Add ca cert file support to cinder client requests

Allow for ca certificates file to be specified when doing cinder client requests. Needed when using custom ca authorities. Change-Id: Ib9aa15df2fc7d96cb8587c13769399e353c032c6 Fixes: bug #1179476
author: Cian O'Driscoll <cian@hp.com> 2013-05-15 15:14:01 +0000
committer: Cian O'Driscoll <cian@hp.com> 2013-05-16 08:50:42 +0000
commit: 5bc5fd8855f39638522304102e1f839484b9bf81 (patch)
tree: bcb084c1da1ebd46ef1368f1ba8db299e6a5e527 /nova/volume
parent: 56f5172f33bbd1da1b8749b7754805de44c3ab9c (diff)
download: nova-5bc5fd8855f39638522304102e1f839484b9bf81.tar.gz
nova-5bc5fd8855f39638522304102e1f839484b9bf81.tar.xz
nova-5bc5fd8855f39638522304102e1f839484b9bf81.zip
1 files changed, 9 insertions, 4 deletions
diff --git a/nova/volume/cinder.py b/nova/volume/cinder.py
index f112f0597..5243cdb1f 100644
--- a/nova/volume/cinder.py
+++ b/nova/volume/cinder.py
@@ -45,6 +45,10 @@ cinder_opts = [
     cfg.StrOpt('os_region_name',
                 default=None,
                 help='region name of this node'),
+    cfg.StrOpt('cinder_ca_certificates_file',
+                default=None,
+                help='Location of ca certicates file to use for cinder client '
+                     'requests.'),
     cfg.IntOpt('cinder_http_retries',
                default=3,
                help='Number of cinderclient retries on failed http calls'),
@@ -52,9 +56,9 @@ cinder_opts = [
                default=False,
                help='Allow to perform insecure SSL requests to cinder'),
     cfg.BoolOpt('cinder_cross_az_attach',
-               default=True,
-               help='Allow attach between instance and volume in different '
-                    'availability zones.'),
+                default=True,
+                help='Allow attach between instance and volume in different '
+                     'availability zones.'),
 ]
 
 CONF = cfg.CONF
@@ -98,7 +102,8 @@ def cinderclient(context):
                              project_id=context.project_id,
                              auth_url=url,
                              insecure=CONF.cinder_api_insecure,
-                             retries=CONF.cinder_http_retries)
+                             retries=CONF.cinder_http_retries,
+                             cacert=CONF.cinder_ca_certificates_file)
     # noauth extracts user_id:project_id from auth_token
     c.client.auth_token = context.auth_token or '%s:%s' % (context.user_id,
                                                            context.project_id)
author	Cian O'Driscoll <cian@hp.com>	2013-05-15 15:14:01 +0000
committer	Cian O'Driscoll <cian@hp.com>	2013-05-16 08:50:42 +0000
commit	5bc5fd8855f39638522304102e1f839484b9bf81 (patch)
tree	bcb084c1da1ebd46ef1368f1ba8db299e6a5e527 /nova/volume
parent	56f5172f33bbd1da1b8749b7754805de44c3ab9c (diff)
download	nova-5bc5fd8855f39638522304102e1f839484b9bf81.tar.gz nova-5bc5fd8855f39638522304102e1f839484b9bf81.tar.xz nova-5bc5fd8855f39638522304102e1f839484b9bf81.zip