... | ... |
@@ -2052,6 +2052,11 @@ function is_ipv4_address { |
2052 | 2052 |
fi |
2053 | 2053 |
} |
2054 | 2054 |
|
2055 |
+# Remove "[]" around urlquoted IPv6 addresses |
|
2056 |
+function ipv6_unquote { |
|
2057 |
+ echo $1 | tr -d [] |
|
2058 |
+} |
|
2059 |
+ |
|
2055 | 2060 |
# Gracefully cp only if source file/dir exists |
2056 | 2061 |
# cp_it source destination |
2057 | 2062 |
function cp_it { |
... | ... |
@@ -67,7 +67,7 @@ CINDER_SERVICE_HOST=${CINDER_SERVICE_HOST:-$SERVICE_HOST} |
67 | 67 |
CINDER_SERVICE_PORT=${CINDER_SERVICE_PORT:-8776} |
68 | 68 |
CINDER_SERVICE_PORT_INT=${CINDER_SERVICE_PORT_INT:-18776} |
69 | 69 |
CINDER_SERVICE_PROTOCOL=${CINDER_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL} |
70 |
-CINDER_SERVICE_LISTEN_ADDRESS=${CINDER_SERVICE_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS} |
|
70 |
+CINDER_SERVICE_LISTEN_ADDRESS=${CINDER_SERVICE_LISTEN_ADDRESS:-$(ipv6_unquote $SERVICE_LISTEN_ADDRESS)} |
|
71 | 71 |
|
72 | 72 |
# What type of LVM device should Cinder use for LVM backend |
73 | 73 |
# Defaults to auto, which will do thin provisioning if it's a fresh |
... | ... |
@@ -93,7 +93,7 @@ function configure_database_mysql { |
93 | 93 |
|
94 | 94 |
# Change bind-address from localhost (127.0.0.1) to any (::) and |
95 | 95 |
# set default db type to InnoDB |
96 |
- iniset -sudo $my_conf mysqld bind-address "$SERVICE_LISTEN_ADDRESS" |
|
96 |
+ iniset -sudo $my_conf mysqld bind-address "$(ipv6_unquote $SERVICE_LISTEN_ADDRESS)" |
|
97 | 97 |
iniset -sudo $my_conf mysqld sql_mode TRADITIONAL |
98 | 98 |
iniset -sudo $my_conf mysqld default-storage-engine InnoDB |
99 | 99 |
iniset -sudo $my_conf mysqld max_connections 1024 |
... | ... |
@@ -65,7 +65,7 @@ fi |
65 | 65 |
|
66 | 66 |
# Glance connection info. Note the port must be specified. |
67 | 67 |
GLANCE_SERVICE_HOST=${GLANCE_SERVICE_HOST:-$SERVICE_HOST} |
68 |
-GLANCE_SERVICE_LISTEN_ADDRESS=${GLANCE_SERVICE_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS} |
|
68 |
+GLANCE_SERVICE_LISTEN_ADDRESS=${GLANCE_SERVICE_LISTEN_ADDRESS:-$(ipv6_unquote $SERVICE_LISTEN_ADDRESS)} |
|
69 | 69 |
GLANCE_SERVICE_PORT=${GLANCE_SERVICE_PORT:-9292} |
70 | 70 |
GLANCE_SERVICE_PORT_INT=${GLANCE_SERVICE_PORT_INT:-19292} |
71 | 71 |
GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$GLANCE_SERVICE_HOST:$GLANCE_SERVICE_PORT} |
... | ... |
@@ -151,7 +151,7 @@ function configure_glance { |
151 | 151 |
|
152 | 152 |
# Store specific configs |
153 | 153 |
iniset $GLANCE_API_CONF glance_store filesystem_store_datadir $GLANCE_IMAGE_DIR/ |
154 |
- iniset $GLANCE_API_CONF DEFAULT registry_host $GLANCE_SERVICE_HOST |
|
154 |
+ iniset $GLANCE_API_CONF DEFAULT registry_host $(ipv6_unquote $GLANCE_SERVICE_HOST) |
|
155 | 155 |
|
156 | 156 |
# CORS feature support - to allow calls from Horizon by default |
157 | 157 |
if [ -n "$GLANCE_CORS_ALLOWED_ORIGIN" ]; then |
... | ... |
@@ -217,7 +217,7 @@ function configure_glance { |
