Get keystone creds from neutron-api not nova-cc

hooks/charmhelpers/contrib/openstack/context.py

@@ -320,14 +320,15 @@ def db_ssl(rdata, ctxt, ssl_dir):
 
 
 class IdentityServiceContext(OSContextGenerator):
-    interfaces = ['identity-service']
 
-    def __init__(self, service=None, service_user=None):
+    def __init__(self, service=None, service_user=None, rel_name='identity-service'):
         self.service = service
         self.service_user = service_user
+        self.rel_name = rel_name
+        self.interfaces = [self.rel_name]
 
     def __call__(self):
-        log('Generating template context for identity-service', level=DEBUG)
+        log('Generating template context for ' + self.rel_name, level=DEBUG)
         ctxt = {}
 
         if self.service and self.service_user:
@@ -341,7 +342,7 @@ class IdentityServiceContext(OSContextGenerator):
 
             ctxt['signing_dir'] = cachedir
 
-        for rid in relation_ids('identity-service'):
+        for rid in relation_ids(self.rel_name):
             for unit in related_units(rid):
                 rdata = relation_get(rid=rid, unit=unit)
                 serv_host = rdata.get('service_host')

hooks/neutron_ovs_context.py

@@ -2,6 +2,9 @@ import os
 import uuid
 from charmhelpers.core.hookenv import (
     config,
+    relation_get,
+    relation_ids,
+    related_units,
     unit_get,
 )
 from charmhelpers.contrib.openstack.ip import resolve_address
@@ -118,3 +121,22 @@ class DVRSharedSecretContext(OSContextGenerator):
         else:
             ctxt = {}
         return ctxt
+
+class APIIdentityServiceContext(context.IdentityServiceContext):
+
+    def __init__(self):
+        super(APIIdentityServiceContext,
+              self).__init__(rel_name='neutron-plugin-api')
+
+    def __call__(self):
+        ctxt = super(APIIdentityServiceContext, self).__call__()
+        if not ctxt:
+            return
+        for rid in relation_ids('neutron-plugin-api'):
+            for unit in related_units(rid):
+                rdata = relation_get(rid=rid, unit=unit)
+                ctxt['region'] = rdata.get('region')
+                if ctxt['region']:
+                    return ctxt
+        return ctxt
+

hooks/neutron_ovs_utils.py

@@ -71,9 +71,7 @@ DVR_RESOURCE_MAP = OrderedDict([
     (NEUTRON_METADATA_AGENT_CONF, {
         'services': ['neutron-metadata-agent'],
         'contexts': [neutron_ovs_context.DVRSharedSecretContext(),
-                     context.NetworkServiceContext(
-                         rel_name='neutron-network-service'
-                     )],
+                     neutron_ovs_context.APIIdentityServiceContext()],
     }),
 ])
 TEMPLATES = 'templates/'

metadata.yaml

@@ -20,8 +20,6 @@ provides:
   neutron-plugin:
     interface: neutron-plugin
     scope: container
-  neutron-network-service:
-    interface: quantum
 requires:
   amqp:
     interface: rabbitmq

templates/juno/metadata_agent.ini

@@ -4,12 +4,13 @@
 ###############################################################################
 # Metadata service seems to cache neutron api url from keystone so trigger
 # restart if it changes: {{ quantum_url }}
+
 [DEFAULT]
-auth_url = {{ service_protocol }}://{{ keystone_host }}:{{ service_port }}/v2.0
+auth_url = {{ service_protocol }}://{{ service_host }}:{{ service_port }}/v2.0
 auth_region = {{ region }}
-admin_tenant_name = {{ service_tenant }}
-admin_user = {{ service_username }}
-admin_password = {{ service_password }}
+admin_tenant_name = {{ admin_tenant_name }}
+admin_user = {{ admin_user }}
+admin_password = {{ admin_password }}
 root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
 state_path = /var/lib/neutron
 # Gateway runs a metadata API server locally