Change bind address to use Identity endpoint host
Allow the bind interface address to take precendence, but default to binding to the host attribute of the Identity API endpoint. This brings the identity cookbook into conformance with the other cookbooks regarding the service interface binding. Closes-Bug: 1277266 Change-Id: I9634e2a359a6ce52b694859a7e84a57638bad5be
This commit is contained in:
parent
1cf0440d63
commit
e94c69b56c
|
@ -38,9 +38,12 @@ default['openstack']['identity']['debug'] = 'False'
|
|||
default['openstack']['identity']['service_port'] = '5000'
|
||||
default['openstack']['identity']['admin_port'] = '35357'
|
||||
default['openstack']['identity']['region'] = 'RegionOne'
|
||||
default['openstack']['identity']['bind_interface'] = 'lo'
|
||||
default['openstack']['identity']['token']['expiration'] = '86400'
|
||||
|
||||
# If set, the keystone service will bind to the address on this interface,
|
||||
# otherwise it will bind to the API endpoint's host.
|
||||
default['openstack']['identity']['bind_interface'] = nil
|
||||
|
||||
# Logging stuff
|
||||
default['openstack']['identity']['syslog']['use'] = false
|
||||
default['openstack']['identity']['syslog']['facility'] = 'LOG_LOCAL2'
|
||||
|
|
|
@ -111,7 +111,11 @@ sql_connection = db_uri('identity', db_user, db_pass)
|
|||
|
||||
bootstrap_token = secret 'secrets', 'openstack_identity_bootstrap_token'
|
||||
|
||||
ip_address = address_for node['openstack']['identity']['bind_interface']
|
||||
if node['openstack']['identity']['bind_interface'].nil?
|
||||
bind_address = identity_endpoint.host
|
||||
else
|
||||
bind_address = address_for node['openstack']['identity']['bind_interface']
|
||||
end
|
||||
|
||||
# If the search role is set, we search for memcache
|
||||
# servers via a Chef search. If not, we look at the
|
||||
|
@ -143,7 +147,7 @@ template '/etc/keystone/keystone.conf' do
|
|||
mode 00644
|
||||
variables(
|
||||
sql_connection: sql_connection,
|
||||
ip_address: ip_address,
|
||||
bind_address: bind_address,
|
||||
bootstrap_token: bootstrap_token,
|
||||
memcache_servers: memcache_servers,
|
||||
uris: uris,
|
||||
|
|
|
@ -179,9 +179,25 @@ describe 'openstack-identity::server' do
|
|||
expect(chef_run).to render_file(path).with_content(r)
|
||||
end
|
||||
|
||||
it 'has bind host' do
|
||||
r = line_regexp('bind_host = 127.0.1.1')
|
||||
expect(chef_run).to render_file(path).with_content(r)
|
||||
describe 'bind_interface is nil' do
|
||||
it 'has bind host from endpoint' do
|
||||
r = line_regexp('bind_host = 127.0.1.1')
|
||||
expect(chef_run).to render_file(path).with_content(r)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'bind_interface is eth0' do
|
||||
before do
|
||||
node.set['openstack']['identity']['bind_interface'] = 'eth0'
|
||||
::Chef::Recipe.any_instance.stub(:address_for)
|
||||
.with('eth0')
|
||||
.and_return('10.0.0.2')
|
||||
end
|
||||
|
||||
it 'has bind host from interface ip' do
|
||||
r = line_regexp('bind_host = 10.0.0.2')
|
||||
expect(chef_run).to render_file(path).with_content(r)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'port numbers' do
|
||||
|
|
|
@ -35,9 +35,6 @@ end
|
|||
|
||||
shared_context 'identity_stubs' do
|
||||
before do
|
||||
::Chef::Recipe.any_instance.stub(:address_for)
|
||||
.with('lo')
|
||||
.and_return('127.0.1.1')
|
||||
::Chef::Recipe.any_instance.stub(:memcached_servers).and_return []
|
||||
::Chef::Recipe.any_instance.stub(:get_password)
|
||||
.with('db', anything)
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
public_port = <%= node["openstack"]["identity"]["service_port"] %>
|
||||
admin_port = <%= node["openstack"]["identity"]["admin_port"] %>
|
||||
admin_token = <%= @bootstrap_token %>
|
||||
bind_host = <%= @ip_address %>
|
||||
bind_host = <%= @bind_address %>
|
||||
compute_port = 8774
|
||||
verbose = <%= node["openstack"]["identity"]["verbose"] %>
|
||||
debug = <%= node["openstack"]["identity"]["debug"] %>
|
||||
|
|
Loading…
Reference in New Issue