Merge ssl-everywhere branch
This commit is contained in:
commit
94822c5513
|
@ -197,6 +197,10 @@ class CloudComputeContext(context.OSContextGenerator):
|
|||
continue
|
||||
|
||||
neutron_ctxt = {
|
||||
'auth_protocol': relation_get(
|
||||
'auth_protocol', **rel) or 'http',
|
||||
'service_protocol': relation_get(
|
||||
'service_protocol', **rel) or 'http',
|
||||
'neutron_auth_strategy': 'keystone',
|
||||
'keystone_host': relation_get(
|
||||
'auth_host', **rel),
|
||||
|
@ -220,8 +224,9 @@ class CloudComputeContext(context.OSContextGenerator):
|
|||
|
||||
neutron_ctxt['neutron_security_groups'] = _neutron_security_groups()
|
||||
|
||||
ks_url = 'http://%s:%s/v2.0' % (neutron_ctxt['keystone_host'],
|
||||
neutron_ctxt['auth_port'])
|
||||
ks_url = '%s://%s:%s/v2.0' % (neutron_ctxt['auth_protocol'],
|
||||
neutron_ctxt['keystone_host'],
|
||||
neutron_ctxt['auth_port'])
|
||||
neutron_ctxt['neutron_admin_auth_url'] = ks_url
|
||||
|
||||
if self.network_manager == 'quantum':
|
||||
|
|
|
@ -43,10 +43,11 @@ BASE_PACKAGES = [
|
|||
'genisoimage', # was missing as a package dependency until raring.
|
||||
]
|
||||
|
||||
NOVA_CONF_DIR = "/etc/nova"
|
||||
QEMU_CONF = '/etc/libvirt/qemu.conf'
|
||||
LIBVIRTD_CONF = '/etc/libvirt/libvirtd.conf'
|
||||
LIBVIRT_BIN = '/etc/default/libvirt-bin'
|
||||
NOVA_CONF = '/etc/nova/nova.conf'
|
||||
NOVA_CONF = '%s/nova.conf' % NOVA_CONF_DIR
|
||||
|
||||
BASE_RESOURCE_MAP = {
|
||||
QEMU_CONF: {
|
||||
|
@ -63,8 +64,9 @@ BASE_RESOURCE_MAP = {
|
|||
},
|
||||
NOVA_CONF: {
|
||||
'services': ['nova-compute'],
|
||||
'contexts': [context.AMQPContext(),
|
||||
context.SharedDBContext(relation_prefix='nova'),
|
||||
'contexts': [context.AMQPContext(ssl_dir=NOVA_CONF_DIR),
|
||||
context.SharedDBContext(
|
||||
relation_prefix='nova', ssl_dir=NOVA_CONF_DIR),
|
||||
context.ImageServiceContext(),
|
||||
context.OSConfigFlagContext(),
|
||||
CloudComputeContext(),
|
||||
|
@ -90,24 +92,26 @@ CEPH_RESOURCES = {
|
|||
}
|
||||
}
|
||||
|
||||
QUANTUM_CONF = '/etc/quantum/quantum.conf'
|
||||
QUANTUM_CONF_DIR = "/etc/quantum"
|
||||
QUANTUM_CONF = '%s/quantum.conf' % QUANTUM_CONF_DIR
|
||||
|
||||
QUANTUM_RESOURCES = {
|
||||
QUANTUM_CONF: {
|
||||
'services': [],
|
||||
'contexts': [context.AMQPContext(),
|
||||
NeutronComputeContext(),
|
||||
'contexts': [NeutronComputeContext(),
|
||||
context.AMQPContext(ssl_dir=QUANTUM_CONF_DIR),
|
||||
context.SyslogContext()],
|
||||
}
|
||||
}
|
||||
|
||||
NEUTRON_CONF = '/etc/neutron/neutron.conf'
|
||||
NEUTRON_CONF_DIR = "/etc/neutron"
|
||||
NEUTRON_CONF = '%s/neutron.conf' % NEUTRON_CONF_DIR
|
||||
|
||||
NEUTRON_RESOURCES = {
|
||||
NEUTRON_CONF: {
|
||||
'services': [],
|
||||
'contexts': [context.AMQPContext(),
|
||||
NeutronComputeContext(),
|
||||
'contexts': [NeutronComputeContext(),
|
||||
context.AMQPContext(ssl_dir=NEUTRON_CONF_DIR),
|
||||
context.SyslogContext()],
|
||||
}
|
||||
}
|
||||
|
|
|
@ -26,7 +26,7 @@ enabled_apis=ec2,osapi_compute,metadata
|
|||
auth_strategy=keystone
|
||||
compute_driver=libvirt.LibvirtDriver
|
||||
{% if database_host -%}
|
||||
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}
|
||||
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
|
||||
{% endif -%}
|
||||
|
||||
{% if rabbitmq_host -%}
|
||||
|
@ -34,6 +34,13 @@ rabbit_host = {{ rabbitmq_host }}
|
|||
rabbit_userid = {{ rabbitmq_user }}
|
||||
rabbit_password = {{ rabbitmq_password }}
|
||||
rabbit_virtual_host = {{ rabbitmq_virtual_host }}
|
||||
{% if rabbit_ssl_port %}
|
||||
rabbit_use_ssl=True
|
||||
rabbit_port={{ rabbit_ssl_port }}
|
||||
{% if rabbit_ssl_ca %}
|
||||
kombu_ssl_ca_certs={{rabbit_ssl_ca}}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% endif -%}
|
||||
|
||||
