d19abe3594
This update introduces the DB record synchronization service. This new
service provides REST APIs to read/write/update identity database. The
REST APIs is intended to be used internally by DC Orchestrator to
synchronize identity resources between central cloud and subclouds.
This update also contains python client that wraps up the REST APIs
into functions. The client is to be used by DC Orchestrator.
This service supports the synchronization of the following identity
resources:
- users (local users only)
- user passwords
- projects
- roles
- project role assignments
- token revocation events
Story: 2002842
Task: 22787
Change-Id: Idb4aff5bac006fdd904b58c0c8b3d6a0916fbd4b
Signed-off-by: Andy Ning <andy.ning@windriver.com>
(cherry picked from commit
|
||
---|---|---|
.. | ||
controllers | ||
README.rst | ||
__init__.py | ||
api_config.py | ||
app.py | ||
enforcer.py |
README.rst
api
DC DBsync API is Web Server Gateway Interface (WSGI) application to receive and process API calls, including keystonemiddleware to do the authentication, parameter check and validation. It receives API calls from DC Orchestrator to read/write/update resources in Databases on behalf of DC Orchestrator. The API calls are processed in synchronous way, so that the caller will wait for the response to come back.
Multiple DC DBsync API could run in parallel, and also can work in multi-worker mode.
Multiple DC DBsync API is designed and run in stateless mode.
Setup and encapsulate the API WSGI app
- app.py:
-
Setup and encapsulate the API WSGI app, including integrate the keystonemiddleware app
- api_config.py:
-
API configuration loading and init
- enforcer.py
-
Enforces policies on the version2 APIs