From 93882de60329d91fdb9ba6ad5515a94312f570a8 Mon Sep 17 00:00:00 2001 From: Samuel Cassiba Date: Tue, 12 Jun 2018 21:04:02 -0700 Subject: [PATCH] Simplify identity endpoint Per the Keystone Install Guide[1] the admin endpoint is superseded in favor of a single public endpoint. As a result, the admin endpoint is no longer deployed by default. [1] https://docs.openstack.org/keystone/queens/install/keystone-install-ubuntu.html#install-and-configure-components Change-Id: I188edfcfbd6f8261a648c03b6e46532b960d3ac6 Implements: blueprint simplify-identity-endpoint --- recipes/cinder-common.rb | 8 +++----- recipes/identity_registration.rb | 4 ++-- spec/cinder_common_spec.rb | 9 --------- spec/identity_registration_spec.rb | 2 +- spec/spec_helper.rb | 14 ++++++++------ 5 files changed, 14 insertions(+), 23 deletions(-) diff --git a/recipes/cinder-common.rb b/recipes/cinder-common.rb index 6d5b860..09c50c4 100644 --- a/recipes/cinder-common.rb +++ b/recipes/cinder-common.rb @@ -48,13 +48,12 @@ end glance_api_endpoint = internal_endpoint 'image_api' cinder_api_bind = node['openstack']['bind_service']['all']['block-storage'] cinder_api_bind_address = bind_address cinder_api_bind -identity_endpoint = internal_endpoint 'identity' -identity_admin_endpoint = admin_endpoint 'identity' +identity_endpoint = public_endpoint 'identity' node.default['openstack']['block-storage']['conf_secrets'] .[]('keystone_authtoken')['password'] = get_password 'service', 'openstack-block-storage' -auth_uri = identity_endpoint.to_s -auth_url = identity_admin_endpoint.to_s + +auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version'] directory '/etc/cinder' do group node['openstack']['block-storage']['group'] @@ -68,7 +67,6 @@ node.default['openstack']['block-storage']['conf'].tap do |conf| conf['DEFAULT']['glance_api_servers'] = glance_api_endpoint.to_s conf['DEFAULT']['osapi_volume_listen'] = cinder_api_bind_address conf['DEFAULT']['osapi_volume_listen_port'] = cinder_api_bind['port'] - conf['keystone_authtoken']['auth_uri'] = auth_uri conf['keystone_authtoken']['auth_url'] = auth_url end diff --git a/recipes/identity_registration.rb b/recipes/identity_registration.rb index 20862a6..4eb8a66 100644 --- a/recipes/identity_registration.rb +++ b/recipes/identity_registration.rb @@ -26,8 +26,8 @@ class ::Chef::Recipe include ::Openstack end -identity_admin_endpoint = admin_endpoint 'identity' -auth_url = ::URI.decode identity_admin_endpoint.to_s +identity_endpoint = public_endpoint 'identity' +auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version'] interfaces = { public: { url: public_endpoint('block-storage') }, diff --git a/spec/cinder_common_spec.rb b/spec/cinder_common_spec.rb index 6e06650..5182cd9 100644 --- a/spec/cinder_common_spec.rb +++ b/spec/cinder_common_spec.rb @@ -69,15 +69,6 @@ describe 'openstack-block-storage::cinder-common' do end context 'keystone authtoken attributes' do - context 'endpoint related' do - it 'has auth_uri' do - expect(chef_run).to render_config_file(file.name).with_section_content('keystone_authtoken', %r{^auth_uri = http://127.0.0.1:5000/v3$}) - end - it 'has auth_url' do - expect(chef_run).to render_config_file(file.name).with_section_content('keystone_authtoken', %r{^auth_url = http://127.0.0.1:35357/v3$}) - end - end - it do expect(chef_run).not_to render_file(file.name).with_content(/^auth_version = v2.0$/) end diff --git a/spec/identity_registration_spec.rb b/spec/identity_registration_spec.rb index c0cdfec..f53ad31 100644 --- a/spec/identity_registration_spec.rb +++ b/spec/identity_registration_spec.rb @@ -13,7 +13,7 @@ describe 'openstack-block-storage::identity_registration' do include_context 'block-storage-stubs' connection_params = { - openstack_auth_url: 'http://127.0.0.1:35357/v3/auth/tokens', + openstack_auth_url: 'http://127.0.0.1:5000/v3/auth/tokens', openstack_username: 'admin', openstack_api_key: 'emc_test_pass', openstack_project_name: 'admin', diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 1e774ca..40f131f 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -9,16 +9,19 @@ ChefSpec::Coverage.start! { add_filter 'openstack-block-storage' } require 'chef/application' -LOG_LEVEL = :fatal +RSpec.configure do |config| + config.color = true + config.formatter = :documentation + config.log_level = :fatal +end + REDHAT_OPTS = { platform: 'redhat', - version: '7.3', - log_level: LOG_LEVEL, + version: '7.4', }.freeze UBUNTU_OPTS = { platform: 'ubuntu', version: '16.04', - log_level: LOG_LEVEL, }.freeze shared_context 'block-storage-stubs' do @@ -110,8 +113,7 @@ shared_examples 'creates_cinder_conf' do |service, user, group, action = :restar /^project_name = service$/, /^user_domain_name = Default/, /^project_domain_name = Default/, - %r{^auth_uri = http://127.0.0.1:5000/v3$}, - %r{^auth_url = http://127.0.0.1:35357/v3$}, + %r{^auth_url = http://127.0.0.1:5000/v3$}, /^password = cinder-pass$/, ].each do |line| expect(chef_run).to render_config_file(file.name)