Browse code
Enables keystone-enabled Quantum in devstack.
Fixes bug 1028075.
Whether keystone is enabled for Quantum is determined according to Q_AUTH_STRATEGY.
* 'keystone' (default): Enables authN with keystone for Quantum
* 'noauth': No authN used by Quantum.
Change-Id: Icfc77089e085b43e97601869d9c61c9f4da1164b
Akihiro MOTOKI authored on 2012/07/25 17:53:40Showing 1 changed files
| ... | ... |
@@ -1075,17 +1075,9 @@ if is_service_enabled q-svc; then |
| 1075 | 1075 |
Q_API_PASTE_FILE=/etc/quantum/api-paste.ini |
| 1076 | 1076 |
Q_POLICY_FILE=/etc/quantum/policy.json |
| 1077 | 1077 |
|
| 1078 |
- if [[ -e $QUANTUM_DIR/etc/quantum.conf ]]; then |
|
| 1079 |
- sudo cp $QUANTUM_DIR/etc/quantum.conf $Q_CONF_FILE |
|
| 1080 |
- fi |
|
| 1081 |
- |
|
| 1082 |
- if [[ -e $QUANTUM_DIR/etc/api-paste.ini ]]; then |
|
| 1083 |
- sudo cp $QUANTUM_DIR/etc/api-paste.ini $Q_API_PASTE_FILE |
|
| 1084 |
- fi |
|
| 1085 |
- |
|
| 1086 |
- if [[ -e $QUANTUM_DIR/etc/policy.json ]]; then |
|
| 1087 |
- sudo cp $QUANTUM_DIR/etc/policy.json $Q_POLICY_FILE |
|
| 1088 |
- fi |
|
| 1078 |
+ cp $QUANTUM_DIR/etc/quantum.conf $Q_CONF_FILE |
|
| 1079 |
+ cp $QUANTUM_DIR/etc/api-paste.ini $Q_API_PASTE_FILE |
|
| 1080 |
+ cp $QUANTUM_DIR/etc/policy.json $Q_POLICY_FILE |
|
| 1089 | 1081 |
|
| 1090 | 1082 |
if is_service_enabled mysql; then |
| 1091 | 1083 |
mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e "DROP DATABASE IF EXISTS $Q_DB_NAME;" |
| ... | ... |
@@ -1096,7 +1088,16 @@ if is_service_enabled q-svc; then |
| 1096 | 1096 |
fi |
| 1097 | 1097 |
|
| 1098 | 1098 |
# Update either configuration file with plugin |
| 1099 |
- sudo sed -i -e "s/^core_plugin =.*$/core_plugin = $Q_PLUGIN_CLASS/g" $Q_CONF_FILE |
|
| 1099 |
+ iniset $Q_CONF_FILE DEFAULT core_plugin $Q_PLUGIN_CLASS |
|
| 1100 |
+ |
|
| 1101 |
+ iniset $Q_CONF_FILE DEFAULT auth_strategy $Q_AUTH_STRATEGY |
|
| 1102 |
+ iniset $Q_API_PASTE_FILE filter:authtoken auth_host $KEYSTONE_SERVICE_HOST |
|
| 1103 |
+ iniset $Q_API_PASTE_FILE filter:authtoken auth_port $KEYSTONE_AUTH_PORT |
|
| 1104 |
+ iniset $Q_API_PASTE_FILE filter:authtoken auth_protocol $KEYSTONE_SERVICE_PROTOCOL |
|
| 1105 |
+ iniset $Q_API_PASTE_FILE filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 1106 |
+ iniset $Q_API_PASTE_FILE filter:authtoken admin_user $Q_ADMIN_USERNAME |
|
| 1107 |
+ iniset $Q_API_PASTE_FILE filter:authtoken admin_password $SERVICE_PASSWORD |
|
| 1108 |
+ |
|
| 1100 | 1109 |
screen_it q-svc "cd $QUANTUM_DIR && python $QUANTUM_DIR/bin/quantum-server --config-file $Q_CONF_FILE --config-file /$Q_PLUGIN_CONF_FILE" |
| 1101 | 1110 |
fi |
| 1102 | 1111 |
|
| ... | ... |
@@ -2069,10 +2070,10 @@ if is_service_enabled mysql && is_service_enabled nova; then |
| 2069 | 2069 |
TENANT_ID=$(keystone tenant-list | grep " demo " | get_field 1) |
| 2070 | 2070 |
|
| 2071 | 2071 |
# Create a small network |
| 2072 |
- NET_ID=$(quantum net-create --os_token $Q_ADMIN_USERNAME --os_url http://$Q_HOST:$Q_PORT --tenant_id $TENANT_ID net1 | grep ' id ' | get_field 2) |
|
| 2073 |
- |
|
| 2074 |
- # Create a subnet |
|
| 2075 |
- quantum subnet-create --os_token $Q_ADMIN_USERNAME --os_url http://$Q_HOST:$Q_PORT --tenant_id $TENANT_ID --ip_version 4 --gateway $NETWORK_GATEWAY $NET_ID $FIXED_RANGE |
|
| 2072 |
+ # Since quantum command is executed in admin context at this point, |
|
| 2073 |
+ # --tenant_id needs to be specified. |
|
| 2074 |
+ NET_ID=$(quantum net-create --tenant_id $TENANT_ID net1 | grep ' id ' | get_field 2) |
|
| 2075 |
+ quantum subnet-create --tenant_id $TENANT_ID --ip_version 4 --gateway $NETWORK_GATEWAY $NET_ID $FIXED_RANGE |
|
| 2076 | 2076 |
fi |
| 2077 | 2077 |
fi |
| 2078 | 2078 |
|