diff options
| -rw-r--r-- | horizon/api/glance.py | 4 | ||||
| -rw-r--r-- | horizon/api/keystone.py | 4 | ||||
| -rw-r--r-- | horizon/api/nova.py | 13 | ||||
| -rw-r--r-- | openstack_dashboard/local/local_settings.py.example | 3 |
4 files changed, 18 insertions, 6 deletions
diff --git a/horizon/api/glance.py b/horizon/api/glance.py index dbf2a8e5..3cffce09 100644 --- a/horizon/api/glance.py +++ b/horizon/api/glance.py @@ -37,9 +37,11 @@ LOG = logging.getLogger(__name__) def glanceclient(request): o = urlparse.urlparse(url_for(request, 'image')) url = "://".join((o.scheme, o.netloc)) + insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False) LOG.debug('glanceclient connection created using token "%s" and url "%s"' % (request.user.token.id, url)) - return glance_client.Client(endpoint=url, token=request.user.token.id) + return glance_client.Client(endpoint=url, token=request.user.token.id, + insecure=insecure) def image_delete(request, image_id): diff --git a/horizon/api/keystone.py b/horizon/api/keystone.py index d138a3a8..f612bff5 100644 --- a/horizon/api/keystone.py +++ b/horizon/api/keystone.py @@ -112,9 +112,11 @@ def keystoneclient(request, admin=False): conn = getattr(request, cache_attr) else: endpoint = _get_endpoint_url(request, endpoint_type) + insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False) LOG.debug("Creating a new keystoneclient connection to %s." % endpoint) conn = keystone_client.Client(token=user.token.id, - endpoint=endpoint) + endpoint=endpoint, + insecure=insecure) setattr(request, cache_attr, conn) return conn diff --git a/horizon/api/nova.py b/horizon/api/nova.py index 2bc3922e..f93bd31f 100644 --- a/horizon/api/nova.py +++ b/horizon/api/nova.py @@ -24,6 +24,9 @@ from __future__ import absolute_import import logging +from django.conf import settings +from django.utils.translation import ugettext as _ + from novaclient.v1_1 import client as nova_client from novaclient.v1_1 import security_group_rules as nova_rules from novaclient.v1_1.security_groups import SecurityGroup as NovaSecurityGroup @@ -32,8 +35,6 @@ from novaclient.v1_1.servers import REBOOT_HARD from horizon.api.base import APIResourceWrapper, APIDictWrapper, url_for from horizon.utils.memoized import memoized -from django.utils.translation import ugettext as _ - LOG = logging.getLogger(__name__) @@ -191,24 +192,28 @@ class SecurityGroupRule(APIResourceWrapper): def novaclient(request): + insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False) LOG.debug('novaclient connection created using token "%s" and url "%s"' % (request.user.token.id, url_for(request, 'compute'))) c = nova_client.Client(request.user.username, request.user.token.id, project_id=request.user.tenant_id, - auth_url=url_for(request, 'compute')) + auth_url=url_for(request, 'compute'), + insecure=insecure) c.client.auth_token = request.user.token.id c.client.management_url = url_for(request, 'compute') return c def cinderclient(request): + insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False) LOG.debug('cinderclient connection created using token "%s" and url "%s"' % (request.user.token.id, url_for(request, 'volume'))) c = nova_client.Client(request.user.username, request.user.token.id, project_id=request.user.tenant_id, - auth_url=url_for(request, 'volume')) + auth_url=url_for(request, 'volume'), + insecure=insecure) c.client.auth_token = request.user.token.id c.client.management_url = url_for(request, 'volume') return c diff --git a/openstack_dashboard/local/local_settings.py.example b/openstack_dashboard/local/local_settings.py.example index 9dddfcb9..ff119a40 100644 --- a/openstack_dashboard/local/local_settings.py.example +++ b/openstack_dashboard/local/local_settings.py.example @@ -60,6 +60,9 @@ OPENSTACK_HOST = "127.0.0.1" OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" +# Disable SSL certificate checks (useful for self-signed certificates): +# OPENSTACK_SSL_NO_VERIFY = True + # The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the # capabilities of the auth backend for Keystone. # If Keystone has been configured to use LDAP as the auth backend then set |