keystone源代码分析
1、启动注册服务过程
使用git下载openstack项目keystone源代码
git clone http://github.com/openstack/keystone.git keystone一般启动命令python /opt/stack/keystone/bin/keystone-all --config-file /etc/keystone/keystone.conf --debug 我们查看一下/opt/stack/keystone/bin/keystone-all文件代码
if __name__ == '__main__':
dev_conf = os.path.join(possible_topdir,
'etc',
'keystone.conf')
config_files = None
if os.path.exists(dev_conf):
config_files = [dev_conf]
#读取/etc/keystone/keystone.conf配置初始化环境,sql,log
config.configure()
sql.initialize()
CONF(project='keystone',
version=pbr.version.VersionInfo('keystone').version_string(),
default_config_files=config_files)
config.setup_logging()
# Log the options used when starting if we're in debug mode...
if CONF.debug:
CONF.log_opt_values(logging.getLogger(CONF.prog), logging.DEBUG)
#获取keystone-paste.ini 配置内容
paste_config = config.find_paste_config()
+++++++++++++++++++++++++++++++++++++++++++++++++++
#通过keystone/common/environment/eventlet_server.py创建两个WSGI sockets
#这里使用了paste.deploy去分析配置文件获取app(用于运行socket),server信息
#http://blog.chinaunix.net/uid-22400280-id-3281767.html
environment.use_eventlet(monkeypatch_thread)
#加载所有服务变量
service.load_backends()
#建立服务
servers = []
servers.append(create_server(paste_config,
'admin',
CONF.admin_bind_host,
int(CONF.admin_port)))
servers.append(create_server(paste_config,
'main',
CONF.public_bind_host,
int(CONF.public_port)))
#keystone/common/dependency.py带入所有环境变量,只能使用一次
dependency.resolve_future_dependencies()
#signal.signal(signal.SIGINT, sigint_handler)获取信号中断,后通过server.start()启动服务。
#server.start()使用eventlet开启多事件http://eventlet.net/doc/
serve(*servers)
2、注册的各类服务
keystone注册了两类服务如下
[composite:main]
use = egg:Paste#urlmap
/v2.0 = public_api
/v3 = api_v3
/ = public_version_api
[composite:admin]
use = egg:Paste#urlmap
/v2.0 = admin_api
/v3 = api_v3
/ = admin_version_api (信息都来自keystone-paste.ini )
多个api通过keystone/service.py分发到给个keystone/routers.py、controllers.py,
keystone/service.py同时import二级router分发和处理。
routers.py负责uri路由定义和分发,controllers.py负责实现请求实现。
keystone-paste.ini其中filter对应的函数都是过滤http头内容。
3、wsgi封装
在keystone/common/wsgi.py封装了http请求
BaseApplication->Application->Middleware
Router->ComposingRouter ComposableRouter ExtensionRouter
keystone/middleware/core.py实现了token过滤filter
class AdminTokenAuthMiddleware(wsgi.Middleware):
class PostParamsMiddleware(wsgi.Middleware):
class AuthContextMiddleware(wsgi.Middleware):