From e47321b3c798ba4300e2affacd29502b35dc12d5 Mon Sep 17 00:00:00 2001 From: Sachi King Date: Thu, 21 Aug 2014 17:37:07 +1000 Subject: [PATCH] Attribute variables for internal identity endpoint This patch adds the identity-internal-endpoints attributes to complment the first patch of this bug. As cookbook-openstack-identity now refences the identity-internal endpoint these variables are now required to be defined. As per convention endpoints are defined in this cookbook. Following this patch the number of node.set used in the registration tests can be reduced, as they will now have defaults defined here. Additionally a bump of the identity cookbook to rely on common 10.0.3 will be required. Once this is done this bug can be closed. Change-Id: Iefca0b3df5b8efae94a661fc471c55a05cd8f64e Partial-Bug: #1356732 --- CHANGELOG.md | 4 ++++ attributes/default.rb | 15 +++++++++++++++ metadata.rb | 2 +- 3 files changed, 20 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5fda6bf4..684e181e 100755 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,10 @@ # CHANGELOG for cookbook-openstack-common This file is used to list changes made in each version of cookbook-openstack-common. + +## 10.0.3 +* Adding identity internal endpoint variables to support new endpoint usage in identity cookbook + ## 10.0.2 * Add database charset during create diff --git a/attributes/default.rb b/attributes/default.rb index b2e5b9a2..86819c68 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -175,6 +175,21 @@ default['openstack']['endpoints']['identity-api']['port'] = '5000' default['openstack']['endpoints']['identity-api']['path'] = '/v2.0' default['openstack']['endpoints']['identity-api']['bind_interface'] = nil +# The OpenStack Identity (Keystone) Internal API endpoint +# For a reference architecture this is a sensable default, however with a more +# complex network setup the public endpoint may not be reachable by internal +# systems, thus the ability to set this to something different must be present. +# Even if the public endpoint is reachable there may be other reasons to send +# interal communications to a different endpoint, for security or auditing +# purposes for example. +# Generally this listens on the same IP as the admin interface, but with the +# public pipeline(5000) instead of the admin pipeline(35357). +default['openstack']['endpoints']['identity-internal']['host'] = node['openstack']['endpoints']['host'] +default['openstack']['endpoints']['identity-internal']['scheme'] = 'http' +default['openstack']['endpoints']['identity-internal']['port'] = '5000' +default['openstack']['endpoints']['identity-internal']['path'] = '/v2.0' +default['openstack']['endpoints']['identity-internal']['bind_interface'] = nil + # The OpenStack Identity (Keystone) Admin API endpoint default['openstack']['endpoints']['identity-admin']['host'] = node['openstack']['endpoints']['host'] default['openstack']['endpoints']['identity-admin']['scheme'] = 'http' diff --git a/metadata.rb b/metadata.rb index 8b7bf7bb..cc76c4a2 100755 --- a/metadata.rb +++ b/metadata.rb @@ -4,7 +4,7 @@ maintainer_email 'cookbooks@lists.tfoundry.com' license 'Apache 2.0' description 'Common OpenStack attributes, libraries and recipes.' long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version '10.0.2' +version '10.0.3' recipe 'openstack-common', 'Installs/Configures common recipes' recipe 'openstack-common::set_endpoints_by_interface', 'Set endpoints by interface'