Rename multi_tenancy flag in analytics to aaa_mode
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Juniper Openstack | Status tracked in Trunk | |||||
R3.0 |
Fix Committed
|
High
|
Megh Bhatt | |||
R3.1 |
Fix Committed
|
High
|
Megh Bhatt | |||
Trunk |
In Progress
|
High
|
Megh Bhatt |
Bug Description
Rename multi_tenancy flag in analytics to aaa_mode similar to config as explained in
Changed in juniperopenstack: | |
assignee: | nobody → Megh Bhatt (meghb) |
OpenContrail Admin (ci-admin-f) wrote : [Review update] master | #1 |
OpenContrail Admin (ci-admin-f) wrote : | #4 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #5 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #7 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #8 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : A change has been merged | #9 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: master
commit 3afb90ad0402645
Author: Megh Bhatt <email address hidden>
Date: Tue Jul 12 16:15:21 2016 -0700
Rename multi_tenancy to aaa_mode for analytics API
Change-Id: I7b135d5c8d34b9
Partial-Bug: #1599654
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.1 | #10 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : A change has been merged | #11 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: master
commit 97c3c396de54d11
Author: Megh Bhatt <email address hidden>
Date: Tue Jul 12 16:12:27 2016 -0700
Rename multi_tenancy to aaa_mode for analytics API
Change-Id: I0c0739ec41e907
Partial-Bug: #1599654
OpenContrail Admin (ci-admin-f) wrote : [Review update] master | #12 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : A change has been merged | #14 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R3.1
commit 0fcf51aa3454e59
Author: Megh Bhatt <email address hidden>
Date: Tue Jul 12 16:15:21 2016 -0700
Rename multi_tenancy to aaa_mode for analytics API
Change-Id: I7b135d5c8d34b9
Partial-Bug: #1599654
(cherry picked from commit 3afb90ad0402645
OpenContrail Admin (ci-admin-f) wrote : [Review update] master | #15 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.1 | #17 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] master | #18 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.1 | #19 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] master | #21 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : A change has been merged | #23 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R3.1
commit ad5f349ac83e61a
Author: Megh Bhatt <email address hidden>
Date: Tue Jul 12 16:12:27 2016 -0700
Rename multi_tenancy to aaa_mode for analytics API
Change-Id: I0c0739ec41e907
Partial-Bug: #1599654
(cherry picked from commit 97c3c396de54d11
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.1 | #24 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] master | #26 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #27 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.1 | #29 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #31 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #32 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #33 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] master | #35 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.1 | #37 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.0 | #39 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #40 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : A change has been merged | #41 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R3.1
commit a2a7c9248b3d983
Author: Megh Bhatt <email address hidden>
Date: Tue Jul 12 16:34:17 2016 -0700
Rename multi_tenancy to aaa_mode for analytics API
Handle keystone v2 and v3 token infos returned by
VNC API. Enable cloud-admin-only aaa_mode by default
Change analytics DB and underlay to overlay mapper to
use local admin port when quering opserver
Do not cache auth_token in vnc lib
Change-Id: Id715e40fe39969
Closes-Bug: #1599654
OpenContrail Admin (ci-admin-f) wrote : | #42 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R3.1
commit 0e2b8dab64a704f
Author: Megh Bhatt <email address hidden>
Date: Thu Jul 21 10:44:17 2016 -0700
Fabric changes to rename analytics_
Rename analytics_
values "no-auth" and "cloud-admin-only". Also set it to
"cloud-admin-only" by default
Change-Id: Ic0348e06dfc717
Partial-Bug: #1599654
OpenContrail Admin (ci-admin-f) wrote : | #43 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R3.1
commit 1eb5678528d036f
Author: Megh Bhatt <email address hidden>
Date: Mon Jul 25 23:27:14 2016 -0700
Change VerificationOpsSrv to use admin credentials for auth
After changing default aaa mode to cloud-admin-only for contrail-
we need to change VerificationOpsSrv to use admin credentials when
getting auth token to send to contrail-
stack user credentials.
Change-Id: I9692c57add27b2
Partial-Bug: #1599654
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.0 | #44 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #46 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] master | #47 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.0 | #49 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #51 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #52 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #53 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : A change has been merged | #54 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: master
commit 47500f0c2fdaeef
Author: Megh Bhatt <email address hidden>
Date: Mon Jul 25 23:27:14 2016 -0700
Change VerificationOpsSrv to use admin credentials for auth
After changing default aaa mode to cloud-admin-only for contrail-
we need to change VerificationOpsSrv to use admin credentials when
getting auth token to send to contrail-
stack user credentials.
