From 09e636e435ed15302e3960affef0a450fa7accf6 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Mon, 19 Mar 2012 16:31:12 -0500 Subject: [PATCH] B) Use keystone config files from source; move to /etc/keystone * Put all config files in /etc/keystone * keystone.conf rewritten * logging.conf.sample rewritten to logging.conf * default_catalog.templates copied from devstack/files * iniset() now properly adds options that do not previously exist Fixed to re-configure the catalog templated backend; sql is the default in trunk now but DevStack needs a bit more work before it can use it. Change-Id: Ic7060ef897e47495cd08ca3786e49fdebadf6723 --- files/keystone.conf | 99 --------------------------------------------- functions | 23 +++++++---- stack.sh | 78 ++++++++++++++++++++++------------- tests/functions.sh | 24 +++++++++-- 4 files changed, 88 insertions(+), 136 deletions(-) delete mode 100644 files/keystone.conf diff --git a/files/keystone.conf b/files/keystone.conf deleted file mode 100644 index 1a924eddec..0000000000 --- a/files/keystone.conf +++ /dev/null @@ -1,99 +0,0 @@ -[DEFAULT] -bind_host = 0.0.0.0 -public_port = 5000 -admin_port = 35357 -admin_token = %SERVICE_TOKEN% -compute_port = 3000 -verbose = True -debug = True -# commented out so devstack logs to stdout -# log_file = %DEST%/keystone/keystone.log - -# ================= Syslog Options ============================ -# Send logs to syslog (/dev/log) instead of to file specified -# by `log-file` -use_syslog = False - -# Facility to use. If unset defaults to LOG_USER. -# syslog_log_facility = LOG_LOCAL0 - -[sql] -connection = %SQL_CONN% -idle_timeout = 30 -min_pool_size = 5 -max_pool_size = 10 -pool_timeout = 200 - -[identity] -driver = keystone.identity.backends.sql.Identity - -[catalog] -driver = keystone.catalog.backends.templated.TemplatedCatalog -template_file = %KEYSTONE_DIR%/etc/default_catalog.templates - -[token] -driver = keystone.token.backends.kvs.Token - -[policy] -driver = keystone.policy.backends.rules.Policy - -[ec2] -driver = keystone.contrib.ec2.backends.sql.Ec2 - -[filter:debug] -paste.filter_factory = keystone.common.wsgi:Debug.factory - -[filter:token_auth] -paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory - -[filter:admin_token_auth] -paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory - -[filter:xml_body] -paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory - -[filter:json_body] -paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory - -[filter:crud_extension] -paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory - -[filter:ec2_extension] -paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory - -[filter:s3_extension] -paste.filter_factory = keystone.contrib.s3:S3Extension.factory - -[app:public_service] -paste.app_factory = keystone.service:public_app_factory - -[app:admin_service] -paste.app_factory = keystone.service:admin_app_factory - -[pipeline:public_api] -pipeline = token_auth admin_token_auth xml_body json_body debug ec2_extension public_service - -[pipeline:admin_api] -pipeline = token_auth admin_token_auth xml_body json_body debug ec2_extension s3_extension crud_extension admin_service - -[app:public_version_service] -paste.app_factory = keystone.service:public_version_app_factory - -[app:admin_version_service] -paste.app_factory = keystone.service:admin_version_app_factory - -[pipeline:public_version_api] -pipeline = xml_body public_version_service - -[pipeline:admin_version_api] -pipeline = xml_body admin_version_service - -[composite:main] -use = egg:Paste#urlmap -/v2.0 = public_api -/ = public_version_api - -[composite:admin] -use = egg:Paste#urlmap -/v2.0 = admin_api -/ = admin_version_api diff --git a/functions b/functions index ecfda057ef..5114de1060 100644 --- a/functions +++ b/functions @@ -184,7 +184,7 @@ function git_clone { # Comment an option in an INI file -# optset config-file section option +# iniset config-file section option function inicomment() { local file=$1 local section=$2 @@ -194,7 +194,7 @@ function inicomment() { # Get an option from an INI file -# optget config-file section option +# iniget config-file section option function iniget() { local file=$1 local section=$2 @@ -206,16 +206,25 @@ function iniget() { # Set an option in an INI file -# This is NOT a complete option setter, it assumes that the section and -# option already exist in the INI file. If the section does not exist, -# nothing happens. -# optset config-file section option value +# iniset config-file section option value function iniset() { local file=$1 local section=$2 local option=$3 local value=$4 - sed -i -e "/^\[$section\]/,/^\[.*\]/ s|^\($option[ \t]*=[ \t]*\).*$|\1$value|" $file + if ! grep -q "^\[$section\]" $file; then + # Add section at the end + echo -e "\n[$section]" >>$file + fi + if [[ -z "$(iniget $file $section $option)" ]]; then + # Add it + sed -i -e "/^\[$section\]/ a\\ +$option = $value +" $file + else + # Replace it + sed -i -e "/^\[$section\]/,/^\[.*\]/ s|^\($option[ \t]*=[ \t]*\).*$|\1$value|" $file + fi } diff --git a/stack.sh b/stack.sh index c82c296913..de4e926bf0 100755 --- a/stack.sh +++ b/stack.sh @@ -1514,16 +1514,42 @@ if is_service_enabled key; then mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'DROP DATABASE IF EXISTS keystone;' mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'CREATE DATABASE keystone CHARACTER SET utf8;' - # Configure keystone.conf - KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf - cp $FILES/keystone.conf $KEYSTONE_CONF - sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/keystone?charset=utf8,g" -i $KEYSTONE_CONF - sudo sed -e "s,%DEST%,$DEST,g" -i $KEYSTONE_CONF - sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $KEYSTONE_CONF - sudo sed -e "s,%KEYSTONE_DIR%,$KEYSTONE_DIR,g" -i $KEYSTONE_CONF + KEYSTONE_CONF_DIR=${KEYSTONE_CONF_DIR:-/etc/keystone} + KEYSTONE_CONF=$KEYSTONE_CONF_DIR/keystone.conf + KEYSTONE_CATALOG=$KEYSTONE_CONF_DIR/default_catalog.templates - KEYSTONE_CATALOG=$KEYSTONE_DIR/etc/default_catalog.templates - cp $FILES/default_catalog.templates $KEYSTONE_CATALOG + if [[ ! -d $KEYSTONE_CONF_DIR ]]; then + sudo mkdir -p $KEYSTONE_CONF_DIR + sudo chown `whoami` $KEYSTONE_CONF_DIR + fi + + if [[ "$KEYSTONE_CONF_DIR" != "$KEYSTONE_DIR/etc" ]]; then + # FIXME(dtroyer): etc/keystone.conf causes trouble if the config files + # are located anywhere else (say, /etc/keystone). + # LP 966670 fixes this in keystone, we fix it + # here until the bug fix is committed. + if [[ -r $KEYSTONE_DIR/etc/keystone.conf ]]; then + # Get the sample config file out of the way + mv $KEYSTONE_DIR/etc/keystone.conf $KEYSTONE_DIR/etc/keystone.conf.sample + fi + cp -p $KEYSTONE_DIR/etc/keystone.conf.sample $KEYSTONE_CONF + cp -p $KEYSTONE_DIR/etc/policy.json $KEYSTONE_CONF_DIR + fi + cp -p $FILES/default_catalog.templates $KEYSTONE_CATALOG + + # Rewrite stock keystone.conf: + iniset $KEYSTONE_CONF DEFAULT admin_token "$SERVICE_TOKEN" + iniset $KEYSTONE_CONF sql connection "$BASE_SQL_CONN/keystone?charset=utf8" + iniset $KEYSTONE_CONF catalog template_file "$KEYSTONE_CATALOG" + iniset $KEYSTONE_CONF ec2 driver "keystone.contrib.ec2.backends.sql.Ec2" + # Configure keystone.conf to use templates + iniset $KEYSTONE_CONF catalog driver "keystone.catalog.backends.templated.TemplatedCatalog" + iniset $KEYSTONE_CONF catalog template_file "$KEYSTONE_CATALOG" + sed -e " + /^pipeline.