openstack
/
charm-nova-compute-proxy
Code Issues Proposed changes

Merge ssl-everywhere branch

This commit is contained in:
James Page 2014-03-27 11:08:20 +00:00
parent 26fe3fb2b6 f5a8dbac5a
commit 94822c5513
8 changed files with 63 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
hooks/nova_compute_context.py
View File

@ -197,6 +197,10 @@ class CloudComputeContext(context.OSContextGenerator):
continue
neutron_ctxt = {
'auth_protocol': relation_get(
'auth_protocol', **rel) or 'http',
'service_protocol': relation_get(
'service_protocol', **rel) or 'http',
'neutron_auth_strategy': 'keystone',
'keystone_host': relation_get(
'auth_host', **rel),
@ -220,8 +224,9 @@ class CloudComputeContext(context.OSContextGenerator):
neutron_ctxt['neutron_security_groups'] = _neutron_security_groups()
ks_url = 'http://%s:%s/v2.0' % (neutron_ctxt['keystone_host'],
neutron_ctxt['auth_port'])
ks_url = '%s://%s:%s/v2.0' % (neutron_ctxt['auth_protocol'],
neutron_ctxt['keystone_host'],
neutron_ctxt['auth_port'])
neutron_ctxt['neutron_admin_auth_url'] = ks_url
if self.network_manager == 'quantum':

22
hooks/nova_compute_utils.py
View File

@ -43,10 +43,11 @@ BASE_PACKAGES = [
'genisoimage', # was missing as a package dependency until raring.
]
NOVA_CONF_DIR = "/etc/nova"
QEMU_CONF = '/etc/libvirt/qemu.conf'
LIBVIRTD_CONF = '/etc/libvirt/libvirtd.conf'
LIBVIRT_BIN = '/etc/default/libvirt-bin'
NOVA_CONF = '/etc/nova/nova.conf'
NOVA_CONF = '%s/nova.conf' % NOVA_CONF_DIR
BASE_RESOURCE_MAP = {
QEMU_CONF: {
@ -63,8 +64,9 @@ BASE_RESOURCE_MAP = {
},
NOVA_CONF: {
'services': ['nova-compute'],
'contexts': [context.AMQPContext(),
context.SharedDBContext(relation_prefix='nova'),
'contexts': [context.AMQPContext(ssl_dir=NOVA_CONF_DIR),
context.SharedDBContext(
relation_prefix='nova', ssl_dir=NOVA_CONF_DIR),
context.ImageServiceContext(),
context.OSConfigFlagContext(),
CloudComputeContext(),
@ -90,24 +92,26 @@ CEPH_RESOURCES = {
}
}
QUANTUM_CONF = '/etc/quantum/quantum.conf'
QUANTUM_CONF_DIR = "/etc/quantum"
QUANTUM_CONF = '%s/quantum.conf' % QUANTUM_CONF_DIR
QUANTUM_RESOURCES = {
QUANTUM_CONF: {
'services': [],
'contexts': [context.AMQPContext(),
NeutronComputeContext(),
'contexts': [NeutronComputeContext(),
context.AMQPContext(ssl_dir=QUANTUM_CONF_DIR),
context.SyslogContext()],
}
}
NEUTRON_CONF = '/etc/neutron/neutron.conf'
NEUTRON_CONF_DIR = "/etc/neutron"
NEUTRON_CONF = '%s/neutron.conf' % NEUTRON_CONF_DIR
NEUTRON_RESOURCES = {
NEUTRON_CONF: {
'services': [],
'contexts': [context.AMQPContext(),
NeutronComputeContext(),
'contexts': [NeutronComputeContext(),
context.AMQPContext(ssl_dir=NEUTRON_CONF_DIR),
context.SyslogContext()],
}
}

9
templates/folsom/nova.conf
View File

@ -26,7 +26,7 @@ enabled_apis=ec2,osapi_compute,metadata
auth_strategy=keystone
compute_driver=libvirt.LibvirtDriver
{% if database_host -%}
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
{% endif -%}
{% if rabbitmq_host -%}
@ -34,6 +34,13 @@ rabbit_host = {{ rabbitmq_host }}
rabbit_userid = {{ rabbitmq_user }}
rabbit_password = {{ rabbitmq_password }}
rabbit_virtual_host = {{ rabbitmq_virtual_host }}
{% if rabbit_ssl_port %}
rabbit_use_ssl=True
rabbit_port={{ rabbit_ssl_port }}
{% if rabbit_ssl_ca %}
kombu_ssl_ca_certs={{rabbit_ssl_ca}}
{% endif %}
{% endif %}
{% endif -%}
{% if glance_api_servers -%}