Change-Id: I9692c57add27b2
Partial-Bug: #1599654
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.0 | #55 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #57 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #58 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : A change has been merged | #59 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R3.0
commit 84a73d69340a62d
Author: Ankit Jain <email address hidden>
Date: Thu Aug 4 11:10:31 2016 -0700
1. Pass auth header in post_query request
Fix for test_verify_
Needed to pass auth header in post_query request
Pass expect : 202 in query header to get qid
2. Script fix required after Secured Access for Analytic REST API- 8081 in R3.1(master):
1. we need to pass inputs in VerificationOpsSrv now which can be used for authentication in class JsonDrv
(cherry picked from commit 55eb03b234249a0
3. Change VerificationOpsSrv to use admin credentials for auth
After changing default aaa mode to cloud-admin-only for contrail-
we need to change VerificationOpsSrv to use admin credentials when
getting auth token to send to contrail-
stack user credentials.
Partial-Bug: #1599654
(cherry picked from commit 1eb5678528d036f
Change-Id: I9692c57add27b2
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.0 | #60 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : A change has been merged | #62 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: master
commit b3ea0fab1749006
Author: Megh Bhatt <email address hidden>
Date: Thu Jul 21 10:44:17 2016 -0700
Fabric changes to rename analytics_
Rename analytics_
values "no-auth" and "cloud-admin-only". Also set it to
"cloud-admin-only" by default
Change-Id: Ic0348e06dfc717
Partial-Bug: #1599654
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.0 | #63 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] master | #65 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : A change has been merged | #66 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R3.0
commit de213a3667bcc75
Author: Megh Bhatt <email address hidden>
Date: Tue Jun 14 11:35:28 2016 -0700
1. Puppet changes for cloud admin access to contrail-
Closes-Bug: #1461175
(cherry picked from commit 40982d6b7fc5e00
2. Rename cloud_admin_
Closes-Bug: #1461175
(cherry picked from commit 21f40965faada6c
3. Rename multi_tenancy to aaa_mode for analytics API
Partial-Bug: #1599654
(cherry picked from commit 3afb90ad0402645
Change-Id: Ib58572052d8159
OpenContrail Admin (ci-admin-f) wrote : | #67 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: master
commit 90396c7365e43a7
Author: Ankit Jain <email address hidden>
Date: Thu Aug 4 11:10:31 2016 -0700
1. Pass auth header in post_query request
Fix for test_verify_
Needed to pass auth header in post_query request
Pass expect : 202 in query header to get qid
Partial-Bug: #1599654
(cherry picked from commit 1eb5678528d036f
Change-Id: Ieb39bdfea09a22
OpenContrail Admin (ci-admin-f) wrote : | #68 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R3.0
commit e1f2af6433bfae9
Author: Megh Bhatt <email address hidden>
Date: Sat Jun 11 01:11:32 2016 -0700
1. Add provisioning of cloud_admin_
Enable cloud_admin_
to setup-vnc-collector to disable cloud_admin_
for ini files for contrail-
contrail-
Partial-Bug: #1461175
(cherry picked from commit ec3c1741b5a2f7b
Conflicts:
contrail_
2. Rename multi_tenancy to aaa_mode for analytics API
Partial-Bug: #1599654
(cherry picked from commit 97c3c396de54d11
Conflicts:
contrail_
3. Fix provisioning failure in setup-vnc-collector
Configure memcache servers in /etc/contrail/
only from config node setup
Closes-Bug: #1606654
(cherry picked from commit 98de6812efad7c4
Conflicts:
contrail_
4. Rename multi_tenancy to aaa_mode in upgrade path for analytics node
Closes-Bug: #1607469
(cherry picked from commit b8f4c6906a6f643
5. Changes to bring analytics authenticated access in sync with config
1. Rename aaa_mode value cloud-admin-only to cloud-admin
2. CLOUD_ADMIN_ROLE defaults to admin instead of cloud-admin
Partial-Bug: #1607563
(cherry picked from commit 3e8d8412dc8f9e5
Conflicts:
contrail_
Change-Id: I56dd3e14a7a2ad
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.0 | #69 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
information type: | Proprietary → Public |
OpenContrail Admin (ci-admin-f) wrote : [Review update] master | #75 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.0 | #79 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #81 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : | #82 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : A change has been merged | #84 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: master
commit 051a2c1851419b7
Author: Megh Bhatt <email address hidden>
Date: Tue Jul 12 16:34:17 2016 -0700
1. Rename multi_tenancy to aaa_mode for analytics API
Handle keystone v2 and v3 token infos returned by
VNC API. Enable cloud-admin-only aaa_mode by default
Change analytics DB and underlay to overlay mapper to
use local admin port when quering opserver
Do not cache auth_token in vnc lib
Closes-Bug: #1599654
2. Changes to bring analytics authenticated access in sync with config
1. Rename aaa_mode value cloud-admin-only to cloud-admin
2. CLOUD_ADMIN_ROLE defaults to admin instead of cloud-admin
Partial-Bug: #1607563
(cherry picked from commit 42db6e38e55bc24
3. Fix missing import of OpServerUtils in analytics_db.py
Closes-Bug: #1609054
(cherry picked from commit cf5f0567c9bb03e
4. Remove aaa_mode value cloud-admin-only
Closes-Bug: #1609987
(cherry picked from commit 58a8a0fe3a404b5
5. Keep on trying to create VNC API client from analytics API
The gevent that creates the VNC API client was exiting due to
authentication failure exception. Changed code to handle all
exceptions and keep on trying to create the API client. The
node status will show the API connection down in case we are
not able to create the VNC API client.
