Update DevStack plugin after Keystone auth params improvement
This include some other imporvements, like for example tobiko.log file configuration, and making plugin more configurable. Change-Id: I7cc36845de419fa963548ed381f26152cc8267a8
This commit is contained in:
Federico Ressi
parent
7aaab7fb57
commit
c367511145
|
|
@ -97,7 +97,8 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
|
|||
libvirt.memory = MEMORY
|
||||
end
|
||||
|
||||
config.vm.synced_folder ".", "/vagrant", type: "rsync"
|
||||
config.vm.synced_folder ".", "/vagrant", type: "rsync",
|
||||
rsync__exclude: ".tox/"
|
||||
|
||||
# View the documentation for the provider you are using for more
|
||||
# information on available options.
|
||||
|
|
|
|||
|
|
@ -10,100 +10,131 @@ function install_tobiko {
|
|||
|
||||
|
||||
function configure_tobiko {
|
||||
#Setup an ssh key
|
||||
local nova_key_file=${TOBIKO_NOVA_KEY_FILE:-~/.ssh/id_rsa}
|
||||
if ! [ -r "${nova_key_file}" ]; then
|
||||
ssh-keygen -t rsa -q -P "" -f "${nova_key_file}"
|
||||
fi
|
||||
# Write configuration to a new temporary file
|
||||
local tobiko_conf=$(mktemp)
|
||||
if [ -f "${TOBIKO_CONF}" ]; then
|
||||
local tobiko_config=$(mktemp)
|
||||
if [ -f "${TOBIKO_CONFIG}" ]; then
|
||||
# Start from existing tobiko.conf file
|
||||
cp "${TOBIKO_CONF}" "${tobiko_conf}"
|
||||
cp "${TOBIKO_CONFIG}" "${tobiko_config}"
|
||||
fi
|
||||
|
||||
# See ``lib/keystone`` where these users and tenants are set up
|
||||
configure_keystone_credentials
|
||||
configure_tobiko_default "${tobiko_config}"
|
||||
configure_tobiko_keystone "${tobiko_config}"
|
||||
configure_tobiko_nova "${tobiko_config}"
|
||||
configure_tobiko_neutron "${tobiko_config}"
|
||||
|
||||
echo_summary "Write compute service options to ${TOBIKO_CONF}"
|
||||
iniset "${tobiko_conf}" nova image "$(get_image)"
|
||||
iniset "${tobiko_conf}" nova flavor "$(get_flavor)"
|
||||
iniset "${tobiko_conf}" nova key_file "${nova_key_file}"
|
||||
echo_summary "Apply changes to actual ${TOBIKO_CONFIG} file."
|
||||
sudo mkdir -p $(dirname "${TOBIKO_CONFIG}")
|
||||
sudo mv "${tobiko_config}" "${TOBIKO_CONFIG}"
|
||||
sudo chmod ugo+r "${TOBIKO_CONFIG}"
|
||||
|
||||
echo_summary "Write networking options to ${TOBIKO_CONF}"
|
||||
iniset "${tobiko_conf}" neutron floating_network \
|
||||
"$(get_floating_network)"
|
||||
|
||||
echo_summary "Apply changes to ${TOBIKO_CONF} file."
