openstack
/
kolla
Code Issues Proposed changes
10,423 Commits 6 Branches 93 Tags 200 MiB
Commit Graph

8 Commits

Author SHA1 Message Date
Radosław Piliszek e5748194b2 Make keystone_bootstrap accept no ADMIN_URL too 
To be able to drop the dummy arg.

Change-Id: Ibcc3e6b4e6015604c218e384d87de7b9e9aed4c8
 2022-08-26 21:31:29 +02:00
Radosław Piliszek 8a84479778 Remove Keystone admin endpoint 
It can still be optionally enabled in Kolla Ansible.

Change-Id: I34ec4a2e9505e9b4c1b8306b87fcd7242a0da227
 2022-08-09 14:51:13 +02:00
Radosław Piliszek 33d184a731 Ensure proper JSON in keystone bootstrap 
This fixes the issue when keystone-manage output included
backslashes and/or double quotation marks which broke JSON string.

Change-Id: Ifae18c407210c12745d29fc4c95dca69aeafe6a8
Closes-bug: #1866017
 2020-03-04 10:25:54 +01:00
Mark Goddard bcca3fabe3 Fix keystone bootstrap error message display 
In some situations, Keystone bootstrap can fail, and then unhelpfully
fails displaying the error message output by the 'keystone-manage
bootstrap' command. This appears to be due to unprintable control
characters in the error message which prevent the output of the script
from being valid JSON.

This change fixes the issue by piping the output through 'cat -v', which
replaces unprintable characters with control codes.

Change-Id: I82444bc2272311023cc9e92c5a298d1c4c87483b
Closes-Bug: #1855701
 2019-12-09 11:14:36 +00:00
zhulingjie 5404239dfc Remove the unused kolla_kubernetes script from keystone 
Change-Id: I9eda6e6279ff70598d4d20487edcb682121fd54d
 2018-06-08 12:04:28 -04:00
Joshua Harlow 3241012158 Stop showing passwords when bootstrap script is ran 
Currently this causes bash to echo all lines parsed
and executed; which makes it not so nicely output the
bootstrapping password.

This is not something we should encourage and have show
up in peoples logs or other so stop doing that.

Change-Id: Iac963a5df393d0359b4c8f93b8756ca168f6f193
 2018-05-29 15:56:39 -07:00
Joshua Harlow 556ea33076 Do not require the bootstrap password to come in via arguments 
Currently when this is being ran, and say ara is being used to
capture the running of kolla-ansible ara will capture the full
command line ran (even if no_log is set); because by default these
modules do not hide what they are running.

So to avoid the situation where the command line shows the password
have this also be able to take in the password via an environment
variable as well (which ara will not capture).

Change-Id: I4d42d592d8031d0f3923bccc6b2db1149af08e75
 2018-03-26 17:03:34 -07:00
Shaun Smekel 524868c632 Add dockerfiles for keystone fernet 
This adds the docker aspects of fernet key bootstrapping as well as
distributed key rotation.

- Bootstrapping is handled in the same way as keystone bootstrap.
- A new keystone-fernet and keystone-ssh container is created to allow
  the nodes to communicate with each other (taken from nova-ssh).
- The keystone-fernet is a keystone container with crontab installed.
  This will handle key rotations through keystone-manage and trigger
  an rsync to push new tokens to other nodes.

The Ansible component is implemented in:
  https://review.openstack.org/#/c/349366

Change-Id: Id610e00e8c63c7f1bc0974c0aa1b3f44c18e1019
Partially-Implements: blueprint keystone-fernet-token
Partially-Implements: blueprint third-party-plugin-support
 2016-08-25 20:13:02 +10:00