def _deploy_postconfig(self, stack, parsed_args):
self.log.debug("_deploy_postconfig(%s)" % parsed_args)
overcloud_endpoint = utils.get_overcloud_endpoint(stack)
# NOTE(jaosorior): The overcloud endpoint can contain an IP address or
# an FQDN depending on how what it's configured to output in the
# tripleo-heat-templates. Such a configuration can be done by
# overriding the EndpointMap through parameter_defaults.
overcloud_ip_or_fqdn = six.moves.urllib.parse.urlparse(
overcloud_endpoint).hostname
keystone_admin_ip = utils.get_endpoint('KeystoneAdmin', stack)
no_proxy = os.environ.get('no_proxy', overcloud_ip_or_fqdn)
no_proxy_list = map(utils.bracket_ipv6,
[no_proxy, overcloud_ip_or_fqdn,
keystone_admin_ip])
os.environ['no_proxy'] = ','.join(
[x for x in no_proxy_list if x is not None])
utils.remove_known_hosts(overcloud_ip_or_fqdn)
if not self._endpoints_managed(stack):
self._keystone_init(overcloud_endpoint, overcloud_ip_or_fqdn,
parsed_args, stack)
else:
self.log.debug("Keystone endpoints and services are managed by "
"puppet. Skipping post-config.")
def test_remove_known_hosts_no_file(self, mock_exists, mock_check_call):
mock_exists.return_value = False
utils.remove_known_hosts('192.168.0.1')
mock_check_call.assert_not_called()
def test_remove_known_hosts_no_file(self, mock_exists, mock_check_call):
mock_exists.return_value = False
utils.remove_known_hosts('192.168.0.1')
mock_check_call.assert_not_called()
def test_remove_known_hosts(self, mock_exists, mock_check_call):
mock_exists.return_value = True
utils.remove_known_hosts("192.168.0.1")
known_hosts = os.path.expanduser("~/.ssh/known_hosts")
mock_check_call.assert_called_with(["ssh-keygen", "-R", "192.168.0.1", "-f", known_hosts])
def test_remove_known_hosts(self, mock_exists, mock_check_call):
mock_exists.return_value = True
utils.remove_known_hosts('192.168.0.1')
known_hosts = os.path.expanduser("~/.ssh/known_hosts")
mock_check_call.assert_called_with(
['ssh-keygen', '-R', '192.168.0.1', '-f', known_hosts])
def test_remove_known_hosts(self, mock_exists, mock_check_call):
mock_exists.return_value = True
utils.remove_known_hosts('192.168.0.1')
known_hosts = os.path.expanduser("~/.ssh/known_hosts")
mock_check_call.assert_called_with(
['ssh-keygen', '-R', '192.168.0.1', '-f', known_hosts])
def _deploy_postconfig(self, stack, parsed_args):
self.log.debug("_deploy_postconfig(%s)" % parsed_args)
overcloud_endpoint = utils.get_overcloud_endpoint(stack)
# NOTE(jaosorior): The overcloud endpoint can contain an IP address or
# an FQDN depending on how what it's configured to output in the
# tripleo-heat-templates. Such a configuration can be done by
# overriding the EndpointMap through parameter_defaults.
overcloud_ip_or_fqdn = six.moves.urllib.parse.urlparse(
overcloud_endpoint).hostname
no_proxy = [os.environ.get('no_proxy'), overcloud_ip_or_fqdn]
os.environ['no_proxy'] = ','.join(
[x for x in no_proxy if x is not None])
utils.remove_known_hosts(overcloud_ip_or_fqdn)
self._keystone_init(overcloud_endpoint, overcloud_ip_or_fqdn,
parsed_args, stack)
def _deploy_postconfig(self, stack, parsed_args):
self.log.debug("_deploy_postconfig(%s)" % parsed_args)
overcloud_endpoint = utils.get_overcloud_endpoint(stack)
