summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoryatin <ykarel@redhat.com>2017-04-21 10:04:03 +0530
committerKevin Lefevre <kevin.lefevre@osones.io>2017-05-15 16:36:49 +0200
commit1881152217cb42d2e6f761136402572079a72c95 (patch)
treece1fd1c5858e821004908fef356ec9a1d9cb51ba
parent1a685113d8df479c56ad85aa001930f6b8f1e2dd (diff)
Fix keystone auth_uri and auth_url
Post [1] we cannot use auth_uri/auth_url containing :5000, :35357. Update keystone auth_uri and auth_url in magnum.conf to connect with keystone using /identity/v3 and /identity_admin/v3. [1] https://review.openstack.org/#/c/456344/ Change-Id: I5d69e7454cf8a5e8c92ff23b6c932184d82e8a98 devstack: Allow access to ports 80 and 443 So far, we were allowing access to port 5000 for keystone. When devstack siwtched to uwsgi we couldn't access keystone anymore. Co-Authored-By: Spyros Trigazis <strigazi@gmail.com> Change-Id: I4d3d482889fd9f6119ceec81757abac9d1251a97 (cherry picked from commit 530d225fcd154eef89e3fc2189898e23a7bc9e14)
Notes
Notes (review): Code-Review+2: Adrian Otto <aotto@aotto.com> Code-Review+2: Spyros Trigazis (strigazi) <strigazi@gmail.com> Workflow+1: Spyros Trigazis (strigazi) <strigazi@gmail.com> Verified+2: Jenkins Submitted-by: Jenkins Submitted-at: Mon, 15 May 2017 20:38:46 +0000 Reviewed-on: https://review.openstack.org/464328 Project: openstack/magnum Branch: refs/heads/stable/ocata
-rw-r--r--devstack/lib/magnum10
-rwxr-xr-xmagnum/tests/contrib/post_test_hook.sh3
2 files changed, 8 insertions, 5 deletions
diff --git a/devstack/lib/magnum b/devstack/lib/magnum
index 6410e07..5f04c45 100644
--- a/devstack/lib/magnum
+++ b/devstack/lib/magnum
@@ -150,9 +150,9 @@ function create_magnum_conf {
150 150
151 configure_auth_token_middleware $MAGNUM_CONF magnum $MAGNUM_AUTH_CACHE_DIR 151 configure_auth_token_middleware $MAGNUM_CONF magnum $MAGNUM_AUTH_CACHE_DIR
152 152
153 iniset $MAGNUM_CONF keystone_auth auth_url $KEYSTONE_SERVICE_URI/v3 153 iniset $MAGNUM_CONF keystone_auth auth_url $KEYSTONE_AUTH_URI_V3
154 iniset $MAGNUM_CONF keystone_authtoken auth_uri \ 154 iniset $MAGNUM_CONF keystone_authtoken auth_uri $KEYSTONE_SERVICE_URI_V3
155 ${KEYSTONE_SERVICE_PROTOCOL}://${HOST_IP}:${KEYSTONE_SERVICE_PORT}/v3 155 iniset $MAGNUM_CONF keystone_authtoken auth_url $KEYSTONE_AUTH_URI_V3
156 iniset $MAGNUM_CONF keystone_authtoken auth_version v3 156 iniset $MAGNUM_CONF keystone_authtoken auth_version v3
157 157
158 if is_fedora || is_suse; then 158 if is_fedora || is_suse; then
@@ -330,7 +330,9 @@ function configure_iptables {
330 sudo iptables -t nat -A POSTROUTING -o $OBOUND_DEV -j MASQUERADE 330 sudo iptables -t nat -A POSTROUTING -o $OBOUND_DEV -j MASQUERADE
331 # bay nodes will access magnum-api (port $MAGNUM_SERVICE_PORT) to get CA certificate. 331 # bay nodes will access magnum-api (port $MAGNUM_SERVICE_PORT) to get CA certificate.
332 sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $MAGNUM_SERVICE_PORT -j ACCEPT || true 332 sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $MAGNUM_SERVICE_PORT -j ACCEPT || true
333 sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $KEYSTONE_SERVICE_PORT -j ACCEPT || true 333 # allow access to keystone etc (http and https)
334 sudo iptables -I INPUT -d $HOST_IP -p tcp --dport 80 -j ACCEPT || true
335 sudo iptables -I INPUT -d $HOST_IP -p tcp --dport 443 -j ACCEPT || true
334 fi 336 fi
335} 337}
336 338
diff --git a/magnum/tests/contrib/post_test_hook.sh b/magnum/tests/contrib/post_test_hook.sh
index 3a713e7..d0f6992 100755
--- a/magnum/tests/contrib/post_test_hook.sh
+++ b/magnum/tests/contrib/post_test_hook.sh
@@ -69,6 +69,7 @@ function create_test_data {
69 local magnum_api_ip=$(iniget /etc/magnum/magnum.conf api host) 69 local magnum_api_ip=$(iniget /etc/magnum/magnum.conf api host)
70 local magnum_api_port=$(iniget /etc/magnum/magnum.conf api port) 70 local magnum_api_port=$(iniget /etc/magnum/magnum.conf api port)
71 local magnum_url="http://"$magnum_api_ip":"$magnum_api_port"/v1" 71 local magnum_url="http://"$magnum_api_ip":"$magnum_api_port"/v1"
72 local keystone_auth_url=$(iniget /etc/magnum/magnum.conf keystone_authtoken auth_uri)
72 73
73 # pass the appropriate variables via a config file 74 # pass the appropriate variables via a config file
74 CREDS_FILE=$MAGNUM_DIR/functional_creds.conf 75 CREDS_FILE=$MAGNUM_DIR/functional_creds.conf
@@ -76,7 +77,7 @@ function create_test_data {
76# Credentials for functional testing 77# Credentials for functional testing
77 78
78[auth] 79[auth]
79auth_url = $OS_AUTH_URL 80auth_url = $keystone_auth_url
80magnum_url = $magnum_url 81magnum_url = $magnum_url
81username = $OS_USERNAME 82username = $OS_USERNAME
82project_name = $OS_PROJECT_NAME 83project_name = $OS_PROJECT_NAME