ssl endpoint support
This commit is contained in:
parent
b9bd7ab380
commit
ba9bef7611
|
@ -9,7 +9,8 @@ from charmhelpers.core.hookenv import (
|
|||
|
||||
from charmhelpers.contrib.openstack.context import (
|
||||
OSContextGenerator,
|
||||
context_complete
|
||||
context_complete,
|
||||
ApacheSSLContext as SSLContext,
|
||||
)
|
||||
|
||||
CEILOMETER_DB = 'ceilometer'
|
||||
|
@ -72,3 +73,10 @@ class CeilometerServiceContext(OSContextGenerator):
|
|||
if context_complete(conf):
|
||||
return conf
|
||||
return {}
|
||||
|
||||
|
||||
class ApacheSSLContext(SSLContext):
|
||||
|
||||
service_namespace = "ceilometer"
|
||||
|
||||
external_ports = [CEILOMETER_PORT]
|
||||
|
|
|
@ -1,11 +1,16 @@
|
|||
import os
|
||||
|
||||
from collections import OrderedDict
|
||||
|
||||
from charmhelpers.contrib.openstack import (
|
||||
templating,
|
||||
context,
|
||||
)
|
||||
from ceilometer_contexts import (
|
||||
ApacheSSLContext,
|
||||
LoggingConfigContext,
|
||||
MongoDBContext,
|
||||
CeilometerContext
|
||||
CeilometerContext,
|
||||
)
|
||||
from charmhelpers.contrib.openstack.utils import (
|
||||
get_os_codename_package,
|
||||
|
@ -17,6 +22,9 @@ from charmhelpers.fetch import apt_update, apt_install
|
|||
|
||||
CEILOMETER_CONF_DIR = "/etc/ceilometer"
|
||||
CEILOMETER_CONF = "%s/ceilometer.conf" % CEILOMETER_CONF_DIR
|
||||
HTTPS_APACHE_CONF = "/etc/apache2/sites-available/openstack_https_frontend"
|
||||
HTTPS_APACHE_24_CONF = "/etc/apache2/sites-available/" \
|
||||
"openstack_https_frontend.conf"
|
||||
|
||||
CEILOMETER_SERVICES = [
|
||||
'ceilometer-agent-central',
|
||||
|
@ -28,11 +36,13 @@ CEILOMETER_DB = "ceilometer"
|
|||
CEILOMETER_SERVICE = "ceilometer"
|
||||
|
||||
CEILOMETER_PACKAGES = [
|
||||
'apache2',
|
||||
'ceilometer-agent-central',
|
||||
'ceilometer-collector',
|
||||
'ceilometer-api'
|
||||
]
|
||||
|
||||
|
||||
CEILOMETER_ROLE = "ResellerAdmin"
|
||||
|
||||
#NOVA_CONF = "/etc/nova/nova.conf"
|
||||
|
@ -42,8 +52,9 @@ CEILOMETER_ROLE = "ResellerAdmin"
|
|||
# ('DEFAULT', 'notification_driver', 'ceilometer.compute.nova_notifier')
|
||||
#]
|
||||
|
||||
CONFIG_FILES = {
|
||||
CEILOMETER_CONF: {
|
||||
|
||||
CONFIG_FILES = OrderedDict([
|
||||
(CEILOMETER_CONF, {
|
||||
'hook_contexts': [context.IdentityServiceContext(),
|
||||
context.AMQPContext(ssl_dir=CEILOMETER_CONF_DIR),
|
||||
LoggingConfigContext(),
|
||||
|
@ -51,8 +62,16 @@ CONFIG_FILES = {
|
|||
CeilometerContext(),
|
||||
context.SyslogContext()],
|
||||
'services': CEILOMETER_SERVICES
|
||||
}
|
||||
}
|
||||
}),
|
||||
(HTTPS_APACHE_CONF, {
|
||||
'hook_contexts': [ApacheSSLContext()],
|
||||
'services': ['apache2'],
|
||||
}),
|
||||
(HTTPS_APACHE_24_CONF, {
|
||||
'hook_contexts': [ApacheSSLContext()],
|
||||
'services': ['apache2'],
|
||||
})
|
||||
])
|
||||
|
||||
TEMPLATES = 'templates'
|
||||
|
||||
|
@ -74,6 +93,12 @@ def register_configs():
|
|||
for conf in CONFIG_FILES:
|
||||
configs.register(conf, CONFIG_FILES[conf]['hook_contexts'])
|
||||
|
||||
if os.path.exists('/etc/apache2/conf-available'):
|
||||
configs.register(HTTPS_APACHE_24_CONF,
|
||||
CONFIG_FILES[HTTPS_APACHE_24_CONF]['hook_contexts'])
|
||||
else:
|
||||
configs.register(HTTPS_APACHE_CONF,
|
||||
CONFIG_FILES[HTTPS_APACHE_CONF]['hook_contexts'])
|
||||
return configs
|
||||
|
||||
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
{% if endpoints %}
|
||||
{% for ext, int in endpoints %}
|
||||
Listen {{ ext }}
|
||||
NameVirtualHost *:{{ ext }}
|
||||
<VirtualHost *:{{ ext }}>
|
||||
ServerName {{ private_address }}
|
||||
SSLEngine on
|
||||
SSLCertificateFile /etc/apache2/ssl/{{ namespace }}/cert
|
||||
SSLCertificateKeyFile /etc/apache2/ssl/{{ namespace }}/key
|
||||
ProxyPass / http://localhost:{{ int }}/
|
||||
ProxyPassReverse / http://localhost:{{ int }}/
|
||||
ProxyPreserveHost on
|
||||
</VirtualHost>
|
||||
<Proxy *>
|
||||
Order deny,allow
|
||||
Allow from all
|
||||
</Proxy>
|
||||
<Location />
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
</Location>
|
||||
{% endfor %}
|
||||
{% endif %}
|
|
@ -0,0 +1 @@
|
|||
openstack_https_frontend
|
Loading…
Reference in New Issue