Browse code
Always create signing_dir regardless of token format
Fixes bug 1088801
devstack does not create signing_dir when keystone token format is UUID.
If the default value of signing_dir is read-only, OpenStack services
such as Quantum server failed to start due to permission denied.
On the keystone client cannot know which token_format is used in keystone
in advance, so signing_dir should be created regardless of the token format.
Change-Id: I1b0d25c1ac4d22d9fb2c5443d15b96fdaa5a4c81
Akihiro MOTOKI authored on 2012/12/11 17:09:02Showing 4 changed files
| ... | ... |
@@ -105,10 +105,7 @@ function configure_cinder() {
|
| 105 | 105 |
iniset $CINDER_API_PASTE_INI filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME |
| 106 | 106 |
iniset $CINDER_API_PASTE_INI filter:authtoken admin_user cinder |
| 107 | 107 |
iniset $CINDER_API_PASTE_INI filter:authtoken admin_password $SERVICE_PASSWORD |
| 108 |
- |
|
| 109 |
- if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then |
|
| 110 |
- iniset $CINDER_API_PASTE_INI filter:authtoken signing_dir $CINDER_AUTH_CACHE_DIR |
|
| 111 |
- fi |
|
| 108 |
+ iniset $CINDER_API_PASTE_INI filter:authtoken signing_dir $CINDER_AUTH_CACHE_DIR |
|
| 112 | 109 |
|
| 113 | 110 |
cp $CINDER_DIR/etc/cinder/cinder.conf.sample $CINDER_CONF |
| 114 | 111 |
iniset $CINDER_CONF DEFAULT auth_strategy keystone |
| ... | ... |
@@ -212,11 +209,9 @@ function init_cinder() {
|
| 212 | 212 |
fi |
| 213 | 213 |
fi |
| 214 | 214 |
|
| 215 |
- if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then |
|
| 216 |
- # Create cache dir |
|
| 217 |
- sudo mkdir -p $CINDER_AUTH_CACHE_DIR |
|
| 218 |
- sudo chown `whoami` $CINDER_AUTH_CACHE_DIR |
|
| 219 |
- fi |
|
| 215 |
+ # Create cache dir |
|
| 216 |
+ sudo mkdir -p $CINDER_AUTH_CACHE_DIR |
|
| 217 |
+ sudo chown `whoami` $CINDER_AUTH_CACHE_DIR |
|
| 220 | 218 |
} |
| 221 | 219 |
|
| 222 | 220 |
# install_cinder() - Collect source and prepare |
| ... | ... |
@@ -95,9 +95,7 @@ function configure_glance() {
|
| 95 | 95 |
iniset $GLANCE_REGISTRY_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
| 96 | 96 |
iniset $GLANCE_REGISTRY_CONF keystone_authtoken admin_user glance |
| 97 | 97 |
iniset $GLANCE_REGISTRY_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
| 98 |
- if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then |
|
| 99 |
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/registry |
|
| 100 |
- fi |
|
| 98 |
+ iniset $GLANCE_REGISTRY_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/registry |
|
| 101 | 99 |
|
| 102 | 100 |
cp $GLANCE_DIR/etc/glance-api.conf $GLANCE_API_CONF |
| 103 | 101 |
iniset $GLANCE_API_CONF DEFAULT debug True |
| ... | ... |
@@ -121,9 +119,7 @@ function configure_glance() {
|
| 121 | 121 |
iniset $GLANCE_API_CONF DEFAULT rabbit_host $RABBIT_HOST |
| 122 | 122 |
iniset $GLANCE_API_CONF DEFAULT rabbit_password $RABBIT_PASSWORD |
| 123 | 123 |
fi |
| 124 |
- if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then |
|
| 125 |
- iniset $GLANCE_API_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/api |
|
| 126 |
- fi |
|
| 124 |
