keystone-upgrade revision 4623
4623N/A#!/usr/bin/python2.7
4070N/A
6033N/A# Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
4070N/A#
4070N/A# Licensed under the Apache License, Version 2.0 (the "License"); you may
4070N/A# not use this file except in compliance with the License. You may obtain
4070N/A# a copy of the License at
4070N/A#
4070N/A# http://www.apache.org/licenses/LICENSE-2.0
4070N/A#
4070N/A# Unless required by applicable law or agreed to in writing, software
4070N/A# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
4070N/A# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
4070N/A# License for the specific language governing permissions and limitations
4070N/A# under the License.
4070N/A
4070N/Aimport glob
4070N/Aimport os
4070N/Afrom subprocess import check_call, Popen, PIPE
4070N/Aimport sys
4070N/Aimport traceback
4070N/A
4070N/Aimport iniparse
4070N/Aimport smf_include
4070N/Aimport sqlalchemy
4070N/A
4312N/Afrom openstack_common import alter_mysql_tables, create_backups, modify_conf
4312N/A
4070N/A
4070N/AKEYSTONE_CONF_MAPPINGS = {
4070N/A # Deprecated group/name
6033N/A ('DEFAULT', 'rabbit_durable_queues'): ('DEFAULT', 'amqp_durable_queues'),
6033N/A ('rpc_notifier2', 'topics'): ('DEFAULT', 'notification_topics'),
6033N/A ('DEFAULT', 'log_config'): ('DEFAULT', 'log_config_append'),
6033N/A ('DEFAULT', 'logfile'): ('DEFAULT', 'log_file'),
6033N/A ('DEFAULT', 'logdir'): ('DEFAULT', 'log_dir'),
6033N/A ('DEFAULT', 'db_backend'): ('database', 'backend'),
6033N/A ('DEFAULT', 'sql_connection'): ('database', 'connection'),
6033N/A ('DATABASE', 'sql_connection'): ('database', 'connection'),
6033N/A ('sql', 'connection'): ('database', 'connection'),
6033N/A ('DEFAULT', 'sql_idle_timeout'): ('database', 'idle_timeout'),
6033N/A ('DATABASE', 'sql_idle_timeout'): ('database', 'idle_timeout'),
6033N/A ('sql', 'idle_timeout'): ('database', 'idle_timeout'),
6033N/A ('DEFAULT', 'sql_min_pool_size'): ('database', 'min_pool_size'),
6033N/A ('DATABASE', 'sql_min_pool_size'): ('database', 'min_pool_size'),
6033N/A ('DEFAULT', 'sql_max_pool_size'): ('database', 'max_pool_size'),
6033N/A ('DATABASE', 'sql_max_pool_size'): ('database', 'max_pool_size'),
6033N/A ('DEFAULT', 'sql_max_retries'): ('database', 'max_retries'),
6033N/A ('DATABASE', 'sql_max_retries'): ('database', 'max_retries'),
6033N/A ('DEFAULT', 'sql_retry_interval'): ('database', 'retry_interval'),
6033N/A ('DATABASE', 'reconnect_interval'): ('database', 'retry_interval'),
6033N/A ('DEFAULT', 'sql_max_overflow'): ('database', 'max_overflow'),
6033N/A ('DATABASE', 'sqlalchemy_max_overflow'): ('database', 'max_overflow'),
6033N/A ('DEFAULT', 'sql_connection_debug'): ('database', 'connection_debug'),
6033N/A ('DEFAULT', 'sql_connection_trace'): ('database', 'connection_trace'),
6033N/A ('DATABASE', 'sqlalchemy_pool_timeout'): ('database', 'pool_timeout'),
6033N/A ('ldap', 'tenant_tree_dn'): ('ldap', 'project_tree_dn'),
6033N/A ('ldap', 'tenant_filter'): ('ldap', 'project_filter'),
6033N/A ('ldap', 'tenant_objectclass'): ('ldap', 'project_objectclass'),
6033N/A ('ldap', 'tenant_id_attribute'): ('ldap', 'project_id_attribute'),
6033N/A ('ldap', 'tenant_member_attribute'): ('ldap', 'project_member_attribute'),
6033N/A ('ldap', 'tenant_name_attribute'): ('ldap', 'project_name_attribute'),
6033N/A ('ldap', 'tenant_desc_attribute'): ('ldap', 'project_desc_attribute'),
6033N/A ('ldap', 'tenant_enabled_attribute'):
6033N/A ('ldap', 'project_enabled_attribute'),
