From 1c34736247f8ae18d054cfecfec54152bf27f1d9 Mon Sep 17 00:00:00 2001 From: "Liam R. Howlett" Date: Fri, 19 Sep 2014 15:52:17 -0400 Subject: keystone: Change packages configuration to use apache keystone. This commit changes all required configurations to use keystone running on apache. The following packages configurations were modified for keystone running on apache: python-neutron, python-nova, tempest, python-swift, python-rally, python-heat, python-glance, python-cinder, python-ceilmoeter, python-horizon. Signed-off-by: Liam R. Howlett --- .../python/python-ceilometer/ceilometer.conf | 18 ++---------------- .../recipes-devtools/python/python-cinder/cinder.conf | 4 +--- .../recipes-devtools/python/python-glance_git.bb | 3 ++- .../recipes-devtools/python/python-heat/heat.conf | 5 +---- .../python/python-horizon/local_settings.py | 2 +- ....conf-jumpstart-nova-state-reporting-configur.patch | 2 +- .../python/python-neutron/metadata_agent.ini | 2 +- .../recipes-devtools/python/python-neutron_git.bb | 7 ++++++- .../recipes-devtools/python/python-nova/nova.conf | 6 ++---- .../recipes-devtools/python/python-nova/openrc | 4 ++-- .../python/python-rally/deployment-existing.json | 2 +- .../python/python-swift/dispersion.conf | 2 +- .../python/python-swift/proxy-server.conf | 5 +---- .../recipes-extended/tempest/tempest/tempest.conf | 4 ++-- 14 files changed, 24 insertions(+), 42 deletions(-) diff --git a/meta-openstack/recipes-devtools/python/python-ceilometer/ceilometer.conf b/meta-openstack/recipes-devtools/python/python-ceilometer/ceilometer.conf index db78580..c96462d 100644 --- a/meta-openstack/recipes-devtools/python/python-ceilometer/ceilometer.conf +++ b/meta-openstack/recipes-devtools/python/python-ceilometer/ceilometer.conf @@ -680,7 +680,7 @@ os_tenant_name=%SERVICE_TENANT_NAME% # Auth URL to use for openstack service access (string value) #os_auth_url=http://localhost:5000/v2.0 -os_auth_url=http://%CONTROLLER_IP%:5000/v2.0 +os_auth_url=http://%CONTROLLER_IP%:8081/keystone/main/v2.0 # Region name to use for openstack service endpoints (string # value) @@ -713,25 +713,11 @@ os_auth_url=http://%CONTROLLER_IP%:5000/v2.0 # # Options defined in keystoneclient.middleware.auth_token # - +identity_uri=http://127.0.0.1:8081/keystone/admin/ # Prefix to prepend at the beginning of the path (string # value) #auth_admin_prefix= -# Host providing the admin Identity API endpoint (string -# value) -auth_host=%CONTROLLER_IP% - -# Port of the admin Identity API endpoint (integer value) -#auth_port=35357 - -# Protocol of the admin Identity API endpoint(http or https) -# (string value) -auth_protocol=http - -# Complete public Identity API endpoint (string value) -#auth_uri= - # API version of the admin Identity API endpoint (string # value) #auth_version= diff --git a/meta-openstack/recipes-devtools/python/python-cinder/cinder.conf b/meta-openstack/recipes-devtools/python/python-cinder/cinder.conf index 2772fb1..8b2bc84 100644 --- a/meta-openstack/recipes-devtools/python/python-cinder/cinder.conf +++ b/meta-openstack/recipes-devtools/python/python-cinder/cinder.conf @@ -1242,9 +1242,7 @@ volume_backend_name=RBD_CEPH # max_timing_buffer=100 [keystone_authtoken] -auth_host = 127.0.0.1 -auth_port = 35357 -auth_protocol = http +identity_uri=http://127.0.0.1:8081/keystone/admin admin_tenant_name = %SERVICE_TENANT_NAME% admin_user = %SERVICE_USER% admin_password = %SERVICE_PASSWORD% diff --git a/meta-openstack/recipes-devtools/python/python-glance_git.bb b/meta-openstack/recipes-devtools/python/python-glance_git.bb index 52c0ebf..7775956 100644 --- a/meta-openstack/recipes-devtools/python/python-glance_git.bb +++ b/meta-openstack/recipes-devtools/python/python-glance_git.bb @@ -68,6 +68,7 @@ do_install_append() { -i ${WORKDIR}/glance-$file.conf sed -e "s!