From 52d8000c1acdb61b46ff45900ea31508850435ff Mon Sep 17 00:00:00 2001
From: Jens Rosenboom <j.rosenboom@x-ion.de>
Date: Tue, 1 Mar 2016 15:18:34 +0100
Subject: [PATCH] Fixup identity backend handling

Instead of creating an artificial, non-functional identity-internal
endpoint use the identity-main backend that is provided via the default
config for both public and internal endpoints.

Change-Id: Ia7d7f11108f0945ccd944d7e4a5c7f7ef68bc654
---
 attributes/default.rb      | 16 ++++++++--------
 recipes/server-apache.rb   | 29 ++++++++++-------------------
 spec/registration_spec.rb  |  2 +-
 spec/server-apache_spec.rb | 12 ++++++------
 4 files changed, 25 insertions(+), 34 deletions(-)

diff --git a/attributes/default.rb b/attributes/default.rb
index 27909b9..5ef2662 100644
--- a/attributes/default.rb
+++ b/attributes/default.rb
@@ -34,15 +34,15 @@ default['openstack']['identity']['custom_template_banner'] = "
   default['openstack']['endpoints'][ep_type]['identity']['host'] = '127.0.0.1'
   default['openstack']['endpoints'][ep_type]['identity']['scheme'] = 'http'
   default['openstack']['endpoints'][ep_type]['identity']['path'] = '/v2.0'
-  # web-service (e.g. apache) listen address (can be different from openstack
-  # identity endpoints)
-  default['openstack']['bind_service'][ep_type]['identity']['host'] = '127.0.0.1'
-end
-%w(endpoints bind_service).each do |type|
-  default['openstack'][type]['public']['identity']['port'] = 5000
-  default['openstack'][type]['internal']['identity']['port'] = 5001
-  default['openstack'][type]['admin']['identity']['port'] = 35357
 end
+default['openstack']['endpoints']['public']['identity']['port'] = 5000
+default['openstack']['endpoints']['internal']['identity']['port'] = 5000
+default['openstack']['endpoints']['admin']['identity']['port'] = 35357
+
+default['openstack']['bind_service']['main']['identity']['host'] = '127.0.0.1'
+default['openstack']['bind_service']['main']['identity']['port'] = 5000
+default['openstack']['bind_service']['admin']['identity']['host'] = '127.0.0.1'
+default['openstack']['bind_service']['admin']['identity']['port'] = 35357
 
 default['openstack']['identity']['catalog']['backend'] = 'sql'
 default['openstack']['identity']['token']['backend'] = 'sql'
diff --git a/recipes/server-apache.rb b/recipes/server-apache.rb
index aee9e6e..cabc4c4 100644
--- a/recipes/server-apache.rb
+++ b/recipes/server-apache.rb
@@ -87,10 +87,8 @@ when 'fernet'
   include_recipe 'openstack-identity::_fernet_tokens'
 end
 
-public_bind_service = node['openstack']['bind_service']['public']['identity']
-public_bind_address = bind_address public_bind_service
-internal_bind_service = node['openstack']['bind_service']['internal']['identity']
-internal_bind_address = bind_address internal_bind_service
+main_bind_service = node['openstack']['bind_service']['main']['identity']
+main_bind_address = bind_address main_bind_service
 admin_bind_service = node['openstack']['bind_service']['admin']['identity']
 admin_bind_address = bind_address admin_bind_service
 
@@ -240,9 +238,8 @@ end
 #### Start of Apache specific work
 
 apache_listen = Array(node['apache']['listen']) # include already defined listen attributes
-apache_listen += ["#{public_bind_service.host}:#{public_bind_service.port}"]
-apache_listen += ["#{internal_bind_service.host}:#{internal_bind_service.port}"]
-apache_listen += ["#{admin_bind_service.host}:#{admin_bind_service.port}"]
+apache_listen += ["#{main_bind_address}:#{main_bind_service.port}"]
+apache_listen += ["#{admin_bind_address}:#{admin_bind_service.port}"]
 
 node.normal['apache']['listen'] = apache_listen.uniq
 
@@ -257,13 +254,12 @@ directory keystone_apache_dir do
   mode 00755
 end
 
-server_entry_public = "#{keystone_apache_dir}/main"
-server_entry_internal = "#{keystone_apache_dir}/internal"
+server_entry_main = "#{keystone_apache_dir}/main"
 server_entry_admin = "#{keystone_apache_dir}/admin"
 
