GitList

Browse code

Allow qpid to be selected as AMQP provider on precise

Fixes bug 1137667

Previously the auth/sasl config for qpidd was broken, and the
openstack services using RPC were not properly configured.

Now we ensure that:

- the admin qpid_username/password are configured for all services
(as the qpidd ACL config denies all access to non-admin users)

- the PLAIN sasl mechanism is configured for qpidd (otherwise the
qpid_password is not propogated)

- the qpidd process has read permission on the sasl DB (otherwise
thw admin user/apss cannot be verified even if set)

Change-Id: Id6bd675841884451b78f257afe786f494a03c0f7

Eoghan Glynn authored on 2013/03/01 21:09:01
Showing 3 changed files

lib/ceilometer index e890ff9..8772867 100644
lib/glance index 80d3902..87c160e 100644
lib/rpc_backend index f35f9db..70acfb0 100644

lib/ceilometer

History View file @ 8c11f56

@@ -64,13 +64,7 @@ function configure_ceilometer() {
                          [ ! -d $CEILOMETER_API_LOG_DIR ] &&  sudo mkdir -m 755 -p $CEILOMETER_API_LOG_DIR
                          sudo chown $USER $CEILOMETER_API_LOG_DIR
                     -    if is_service_enabled rabbit ; then
                     -        iniset $CEILOMETER_CONF DEFAULT rpc_backend 'ceilometer.openstack.common.rpc.impl_kombu'
                     -        iniset $CEILOMETER_CONF DEFAULT rabbit_host $RABBIT_HOST
                     -        iniset $CEILOMETER_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
                     -    elif is_service_enabled qpid ; then
                     -        iniset $CEILOMETER_CONF DEFAULT rpc_backend 'ceilometer.openstack.common.rpc.impl_qpid'
                     -    fi
                     +    iniset_rpc_backend ceilometer $CEILOMETER_CONF DEFAULT
                          iniset $CEILOMETER_CONF DEFAULT notification_topics 'notifications,glance_notifications'
                          iniset $CEILOMETER_CONF DEFAULT verbose True

lib/glance

History View file @ 8c11f56

@@ -114,9 +114,8 @@ function configure_glance() {
                              iniset $GLANCE_API_CONF DEFAULT notifier_strategy qpid
                          elif [ -n "$RABBIT_HOST" ] &&  [ -n "$RABBIT_PASSWORD" ]; then
                              iniset $GLANCE_API_CONF DEFAULT notifier_strategy rabbit
                     -        iniset $GLANCE_API_CONF DEFAULT rabbit_host $RABBIT_HOST
                     -        iniset $GLANCE_API_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
                          fi
                     +    iniset_rpc_backend glance $GLANCE_API_CONF DEFAULT
                          iniset $GLANCE_API_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/api
                          cp -p $GLANCE_DIR/etc/glance-registry-paste.ini $GLANCE_REGISTRY_PASTE_INI

lib/rpc_backend

History View file @ 8c11f56

@@ -58,6 +58,8 @@ function install_rpc_backend() {
                                  install_package qpid-cpp-server-daemon
                              elif is_ubuntu; then
                                  install_package qpidd
                     +            sudo sed -i '/PLAIN/!s/mech_list: /mech_list: PLAIN /' /etc/sasl2/qpidd.conf
                     +            sudo chmod o+r /etc/qpid/qpidd.sasldb
                              else
                                  exit_distro_not_supported "qpid installation"
                              fi
@@ -100,6 +102,11 @@ function iniset_rpc_backend() {
                              iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_zmq
                          elif is_service_enabled qpid; then
                              iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_qpid
                     +        if is_ubuntu; then
                     +            QPID_PASSWORD=`sudo strings /etc/qpid/qpidd.sasldb | grep -B1 admin | head -1`
                     +            iniset $file $section qpid_password $QPID_PASSWORD
                     +            iniset $file $section qpid_username admin
                     +        fi
                          elif is_service_enabled rabbit || { [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; }; then
                              iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_kombu
                              iniset $file $section rabbit_host $RABBIT_HOST