^#connection =.*!connection = postgresql://${DB_USER}:${DB_PASSWORD}@localhost/glance!g" \ -i ${WORKDIR}/glance-$file.conf + sed -i '/\[keystone_authtoken\]/aidentity_uri=http://127.0.0.1:8081/keystone/admin' ${WORKDIR}/glance-$file.conf done sed -e "s:^filesystem_store_datadir =.*:filesystem_store_datadir = ${sysconfdir}/${SRCNAME}/images/:g" \ -i ${WORKDIR}/glance-api.conf @@ -77,7 +78,7 @@ do_install_append() { -i ${WORKDIR}/glance-api.conf sed 's:^default_store =.*:default_store = ${GLANCE_DEFAULT_STORE}:g' -i ${WORKDIR}/glance-api.conf - sed 's:^swift_store_auth_address =.*:swift_store_auth_address = http\://127.0.0.1\:5000/v2.0/:g' -i ${WORKDIR}/glance-api.conf + sed 's:^swift_store_auth_address =.*:swift_store_auth_address = http\://127.0.0.1\:8081/keystone/main/:g' -i ${WORKDIR}/glance-api.conf sed 's:^swift_store_user =.*:swift_store_user = ${SERVICE_TENANT_NAME}\:${SRCNAME}:g' -i ${WORKDIR}/glance-api.conf sed 's:^swift_store_key =.*:swift_store_key = ${SERVICE_PASSWORD}:g' -i ${WORKDIR}/glance-api.conf sed 's:^swift_store_create_container_on_put =.*:swift_store_create_container_on_put = True:g' -i ${WORKDIR}/glance-api.conf diff --git a/meta-openstack/recipes-devtools/python/python-heat/heat.conf b/meta-openstack/recipes-devtools/python/python-heat/heat.conf index 95c88a1..4d84412 100644 --- a/meta-openstack/recipes-devtools/python/python-heat/heat.conf +++ b/meta-openstack/recipes-devtools/python/python-heat/heat.conf @@ -725,10 +725,7 @@ heat_waitcondition_server_url=http://%CONTROLLER_IP%:8000/v1/waitcondition #password= [keystone_authtoken] -auth_host = %CONTROLLER_IP% -auth_port = 35357 -auth_protocol = http -auth_uri = http://%CONTROLLER_IP%:5000/v2.0 +identity_uri=http://%CONTROLLER_IP%:8081/keystone/main admin_tenant_name = %SERVICE_TENANT_NAME% admin_user = heat diff --git a/meta-openstack/recipes-devtools/python/python-horizon/local_settings.py b/meta-openstack/recipes-devtools/python/python-horizon/local_settings.py index 8046b69..3ba4ab0 100644 --- a/meta-openstack/recipes-devtools/python/python-horizon/local_settings.py +++ b/meta-openstack/recipes-devtools/python/python-horizon/local_settings.py @@ -125,7 +125,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' # ] OPENSTACK_HOST = "127.0.0.1" -OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST +OPENSTACK_KEYSTONE_URL = "http://%s:8081/keystone/main/v2.0" % OPENSTACK_HOST OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" # Disable SSL certificate checks (useful for self-signed certificates): diff --git a/meta-openstack/recipes-devtools/python/python-neutron/0001-neutron.conf-jumpstart-nova-state-reporting-configur.patch b/meta-openstack/recipes-devtools/python/python-neutron/0001-neutron.conf-jumpstart-nova-state-reporting-configur.patch index dbe55db..77674a6 100644 --- a/meta-openstack/recipes-devtools/python/python-neutron/0001-neutron.conf-jumpstart-nova-state-reporting-configur.patch +++ b/meta-openstack/recipes-devtools/python/python-neutron/0001-neutron.conf-jumpstart-nova-state-reporting-configur.patch @@ -34,7 +34,7 @@ Index: git/etc/neutron.conf # Authorization URL for connection to nova in admin context. -# nova_admin_auth_url = -+# nova_admin_auth_url = http://%CONTROLLER_IP%:35357/v2.0 ++# nova_admin_auth_url = http://%CONTROLLER_IP%:8081/keystone/admin # CA file for novaclient to verify server certificates # nova_ca_certificates_file = diff --git a/meta-openstack/recipes-devtools/python/python-neutron/metadata_agent.ini b/meta-openstack/recipes-devtools/python/python-neutron/metadata_agent.ini index 98d958d..f9d5725 100644 --- a/meta-openstack/recipes-devtools/python/python-neutron/metadata_agent.ini +++ b/meta-openstack/recipes-devtools/python/python-neutron/metadata_agent.ini @@ -3,7 +3,7 @@ # debug = True # The Neutron user information for accessing the Neutron API. -auth_url = http://localhost:5000/v2.0 +identity_uri = http://localhost:8081/keystone/main auth_region = RegionOne admin_tenant_name = %SERVICE_TENANT_NAME% admin_user = %SERVICE_USER% diff --git a/meta-openstack/recipes-devtools/python/python-neutron_git.bb b/meta-openstack/recipes-devtools/python/python-neutron_git.bb index fb859af..295db97 100644 --- a/meta-openstack/recipes-devtools/python/python-neutron_git.bb +++ b/meta-openstack/recipes-devtools/python/python-neutron_git.bb @@ -113,7 +113,7 @@ do_install_append() { install -m 0755 ${WORKDIR}/neutron-$AGENT.init.sh ${D}${sysconfdir}/init.d/neutron-$AGENT-agent install -m 600 ${WORKDIR}/${AGENT}_agent.ini ${NEUTRON_CONF_DIR}/ fi - + AGENT=metadata ARGS="--config-file=${sysconfdir}/${SRCNAME}/neutron.conf --config-file=${sysconfdir}/${SRCNAME}/metadata_agent.ini" if ${@base_contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then @@ -130,6 +130,11 @@ do_install_append() { sed -e "s:%METADATA_SHARED_SECRET%:${METADATA_SHARED_SECRET}:g" \ -i ${NEUTRON_CONF_DIR}/metadata_agent.ini + sed -e "s:^auth_host.*:#auth_host:g" -i ${NEUTRON_CONF_DIR}/neutron.conf + sed -e "s:^auth_port.*:#auth_port:g" -i ${NEUTRON_CONF_DIR}/neutron.conf + sed -e "s:^auth_protocol.*:#auth_protocol:g" -i ${NEUTRON_CONF_DIR}/neutron.conf + sed -i '/\[keystone_authtoken\]/aidentity_uri=http://127.0.0.1:8081/keystone/admin/' ${NEUTRON_CONF_DIR}/neutron.conf + cp run_tests.sh ${NEUTRON_CONF_DIR} sed 's:%PYTHON_SITEPACKAGES_DIR%:${PYTHON_SITEPACKAGES_DIR}:g' -i ${D}${PYTHON_SITEPACKAGES_DIR}/${SRCNAME}/tests/unit/nec/test_nec_plugin.py diff --git a/meta-openstack/recipes-devtools/python/python-nova/nova.conf b/meta-openstack/recipes-devtools/python/python-nova/nova.conf index 09ae44c..3cb143d 100644 --- a/meta-openstack/recipes-devtools/python/python-nova/nova.conf +++ b/meta-openstack/recipes-devtools/python/python-nova/nova.conf @@ -50,7 +50,7 @@ neutron_auth_strategy=keystone neutron_admin_tenant_name=service neutron_admin_username=neutron neutron_admin_password=password -neutron_admin_auth_url=http://%CONTROLLER_IP%:5000/v2.0/ +neutron_admin_auth_url=http://%CONTROLLER_IP%:8081/keystone/main/v2.0 # Disables reporting of network state to the controller vif_plugging_timeout=10 @@ -85,9 +85,7 @@ server_proxyclient_address=%COMPUTE_IP% auth_strategy=keystone [keystone_authtoken] -auth_host = %CONTROLLER_IP% -auth_port = 35357 -auth_protocol = http +identity_uri=http://127.0.0.1:8081/keystone/admin admin_tenant_name = %SERVICE_TENANT_NAME% admin_user = %SERVICE_USER% admin_password = %SERVICE_PASSWORD% diff --git a/meta-openstack/recipes-devtools/python/python-nova/openrc