General cleanup:
* Move *_RUN_EXERCISES after localrc * Fix images cache dirs * Save cinder database
This commit is contained in:
Dean Troyer
parent
cbb8b4b429
commit
7ce882cc8c
|
|
@ -4,7 +4,7 @@ GRENADE_PHASE=base
|
|||
# Default to selecting an interface via the default route
|
||||
unset HOST_IP
|
||||
|
||||
DEST=$TOP_DIR/..
|
||||
DEST=$TARGET_RELEASE_DIR
|
||||
|
||||
# Timeouts
|
||||
ACTIVE_TIMEOUT=120
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ GRENADE_PHASE=target
|
|||
# Default to selecting an interface via the default route
|
||||
unset HOST_IP
|
||||
|
||||
DEST=$TOP_DIR/..
|
||||
DEST=$TARGET_RELEASE_DIR
|
||||
|
||||
# Timeouts
|
||||
ACTIVE_TIMEOUT=120
|
||||
|
|
|
|||
|
|
@ -163,7 +163,7 @@ for image_url in ${IMAGE_URLS//,/ }; do
|
|||
rsync -av $BASE_DEVSTACK_DIR/files/$IMAGE_FNAME $DEST/images
|
||||
fi
|
||||
done
|
||||
rsync -av $BASE_DEVSTACK_DIR/files/images $DEST/images
|
||||
rsync -av $BASE_DEVSTACK_DIR/files/images/ $DEST/images
|
||||
stop $STOP image-cache 20
|
||||
|
||||
|
||||
|
|
@ -199,7 +199,7 @@ echo_summary "Sourcing base DevStack config"
|
|||
source $BASE_DEVSTACK_DIR/stackrc
|
||||
echo_summary "Dumping base databases"
