Juniper Openstack

  1. Bug #1392113
  2. Comment #3

Comment 3 for bug 1392113

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/6596
Committed: http://github.org/Juniper/contrail-controller/commit/181a51dc4c368a7da73038d34361c1c9b570a6b5
Submitter: Zuul
Branch: master

commit 181a51dc4c368a7da73038d34361c1c9b570a6b5
Author: arvindvis <email address hidden>
Date: Sun Jan 25 17:29:05 2015 -0800

his fix adds authentication support to REDIS. Analytics, QE
and contrail-api are affected by this change. Here is a
summary of the changes in the individual files in different
modules: Analytics: src/analytics/OpServerProxy.cc:

Change ToOpsConnUp to call Authenticate function before
calling ToOpsConnUpPostProcess.
Add callback to handle reply for authentication command
for both channels.
If authentication succeeds make a call to
ToOpsConnUpPostProcess.
Change some of the API's to include password as argument

src/analytics/redis_processor_vizd.cc:
src/analytics/main.cc:
src/analytics/viz_collector.cc:
change the api to pass the redis password as well

src/analytics/test/utils/mockredis/mockredis/mockredis.py:
Before starting redis instance modify redis.conf to include
password, if specified
nclude password argument to the start and stop api's

src/analytics/redis_connection.cc:
Removed a condition which required async_connection_context
should not have any callback set.This was causing a conflict.

QueryEngine:

src/query_engine/QEOpServerProxy.cc:

Places where redisSync commands where getting called, we first
make a call to AUTH command
For commands invoked in Async context, introduce 2 new API's
viz., ConnAuth,ConnUpPrePostProcess, AuthCallbackProcess
are called to authenticate the context first
Make changes to existing API like QEOpServerImpl,QEOpServerProxy
to include password argument

src/query_engine/qed.cc:
src/query_engine/options.cc:
src/query_engine/query.cc:
src/query_engine/rac_alloc.cc:
Make changes in existing API to take redis_passwd as
additional argument
analytics-api:

src/opserver/opserver.py:
redis_query_start, redis_query_status, redis_query_chunk_iter,
redis_query_chunk, redis_query_result, redis_query_result_dict,
OpStateServer all make calls to StrictRedis, made change to
include password to the API

systemless test:
src/opserver/test/utils/analytics_fixture.py:
change Redis,QueryEngine and Collector class to invoke the
daemons with password as argument. change the Fixture API
to take password.
src/opserver/test/analytics_redistest.py:
New test file which calls the testcases with password
contrail.
Keyword names have been changed from passwd to password
Other changes addressed in the comment are taken care as well

In the case of password conflicts we are going to crash the daemonsa

Change has been made in analytics_redis_test.py to abstract common
code
Closes Bug:#1392113

Change-Id: I707b9a6df9b770ca0f1a396335f190aa780a937e