Merge pull request #285 from rhafer/multidomain

Allow to enable domain specific drivers
crowbar · Jul 23, 2015 · c942233 · c942233
2 parents dc20819 + 036b411
commit c942233
Show file tree

Hide file tree

Showing 7 changed files with 35 additions and 0 deletions.
diff --git a/chef/cookbooks/keystone/attributes/default.rb b/chef/cookbooks/keystone/attributes/default.rb
@@ -27,6 +27,8 @@
 default[:keystone][:debug] = false
 default[:keystone][:frontend] = 'apache'
 default[:keystone][:verbose] = false
+default[:keystone][:domain_specific_drivers] = false
+default[:keystone][:domain_config_dir] = "/etc/keystone/domains"
 
 default[:keystone][:policy_file] = "policy.json"
 

diff --git a/chef/cookbooks/keystone/recipes/server.rb b/chef/cookbooks/keystone/recipes/server.rb
@@ -277,6 +277,14 @@
   end
 end
 
+directory node[:keystone][:domain_config_dir] do
+  action :create
+  owner "root"
+  group node[:keystone][:group]
+  mode 0750
+  only_if { node[:keystone][:domain_specific_drivers] }
+end
+
 crowbar_pacemaker_sync_mark "wait-keystone_db_sync"
 
 execute "keystone-manage db_sync" do

diff --git a/chef/cookbooks/keystone/templates/default/keystone.conf.erb b/chef/cookbooks/keystone/templates/default/keystone.conf.erb
@@ -780,11 +780,15 @@ driver=keystone.contrib.ec2.backends.sql.Ec2
 # configuration file. This feature is disabled by default; set
 # to true to enable. (boolean value)
 #domain_specific_drivers_enabled=false
+domain_specific_drivers_enabled = <%= node[:keystone][:domain_specific_drivers] ? "True" : "False" %>
 
 # Path for Keystone to locate the domain specific identity
 # configuration files if domain_specific_drivers_enabled is
 # set to true. (string value)
 #domain_config_dir=/etc/keystone/domains
+<% if node[:keystone][:domain_specific_drivers] %>
+domain_config_dir = <%= node[:keystone][:domain_config_dir] %>
+<% end %>
 
 # Keystone Identity backend driver. (string value)
 driver = <%= node[:keystone][:identity][:driver] %>

diff --git a/chef/data_bags/crowbar/bc-template-keystone.json b/chef/data_bags/crowbar/bc-template-keystone.json
@@ -10,6 +10,8 @@
       "policy_file": "policy.json",
       "database_instance": "none",
       "rabbitmq_instance": "none",
+      "domain_specific_drivers": false,
+      "domain_config_dir": "/etc/keystone/domains",
       "db": {
         "database": "keystone",
         "user": "keystone"

diff --git a/chef/data_bags/crowbar/bc-template-keystone.schema b/chef/data_bags/crowbar/bc-template-keystone.schema
@@ -14,6 +14,8 @@
                     "policy_file": { "type": "str", "required": true },
                     "database_instance": { "type": "str", "required": true },
                     "rabbitmq_instance": { "type": "str", "required": true },
+                    "domain_specific_drivers": { "type": "bool", "required": true },
+                    "domain_config_dir": { "type": "str", "required": true },
                     "db": { "type": "map", "required": true, "mapping": {
                       "database": { "type" : "str", "required" : true },
                       "user": { "type" : "str", "required" : true },

diff --git a/chef/data_bags/crowbar/migrate/keystone/032_add_domain_specific_drivers.rb b/chef/data_bags/crowbar/migrate/keystone/032_add_domain_specific_drivers.rb
@@ -0,0 +1,11 @@
+def upgrade ta, td, a, d
+  a['domain_specific_drivers'] = ta['domain_specific_drivers']
+  a['domain_config_dir'] = ta['domain_config_dir']
+  return a, d
+end
+
+def downgrade ta, td, a, d
+  a.delete('domain_specific_drivers')
+  a.delete('domain_config_dir')
+  return a, d
+end
diff --git a/crowbar_framework/app/models/keystone_service.rb b/crowbar_framework/app/models/keystone_service.rb
@@ -79,6 +79,12 @@ def validate_proposal_after_save proposal
       validation_error("API version #{proposal[:attributes][@bc_name][:api][:version]} not recognized.")
     end
 
+    # Using domains requires API Version 3 or newer
+    if proposal["attributes"][@bc_name]["domain_specific_drivers"] &&
+        proposal["attributes"][@bc_name]["api"]["version"].to_f < 3.0
+      validation_error("API version 3 or newer is required when enabling domain specific drivers.")
+    end
+
     super
   end