def _deploy_postconfig(self, stack, parsed_args): self.log.debug("_deploy_postconfig(%s)" % parsed_args) overcloud_endpoint = utils.get_overcloud_endpoint(stack) # NOTE(jaosorior): The overcloud endpoint can contain an IP address or # an FQDN depending on how what it's configured to output in the # tripleo-heat-templates. Such a configuration can be done by # overriding the EndpointMap through parameter_defaults. overcloud_ip_or_fqdn = six.moves.urllib.parse.urlparse( overcloud_endpoint).hostname keystone_admin_ip = utils.get_endpoint('KeystoneAdmin', stack) no_proxy = os.environ.get('no_proxy', overcloud_ip_or_fqdn) no_proxy_list = map(utils.bracket_ipv6, [no_proxy, overcloud_ip_or_fqdn, keystone_admin_ip]) os.environ['no_proxy'] = ','.join( [x for x in no_proxy_list if x is not None]) utils.remove_known_hosts(overcloud_ip_or_fqdn) if not self._endpoints_managed(stack): self._keystone_init(overcloud_endpoint, overcloud_ip_or_fqdn, parsed_args, stack) else: self.log.debug("Keystone endpoints and services are managed by " "puppet. Skipping post-config.")
def test_remove_known_hosts_no_file(self, mock_exists, mock_check_call): mock_exists.return_value = False utils.remove_known_hosts('192.168.0.1') mock_check_call.assert_not_called()
def test_remove_known_hosts(self, mock_exists, mock_check_call): mock_exists.return_value = True utils.remove_known_hosts("192.168.0.1") known_hosts = os.path.expanduser("~/.ssh/known_hosts") mock_check_call.assert_called_with(["ssh-keygen", "-R", "192.168.0.1", "-f", known_hosts])
def test_remove_known_hosts(self, mock_exists, mock_check_call): mock_exists.return_value = True utils.remove_known_hosts('192.168.0.1') known_hosts = os.path.expanduser("~/.ssh/known_hosts") mock_check_call.assert_called_with( ['ssh-keygen', '-R', '192.168.0.1', '-f', known_hosts])
def _deploy_postconfig(self, stack, parsed_args): self.log.debug("_deploy_postconfig(%s)" % parsed_args) overcloud_endpoint = utils.get_overcloud_endpoint(stack) # NOTE(jaosorior): The overcloud endpoint can contain an IP address or # an FQDN depending on how what it's configured to output in the # tripleo-heat-templates. Such a configuration can be done by # overriding the EndpointMap through parameter_defaults. overcloud_ip_or_fqdn = six.moves.urllib.parse.urlparse( overcloud_endpoint).hostname no_proxy = [os.environ.get('no_proxy'), overcloud_ip_or_fqdn] os.environ['no_proxy'] = ','.join( [x for x in no_proxy if x is not None]) utils.remove_known_hosts(overcloud_ip_or_fqdn) self._keystone_init(overcloud_endpoint, overcloud_ip_or_fqdn, parsed_args, stack)
def _deploy_postconfig(self, stack, parsed_args): self.log.debug("_deploy_postconfig(%s)" % parsed_args) overcloud_endpoint = utils.get_overcloud_endpoint(stack) overcloud_ip = six.moves.urllib.parse.urlparse( overcloud_endpoint).hostname no_proxy = [os.environ.get('no_proxy'), overcloud_ip] os.environ['no_proxy'] = ','.join( [x for x in no_proxy if x is not None]) service_ips = utils.get_service_ips(stack) utils.remove_known_hosts(overcloud_ip) keystone_ip = service_ips.get('KeystoneAdminVip') if not keystone_ip: keystone_ip = overcloud_ip keystone.initialize( keystone_ip, utils.get_password('OVERCLOUD_ADMIN_TOKEN'), '*****@*****.**', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), public=overcloud_ip, user=parsed_args.overcloud_ssh_user) # NOTE(bcrochet): Bad hack. Remove the ssl_port info from the # os_cloud_config.SERVICES dictionary for service_name, data in keystone.SERVICES.iteritems(): data.pop('ssl_port', None) services = {} for service, data in six.iteritems(utils.SERVICE_LIST): service_data = data.copy() service_data.pop('password_field', None) password_field = data.get('password_field') if password_field: service_data['password'] = utils.get_password(password_field) service_name = re.sub('v[0-9]+', '', service.capitalize() + 'InternalVip') internal_vip = service_ips.get(service_name) if internal_vip: service_data['internal_host'] = internal_vip services.update({service: service_data}) keystone_client = clients.get_keystone_client( 'admin', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), 'admin', overcloud_endpoint) keystone.setup_endpoints( services, client=keystone_client, os_auth_url=overcloud_endpoint, public_host=overcloud_ip) compute_client = clients.get_nova_bm_client( 'admin', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), 'admin', overcloud_endpoint) compute_client.flavors.create('m1.demo', 512, 1, 10, 'auto')
