Pino de Candia
6480a35530
Minor doc fixes + some sample Tatu API log output.
...
Change-Id: I4f0e14f41072f87d83d8b3d31af4e2e9026c9892
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-03-14 19:30:24 +00:00
Pino de Candia
8ba9919b5a
Detailed documentation of sudo_pam option and pam-ussh module
...
Also, configure pam-ussh module directly in /etc/pam.d/sudo and leave
/etc/pam.d/system-auth unchanged.
Change-Id: Ie86daf7f51c99915d20d0a7da9020584d807f9c8
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-03-13 05:55:35 +00:00
Pino de Candia
bfe0242883
Add API versioning.
...
This also fixes the openstack CLI warning:
"Failed to contact the endpoint at <...> for discovery. Fallback to using that endpoint as the base url."
Change-Id: I411b7a795ac01e050cf8162e48d1fdbdc870c8f9
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-03-12 20:30:39 +00:00
Pino de Candia
e72df954d7
Use sqlalchemy pool_recycle 3600 (seconds) to avoid re-using connections that MySQL already closed.
...
This fixes "MySQL server has gone away" error that occurs after long idle times.
Change-Id: I9e17ac6d2494e0db5f3d3ccbd5e45dd3172e7141
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-03-12 18:41:03 +00:00
Pino de Candia
3dc247767d
Enable pam-ussh module to check user ssh cert on sudo authentication.
...
Change-Id: Iffde339572885b21673731dd69fb9b2ba4df6073
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-03-12 18:23:32 +00:00
Pino de Candia
5269c48085
Documentation improvements and clarifications.
...
Change-Id: Iba08b6385e4b1dfec595fc6edae244b01b66a861
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-03-10 20:37:05 +00:00
Pino de Candia
18413ba679
Format INSTALLATION document. New TRY_IT document with basic commands.
...
Change-Id: Id855ea88cfd5574ad534f842eef5dca7484beb79
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-03-09 22:53:19 +00:00
Pino de Candia
67436e32eb
Castellan context based on password instead of short-lived token.
...
Change-Id: I951869483981bba6b3522d152ac97922dcaab1b9
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-03-09 21:55:13 +00:00
Pino de Candia
3a5a9fbe03
Devstack fixes; configurable API address for VMs; documentation refresh.
...
Change-Id: I1438d8c954f76f15afae33c92473b846d40ebe3d
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-03-09 16:52:36 +00:00
Pino de Candia
fe3e41f34e
Tatu should be last plugin in local.conf; write vendordata config to NOVA_CONF, not NOVA_CPU_CONF.
...
Change-Id: Iba80bc8452bf9726b7b861eaec2ac25d85e4e93e
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-03-08 21:40:22 +00:00
Pino de Candia
5a2e575a56
Devstack plugin sets up Nova static+dynamic vendor data.
...
Change-Id: I1ca5efeea07bd465cd5b9887e6407f6532b1b86a
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-03-08 05:50:32 +00:00
Pino de Candia
5a29ced8b2
Devstack plugin fixes
...
Change-Id: Ie9798fe1bb4c6d511c601306ed1d366d97ff09f7
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-03-07 22:55:50 +00:00
Pino de Candia
fb3766ef9c
Fixed processing of role assignment deletions.
...
Change-Id: Ib791702e2a09e7f907e664b1a262544cd9484735
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-02-26 21:39:49 +00:00
Pino de Candia
7679f42150
Fix notification/sync daemon; get principals from keystone roles.
...
Change-Id: I240c402af07bcb83e99343eb207ec906ce0d4caa
Signed-off-by: Pino de Candia <giuseppe.decandia@gmail.com>
2018-02-26 09:40:49 +00:00
Pino de Candia
d34125d4f7
Clarification in README about known_hosts file.
...
Change-Id: Ie7361469d00b8904ef841f31b859bce06269b607
2018-02-15 15:10:24 +00:00
Pino de Candia
031f13edbd
Remove devstack upgrade and gate (for now).
2018-01-26 17:32:47 -06:00
Pino de Candia
7f55b15f63
Fix devstack settings and plugin.sh for Tatu.