Closes-Bug: #1611158
(cherry picked from commit 8072aa5ffd37e40
6. Change the obj-perms API to pass in the user token in HTTP headers
With PKI tokens, when user token was passed in query parameters for
obj-perms API the token was getting truncated. Changed the API
to accept user token in X-USER-TOKEN HTTP header.
Closes-Bug: #1614376
Conflicts:
src/config/
7. Fix issue with retrieving the db usage info in analytics-api
Closes-Bug: #1614285
(cherry picked from commit 0ec8bf74ba106d6
Change-Id: Id715e40fe39969
OpenContrail Admin (ci-admin-f) wrote : | #85 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R3.0
commit c1ec7d90fdea91d
Author: Megh Bhatt <email address hidden>
Date: Mon Jun 13 19:26:54 2016 -0700
1. fabric changes for cloud admin access to contrail-
Use the multi tenancy flag and the orchestrator to decide to enable
or disable cloud admin access to contrail-
Conflicts:
fabfile/
fabfile/
Partial-Bug: #1461175
(cherry picked from commit 4ef98bb9a154049
2. Fabric changes to rename analytics_
Rename analytics_
values "no-auth" and "cloud-admin-only". Also set it to
"cloud-admin-only" by default
Partial-Bug: #1599654
(cherry picked from commit 0e2b8dab64a704f
3. Changes to bring analytics authenticated access in sync with config
1. Rename cloud-admin-only to cloud-admin for analytics AAA mode
2. Add parameter cloud_admin_role to allow users to set the cloud-admon
role name in testbed.py
Closes-Bug: #1607563
(cherry picked from commit c9c33da72474854
Change-Id: I73ff8d47ccc2c6
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.0 | #86 |
Review in progress for https:/
Submitter: Megh Bhatt (<email address hidden>)
OpenContrail Admin (ci-admin-f) wrote : A change has been merged | #88 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R3.0
commit 761ffd96941cd9e
Author: Megh Bhatt <email address hidden>
Date: Wed Jun 8 18:21:34 2016 -0700
1. Add option for cloud admin access only for analytics REST API
Allow cloud admin role access only for analytics REST API controlled
via --cloud_
to True once provisioning changes are done. contrail-
validate role from the X-Auth-Token header via vnc_api/
debug/administr
that requires basic HTTP access authentication.
Clients of analytics REST API - contrail-flows, contrail-logs, contrail-stats,
contrail-topology are changed to use admin port. contrail-
to use auth token.
Conflicts:
src/opserver/
Partial-Bug: #1461175
(cherry picked from commit 5492f71383123fe
2. Rename cloud_admin_
Closes-Bug: #1461175
(cherry picked from commit 36df0991a47068b
3. for bool option, a conversion from string to bool is required.
Closes-Bug: #1595044
(cherry picked from commit 1d6b81bccf5a7ae
4. Change cloud admin role name to "cloud-admin" from "admin" for
analytics API access
Closes-Bug: #1600699
(cherry picked from commit 8c131016252a22c
5. Rename multi_tenancy to aaa_mode for analytics API
Handle keystone v2 and v3 token infos returned by
VNC API. Enable cloud-admin-only aaa_mode by default
Change analytics DB and underlay to overlay mapper to
use local admin port when quering opserver
Do not cache auth_token in vnc lib
Closes-Bug: #1599654
(cherry picked from commit a2a7c9248b3d983
6. Changes to bring analytics authenticated access in sync with config
1. Rename aaa_mode value cloud-admin-only to cloud-admin
2. CLOUD_ADMIN_ROLE defaults to admin instead of cloud-admin
Partial-Bug: #1607563
(cherry picked from commit 42db6e38e55bc24
7. Fix missing import of OpServerUtils in analytics_db.py
Closes-Bug: #1609054
(cherry picked from commit cf5f0567c9bb03e
8. Remove aaa_mode value cloud-admin-only
Closes-Bug: #1609987
9. Keep on trying to create VNC API client from analytics API
The gevent that creates the VNC API client was exiting due to
authentication failure exception. Changed code to handle all
exceptions and keep on trying to create the API client. The
node status will show the API connection down in case we are
not able to create the VNC API client.
Closes-Bug: #1611158
(cherry picked from commit 8072aa5ffd37e40
10. Keystone middleware doesn't like if token is unicode. It must be converted
to string before validation.
Fixes-Bug: #1604773
(cherry picked from commit 18df64367eb5468
11. Change the obj-perms API to pass in the user token in HTTP headers
...
OpenContrail Admin (ci-admin-f) wrote : [Review update] master | #89 |
Review in progress for https:/
Submitter: Ankit Jain (<email address hidden>)
Review in progress for https:/ /review. opencontrail. org/21910
Submitter: Megh Bhatt (<email address hidden>)