def create_vncproxy_manifest(config, messages):
if config["CONFIG_HORIZON_SSL"] == 'y':
if config["CONFIG_VNC_SSL_CERT"]:
ssl_cert_file = config["CONFIG_VNC_SSL_CERT"]
ssl_key_file = config["CONFIG_VNC_SSL_KEY"]
if not os.path.exists(ssl_cert_file):
raise exceptions.ParamValidationError(
"The file %s doesn't exist" % ssl_cert_file)
if not os.path.exists(ssl_key_file):
raise exceptions.ParamValidationError(
"The file %s doesn't exist" % ssl_key_file)
final_cert = open(ssl_cert_file, 'rt').read()
final_key = open(ssl_key_file, 'rt').read()
deliver_ssl_file(final_cert, ssl_cert_file, config['CONFIG_CONTROLLER_HOST'])
deliver_ssl_file(final_key, ssl_key_file, config['CONFIG_CONTROLLER_HOST'])
else:
config["CONFIG_VNC_SSL_CERT"] = '/etc/pki/tls/certs/ssl_vnc.crt'
config["CONFIG_VNC_SSL_KEY"] = '/etc/pki/tls/private/ssl_vnc.key'
ssl_key_file = config["CONFIG_VNC_SSL_KEY"]
ssl_cert_file = config["CONFIG_VNC_SSL_CERT"]
ssl_host = config['CONFIG_CONTROLLER_HOST']
service = 'vnc'
generate_ssl_cert(config, ssl_host, service, ssl_key_file,
ssl_cert_file)
def create_vncproxy_manifest(config, messages):
if config["CONFIG_HORIZON_SSL"] == 'y':
if config["CONFIG_VNC_SSL_CERT"]:
ssl_cert_file = config["CONFIG_VNC_SSL_CERT"]
ssl_key_file = config["CONFIG_VNC_SSL_KEY"]
if not os.path.exists(ssl_cert_file):
raise exceptions.ParamValidationError(
"The file %s doesn't exist" % ssl_cert_file)
if not os.path.exists(ssl_key_file):
raise exceptions.ParamValidationError(
"The file %s doesn't exist" % ssl_key_file)
final_cert = open(ssl_cert_file, 'rt').read()
final_key = open(ssl_key_file, 'rt').read()
deliver_ssl_file(final_cert, ssl_cert_file, config['CONFIG_CONTROLLER_HOST'])
deliver_ssl_file(final_key, ssl_key_file, config['CONFIG_CONTROLLER_HOST'])
else:
config["CONFIG_VNC_SSL_CERT"] = '/etc/pki/tls/certs/ssl_vnc.crt'
config["CONFIG_VNC_SSL_KEY"] = '/etc/pki/tls/private/ssl_vnc.key'
ssl_key_file = config["CONFIG_VNC_SSL_KEY"]
ssl_cert_file = config["CONFIG_VNC_SSL_CERT"]
ssl_host = config['CONFIG_CONTROLLER_HOST']
service = 'vnc'
generate_ssl_cert(config, ssl_host, service, ssl_key_file,
ssl_cert_file)
def create_manifest(config, messages):
horizon_host = config['CONFIG_CONTROLLER_HOST']
manifestfile = "%s_horizon.pp" % horizon_host
proto = "http"
config["CONFIG_HORIZON_PORT"] = 80
sslmanifestdata = ''
if config["CONFIG_HORIZON_SSL"] == 'y':
config["CONFIG_HORIZON_PORT"] = 443
proto = "https"
# Are we using the users cert/key files
if config["CONFIG_HORIZON_SSL_CERT"]:
ssl_cert_file = config["CONFIG_HORIZON_SSL_CERT"]
ssl_key_file = config["CONFIG_HORIZON_SSL_KEY"]
ssl_chain_file = config["CONFIG_HORIZON_SSL_CACERT"]
if not os.path.exists(ssl_cert_file):
raise exceptions.ParamValidationError(
"The file %s doesn't exist" % ssl_cert_file)
if not os.path.exists(ssl_key_file):
raise exceptions.ParamValidationError(
"The file %s doesn't exist" % ssl_key_file)
if not os.path.exists(ssl_chain_file):
raise exceptions.ParamValidationError(
"The file %s doesn't exist" % ssl_chain_file)
final_cert = open(ssl_cert_file, 'rt').read()
final_key = open(ssl_key_file, 'rt').read()
final_cacert = open(ssl_chain_file, 'rt').read()
host = config['CONFIG_CONTROLLER_HOST']
deliver_ssl_file(final_cacert, ssl_chain_file, host)
deliver_ssl_file(final_cert, ssl_cert_file, host)
deliver_ssl_file(final_key, ssl_key_file, host)
else:
ssl_cert_file = config["CONFIG_HORIZON_SSL_CERT"] = (
'/etc/pki/tls/certs/ssl_dashboard.crt')
ssl_key_file = config["CONFIG_HORIZON_SSL_KEY"] = (
'/etc/pki/tls/private/ssl_dashboard.key')
cacert = config['CONFIG_SSL_CACERT']
config["CONFIG_HORIZON_SSL_CACERT"] = cacert
ssl_host = config['CONFIG_CONTROLLER_HOST']
service = 'dashboard'
generate_ssl_cert(config, ssl_host, service, ssl_key_file,