|
||||
sudo mkdir -p $(dirname "${TOBIKO_CONF}")
|
||||
sudo cp "${tobiko_conf}" "${TOBIKO_CONF}"
|
||||
sudo chmod ugo+r "${TOBIKO_CONF}"
|
||||
echo "${TOBIKO_CONFIG} file content:"
|
||||
echo --------------------------------
|
||||
cat "${TOBIKO_CONFIG}"
|
||||
echo --------------------------------
|
||||
}
|
||||
|
||||
|
||||
function get_keystone_auth_url {
|
||||
echo "${KEYSTONE_AUTH_URI_V3:-${KEYSTONE_AUTH_URI/v2.0}}"
|
||||
function configure_tobiko_default {
|
||||
echo_summary "Write [DEFAULT] section to ${TOBIKO_CONFIG}"
|
||||
local tobiko_config=$1
|
||||
|
||||
setup_logging "${tobiko_config}"
|
||||
iniset ${tobiko_config} DEFAULT log_dir "${TOBIKO_LOG_DIR}"
|
||||
iniset ${tobiko_config} DEFAULT log_file "${TOBIKO_LOG_FILE}"
|
||||
iniset ${tobiko_config} DEFAULT debug "${TOBIKO_DEBUG}"
|
||||
}
|
||||
|
||||
function configure_tobiko_keystone {
|
||||
echo_summary "Write [keystone] section to ${TOBIKO_CONFIG}"
|
||||
local tobiko_config=$1
|
||||
|
||||
function get_image {
|
||||
local name=${DEFAULT_IMAGE_NAME:-}
|
||||
if [ "${name}" != "" ]; then
|
||||
openstack image show -f value -c id "${name}"
|
||||
local api_version=${IDENTITY_API_VERSION}
|
||||
if [ "${api_version}" == '2']; then
|
||||
local auth_url=${KEYSTONE_AUTH_URI/v2.0}
|
||||
else
|
||||
openstack image list --limit 1 -f value -c ID --public --status active
|
||||
local auth_url=${KEYSTONE_AUTH_URI_V3:-${KEYSTONE_AUTH_URI/v3}}
|
||||
fi
|
||||
|
||||
local project_id=$(get_or_create_project \
|
||||
"${TOBIKO_KEYSTONE_PROJECT_NAME}" \
|
||||
"${TOBIKO_KEYSTONE_PROJECT_DOMAIN_NAME}")
|
||||
|
||||
local user_id=$(get_or_create_user \
|
||||
"${TOBIKO_KEYSTONE_USERNAME}" \
|
||||
"${TOBIKO_KEYSTONE_PASSWORD}" \
|
||||
"${TOBIKO_KEYSTONE_USER_DOMAIN_NAME}")
|
||||
|
||||
local user_project_role_id=$(get_or_add_user_project_role \
|
||||
"${TOBIKO_KEYSTONE_USER_ROLE}" \
|
||||
"${user_id}" \
|
||||
"${project_id}")
|
||||
|
||||
local user_domain_role_id=$(get_or_add_user_domain_role \
|
||||
"${TOBIKO_KEYSTONE_USER_ROLE}" \
|
||||
"${user_id}" \
|
||||
"${TOBIKO_KEYSTONE_USER_DOMAIN_NAME}")
|
||||
|
||||
iniset "${tobiko_config}" keystone api_version "${api_version}"
|
||||
iniset "${tobiko_config}" keystone auth_url "${auth_url}"
|
||||
iniset "${tobiko_config}" keystone username "${TOBIKO_KEYSTONE_USERNAME}"
|
||||
iniset "${tobiko_config}" keystone password "${TOBIKO_KEYSTONE_PASSWORD}"
|
||||
iniset "${tobiko_config}" keystone project_name "${TOBIKO_KEYSTONE_PROJECT_NAME}"
|
||||
|
||||
if [ "${api_version}" != '2' ]; then
|
||||
iniset "${tobiko_config}" keystone domain_name "${TOBIKO_KEYSTONE_DOMAIN_NAME}"
|
||||
iniset "${tobiko_config}" keystone user_domain_name \
|
||||
"${TOBIKO_KEYSTONE_USER_DOMAIN_NAME}"
|
||||
