commit de2057290a368e339cb66a8a61d483c90f964089
author Sergey Lukjanov <slukjanov@mirantis.com> Wed Feb 19 14:00:42 2014 +0400
committer Sergey Lukjanov <slukjanov@mirantis.com> Thu Feb 20 01:56:17 2014 +0400
tree 2d5abed27eed8ac6b30ee02d8be1a647af14194d
parent 2dcc77422348e55b6f7028679647cfbdf872f6a2

Improve savanna keystone auth configuration

We're doing to use common keystone configuration approach - section
keystone_authtoken with config opts from the python-keystoneclient
auth_token middleware.

Change-Id: Ibbe0c76ee3b00045f5cb5134bd7661e9cef6ccdd

lib/savanna

diff --git a/lib/savanna b/lib/savanna
index 43c5e38..954f0e7 100644
--- a/lib/savanna
+++ b/lib/savanna
@@ -10,6 +10,7 @@
 # configure_savanna
 # start_savanna
 # stop_savanna
+# cleanup_savanna
 
 # Save trace setting
 XTRACE=$(set +o | grep xtrace)
@@ -33,6 +34,8 @@
 SAVANNA_SERVICE_PORT=${SAVANNA_SERVICE_PORT:-8386}
 SAVANNA_SERVICE_PROTOCOL=${SAVANNA_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
 
+SAVANNA_AUTH_CACHE_DIR=${SAVANNA_AUTH_CACHE_DIR:-/var/cache/savanna}
+
 # Support entry points installation of console scripts
 if [[ -d $SAVANNA_DIR/bin ]]; then
     SAVANNA_BIN_DIR=$SAVANNA_DIR/bin
@@ -83,6 +86,14 @@
     fi
 }
 
+# cleanup_savanna() - Remove residual data files, anything left over from
+# previous runs that would need to clean up.
+function cleanup_savanna() {
+
+    # Cleanup auth cache dir
+    sudo rm -rf $SAVANNA_AUTH_CACHE_DIR
+}
+
 # configure_savanna() - Set config files, create data dirs, etc
 function configure_savanna() {
 
@@ -94,9 +105,27 @@
     # Copy over savanna configuration file and configure common parameters.
     cp $SAVANNA_DIR/etc/savanna/savanna.conf.sample $SAVANNA_CONF_FILE
 
+    # Create auth cache dir
+    sudo mkdir -p $SAVANNA_AUTH_CACHE_DIR
+    sudo chown $STACK_USER $SAVANNA_AUTH_CACHE_DIR
+    rm -rf $SAVANNA_AUTH_CACHE_DIR/*
+
+    # Set obsolete keystone auth configs for backward compatibility
+    iniset $SAVANNA_CONF_FILE DEFAULT os_auth_host $KEYSTONE_SERVICE_HOST
+    iniset $SAVANNA_CONF_FILE DEFAULT os_auth_port $KEYSTONE_SERVICE_PORT
+    iniset $SAVANNA_CONF_FILE DEFAULT os_auth_protocol $KEYSTONE_SERVICE_PROTOCOL
     iniset $SAVANNA_CONF_FILE DEFAULT os_admin_password $SERVICE_PASSWORD
     iniset $SAVANNA_CONF_FILE DEFAULT os_admin_username savanna
     iniset $SAVANNA_CONF_FILE DEFAULT os_admin_tenant_name $SERVICE_TENANT_NAME
+
+    # Set actual keystone auth configs
+    iniset $SAVANNA_CONF_FILE keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/
+    iniset $SAVANNA_CONF_FILE keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
+    iniset $SAVANNA_CONF_FILE keystone_authtoken admin_user savanna
+    iniset $SAVANNA_CONF_FILE keystone_authtoken admin_password $SERVICE_PASSWORD
+    iniset $SAVANNA_CONF_FILE keystone_authtoken signing_dir $SAVANNA_AUTH_CACHE_DIR
+    iniset $SAVANNA_CONF_FILE keystone_authtoken cafile $KEYSTONE_SSL_CA
+
     iniset $SAVANNA_CONF_FILE DEFAULT debug $SAVANNA_DEBUG
 
     iniset $SAVANNA_CONF_FILE database connection `database_connection_url savanna`