def compose(self):
super(Neutron, self).compose()
# it can consider the full inventory and config to influnce facility registered
# resources
url_base = "http://" + conf.get_vip('public')['domain_name']
dr = conf.get_default_region()
self.keystone.register_endpoint_tri(
region=dr,
name='neutron',
etype='network',
description='OpenStack Network Service',
url_base=url_base + ':9696/')
self.keystone.register_service_admin_user('neutron')
self.keystone.register_service_admin_user('nova_for_neutron')
neutrons = self.hosts_with_any_service(set(self.services.keys()))
self.messaging.populate_peer(neutrons)
self.sql.register_user_with_schemas('neutron', ['neutron'])
self.sql.populate_peer(neutrons,
['client']) # TODO: maybe not all node needs it
secret_service = self.find_nova_comp_shared()
util.bless_with_principal(neutrons,
[(self.keystone, 'neutron@default'),
(self.keystone, 'nova_for_neutron@default'),
(self.sql, 'neutron'),
(secret_service, 'neutron_nova_metadata'),
(self.messaging.name, 'openstack')])
def compose(self):
super(Keystone, self).compose()
url_base = "http://" + conf.get_vip('public')['domain_name']
dr = conf.get_default_region()
self.register_endpoints(region=dr,
name='keystone',
etype='identity',
description='OpenStack Identity',
eps={
'admin': url_base + ':35357',
'internal': url_base + ':5000',
'public': url_base + ':5000'
})
self.register_project_in_domain('Default', 'admin',
'members are full admins')
self.register_user_in_domain(
'Default',
'admin',
password=util.get_keymgr()(self.name, 'admin@default'),
project_roles={('Default', 'admin'): ['admin']})
keystones = self.hosts_with_service('keystone')
self.sql.populate_peer(keystones, ['client'])
sql = self.sql
sql.register_user_with_schemas('keystone', ['keystone'])
util.bless_with_principal(keystones, [(self.name, 'admin@default'),
(sql.name, 'keystone')])
def compose(self):
# it can consider the full inventory and config to influnce facility registered
# resources
super(Cinder, self).compose()
url_base = "http://" + conf.get_vip('public')['domain_name']
dr = conf.get_default_region()
self.keystone.register_endpoint_tri(region=dr,
name='cinder',
etype='volume',
description='OpenStack Volume Service',
url_base=url_base + ':8776/v1/$(tenant_id)s')
self.keystone.register_endpoint_tri(region=dr,
name='cinderv2',
etype='volumev2',
description='OpenStack Volume Service',
url_base=url_base + ':8776/v2/$(tenant_id)s')
self.keystone.register_endpoint_tri(region=dr,
name='cinderv3',
etype='volumev3',
description='OpenStack Volume Service',
url_base=url_base + ':8776/v3/$(tenant_id)s')
self.keystone.register_service_admin_user('cinder')
comp = self
cins = self.hosts_with_any_service(set(comp.services.keys()))
self.sql.register_user_with_schemas('cinder', ['cinder'])
self.sql.populate_peer(cins, ['client'])
self.messaging.populate_peer(cins)
util.bless_with_principal(cins, [(self.keystone.name, 'cinder@default'),
(self.messaging.name, 'openstack'),
(self.sql.name, 'cinder')])
def etc_swift_proxy_server_conf(self):
pv = conf.get_vip('public')['domain_name']
dr = conf.get_default_region()
filters = [
'catch_errors', 'gatekeeper', 'healthcheck', 'proxy-logging',
'memcache', 'container_sync', 'bulk', 'tempurl', 'ratelimit',
's3token', 'crossdomain', 'authtoken', 'keystoneauth', 'formpost',
'staticweb', 'container-quotas', 'account-quotas', 'slo', 'dlo',
'versioned_writes'
]
r = {}
for f in filters:
r['filter:' + f] = {'use': 'egg:swift#' + f.replace('-', '_')}
r['filter:authtoken'] = self.keystone.authtoken_section('swift')
r['filter:authtoken']['delay_auth_decision'] = 1
r['filter:authtoken'][
'paste.filter_factory'] = 'keystonemiddleware.auth_token:filter_factory'
r['filter:keystoneauth']['operator_roles'] = "user, admin"
r['filter:keystoneauth']['reseller_admin_role'] = "admin"
proxy_ip = self.get_addr_for(self.get_this_inv(),
'internal_listen',
service=self.services['swift-proxy'],
net_attr='swift_proxy_network')
pipeline_str = ' '.join(filters + ['proxy-logging', 'proxy-server'])
r.update({
'DEFAULT': {
'bind_port': 8080,
'bind_ip': proxy_ip
},
'pipeline:main': {
'pipeline': pipeline_str
},
'app:proxy-server': {
'use': 'egg:swift#proxy',
'account_autocreate': True
},
'filter:s3token': {
'paste.filter_factory':