iniset "${tobiko_config}" keystone project_domain_name \
|
||||
"${TOBIKO_KEYSTONE_PROJECT_DOMAIN_NAME}"
|
||||
iniset "${tobiko_config}" keystone trust_id "${TOBIKO_KEYSTONE_TRUST_ID}"
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
function configure_keystone_credentials {
|
||||
echo_summary "Write Keystone service options to ${TOBIKO_CONF}"
|
||||
iniset "${tobiko_conf}" keystone auth_url "$(get_keystone_auth_url)"
|
||||
function configure_tobiko_nova {
|
||||
echo_summary "Write [nova] section to ${TOBIKO_CONFIG}"
|
||||
local tobiko_config=$1
|
||||
|
||||
TOBIKO_PROJECT_ID=$(get_or_create_project \
|
||||
"${TOBIKO_KEYSTONE_PROJECT_NAME}" "${TOBIKO_KEYSTONE_PROJECT_DOMAIN_NAME}")
|
||||
|
||||
TOBIKO_USER_ID=$(get_or_create_user ${TOBIKO_KEYSTONE_USERNAME} \
|
||||
"${TOBIKO_KEYSTONE_PASSWORD}" "${TOBIKO_KEYSTONE_USER_DOMAIN_NAME}")
|
||||
|
||||
get_or_add_user_project_role "${TOBIKO_KEYSTONE_USER_ROLE}" \
|
||||
"${TOBIKO_USER_ID}" "${TOBIKO_PROJECT_ID}"
|
||||
|
||||
get_or_add_user_domain_role "${TOBIKO_KEYSTONE_USER_ROLE}" \
|
||||
"${TOBIKO_USER_ID}" "${TOBIKO_KEYSTONE_USER_DOMAIN_NAME}"
|
||||
|
||||
iniset "${tobiko_conf}" keystone username "${TOBIKO_KEYSTONE_USERNAME}"
|
||||
iniset "${tobiko_conf}" keystone password "${TOBIKO_KEYSTONE_PASSWORD}"
|
||||
iniset "${tobiko_conf}" keystone project_name "${TOBIKO_KEYSTONE_PROJECT_NAME}"
|
||||
iniset "${tobiko_conf}" keystone user_domain_name \
|
||||
"${TOBIKO_KEYSTONE_USER_DOMAIN_NAME}"
|
||||
iniset "${tobiko_conf}" keystone project_domain_name \
|
||||
"${TOBIKO_KEYSTONE_PROJECT_DOMAIN_NAME}"
|
||||
}
|
||||
|
||||
function get_flavor {
|
||||
local name=${DEFAULT_INSTANCE_TYPE:-}
|
||||
if [ "${name}" != "" ]; then
|
||||
openstack flavor show -f value -c id "${name}"
|
||||
# Write image ID
|
||||
local image_name=${TOBIKO_NOVA_IMAGE:-}
|
||||
if [ "${image_name}" != "" ]; then
|
||||
local image_id=$(openstack image show -f value -c id "${image_name}")
|
||||
else
|
||||
openstack flavor list --limit 1 -f value -c ID --public
|
||||
local image_id=$(openstack image list --limit 1 -f value -c ID --public --status active)
|
||||
fi
|
||||
iniset "${tobiko_config}" nova image "${image_id}"
|
||||
|
||||
# Write flavor ID
|
||||
local flavor_name=${TOBIKO_NOVA_FLAVOR:-}
|
||||
if [ "${flavor_name}" != "" ]; then
|
||||
local flavor_id=$(openstack flavor show -f value -c id "${flavor_name}")
|
||||
else
|
||||
local flavor_id=$(openstack flavor list --limit 1 -f value -c ID --public)
|
||||
fi
|
||||
iniset "${tobiko_config}" nova flavor "${flavor_id}"
|
||||
|
||||
# Write key_file
|
||||
local key_file=${TOBIKO_NOVA_KEY_FILE:-}
|
||||
if ! [ -r "${key_file}" ]; then
|
||||
ssh-keygen -t rsa -q -P "" -f "${key_file}"
|
||||
fi
|
||||
iniset "${tobiko_config}" nova key_file "${key_file}"
