openstack
/
ec2-api
Code Issues Proposed changes

rework accessing keystone resources 

do not use keystone_url in keystone_ec2_tokens_url definition.
configure these two urls independently.

Change-Id: I78c54c26820dfd7b52bf7cec81fa4ca0174a9eb6
This commit is contained in:
Andrey Pavlov 2016-02-01 15:09:57 +03:00
parent 4c44fdd96c
commit e25d1908e6
6 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
devstack/plugin.sh
View File

@ -186,7 +186,8 @@ function configure_ec2api {
iniset $EC2API_CONF_FILE DEFAULT admin_password $SERVICE_PASSWORD
iniset $EC2API_CONF_FILE DEFAULT ec2api_workers "$API_WORKERS"
iniset $EC2API_CONF_FILE DEFAULT keystone_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0"
iniset $EC2API_CONF_FILE DEFAULT keystone_url "$KEYSTONE_SERVICE_URI"
iniset $EC2API_CONF_FILE DEFAULT keystone_ec2_tokens_url "$KEYSTONE_SERVICE_URI_V3/ec2tokens"
iniset $EC2API_CONF_FILE DEFAULT region_list "$REGION_NAME"
iniset $EC2API_CONF_FILE DEFAULT ec2api_listen_port "$EC2API_SERVICE_PORT"

8
ec2api/api/__init__.py
View File

@ -46,11 +46,11 @@ LOG = logging.getLogger(__name__)
ec2_opts = [
cfg.StrOpt('keystone_url',
default='http://localhost:5000/v2.0',
help='URL to get token from ec2 request.'),
default='http://localhost:5000/',
help='URL for getting admin session.'),
cfg.StrOpt('keystone_ec2_tokens_url',
default='$keystone_url/ec2tokens',
help='URL to get token from ec2 request.'),
default='http://localhost:5000/v3/ec2tokens',
help='URL to authenticate token from ec2 request.'),
cfg.IntOpt('ec2_timestamp_expiry',
default=300,
help='Time in seconds before ec2 timestamp expires'),

3
ec2api/clients.py
View File

@ -106,7 +106,8 @@ def cinder(context):
def keystone(context):
return keystoneclient.Client(auth_url=CONF.keystone_url,
auth_url = context.session.get_endpoint(service_type='identity')
return keystoneclient.Client(auth_url=auth_url,
session=context.session)

2
ec2api/tests/unit/test_clients.py
View File

@ -124,5 +124,5 @@ class ClientsTestCase(base.BaseTestCase):
context = mock.NonCallableMock(session=mock.sentinel.session)
res = clients.keystone(context)
self.assertEqual(keystone.return_value, res)
keystone.assert_called_with(auth_url='http://localhost:5000/v2.0',
keystone.assert_called_with(auth_url='v1',
session=mock.sentinel.session)

6
ec2api/tests/unit/test_middleware.py
View File

@ -149,7 +149,7 @@ class KeystoneAuthTestCase(test_base.BaseTestCase):
resp = self.kauth(req)
self._validate_ec2_error(resp, 400, 'AuthFailure')
mock_request.assert_called_with('POST',
CONF.keystone_url + '/ec2tokens',
CONF.keystone_ec2_tokens_url,
data=mock.ANY, headers=mock.ANY)
@tools.screen_all_logs
@ -161,7 +161,7 @@ class KeystoneAuthTestCase(test_base.BaseTestCase):
resp = self.kauth(req)
self._validate_ec2_error(resp, 400, 'AuthFailure')
mock_request.assert_called_with('POST',
CONF.keystone_url + '/ec2tokens',
CONF.keystone_ec2_tokens_url,
data=mock.ANY, headers=mock.ANY)
fake_request = mock.NonCallableMock(status_code=200, headers={})
@ -182,7 +182,7 @@ class KeystoneAuthTestCase(test_base.BaseTestCase):
req.GET['AWSAccessKeyId'] = 'test-key-id'
self.kauth(req)
mock_request.assert_called_with(
'POST', CONF.keystone_url + '/ec2tokens',
'POST', CONF.keystone_ec2_tokens_url,
data=mock.ANY, headers=mock.ANY)
data = jsonutils.loads(mock_request.call_args[1]['data'])

1
install.sh
View File

@ -268,6 +268,7 @@ iniset $CONF_FILE DEFAULT logging_context_format_string "%(asctime)s.%(msecs)03d
iniset $CONF_FILE DEFAULT log_dir "$LOG_DIR"
iniset $CONF_FILE DEFAULT verbose True
iniset $CONF_FILE DEFAULT keystone_url "$OS_AUTH_URL"
iniset $CONF_FILE DEFAULT keystone_ec2_tokens_url "$OS_AUTH_URL/v3/ec2tokens"
iniset $CONF_FILE database connection "$CONNECTION"
iniset $CONF_FILE DEFAULT full_vpc_support "$VPC_SUPPORT"
iniset $CONF_FILE DEFAULT external_network "$EXTERNAL_NETWORK"