217 | 217 |
iniset $GLANCE_CACHE_CONF DEFAULT admin_tenant_name $SERVICE_PROJECT_NAME |
218 | 218 |
iniset $GLANCE_CACHE_CONF DEFAULT admin_user glance |
219 | 219 |
iniset $GLANCE_CACHE_CONF DEFAULT admin_password $SERVICE_PASSWORD |
220 |
- iniset $GLANCE_CACHE_CONF DEFAULT registry_host $GLANCE_SERVICE_HOST |
|
220 |
+ iniset $GLANCE_CACHE_CONF DEFAULT registry_host $(ipv6_unquote $GLANCE_SERVICE_HOST) |
|
221 | 221 |
|
222 | 222 |
# Store specific confs |
223 | 223 |
iniset $GLANCE_CACHE_CONF glance_store filesystem_store_datadir $GLANCE_IMAGE_DIR/ |
... | ... |
@@ -111,7 +111,7 @@ Q_HOST=${Q_HOST:-$SERVICE_HOST} |
111 | 111 |
# Default protocol |
112 | 112 |
Q_PROTOCOL=${Q_PROTOCOL:-$SERVICE_PROTOCOL} |
113 | 113 |
# Default listen address |
114 |
-Q_LISTEN_ADDRESS=${Q_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS} |
|
114 |
+Q_LISTEN_ADDRESS=${Q_LISTEN_ADDRESS:-$(ipv6_unquote $SERVICE_LISTEN_ADDRESS)} |
|
115 | 115 |
# Default admin username |
116 | 116 |
Q_ADMIN_USERNAME=${Q_ADMIN_USERNAME:-neutron} |
117 | 117 |
# Default auth strategy |
... | ... |
@@ -121,7 +121,7 @@ Q_OVS_USE_VETH=${Q_OVS_USE_VETH:-False} |
121 | 121 |
Q_USE_ROOTWRAP=${Q_USE_ROOTWRAP:-True} |
122 | 122 |
Q_USE_ROOTWRAP_DAEMON=$(trueorfalse True Q_USE_ROOTWRAP_DAEMON) |
123 | 123 |
# Meta data IP |
124 |
-Q_META_DATA_IP=${Q_META_DATA_IP:-$SERVICE_HOST} |
|
124 |
+Q_META_DATA_IP=${Q_META_DATA_IP:-$(ipv6_unquote $SERVICE_HOST)} |
|
125 | 125 |
# Allow Overlapping IP among subnets |
126 | 126 |
Q_ALLOW_OVERLAPPING_IP=${Q_ALLOW_OVERLAPPING_IP:-True} |
127 | 127 |
Q_NOTIFY_NOVA_PORT_STATUS_CHANGES=${Q_NOTIFY_NOVA_PORT_STATUS_CHANGES:-True} |
... | ... |
@@ -92,7 +92,7 @@ NOVA_SERVICE_PORT=${NOVA_SERVICE_PORT:-8774} |
92 | 92 |
NOVA_SERVICE_PORT_INT=${NOVA_SERVICE_PORT_INT:-18774} |
93 | 93 |
NOVA_SERVICE_PROTOCOL=${NOVA_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL} |
94 | 94 |
NOVA_SERVICE_LOCAL_HOST=${NOVA_SERVICE_LOCAL_HOST:-$SERVICE_LOCAL_HOST} |
95 |
-NOVA_SERVICE_LISTEN_ADDRESS=${NOVA_SERVICE_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS} |
|
95 |
+NOVA_SERVICE_LISTEN_ADDRESS=${NOVA_SERVICE_LISTEN_ADDRESS:-$(ipv6_unquote $SERVICE_LISTEN_ADDRESS)} |
|
96 | 96 |
METADATA_SERVICE_PORT=${METADATA_SERVICE_PORT:-8775} |
97 | 97 |
|
98 | 98 |
# Option to enable/disable config drive |
... | ... |
@@ -518,7 +518,7 @@ function create_nova_conf { |
518 | 518 |
iniset $NOVA_CONF upgrade_levels compute "auto" |
519 | 519 |
|
520 | 520 |
write_uwsgi_config "$NOVA_UWSGI_CONF" "$NOVA_UWSGI" "/compute" |
521 |
- write_uwsgi_config "$NOVA_METADATA_UWSGI_CONF" "$NOVA_METADATA_UWSGI" "" ":${METADATA_SERVICE_PORT}" |
|
521 |
+ write_uwsgi_config "$NOVA_METADATA_UWSGI_CONF" "$NOVA_METADATA_UWSGI" "" "$SERVICE_LISTEN_ADDRESS:${METADATA_SERVICE_PORT}" |
|
522 | 522 |
|
523 | 523 |
if is_service_enabled ceilometer; then |
524 | 524 |
iniset $NOVA_CONF DEFAULT instance_usage_audit "True" |
... | ... |