2018-01-26 15:58:14 -06:00
Pino de Candia
6a546abc52
Copied devstack from designate.
2018-01-26 14:41:34 -06:00
Pino de Candia
b1ed741394
API for single host provides same data as List.
2018-01-25 16:29:26 -06:00
Pino de Candia
6fd075dd16
Rename Authority public key fields.
2018-01-25 13:31:02 -06:00
Pino de Candia
6ecf7ceec7
Make serial number the main identifier of UserCert
2018-01-24 00:04:26 -06:00
Pino de Candia
5153135019
Remove '.' from API object keys.
2018-01-23 16:56:17 -06:00
Pino de Candia
2030f2f4bc
Merge branch 'master' of https://github.com/pinodeca/tatu
2018-01-23 22:14:28 +00:00
Pino de Candia
252e740911
Add method to get UserCert by serial number.
2018-01-23 22:12:29 +00:00
Pino de Candia
4147c298b7
Cloud config checks some error conditions.
2018-01-22 10:15:23 -06:00
Pino de Candia
a061c474c2
pat.py catches nova exceptions on dead servers.
2018-01-22 16:08:43 +00:00
Pino de Candia
0d456cc116
New cloud-config uses only bash, no python.
2018-01-21 15:02:05 -06:00
Pino de Candia
326f0590ae
Add revoked key management script to user-cloud-config.
2018-01-20 02:25:34 -06:00
Pino de Candia
4450ba773f
Debugged/fixed revoked key file generation.
2018-01-20 08:23:16 +00:00
Pino de Candia
0b207f6123
Add a script to revoke certificates.
2018-01-19 17:59:30 -06:00
Pino de Candia
8e52c850ce
Implemented certificate revocation.
2018-01-19 16:56:26 -06:00
Pino de Candia
b5991fe143
Added a script that wraps ssh and does an SRV lookup.
2018-01-19 06:56:21 +00:00
Pino de Candia
be028d5cf3
Make PATEntries and SRV Recordset creation idempotent.
2018-01-16 23:52:23 +00:00
Pino de Candia
4a9f96d253
Added list methods for users and hosts.
2018-01-16 10:57:41 -06:00
Pino de Candia
512b262470
Merge branch 'master' of https://github.com/pinodeca/tatu
2018-01-16 14:47:13 +00:00
Pino de Candia
54874d4c41
Remove key_manager section of config.
2018-01-16 14:45:54 +00:00
Pino de Candia
6a1099c89e
Add devstack local.conf and .gitignore
2018-01-05 12:48:31 -06:00
Pino de Candia
d83fca3537
Fixes to PAT and DNS support.
2018-01-04 14:41:22 -06:00
Pino de Candia
c1239d9a5c
Merge branch 'master' of https://github.com/pinodeca/tatu
2017-12-29 04:09:47 -06:00
Pino de Candia
27b180f864
Draft bastion support and Designate integration.
2017-12-29 03:53:32 -06:00
Pino de Candia
91c0b33338
Use argparse in helper scripts
2017-12-29 03:51:54 -06:00
Pino de Candia
a419429041
Make Barbican integration work with Keystone middleware.
2017-12-21 16:39:28 +00:00
Pino de Candia
6ea9865b2a
Merge branch 'master' of https://github.com/pinodeca/tatu
2017-12-20 15:07:30 -06:00
Pino de Candia
25fdd3b800
Moved config handling to one file.
2017-12-20 15:07:15 -06:00
pinodeca
428005ca56
Fixed requirements file.
2017-12-20 17:33:29 +00:00
Pino de Candia
303827c514
Oslo test skeleton.
2017-12-18 16:09:16 -06:00
Pino de Candia
6f69ba8090
Initial Devstack support skeleton.
2017-12-18 15:58:04 -06:00
Pino de Candia
f28231f20d
REsolve some differences with cookiecutter project.
2017-12-18 15:57:26 -06:00
Pino de Candia
9c51ed1705
Making doc and releasenotes compatible with cookiecutter.
2017-12-18 21:42:51 +00:00
Pino de Candia
1a4df292b1
Fixed requirements.txt for tox.
2017-12-09 00:08:32 +00:00