 # Note: Using lazy here as the wsgi file is not available until after
 # the keystone package is installed during execution phase.
-[server_entry_public, server_entry_internal, server_entry_admin].each do |server_entry|
+[server_entry_main, server_entry_admin].each do |server_entry|
   file server_entry do
     content lazy { IO.read(platform_options['keystone_wsgi_file']) }
     owner 'root'
@@ -273,15 +269,10 @@ server_entry_admin = "#{keystone_apache_dir}/admin"
 end
 
 wsgi_apps = {
-  'public' => {
-    server_host: public_bind_address,
-    server_port: public_bind_service.port,
-    server_entry: server_entry_public
-  },
-  'internal' => {
-    server_host: internal_bind_address,
-    server_port: internal_bind_service.port,
-    server_entry: server_entry_internal
+  'main' => {
+    server_host: main_bind_address,
+    server_port: main_bind_service.port,
+    server_entry: server_entry_main
   },
   'admin' => {
     server_host: admin_bind_address,
diff --git a/spec/registration_spec.rb b/spec/registration_spec.rb
index d8eaeee..c5ddd98 100644
--- a/spec/registration_spec.rb
+++ b/spec/registration_spec.rb
@@ -239,7 +239,7 @@ describe 'openstack-identity::registration' do
             service_type: 'identity',
             endpoint_region: 'RegionOne',
             endpoint_adminurl: 'http://127.0.0.1:35357/v2.0',
-            endpoint_internalurl: 'http://127.0.0.1:5001/v2.0',
+            endpoint_internalurl: 'http://127.0.0.1:5000/v2.0',
             endpoint_publicurl: 'http://127.0.0.1:5000/v2.0'
           )
         end
diff --git a/spec/server-apache_spec.rb b/spec/server-apache_spec.rb
index 91bd95b..245e98e 100644
--- a/spec/server-apache_spec.rb
+++ b/spec/server-apache_spec.rb
@@ -363,7 +363,7 @@ describe 'openstack-identity::server-apache' do
 
       it 'set apache addresses and ports' do
         expect(chef_run.node['apache']['listen']).to eq(
-          %w(*:80 127.0.0.1:5000 127.0.0.1:5001 127.0.0.1:35357)
+          %w(*:80 127.0.0.1:5000 127.0.0.1:35357)
         )
       end
 
@@ -399,7 +399,7 @@ describe 'openstack-identity::server-apache' do
       end
 
       describe 'apache wsgi' do
-        ['/etc/apache2/sites-available/keystone-public.conf',
+        ['/etc/apache2/sites-available/keystone-main.conf',
          '/etc/apache2/sites-available/keystone-admin.conf'].each do |file|
           it "creates #{file}" do
             expect(chef_run).to create_template(file).with(
@@ -428,13 +428,13 @@ describe 'openstack-identity::server-apache' do
           end
         end
 
-        describe 'keystone-public.conf' do
+        describe 'keystone-main.conf' do
           it 'configures required lines' do
             [/^<VirtualHost 127.0.0.1:5000>$/,
-             /^    WSGIDaemonProcess keystone-public/,
-             /^    WSGIProcessGroup keystone-public$/,
+             /^    WSGIDaemonProcess keystone-main/,
+             /^    WSGIProcessGroup keystone-main$/,
              %r{^    WSGIScriptAlias / /var/www/html/keystone/main$}].each do |line|
-              expect(chef_run).to render_file('/etc/apache2/sites-available/keystone-public.conf').with_content(line)
+              expect(chef_run).to render_file('/etc/apache2/sites-available/keystone-main.conf').with_content(line)
             end
           end
         end