diff options
-rw-r--r-- | etc/ironic/ironic.conf.sample | 4 | ||||
-rw-r--r-- | ironic/common/keystone.py | 13 | ||||
-rw-r--r-- | ironic/dhcp/neutron.py | 2 | ||||
-rw-r--r-- | ironic/tests/dhcp/test_neutron.py | 19 | ||||
-rw-r--r-- | ironic/tests/test_keystone.py | 29 |
5 files changed, 66 insertions, 1 deletions
diff --git a/etc/ironic/ironic.conf.sample b/etc/ironic/ironic.conf.sample index 6f2302524..11cca8c78 100644 --- a/etc/ironic/ironic.conf.sample +++ b/etc/ironic/ironic.conf.sample @@ -457,6 +457,10 @@ # to be searched. (multi valued) #policy_dirs=policy.d +[keystone] + +#The region used for getting endpoints of OpenStack services. +#region_name = [agent] diff --git a/ironic/common/keystone.py b/ironic/common/keystone.py index 64ea34202..47710c2a4 100644 --- a/ironic/common/keystone.py +++ b/ironic/common/keystone.py @@ -23,6 +23,14 @@ from ironic.common.i18n import _ CONF = cfg.CONF +keystone_opts = [ + cfg.StrOpt('region_name', + help='The region used for getting endpoints of OpenStack' + 'services.'), +] + +CONF.register_opts(keystone_opts, group='keystone') + def _is_apiv3(auth_url, auth_version): """Checks if V3 version of API is being used or not. @@ -59,6 +67,7 @@ def _get_ksclient(token=None): return client.Client(username=CONF.keystone_authtoken.admin_user, password=CONF.keystone_authtoken.admin_password, tenant_name=CONF.keystone_authtoken.admin_tenant_name, + region_name=CONF.keystone.region_name, auth_url=auth_url) except ksexception.Unauthorized: raise exception.KeystoneUnauthorized() @@ -103,7 +112,9 @@ def get_service_url(service_type='baremetal', endpoint_type='internal'): try: endpoint = ksclient.service_catalog.url_for(service_type=service_type, - endpoint_type=endpoint_type) + endpoint_type=endpoint_type, + region_name=CONF.keystone.region_name) + except ksexception.EndpointNotFound: raise exception.CatalogNotFound(service_type=service_type, endpoint_type=endpoint_type) diff --git a/ironic/dhcp/neutron.py b/ironic/dhcp/neutron.py index 9c78966ce..e0b443c1e 100644 --- a/ironic/dhcp/neutron.py +++ b/ironic/dhcp/neutron.py @@ -81,6 +81,8 @@ def _build_client(token=None): params['tenant_name'] = CONF.keystone_authtoken.admin_tenant_name params['password'] = CONF.keystone_authtoken.admin_password params['auth_url'] = (CONF.keystone_authtoken.auth_uri or '') + if CONF.keystone.region_name: + params['region_name'] = CONF.keystone.region_name else: params['token'] = token params['endpoint_url'] = CONF.neutron.url diff --git a/ironic/tests/dhcp/test_neutron.py b/ironic/tests/dhcp/test_neutron.py index 29e82c3c0..c9c5fb570 100644 --- a/ironic/tests/dhcp/test_neutron.py +++ b/ironic/tests/dhcp/test_neutron.py @@ -90,6 +90,25 @@ class TestNeutron(db_base.DbTestCase): mock_client_init.assert_called_once_with(**expected) @mock.patch.object(client.Client, "__init__") + def test__build_client_with_region(self, mock_client_init): + expected = {'timeout': 30, + 'retries': 2, + 'insecure': False, + 'ca_cert': 'test-file', + 'endpoint_url': 'test-url', + 'username': 'test-admin-user', + 'tenant_name': 'test-admin-tenant', + 'password': 'test-admin-password', + 'auth_url': 'test-auth-uri', + 'region_name': 'test-region'} + + self.config(region_name='test-region', + group='keystone') + mock_client_init.return_value = None + neutron._build_client(token=None) + mock_client_init.assert_called_once_with(**expected) + + @mock.patch.object(client.Client, "__init__") def test__build_client_noauth(self, mock_client_init): self.config(auth_strategy='noauth', group='neutron') expected = {'ca_cert': 'test-file', diff --git a/ironic/tests/test_keystone.py b/ironic/tests/test_keystone.py index 7ee1f8f03..b41a52f1b 100644 --- a/ironic/tests/test_keystone.py +++ b/ironic/tests/test_keystone.py @@ -41,6 +41,7 @@ class KeystoneTestCase(base.TestCase): auth_uri='http://127.0.0.1:9898/', admin_user='fake', admin_password='fake', admin_tenant_name='fake') + self.config(group='keystone', region_name='fake') def test_failure_authorization(self): self.assertRaises(exception.KeystoneFailure, keystone.get_service_url) @@ -87,6 +88,7 @@ class KeystoneTestCase(base.TestCase): keystone.get_service_url() mock_ks.assert_called_once_with(username='fake', password='fake', tenant_name='fake', + region_name='fake', auth_url=expected_url) @mock.patch('keystoneclient.v3.client.Client') @@ -98,6 +100,7 @@ class KeystoneTestCase(base.TestCase): keystone.get_service_url() mock_ks.assert_called_once_with(username='fake', password='fake', tenant_name='fake', + region_name='fake', auth_url=expected_url) @mock.patch('keystoneclient.v2_0.client.Client') @@ -109,6 +112,7 @@ class KeystoneTestCase(base.TestCase): keystone.get_service_url() mock_ks.assert_called_once_with(username='fake', password='fake', tenant_name='fake', + region_name='fake', auth_url=expected_url) @mock.patch('keystoneclient.v2_0.client.Client') @@ -117,3 +121,28 @@ class KeystoneTestCase(base.TestCase): fake_client.auth_token = '123456' mock_ks.return_value = fake_client self.assertEqual('123456', keystone.get_admin_auth_token()) + + @mock.patch('keystoneclient.v2_0.client.Client') + def test_get_region_name_v2(self, mock_ks): + mock_ks.return_value = FakeClient() + self.config(group='keystone', region_name='fake_region') + expected_url = 'http://127.0.0.1:9898/v2.0' + expected_region = 'fake_region' + keystone.get_service_url() + mock_ks.assert_called_once_with(username='fake', password='fake', + tenant_name='fake', + region_name=expected_region, + auth_url=expected_url) + + @mock.patch('keystoneclient.v3.client.Client') + def test_get_region_name_v3(self, mock_ks): + mock_ks.return_value = FakeClient() + self.config(group='keystone', region_name='fake_region') + self.config(group='keystone_authtoken', auth_version='v3.0') + expected_url = 'http://127.0.0.1:9898/v3' + expected_region = 'fake_region' + keystone.get_service_url() + mock_ks.assert_called_once_with(username='fake', password='fake', + tenant_name='fake', + region_name=expected_region, + auth_url=expected_url) |