Skip to content

Commit de20572

Browse files
FrostmanFrostman
committed
Improve savanna keystone auth configuration
We're doing to use common keystone configuration approach - section keystone_authtoken with config opts from the python-keystoneclient auth_token middleware. Change-Id: Ibbe0c76ee3b00045f5cb5134bd7661e9cef6ccdd
1 parent 2dcc774 commit de20572

File tree

2 files changed

+34
-0
lines changed

2 files changed

+34
-0
lines changed

extras.d/70-savanna.sh

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ if is_service_enabled savanna; then
88
elif [[ "$1" == "stack" && "$2" == "install" ]]; then
99
echo_summary "Installing Savanna"
1010
install_savanna
11+
cleanup_savanna
1112
if is_service_enabled horizon; then
1213
install_savanna_dashboard
1314
fi
@@ -29,4 +30,8 @@ if is_service_enabled savanna; then
2930
cleanup_savanna_dashboard
3031
fi
3132
fi
33+
34+
if [[ "$1" == "clean" ]]; then
35+
cleanup_savanna
36+
fi
3237
fi

lib/savanna

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@
1010
# configure_savanna
1111
# start_savanna
1212
# stop_savanna
13+
# cleanup_savanna
1314

1415
# Save trace setting
1516
XTRACE=$(set +o | grep xtrace)
@@ -33,6 +34,8 @@ SAVANNA_SERVICE_HOST=${SAVANNA_SERVICE_HOST:-$SERVICE_HOST}
3334
SAVANNA_SERVICE_PORT=${SAVANNA_SERVICE_PORT:-8386}
3435
SAVANNA_SERVICE_PROTOCOL=${SAVANNA_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
3536

37+
SAVANNA_AUTH_CACHE_DIR=${SAVANNA_AUTH_CACHE_DIR:-/var/cache/savanna}
38+
3639
# Support entry points installation of console scripts
3740
if [[ -d $SAVANNA_DIR/bin ]]; then
3841
SAVANNA_BIN_DIR=$SAVANNA_DIR/bin
@@ -83,6 +86,14 @@ function create_savanna_accounts() {
8386
fi
8487
}
8588

89+
# cleanup_savanna() - Remove residual data files, anything left over from
90+
# previous runs that would need to clean up.
91+
function cleanup_savanna() {
92+
93+
# Cleanup auth cache dir
94+
sudo rm -rf $SAVANNA_AUTH_CACHE_DIR
95+
}
96+
8697
# configure_savanna() - Set config files, create data dirs, etc
8798
function configure_savanna() {
8899

@@ -94,9 +105,27 @@ function configure_savanna() {
94105
# Copy over savanna configuration file and configure common parameters.
95106
cp $SAVANNA_DIR/etc/savanna/savanna.conf.sample $SAVANNA_CONF_FILE
96107

108+
# Create auth cache dir
109+
sudo mkdir -p $SAVANNA_AUTH_CACHE_DIR
110+
sudo chown $STACK_USER $SAVANNA_AUTH_CACHE_DIR
111+
rm -rf $SAVANNA_AUTH_CACHE_DIR/*
112+
113+
# Set obsolete keystone auth configs for backward compatibility
114+
iniset $SAVANNA_CONF_FILE DEFAULT os_auth_host $KEYSTONE_SERVICE_HOST
115+
iniset $SAVANNA_CONF_FILE DEFAULT os_auth_port $KEYSTONE_SERVICE_PORT
116+
iniset $SAVANNA_CONF_FILE DEFAULT os_auth_protocol $KEYSTONE_SERVICE_PROTOCOL
97117
iniset $SAVANNA_CONF_FILE DEFAULT os_admin_password $SERVICE_PASSWORD
98118
iniset $SAVANNA_CONF_FILE DEFAULT os_admin_username savanna
99119
iniset $SAVANNA_CONF_FILE DEFAULT os_admin_tenant_name $SERVICE_TENANT_NAME
120+
121+
# Set actual keystone auth configs
122+
iniset $SAVANNA_CONF_FILE keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/
123+
iniset $SAVANNA_CONF_FILE keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
124+
iniset $SAVANNA_CONF_FILE keystone_authtoken admin_user savanna
125+
iniset $SAVANNA_CONF_FILE keystone_authtoken admin_password $SERVICE_PASSWORD
126+
iniset $SAVANNA_CONF_FILE keystone_authtoken signing_dir $SAVANNA_AUTH_CACHE_DIR
127+
iniset $SAVANNA_CONF_FILE keystone_authtoken cafile $KEYSTONE_SSL_CA
128+
100129
iniset $SAVANNA_CONF_FILE DEFAULT debug $SAVANNA_DEBUG
101130

102131
iniset $SAVANNA_CONF_FILE database connection `database_connection_url savanna`

0 commit comments

Comments
 (0)