b/meta-openstack/recipes-devtools/python/python-nova/openrc index 35327ac..e8507f2 100644 --- a/meta-openstack/recipes-devtools/python/python-nova/openrc +++ b/meta-openstack/recipes-devtools/python/python-nova/openrc @@ -1,8 +1,8 @@ export OS_TENANT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=%OS_PASSWORD% -export OS_AUTH_URL="http://%CONTROLLER_HOST%:5000/v2.0/" -export SERVICE_ENDPOINT="http://%CONTROLLER_HOST%:35357/v2.0" +export OS_AUTH_URL="http://%CONTROLLER_HOST%:8081/keystone/main/v2.0/" +export SERVICE_ENDPOINT="http://%CONTROLLER_HOST%:8081/keystone/admin/v2.0" export SERVICE_TOKEN=%SERVICE_TOKEN% function get_field() { diff --git a/meta-openstack/recipes-devtools/python/python-rally/deployment-existing.json b/meta-openstack/recipes-devtools/python/python-rally/deployment-existing.json index 8249860..dd08e41 100644 --- a/meta-openstack/recipes-devtools/python/python-rally/deployment-existing.json +++ b/meta-openstack/recipes-devtools/python/python-rally/deployment-existing.json @@ -1,7 +1,7 @@ { "type": "ExistingCloud", "endpoint": { - "auth_url": "http://%CONTROLLER_IP%:5000/v2.0/", + "auth_url": "http://%CONTROLLER_IP%:8081/keystone/main", "username": "%ADMIN_USER%", "password": "%ADMIN_PASSWORD%", "tenant_name": "%ADMIN_TENANT_NAME%" diff --git a/meta-openstack/recipes-devtools/python/python-swift/dispersion.conf b/meta-openstack/recipes-devtools/python/python-swift/dispersion.conf index 25119ff..2557abb 100644 --- a/meta-openstack/recipes-devtools/python/python-swift/dispersion.conf +++ b/meta-openstack/recipes-devtools/python/python-swift/dispersion.conf @@ -1,5 +1,5 @@ [dispersion] -auth_url = http://localhost:5000/v2.0/ +auth_url = http://localhost:8081/keystone/main auth_user = %SERVICE_TENANT_NAME%:%SERVICE_USER% auth_key = %SERVICE_PASSWORD% auth_version = 2.0 diff --git a/meta-openstack/recipes-devtools/python/python-swift/proxy-server.conf b/meta-openstack/recipes-devtools/python/python-swift/proxy-server.conf index d005d8e..eef6ac5 100644 --- a/meta-openstack/recipes-devtools/python/python-swift/proxy-server.conf +++ b/meta-openstack/recipes-devtools/python/python-swift/proxy-server.conf @@ -247,10 +247,7 @@ user_test_tester3 = testing3 # [filter:authtoken] paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -auth_host = 127.0.0.1 -auth_port = 35357 -auth_protocol = http -# auth_uri = http://127.0.0.1:5000/ +identity_uri=http://127.0.0.1:8081/keystone/main admin_tenant_name = %SERVICE_TENANT_NAME% admin_user = %SERVICE_USER% admin_password = %SERVICE_PASSWORD% diff --git a/meta-openstack/recipes-extended/tempest/tempest/tempest.conf b/meta-openstack/recipes-extended/tempest/tempest/tempest.conf index 7a5bf3b..2a81536 100644 --- a/meta-openstack/recipes-extended/tempest/tempest/tempest.conf +++ b/meta-openstack/recipes-extended/tempest/tempest/tempest.conf @@ -25,9 +25,9 @@ catalog_type = identity # environments that have self-signed SSL certs. disable_ssl_certificate_validation = False # URL for where to find the OpenStack Identity API endpoint (Keystone) -uri = http://127.0.0.1:5000/v2.0/ +uri = http://127.0.0.1:8081/keystone/main/v2.0/ # URL for where to find the OpenStack V3 Identity API endpoint (Keystone) -uri_v3 = http://127.0.0.1:5000/v3/ +uri_v3 = http://127.0.0.1:8081/keystone/main/v3/ # The identity region. Also used as the other services' region name unless # they are set explicitly. region = RegionOne -- cgit v1.2.3-54-g00ecf