ssl_cert_file)
messages.append(
"%sNOTE%s : A certificate was generated to be used for ssl, "
"You should change the ssl certificate configured in "
"/etc/httpd/conf.d/ssl.conf on %s to use a CA signed cert." %
(utils.COLORS['red'], utils.COLORS['nocolor'], horizon_host))
config["CONFIG_HORIZON_NEUTRON_LB"] = False
config["CONFIG_HORIZON_NEUTRON_FW"] = False
config["CONFIG_HORIZON_NEUTRON_VPN"] = False
if config['CONFIG_NEUTRON_INSTALL'] == 'y':
if config["CONFIG_LBAAS_INSTALL"] == 'y':
config["CONFIG_HORIZON_NEUTRON_LB"] = True
if config["CONFIG_NEUTRON_FWAAS"] == 'y':
config["CONFIG_HORIZON_NEUTRON_FW"] = True
if config["CONFIG_NEUTRON_VPNAAS"] == 'y':
config["CONFIG_HORIZON_NEUTRON_VPN"] = True
manifestdata = getManifestTemplate("horizon")
appendManifestFile(manifestfile, manifestdata)
msg = ("To access the OpenStack Dashboard browse to %s://%s/dashboard .\n"
"Please, find your login credentials stored in the keystonerc_admin"
" in your home directory." %
(proto, config['CONFIG_CONTROLLER_HOST']))
messages.append(msg)
def create_manifest(config, messages):
horizon_host = config['CONFIG_CONTROLLER_HOST']
manifestfile = "%s_horizon.pp" % horizon_host
proto = "http"
config["CONFIG_HORIZON_PORT"] = 80
sslmanifestdata = ''
if config["CONFIG_HORIZON_SSL"] == 'y':
config["CONFIG_HORIZON_PORT"] = 443
proto = "https"
# Are we using the users cert/key files
if config["CONFIG_HORIZON_SSL_CERT"]:
ssl_cert_file = config["CONFIG_HORIZON_SSL_CERT"]
ssl_key_file = config["CONFIG_HORIZON_SSL_KEY"]
ssl_chain_file = config["CONFIG_HORIZON_SSL_CACERT"]
if not os.path.exists(ssl_cert_file):
raise exceptions.ParamValidationError(
"The file %s doesn't exist" % ssl_cert_file)
if not os.path.exists(ssl_key_file):
raise exceptions.ParamValidationError(
"The file %s doesn't exist" % ssl_key_file)
if not os.path.exists(ssl_chain_file):
raise exceptions.ParamValidationError(
"The file %s doesn't exist" % ssl_chain_file)
final_cert = open(ssl_cert_file, 'rt').read()
final_key = open(ssl_key_file, 'rt').read()
final_cacert = open(ssl_chain_file, 'rt').read()
host = config['CONFIG_CONTROLLER_HOST']
deliver_ssl_file(final_cacert, ssl_chain_file, host)
deliver_ssl_file(final_cert, ssl_cert_file, host)
deliver_ssl_file(final_key, ssl_key_file, host)
else:
ssl_cert_file = config["CONFIG_HORIZON_SSL_CERT"] = (
'/etc/pki/tls/certs/ssl_dashboard.crt'
)
ssl_key_file = config["CONFIG_HORIZON_SSL_KEY"] = (
'/etc/pki/tls/private/ssl_dashboard.key'
)
cacert = config['CONFIG_SSL_CACERT']
config["CONFIG_HORIZON_SSL_CACERT"] = cacert
ssl_host = config['CONFIG_CONTROLLER_HOST']
service = 'dashboard'
generate_ssl_cert(config, ssl_host, service, ssl_key_file,
ssl_cert_file)
messages.append(
"%sNOTE%s : A certificate was generated to be used for ssl, "
"You should change the ssl certificate configured in "
"/etc/httpd/conf.d/ssl.conf on %s to use a CA signed cert."
% (utils.COLORS['red'], utils.COLORS['nocolor'], horizon_host))
config["CONFIG_HORIZON_NEUTRON_LB"] = False
config["CONFIG_HORIZON_NEUTRON_FW"] = False
config["CONFIG_HORIZON_NEUTRON_VPN"] = False
if config['CONFIG_NEUTRON_INSTALL'] == 'y':
if config["CONFIG_LBAAS_INSTALL"] == 'y':
config["CONFIG_HORIZON_NEUTRON_LB"] = True
if config["CONFIG_NEUTRON_FWAAS"] == 'y':
config["CONFIG_HORIZON_NEUTRON_FW"] = True
if config["CONFIG_NEUTRON_VPNAAS"] == 'y':
config["CONFIG_HORIZON_NEUTRON_VPN"] = True
manifestdata = getManifestTemplate("horizon")
manifestdata += getManifestTemplate("apache_ports")
appendManifestFile(manifestfile, manifestdata)
msg = ("To access the OpenStack Dashboard browse to %s://%s/dashboard .\n"
"Please, find your login credentials stored in the keystonerc_admin"
" in your home directory."
% (proto, config['CONFIG_CONTROLLER_HOST']))
messages.append(msg)
