Juju Charms Collection
openstack-dashboard package

Merge lp:~gandelman-a/charms/precise/openstack-dashboard/request_role into lp:~charmers/charms/precise/openstack-dashboard/trunk

  1. Precise Pangolin (12.04)
  2. request_role
  3. Merge into trunk
Proposed by Adam Gandelman
Status: Merged
Merged at revision: 17
Proposed branch: lp:~gandelman-a/charms/precise/openstack-dashboard/request_role
Merge into: lp:~charmers/charms/precise/openstack-dashboard/trunk
Diff against target: 55 lines (+22/-3)
3 files modified
config.yaml (+6/-0)
hooks/horizon-relations (+15/-2)
revision (+1/-1)
To merge this branch: bzr merge lp:~gandelman-a/charms/precise/openstack-dashboard/request_role
Reviewer Review Type Date Requested Status
charmers Pending
Review via email: mp+143009@code.launchpad.net

Description of the change

The Keystone charm allows remote services to request roles to be created via the identity-service relation. This change adds a new config parameter that ends up in local_settings.py as OPENSTACK_KEYSTONE_DEFAULT_ROLE and is passed along to keystone for creation. This is role is required to exist for some operations in Keystone to function and avoids errors like those described in bug #1064433.

This depends on the following merge for role creation to actually happen on the Keystone side:

https://code.launchpad.net/~gandelman-a/charms/precise/keystone/grizzly/+merge/142429

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'config.yaml'
2--- config.yaml 2012-10-12 17:30:30 +0000
3+++ config.yaml 2013-01-12 00:39:28 +0000
4@@ -20,3 +20,9 @@
5 description: |
6 Directory where application will be accessible, relative to
7 http://$hostname/.
8+ default-role:
9+ default: "Member"
10+ type: string
11+ description: |
12+ Default role for Horizon operations that will be created in
13+ Keystone upon introduction of an identity-service relation.
14
15=== modified file 'hooks/horizon-relations'
16--- hooks/horizon-relations 2012-11-20 12:52:41 +0000
17+++ hooks/horizon-relations 2013-01-12 00:39:28 +0000
18@@ -35,8 +35,12 @@
19 # service=None lets keystone know we don't need anything entered
20 # into the service catalog. we only really care about getting the
21 # private-address from the relation
22- relation-set service="None" region="None" public_url="None" \
23- admin_url="None" internal_url="None"
24+ local relid="$1"
25+ local rarg=""
26+ [[ -n "$relid" ]] && rarg="-r $relid"
27+ relation-set $rarg service="None" region="None" public_url="None" \
28+ admin_url="None" internal_url="None" \
29+ requested_roles="$(config-get default-role)"
30 }
31
32 function keystone_changed {
33@@ -68,6 +72,15 @@
34 >/etc/apache2/conf.d/openstack-dashboard.conf
35 set_or_update LOGIN_URL "$web_root/auth/login"
36 set_or_update LOGIN_REDIRECT_URL "$web_root"
37+
38+ # Set default role and trigger a identity-service relation event to
39+ # ensure role is created in keystone.
40+ set_or_update OPENSTACK_KEYSTONE_DEFAULT_ROLE "$(config-get default-role)"
41+ local relids="$(relation-ids identity-service)"
42+ for relid in $relids ; do
43+ keystone_joined "$relid"
44+ done
45+
46 service apache2 reload
47
48 }
49
50=== modified file 'revision'
51--- revision 2013-01-11 18:30:45 +0000
52+++ revision 2013-01-12 00:39:28 +0000
53@@ -1,1 +1,1 @@
54-20
55+22

Subscribers

People subscribed via source and target branches