'keystonemiddleware.s3_token:filter_factory',
'auth_port': 5000,
'auth_host': pv,
'admin_user': '******',
'amind_tenant_name': 'service'
},
'filter:swift3': {
'use': 'egg:swift3#swift3',
'location': dr
}
})
return r
def compose(self):
super(Swift, self).compose()
# it can consider the full inventory and config to influnce facility registered
# resources
url_base = "http://" + conf.get_vip('public')['domain_name']
dr = conf.get_default_region()
self.keystone.register_endpoint_tri(
region=dr,
name='swift',
etype='object-store',
description='Swift Storage Service',
url_base=url_base + ':8080/v1/AUTH_$(tenant_id)s')
self.keystone.register_service_admin_user('swift')
sp = self.hosts_with_service('swift-proxy')
util.bless_with_principal(sp, [(self.keystone.name, 'swift@default')])
def compose(self):
# it can consider the full inventory and config to influnce facility registered
# resources
super(Nova, self).compose()
pv = conf.get_vip('public')['domain_name']
dr = conf.get_default_region()
url_base = "http://" + pv
self.keystone.register_endpoint_tri(
region=dr,
name='nova',
etype='compute',
description='OpenStack Compute Service',
url_base=url_base + ':8774/v2.1/$(tenant_id)s')
self.keystone.register_endpoint_tri(
region=dr,
name='placement',
etype='placement',
description='OpenStack Nova Placement Service',
url_base=url_base + ':8780')
self.keystone.register_service_admin_user('nova')
self.keystone.register_service_admin_user('placement')
self.keystone.register_service_admin_user('neutron_for_nova')
# TODO: revisit which components needs what and skip it from cfg
rh = self.hosts_with_any_service({
'nova-api', 'nova-compute', 'nova-scheduler', 'nova-conductor',
'nova-cells'
})
self.messaging.populate_peer(rh)
n_srv = set(self.services.keys())
novas = self.hosts_with_any_service(n_srv)
self.sql.register_user_with_schemas(
'nova',
['nova', 'nova_api', 'nova_cell0']) # TODO: use the cell deps
util.bless_with_principal(
novas, [(self.keystone, 'nova@default'),
(self.keystone, 'neutron_for_nova@default'),
([self, self.networking], 'neutron_nova_metadata'),
(self.sql, 'nova'), (self.messaging, 'openstack')])
util.bless_with_principal(
novas,
[(self.keystone.name, 'placement@default')]) # n-cpu using it
self.sql.populate_peer(rh,
['client']) # TODO: maybe not all node needs it
def compose(self):
# it can consider the full inventory and config to influnce facility registered
# resources
super(Placement, self).compose()
pv = conf.get_vip('public')['domain_name']
dr = conf.get_default_region()
url_base = "http://" + pv
self.keystone.register_endpoint_tri(
region=dr,
name='placement',
etype='placement',
description='OpenStack Nova Placement Service',
url_base=url_base + ':8780')
self.keystone.register_service_admin_user('placement')
placements = self.hosts_with_service('placement-api')
self.sql.register_user_with_schemas('placement', ['placement'])
util.bless_with_principal(placements,
[(self.keystone, 'placement@default'),
(self.sql, 'placement')])
def compose(self):
super(Glance, self).compose()
# it can consider the full inventory and config to influnce facility registered
# resources
url_base = "http://" + conf.get_vip('public')['domain_name']
dr = conf.get_default_region()
glance_port = 9292
glance_ha_port = 19292
servers = []
for b in self.get_beckend_list():
servers.append(' '.join((b['hostname'], b['addr'] + ':' + str(glance_ha_port), 'check')))
gconf = conf.get_global_config()
if 'haproxy' in gconf['global_service_flags']:
self.haproxy.add_listener('glance', {
'bind': '*:' + str(glance_port),
'mode': 'http',
'http-request': ['set-header X-Forwarded-Proto https if { ssl_fc }',
'set-header X-Forwarded-Proto http if !{ ssl_fc }'],
'server': servers})
self.keystone.register_endpoint_tri(region=dr,
name='glance',
etype='image',
description='OpenStack Image Service',
url_base=url_base + ':' + str(glance_port))
# just auth or admin user ?
self.keystone.register_service_admin_user('glance')
glances = self.hosts_with_any_service(g_srv)
self.sql.register_user_with_schemas('glance', ['glance'])
self.sql.populate_peer(glances, ['client'])
util.bless_with_principal(glances,
[(self.keystone.name, 'glance@default'),
(self.sql.name, 'glance'),
(self.messaging.name, 'openstack')])