Disable unncecessary sending resource operation notification to DHCP …

…agent Change-Id: I732ac3359286151210778dd2acd43e53ad9dd397 Closes-Bug: 1639014 (cherry picked from commit d4a4b00) keystone_ssl_enabled is not initialized in the code path, when orchestrator is set to 'none', setup contrail analytics comomnents pass none as orchestrator, so initializing it. Change-Id: I0b95c83a067f004f17a46cab84b95842b3a76037 Closes-Bug: 1647512 (cherry picked from commit 7b9b70a) Adding new argument first_cfgm_ip to setup-vnc-config entrypoint script. Which will be used to populate the ContrailPluginIni and create neutron endpoint in a SSL enabled cluster non HA setup(no VIP). Change-Id: I2f55802ae1eb9dfd281e5a30de993b76885f4d1d Partial-Bug: 1649239 (cherry picked from commit 259e463) Making sure that the ssl cert directories are with read permission for the group users as well. Change-Id: Iaad4670faf2ccf6ffe323fd7fb3580bf43f3f7ba Closes-Bug: 1651275 (cherry picked from commit 405d8af)
Juniper · Jan 14, 2017 · 58e3f4b · 58e3f4b
1 parent c126697
commit 58e3f4b
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 1 deletion.
diff --git a/contrail_provisioning/common/scripts/create-ssl-certs.sh b/contrail_provisioning/common/scripts/create-ssl-certs.sh
@@ -86,7 +86,9 @@ main() {
    $CAT certs/server.crt >> "$CERT_FILE_PREFIX".pem
    cd ../
    mkdir -p $SSL_PATH/private/
+   chmod 750 $SSL_PATH/private/
    mkdir -p $SSL_PATH/certs/
+   chmod 755 $SSL_PATH/certs
    $CP working/"$CERT_FILE_PREFIX".key $SSL_PATH/private/
    $CP working/"$CERT_FILE_PREFIX".pem $SSL_PATH/certs/
    $CP working/"$CERT_FILE_PREFIX"_ca.pem $SSL_PATH/certs/

diff --git a/contrail_provisioning/config/common.py b/contrail_provisioning/config/common.py
@@ -61,6 +61,7 @@ def __init__(self, config_args, args_str=None):
         if (self._args.apiserver_keyfile and
                 self._args.apiserver_certfile and self._args.apiserver_cafile):
             self.api_ssl_enabled = True
+        self.keystone_ssl_enabled = False
 
     def fixup_config_files(self):
         self.fixup_cassandra_config()

diff --git a/contrail_provisioning/config/openstack.py b/contrail_provisioning/config/openstack.py
@@ -95,7 +95,7 @@ def fixup_contrail_svc_monitor_supervisor_ini(self):
 
     def fixup_contrail_plugin_ini(self):
         # quantum/neutron plugin
-        template_vals = {'__contrail_api_server_ip__': self.contrail_internal_vip or self._args.self_ip,
+        template_vals = {'__contrail_api_server_ip__': self.contrail_internal_vip or self._args.first_cfgm_ip or self._args.self_ip,
                          '__contrail_api_server_port__': '8082',
                          '__contrail_analytics_server_ip__': self.contrail_internal_vip or self._args.self_ip,
                          '__contrail_analytics_server_port__': '8081',
@@ -173,6 +173,8 @@ def build_ctrl_details(self):
     def run_services(self):
         if self.contrail_internal_vip:
             quantum_ip = self.contrail_internal_vip
+        elif self._args.first_cfgm_ip:
+            quantum_ip = self._args.first_cfgm_ip
         else:
             quantum_ip = self.cfgm_ip
         quant_args = '--ks_server_ip     %s ' % self._args.keystone_ip + \

diff --git a/contrail_provisioning/config/scripts/quantum-server-setup.sh b/contrail_provisioning/config/scripts/quantum-server-setup.sh
@@ -85,6 +85,7 @@ for svc in $net_svc_name; do
     openstack-config --set /etc/$svc/$svc.conf DEFAULT bind_port $QUANTUM_PORT
     openstack-config --set /etc/$svc/$svc.conf DEFAULT auth_strategy  keystone
     openstack-config --set /etc/$svc/$svc.conf DEFAULT allow_overlapping_ips True
+    openstack-config --set /etc/$svc/$svc.conf DEFAULT dhcp_agent_notification False
     openstack-config --set /etc/$svc/$svc.conf keystone_authtoken auth_uri $AUTH_PROTOCOL://$CONTROLLER:35357/$KEYSTONE_VERSION/
     openstack-config --set /etc/$svc/$svc.conf keystone_authtoken identity_uri $AUTH_PROTOCOL://$CONTROLLER:5000
     openstack-config --set /etc/$svc/$svc.conf keystone_authtoken admin_tenant_name $SERVICE_TENANT

diff --git a/contrail_provisioning/config/setup.py b/contrail_provisioning/config/setup.py
@@ -73,6 +73,7 @@ def parse_args(self, args_str):
         parser = self._parse_args(args_str)
 
         parser.add_argument("--self_ip", help = "IP Address of this system")
+        parser.add_argument("--first_cfgm_ip", help = "IP Address of the first CFGM in the cluster")
         parser.add_argument("--cfgm_index", help = "The index of this cfgm node")
         parser.add_argument("--collector_ip", help = "IP Address of collector node")
         parser.add_argument("--keystone_ip", help = "IP Address of keystone node")