diff options
| author | Jenkins <jenkins@review.openstack.org> | 2013-01-19 14:52:05 +0000 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2013-01-19 14:52:05 +0000 |
| commit | 565698cfb610250aa35c7effdc1359acca5271aa (patch) | |
| tree | b2a15bc48870c12847d42dcbadccd33a24c28e7d | |
| parent | cd121971858e9246548f84219984fa68a3bb1a5f (diff) | |
| parent | 4aeecd5c7e91418866e29becd473d0230f0b8318 (diff) | |
| download | nova-565698cfb610250aa35c7effdc1359acca5271aa.tar.gz nova-565698cfb610250aa35c7effdc1359acca5271aa.tar.xz nova-565698cfb610250aa35c7effdc1359acca5271aa.zip | |
Merge "Allow nova to use insecure cinderclient."
| -rw-r--r-- | etc/nova/nova.conf.sample | 6 | ||||
| -rw-r--r-- | nova/tests/test_cinder.py | 14 | ||||
| -rw-r--r-- | nova/volume/cinder.py | 4 |
3 files changed, 21 insertions, 3 deletions
diff --git a/etc/nova/nova.conf.sample b/etc/nova/nova.conf.sample index 96118eb76..571c3e63a 100644 --- a/etc/nova/nova.conf.sample +++ b/etc/nova/nova.conf.sample @@ -2282,6 +2282,10 @@ # value) #cinder_http_retries=3 +# Allow to perform insecure SSL (https) requests to cinder +# (boolean value) +#cinder_api_insecure=false + [conductor] @@ -2546,4 +2550,4 @@ #keymap=en-us -# Total option count: 519 +# Total option count: 520 diff --git a/nova/tests/test_cinder.py b/nova/tests/test_cinder.py index 29e2e978b..79b5ae66a 100644 --- a/nova/tests/test_cinder.py +++ b/nova/tests/test_cinder.py @@ -98,13 +98,14 @@ class FakeHTTPClient(cinder.cinder_client.client.HTTPClient): class FakeCinderClient(cinder.cinder_client.Client): def __init__(self, username, password, project_id=None, auth_url=None, - retries=None): + insecure=False, retries=None): super(FakeCinderClient, self).__init__(username, password, project_id=project_id, auth_url=auth_url, + insecure=insecure, retries=retries) self.client = FakeHTTPClient(username, password, project_id, auth_url, - retries=retries) + insecure=insecure, retries=retries) # keep a ref to the clients callstack for factory's assert_called self.callstack = self.client.callstack = [] @@ -177,6 +178,15 @@ class CinderTestCase(test.TestCase): self.assertTrue('volume_image_metadata' in volume) self.assertEqual(volume['volume_image_metadata'], _image_metadata) + def test_cinder_api_insecure(self): + # The True/False negation is awkward, but better for the client + # to pass us insecure=True and we check verify_cert == False + self.flags(cinder_api_insecure=True) + volume = self.api.get(self.context, '1234') + self.assert_called('GET', '/volumes/1234') + self.assertEquals( + self.fake_client_factory.client.client.verify_cert, False) + def test_cinder_http_retries(self): retries = 42 self.flags(cinder_http_retries=retries) diff --git a/nova/volume/cinder.py b/nova/volume/cinder.py index fccdedac8..3e1ccc66b 100644 --- a/nova/volume/cinder.py +++ b/nova/volume/cinder.py @@ -48,6 +48,9 @@ cinder_opts = [ cfg.IntOpt('cinder_http_retries', default=3, help='Number of cinderclient retries on failed http calls'), + cfg.BoolOpt('cinder_api_insecure', + default=False, + help='Allow to perform insecure SSL requests to cinder'), ] CONF = cfg.CONF @@ -88,6 +91,7 @@ def cinderclient(context): context.auth_token, project_id=context.project_id, auth_url=url, + insecure=CONF.cinder_api_insecure, retries=CONF.cinder_http_retries) # noauth extracts user_id:project_id from auth_token c.client.auth_token = context.auth_token or '%s:%s' % (context.user_id, |