diff --git a/etc/neutron/plugins/opencontrail/ContrailPlugin.ini b/etc/neutron/plugins/opencontrail/ContrailPlugin.ini index f3d3734..560de8c 100644 --- a/etc/neutron/plugins/opencontrail/ContrailPlugin.ini +++ b/etc/neutron/plugins/opencontrail/ContrailPlugin.ini @@ -14,6 +14,9 @@ # multi_tenancy = # Example: multi_tenancy = True +# auth_token_url = +# Example: auth_token_url = http://127.0.0.1:35357/v2.0/tokens + # (ListOpt) list of OpenContrail extensions to be supported. # OpenContrail extensions are - ipam, policy and route-table. # By default ipam, policy and route-table extensions are supported diff --git a/neutron_plugin_contrail/plugins/opencontrail/agent/contrail_vif_driver.py b/neutron_plugin_contrail/plugins/opencontrail/agent/contrail_vif_driver.py index 3012669..969c74e 100644 --- a/neutron_plugin_contrail/plugins/opencontrail/agent/contrail_vif_driver.py +++ b/neutron_plugin_contrail/plugins/opencontrail/agent/contrail_vif_driver.py @@ -56,6 +56,8 @@ def _parse_class_args(cls, cfg_parser): 'api_server_port', '8082') cls._api_server_use_ssl = _read_cfg(cfg_parser, 'APISERVER', 'use_ssl', False) + cls._auth_token_url = _read_cfg(cfg_parser, 'APISERVER', + 'auth_token_url', None) def __init__(self, conf): super(ContrailInterfaceDriver, self).__init__(conf) @@ -71,7 +73,8 @@ def _connect_to_api_server(self): try: client = VncApi(api_server_host=self._api_server_ip, api_server_port=self._api_server_port, - api_server_use_ssl=self._api_server_use_ssl) + api_server_use_ssl=self._api_server_use_ssl, + auth_token_url=self._auth_token_url) return client except: pass diff --git a/neutron_plugin_contrail/plugins/opencontrail/contrail_plugin_v3.py b/neutron_plugin_contrail/plugins/opencontrail/contrail_plugin_v3.py index 0c4c9a1..0121b70 100644 --- a/neutron_plugin_contrail/plugins/opencontrail/contrail_plugin_v3.py +++ b/neutron_plugin_contrail/plugins/opencontrail/contrail_plugin_v3.py @@ -100,6 +100,11 @@ def _connect_to_vnc_server(self): except cfg.NoSuchOptError: api_server_url = "/" + try: + auth_token_url = cfg.CONF.APISERVER.auth_token_url + except cfg.NoSuchOptError: + auth_token_url = None + # Retry till a api-server is up connected = False while not connected: @@ -109,7 +114,7 @@ def _connect_to_vnc_server(self): api_srvr_ip, api_srvr_port, api_server_url, auth_host=auth_host, auth_port=auth_port, auth_protocol=auth_protocol, auth_url=auth_url, - auth_type=auth_type) + auth_type=auth_type, auth_token_url=auth_token_url) connected = True except requests.exceptions.RequestException: time.sleep(3) diff --git a/neutron_plugin_contrail/plugins/opencontrail/loadbalancer/loadbalancer_db.py b/neutron_plugin_contrail/plugins/opencontrail/loadbalancer/loadbalancer_db.py index a928ca8..8e74482 100644 --- a/neutron_plugin_contrail/plugins/opencontrail/loadbalancer/loadbalancer_db.py +++ b/neutron_plugin_contrail/plugins/opencontrail/loadbalancer/loadbalancer_db.py @@ -75,6 +75,11 @@ def __init__(self): except cfg.NoSuchOptError: self.api_server_url = "/" + try: + self.auth_token_url= cfg.CONF.APISERVER.auth_token_url + except cfg.NoSuchOptError: + self.auth_token_url = None + @property def api(self): if hasattr(self, '_api'): @@ -91,7 +96,8 @@ def api(self): auth_protocol=self.auth_protocol, auth_url=self.auth_url, auth_type=self.auth_type, wait_for_connect=True, - api_server_use_ssl=self.api_srvr_use_ssl) + api_server_use_ssl=self.api_srvr_use_ssl, + auth_token_url=self.auth_token_url) connected = True except requests.exceptions.RequestException: time.sleep(3) diff --git a/neutron_plugin_contrail/plugins/opencontrail/loadbalancer/v2/loadbalancer_db.py b/neutron_plugin_contrail/plugins/opencontrail/loadbalancer/v2/loadbalancer_db.py index 3628bc7..4809aef 100644 --- a/neutron_plugin_contrail/plugins/opencontrail/loadbalancer/v2/loadbalancer_db.py +++ b/neutron_plugin_contrail/plugins/opencontrail/loadbalancer/v2/loadbalancer_db.py @@ -66,6 +66,11 @@ def __init__(self): except cfg.NoSuchOptError: self.api_server_url = "/" + try: + self.auth_token_url = cfg.CONF.APISERVER.auth_token_url + except cfg.NoSuchOptError: + self.auth_token_url = None + @property def api(self): if hasattr(self, '_api'): @@ -82,7 +87,8 @@ def api(self): auth_protocol=self.auth_protocol, auth_url=self.auth_url, auth_type=self.auth_type, wait_for_connect=True, - api_server_use_ssl=self.api_srvr_use_ssl) + api_server_use_ssl=self.api_srvr_use_ssl, + auth_token_url=self.auth_token_url) connected = True except requests.exceptions.RequestException: time.sleep(3) diff --git a/neutron_plugin_contrail/plugins/opencontrail/quota/driver.py b/neutron_plugin_contrail/plugins/opencontrail/quota/driver.py index 702c6f3..ed6db97 100644 --- a/neutron_plugin_contrail/plugins/opencontrail/quota/driver.py +++ b/neutron_plugin_contrail/plugins/opencontrail/quota/driver.py @@ -68,6 +68,12 @@ def _get_vnc_conn(cls): if vnc_conn: return vnc_conn # Retry till a api-server is up + + try: + auth_token_url= cfg.CONF.APISERVER.auth_token_url + except cfg.NoSuchOptError: + auth_token_url = None + while True: try: vnc_conn = vnc_api.VncApi( @@ -79,7 +85,8 @@ def _get_vnc_conn(cls): auth_host=cfg.CONF.keystone_authtoken.auth_host, auth_port=cfg.CONF.keystone_authtoken.auth_port, auth_protocol=cfg.CONF.keystone_authtoken.auth_protocol, - api_server_use_ssl=cfg.CONF.APISERVER.use_ssl) + api_server_use_ssl=cfg.CONF.APISERVER.use_ssl, + auth_token_url=auth_token_url) return vnc_conn except requests.exceptions.RequestException as e: time.sleep(3)