Simplify identity endpoint
Per the Keystone Install Guide[1] the admin endpoint is superseded in favor of a single public endpoint. As a result, the admin endpoint is no longer deployed by default. [1] https://docs.openstack.org/keystone/queens/install/keystone-install-ubuntu.html#install-and-configure-components Depends-On: I47fa53ce6a0e4d43e3de726f07b3c1d415fc303a Change-Id: I1adb3066c83aaffe8b22f2f2553f634483371974 Implements: blueprint simplify-identity-endpoint
This commit is contained in:
parent
59112747e8
commit
a39cd2c85d
|
@ -67,20 +67,18 @@ end
|
|||
db_user = node['openstack']['db']['dns']['username']
|
||||
db_pass = get_password 'db', 'designate'
|
||||
|
||||
public_identity_endpoint = identity_uri_transform(public_endpoint('identity'))
|
||||
identity_endpoint = internal_endpoint 'identity'
|
||||
|
||||
bind_services = node['openstack']['bind_service']['all']
|
||||
api_bind = bind_services['dns-api']
|
||||
|
||||
auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['dns']['api']['auth']['version']
|
||||
internal_identity_endpoint = internal_endpoint 'identity'
|
||||
public_identity_endpoint = public_endpoint 'identity'
|
||||
|
||||
# define attributes that are needed in designate.conf
|
||||
node.default['openstack']['dns']['conf'].tap do |conf|
|
||||
conf['service:api']['api_host'] = bind_address api_bind
|
||||
conf['service:api']['api_port'] = api_bind['port']
|
||||
conf['keystone_authtoken']['auth_uri'] = public_identity_endpoint
|
||||
conf['keystone_authtoken']['auth_url'] = auth_url
|
||||
conf['keystone_authtoken']['auth_url'] = internal_identity_endpoint.to_s
|
||||
conf['keystone_authtoken']['www_authenticate_uri'] = public_identity_endpoint.to_s
|
||||
end
|
||||
|
||||
# define secrets that are needed in designate.conf
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
# limitations under the License.
|
||||
#
|
||||
|
||||
class ::Chef::Recipe # rubocop:disable Documentation
|
||||
class ::Chef::Recipe
|
||||
include ::Openstack
|
||||
end
|
||||
|
||||
|
|
|
@ -24,9 +24,8 @@ class ::Chef::Recipe
|
|||
include ::Openstack
|
||||
end
|
||||
|
||||
identity_admin_endpoint = admin_endpoint 'identity'
|
||||
|
||||
auth_url = ::URI.decode identity_admin_endpoint.to_s
|
||||
identity_endpoint = internal_endpoint 'identity'
|
||||
auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
|
||||
|
||||
internal_designate_endpoint = internal_endpoint 'dns-api'
|
||||
public_designate_endpoint = public_endpoint 'dns-api'
|
||||
|
|
|
@ -23,11 +23,10 @@ class ::Chef::Recipe
|
|||
end
|
||||
|
||||
dns_endpoint = internal_endpoint 'dns-api'
|
||||
# TODO(jh): Make this more intelligent
|
||||
dns_url = dns_endpoint.to_s + '/v2'
|
||||
|
||||
identity_endpoint = internal_endpoint 'identity'
|
||||
auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['dns']['api']['auth']['version']
|
||||
auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
|
||||
|
||||
node.default['openstack']['network']['conf'].tap do |conf|
|
||||
conf['DEFAULT']['external_dns_driver'] = 'designate'
|
||||
|
|
Loading…
Reference in New Issue