"""
import argparse
import contextlib
-import json
import logging
-import os
-import errno
-import util.rgw as rgw_utils
from teuthology.orchestra import run
from teuthology import misc as teuthology
from teuthology.exceptions import ConfigError
from util import get_remote_for_role
from util.rgw import rgwadmin, wait_for_radosgw
-from util.rados import (rados, create_ec_pool,
- create_replicated_pool,
- create_cache_pool)
+from util.rados import (create_ec_pool,
+ create_replicated_pool,
+ create_cache_pool)
log = logging.getLogger(__name__)
log.info('Starting rgw...')
testdir = teuthology.get_testdir(ctx)
for client in clients:
- (remote,) = ctx.cluster.only(client).remotes.iterkeys()
+ (remote,) = ctx.cluster.only(client).remotes.keys()
cluster_name, daemon_type, client_id = teuthology.split_role(client)
client_with_id = daemon_type + '.' + client_id
client_with_cluster = cluster_name + '.' + client_with_id
'/var/log/ceph/rgw.{client_with_cluster}.log'.format(client_with_cluster=client_with_cluster),
'--rgw_ops_log_socket_path',
'{tdir}/rgw.opslog.{client_with_cluster}.sock'.format(tdir=testdir,
- client_with_cluster=client_with_cluster)
+ client_with_cluster=client_with_cluster),
])
keystone_role = client_config.get('use-keystone-role', None)
kport=keystone_port),
])
+
if client_config.get('dns-name'):
rgw_cmd.extend(['--rgw-dns-name', endpoint.dns_name])
if client_config.get('dns-s3website-name'):
rgw_cmd.extend(['--rgw-dns-s3website-name', endpoint.website_dns_name])
+
+ vault_role = client_config.get('use-vault-role', None)
+ barbican_role = client_config.get('use-barbican-role', None)
+
+ token_path = teuthology.get_testdir(ctx) + '/vault-token'
+ if barbican_role is not None:
+ if not hasattr(ctx, 'barbican'):
+ raise ConfigError('rgw must run after the barbican task')
+
+ barbican_host, barbican_port = \
+ ctx.barbican.endpoints[barbican_role]
+ log.info("Use barbican url=%s:%s", barbican_host, barbican_port)
+
+ rgw_cmd.extend([
+ '--rgw_barbican_url',
+ 'http://{bhost}:{bport}'.format(bhost=barbican_host,
+ bport=barbican_port),
+ ])
+ elif vault_role is not None:
+ if not ctx.vault.root_token:
+ raise ConfigError('vault: no "root_token" specified')
+ # create token on file
+ ctx.cluster.only(client).run(args=['echo', '-n', ctx.vault.root_token, run.Raw('>'), token_path])
+ log.info("Restrict access to token file")
+ ctx.cluster.only(client).run(args=['chmod', '600', token_path])
+ log.info("Token file content")
+ ctx.cluster.only(client).run(args=['cat', token_path])
+
+ rgw_cmd.extend([
+ '--rgw_crypt_vault_addr', "{}:{}".format(*ctx.vault.endpoints[vault_role]),
+ '--rgw_crypt_vault_token_file', token_path
+ ])
+
rgw_cmd.extend([
'--foreground',
run.Raw('|'),
'sudo',
'tee',
- '/var/log/ceph/rgw.{client_with_cluster}.stdout'.format(tdir=testdir,
- client_with_cluster=client_with_cluster),
+ '/var/log/ceph/rgw.{client_with_cluster}.stdout'.format(client_with_cluster=client_with_cluster),
run.Raw('2>&1'),
])
endpoint = ctx.rgw.role_endpoints[client]
url = endpoint.url()
log.info('Polling {client} until it starts accepting connections on {url}'.format(client=client, url=url))
- (remote,) = ctx.cluster.only(client).remotes.iterkeys()
+ (remote,) = ctx.cluster.only(client).remotes.keys()
wait_for_radosgw(url, remote)
try:
client=client_with_cluster),
],
)
+ ctx.cluster.only(client).run(args=['rm', '-f', token_path])
def assign_endpoints(ctx, config, default_cert):
role_endpoints = {}
- for role, client_config in config.iteritems():
+ for role, client_config in config.items():
client_config = client_config or {}
remote = get_remote_for_role(ctx, role)
log.info('Creating data pools')
for client in clients:
log.debug("Obtaining remote for client {}".format(client))
- (remote,) = ctx.cluster.only(client).remotes.iterkeys()
+ (remote,) = ctx.cluster.only(client).remotes.keys()
data_pool = 'default.rgw.buckets.data'
cluster_name, daemon_type, client_id = teuthology.split_role(client)