*ec2_extension crud_/s|ec2_extension crud_extension|ec2_extension s3_extension crud_extension|; + " -i $KEYSTONE_CONF + # Append the S3 bits + iniset $KEYSTONE_CONF filter:s3_extension paste.filter_factory "keystone.contrib.s3:S3Extension.factory" # Add swift endpoints to service catalog if swift is enabled if is_service_enabled swift; then @@ -1541,34 +1567,32 @@ if is_service_enabled key; then echo "catalog.RegionOne.network.name = Quantum Service" >> $KEYSTONE_CATALOG fi - sudo sed -e "s,%SERVICE_HOST%,$SERVICE_HOST,g" -i $KEYSTONE_CATALOG - - sudo sed -e "s,%S3_SERVICE_PORT%,$S3_SERVICE_PORT,g" -i $KEYSTONE_CATALOG + sudo sed -e " + s,%SERVICE_HOST%,$SERVICE_HOST,g; + s,%S3_SERVICE_PORT%,$S3_SERVICE_PORT,g; + " -i $KEYSTONE_CATALOG + # Set up logging + LOGGING_ROOT="devel" if [ "$SYSLOG" != "False" ]; then - cp $KEYSTONE_DIR/etc/logging.conf.sample $KEYSTONE_DIR/etc/logging.conf - sed -i -e '/^handlers=devel$/s/=devel/=production/' \ - $KEYSTONE_DIR/etc/logging.conf - sed -i -e "/^log_file/s/log_file/\#log_file/" \ - $KEYSTONE_DIR/etc/keystone.conf - KEYSTONE_LOG_CONFIG="--log-config $KEYSTONE_DIR/etc/logging.conf" + LOGGING_ROOT="$LOGGING_ROOT,production" fi -fi + KEYSTONE_LOG_CONFIG="--log-config $KEYSTONE_CONF_DIR/logging.conf" + cp $KEYSTONE_DIR/etc/logging.conf.sample $KEYSTONE_CONF_DIR/logging.conf + iniset $KEYSTONE_CONF_DIR/logging.conf logger_root level "DEBUG" + iniset $KEYSTONE_CONF_DIR/logging.conf logger_root handlers "devel,production" -# launch the keystone and wait for it to answer before continuing -if is_service_enabled key; then + # initialize keystone database + $KEYSTONE_DIR/bin/keystone-manage db_sync + + # launch keystone and wait for it to answer before continuing screen_it key "cd $KEYSTONE_DIR && $KEYSTONE_DIR/bin/keystone-all --config-file $KEYSTONE_CONF $KEYSTONE_LOG_CONFIG -d --debug" echo "Waiting for keystone to start..." - if ! timeout $SERVICE_TIMEOUT sh -c "while ! http_proxy= wget -q -O- $KEYSTONE_AUTH_PROTOCOL://$SERVICE_HOST:$KEYSTONE_API_PORT/v2.0/; do sleep 1; done"; then + if ! timeout $SERVICE_TIMEOUT sh -c "while http_proxy= wget -O- $KEYSTONE_AUTH_PROTOCOL://$SERVICE_HOST:$KEYSTONE_API_PORT/v2.0/ 2>&1 | grep -q 'refused'; do sleep 1; done"; then echo "keystone did not start" exit 1 fi - # initialize keystone with default users/endpoints - pushd $KEYSTONE_DIR - $KEYSTONE_DIR/bin/keystone-manage db_sync - popd - # keystone_data.sh creates services, admin and demo users, and roles. SERVICE_ENDPOINT=$KEYSTONE_AUTH_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v2.0 ADMIN_PASSWORD=$ADMIN_PASSWORD SERVICE_TENANT_NAME=$SERVICE_TENANT_NAME SERVICE_PASSWORD=$SERVICE_PASSWORD SERVICE_TOKEN=$SERVICE_TOKEN SERVICE_ENDPOINT=$SERVICE_ENDPOINT DEVSTACK_DIR=$TOP_DIR ENABLED_SERVICES=$ENABLED_SERVICES \ diff --git a/tests/functions.sh b/tests/functions.sh index 931cde810b..e7fbe0c559 100755 --- a/tests/functions.sh +++ b/tests/functions.sh @@ -98,7 +98,7 @@ fi VAL=$(iniget test.ini zzz handlers) if [[ -z "$VAL" ]]; then - echo "OK" + echo "OK: zzz not present" else echo "iniget failed: $VAL" fi @@ -106,13 +106,31 @@ fi iniset test.ini zzz handlers "999" VAL=$(iniget test.ini zzz handlers) -if [[ -z "$VAL" ]]; then - echo "OK" +if [[ -n "$VAL" ]]; then + echo "OK: zzz not present" else echo "iniget failed: $VAL" fi +# Test option not exist + +VAL=$(iniget test.ini aaa debug) +if [[ -z "$VAL" ]]; then + echo "OK aaa.debug not present" +else + echo "iniget failed: $VAL" +fi + +iniset test.ini aaa debug "999" + +VAL=$(iniget test.ini aaa debug) +if [[ -n "$VAL" ]]; then + echo "OK aaa.debug present" +else + echo "iniget failed: $VAL" +fi + # Test comments inicomment test.ini aaa handlers