|
||||
mkdir -p $SAVE_DIR
|
||||
for db in keystone glance nova; do
|
||||
for db in keystone glance nova cinder; do
|
||||
mysqldump -uroot -p$MYSQL_PASSWORD $db >$SAVE_DIR/$db.sql.$BASE_RELEASE
|
||||
done
|
||||
stop $STOP mysqldump 150
|
||||
|
|
|
|||
|
|
@ -29,8 +29,6 @@ TARGET_DEVSTACK_DIR=$TARGET_RELEASE_DIR/devstack
|
|||
|
||||
# Allow skipping the exercises
|
||||
RUN_EXERCISES=True
|
||||
BASE_RUN_EXERCISES=${RUN_EXERCISES:=True}
|
||||
TARGET_RUN_EXERCISES=${RUN_EXERCISES:=True}
|
||||
|
||||
# Saved stuff
|
||||
SAVE_DIR=$DEST/save
|
||||
|
|
@ -63,3 +61,7 @@ fi
|
|||
|
||||
# We need RECLONE to get the updated branches; not everyone wants it though
|
||||
RECLONE=${RECLONE:-no}
|
||||
|
||||
# Set these after localrc so user can pick-n-choose
|
||||
BASE_RUN_EXERCISES=${RUN_EXERCISES:=True}
|
||||
TARGET_RUN_EXERCISES=${RUN_EXERCISES:=True}
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ fi
|
|||
|
||||
# Load up a copy of the downloaded images if not present
|
||||
if [[ -d $DEST/images ]]; then
|
||||
rsync -a $DEST/images/* $TARGET_DEVSTACK_DIR/files
|
||||
rsync -a $DEST/images $TARGET_DEVSTACK_DIR/files
|
||||
fi
|
||||
|
||||
# Set up target localrc
|
||||
|
|
|
|||
122
upgrade-keystone
122
upgrade-keystone
|
|
@ -61,24 +61,136 @@ S3_SERVICE_PORT=${S3_SERVICE_PORT:-8080}
|
|||
source $TARGET_DEVSTACK_DIR/lib/keystone
|
||||
|
||||
# install_keystone()
|
||||
sudo chown -R `whoami` $KEYSTONECLIENT_DIR $KEYSTONE_DIR
|
||||
#sudo chown -R `whoami` $KEYSTONECLIENT_DIR $KEYSTONE_DIR
|
||||
install_keystoneclient
|
||||
install_keystone
|
||||
|
||||
configure_keystoneclient
|
||||
# configure_keystone()
|
||||
setup_develop $KEYSTONE_DIR
|
||||
|
||||
# Save current conf file for some reason...
|
||||
[[ -r $KEYSTONE_CONF.$BASE_RELEASE ]] || cp -p $KEYSTONE_CONF $KEYSTONE_CONF.$BASE_RELEASE
|
||||
|
||||
# NOOP for now!
|
||||
# We make the same changes to the Grizzly keystone.conf (so far) so just
|
||||
# do a normal configure_keystone().
|
||||
configure_keystone
|
||||
#setup_develop $KEYSTONE_DIR
|
||||
|
||||
|
||||
# keystone.conf
|
||||
cat <<EOF >/tmp/keystone.diff
|
||||
+# Path to your policy definition containing identity actions
|
||||
+# TODO(dolph): This config method will probably be deprecated during grizzly
|
||||
+# policy_file = policy.json
|
||||
+
|
||||
+# Rule to check if no matching policy definition is found
|
||||
+# FIXME(dolph): This should really be defined as [policy] default_rule
|
||||
+# policy_default_rule = admin_required
|
||||
|
||||
[sql]
|
||||
-connection = mysql://root:superstack@localhost/keystone?charset=utf8
|
||||
+connection = postgresql://root:superstack@localhost/keystone?client_encoding=utf8
|
||||
|
||||
[policy]
|
||||
-# driver = keystone.policy.backends.rules.Policy
|
||||
+# driver = keystone.policy.backends.sql.Policy
|
||||
|
||||
[signing]
|
||||
-#token_format = UUID
|
||||
+token_format = PKI
|
||||
+#token_format = PKI
|
||||
...
|
||||
-#token_format = PKI
|
||||
|
||||
[ldap]
|
||||
...
|
||||
# use_dumb_member = False
|
||||
+# allow_subtree_delete = False
|
||||
+# dumb_member = cn=dumb,dc=example,dc=com
|
||||
|
||||
# user_tree_dn = ou=Users,dc=example,dc=com
|
||||
+# user_filter =
|
||||
...
|
||||
+# user_mail_attribute = email
|
||||
+# user_pass_attribute = userPassword
|
||||
+# user_enabled_attribute = enabled
|
||||
+# user_enabled_mask = 0
|
||||
+# user_enabled_default = True
|
||||
+# user_attribute_ignore = tenant_id,tenants
|
||||
+# user_allow_create = True
|
||||
+# user_allow_update = True
|
||||
+# user_allow_delete = True
|
||||
|
||||
# tenant_tree_dn = ou=Groups,dc=example,dc=com
|
||||
+# tenant_filter =
|
||||
...
|
||||
# tenant_name_attribute = ou
|
||||
+# tenant_desc_attribute = desc
|
||||
+# tenant_enabled_attribute = enabled
|
||||
+# tenant_attribute_ignore =
|
||||
+# tenant_allow_create = True
|
||||
+# tenant_allow_update = True
|
||||
+# tenant_allow_delete = True
|
||||
|
||||
# role_tree_dn = ou=Roles,dc=example,dc=com
|
||||
+# role_filter =
|
||||
# role_objectclass = organizationalRole
|
||||
# role_id_attribute = cn
|
||||
+# role_name_attribute = ou
|
||||
# role_member_attribute = roleOccupant
|
||||
+# role_attribute_ignore =
|
||||
+# role_allow_create = True
|
||||
+# role_allow_update = True
|
||||
+# role_allow_delete = True
|
||||
|
||||
+[filter:sizelimit]
|
||||
+paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory
|
||||
|
||||
+[app:service_v3]
|
||||
+paste.app_factory = keystone.service:v3_app_factory
|
||||
|
||||
[pipeline:public_api]
|
||||
-pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service
|
||||
+pipeline = sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service
|
||||
|
||||
[pipeline:admin_api]
|
||||
-pipeline = stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service
|
||||
+pipeline = sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service
|
||||
|
||||
+[pipeline:api_v3]
|
||||
+pipeline = sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension service_v3
|
||||
|
||||
[pipeline:public_version_api]
|
||||
-pipeline = stats_monitoring url_normalize xml_body public_version_service
|
||||
+pipeline = sizelimit stats_monitoring url_normalize xml_body public_version_service
|
||||
|
||||
[pipeline:admin_version_api]
|
||||
-pipeline = stats_monitoring url_normalize xml_body admin_version_service
|
||||
+pipeline = sizelimit stats_monitoring url_normalize xml_body admin_version_service
|
||||
|
||||
[composite:main]
|
||||
use = egg:Paste#urlmap
|
||||
/v2.0 = public_api
|
||||
+/v3 = api_v3
|
||||
/ = public_version_api
|
||||
|
||||
[composite:admin]
|
||||
use = egg:Paste#urlmap
|
||||
/v2.0 = admin_api
|
||||
+/v3 = api_v3
|
||||
/ = admin_version_api
|
||||
|
||||
----
|
||||
all of policy.json
|
||||
EOF
|
||||
|
||||
# Simulate init_keystone()
|
||||
# -------------------------
|
||||
|
||||
# Migrate the database
|
||||
keystone-manage db_sync || die "DB sync error"
|
||||
|
||||
# Set up certificates
|
||||
keystone-manage pki_setup || die "OKI setup error"
|
||||
keystone-manage pki_setup || die "PKI setup error"
|
||||
|
||||
# Start Keystone
|
||||
start_keystone
|
||||
|
|
|
|||
Loading…
Reference in New Issue