More SSL compat fixes
diff --git a/xos/configurations/common/xos_common_config b/xos/configurations/common/xos_common_config
index 76ba747..3a6e464 100644
--- a/xos/configurations/common/xos_common_config
+++ b/xos/configurations/common/xos_common_config
@@ -29,7 +29,7 @@
default_image=None
default_flavor=m1.small
default_security_group=default
-ca_ssl_cert=/etc/ssl/certs/ca-certificates.crt
+ca_ssl_cert=/usr/local/share/ca-certificates/local_certs.crt
[observer]
pretend=False
diff --git a/xos/configurations/cord-pod/Makefile b/xos/configurations/cord-pod/Makefile
index f0b3c3c..30a0853 100644
--- a/xos/configurations/cord-pod/Makefile
+++ b/xos/configurations/cord-pod/Makefile
@@ -63,7 +63,7 @@
test ! -s $(DOCKER_COMPOSE_YML) || sudo docker-compose -p $(DOCKER_PROJECT) -f $(DOCKER_COMPOSE_YML) stop
sudo docker-compose -f $(BOOTSTRAP_YML) stop
-rm:
+rm: stop
test ! -s $(DOCKER_COMPOSE_YML) || sudo docker-compose -p $(DOCKER_PROJECT) -f $(DOCKER_COMPOSE_YML) rm
sudo docker-compose -f $(BOOTSTRAP_YML) rm
diff --git a/xos/openstack_xos/client.py b/xos/openstack_xos/client.py
index 9a622ec..d1383f4 100644
--- a/xos/openstack_xos/client.py
+++ b/xos/openstack_xos/client.py
@@ -1,5 +1,7 @@
import urlparse
try:
+ from keystoneauth1.identity import v2 as keystoneauth_v2
+ from keystoneauth1 import session as keystone_session
from keystoneclient.v2_0 import client as keystone_client
#from glance import client as glance_client
import glanceclient
@@ -62,7 +64,10 @@
if endpoint:
self.endpoint = endpoint
- self.cacert = cacert
+ if cacert:
+ self.cacert = cacert
+ else:
+ self.cacert = getattr(Config(), "nova_ca_ssl_cert", "None")
#if '@' in self.username:
# self.username = self.username[:self.username.index('@')]
@@ -71,12 +76,13 @@
def __init__(self, *args, **kwds):
Client.__init__(self, *args, **kwds)
if has_openstack:
- self.client = keystone_client.Client(username=self.username,
- password=self.password,
- tenant_name=self.tenant,
- auth_url=self.url,
- cacert=self.cacert
- )
+ auth = keystoneauth_v2.Password(username=self.username,
+ password=self.password,
+ tenant_name=self.tenant,
+ auth_url=self.url,
+ )
+ sess = keystone_session.Session(auth=auth, verify=self.cacert, )
+ self.client = keystone_client.Client(session=sess)
@require_enabled
def connect(self, *args, **kwds):
@@ -166,7 +172,7 @@
password=self.password,
tenant_name=self.tenant,
auth_url=self.url,
- cacert=self.cacert
+ ca_cert=self.cacert
)
@require_enabled
def connect(self, *args, **kwds):
@@ -188,9 +194,8 @@
url_parsed = urlparse.urlparse(self.keystone.url)
hostname = url_parsed.netloc.split(':')[0]
token = self.keystone.client.tokens.authenticate(username=self.keystone.username, password=self.keystone.password, tenant_name=self.keystone.tenant)
- glance_endpoint = self.keystone.service_catalog.url_for(service_type='image', endpoint_type='publicURL')
-
- self.glanceclient = GlanceClient('1', endpoint=glance_endpoint, token=token.id, **kwds)
+# glance_endpoint = self.keystone.client.service_catalog.url_for(service_type='image', endpoint_type='publicURL')
+# self.glanceclient = GlanceClient('1', endpoint=glance_endpoint, token=token.id, **kwds)
self.nova = NovaClient(*args, **kwds)
# self.nova_db = NovaDB(*args, **kwds)
self.neutron = NeutronClient(*args, **kwds)
diff --git a/xos/synchronizers/openstack/steps/sync_ports.py b/xos/synchronizers/openstack/steps/sync_ports.py
index 91111d0..5e0ff04 100644
--- a/xos/synchronizers/openstack/steps/sync_ports.py
+++ b/xos/synchronizers/openstack/steps/sync_ports.py
@@ -28,7 +28,7 @@
# ports to instances if the port's tenant does not match
# the instance's tenant.
- # A bunch of stuff to compensate for OpenStackDriver.client_driveR()
+ # A bunch of stuff to compensate for OpenStackDriver.client_driver()
# not being in working condition.
from openstack_xos.client import OpenStackClient
from openstack_xos.driver import OpenStackDriver
@@ -38,7 +38,7 @@
auth = {'username': caller.email,
'password': caller.remote_password,
'tenant': slice.name}
- client = OpenStackClient(controller=controller, cacert=self.config.nova_ca_ssl_cert, **auth)
+ client = OpenStackClient(controller=controller, **auth)
driver = OpenStackDriver(client=client)
return driver