8
templates/folsom/quantum.conf
View File

@ -22,7 +22,13 @@ rabbit_host = {{ rabbitmq_host }}
rabbit_userid = {{ rabbitmq_user }}
rabbit_password = {{ rabbitmq_password }}
rabbit_virtual_host = {{ rabbitmq_virtual_host }}
{% if rabbit_ssl_port %}
rabbit_use_ssl=True
rabbit_port={{ rabbit_ssl_port }}
{% if rabbit_ssl_ca %}
kombu_ssl_ca_certs={{rabbit_ssl_ca}}
{% endif %}
{% endif %}
{% endif -%}

9
templates/grizzly/nova.conf
View File

@ -26,13 +26,20 @@ enabled_apis=ec2,osapi_compute,metadata
auth_strategy=keystone
compute_driver=libvirt.LibvirtDriver
{% if database_host -%}
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
{% endif -%}
{% if rabbitmq_host or rabbitmq_hosts -%}
rabbit_userid = {{ rabbitmq_user }}
rabbit_password = {{ rabbitmq_password }}
rabbit_virtual_host = {{ rabbitmq_virtual_host }}
{% if rabbit_ssl_port %}
rabbit_use_ssl=True
rabbit_port={{ rabbit_ssl_port }}
{% if rabbit_ssl_ca %}
kombu_ssl_ca_certs={{rabbit_ssl_ca}}
{% endif %}
{% endif %}
{% if rabbitmq_hosts -%}
rabbit_hosts = {{ rabbitmq_hosts }}
{% if rabbitmq_ha_queues -%}

7
templates/havana/neutron.conf
View File

@ -33,6 +33,13 @@ rabbit_durable_queues = false
{% else %}
rabbit_host = {{ rabbitmq_host }}
{% endif -%}
{% if rabbit_ssl_port %}
rabbit_use_ssl=True
rabbit_port={{ rabbit_ssl_port }}
{% if rabbit_ssl_ca %}
kombu_ssl_ca_certs={{rabbit_ssl_ca}}
{% endif %}
{% endif %}
{% endif -%}
[QUOTAS]

10
templates/havana/nova.conf
View File

@ -26,7 +26,7 @@ enabled_apis=ec2,osapi_compute,metadata
auth_strategy=keystone
compute_driver=libvirt.LibvirtDriver
{% if database_host -%}
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
{% endif -%}
{% if rabbitmq_host or rabbitmq_hosts -%}
@ -43,6 +43,14 @@ rabbit_durable_queues = false
rabbit_host = {{ rabbitmq_host }}
{% endif -%}
{% endif -%}
{% if rabbit_ssl_port %}
rabbit_use_ssl=True
rabbit_port={{ rabbit_ssl_port }}
{% if rabbit_ssl_ca %}
kombu_ssl_ca_certs={{rabbit_ssl_ca}}
{% endif %}
{% endif %}
{%- endif -%}
{% if glance_api_servers -%}
glance_api_servers = {{ glance_api_servers }}

5
unit_tests/test_nova_compute_contexts.py
View File

@ -22,6 +22,7 @@ QUANTUM_CONTEXT = {
'quantum_auth_strategy': 'keystone',
'keystone_host': 'keystone_host',
'auth_port': '5000',
'auth_protocol': 'https',
'quantum_url': 'http://quantum_url',
'service_tenant_name': 'admin',
'service_username': 'admin',
@ -143,9 +144,11 @@ class NovaComputeContextTests(CharmTestCase):
ex_ctxt = {
'network_manager': 'quantum',
'network_manager_config': {
'auth_protocol': 'https',
'service_protocol': 'http',
'auth_port': '5000',
'keystone_host': 'keystone_host',
'quantum_admin_auth_url': 'http://keystone_host:5000/v2.0',
'quantum_admin_auth_url': 'https://keystone_host:5000/v2.0',
'quantum_admin_password': 'openstack',
'quantum_admin_tenant_name': 'admin',
'quantum_admin_username': 'admin',