def _deploy_postconfig(self, stack, parsed_args): self.log.debug("_deploy_postconfig(%s)" % parsed_args) overcloud_endpoint = utils.get_overcloud_endpoint(stack) overcloud_ip = six.moves.urllib.parse.urlparse( overcloud_endpoint).hostname no_proxy = [os.environ.get('no_proxy'), overcloud_ip] os.environ['no_proxy'] = ','.join( [x for x in no_proxy if x is not None]) service_ips = utils.get_service_ips(stack) utils.remove_known_hosts(overcloud_ip) keystone_ip = service_ips.get('KeystoneAdminVip') if not keystone_ip: keystone_ip = overcloud_ip # Note (spredzy): This was deprecated at the begining of # the Mitaka cycle. Should be good to remove for the # next N cycle. keystone.initialize( keystone_ip, utils.get_password('OVERCLOUD_ADMIN_TOKEN'), '*****@*****.**', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), public=overcloud_ip, user=parsed_args.overcloud_ssh_user) # NOTE(bcrochet): Bad hack. Remove the ssl_port info from the # os_cloud_config.SERVICES dictionary for service_name, data in keystone.SERVICES.iteritems(): data.pop('ssl_port', None) services = {} for service, data in six.iteritems(constants.SERVICE_LIST): service_data = data.copy() service_data.pop('password_field', None) password_field = data.get('password_field') if password_field: service_data['password'] = utils.get_password(password_field) service_name = re.sub('v[0-9]+', '', service.capitalize() + 'InternalVip') internal_vip = service_ips.get(service_name) if internal_vip: service_data['internal_host'] = internal_vip services.update({service: service_data}) # Note (spredzy): This was deprecated at the begining of # the Mitaka cycle. Should be good to remove for the # next N cycle. try: keystone_client = clients.get_keystone_client( 'admin', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), 'admin', overcloud_endpoint) keystone.setup_endpoints( services, client=keystone_client, os_auth_url=overcloud_endpoint, public_host=overcloud_ip) except kscexc.Conflict: pass else: self.log.warning("Setting up keystone endpoints via " "os-cloud-config. This behavior is " "deprecated and will be removed in " "a future release. Please update " "your heat templates to a version " "that does Keystone initialization " "via Puppet.") compute_client = clients.get_nova_bm_client( 'admin', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), 'admin', overcloud_endpoint) compute_client.flavors.create('m1.demo', 512, 1, 10, 'auto')
def _deploy_postconfig(self, stack, parsed_args): self.log.debug("_deploy_postconfig(%s)" % parsed_args) overcloud_endpoint = utils.get_overcloud_endpoint(stack) # NOTE(jaosorior): The overcloud endpoint can contain an IP address or # an FQDN depending on how what it's configured to output in the # tripleo-heat-templates. Such a configuration can be done by # overriding the EndpointMap through parameter_defaults. overcloud_ip_or_fqdn = six.moves.urllib.parse.urlparse( overcloud_endpoint).hostname no_proxy = [os.environ.get('no_proxy'), overcloud_ip_or_fqdn] os.environ['no_proxy'] = ','.join( [x for x in no_proxy if x is not None]) service_ips = utils.get_service_ips(stack) utils.remove_known_hosts(overcloud_ip_or_fqdn) keystone_admin_ip = service_ips.get('KeystoneAdminVip') keystone_internal_ip = service_ips.get('KeystoneInternalVip') tls_enabled = self._is_tls_enabled(overcloud_endpoint) keystone_tls_host = None if not keystone_admin_ip: keystone_admin_ip = overcloud_ip_or_fqdn if not keystone_internal_ip: keystone_internal_ip = overcloud_ip_or_fqdn if tls_enabled: # NOTE(jaosorior): This triggers set up the keystone endpoint with # the https protocol and the required port set in # keystone.initialize. keystone_tls_host = overcloud_ip_or_fqdn keystone.initialize( keystone_admin_ip, utils.get_password('OVERCLOUD_ADMIN_TOKEN'), '*****@*****.**', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), ssl=keystone_tls_host, public=overcloud_ip_or_fqdn, user=parsed_args.overcloud_ssh_user, admin=keystone_admin_ip, internal=keystone_internal_ip) if not tls_enabled: # NOTE(bcrochet): Bad hack. Remove the ssl_port info from the # os_cloud_config.SERVICES dictionary for service_name, data in keystone.SERVICES.iteritems(): data.pop('ssl_port', None) services = {} for service, data in six.iteritems(constants.SERVICE_LIST): service_data = data.copy() service_data.pop('password_field', None) password_field = data.get('password_field') if password_field: service_data['password'] = utils.get_password(password_field) service_name = re.sub('v[0-9]+', '', service.capitalize() + 'InternalVip') internal_vip = service_ips.get(service_name) if internal_vip: service_data['internal_host'] = internal_vip services.update({service: service_data}) keystone_client = clients.get_keystone_client( 'admin', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), 'admin', overcloud_endpoint) keystone.setup_endpoints( services, client=keystone_client, os_auth_url=overcloud_endpoint, public_host=overcloud_ip_or_fqdn)
