Installation¶
Installation Information¶
At the command line:
$ git clone http://git.openstack.org/openstack/patrole
$ sudo pip install patrole
Or, if you have virtualenvwrapper installed:
$ mkvirtualenv patrole
$ sudo pip install patrole
Or to install from the source:
$ navigate to patrole directory
$ sudo pip install -e .
DevStack Installation¶
Patrole can be installed like any other DevStack plugin by including the
install_plugin directive inside local.conf:
[[local|localrc]]
...
enable_plugin patrole git://git.openstack.org/openstack/patrole
Configuration Information¶
tempest.conf¶
To run the RBAC tempest api test, you have to make the following changes to the tempest.conf file.
authsection updates# Allows test cases to create/destroy projects and users. This option # requires that OpenStack Identity API admin credentials are known. If # false, isolated test cases and parallel execution, can still be # achieved configuring a list of test accounts (boolean value) use_dynamic_credentials = True
rbacsection updates# The role that you want the RBAC tests to use for RBAC testing # This needs to be edited to run the test as a different role. rbac_test_role = _member_ # Enables RBAC Tempest tests if set to True. Otherwise, they are # skipped. enable_rbac = True # If set to true, tests throw a RbacParsingException for policies # not found in the policy.json. Otherwise, they throw a # skipException. strict_policy_check = False # The following config options set the location of the service's # policy file. For services that have their policy in code (e.g., # Nova), this would be the location of a custom policy.json, if # one exists. cinder_policy_file = /etc/cinder/policy.json glance_policy_file = /etc/glance/policy.json keystone_policy_file = /etc/keystone/policy.json neutron_policy_file = /etc/neutron/policy.json nova_policy_file = /etc/nova/policy.json
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.