+ iniset $GLANCE_API_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/api |
|
| 127 | 125 |
|
| 128 | 126 |
cp -p $GLANCE_DIR/etc/glance-registry-paste.ini $GLANCE_REGISTRY_PASTE_INI |
| 129 | 127 |
|
| ... | ... |
@@ -163,13 +159,11 @@ function init_glance() {
|
| 163 | 163 |
|
| 164 | 164 |
$GLANCE_BIN_DIR/glance-manage db_sync |
| 165 | 165 |
|
| 166 |
- if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then |
|
| 167 |
- # Create cache dir |
|
| 168 |
- sudo mkdir -p $GLANCE_AUTH_CACHE_DIR/api |
|
| 169 |
- sudo chown `whoami` $GLANCE_AUTH_CACHE_DIR/api |
|
| 170 |
- sudo mkdir -p $GLANCE_AUTH_CACHE_DIR/registry |
|
| 171 |
- sudo chown `whoami` $GLANCE_AUTH_CACHE_DIR/registry |
|
| 172 |
- fi |
|
| 166 |
+ # Create cache dir |
|
| 167 |
+ sudo mkdir -p $GLANCE_AUTH_CACHE_DIR/api |
|
| 168 |
+ sudo chown `whoami` $GLANCE_AUTH_CACHE_DIR/api |
|
| 169 |
+ sudo mkdir -p $GLANCE_AUTH_CACHE_DIR/registry |
|
| 170 |
+ sudo chown `whoami` $GLANCE_AUTH_CACHE_DIR/registry |
|
| 173 | 171 |
} |
| 174 | 172 |
|
| 175 | 173 |
# install_glanceclient() - Collect source and prepare |
| ... | ... |
@@ -172,9 +172,7 @@ function configure_nova() {
|
| 172 | 172 |
" -i $NOVA_API_PASTE_INI |
| 173 | 173 |
fi |
| 174 | 174 |
|
| 175 |
- if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then |
|
| 176 |
- iniset $NOVA_API_PASTE_INI filter:authtoken signing_dir $NOVA_AUTH_CACHE_DIR |
|
| 177 |
- fi |
|
| 175 |
+ iniset $NOVA_API_PASTE_INI filter:authtoken signing_dir $NOVA_AUTH_CACHE_DIR |
|
| 178 | 176 |
|
| 179 | 177 |
if is_service_enabled n-cpu; then |
| 180 | 178 |
# Force IP forwarding on, just on case |
| ... | ... |
@@ -378,11 +376,9 @@ function init_nova() {
|
| 378 | 378 |
$NOVA_BIN_DIR/nova-manage db sync |
| 379 | 379 |
fi |
| 380 | 380 |
|
| 381 |
- if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then |
|
| 382 |
- # Create cache dir |
|
| 383 |
- sudo mkdir -p $NOVA_AUTH_CACHE_DIR |
|
| 384 |
- sudo chown `whoami` $NOVA_AUTH_CACHE_DIR |
|
| 385 |
- fi |
|
| 381 |
+ # Create cache dir |
|
| 382 |
+ sudo mkdir -p $NOVA_AUTH_CACHE_DIR |
|
| 383 |
+ sudo chown `whoami` $NOVA_AUTH_CACHE_DIR |
|
| 386 | 384 |
} |
| 387 | 385 |
|
| 388 | 386 |
# install_novaclient() - Collect source and prepare |
| ... | ... |
@@ -68,12 +68,10 @@ function quantum_setup_keystone() {
|
| 68 | 68 |
iniset $conf_file $section admin_tenant_name $SERVICE_TENANT_NAME |
| 69 | 69 |
iniset $conf_file $section admin_user $Q_ADMIN_USERNAME |
| 70 | 70 |
iniset $conf_file $section admin_password $SERVICE_PASSWORD |
| 71 |
- if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then |
|
| 72 |
- iniset $conf_file $section signing_dir $QUANTUM_AUTH_CACHE_DIR |
|
| 73 |
- # Create cache dir |
|
| 74 |
- sudo mkdir -p $QUANTUM_AUTH_CACHE_DIR |
|
| 75 |
- sudo chown `whoami` $QUANTUM_AUTH_CACHE_DIR |
|
| 76 |
- fi |
|
| 71 |
+ iniset $conf_file $section signing_dir $QUANTUM_AUTH_CACHE_DIR |
|
| 72 |
+ # Create cache dir |
|
| 73 |
+ sudo mkdir -p $QUANTUM_AUTH_CACHE_DIR |
|
| 74 |
+ sudo chown `whoami` $QUANTUM_AUTH_CACHE_DIR |
|
| 77 | 75 |
} |
| 78 | 76 |
|
| 79 | 77 |
function quantum_setup_ovs_bridge() {
|