstack/requirements/master/upper-constraints.txt + build-packages: + - libffi-dev + - libssl-dev + - libxml2-dev + - libxslt1-dev + - pkg-config + - gcc + templates: + after: + - keystone + plugin: dump + source: conf + config: + after: + - keystone + plugin: dump + source: http://tarballs.openstack.org/keystone/keystone-master.tar.gz + organize: + etc/*.conf: etc/keystone/ + etc/*.ini: etc/keystone/ + etc/*.json: etc/keystone/ + etc/*.templates: etc/keystone/ + filesets: + etc: + - etc/keystone/*.conf + - etc/keystone/*.ini + - etc/keystone/*.json + - etc/keystone/*.templates + stage: [$etc] + snap: [$etc]