# NOTE(jaosorior): The overcloud endpoint can contain an IP address or
# an FQDN depending on how what it's configured to output in the
# tripleo-heat-templates. Such a configuration can be done by
# overriding the EndpointMap through parameter_defaults.
overcloud_ip_or_fqdn = six.moves.urllib.parse.urlparse(
overcloud_endpoint).hostname
no_proxy = [os.environ.get('no_proxy'), overcloud_ip_or_fqdn]
os.environ['no_proxy'] = ','.join(
[x for x in no_proxy if x is not None])
utils.remove_known_hosts(overcloud_ip_or_fqdn)
self._keystone_init(overcloud_endpoint, overcloud_ip_or_fqdn,
parsed_args, stack)
def _deploy_postconfig(self, stack, parsed_args):
self.log.debug("_deploy_postconfig(%s)" % parsed_args)
overcloud_endpoint = utils.get_overcloud_endpoint(stack)
overcloud_ip = six.moves.urllib.parse.urlparse(
overcloud_endpoint).hostname
no_proxy = [os.environ.get('no_proxy'), overcloud_ip]
os.environ['no_proxy'] = ','.join(
[x for x in no_proxy if x is not None])
service_ips = utils.get_service_ips(stack)
utils.remove_known_hosts(overcloud_ip)
keystone_ip = service_ips.get('KeystoneAdminVip')
if not keystone_ip:
keystone_ip = overcloud_ip
keystone.initialize(
keystone_ip,
utils.get_password('OVERCLOUD_ADMIN_TOKEN'),
'*****@*****.**',
utils.get_password('OVERCLOUD_ADMIN_PASSWORD'),
public=overcloud_ip,
user=parsed_args.overcloud_ssh_user)
# NOTE(bcrochet): Bad hack. Remove the ssl_port info from the
# os_cloud_config.SERVICES dictionary
for service_name, data in keystone.SERVICES.iteritems():
data.pop('ssl_port', None)
services = {}
for service, data in six.iteritems(utils.SERVICE_LIST):
service_data = data.copy()
service_data.pop('password_field', None)
password_field = data.get('password_field')
if password_field:
service_data['password'] = utils.get_password(password_field)
service_name = re.sub('v[0-9]+', '',
service.capitalize() + 'InternalVip')
internal_vip = service_ips.get(service_name)
if internal_vip:
service_data['internal_host'] = internal_vip
services.update({service: service_data})
keystone_client = clients.get_keystone_client(
'admin',
utils.get_password('OVERCLOUD_ADMIN_PASSWORD'),
'admin',
overcloud_endpoint)
keystone.setup_endpoints(
services,
client=keystone_client,
os_auth_url=overcloud_endpoint,
public_host=overcloud_ip)
compute_client = clients.get_nova_bm_client(
'admin',
utils.get_password('OVERCLOUD_ADMIN_PASSWORD'),
'admin',
overcloud_endpoint)
compute_client.flavors.create('m1.demo', 512, 1, 10, 'auto')
def _deploy_postconfig(self, stack, parsed_args):
self.log.debug("_deploy_postconfig(%s)" % parsed_args)
overcloud_endpoint = utils.get_overcloud_endpoint(stack)
overcloud_ip = six.moves.urllib.parse.urlparse(
overcloud_endpoint).hostname
no_proxy = [os.environ.get('no_proxy'), overcloud_ip]
os.environ['no_proxy'] = ','.join(
[x for x in no_proxy if x is not None])
service_ips = utils.get_service_ips(stack)
utils.remove_known_hosts(overcloud_ip)
keystone_ip = service_ips.get('KeystoneAdminVip')
if not keystone_ip:
keystone_ip = overcloud_ip
# Note (spredzy): This was deprecated at the begining of
# the Mitaka cycle. Should be good to remove for the
# next N cycle.
keystone.initialize(
keystone_ip,
utils.get_password('OVERCLOUD_ADMIN_TOKEN'),
'*****@*****.**',
utils.get_password('OVERCLOUD_ADMIN_PASSWORD'),
public=overcloud_ip,
user=parsed_args.overcloud_ssh_user)
# NOTE(bcrochet): Bad hack. Remove the ssl_port info from the
# os_cloud_config.SERVICES dictionary
for service_name, data in keystone.SERVICES.iteritems():
data.pop('ssl_port', None)
services = {}
for service, data in six.iteritems(constants.SERVICE_LIST):
service_data = data.copy()
service_data.pop('password_field', None)
password_field = data.get('password_field')
if password_field:
service_data['password'] = utils.get_password(password_field)
service_name = re.sub('v[0-9]+', '',
service.capitalize() + 'InternalVip')
internal_vip = service_ips.get(service_name)
if internal_vip:
service_data['internal_host'] = internal_vip
services.update({service: service_data})
# Note (spredzy): This was deprecated at the begining of
# the Mitaka cycle. Should be good to remove for the
# next N cycle.
try:
keystone_client = clients.get_keystone_client(
'admin',
utils.get_password('OVERCLOUD_ADMIN_PASSWORD'),
'admin',
overcloud_endpoint)
keystone.setup_endpoints(
services,
client=keystone_client,
os_auth_url=overcloud_endpoint,
public_host=overcloud_ip)
except kscexc.Conflict:
pass
else:
self.log.warning("Setting up keystone endpoints via "
"os-cloud-config. This behavior is "
"deprecated and will be removed in "
"a future release. Please update "
"your heat templates to a version "
"that does Keystone initialization "
"via Puppet.")