@@ -55,7 +55,7 @@ SWIFT_SERVICE_PROTOCOL=${SWIFT_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL} |
55 | 55 |
SWIFT_DEFAULT_BIND_PORT=${SWIFT_DEFAULT_BIND_PORT:-8080} |
56 | 56 |
SWIFT_DEFAULT_BIND_PORT_INT=${SWIFT_DEFAULT_BIND_PORT_INT:-8081} |
57 | 57 |
SWIFT_SERVICE_LOCAL_HOST=${SWIFT_SERVICE_LOCAL_HOST:-$SERVICE_LOCAL_HOST} |
58 |
-SWIFT_SERVICE_LISTEN_ADDRESS=${SWIFT_SERVICE_LISTEN_ADDRESS:-$SERVICE_LISTEN_ADDRESS} |
|
58 |
+SWIFT_SERVICE_LISTEN_ADDRESS=${SWIFT_SERVICE_LISTEN_ADDRESS:-$(ipv6_unquote $SERVICE_LISTEN_ADDRESS)} |
|
59 | 59 |
|
60 | 60 |
# TODO: add logging to different location. |
61 | 61 |
|
... | ... |
@@ -37,7 +37,7 @@ |
37 | 37 |
|
38 | 38 |
if is_service_enabled tls-proxy; then |
39 | 39 |
# TODO(dtroyer): revisit this below after the search for HOST_IP has been done |
40 |
- TLS_IP=${TLS_IP:-$SERVICE_IP} |
|
40 |
+ TLS_IP=${TLS_IP:-$(ipv6_unquote $SERVICE_HOST)} |
|
41 | 41 |
fi |
42 | 42 |
|
43 | 43 |
DEVSTACK_HOSTNAME=$(hostname -f) |
... | ... |
@@ -67,9 +67,9 @@ function configure_CA { |
67 | 67 |
# build common config file |
68 | 68 |
|
69 | 69 |
# Verify ``TLS_IP`` is good |
70 |
- if [[ -n "$HOST_IP" && "$HOST_IP" != "$TLS_IP" ]]; then |
|
70 |
+ if [[ -n "$SERVICE_HOST" && "$(ipv6_unquote $SERVICE_HOST)" != "$TLS_IP" ]]; then |
|
71 | 71 |
# auto-discover has changed the IP |
72 |
- TLS_IP=$HOST_IP |
|
72 |
+ TLS_IP=$(ipv6_unquote $SERVICE_HOST) |
|
73 | 73 |
fi |
74 | 74 |
} |
75 | 75 |
|
... | ... |
@@ -228,6 +228,7 @@ function init_cert { |
228 | 228 |
if [[ ! -r $DEVSTACK_CERT ]]; then |
229 | 229 |
if [[ -n "$TLS_IP" ]]; then |
230 | 230 |
# Lie to let incomplete match routines work |
231 |
+ # see https://bugs.python.org/issue23239 |
|
231 | 232 |
TLS_IP="DNS:$TLS_IP,IP:$TLS_IP" |
232 | 233 |
fi |
233 | 234 |
make_cert $INT_CA_DIR $DEVSTACK_CERT_NAME $DEVSTACK_HOSTNAME "$TLS_IP" |
... | ... |
@@ -246,11 +247,6 @@ function make_cert { |
246 | 246 |
local alt_names=$4 |
247 | 247 |
|
248 | 248 |
if [ "$common_name" != "$SERVICE_HOST" ]; then |
249 |
- if [[ -z "$alt_names" ]]; then |
|
250 |
- alt_names="DNS:$SERVICE_HOST" |
|
251 |
- else |
|
252 |
- alt_names="$alt_names,DNS:$SERVICE_HOST" |
|
253 |
- fi |
|
254 | 249 |
if is_ipv4_address "$SERVICE_HOST" ; then |
255 | 250 |
alt_names="$alt_names,IP:$SERVICE_HOST" |
256 | 251 |
fi |
... | ... |
@@ -887,10 +887,10 @@ if [[ "$SERVICE_IP_VERSION" == 6 ]]; then |
887 | 887 |
|
888 | 888 |
DEF_SERVICE_HOST=[$HOST_IPV6] |
889 | 889 |
DEF_SERVICE_LOCAL_HOST=::1 |
890 |
- DEF_SERVICE_LISTEN_ADDRESS=:: |
|
890 |
+ DEF_SERVICE_LISTEN_ADDRESS="[::]" |
|
891 | 891 |
fi |
892 | 892 |
|
893 |
-# This is either 0.0.0.0 for IPv4 or :: for IPv6 |
|
893 |
+# This is either 0.0.0.0 for IPv4 or [::] for IPv6 |
|
894 | 894 |
SERVICE_LISTEN_ADDRESS=${SERVICE_LISTEN_ADDRESS:-${DEF_SERVICE_LISTEN_ADDRESS}} |
895 | 895 |
|
896 | 896 |
# Allow the use of an alternate hostname (such as localhost/127.0.0.1) for |