{% if glance_api_servers -%}
|
||||
|
|
|
@ -22,7 +22,13 @@ rabbit_host = {{ rabbitmq_host }}
|
|||
rabbit_userid = {{ rabbitmq_user }}
|
||||
rabbit_password = {{ rabbitmq_password }}
|
||||
rabbit_virtual_host = {{ rabbitmq_virtual_host }}
|
||||
|
||||
{% if rabbit_ssl_port %}
|
||||
rabbit_use_ssl=True
|
||||
rabbit_port={{ rabbit_ssl_port }}
|
||||
{% if rabbit_ssl_ca %}
|
||||
kombu_ssl_ca_certs={{rabbit_ssl_ca}}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% endif -%}
|
||||
|
||||
|
||||
|
|
|
@ -26,13 +26,20 @@ enabled_apis=ec2,osapi_compute,metadata
|
|||
auth_strategy=keystone
|
||||
compute_driver=libvirt.LibvirtDriver
|
||||
{% if database_host -%}
|
||||
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}
|
||||
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
|
||||
{% endif -%}
|
||||
|
||||
{% if rabbitmq_host or rabbitmq_hosts -%}
|
||||
rabbit_userid = {{ rabbitmq_user }}
|
||||
rabbit_password = {{ rabbitmq_password }}
|
||||
rabbit_virtual_host = {{ rabbitmq_virtual_host }}
|
||||
{% if rabbit_ssl_port %}
|
||||
rabbit_use_ssl=True
|
||||
rabbit_port={{ rabbit_ssl_port }}
|
||||
{% if rabbit_ssl_ca %}
|
||||
kombu_ssl_ca_certs={{rabbit_ssl_ca}}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% if rabbitmq_hosts -%}
|
||||
rabbit_hosts = {{ rabbitmq_hosts }}
|
||||
{% if rabbitmq_ha_queues -%}
|
||||
|
|
|
@ -33,6 +33,13 @@ rabbit_durable_queues = false
|
|||
{% else %}
|
||||
rabbit_host = {{ rabbitmq_host }}
|
||||
{% endif -%}
|
||||
{% if rabbit_ssl_port %}
|
||||
rabbit_use_ssl=True
|
||||
rabbit_port={{ rabbit_ssl_port }}
|
||||
{% if rabbit_ssl_ca %}
|
||||
kombu_ssl_ca_certs={{rabbit_ssl_ca}}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{% endif -%}
|
||||
|
||||
[QUOTAS]
|
||||
|
|
|
@ -26,7 +26,7 @@ enabled_apis=ec2,osapi_compute,metadata
|
|||
auth_strategy=keystone
|
||||
compute_driver=libvirt.LibvirtDriver
|
||||
{% if database_host -%}
|
||||
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}
|
||||
sql_connection = mysql://{{ database_user }}:{{ database_password }}@{{ database_host }}/{{ database }}{% if database_ssl_ca %}?ssl_ca={{ database_ssl_ca }}{% if database_ssl_cert %}&ssl_cert={{ database_ssl_cert }}&ssl_key={{ database_ssl_key }}{% endif %}{% endif %}
|
||||
{% endif -%}
|
||||
|
||||
{% if rabbitmq_host or rabbitmq_hosts -%}
|
||||
|
@ -43,6 +43,14 @@ rabbit_durable_queues = false
|
|||
rabbit_host = {{ rabbitmq_host }}
|
||||
{% endif -%}
|
||||
{% endif -%}
|
||||
{% if rabbit_ssl_port %}
|
||||
rabbit_use_ssl=True
|
||||
rabbit_port={{ rabbit_ssl_port }}
|
||||
{% if rabbit_ssl_ca %}
|
||||
kombu_ssl_ca_certs={{rabbit_ssl_ca}}
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
{%- endif -%}
|
||||
|
||||
{% if glance_api_servers -%}
|
||||
glance_api_servers = {{ glance_api_servers }}
|
||||
|
|
|
@ -22,6 +22,7 @@ QUANTUM_CONTEXT = {
|
|||
'quantum_auth_strategy': 'keystone',
|
||||
'keystone_host': 'keystone_host',
|
||||
'auth_port': '5000',
|
||||
'auth_protocol': 'https',
|
||||
'quantum_url': 'http://quantum_url',
|
||||
'service_tenant_name': 'admin',
|
||||
'service_username': 'admin',
|
||||
|
@ -143,9 +144,11 @@ class NovaComputeContextTests(CharmTestCase):
|
|||
ex_ctxt = {
|
||||
'network_manager': 'quantum',
|
||||
'network_manager_config': {
|
||||
'auth_protocol': 'https',
|
||||
'service_protocol': 'http',
|
||||
'auth_port': '5000',
|
||||
'keystone_host': 'keystone_host',
|
||||
'quantum_admin_auth_url': 'http://keystone_host:5000/v2.0',
|
||||
'quantum_admin_auth_url': 'https://keystone_host:5000/v2.0',
|
||||
'quantum_admin_password': 'openstack',
|
||||
'quantum_admin_tenant_name': 'admin',
|
||||
'quantum_admin_username': 'admin',
|
||||
|
|
Loading…
Reference in New Issue