ip netns exec haproxy /usr/lib/ocf/resource.d/fuel/ns_haproxy restart
fi
fi
+
+ np_conf=/etc/nova/policy.json
+ if [ -e $np_conf ]; then
+ entry="os_compute_api:servers:show:host_status"
+ new="rule:admin_or_owner"
+ np_backup="${np_conf}-doctor-saved"
+ if grep -q "${entry}.*${new}" $np_conf; then
+ echo "Not modifying nova policy"
+ elif grep -q "${entry}" $np_conf; then
+ echo "modify nova policy"
+ cp $np_conf $np_backup
+ oldline=$(grep "$entry" $np_conf)
+ newline=$(echo "$oldline" | sed "s/rule.*\"/$new\"/")
+ sed -i "s/$oldline/$newline/" $np_conf
+ service nova-api restart
+ else
+ echo "add nova policy"
+ cp $np_conf $np_backup
+ sed -i "/{/a \ \"${entry}\": \"$new\"" $np_conf
+ service nova-api restart
+ fi
+ else
+ # TODO(tojuvone) policy.json might not exists in Ocata.
+ echo "$np_conf does not exist!!!"
+ fi
' > installer_apply_patches_$node.log 2>&1
done
}
installer_get_ssh_keys
get_controller_ips
installer_apply_patches
+ #Might take a moment for nova-api to restart
+ sleep 20
if ! openstack flavor show $VM_FLAVOR ; then
openstack flavor create --ram 512 --disk 1 $VM_FLAVOR \
&& touch created_doctor_flavor
sed -ie "/# added by doctor script/d" $ep_conf
service ceilometer-agent-notification restart
fi
+
+ np_conf=/etc/nova/policy.json
+ entry="os_compute_api:servers:show:host_status"
+ if [ -e $np_conf ]; then
+ np_backup="${np_conf}-doctor-saved"
+ if [ -e $np_backup ]; then
+ cp -f $np_backup $np_conf
+ rm $np_backup
+ service nova-api restart
+ fi
+ fi
' >> installer_apply_patches_$node.log 2>&1
done
}
DOCTOR_USER=doctor
DOCTOR_PW=doctor
DOCTOR_PROJECT=doctor
-#TODO: change back to `_member_` when JIRA DOCTOR-55 is done
-DOCTOR_ROLE=admin
+DOCTOR_ROLE=_member_
PROFILER_TYPE=${PROFILER_TYPE:-none}
TOP_DIR=$(cd $(dirname "$0") && pwd)
# NOTE: ceilometer command still requires '--os-tenant-name'.
#ceilometer="ceilometer ${as_doctor_user/--os-project-name/--os-tenant-name}"
ceilometer="ceilometer $as_doctor_user"
+as_admin_user="--os-username admin --os-project-name $DOCTOR_PROJECT
+ --os-tenant-name $DOCTOR_PROJECT"
# Functions
get_compute_host_info() {
- # get computer host info which first VM boot in
- COMPUTE_HOST=$(openstack $as_doctor_user server show ${VM_BASENAME}1 |
+ # get computer host info which first VM boot in as admin user
+ COMPUTE_HOST=$(openstack $as_admin_user server show ${VM_BASENAME}1 |
grep "OS-EXT-SRV-ATTR:host" | awk '{ print $4 }')
compute_host_in_undercloud=${COMPUTE_HOST%%.*}
die_if_not_set $LINENO COMPUTE_HOST "Failed to get compute hostname"
create_test_user() {
openstack project list | grep -q " $DOCTOR_PROJECT " || {
- openstack project create "$DOCTOR_PROJECT"
+ openstack project create --description "Doctor Project" \
+ "$DOCTOR_PROJECT"
}
openstack user list | grep -q " $DOCTOR_USER " || {
openstack user create "$DOCTOR_USER" --password "$DOCTOR_PW" \
--project "$DOCTOR_PROJECT"
}
- openstack role show "$DOCTOR_ROLE" || {
+ openstack role show "$DOCTOR_ROLE" | grep -q " $DOCTOR_ROLE " || {
openstack role create "$DOCTOR_ROLE"
}
- openstack role add "$DOCTOR_ROLE" --user "$DOCTOR_USER" \
- --project "$DOCTOR_PROJECT"
+ openstack role assignment list --user "$DOCTOR_USER" \
+ --project "$DOCTOR_PROJECT" --names | grep -q " $DOCTOR_ROLE " || {
+ openstack role add "$DOCTOR_ROLE" --user "$DOCTOR_USER" \
+ --project "$DOCTOR_PROJECT"
+ }
+ openstack role assignment list --user admin --project "$DOCTOR_PROJECT" \
+ --names | grep -q " admin " || {
+ openstack role add admin --user admin --project "$DOCTOR_PROJECT"
+ }
# tojuvone: openstack quota show is broken and have to use nova
# https://bugs.launchpad.net/manila/+bug/1652118
# Note! while it is encouraged to use openstack client it has proven
fi
}
+remove_test_user() {
+ openstack project list | grep -q " $DOCTOR_PROJECT " && {
+ openstack role assignment list --user admin \
+ --project "$DOCTOR_PROJECT" --names | grep -q " admin " && {
+ openstack role remove admin --user admin --project "$DOCTOR_PROJECT"
+ }
+ openstack user list | grep -q " $DOCTOR_USER " && {
+ openstack role assignment list --user "$DOCTOR_USER" \
+ --project "$DOCTOR_PROJECT" --names | grep -q " $DOCTOR_ROLE " && {
+ openstack role remove "$DOCTOR_ROLE" --user "$DOCTOR_USER" \
+ --project "$DOCTOR_PROJECT"
+ }
+ openstack user delete "$DOCTOR_USER"
+ }
+ openstack project delete "$DOCTOR_PROJECT"
+ }
+}
+
boot_vm() {
# test VM done with test user, so can test non-admin
if [[ "$use_existing_image" == false ]] ; then
[ -n "$image_id" ] && openstack image delete "$image_id"
fi
- openstack role remove "$DOCTOR_ROLE" --user "$DOCTOR_USER" \
- --project "$DOCTOR_PROJECT"
- openstack project delete "$DOCTOR_PROJECT"
- openstack user delete "$DOCTOR_USER"
- # NOTE: remove role only for doctor test.
- #openstack role delete "$DOCTOR_ROLE"
+
+ remove_test_user
cleanup_installer
cleanup_inspector
Code Review / doctor.git / commitdiff