Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / packaging / sources / patrole / b48eba0e3502096ea09758e1058d5263361f3326 / . / doc / source / installation.rst
blob: 31f94f44bf590e403a548e8d8d59ff9bc77127e5 [file] [log] [blame]
DavidPurcell663aedf2017-01-03 10:01:14 -0500[diff] [blame]1============
2Installation
3============
4
5Installation Information
Felipe Monteiro7bc35dc2017-04-19 21:11:46 +0100[diff] [blame]6========================
DavidPurcell663aedf2017-01-03 10:01:14 -0500[diff] [blame]7
8At the command line::
9
Felipe Monteiro79423362017-06-01 21:53:03 +0100[diff] [blame]10 $ git clone http://git.openstack.org/openstack/patrole
Felipe Monteiro7bc35dc2017-04-19 21:11:46 +0100[diff] [blame]11 $ sudo pip install patrole
DavidPurcell663aedf2017-01-03 10:01:14 -0500[diff] [blame]12
13Or, if you have virtualenvwrapper installed::
14
15 $ mkvirtualenv patrole
Felipe Monteiro7bc35dc2017-04-19 21:11:46 +0100[diff] [blame]16 $ sudo pip install patrole
DavidPurcell663aedf2017-01-03 10:01:14 -0500[diff] [blame]17
DavidPurcell45bc1a62017-01-19 17:21:27 -0500[diff] [blame]18Or to install from the source::
19
20 $ navigate to patrole directory
Felipe Monteiro7bc35dc2017-04-19 21:11:46 +0100[diff] [blame]21 $ sudo pip install -e .
DavidPurcell45bc1a62017-01-19 17:21:27 -0500[diff] [blame]22
Felipe Monteiro79423362017-06-01 21:53:03 +0100[diff] [blame]23DevStack Installation
24=====================
25
26Patrole can be installed like any other DevStack plugin by including the
27``install_plugin`` directive inside local.conf::
28
29 [[local|localrc]]
30 ...
31
32 enable_plugin patrole git://git.openstack.org/openstack/patrole
33
DavidPurcell663aedf2017-01-03 10:01:14 -0500[diff] [blame]34Configuration Information
Felipe Monteiro7bc35dc2017-04-19 21:11:46 +0100[diff] [blame]35=========================
DavidPurcell663aedf2017-01-03 10:01:14 -0500[diff] [blame]36
37tempest.conf
38++++++++++++
39
Felipe Monteiro652e2a22017-01-25 16:44:02 -0500[diff] [blame]40To run the RBAC tempest api test, you have to make the following changes to
DavidPurcell663aedf2017-01-03 10:01:14 -0500[diff] [blame]41the tempest.conf file.
42
Felipe Monteiro7bc35dc2017-04-19 21:11:46 +0100[diff] [blame]43#. ``auth`` section updates ::
DavidPurcell663aedf2017-01-03 10:01:14 -0500[diff] [blame]44
Felipe Monteiro7bc35dc2017-04-19 21:11:46 +0100[diff] [blame]45 # Allows test cases to create/destroy projects and users. This option
46 # requires that OpenStack Identity API admin credentials are known. If
47 # false, isolated test cases and parallel execution, can still be
48 # achieved configuring a list of test accounts (boolean value)
49 use_dynamic_credentials = True
DavidPurcell663aedf2017-01-03 10:01:14 -0500[diff] [blame]50
Felipe Monteiro7bc35dc2017-04-19 21:11:46 +0100[diff] [blame]51#. ``rbac`` section updates ::
DavidPurcell663aedf2017-01-03 10:01:14 -0500[diff] [blame]52
Felipe Monteiro7bc35dc2017-04-19 21:11:46 +0100[diff] [blame]53 # The role that you want the RBAC tests to use for RBAC testing
54 # This needs to be edited to run the test as a different role.
55 rbac_test_role = _member_
DavidPurcell45bc1a62017-01-19 17:21:27 -0500[diff] [blame]56
Felipe Monteiro7bc35dc2017-04-19 21:11:46 +0100[diff] [blame]57 # Enables RBAC Tempest tests if set to True. Otherwise, they are
58 # skipped.
59 enable_rbac = True
Samantha Blanco0d880082017-03-23 18:14:37 -0400[diff] [blame]60
Felipe Monteiro7bc35dc2017-04-19 21:11:46 +0100[diff] [blame]61 # If set to true, tests throw a RbacParsingException for policies
62 # not found in the policy.json. Otherwise, they throw a
63 # skipException.
64 strict_policy_check = False
Samantha Blanco85f79d72017-04-21 11:09:14 -0400[diff] [blame]65
66 # The following config options set the location of the service's
67 # policy file. For services that have their policy in code (e.g.,
68 # Nova), this would be the location of a custom policy.json, if
69 # one exists.
70 cinder_policy_file = /etc/cinder/policy.json
71 glance_policy_file = /etc/glance/policy.json
72 keystone_policy_file = /etc/keystone/policy.json
73 neutron_policy_file = /etc/neutron/policy.json
74 nova_policy_file = /etc/nova/policy.json