Add nova_api_insecure flag to neutron

Neutron did not have any way to allow SSL validation problems in the novaclient similar to the way nova has the neutron_api_insecure flag. This change adds the nova_api_insecure flag to the neutron config and also passes it in the novaclient instantiation. Change-Id: Ifed581df253c01fab9dc1f22c8187876271b378e Closes-Bug: #1306822
2014-04-12 10:18:18 -05:00 · 2014-04-12 10:18:18 -05:00 · 52724eacbe
commit 52724eacbe
parent 61f158cce2
3 changed files with 6 additions and 0 deletions
--- a/etc/neutron.conf
+++ b/etc/neutron.conf
@ -320,6 +320,9 @@ notification_driver = neutron.openstack.common.notifier.rpc_notifier
 # Authorization URL for connection to nova in admin context.
 # nova_admin_auth_url =

+# Boolean to control ignoring SSL errors on the nova url
+# nova_api_insecure = False
+
 # Number of seconds between sending events to nova if there are any events to send
 # send_events_interval = 2

--- a/neutron/common/config.py
+++ b/neutron/common/config.py
@ -100,6 +100,8 @@ core_opts = [
               default='http://localhost:5000/v2.0',
               help=_('Authorization URL for connecting to nova in admin '
                      'context')),
+    cfg.BoolOpt('nova_api_insecure', default=False,
+                help=_("If True, ignore any SSL validation issues")),
    cfg.StrOpt('nova_region_name',
               help=_('Name of nova region to use. Useful if keystone manages'
                      ' more than one region.')),
--- a/neutron/notifiers/nova.py
+++ b/neutron/notifiers/nova.py
@ -48,6 +48,7 @@ class Notifier(object):
            project_id=None,
            tenant_id=cfg.CONF.nova_admin_tenant_id,
            auth_url=cfg.CONF.nova_admin_auth_url,
+            insecure=cfg.CONF.nova_api_insecure,
            bypass_url=bypass_url,
            region_name=cfg.CONF.nova_region_name,
            extensions=[server_external_events])