From d3d94992cf02c9d150ceb5244e520fe1dbeb0012 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 13 Dec 2017 18:18:48 +0100 Subject: keystone: rip part of openstack cleanup --- nixos/tests/keystone.nix | 82 ------------------------------------------------ 1 file changed, 82 deletions(-) delete mode 100644 nixos/tests/keystone.nix (limited to 'nixos/tests') diff --git a/nixos/tests/keystone.nix b/nixos/tests/keystone.nix deleted file mode 100644 index 358e352f776f..000000000000 --- a/nixos/tests/keystone.nix +++ /dev/null @@ -1,82 +0,0 @@ -{ system ? builtins.currentSystem }: - -with import ../lib/testing.nix { inherit system; }; -with pkgs.lib; - -let - keystoneMysqlPassword = "keystoneMysqlPassword"; - keystoneMysqlPasswordFile = "/var/run/keystoneMysqlPassword"; - keystoneAdminPassword = "keystoneAdminPassword"; - - createKeystoneDb = pkgs.writeText "create-keystone-db.sql" '' - create database keystone; - GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '${keystoneMysqlPassword}'; - GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '${keystoneMysqlPassword}'; - ''; - # The admin keystone account - adminOpenstackCmd = "OS_TENANT_NAME=admin OS_USERNAME=admin OS_PASSWORD=${keystoneAdminPassword} OS_AUTH_URL=http://localhost:5000/v3 OS_IDENTITY_API_VERSION=3 openstack"; - # The created demo keystone account - demoOpenstackCmd = "OS_TENANT_NAME=demo OS_USERNAME=demo OS_PASSWORD=demo OS_AUTH_URL=http://localhost:5000/v3 OS_IDENTITY_API_VERSION=3 openstack"; - -in makeTest { - meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ lewo ]; - }; - machine = - { config, pkgs, ... }: - { - # This is to simulate nixops deployment process. - # https://nixos.org/nixops/manual/#opt-deployment.keys - boot.postBootCommands = "echo ${keystoneMysqlPassword} > ${keystoneMysqlPasswordFile}"; - - services.mysql.enable = true; - services.mysql.initialScript = createKeystoneDb; - - virtualisation = { - - openstack.keystone = { - enable = true; - # Check if we can get the secret from a file - database.password = { - value = keystoneMysqlPasswordFile; - storage = "fromFile"; - }; - adminToken = { - value = "adminToken"; - storage = "fromNixStore"; - }; - - bootstrap.enable = true; - # Check if we can get the secret from the store - bootstrap.adminPassword = { - value = keystoneAdminPassword; - storage = "fromNixStore"; - }; - }; - - memorySize = 2096; - diskSize = 4 * 1024; - }; - - environment.systemPackages = with pkgs.pythonPackages; with pkgs; [ - openstackclient - ]; - }; - - testScript = - '' - $machine->waitForUnit("keystone-all.service"); - - # Verify that admin ccount is working - $machine->succeed("${adminOpenstackCmd} token issue"); - - # Try to create a new user - $machine->succeed("${adminOpenstackCmd} project create --domain default --description 'Demo Project' demo"); - $machine->succeed("${adminOpenstackCmd} user create --domain default --password demo demo"); - $machine->succeed("${adminOpenstackCmd} role create user"); - $machine->succeed("${adminOpenstackCmd} role add --project demo --user demo user"); - - # Verify this new account is working - $machine->succeed("${demoOpenstackCmd} token issue"); - ''; -} -- cgit 1.4.1 From 71767ee3c757346ae0bad317b689d0cf1399fd16 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 13 Dec 2017 19:22:33 +0100 Subject: glance: rip part of openstack cleanup --- nixos/modules/misc/ids.nix | 4 +- nixos/modules/module-list.nix | 1 - nixos/modules/virtualisation/openstack/glance.nix | 245 --------------------- nixos/release.nix | 1 - nixos/tests/glance.nix | 77 ------- .../virtualization/openstack/glance.nix | 69 ------ pkgs/top-level/all-packages.nix | 1 - 