Fix support for Keystone v3 domain auth

When using v3 authentication and authorization Ceilometer must
authenticate to services project in service_domain.

Change-Id: Ibb19fa8476cf712ccb4bc524a48d3501f42fc62c
Closes-Bug: 1636098

hooks/ceilometer_contexts.py

@@ -66,6 +66,11 @@ class CeilometerServiceContext(OSContextGenerator):
                 for attr in self.keys:
                     conf[attr] = relation_get(
                         attr, unit=unit, rid=relid)
+                if (conf['api_version'] is not None and
+                        float(conf['api_version']) > 2):
+                    self.keys.append('admin_domain_name')
+                    conf['admin_domain_name'] = relation_get(
+                        'admin_domain_name', unit=unit, rid=relid)
                 if context_complete(conf):
                     for attr in self.optional_keys:
                         conf[attr] = relation_get(attr, unit=unit, rid=relid)

templates/mitaka/ceilometer.conf

@@ -19,8 +19,13 @@ auth_url = {{ service_protocol }}://{{ service_host }}:{{ service_port }}
 project_name = {{ admin_tenant_name }}
 username = {{ admin_user }}
 password = {{ admin_password }}
+{% if api_version == "3" -%}
+project_domain_name = {{ admin_domain_name }}
+user_domain_name = {{ admin_domain_name }}
+{% else -%}
 project_domain_name = default
 user_domain_name = default
+{% endif -%}
 auth_type = password
 {% endif -%}
 

tests/basic_deployment.py

@@ -534,14 +534,30 @@ class CeiloAgentBasicDeployment(OpenStackAmuletDeployment):
                                        ks_rel['service_port'])
             # NOTE(dosaboy): os_ prefix is deprecated and no longer used as
             #                of Mitaka.
+            project_domain_name = 'default'
+            user_domain_name = 'default'
+            if 'api_version' in ks_rel and float(ks_rel['api_version']) > 2:
+                project_domain_name = 'service_domain'
+                user_domain_name = 'service_domain'
             expected['service_credentials'] = {'auth_url': auth_uri,
                                                'project_name': 'services',
                                                'project_domain_name':
-                                               'default',
-                                               'user_domain_name': 'default',
+                                                   project_domain_name,
+                                               'user_domain_name':
+                                                   user_domain_name,
                                                'username': 'ceilometer',
                                                'password':
                                                ks_rel['service_password']}
+            expected['keystone_authtoken'] = {'auth_uri': auth_uri,
+                                              'auth_type': 'password',
+                                              'project_domain_name':
+                                                  project_domain_name,
+                                              'user_domain_name':
+                                                  user_domain_name,
+                                              'project_name': 'services',
+                                              'username': 'ceilometer',
+                                              'password':
+                                                  ks_rel['service_password']}
 
         for section, pairs in expected.iteritems():
             ret = u.validate_config_data(unit, conf, section, pairs)

unit_tests/test_ceilometer_contexts.py

@@ -51,6 +51,7 @@ class CeilometerContextsTest(CharmTestCase):
             'service_host': 'keystone',
             'service_port': '80',
             'signing_dir': '/var/lib/ceilometer',
+            'admin_domain_name': 'admin_domain',
             'admin_tenant_name': 'admin',
             'admin_user': 'admin',
             'admin_password': 'password',