6033N/A ('ldap', 'tenant_domain_id_attribute'):
6033N/A ('ldap', 'project_domain_id_attribute'),
6033N/A ('ldap', 'tenant_attribute_ignore'): ('ldap', 'project_attribute_ignore'),
6033N/A ('ldap', 'tenant_allow_create'): ('ldap', 'project_allow_create'),
6033N/A ('ldap', 'tenant_allow_update'): ('ldap', 'project_allow_update'),
6033N/A ('ldap', 'tenant_allow_delete'): ('ldap', 'project_allow_delete'),
6033N/A ('ldap', 'tenant_enabled_emulation'):
6033N/A ('ldap', 'project_enabled_emulation'),
6033N/A ('ldap', 'tenant_enabled_emulation_dn'):
6033N/A ('ldap', 'project_enabled_emulation_dn'),
6033N/A ('ldap', 'tenant_additional_attribute_mapping'):
6033N/A ('ldap', 'project_additional_attribute_mapping'),
6033N/A ('DEFAULT', 'matchmaker_ringfile'): ('matchmaker_ring', 'ringfile'),
6033N/A}
6033N/A
6033N/AKEYSTONE_CONF_EXCEPTIONS = [
6033N/A ('DEFAULT', 'public_workers'),
6033N/A ('DEFAULT', 'admin_workers'),
6033N/A ('database', 'connection'),
6033N/A]
6033N/A
6033N/A
6033N/Adef start():
6033N/A # pull out the current version of config/upgrade-id
6033N/A p = Popen(['/usr/bin/svcprop', '-p', 'config/upgrade-id',
6033N/A os.environ['SMF_FMRI']], stdout=PIPE, stderr=PIPE)
6033N/A curr_ver, _err = p.communicate()
6033N/A curr_ver = curr_ver.strip()
6033N/A
6033N/A # extract the openstack-upgrade-id from the pkg
6033N/A p = Popen(['/usr/bin/pkg', 'contents', '-H', '-t', 'set', '-o', 'value',
6033N/A '-a', 'name=openstack.upgrade-id',
6033N/A 'pkg:/cloud/openstack/keystone'], stdout=PIPE, stderr=PIPE)
6033N/A pkg_ver, _err = p.communicate()
6033N/A pkg_ver = pkg_ver.strip()
6033N/A
6033N/A if curr_ver == pkg_ver:
6033N/A # No need to upgrade
6033N/A sys.exit(smf_include.SMF_EXIT_OK)
6033N/A
6033N/A # look for any .new files
6033N/A if glob.glob('/etc/keystone/*.new'):
6033N/A # the versions are different, so perform an upgrade
6033N/A # modify the configuration files
6033N/A
6033N/A # backup all the old configuration files
6033N/A create_backups('/etc/keystone')
6033N/A
6033N/A modify_conf('/etc/keystone/keystone.conf', KEYSTONE_CONF_MAPPINGS,
4070N/A KEYSTONE_CONF_EXCEPTIONS)
4070N/A modify_conf('/etc/keystone/keystone-paste.ini')
4312N/A modify_conf('/etc/keystone/logging.conf')
6033N/A
6033N/A config = iniparse.RawConfigParser()
4312N/A config.read('/etc/keystone/keystone.conf')
4312N/A # In certain cases the database section does not exist and the
4070N/A # default database chosen is sqlite.
4070N/A if config.has_section('database'):
4070N/A db_connection = config.get('database', 'connection')
4070N/A
4070N/A if db_connection.startswith('mysql'):
4070N/A engine = sqlalchemy.create_engine(db_connection)
4070N/A if engine.url.username != '%SERVICE_USER%':
4070N/A alter_mysql_tables(engine)
4070N/A print "altered character set to utf8 in keystone tables"
4070N/A
4070N/A # update the current version
4070N/A check_call(['/usr/sbin/svccfg', '-s', os.environ['SMF_FMRI'], 'setprop',
4070N/A 'config/upgrade-id', '=', pkg_ver])
4070N/A check_call(['/usr/sbin/svccfg', '-s', os.environ['SMF_FMRI'], 'refresh'])
4070N/A
4070N/A sys.exit(smf_include.SMF_EXIT_OK)
4070N/A
4070N/A
4070N/Aif __name__ == '__main__':
4070N/A os.putenv('LC_ALL', 'C')
4070N/A try:
4070N/A smf_include.smf_main()
4070N/A except RuntimeError:
4070N/A sys.exit(smf_include.SMF_EXIT_ERR_FATAL)
4312N/A except Exception as err:
4312N/A print 'Unknown error: %s' % err
4312N/A print
4312N/A traceback.print_exc(file=sys.stdout)
4312N/A sys.exit(smf_include.SMF_EXIT_ERR_FATAL)
4312N/A