Allow admin_bind_host to be settable in the keystone.conf
Change server recipe and template to allow the admin_bind_host to be set to the identity_admin endpoint defined in Common. Change-Id: I1043d8e9137ea2a6c8f84ee3a2da4f98e3c82521 Closes-Bug: #1368282
This commit is contained in:
parent
1cdb9a46f3
commit
0ab0cd3def
|
@ -1,11 +1,11 @@
|
|||
# CHANGELOG for cookbook-openstack-identity
|
||||
This file is used to list changes made in each version of cookbook-openstack-identity.
|
||||
|
||||
## 10.0.1
|
||||
* Update keystone.conf from mode 0644 to 0640
|
||||
* Allow hash_algorithm to be configurable
|
||||
|
||||
## 10.0.1
|
||||
* Raise exceptions when register provider keystone command fails
|
||||
* Allow admin_bind_host to be settable in the keystone.conf template
|
||||
|
||||
## 10.0.0
|
||||
* Upgrading to Juno
|
||||
|
|
|
@ -14,4 +14,4 @@ recipe 'openstack-identity::registration', 'Adds user, tenant, role an
|
|||
supports os
|
||||
end
|
||||
|
||||
depends 'openstack-common', '~> 10.0'
|
||||
depends 'openstack-common', '~> 10.1'
|
||||
|
|
|
@ -144,6 +144,7 @@ if node['openstack']['auth']['strategy'] == 'pki'
|
|||
end
|
||||
|
||||
bind_endpoint = endpoint 'identity-bind'
|
||||
admin_bind_endpoint = endpoint 'identity-admin-bind'
|
||||
identity_admin_endpoint = endpoint 'identity-admin'
|
||||
identity_endpoint = endpoint 'identity-api'
|
||||
compute_endpoint = endpoint 'compute-api'
|
||||
|
@ -159,6 +160,7 @@ sql_connection = db_uri('identity', db_user, db_pass)
|
|||
bootstrap_token = get_secret 'openstack_identity_bootstrap_token'
|
||||
|
||||
bind_address = bind_endpoint.host
|
||||
admin_bind_address = admin_bind_endpoint.host
|
||||
|
||||
# If the search role is set, we search for memcache
|
||||
# servers via a Chef search. If not, we look at the
|
||||
|
@ -204,6 +206,7 @@ template '/etc/keystone/keystone.conf' do
|
|||
variables(
|
||||
sql_connection: sql_connection,
|
||||
bind_address: bind_address,
|
||||
admin_bind_address: admin_bind_address,
|
||||
bootstrap_token: bootstrap_token,
|
||||
memcache_servers: memcache_servers,
|
||||
public_endpoint: public_endpoint,
|
||||
|
|
|
@ -21,6 +21,10 @@ describe 'openstack-identity::server' do
|
|||
'port' => '35357',
|
||||
'scheme' => 'https'
|
||||
}
|
||||
node.set_unless['openstack']['endpoints']['identity-admin-bind'] = {
|
||||
'host' => '127.0.1.1',
|
||||
'port' => '35357'
|
||||
}
|
||||
|
||||
runner.converge(described_recipe)
|
||||
end
|
||||
|
@ -433,6 +437,26 @@ describe 'openstack-identity::server' do
|
|||
end
|
||||
end
|
||||
|
||||
describe 'admin bind_interface is nil' do
|
||||
it 'has admin bind host from endpoint' do
|
||||
r = line_regexp('admin_bind_host = 127.0.1.1')
|
||||
expect(chef_run).to render_file(path).with_content(r)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'admin bind_interface is eth0' do
|
||||
before do
|
||||
node.set['openstack']['endpoints']['identity-admin-bind']['bind_interface'] = 'eth0'
|
||||
allow_any_instance_of(Chef::Recipe).to receive(:address_for)
|
||||
.and_return('10.0.0.2')
|
||||
end
|
||||
|
||||
it 'has admin bind host from interface ip' do
|
||||
r = line_regexp('admin_bind_host = 10.0.0.2')
|
||||
expect(chef_run).to render_file(path).with_content(r)
|
||||
end
|
||||
end
|
||||
|
||||
describe 'port numbers' do
|
||||
['public_port', 'admin_port'].each do |x|
|
||||
it "has #{x}" do
|
||||
|
|
|
@ -23,7 +23,7 @@ public_bind_host = <%= @bind_address %>
|
|||
# The IP address of the network interface for the admin
|
||||
# service to listen on. (string value)
|
||||
# Deprecated group/name - [DEFAULT]/bind_host
|
||||
#admin_bind_host=0.0.0.0
|
||||
admin_bind_host = <%= @admin_bind_address %>
|
||||
|
||||
# (Deprecated) The port which the OpenStack Compute service
|
||||
# listens on. This option was only used for string replacement
|
||||
|
|
Loading…
Reference in New Issue