Stop overriding auth methods
Setting the keystone option [auth]/methods by default blocks additions
like application_credential that was newly added to Keystone in Queens.
Let's stick to Keystone's defaults instead, deployments can override
these settings if they need to.
Also drop some even older version of these attributes that haven't been
used at all anymore for some time.
Added version bump for stable/queens and pin for apache2 cookbook.
Change-Id: I10b31efe1e94fc69cda65e2f7fb7a669afb166ba
(cherry picked from commit af1d3b1485
)
This commit is contained in:
parent
1ab4fa07e1
commit
b181654077
|
@ -138,13 +138,6 @@ default['openstack']['identity']['credential']['keys'] = [0, 1]
|
|||
default['openstack']['identity']['conf']['credential']['key_repository'] =
|
||||
'/etc/keystone/credential-tokens'
|
||||
|
||||
# The external (REMOTE_USER) auth plugin module. (String value)
|
||||
default['openstack']['identity']['auth']['external'] = 'keystone.auth.plugins.external.DefaultDomain'
|
||||
# Default auth methods. (List value)
|
||||
default['openstack']['identity']['auth']['methods'] = 'external, password, token, oauth1'
|
||||
# Default auth_version for now
|
||||
default['openstack']['identity']['auth']['version'] = 'v3'
|
||||
|
||||
# configuration directory for keystone domain specific options
|
||||
default['openstack']['identity']['identity']['domain_config_dir'] = '/etc/keystone/domains'
|
||||
|
||||
|
|
|
@ -18,11 +18,6 @@ default['openstack']['identity']['conf'].tap do |conf|
|
|||
# [assignment] option in keystone.conf to set driver
|
||||
conf['assignment']['driver'] = 'sql'
|
||||
|
||||
# [auth] option in keystone.conf to set auth plugins
|
||||
conf['auth']['external'] = 'DefaultDomain'
|
||||
# [auth] option in keystone.conf to set auth methods
|
||||
conf['auth']['methods'] = 'external, password, token, oauth1'
|
||||
|
||||
# [cache] option in keystone.conf to set oslo backend
|
||||
conf['cache']['enabled'] = true
|
||||
conf['cache']['backend'] = 'oslo_cache.memcache_pool'
|
||||
|
|
|
@ -4,7 +4,7 @@ maintainer_email 'openstack-dev@lists.openstack.org'
|
|||
license 'Apache-2.0'
|
||||
description 'The OpenStack Identity service Keystone.'
|
||||
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
|
||||
version '17.0.0'
|
||||
version '17.1.0'
|
||||
|
||||
%w(ubuntu redhat centos).each do |os|
|
||||
supports os
|
||||
|
@ -13,7 +13,7 @@ end
|
|||
depends 'openstack-common', '>= 17.0.0'
|
||||
depends 'openstackclient'
|
||||
|
||||
depends 'apache2'
|
||||
depends 'apache2', '< 6'
|
||||
|
||||
issues_url 'https://launchpad.net/openstack-chef' if respond_to?(:issues_url)
|
||||
source_url 'https://github.com/openstack/cookbook-openstack-identity' if respond_to?(:source_url)
|
||||
|
|
Loading…
Reference in New Issue