Allow qpid to be selected as AMQP provider on precise

Fixes bug 1137667

Previously the auth/sasl config for qpidd was broken, and the
openstack services using RPC were not properly configured.

Now we ensure that:

- the admin qpid_username/password are configured for all services
  (as the qpidd ACL config denies all access to non-admin users)

- the PLAIN sasl mechanism is configured for qpidd (otherwise the
  qpid_password is not propogated)

- the qpidd process has read permission on the sasl DB (otherwise
  thw admin user/apss cannot be verified even if set)

Change-Id: Id6bd675841884451b78f257afe786f494a03c0f7
This commit is contained in:
Eoghan Glynn 2013-03-01 12:09:01 +00:00
parent c9bda20963
commit 8c11f5612b
3 changed files with 9 additions and 9 deletions

View File

@ -64,13 +64,7 @@ function configure_ceilometer() {
[ ! -d $CEILOMETER_API_LOG_DIR ] && sudo mkdir -m 755 -p $CEILOMETER_API_LOG_DIR [ ! -d $CEILOMETER_API_LOG_DIR ] && sudo mkdir -m 755 -p $CEILOMETER_API_LOG_DIR
sudo chown $USER $CEILOMETER_API_LOG_DIR sudo chown $USER $CEILOMETER_API_LOG_DIR
if is_service_enabled rabbit ; then iniset_rpc_backend ceilometer $CEILOMETER_CONF DEFAULT
iniset $CEILOMETER_CONF DEFAULT rpc_backend 'ceilometer.openstack.common.rpc.impl_kombu'
iniset $CEILOMETER_CONF DEFAULT rabbit_host $RABBIT_HOST
iniset $CEILOMETER_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
elif is_service_enabled qpid ; then
iniset $CEILOMETER_CONF DEFAULT rpc_backend 'ceilometer.openstack.common.rpc.impl_qpid'
fi
iniset $CEILOMETER_CONF DEFAULT notification_topics 'notifications,glance_notifications' iniset $CEILOMETER_CONF DEFAULT notification_topics 'notifications,glance_notifications'
iniset $CEILOMETER_CONF DEFAULT verbose True iniset $CEILOMETER_CONF DEFAULT verbose True

View File

@ -114,9 +114,8 @@ function configure_glance() {
iniset $GLANCE_API_CONF DEFAULT notifier_strategy qpid iniset $GLANCE_API_CONF DEFAULT notifier_strategy qpid
elif [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; then elif [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; then
iniset $GLANCE_API_CONF DEFAULT notifier_strategy rabbit iniset $GLANCE_API_CONF DEFAULT notifier_strategy rabbit
iniset $GLANCE_API_CONF DEFAULT rabbit_host $RABBIT_HOST
iniset $GLANCE_API_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
fi fi
iniset_rpc_backend glance $GLANCE_API_CONF DEFAULT
iniset $GLANCE_API_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/api iniset $GLANCE_API_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/api
cp -p $GLANCE_DIR/etc/glance-registry-paste.ini $GLANCE_REGISTRY_PASTE_INI cp -p $GLANCE_DIR/etc/glance-registry-paste.ini $GLANCE_REGISTRY_PASTE_INI

View File

@ -58,6 +58,8 @@ function install_rpc_backend() {
install_package qpid-cpp-server-daemon install_package qpid-cpp-server-daemon
elif is_ubuntu; then elif is_ubuntu; then
install_package qpidd install_package qpidd
sudo sed -i '/PLAIN/!s/mech_list: /mech_list: PLAIN /' /etc/sasl2/qpidd.conf
sudo chmod o+r /etc/qpid/qpidd.sasldb
else else
exit_distro_not_supported "qpid installation" exit_distro_not_supported "qpid installation"
fi fi
@ -100,6 +102,11 @@ function iniset_rpc_backend() {
iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_zmq iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_zmq
elif is_service_enabled qpid; then elif is_service_enabled qpid; then
iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_qpid iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_qpid
if is_ubuntu; then
QPID_PASSWORD=`sudo strings /etc/qpid/qpidd.sasldb | grep -B1 admin | head -1`
iniset $file $section qpid_password $QPID_PASSWORD
iniset $file $section qpid_username admin
fi
elif is_service_enabled rabbit || { [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; }; then elif is_service_enabled rabbit || { [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; }; then
iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_kombu iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_kombu
iniset $file $section rabbit_host $RABBIT_HOST iniset $file $section rabbit_host $RABBIT_HOST