7 files changed, 2 insertions(+), 396 deletions(-) delete mode 100644 nixos/modules/virtualisation/openstack/glance.nix delete mode 100644 nixos/tests/glance.nix delete mode 100644 pkgs/applications/virtualization/openstack/glance.nix (limited to 'nixos/tests') diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 1ca1ed0cfbdc..678593a2d8b4 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -282,7 +282,7 @@ riak-cs = 263; infinoted = 264; # keystone = 265; # unused, removed 2017-12-13 - glance = 266; + # glance = 266; # unused, removed 2017-12-13 couchpotato = 267; gogs = 268; pdns-recursor = 269; @@ -552,7 +552,7 @@ riak-cs = 263; infinoted = 264; # keystone = 265; # unused, removed 2017-12-13 - glance = 266; + # glance = 266; # unused, removed 2017-12-13 couchpotato = 267; gogs = 268; kresd = 270; diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 43548609ee8a..0d28b8c16202 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -748,5 +748,4 @@ ./virtualisation/vmware-guest.nix ./virtualisation/xen-dom0.nix ./virtualisation/xe-guest-utilities.nix - ./virtualisation/openstack/glance.nix ] diff --git a/nixos/modules/virtualisation/openstack/glance.nix b/nixos/modules/virtualisation/openstack/glance.nix deleted file mode 100644 index 7862409a65ec..000000000000 --- a/nixos/modules/virtualisation/openstack/glance.nix +++ /dev/null @@ -1,245 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; with import ./common.nix {inherit lib;}; - -let - cfg = config.virtualisation.openstack.glance; - commonConf = '' - [database] - connection = "mysql://${cfg.database.user}:${cfg.database.password.pattern}@${cfg.database.host}/${cfg.database.name}" - notification_driver = noop - - [keystone_authtoken] - auth_url = ${cfg.authUrl} - auth_plugin = password - project_name = service - project_domain_id = default - user_domain_id = default - username = ${cfg.serviceUsername} - password = ${cfg.servicePassword.pattern} - - [glance_store] - default_store = file - filesystem_store_datadir = /var/lib/glance/images/ - ''; - glanceApiConfTpl = pkgs.writeText "glance-api.conf" '' - ${commonConf} - - [paste_deploy] - flavor = keystone - config_file = ${cfg.package}/etc/glance-api-paste.ini - ''; - glanceRegistryConfTpl = pkgs.writeText "glance-registry.conf" '' - ${commonConf} - - [paste_deploy] - config_file = ${cfg.package}/etc/glance-registry-paste.ini - ''; - glanceApiConf = "/var/lib/glance/glance-api.conf"; - glanceRegistryConf = "/var/lib/glance/glance-registry.conf"; - -in { - options.virtualisation.openstack.glance = { - package = mkOption { - type = types.package; - default = pkgs.glance; - defaultText = "pkgs.glance"; - description = '' - Glance package to use. - ''; - }; - - enable = mkOption { - default = false; - type = types.bool; - description = '' - This option enables Glance as a single-machine - installation. That is, all of Glance's components are - enabled on this machine. This is useful for evaluating and - experimenting with Glance. Note we are currently not - providing any configurations for a multi-node setup. - ''; - }; - - authUrl = mkOption { - type = types.str; - default = http://localhost:5000; - description = '' - Complete public Identity (Keystone) API endpoint. Note this is - unversionned. - ''; - }; - - serviceUsername = mkOption { - type = types.str; - default = "glance"; - description = '' - The Glance service username. This user is created if bootstrap - is enable, otherwise it has to be manually created before - starting this service. - ''; - }; - - servicePassword = mkSecretOption { - name = "glanceAdminPassword"; - description = '' - The Glance service user's password. - ''; - }; - - database = databaseOption "glance"; - - bootstrap = { - enable = mkOption { - default = false; - type = types.bool; - description = '' - Bootstrap the Glance service by creating the service tenant, - an admin account and a public endpoint. This option provides - a ready-to-use glance service. This is only done at the - first Glance execution by the systemd post start section. - The keystone admin account is used to create required - Keystone resource for the Glance service. - - This option is a helper for setting up - development or testing environments. - ''; - }; - - endpointPublic = mkOption { - type = types.str; - default = "http://localhost:9292"; - description = '' - The public image endpoint. The link - create endpoint provides more informations - about that. - ''; - }; - - keystoneAdminUsername = mkOption { - type = types.str; - default = "admin"; - description = '' - The keystone admin user name used to create the Glance account. - ''; - }; - - keystoneAdminPassword = mkSecretOption { - name = "keystoneAdminPassword"; - description = '' - The keystone admin user's password. - ''; - }; - - keystoneAdminTenant = mkOption { - type = types.str; - default = "admin"; - description = '' - The keystone admin tenant used to create the Glance account. - ''; - }; - keystoneAuthUrl = mkOption { - type = types.str; - default = "http://localhost:5000/v2.0"; - description = '' - The keystone auth url used to create the Glance account. - ''; - }; - }; - }; - - config = mkIf cfg.enable { - users.extraUsers = [{ - name = "glance"; - group = "glance"; - uid = config.ids.gids.glance; - - }]; - users.extraGroups = [{ - name = "glance"; - gid = config.ids.gids.glance; - }]; - - systemd.services.glance-registry = { - description = "OpenStack Glance Registry Daemon"; - after = [ "network.target"]; - path = [ pkgs.curl pkgs.pythonPackages.keystoneclient pkgs.gawk ]; - wantedBy = [ "multi-user.target" ]; - preStart = '' - mkdir -m 775 -p /var/lib/glance/{images,scrubber,image_cache} - chown glance:glance /var/lib/glance/{images,scrubber,image_cache} - - # Secret file managment - cp ${glanceRegistryConfTpl} ${glanceRegistryConf}; - chown glance:glance ${glanceRegistryConf}; - chmod 640 ${glanceRegistryConf} - ${replaceSecret cfg.database.password glanceRegistryConf} - ${replaceSecret cfg.servicePassword glanceRegistryConf} - - cp ${glanceApiConfTpl} ${glanceApiConf}; - chown glance:glance ${glanceApiConf}; - chmod 640 ${glanceApiConf} - ${replaceSecret cfg.database.password glanceApiConf} - ${replaceSecret cfg.servicePassword glanceApiConf} - - # Initialise the database - ${cfg.package}/bin/glance-manage --config-file=${glanceApiConf} --config-file=${glanceRegistryConf} db_sync - ''; - postStart = '' - set -eu - export OS_AUTH_URL=${cfg.bootstrap.keystoneAuthUrl} - export OS_USERNAME=${cfg.bootstrap.keystoneAdminUsername} - export OS_PASSWORD=${getSecret cfg.bootstrap.keystoneAdminPassword} - export OS_TENANT_NAME=${cfg.bootstrap.keystoneAdminTenant} - - # Wait until the keystone is available for use - count=0 - while ! keystone user-get ${cfg.bootstrap.keystoneAdminUsername} > /dev/null - do - if [ $count -eq 30 ] - then - echo "Tried 30 times, giving up..." - exit 1 - fi - - echo "Keystone not yet started. Waiting for 1 second..." - count=$((count++)) - sleep 1 - done - - # If the service glance doesn't exist, we consider glance is - # not initialized - if ! keystone service-get glance - then - keystone service-create --type image --name glance - ID=$(keystone service-get glance | awk '/ id / { print $4 }') - keystone endpoint-create --region RegionOne --service $ID --internalurl http://localhost:9292 --adminurl http://localhost:9292 --publicurl ${cfg.bootstrap.endpointPublic} - - keystone user-create --name ${cfg.serviceUsername} --tenant service --pass ${getSecret cfg.servicePassword} - keystone user-role-add --tenant service --user ${cfg.serviceUsername} --role admin - fi - ''; - serviceConfig = { - PermissionsStartOnly = true; # preStart must be run as root - TimeoutStartSec = "600"; # 10min for initial db migrations - User = "glance"; - Group = "glance"; - ExecStart = "${cfg.package}/bin/glance-registry --config-file=${glanceRegistryConf}"; - }; - }; - systemd.services.glance-api = { - description = "OpenStack Glance API Daemon"; - after = [ "glance-registry.service" "network.target"]; - requires = [ "glance-registry.service" "network.target"]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - PermissionsStartOnly = true; # preStart must be run as root - User = "glance"; - Group = "glance"; - ExecStart = "${cfg.package}/bin/glance-api --config-file=${glanceApiConf}"; - }; - }; - }; - -} diff --git a/nixos/release.nix b/nixos/release.nix index d5d7e1bf2cc9..b7ec97bcf828 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -267,7 +267,6 @@ in rec { tests.fleet = hydraJob (import tests/fleet.nix { system = "x86_64-linux"; }); #tests.gitlab = callTest tests/gitlab.nix {}; tests.gitolite = callTest tests/gitolite.nix {}; - tests.glance = callTest tests/glance.nix {}; tests.gocd-agent = callTest tests/gocd-agent.nix {}; tests.gocd-server = callTest tests/gocd-server.nix {}; tests.gnome3 = callTest tests/gnome3.nix {}; diff --git a/nixos/tests/glance.nix b/nixos/tests/glance.nix deleted file mode 100644 index 992b77227a4b..000000000000 --- a/nixos/tests/glance.nix +++ /dev/null @@ -1,77 +0,0 @@ -{ system ? builtins.currentSystem }: - -with import ../lib/testing.nix { inherit system; }; -with pkgs.lib; - -let - glanceMysqlPassword = "glanceMysqlPassword"; - glanceAdminPassword = "glanceAdminPassword"; - - createDb = pkgs.writeText "db-provisionning.sql" '' - create database keystone; - GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone'; - GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone'; - - create database glance; - GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '${glanceMysqlPassword}'; - GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '${glanceMysqlPassword}'; - ''; - - image = - (import ../lib/eval-config.nix { - inherit system; - modules = [ ../../nixos/modules/virtualisation/nova-image.nix ]; - }).config.system.build.novaImage; - - # The admin keystone account - adminOpenstackCmd = "OS_TENANT_NAME=admin OS_USERNAME=admin OS_PASSWORD=keystone OS_AUTH_URL=http://localhost:5000/v3 OS_IDENTITY_API_VERSION=3 openstack"; - -in makeTest { - meta = with pkgs.stdenv.lib.maintainers; { - maintainers = [ lewo ]; - }; - machine = - { config, pkgs, ... }: - { - services.mysql.enable = true; - services.mysql.package = pkgs.mysql; - services.mysql.initialScript = createDb; - - virtualisation = { - openstack.keystone = { - enable = true; - database.password = { value = "keystone"; storage = "fromNixStore"; }; - adminToken = { value = "adminToken"; storage = "fromNixStore"; }; - bootstrap.enable = true; - bootstrap.adminPassword = { value = "keystone"; storage = "fromNixStore"; }; - }; - - openstack.glance = { - enable = true; - database.password = { value = glanceMysqlPassword; storage = "fromNixStore"; }; - servicePassword = { value = glanceAdminPassword; storage = "fromNixStore"; }; - - bootstrap = { - enable = true; - keystoneAdminPassword = { value = "keystone"; storage = "fromNixStore"; }; - }; - }; - - memorySize = 2096; - diskSize = 4 * 1024; - }; - - environment.systemPackages = with pkgs.pythonPackages; with pkgs; [ - openstackclient - ]; - }; - - testScript = - '' - $machine->waitForUnit("glance-api.service"); - - # Since Glance api can take time to start, we retry until success - $machine->waitUntilSucceeds("${adminOpenstackCmd} image create nixos --file ${image}/nixos.img --disk-format qcow2 --container-format bare --public"); - $machine->succeed("${adminOpenstackCmd} image list") =~ /nixos/ or die; - ''; -} diff --git a/pkgs/applications/virtualization/openstack/glance.nix b/pkgs/applications/virtualization/openstack/glance.nix deleted file mode 100644 index 21cb4906d034..000000000000 --- a/pkgs/applications/virtualization/openstack/glance.nix +++ /dev/null @@ -1,69 +0,0 @@ -{ stdenv, fetchurl, python2Packages, sqlite, which, strace }: - -python2Packages.buildPythonApplication rec { - name = "glance-${version}"; - version = "11.0.0"; - namePrefix = ""; - - PBR_VERSION = "${version}"; - - src = fetchurl { - url = "https://github.com/openstack/glance/archive/${version}.tar.gz"; - sha256 = "05rz1lmzdmpnw8sf87vvi0l6q9g6s840z934zyinw17yfcvmqrdg"; - }; - - # https://github.com/openstack/glance/blob/stable/liberty/requirements.txt - propagatedBuildInputs = with python2Packages; [ - pbr sqlalchemy anyjson eventlet PasteDeploy routes webob sqlalchemy_migrate - httplib2 pycrypto iso8601 stevedore futurist keystonemiddleware paste - jsonschema keystoneclient pyopenssl six retrying semantic-version qpid-python - WSME osprofiler glance_store castellan taskflow cryptography xattr pysendfile - - # oslo componenets - oslo-config oslo-context oslo-concurrency oslo-service oslo-utils oslo-db - oslo-i18n oslo-log oslo-messaging oslo-middleware oslo-policy oslo-serialization - MySQL_python - ]; - - buildInputs = with python2Packages; [ - Babel coverage fixtures mox3 mock oslosphinx requests testrepository pep8 - testresources testscenarios testtools psutil_1 oslotest psycopg2 - sqlite which strace - ]; - - patchPhase = '' - # it's not a test, but a class mixin - sed -i 's/ImageCacheTestCase/ImageCacheMixin/' glance/tests/unit/test_image_cache.py - - # these require network access, see https://bugs.launchpad.net/glance/+bug/1508868 - sed -i 's/test_get_image_data_http/noop/' glance/tests/unit/common/scripts/test_scripts_utils.py - sed -i 's/test_set_image_data_http/noop/' glance/tests/unit/common/scripts/image_import/test_main.py - sed -i 's/test_create_image_with_nonexistent_location_url/noop/' glance/tests/unit/v1/test_api.py - sed -i 's/test_upload_image_http_nonexistent_location_url/noop/' glance/tests/unit/v1/test_api.py - - # TODO: couldn't figure out why this test is failing - sed -i 's/test_all_task_api/noop/' glance/tests/integration/v2/test_tasks_api.py - ''; - - postInstall = '' - # check all binaries don't crash - for i in $out/bin/*; do - case "$i" in - *glance-artifacts) # https://bugs.launchpad.net/glance/+bug/1508879 - : - ;; - *) - $i --help - esac - done - - cp etc/*-paste.ini $out/etc/ - ''; - - meta = with stdenv.lib; { - homepage = http://glance.openstack.org/; - description = "Services for discovering, registering, and retrieving virtual machine images"; - license = stdenv.lib.licenses.asl20; - platforms = stdenv.lib.platforms.linux; - }; -} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index ed98377fb2a9..82c994a4b7c1 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -16114,7 +16114,6 @@ with pkgs; # Open Stack neutron = callPackage ../applications/virtualization/openstack/neutron.nix { }; - glance = callPackage ../applications/virtualization/openstack/glance.nix { }; nova-filters = callPackage ../applications/audio/nova-filters { }; -- cgit 1.4.1