From 51f9a8f27f2b19a39797eb0295babd4e1214046b Mon Sep 17 00:00:00 2001 From: Tony Mack Date: Thu, 8 Jan 2015 21:10:55 -0500 Subject: [PATCH] initialize glance client with ca_ssl_cert --- planetstack/openstack/client.py | 16 ++++++++++------ planetstack/openstack/driver.py | 4 ++-- planetstack/plstackapi_config | 1 + 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/planetstack/openstack/client.py b/planetstack/openstack/client.py index 72c5cb4..0aa6c7d 100644 --- a/planetstack/openstack/client.py +++ b/planetstack/openstack/client.py @@ -84,7 +84,7 @@ class KeystoneClient(Client): return getattr(self.client, name) -class GlanceClient(Client): +class Glance(Client): def __init__(self, *args, **kwds): Client.__init__(self, *args, **kwds) if has_openstack: @@ -97,11 +97,15 @@ class GlanceClient(Client): def __getattr__(self, name): return getattr(self.client, name) -class GlanceClientNew(Client): - def __init__(self, version, endpoint, token, *args, **kwds): +class GlanceClient(Client): + def __init__(self, version, endpoint, token, cacert=None, *args, **kwds): Client.__init__(self, *args, **kwds) if has_openstack: - self.client = glanceclient.Client(version, endpoint=endpoint, token=token) + self.client = glanceclient.Client(version, + endpoint=endpoint, + token=token, + cacert=cacert + ) @require_enabled def __getattr__(self, name): @@ -174,9 +178,9 @@ class OpenStackClient: url_parsed = urlparse.urlparse(self.keystone.url) hostname = url_parsed.netloc.split(':')[0] token = self.keystone.client.tokens.authenticate(username=self.keystone.username, password=self.keystone.password, tenant_name=self.keystone.tenant) - #self.glance = GlanceClient(*args, **kwds) + glance_endpoint = self.keystone.service_catalog.url_for(service_type='image', endpoint_type='publicURL') - self.glanceclient = GlanceClientNew('1', endpoint='https://%s:9292' % hostname, token=token.id, **kwds) + self.glanceclient = GlanceClient('1', endpoint=glance_endpoint, token=token.id, **kwds) self.nova = NovaClient(*args, **kwds) # self.nova_db = NovaDB(*args, **kwds) self.quantum = QuantumClient(*args, **kwds) diff --git a/planetstack/openstack/driver.py b/planetstack/openstack/driver.py index 53b8e3f..2edf10e 100644 --- a/planetstack/openstack/driver.py +++ b/planetstack/openstack/driver.py @@ -32,7 +32,7 @@ class OpenStackDriver: auth = {'username': caller.email, 'password': hashlib.md5(caller.password).hexdigest()[:6], 'tenant': tenant} - client = OpenStackClient(controller=controller, **auth) + client = OpenStackClient(controller=controller, cacert=self.config.nova_ca_ssl_cert, **auth) else: admin_driver = self.admin_driver(tenant=tenant, controller=controller) client = OpenStackClient(tenant=tenant, controller=admin_driver.controller) @@ -45,7 +45,7 @@ class OpenStackDriver: def admin_driver(self, tenant=None, controller=None): if isinstance(controller, int): controller = Controller.objects.get(id=controller.id) - client = OpenStackClient(tenant=tenant, controller=controller) + client = OpenStackClient(tenant=tenant, controller=controller, cacert=self.config.nova_ca_ssl_cert) driver = OpenStackDriver(client=client) driver.admin_user = client.keystone.users.find(name=controller.admin_user) driver.controller = controller diff --git a/planetstack/plstackapi_config b/planetstack/plstackapi_config index a61e7ed..fb846b3 100644 --- a/planetstack/plstackapi_config +++ b/planetstack/plstackapi_config @@ -29,6 +29,7 @@ url=http://localhost:5000/v2.0/ default_image=None default_flavor=m1.small default_security_group=default +ca_ssl_cert=/etc/ssl/certs/ca-certificates.crt [observer] images_directory=/opt/planetstack/images -- 2.43.0