From bc3c4b1699515d8f3069458a659dadbeefeb15a8 Mon Sep 17 00:00:00 2001 From: wenxiong zou <2534948091@qq.com> Date: Wed, 10 May 2017 18:14:16 +0800 Subject: [PATCH] [urgent]Adapt new Keystone URL 1. What is the problem? Now Keystone uses uwsgi with proxy[1], and this is the default mode in DevStack. In this case, the original URL with 5000/35357 port can no longer be accessed, this change will lead to Trio2o gate/check test always failure if no adaption is made in Trio2o configuration. 2. What is the solution to the problem? Change Keystone public URL Trio2o uses from http://host:5000/v3 to http://host/identity and change Keystone admin URL Trio2o uses from http://host:35357/v3 to http://host/identity For tempest test, change http://host:5000/v2.0/ to http://host/identity and change identity version from 2 to 3 in post_test_hook.sh. In post_test_hook.sh, add admin_domain_name option. This patch also fixes a mistake which was hidden before this Keystone change. While generating Trio2o apache configuration file in our DevStack script, TRIO2O_BIN in the template is not replaced by the real value. So the directory access right is not correctly granted. Before this Keystone change, Keystone apache configuration file will grant right on the same directory, so we didn't notice this problem. 3. What features need to be implemented to the Trio2o to realize the solution? N/A [1] https://github.com/openstack-dev/devstack/commit/ 6ed53156b6198e69d59d1cf3a3497e96f5b7a870 [2] https://github.com/openstack/neutron/commit/ 46d1a890e700dfa6e921387569f87f793ca4e8e9 Change-Id: I4e1e38b1c07f453fcf2cfed39a16342f235c06b1 --- cmd/manage.py | 36 --------- devstack/plugin.sh | 104 +++++++++++++++++++++++-- setup.cfg | 10 ++- trio2o/cmd/__init__.py | 0 {cmd => trio2o/cmd}/api.py | 0 {cmd => trio2o/cmd}/cinder_apigw.py | 0 trio2o/cmd/manage.py | 68 ++++++++++++++++ {cmd => trio2o/cmd}/nova_apigw.py | 0 {cmd => trio2o/cmd}/xjob.py | 0 trio2o/common/client.py | 8 +- trio2o/tempestplugin/post_test_hook.sh | 7 +- 11 files changed, 182 insertions(+), 51 deletions(-) delete mode 100644 cmd/manage.py create mode 100644 trio2o/cmd/__init__.py rename {cmd => trio2o/cmd}/api.py (100%) rename {cmd => trio2o/cmd}/cinder_apigw.py (100%) create mode 100644 trio2o/cmd/manage.py rename {cmd => trio2o/cmd}/nova_apigw.py (100%) rename {cmd => trio2o/cmd}/xjob.py (100%) diff --git a/cmd/manage.py b/cmd/manage.py deleted file mode 100644 index ecf015c..0000000 --- a/cmd/manage.py +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright 2015 Huawei Technologies Co., Ltd. -# All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - - -import sys - -from oslo_config import cfg - -from trio2o.db import core -from trio2o.db import migration_helpers - - -def main(argv=None, config_files=None): - core.initialize() - cfg.CONF(args=argv[2:], - project='trio2o', - default_config_files=config_files) - migration_helpers.find_migrate_repo() - migration_helpers.sync_repo(2) - - -if __name__ == '__main__': - config_file = sys.argv[1] - main(argv=sys.argv, config_files=[config_file]) diff --git a/devstack/plugin.sh b/devstack/plugin.sh index 7ef9ebe..d3049e9 100644 --- a/devstack/plugin.sh +++ b/devstack/plugin.sh @@ -117,6 +117,8 @@ function init_common_trio2o_conf { iniset $conf_file DEFAULT use_syslog $SYSLOG iniset $conf_file DEFAULT trio2o_db_connection `database_connection_url trio2o` + iniset $conf_file client auth_url http://$KEYSTONE_SERVICE_HOST/identity + iniset $conf_file client identity_url http://$KEYSTONE_SERVICE_HOST/identity/v3 iniset $conf_file client admin_username admin iniset $conf_file client admin_password $ADMIN_PASSWORD iniset $conf_file client admin_tenant demo @@ -196,6 +198,69 @@ function configure_trio2o_cinder_apigw { fi } +# configure_trio2o_api_wsgi() - Set WSGI config files +function configure_trio2o_api_wsgi { + local trio2o_api_apache_conf + local venv_path="" + local trio2o_bin_dir="" + local trio2o_ssl_listen="#" + + trio2o_bin_dir=$(get_python_exec_prefix) + trio2o_api_apache_conf=$(apache_site_config_for trio2o-api) + + if is_ssl_enabled_service "trio2o-api"; then + trio2o_ssl_listen="" + trio2o_ssl="SSLEngine On" + trio2o_certfile="SSLCertificateFile $TRIO2O_SSL_CERT" + trio2o_keyfile="SSLCertificateKeyFile $TRIO2O_SSL_KEY" + fi + + # configure venv bin if VENV is used + if [[ ${USE_VENV} = True ]]; then + venv_path="python-path=${PROJECT_VENV["trio2o"]}/lib/$(python_version)/site-packages" + trio2o_bin_dir=${PROJECT_VENV["trio2o"]}/bin + fi + + sudo cp $TRIO2O_API_APACHE_TEMPLATE $trio2o_api_apache_conf + sudo sed -e " + s|%TRIO2O_BIN%|$trio2o_bin_dir|g; + s|%PUBLICPORT%|$TRIO2O_API_PORT|g; + s|%APACHE_NAME%|$APACHE_NAME|g; + s|%PUBLICWSGI%|$trio2o_bin_dir/trio2o-api-wsgi|g; + s|%SSLENGINE%|$trio2o_ssl|g; + s|%SSLCERTFILE%|$trio2o_certfile|g; + s|%SSLKEYFILE%|$trio2o_keyfile|g; + s|%SSLLISTEN%|$trio2o_ssl_listen|g; + s|%USER%|$STACK_USER|g; + s|%VIRTUALENV%|$venv_path|g + s|%APIWORKERS%|$API_WORKERS|g + " -i $trio2o_api_apache_conf +} + +# start_trio2o_api_wsgi() - Start the API processes ahead of other things +function start_trio2o_api_wsgi { + enable_apache_site trio2o-api + restart_apache_server + tail_log trio2o-api /var/log/$APACHE_NAME/trio2o-api.log + + echo "Waiting for trio2o-api to start..." + if ! wait_for_service $SERVICE_TIMEOUT $TRIO2O_API_PROTOCOL://$TRIO2O_API_HOST/trio2o; then + die $LINENO "trio2o-api did not start" + fi +} + +# stop_trio2o_api_wsgi() - Disable the api service and stop it. +function stop_trio2o_api_wsgi { + disable_apache_site trio2o-api + restart_apache_server +} + +# cleanup_trio2o_api_wsgi() - Remove residual data files, anything left over from previous +# runs that a clean run would need to clean up +function cleanup_trio2o_api_wsgi { + sudo rm -f $(apache_site_config_for trio2o-api) +} + function configure_trio2o_xjob { if is_service_enabled t-job ; then echo "Configuring Trio2o xjob" @@ -275,38 +340,56 @@ elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then configure_trio2o_cinder_apigw configure_trio2o_xjob + if [[ "$TRIO2O_DEPLOY_WITH_WSGI" == "True" ]]; then + configure_trio2o_api_wsgi + fi + echo export PYTHONPATH=\$PYTHONPATH:$TRIO2O_DIR >> $RC_DIR/.localrc.auto setup_package $TRIO2O_DIR -e recreate_database trio2o - python "$TRIO2O_DIR/cmd/manage.py" "$TRIO2O_API_CONF" + trio2o-db-manage --config-file="$TRIO2O_API_CONF" db_sync elif [[ "$1" == "stack" && "$2" == "extra" ]]; then echo_summary "Initializing Trio2o Service" + if [[ ${USE_VENV} = True ]]; then + PROJECT_VENV["trio2o"]=${TRIO2O_DIR}.venv + TRIO2O_BIN_DIR=${PROJECT_VENV["trio2o"]}/bin + else + TRIO2O_BIN_DIR=$(get_python_exec_prefix) + fi + if is_service_enabled t-api; then