Browse code
Move auth_token config to .conf, key cache directories
auth_token configuration can now be read from the conf files
rather than the paste.ini files.
A key cache directory has been created for each of the 3 API services
under /var/cache/heat
This is the devstack change relating to
Heat Blueprint: keystone-middleware
This is related to this committed change:
https://review.openstack.org/#/c/26351/
Devstack users will find Heat to be broken until this corresponding change
is approved.
Change-Id: If6f77f86a3eeb08a58b516725bd806e39ccedb50
Steve Baker authored on 2013/04/09 10:41:47Showing 2 changed files
| ... | ... |
@@ -29,6 +29,7 @@ set +o xtrace |
| 29 | 29 |
# set up default directories |
| 30 | 30 |
HEAT_DIR=$DEST/heat |
| 31 | 31 |
HEATCLIENT_DIR=$DEST/python-heatclient |
| 32 |
+HEAT_AUTH_CACHE_DIR=${HEAT_AUTH_CACHE_DIR:-/var/cache/heat}
|
|
| 32 | 33 |
|
| 33 | 34 |
|
| 34 | 35 |
# Functions |
| ... | ... |
@@ -37,8 +38,7 @@ HEATCLIENT_DIR=$DEST/python-heatclient |
| 37 | 37 |
# cleanup_heat() - Remove residual data files, anything left over from previous |
| 38 | 38 |
# runs that a clean run would need to clean up |
| 39 | 39 |
function cleanup_heat() {
|
| 40 |
- # This function intentionally left blank |
|
| 41 |
- : |
|
| 40 |
+ sudo rm -rf $HEAT_AUTH_CACHE_DIR |
|
| 42 | 41 |
} |
| 43 | 42 |
|
| 44 | 43 |
# configure_heatclient() - Set config files, create data dirs, etc |
| ... | ... |
@@ -73,18 +73,19 @@ function configure_heat() {
|
| 73 | 73 |
iniset $HEAT_API_CFN_CONF DEFAULT use_syslog $SYSLOG |
| 74 | 74 |
iniset $HEAT_API_CFN_CONF DEFAULT bind_host $HEAT_API_CFN_HOST |
| 75 | 75 |
iniset $HEAT_API_CFN_CONF DEFAULT bind_port $HEAT_API_CFN_PORT |
| 76 |
+ iniset $HEAT_API_CFN_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST |
|
| 77 |
+ iniset $HEAT_API_CFN_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT |
|
| 78 |
+ iniset $HEAT_API_CFN_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL |
|
| 79 |
+ iniset $HEAT_API_CFN_CONF keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0 |
|
| 80 |
+ iniset $HEAT_API_CFN_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 81 |
+ iniset $HEAT_API_CFN_CONF keystone_authtoken admin_user heat |
|
| 82 |
+ iniset $HEAT_API_CFN_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 83 |
+ iniset $HEAT_API_CFN_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR/api-cfn |
|
| 76 | 84 |
|
| 77 | 85 |
iniset_rpc_backend heat $HEAT_API_CFN_CONF DEFAULT |
| 78 | 86 |
|
| 79 | 87 |
HEAT_API_CFN_PASTE_INI=$HEAT_CONF_DIR/heat-api-cfn-paste.ini |
| 80 | 88 |
cp $HEAT_DIR/etc/heat/heat-api-cfn-paste.ini $HEAT_API_CFN_PASTE_INI |
| 81 |
- iniset $HEAT_API_CFN_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST |
|
| 82 |
- iniset $HEAT_API_CFN_PASTE_INI filter:authtoken auth_port $KEYSTONE_AUTH_PORT |
|
| 83 |
- iniset $HEAT_API_CFN_PASTE_INI filter:authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL |
|
| 84 |
- iniset $HEAT_API_CFN_PASTE_INI filter:authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0 |
|
| 85 |
- iniset $HEAT_API_CFN_PASTE_INI filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 86 |
- iniset $HEAT_API_CFN_PASTE_INI filter:authtoken admin_user heat |
|
| 87 |
- iniset $HEAT_API_CFN_PASTE_INI filter:authtoken admin_password $SERVICE_PASSWORD |
|
| 88 | 89 |
iniset $HEAT_API_CFN_PASTE_INI filter:ec2authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0 |
| 89 | 90 |
iniset $HEAT_API_CFN_PASTE_INI filter:ec2authtoken keystone_ec2_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/ec2tokens |
| 90 | 91 |
|
| ... | ... |
@@ -96,18 +97,19 @@ function configure_heat() {
|
| 96 | 96 |
iniset $HEAT_API_CONF DEFAULT use_syslog $SYSLOG |
| 97 | 97 |
iniset $HEAT_API_CONF DEFAULT bind_host $HEAT_API_HOST |
| 98 | 98 |
iniset $HEAT_API_CONF DEFAULT bind_port $HEAT_API_PORT |
| 99 |
+ iniset $HEAT_API_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST |
|
| 100 |
+ iniset $HEAT_API_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT |
|
| 101 |
+ iniset $HEAT_API_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL |
|
| 102 |
+ iniset $HEAT_API_CONF keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0 |
|
| 103 |
+ iniset $HEAT_API_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 104 |
+ iniset $HEAT_API_CONF keystone_authtoken admin_user heat |
|
| 105 |