|
||||
}
|
||||
|
||||
|
||||
function get_floating_network {
|
||||
# the public network (for floating ip access) is only available
|
||||
# if the extension is enabled.
|
||||
# If NEUTRON_CREATE_INITIAL_NETWORKS is not true, there is no network created
|
||||
# and the public_network_id should not be set.
|
||||
local name=${PUBLIC_NETWORK_NAME:-}
|
||||
if [ "${name}" != "" ]; then
|
||||
openstack network show -f value -c name "${name}"
|
||||
function configure_tobiko_neutron {
|
||||
echo_summary "Write [neutron] section to ${TOBIKO_CONFIG}"
|
||||
local tobiko_config=$1
|
||||
|
||||
# Write floating network
|
||||
local floating_network=${TOBIKO_NEUTRON_FLOATING_NETWORK}
|
||||
if [ "${floating_network}" != "" ]; then
|
||||
local floating_network=$(openstack network show -f value -c name "${floating_network}")
|
||||
else
|
||||
local networks=( $( openstack network list -f value -c Name --enable \
|
||||
--external) )
|
||||
echo "${networks[0]}"
|
||||
local networks=( $( openstack network list -f value -c Name --enable --external) )
|
||||
local floating_network=${networks[0]}
|
||||
fi
|
||||
iniset "${tobiko_config}" neutron floating_network "${floating_network}"
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,12 +1,32 @@
|
|||
GITREPO["tobiko"]=${TOBIKO_REPO:-${GIT_BASE}/openstack/tobiko.git}
|
||||
GITDIR["tobiko"]=$DEST/tobiko
|
||||
GITBRANCH["tobiko"]=master
|
||||
|
||||
TOBIKO_CONF=/etc/tobiko/tobiko.conf
|
||||
# --- General settings ----
|
||||
TOBIKO_REPO=${TOBIKO_REPO:-${GIT_BASE}/x/tobiko.git}
|
||||
GITREPO["tobiko"]=${TOBIKO_REPO}
|
||||
TOBIKO_VERSION=${TOBIKO_BRANCH:-master}
|
||||
GITBRANCH["tobiko"]=${TOBIKO_VERSION}
|
||||
TOBIKO_DIR=${TOBIKO_DIR:-${DEST}/tobiko}
|
||||
GITDIR["tobiko"]=${TOBIKO_DIR}
|
||||
|
||||
TOBIKO_KEYSTONE_USER_ROLE=${TOBIKO_KEYSTONE_USER_ROLE:-Member}
|
||||
TOBIKO_KEYSTONE_USERNAME=${TOBIKO_KEYSTONE_USERNAME:-admin}
|
||||
TOBIKO_KEYSTONE_PASSWORD=${TOBIKO_KEYSTONE_PASSWORD:-secret}
|
||||
TOBIKO_KEYSTONE_PROJECT_NAME=${TOBIKO_KEYSTONE_PROJECT_NAME:-admin}
|
||||
TOBIKO_KEYSTONE_USER_DOMAIN_NAME=${TOBIKO_KEYSTONE_USER_DOMAIN_NAME:-Default}
|
||||
TOBIKO_KEYSTONE_PROJECT_DOMAIN_NAME=${TOBIKO_KEYSTONE_PROJECT_DOMAIN_NAME:-Default}
|
||||
TOBIKO_CONFIG_DIR=${TEMPEST_CONFIG_DIR:-/etc/tobiko}
|
||||
TOBIKO_CONFIG=${TOBIKO_CONFIG:-${TOBIKO_CONFIG_DIR}/tobiko.conf}
|
||||
TOBIKO_DEBUG=${TOBIKO_DEBUG:-True}
|
||||
TOBIKO_LOG_DIR=${TOBIKO_LOG_DIR:-${LOGDIR:-}}
|
||||
TOBIKO_LOG_FILE=${TOBIKO_LOG_FILE:-tobiko.log}
|
||||
|
||||
# --- Keystone settings ---
|
||||
# See ``lib/keystone`` where these users and tenants are set up
|
||||
TOBIKO_KEYSTONE_USERNAME=${TOBIKO_KEYSTONE_USERNAME:-${ADMIN_USERNAME:-admin}}
|
||||
