Updates lib/nova so that we use the application config file (nova.conf)
instead of the Nova api-paste.ini config file.
Related-Bug #1240753
Change-Id: I393a67f1f005e775928130c9241aa7e25c391ae3
... | ... |
@@ -212,26 +212,24 @@ function configure_nova() { |
212 | 212 |
configure_nova_rootwrap |
213 | 213 |
|
214 | 214 |
if is_service_enabled n-api; then |
215 |
- # Use the sample http middleware configuration supplied in the |
|
216 |
- # Nova sources. This paste config adds the configuration required |
|
217 |
- # for Nova to validate Keystone tokens. |
|
218 |
- |
|
219 | 215 |
# Remove legacy paste config if present |
220 | 216 |
rm -f $NOVA_DIR/bin/nova-api-paste.ini |
221 | 217 |
|
222 | 218 |
# Get the sample configuration file in place |
223 | 219 |
cp $NOVA_DIR/etc/nova/api-paste.ini $NOVA_CONF_DIR |
224 | 220 |
|
225 |
- iniset $NOVA_API_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST |
|
221 |
+ # Comment out the keystone configs in Nova's api-paste.ini. |
|
222 |
+ # We are using nova.conf to configure this instead. |
|
223 |
+ inicomment $NOVA_API_PASTE_INI filter:authtoken auth_host |
|
226 | 224 |
if is_service_enabled tls-proxy; then |
227 |
- iniset $NOVA_API_PASTE_INI filter:authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL |
|
225 |
+ inicomment $NOVA_API_PASTE_INI filter:authtoken auth_protocol |
|
228 | 226 |
fi |
229 |
- iniset $NOVA_API_PASTE_INI filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
230 |
- iniset $NOVA_API_PASTE_INI filter:authtoken admin_user nova |
|
231 |
- iniset $NOVA_API_PASTE_INI filter:authtoken admin_password $SERVICE_PASSWORD |
|
227 |
+ inicomment $NOVA_API_PASTE_INI filter:authtoken admin_tenant_name |
|
228 |
+ inicomment $NOVA_API_PASTE_INI filter:authtoken admin_user |
|
229 |
+ inicomment $NOVA_API_PASTE_INI filter:authtoken admin_password |
|
232 | 230 |
fi |
233 | 231 |
|
234 |
- iniset $NOVA_API_PASTE_INI filter:authtoken signing_dir $NOVA_AUTH_CACHE_DIR |
|
232 |
+ inicomment $NOVA_API_PASTE_INI filter:authtoken signing_dir |
|
235 | 233 |
|
236 | 234 |
if is_service_enabled n-cpu; then |
237 | 235 |
# Force IP forwarding on, just on case |
... | ... |
@@ -394,7 +392,20 @@ function create_nova_conf() { |
394 | 394 |
# Set the service port for a proxy to take the original |
395 | 395 |
iniset $NOVA_CONF DEFAULT osapi_compute_listen_port "$NOVA_SERVICE_PORT_INT" |
396 | 396 |
fi |
397 |
+ |
|
398 |
+ # Add keystone authtoken configuration |
|
399 |
+ |
|
400 |
+ iniset $NOVA_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST |
|
401 |
+ if is_service_enabled tls-proxy; then |
|
402 |
+ iniset $NOVA_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL |
|
403 |
+ fi |
|
404 |
+ iniset $NOVA_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
405 |
+ iniset $NOVA_CONF keystone_authtoken admin_user nova |
|
406 |
+ iniset $NOVA_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
|
397 | 407 |
fi |
408 |
+ |
|
409 |
+ iniset $NOVA_CONF keystone_authtoken signing_dir $NOVA_AUTH_CACHE_DIR |
|
410 |
+ |
|
398 | 411 |
if is_service_enabled cinder; then |
399 | 412 |
iniset $NOVA_CONF DEFAULT volume_api_class "nova.volume.cinder.API" |
400 | 413 |
fi |