create_trio2o_accounts - run_process t-api "python $TRIO2O_API --config-file $TRIO2O_API_CONF" + if [[ "$TRIO2O_DEPLOY_WITH_WSGI" == "True" ]]; then + start_trio2o_api_wsgi + else + run_process t-api "$TRIO2O_BIN_DIR/trio2o-api --config-file $TRIO2O_API_CONF" + fi fi if is_service_enabled t-ngw; then create_nova_apigw_accounts - run_process t-ngw "python $TRIO2O_NOVA_APIGW --config-file $TRIO2O_NOVA_APIGW_CONF" - - reconfigure_nova + run_process t-ngw "$TRIO2O_BIN_DIR/trio2o-nova-apigw --config-file $TRIO2O_NOVA_APIGW_CONF" + get_or_create_endpoint "compute" \ + "$POD_REGION_NAME" \ + "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2.1/"'$(tenant_id)s' \ + "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2.1/"'$(tenant_id)s' \ + "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2.1/"'$(tenant_id)s' fi if is_service_enabled t-cgw; then create_cinder_apigw_accounts - run_process t-cgw "python $TRIO2O_CINDER_APIGW --config-file $TRIO2O_CINDER_APIGW_CONF" + run_process t-cgw "$TRIO2O_BIN_DIR/trio2o-cinder-apigw --config-file $TRIO2O_CINDER_APIGW_CONF" get_or_create_endpoint "volumev2" \ "$POD_REGION_NAME" \ @@ -317,14 +400,19 @@ elif [[ "$1" == "stack" && "$2" == "extra" ]]; then if is_service_enabled t-job; then - run_process t-job "python $TRIO2O_XJOB --config-file $TRIO2O_XJOB_CONF" + run_process t-job "$TRIO2O_BIN_DIR/trio2o-xjob --config-file $TRIO2O_XJOB_CONF" fi fi if [[ "$1" == "unstack" ]]; then if is_service_enabled t-api; then - stop_process t-api + if [[ "$TRIO2O_DEPLOY_WITH_WSGI" == "True" ]]; then + stop_trio2o_api_wsgi + clean_trio2o_api_wsgi + else + stop_process t-api + fi fi if is_service_enabled t-ngw; then diff --git a/setup.cfg b/setup.cfg index c8119a1..7ac1b62 100644 --- a/setup.cfg +++ b/setup.cfg @@ -44,6 +44,14 @@ mapping_file = babel.cfg output_file = trio2o/locale/trio2o.pot [entry_points] + +console_scripts = + trio2o-db-manage = trio2o.cmd.manage:main + trio2o-api = trio2o.cmd.api:main + trio2o-xjob = trio2o.cmd.xjob:main + trio2o-nova-apigw = trio2o.cmd.nova_apigw:main + trio2o-cinder-apigw = trio2o.cmd.cinder_apigw:main + oslo.config.opts = trio2o.api = trio2o.api.opts:list_opts @@ -60,4 +68,4 @@ tempest.test_plugins = trio2o.common.schedulers = pod_manager = trio2o.common.scheduler.pod_manager:PodManager bottom_pod_filter = trio2o.common.scheduler.filters.bottom_pod_filter:BottomPodFilter - filter_scheduler = trio2o.common.scheduler.filter_scheduler:FilterScheduler \ No newline at end of file + filter_scheduler = trio2o.common.scheduler.filter_scheduler:FilterScheduler diff --git a/trio2o/cmd/__init__.py b/trio2o/cmd/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/cmd/api.py b/trio2o/cmd/api.py similarity index 100% rename from cmd/api.py rename to trio2o/cmd/api.py diff --git a/cmd/cinder_apigw.py b/trio2o/cmd/cinder_apigw.py similarity index 100% rename from cmd/cinder_apigw.py rename to trio2o/cmd/cinder_apigw.py diff --git a/trio2o/cmd/manage.py b/trio2o/cmd/manage.py new file mode 100644 index 0000000..ef8f7e7 --- /dev/null +++ b/trio2o/cmd/manage.py @@ -0,0 +1,68 @@ +# Copyright 2016 OpenStack Foundation. +# All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +import sys + +from oslo_config import cfg +from oslo_log import log as logging + +import pbr.version + +from trio2o.db import core +from trio2o.db import migration_helpers + +CONF = cfg.CONF + + +def do_db_version(): + print(migration_helpers.db_version()) + + +def do_db_sync(): + migration_helpers.sync_repo(CONF.command.version) + + +def add_command_parsers(subparsers): + parser = subparsers.add_parser('db_version') + parser.set_defaults(func=do_db_version) + + parser = subparsers.add_parser('db_sync') + parser.set_defaults(func=do_db_sync) + parser.add_argument('version', nargs='?') + + +command_opt = cfg.SubCommandOpt('command', + title='Commands', + help='Show available commands.', + handler=add_command_parsers) + + +def main(): + core.initialize() + logging.register_options(CONF) + logging.setup(CONF, 'trio2o-db-manage') + CONF.register_cli_opt(command_opt) + version_info = pbr.version.VersionInfo('trio2o') + try: + CONF(sys.argv[1:], project='trio2o', prog='trio2o-db-manage', + version=version_info.version_string()) + except RuntimeError as e: + sys.exit("ERROR: %s" % e) + + try: + CONF.command.func() + except Exception as e: + sys.exit("ERROR: %s" % e) diff --git a/cmd/nova_apigw.py b/trio2o/cmd/nova_apigw.py similarity index 100% rename from cmd/nova_apigw.py rename to trio2o/cmd/nova_apigw.py diff --git a/cmd/xjob.py b/trio2o/cmd/xjob.py similarity index 100% rename from cmd/xjob.py rename to trio2o/cmd/xjob.py diff --git a/trio2o/common/client.py b/trio2o/common/client.py index eafb58e..1ce9349 100644 --- a/trio2o/common/client.py +++ b/trio2o/common/client.py @@ -35,10 +35,10 @@ from trio2o.db import models client_opts = [ cfg.StrOpt('auth_url', - default='http://127.0.0.1:5000/v3', + default='http://127.0.0.1/identity', help='keystone authorization url'), cfg.StrOpt('identity_url', - default='http://127.0.0.1:35357/v3', + default='http://127.0.0.1/identity/v3', help='keystone service url'), cfg.BoolOpt('auto_refresh_endpoint', default=False, @@ -229,6 +229,8 @@ class Client(object): def _get_config_with_retry(self, cxt, filters, pod, service, retry): conf_list = api.list_pod_service_configurations(cxt, filters) + if len(conf_list) > 1: + raise exceptions.EndpointNotUnique(pod, service) if len(conf_list) == 0: if not retry: raise exceptions.EndpointNotFound(pod, service) @@ -293,7 +295,7 @@ class Client(object): cxt, config_filters) if len(config_list) > 1: - continue + raise exceptions.EndpointNotUnique(pod_id, service) if len(config_list) == 1: config_id = config_list[0]['service_id'] update_dict = { diff --git a/trio2o/tempestplugin/post_test_hook.sh b/trio2o/tempestplugin/post_test_hook.sh index 1706621..03c9eeb 100755 --- a/trio2o/tempestplugin/post_test_hook.sh +++ b/trio2o/tempestplugin/post_test_hook.sh @@ -70,10 +70,11 @@ source $DEVSTACK_DIR/functions iniset $TEMPEST_CONF auth admin_username ${ADMIN_USERNAME:-"admin"} iniset $TEMPEST_CONF auth admin_project_name admin iniset $TEMPEST_CONF auth admin_password $OS_PASSWORD -iniset $TEMPEST_CONF identity auth_version v2 +iniset $TEMPEST_CONF auth admin_domain_name default +iniset $TEMPEST_CONF identity auth_version v3 iniset $TEMPEST_CONF identity uri_v3 http://$SERVICE_HOST/identity/v3 -iniset $TEMPEST_CONF identity uri http://$SERVICE_HOST:5000/v2.0/ -iniset $TEMPEST_CONF identity-feature-enabled api_v2 True +iniset $TEMPEST_CONF identity uri $OS_AUTH_URL +iniset $TEMPEST_CONF identity-feature-enabled api_v3 True iniset $TEMPEST_CONF compute region RegionOne iniset $TEMPEST_CONF compute image_ref $image_id