TOBIKO_KEYSTONE_PASSWORD=${TOBIKO_KEYSTONE_PASSWORD:-${ADMIN_PASSWORD:-secret}}
|
||||
TOBIKO_KEYSTONE_PROJECT_NAME=${TOBIKO_KEYSTONE_PROJECT_NAME:-${ADMIN_TENANT_NAME:-admin}}
|
||||
TOBIKO_KEYSTONE_USER_DOMAIN_NAME=${TOBIKO_KEYSTONE_USER_DOMAIN_NAME:-${ADMIN_DOMAIN_NAME:-Default}}
|
||||
TOBIKO_KEYSTONE_PROJECT_DOMAIN_NAME=${TOBIKO_KEYSTONE_PROJECT_DOMAIN_NAME:-${ADMIN_DOMAIN_NAME:-Default}}
|
||||
TOBIKO_KEYSTONE_TRUST_ID=${TOBIKO_KEYSTONE_TRUST_ID:-}
|
||||
TOBIKO_KEYSTONE_USER_ROLE=${TOBIKO_KEYSTONE_USER_ROLE:-admin}
|
||||
|
||||
# --- Nova settings ---
|
||||
TOBIKO_NOVA_IMAGE=${TOBIKO_NOVA_IMAGE:-${DEFAULT_IMAGE_NAME}}
|
||||
TOBIKO_NOVA_FLAVOR=${TOBIKO_NOVA_FLAVOR:-${DEFAULT_INSTANCE_TYPE}}
|
||||
TOBIKO_NOVA_KEY_FILE=${TOBIKO_NOVA_KEY_FILE:-~/.ssh/id_rsa}
|
||||
|
||||
# --- Neutron settings ---
|
||||
TOBIKO_NEUTRON_FLOATING_NETWORK=${TOBIKO_NEUTRON_FLOATING_NETWORK:-${PUBLIC_NETWORK_NAME}}
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ enable_plugin heat https://git.openstack.org/openstack/heat
|
|||
|
||||
# Configure Nova --------------------------------------------------------------
|
||||
|
||||
DEFAULT_INSTANCE_TYPE=ds512M
|
||||
# DEFAULT_INSTANCE_TYPE=ds512M
|
||||
|
||||
|
||||
# Configure Neutron -----------------------------------------------------------
|
||||
|
|
|
|||
|
|
@ -19,9 +19,9 @@
|
|||
devstack_localrc:
|
||||
USE_PYTHON3: true
|
||||
NETWORK_API_EXTENSIONS: address-scope,agent,allowed-address-pairs,auto-allocated-topology,availability_zone,binding,default-subnetpools,dhcp_agent_scheduler,dns-domain-ports,dns-integration,dvr,empty-string-filtering,ext-gw-mode,external-net,extra_dhcp_opt,extraroute,filter-validation,fip-port-details,flavors,ip-substring-filtering,l3-flavors,l3-ha,l3_agent_scheduler,logging,metering,multi-provider,net-mtu,net-mtu-writable,network-ip-availability,network_availability_zone,pagination,port-security,project-id,provider,qos,qos-bw-minimum-ingress,qos-fip,quotas,quota_details,rbac-policies,router,router_availability_zone,security-group,port-mac-address-regenerate,port-security-groups-filtering,segment,service-type,sorting,standard-attr-description,standard-attr-revisions,standard-attr-segment,standard-attr-timestamp,standard-attr-tag,subnet_allocation,trunk,trunk-details,uplink-status-propagation
|
||||
TOBIKO_KEYSTONE_USERNAME: tobiko
|
||||
TOBIKO_KEYSTONE_PASSWORD: secret_tobiko
|
||||
TOBIKO_KEYSTONE_PROJECT_NAME: tobiko
|
||||
# TOBIKO_KEYSTONE_USERNAME: tobiko
|
||||
# TOBIKO_KEYSTONE_PASSWORD: secret_tobiko
|
||||
# TOBIKO_KEYSTONE_PROJECT_NAME: tobiko
|
||||
devstack_plugins:
|
||||
heat: https://opendev.org/openstack/heat.git
|
||||
neutron: https://opendev.org/openstack/neutron.git
|
||||
|
|
|
|||
Loading…
Reference in New Issue