def _deploy_postconfig(self, stack, parsed_args): self.log.debug("_deploy_postconfig(%s)" % parsed_args) overcloud_endpoint = utils.get_overcloud_endpoint(stack) # NOTE(jaosorior): The overcloud endpoint can contain an IP address or # an FQDN depending on how what it's configured to output in the # tripleo-heat-templates. Such a configuration can be done by # overriding the EndpointMap through parameter_defaults. overcloud_ip_or_fqdn = six.moves.urllib.parse.urlparse( overcloud_endpoint).hostname no_proxy = [os.environ.get('no_proxy'), overcloud_ip_or_fqdn] os.environ['no_proxy'] = ','.join( [x for x in no_proxy if x is not None]) service_ips = utils.get_service_ips(stack) utils.remove_known_hosts(overcloud_ip_or_fqdn) keystone_admin_ip = service_ips.get('KeystoneAdminVip') keystone_internal_ip = service_ips.get('KeystoneInternalVip') tls_enabled = self._is_tls_enabled(overcloud_endpoint) keystone_tls_host = None if not keystone_admin_ip: keystone_admin_ip = overcloud_ip_or_fqdn if not keystone_internal_ip: keystone_internal_ip = overcloud_ip_or_fqdn if tls_enabled: # NOTE(jaosorior): This triggers set up the keystone endpoint with # the https protocol and the required port set in # keystone.initialize. keystone_tls_host = overcloud_ip_or_fqdn keystone.initialize(keystone_admin_ip, utils.get_password('OVERCLOUD_ADMIN_TOKEN'), '*****@*****.**', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), ssl=keystone_tls_host, public=overcloud_ip_or_fqdn, user=parsed_args.overcloud_ssh_user, admin=keystone_admin_ip, internal=keystone_internal_ip) if not tls_enabled: # NOTE(bcrochet): Bad hack. Remove the ssl_port info from the # os_cloud_config.SERVICES dictionary for service_name, data in keystone.SERVICES.iteritems(): data.pop('ssl_port', None) services = {} for service, data in six.iteritems(constants.SERVICE_LIST): service_data = data.copy() service_data.pop('password_field', None) password_field = data.get('password_field') if password_field: service_data['password'] = utils.get_password(password_field) service_name = re.sub('v[0-9]+', '', service.capitalize() + 'InternalVip') internal_vip = service_ips.get(service_name) if internal_vip: service_data['internal_host'] = internal_vip services.update({service: service_data}) keystone_client = clients.get_keystone_client( 'admin', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), 'admin', overcloud_endpoint) keystone.setup_endpoints(services, client=keystone_client, os_auth_url=overcloud_endpoint, public_host=overcloud_ip_or_fqdn)
def _deploy_postconfig(self, stack, parsed_args): self.log.debug("_deploy_postconfig(%s)" % parsed_args) overcloud_endpoint = utils.get_overcloud_endpoint(stack) overcloud_ip = six.moves.urllib.parse.urlparse( overcloud_endpoint).hostname no_proxy = [os.environ.get('no_proxy'), overcloud_ip] os.environ['no_proxy'] = ','.join( [x for x in no_proxy if x is not None]) service_ips = utils.get_service_ips(stack) utils.remove_known_hosts(overcloud_ip) keystone_ip = service_ips.get('KeystoneAdminVip') if not keystone_ip: keystone_ip = overcloud_ip # Note (spredzy): This was deprecated at the begining of # the Mitaka cycle. Should be good to remove for the # next N cycle. keystone.initialize(keystone_ip, utils.get_password('OVERCLOUD_ADMIN_TOKEN'), '*****@*****.**', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), public=overcloud_ip, user=parsed_args.overcloud_ssh_user) # NOTE(bcrochet): Bad hack. Remove the ssl_port info from the # os_cloud_config.SERVICES dictionary for service_name, data in keystone.SERVICES.iteritems(): data.pop('ssl_port', None) services = {} for service, data in six.iteritems(constants.SERVICE_LIST): service_data = data.copy() service_data.pop('password_field', None) password_field = data.get('password_field') if password_field: service_data['password'] = utils.get_password(password_field) service_name = re.sub('v[0-9]+', '', service.capitalize() + 'InternalVip') internal_vip = service_ips.get(service_name) if internal_vip: service_data['internal_host'] = internal_vip services.update({service: service_data}) # Note (spredzy): This was deprecated at the begining of # the Mitaka cycle. Should be good to remove for the # next N cycle. try: keystone_client = clients.get_keystone_client( 'admin', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), 'admin', overcloud_endpoint) keystone.setup_endpoints(services, client=keystone_client, os_auth_url=overcloud_endpoint, public_host=overcloud_ip) except kscexc.Conflict: pass else: self.log.warning("Setting up keystone endpoints via " "os-cloud-config. This behavior is " "deprecated and will be removed in " "a future release. Please update " "your heat templates to a version " "that does Keystone initialization " "via Puppet.") compute_client = clients.get_nova_bm_client( 'admin', utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), 'admin', overcloud_endpoint) compute_client.flavors.create('m1.demo', 512, 1, 10, 'auto')