Remove Keystone dependency from neutron-server RA

When we check the availability of Neutron API service, now we simply check the response code of "List API version" call instead of getting a token from Keystone, then checking a Neutron API endpoint using that token. This way we don't need a token anymore so the checking process will not depend on the availability on Keystone. Partial-Bug: #1511721 Change-Id: I5fee8d47bd8e9af9f415b9f74c4f9325ac99df2f Signed-off-by: Norbert Illes <norbert.e.illes@ericsson.com>
2016-02-01 16:30:05 +01:00 · 2016-02-01 16:30:05 +01:00 · b1266c77dd
parent a756a909a1
commit b1266c77dd
1 changed files with 14 additions and 17 deletions
--- a/ocf/neutron-server
+++ b/ocf/neutron-server
@ -21,11 +21,12 @@
 #   OCF_RESKEY_plugin_config
 #   OCF_RESKEY_user
 #   OCF_RESKEY_pid
+#   OCF_RESKEY_additional_parameters
+# OCF deprecated parameters:
 #   OCF_RESKEY_os_username
 #   OCF_RESKEY_os_password
 #   OCF_RESKEY_os_tenant_name
 #   OCF_RESKEY_keystone_get_token_url
-#   OCF_RESKEY_additional_parameters
 #######################################################################
 # Initialization:

@ -42,7 +43,6 @@ OCF_RESKEY_plugin_config_default="/etc/neutron/plugins/openvswitch/ovs_neutron_p
 OCF_RESKEY_user_default="neutron"
 OCF_RESKEY_pid_default="$HA_RSCTMP/$OCF_RESOURCE_INSTANCE.pid"
 OCF_RESKEY_url_default="http://127.0.0.1:9696"
-OCF_RESKEY_keystone_get_token_url_default="http://127.0.0.1:5000/v2.0/tokens"

 : ${OCF_RESKEY_binary=${OCF_RESKEY_binary_default}}
 : ${OCF_RESKEY_config=${OCF_RESKEY_config_default}}
@ -50,7 +50,6 @@ OCF_RESKEY_keystone_get_token_url_default="http://127.0.0.1:5000/v2.0/tokens"
 : ${OCF_RESKEY_user=${OCF_RESKEY_user_default}}
 : ${OCF_RESKEY_pid=${OCF_RESKEY_pid_default}}
 : ${OCF_RESKEY_url=${OCF_RESKEY_url_default}}
-: ${OCF_RESKEY_keystone_get_token_url=${OCF_RESKEY_keystone_get_token_url_default}}

 #######################################################################

@ -135,34 +134,38 @@ The default URL to use for monitoring this instance (neutron-server) via curl. I

 <parameter name="keystone_get_token_url" unique="0" required="0">
 <longdesc lang="en">
+This parameter is DEPRECATED, you can specify it but it won't be used.
 The default URL to use to acquire a Neutron API (neutron-server) token for monitoring this instance
 of OpenStack Neutron API (neutron-server)
 </longdesc>
-<shortdesc lang="en">OpenStack Neutron API (neutron-server) url</shortdesc>
+<shortdesc lang="en">DEPRECATED! OpenStack Neutron API (neutron-server) url</shortdesc>
 <content type="string" default="${OCF_RESKEY_keystone_get_token_url_default}" />
 </parameter>

 <parameter name="os_username" unique="0" required="0">
 <longdesc lang="en">
+This parameter is DEPRECATED, you can specify it but it won't be used.
 The username to use when connecting with Neutron API (neutron-server) for monitoring purposes
 </longdesc>
-<shortdesc lang="en">Neutron API (neutron-server) monitoring login</shortdesc>
+<shortdesc lang="en">DEPRECATED! Neutron API (neutron-server) monitoring login</shortdesc>
 <content type="string" />
 </parameter>

 <parameter name="os_password" unique="0" required="0">
 <longdesc lang="en">
+This parameter is DEPRECATED, you can specify it but it won't be used.
 The password to use when connecting Neutron API (neutron-server) for monitoring purposes
 </longdesc>
-<shortdesc lang="en">Neutron API (neutron-server) monitoring password</shortdesc>
+<shortdesc lang="en">DEPRECATED! Neutron API (neutron-server) monitoring password</shortdesc>
 <content type="string" />
 </parameter>

 <parameter name="os_tenant_name" unique="0" required="0">
 <longdesc lang="en">
+This parameter is DEPRECATED, you can specify it but it won't be used.
 The tenant to use when connecting Neutron API (neutron-server) for monitoring purposes
 </longdesc>
-<shortdesc lang="en">Neutron API (neutron-server) monitoring tenant</shortdesc>
+<shortdesc lang="en">DEPRECATED! Neutron API (neutron-server) monitoring tenant</shortdesc>
 <content type="string" />
 </parameter>

@ -244,7 +247,6 @@ neutron_server_status() {

 neutron_server_monitor() {
    local rc
-    local token
    local http_code

    neutron_server_status
@ -254,15 +256,10 @@ neutron_server_monitor() {
    if [ $rc -ne $OCF_SUCCESS ]; then
        return $rc
    fi
-
-    # Check detailed information about this specific version of the API.
-    if [ -n "$OCF_RESKEY_os_username" ] && [ -n "$OCF_RESKEY_os_password" ] \
-    && [ -n "$OCF_RESKEY_os_tenant_name" ] && [ -n "$OCF_RESKEY_keystone_get_token_url" ]; then
-        token=`curl -s -d  "{\"auth\":{\"passwordCredentials\": {\"username\": \"$OCF_RESKEY_os_username\", \
-          \"password\": \"$OCF_RESKEY_os_password\"}, \"tenantName\": \"$OCF_RESKEY_os_tenant_name\"}}" \
-          -H "Content-type: application/json" $OCF_RESKEY_keystone_get_token_url | tr ',' '\n' | grep '"id":' \
-          | cut -d'"' -f4 | head --lines 1`
-        http_code=`curl --write-out %{http_code} --output /dev/null -sH "X-Auth-Token: $token" $OCF_RESKEY_url`
+    # Check the response code of the "List API versions" call.
+    # If it's 200, we consider neutron-server is properly running.
+    if [ -n "$OCF_RESKEY_url" ]; then
+        http_code=`curl --silent --write-out %{http_code} --output /dev/null -X GET $OCF_RESKEY_url`
        rc=$?
        if [ $rc -ne 0 ] || [ $http_code -ne 200 ]; then
            ocf_log err "Failed to connect to the OpenStack Neutron API (neutron-server): $rc and $http_code"