Allow qpid to be selected as AMQP provider on precise
Fixes bug 1137667 Previously the auth/sasl config for qpidd was broken, and the openstack services using RPC were not properly configured. Now we ensure that: - the admin qpid_username/password are configured for all services (as the qpidd ACL config denies all access to non-admin users) - the PLAIN sasl mechanism is configured for qpidd (otherwise the qpid_password is not propogated) - the qpidd process has read permission on the sasl DB (otherwise thw admin user/apss cannot be verified even if set) Change-Id: Id6bd675841884451b78f257afe786f494a03c0f7
This commit is contained in:
parent
c9bda20963
commit
8c11f5612b
@ -64,13 +64,7 @@ function configure_ceilometer() {
|
|||||||
[ ! -d $CEILOMETER_API_LOG_DIR ] && sudo mkdir -m 755 -p $CEILOMETER_API_LOG_DIR
|
[ ! -d $CEILOMETER_API_LOG_DIR ] && sudo mkdir -m 755 -p $CEILOMETER_API_LOG_DIR
|
||||||
sudo chown $USER $CEILOMETER_API_LOG_DIR
|
sudo chown $USER $CEILOMETER_API_LOG_DIR
|
||||||
|
|
||||||
if is_service_enabled rabbit ; then
|
iniset_rpc_backend ceilometer $CEILOMETER_CONF DEFAULT
|
||||||
iniset $CEILOMETER_CONF DEFAULT rpc_backend 'ceilometer.openstack.common.rpc.impl_kombu'
|
|
||||||
iniset $CEILOMETER_CONF DEFAULT rabbit_host $RABBIT_HOST
|
|
||||||
iniset $CEILOMETER_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
|
|
||||||
elif is_service_enabled qpid ; then
|
|
||||||
iniset $CEILOMETER_CONF DEFAULT rpc_backend 'ceilometer.openstack.common.rpc.impl_qpid'
|
|
||||||
fi
|
|
||||||
|
|
||||||
iniset $CEILOMETER_CONF DEFAULT notification_topics 'notifications,glance_notifications'
|
iniset $CEILOMETER_CONF DEFAULT notification_topics 'notifications,glance_notifications'
|
||||||
iniset $CEILOMETER_CONF DEFAULT verbose True
|
iniset $CEILOMETER_CONF DEFAULT verbose True
|
||||||
|
@ -114,9 +114,8 @@ function configure_glance() {
|
|||||||
iniset $GLANCE_API_CONF DEFAULT notifier_strategy qpid
|
iniset $GLANCE_API_CONF DEFAULT notifier_strategy qpid
|
||||||
elif [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; then
|
elif [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; then
|
||||||
iniset $GLANCE_API_CONF DEFAULT notifier_strategy rabbit
|
iniset $GLANCE_API_CONF DEFAULT notifier_strategy rabbit
|
||||||
iniset $GLANCE_API_CONF DEFAULT rabbit_host $RABBIT_HOST
|
|
||||||
iniset $GLANCE_API_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
|
|
||||||
fi
|
fi
|
||||||
|
iniset_rpc_backend glance $GLANCE_API_CONF DEFAULT
|
||||||
iniset $GLANCE_API_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/api
|
iniset $GLANCE_API_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/api
|
||||||
|
|
||||||
cp -p $GLANCE_DIR/etc/glance-registry-paste.ini $GLANCE_REGISTRY_PASTE_INI
|
cp -p $GLANCE_DIR/etc/glance-registry-paste.ini $GLANCE_REGISTRY_PASTE_INI
|
||||||
|
@ -58,6 +58,8 @@ function install_rpc_backend() {
|
|||||||
install_package qpid-cpp-server-daemon
|
install_package qpid-cpp-server-daemon
|
||||||
elif is_ubuntu; then
|
elif is_ubuntu; then
|
||||||
install_package qpidd
|
install_package qpidd
|
||||||
|
sudo sed -i '/PLAIN/!s/mech_list: /mech_list: PLAIN /' /etc/sasl2/qpidd.conf
|
||||||
|
sudo chmod o+r /etc/qpid/qpidd.sasldb
|
||||||
else
|
else
|
||||||
exit_distro_not_supported "qpid installation"
|
exit_distro_not_supported "qpid installation"
|
||||||
fi
|
fi
|
||||||
@ -100,6 +102,11 @@ function iniset_rpc_backend() {
|
|||||||
iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_zmq
|
iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_zmq
|
||||||
elif is_service_enabled qpid; then
|
elif is_service_enabled qpid; then
|
||||||
iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_qpid
|
iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_qpid
|
||||||
|
if is_ubuntu; then
|
||||||
|
QPID_PASSWORD=`sudo strings /etc/qpid/qpidd.sasldb | grep -B1 admin | head -1`
|
||||||
|
iniset $file $section qpid_password $QPID_PASSWORD
|
||||||
|
iniset $file $section qpid_username admin
|
||||||
|
fi
|
||||||
elif is_service_enabled rabbit || { [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; }; then
|
elif is_service_enabled rabbit || { [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; }; then
|
||||||
iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_kombu
|
iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_kombu
|
||||||
iniset $file $section rabbit_host $RABBIT_HOST
|
iniset $file $section rabbit_host $RABBIT_HOST
|
||||||
|
Loading…
Reference in New Issue
Block a user