Browse code
Merge "Set up Cinder for TLS"
Jenkins authored on 2013/01/11 22:40:39Showing 1 changed files
| ... | ... |
@@ -37,6 +37,12 @@ CINDER_CONF_DIR=/etc/cinder |
| 37 | 37 |
CINDER_CONF=$CINDER_CONF_DIR/cinder.conf |
| 38 | 38 |
CINDER_API_PASTE_INI=$CINDER_CONF_DIR/api-paste.ini |
| 39 | 39 |
|
| 40 |
+# Public facing bits |
|
| 41 |
+CINDER_SERVICE_HOST=${CINDER_SERVICE_HOST:-$SERVICE_HOST}
|
|
| 42 |
+CINDER_SERVICE_PORT=${CINDER_SERVICE_PORT:-8776}
|
|
| 43 |
+CINDER_SERVICE_PORT_INT=${CINDER_SERVICE_PORT_INT:-18776}
|
|
| 44 |
+CINDER_SERVICE_PROTOCOL=${CINDER_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
|
|
| 45 |
+ |
|
| 40 | 46 |
# Support entry points installation of console scripts |
| 41 | 47 |
if [[ -d $CINDER_DIR/bin ]]; then |
| 42 | 48 |
CINDER_BIN_DIR=$CINDER_DIR/bin |
| ... | ... |
@@ -169,6 +175,11 @@ function configure_cinder() {
|
| 169 | 169 |
iniset $CINDER_CONF DEFAULT osapi_volume_extension cinder.api.openstack.volume.contrib.standard_extensions |
| 170 | 170 |
iniset $CINDER_CONF DEFAULT state_path $CINDER_STATE_PATH |
| 171 | 171 |
|
| 172 |
+ if is_service_enabled tls-proxy; then |
|
| 173 |
+ # Set the service port for a proxy to take the original |
|
| 174 |
+ iniset $CINDER_CONF DEFAULT osapi_volume_listen_port $CINDER_SERVICE_PORT_INT |
|
| 175 |
+ fi |
|
| 176 |
+ |
|
| 172 | 177 |
if [ "$SYSLOG" != "False" ]; then |
| 173 | 178 |
iniset $CINDER_CONF DEFAULT use_syslog True |
| 174 | 179 |
fi |
| ... | ... |
@@ -241,9 +252,9 @@ create_cinder_accounts() {
|
| 241 | 241 |
keystone endpoint-create \ |
| 242 | 242 |
--region RegionOne \ |
| 243 | 243 |
--service_id $CINDER_SERVICE \ |
| 244 |
- --publicurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \ |
|
| 245 |
- --adminurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" \ |
|
| 246 |
- --internalurl "http://$SERVICE_HOST:8776/v1/\$(tenant_id)s" |
|
| 244 |
+ --publicurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \ |
|
| 245 |
+ --adminurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \ |
|
| 246 |
+ --internalurl "$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" |
|
| 247 | 247 |
fi |
| 248 | 248 |
fi |
| 249 | 249 |
} |
| ... | ... |
@@ -340,6 +351,11 @@ function start_cinder() {
|
| 340 | 340 |
screen_it c-api "cd $CINDER_DIR && $CINDER_BIN_DIR/cinder-api --config-file $CINDER_CONF" |
| 341 | 341 |
screen_it c-vol "cd $CINDER_DIR && $CINDER_BIN_DIR/cinder-volume --config-file $CINDER_CONF" |
| 342 | 342 |
screen_it c-sch "cd $CINDER_DIR && $CINDER_BIN_DIR/cinder-scheduler --config-file $CINDER_CONF" |
| 343 |
+ |
|
| 344 |
+ # Start proxies if enabled |
|
| 345 |
+ if is_service_enabled c-api && is_service_enabled tls-proxy; then |
|
| 346 |
+ start_tls_proxy '*' $CINDER_SERVICE_PORT $CINDER_SERVICE_HOST $CINDER_SERVICE_PORT_INT & |
|
| 347 |
+ fi |
|
| 343 | 348 |
} |
| 344 | 349 |
|
| 345 | 350 |
# stop_cinder() - Stop running processes |