compute_client = clients.get_nova_bm_client(
'admin',
utils.get_password('OVERCLOUD_ADMIN_PASSWORD'),
'admin',
overcloud_endpoint)
compute_client.flavors.create('m1.demo', 512, 1, 10, 'auto')
def _deploy_postconfig(self, stack, parsed_args):
self.log.debug("_deploy_postconfig(%s)" % parsed_args)
overcloud_endpoint = utils.get_overcloud_endpoint(stack)
# NOTE(jaosorior): The overcloud endpoint can contain an IP address or
# an FQDN depending on how what it's configured to output in the
# tripleo-heat-templates. Such a configuration can be done by
# overriding the EndpointMap through parameter_defaults.
overcloud_ip_or_fqdn = six.moves.urllib.parse.urlparse(
overcloud_endpoint).hostname
no_proxy = [os.environ.get('no_proxy'), overcloud_ip_or_fqdn]
os.environ['no_proxy'] = ','.join(
[x for x in no_proxy if x is not None])
service_ips = utils.get_service_ips(stack)
utils.remove_known_hosts(overcloud_ip_or_fqdn)
keystone_admin_ip = service_ips.get('KeystoneAdminVip')
keystone_internal_ip = service_ips.get('KeystoneInternalVip')
tls_enabled = self._is_tls_enabled(overcloud_endpoint)
keystone_tls_host = None
if not keystone_admin_ip:
keystone_admin_ip = overcloud_ip_or_fqdn
if not keystone_internal_ip:
keystone_internal_ip = overcloud_ip_or_fqdn
if tls_enabled:
# NOTE(jaosorior): This triggers set up the keystone endpoint with
# the https protocol and the required port set in
# keystone.initialize.
keystone_tls_host = overcloud_ip_or_fqdn
keystone.initialize(
keystone_admin_ip,
utils.get_password('OVERCLOUD_ADMIN_TOKEN'),
'*****@*****.**',
utils.get_password('OVERCLOUD_ADMIN_PASSWORD'),
ssl=keystone_tls_host,
public=overcloud_ip_or_fqdn,
user=parsed_args.overcloud_ssh_user,
admin=keystone_admin_ip,
internal=keystone_internal_ip)
if not tls_enabled:
# NOTE(bcrochet): Bad hack. Remove the ssl_port info from the
# os_cloud_config.SERVICES dictionary
for service_name, data in keystone.SERVICES.iteritems():
data.pop('ssl_port', None)
services = {}
for service, data in six.iteritems(constants.SERVICE_LIST):
service_data = data.copy()
service_data.pop('password_field', None)
password_field = data.get('password_field')
if password_field:
service_data['password'] = utils.get_password(password_field)
service_name = re.sub('v[0-9]+', '',
service.capitalize() + 'InternalVip')
internal_vip = service_ips.get(service_name)
if internal_vip:
service_data['internal_host'] = internal_vip
services.update({service: service_data})
keystone_client = clients.get_keystone_client(
'admin',
utils.get_password('OVERCLOUD_ADMIN_PASSWORD'),
'admin',
overcloud_endpoint)
keystone.setup_endpoints(
services,
client=keystone_client,
os_auth_url=overcloud_endpoint,
public_host=overcloud_ip_or_fqdn)
def _deploy_postconfig(self, stack, parsed_args):
self.log.debug("_deploy_postconfig(%s)" % parsed_args)
overcloud_endpoint = utils.get_overcloud_endpoint(stack)
# NOTE(jaosorior): The overcloud endpoint can contain an IP address or
# an FQDN depending on how what it's configured to output in the
# tripleo-heat-templates. Such a configuration can be done by
# overriding the EndpointMap through parameter_defaults.
overcloud_ip_or_fqdn = six.moves.urllib.parse.urlparse(
overcloud_endpoint).hostname
no_proxy = [os.environ.get('no_proxy'), overcloud_ip_or_fqdn]
os.environ['no_proxy'] = ','.join(
[x for x in no_proxy if x is not None])
service_ips = utils.get_service_ips(stack)
utils.remove_known_hosts(overcloud_ip_or_fqdn)
keystone_admin_ip = service_ips.get('KeystoneAdminVip')
keystone_internal_ip = service_ips.get('KeystoneInternalVip')
tls_enabled = self._is_tls_enabled(overcloud_endpoint)
keystone_tls_host = None
if not keystone_admin_ip:
keystone_admin_ip = overcloud_ip_or_fqdn
if not keystone_internal_ip:
keystone_internal_ip = overcloud_ip_or_fqdn
if tls_enabled:
# NOTE(jaosorior): This triggers set up the keystone endpoint with
# the https protocol and the required port set in
# keystone.initialize.
keystone_tls_host = overcloud_ip_or_fqdn
keystone.initialize(keystone_admin_ip,
utils.get_password('OVERCLOUD_ADMIN_TOKEN'),
'*****@*****.**',
utils.get_password('OVERCLOUD_ADMIN_PASSWORD'),
ssl=keystone_tls_host,
public=overcloud_ip_or_fqdn,
user=parsed_args.overcloud_ssh_user,
admin=keystone_admin_ip,
internal=keystone_internal_ip)
if not tls_enabled:
# NOTE(bcrochet): Bad hack. Remove the ssl_port info from the
# os_cloud_config.SERVICES dictionary
for service_name, data in keystone.SERVICES.iteritems():
data.pop('ssl_port', None)
services = {}
for service, data in six.iteritems(constants.SERVICE_LIST):
service_data = data.copy()
service_data.pop('password_field', None)
password_field = data.get('password_field')
if password_field:
service_data['password'] = utils.get_password(password_field)
service_name = re.sub('v[0-9]+', '',
service.capitalize() + 'InternalVip')
internal_vip = service_ips.get(service_name)
if internal_vip:
service_data['internal_host'] = internal_vip
services.update({service: service_data})
keystone_client = clients.get_keystone_client(
'admin', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), 'admin',
overcloud_endpoint)
keystone.setup_endpoints(services,
client=keystone_client,
os_auth_url=overcloud_endpoint,
public_host=overcloud_ip_or_fqdn)
def _deploy_postconfig(self, stack, parsed_args):
self.log.debug("_deploy_postconfig(%s)" % parsed_args)
overcloud_endpoint = utils.get_overcloud_endpoint(stack)
overcloud_ip = six.moves.urllib.parse.urlparse(
overcloud_endpoint).hostname
no_proxy = [os.environ.get('no_proxy'), overcloud_ip]
os.environ['no_proxy'] = ','.join(
[x for x in no_proxy if x is not None])
service_ips = utils.get_service_ips(stack)
utils.remove_known_hosts(overcloud_ip)
keystone_ip = service_ips.get('KeystoneAdminVip')
if not keystone_ip:
keystone_ip = overcloud_ip
# Note (spredzy): This was deprecated at the begining of
# the Mitaka cycle. Should be good to remove for the
# next N cycle.
keystone.initialize(keystone_ip,
utils.get_password('OVERCLOUD_ADMIN_TOKEN'),
'*****@*****.**',
utils.get_password('OVERCLOUD_ADMIN_PASSWORD'),
public=overcloud_ip,
user=parsed_args.overcloud_ssh_user)
# NOTE(bcrochet): Bad hack. Remove the ssl_port info from the
# os_cloud_config.SERVICES dictionary
for service_name, data in keystone.SERVICES.iteritems():
data.pop('ssl_port', None)
services = {}
for service, data in six.iteritems(constants.SERVICE_LIST):
service_data = data.copy()
service_data.pop('password_field', None)
password_field = data.get('password_field')
if password_field:
service_data['password'] = utils.get_password(password_field)
service_name = re.sub('v[0-9]+', '',
service.capitalize() + 'InternalVip')
internal_vip = service_ips.get(service_name)
if internal_vip:
service_data['internal_host'] = internal_vip
services.update({service: service_data})
# Note (spredzy): This was deprecated at the begining of
# the Mitaka cycle. Should be good to remove for the
# next N cycle.
try:
keystone_client = clients.get_keystone_client(
'admin', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'),
'admin', overcloud_endpoint)
keystone.setup_endpoints(services,
client=keystone_client,
os_auth_url=overcloud_endpoint,
public_host=overcloud_ip)
except kscexc.Conflict:
pass
else:
self.log.warning("Setting up keystone endpoints via "
"os-cloud-config. This behavior is "
"deprecated and will be removed in "
"a future release. Please update "
"your heat templates to a version "
"that does Keystone initialization "
"via Puppet.")
compute_client = clients.get_nova_bm_client(
'admin', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), 'admin',
overcloud_endpoint)
compute_client.flavors.create('m1.demo', 512, 1, 10, 'auto')
