Permalink
Browse files

Improve savanna keystone auth configuration

We're doing to use common keystone configuration approach - section
keystone_authtoken with config opts from the python-keystoneclient
auth_token middleware.

Change-Id: Ibbe0c76ee3b00045f5cb5134bd7661e9cef6ccdd
  • Loading branch information...
1 parent 2dcc774 commit de2057290a368e339cb66a8a61d483c90f964089 @Frostman Frostman committed Feb 19, 2014
Showing with 34 additions and 0 deletions.
  1. +5 −0 extras.d/70-savanna.sh
  2. +29 −0 lib/savanna
View
@@ -8,6 +8,7 @@ if is_service_enabled savanna; then
elif [[ "$1" == "stack" && "$2" == "install" ]]; then
echo_summary "Installing Savanna"
install_savanna
+ cleanup_savanna
if is_service_enabled horizon; then
install_savanna_dashboard
fi
@@ -29,4 +30,8 @@ if is_service_enabled savanna; then
cleanup_savanna_dashboard
fi
fi
+
+ if [[ "$1" == "clean" ]]; then
+ cleanup_savanna
+ fi
fi
View
@@ -10,6 +10,7 @@
# configure_savanna
# start_savanna
# stop_savanna
+# cleanup_savanna
# Save trace setting
XTRACE=$(set +o | grep xtrace)
@@ -33,6 +34,8 @@ SAVANNA_SERVICE_HOST=${SAVANNA_SERVICE_HOST:-$SERVICE_HOST}
SAVANNA_SERVICE_PORT=${SAVANNA_SERVICE_PORT:-8386}
SAVANNA_SERVICE_PROTOCOL=${SAVANNA_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
+SAVANNA_AUTH_CACHE_DIR=${SAVANNA_AUTH_CACHE_DIR:-/var/cache/savanna}
+
# Support entry points installation of console scripts
if [[ -d $SAVANNA_DIR/bin ]]; then
SAVANNA_BIN_DIR=$SAVANNA_DIR/bin
@@ -83,6 +86,14 @@ function create_savanna_accounts() {
fi
}
+# cleanup_savanna() - Remove residual data files, anything left over from
+# previous runs that would need to clean up.
+function cleanup_savanna() {
+
+ # Cleanup auth cache dir
+ sudo rm -rf $SAVANNA_AUTH_CACHE_DIR
+}
+
# configure_savanna() - Set config files, create data dirs, etc
function configure_savanna() {
@@ -94,9 +105,27 @@ function configure_savanna() {
# Copy over savanna configuration file and configure common parameters.
cp $SAVANNA_DIR/etc/savanna/savanna.conf.sample $SAVANNA_CONF_FILE
+ # Create auth cache dir
+ sudo mkdir -p $SAVANNA_AUTH_CACHE_DIR
+ sudo chown $STACK_USER $SAVANNA_AUTH_CACHE_DIR
+ rm -rf $SAVANNA_AUTH_CACHE_DIR/*
+
+ # Set obsolete keystone auth configs for backward compatibility
+ iniset $SAVANNA_CONF_FILE DEFAULT os_auth_host $KEYSTONE_SERVICE_HOST
+ iniset $SAVANNA_CONF_FILE DEFAULT os_auth_port $KEYSTONE_SERVICE_PORT
+ iniset $SAVANNA_CONF_FILE DEFAULT os_auth_protocol $KEYSTONE_SERVICE_PROTOCOL
iniset $SAVANNA_CONF_FILE DEFAULT os_admin_password $SERVICE_PASSWORD
iniset $SAVANNA_CONF_FILE DEFAULT os_admin_username savanna
iniset $SAVANNA_CONF_FILE DEFAULT os_admin_tenant_name $SERVICE_TENANT_NAME
+
+ # Set actual keystone auth configs
+ iniset $SAVANNA_CONF_FILE keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/
+ iniset $SAVANNA_CONF_FILE keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
+ iniset $SAVANNA_CONF_FILE keystone_authtoken admin_user savanna
+ iniset $SAVANNA_CONF_FILE keystone_authtoken admin_password $SERVICE_PASSWORD
+ iniset $SAVANNA_CONF_FILE keystone_authtoken signing_dir $SAVANNA_AUTH_CACHE_DIR
+ iniset $SAVANNA_CONF_FILE keystone_authtoken cafile $KEYSTONE_SSL_CA
+
iniset $SAVANNA_CONF_FILE DEFAULT debug $SAVANNA_DEBUG
iniset $SAVANNA_CONF_FILE database connection `database_connection_url savanna`

0 comments on commit de20572

Please sign in to comment.