+ iniset $HEAT_API_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 106 |
+ iniset $HEAT_API_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR/api |
|
| 99 | 107 |
|
| 100 | 108 |
iniset_rpc_backend heat $HEAT_API_CONF DEFAULT |
| 101 | 109 |
|
| 102 | 110 |
HEAT_API_PASTE_INI=$HEAT_CONF_DIR/heat-api-paste.ini |
| 103 | 111 |
cp $HEAT_DIR/etc/heat/heat-api-paste.ini $HEAT_API_PASTE_INI |
| 104 |
- iniset $HEAT_API_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST |
|
| 105 |
- iniset $HEAT_API_PASTE_INI filter:authtoken auth_port $KEYSTONE_AUTH_PORT |
|
| 106 |
- iniset $HEAT_API_PASTE_INI filter:authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL |
|
| 107 |
- iniset $HEAT_API_PASTE_INI filter:authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0 |
|
| 108 |
- iniset $HEAT_API_PASTE_INI filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 109 |
- iniset $HEAT_API_PASTE_INI filter:authtoken admin_user heat |
|
| 110 |
- iniset $HEAT_API_PASTE_INI filter:authtoken admin_password $SERVICE_PASSWORD |
|
| 111 | 112 |
iniset $HEAT_API_PASTE_INI filter:ec2authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0 |
| 112 | 113 |
iniset $HEAT_API_PASTE_INI filter:ec2authtoken keystone_ec2_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/ec2tokens |
| 113 | 114 |
|
| ... | ... |
@@ -135,18 +137,19 @@ function configure_heat() {
|
| 135 | 135 |
iniset $HEAT_API_CW_CONF DEFAULT use_syslog $SYSLOG |
| 136 | 136 |
iniset $HEAT_API_CW_CONF DEFAULT bind_host $HEAT_API_CW_HOST |
| 137 | 137 |
iniset $HEAT_API_CW_CONF DEFAULT bind_port $HEAT_API_CW_PORT |
| 138 |
+ iniset $HEAT_API_CW_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST |
|
| 139 |
+ iniset $HEAT_API_CW_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT |
|
| 140 |
+ iniset $HEAT_API_CW_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL |
|
| 141 |
+ iniset $HEAT_API_CW_CONF keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0 |
|
| 142 |
+ iniset $HEAT_API_CW_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 143 |
+ iniset $HEAT_API_CW_CONF keystone_authtoken admin_user heat |
|
| 144 |
+ iniset $HEAT_API_CW_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 145 |
+ iniset $HEAT_API_CW_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR/api-cloudwatch |
|
| 138 | 146 |
|
| 139 | 147 |
iniset_rpc_backend heat $HEAT_API_CW_CONF DEFAULT |
| 140 | 148 |
|
| 141 | 149 |
HEAT_API_CW_PASTE_INI=$HEAT_CONF_DIR/heat-api-cloudwatch-paste.ini |
| 142 | 150 |
cp $HEAT_DIR/etc/heat/heat-api-cloudwatch-paste.ini $HEAT_API_CW_PASTE_INI |
| 143 |
- iniset $HEAT_API_CW_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST |
|
| 144 |
- iniset $HEAT_API_CW_PASTE_INI filter:authtoken auth_port $KEYSTONE_AUTH_PORT |
|
| 145 |
- iniset $HEAT_API_CW_PASTE_INI filter:authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL |
|
| 146 |
- iniset $HEAT_API_CW_PASTE_INI filter:authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0 |
|
| 147 |
- iniset $HEAT_API_CW_PASTE_INI filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 148 |
- iniset $HEAT_API_CW_PASTE_INI filter:authtoken admin_user heat |
|
| 149 |
- iniset $HEAT_API_CW_PASTE_INI filter:authtoken admin_password $SERVICE_PASSWORD |
|
| 150 | 151 |
iniset $HEAT_API_CW_PASTE_INI filter:ec2authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0 |
| 151 | 152 |
iniset $HEAT_API_CW_PASTE_INI filter:ec2authtoken keystone_ec2_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/ec2tokens |
| 152 | 153 |
} |
| ... | ... |
@@ -159,6 +162,18 @@ function init_heat() {
|
| 159 | 159 |
|
| 160 | 160 |
$HEAT_DIR/bin/heat-db-setup $os_PACKAGE -r $DATABASE_PASSWORD |
| 161 | 161 |
$HEAT_DIR/tools/nova_create_flavors.sh |
| 162 |
+ create_heat_cache_dir |
|
| 163 |
+} |
|
| 164 |
+ |
|
| 165 |
+# create_heat_cache_dir() - Part of the init_heat() process |
|
| 166 |
+function create_heat_cache_dir() {
|
|
| 167 |
+ # Create cache dirs |
|
| 168 |
+ sudo mkdir -p $HEAT_AUTH_CACHE_DIR/api |
|
| 169 |
+ sudo chown $STACK_USER $HEAT_AUTH_CACHE_DIR/api |
|
| 170 |
+ sudo mkdir -p $HEAT_AUTH_CACHE_DIR/api-cfn |
|
| 171 |
+ sudo chown $STACK_USER $HEAT_AUTH_CACHE_DIR/api-cfn |
|
| 172 |
+ sudo mkdir -p $HEAT_AUTH_CACHE_DIR/api-cloudwatch |
|
| 173 |
+ sudo chown $STACK_USER $HEAT_AUTH_CACHE_DIR/api-cloudwatch |
|
| 162 | 174 |
} |
| 163 | 175 |
|
| 164 | 176 |
# install_heatclient() - Collect source and prepare |