From 43615b4d4a36f640fd3cb0cdf42971eaa090fe91 Mon Sep 17 00:00:00 2001 From: yatin Date: Fri, 6 Oct 2017 12:02:04 +0530 Subject: [PATCH] Set *_domain_name vars to 'Default' by default Keystone v2 api's are removed in [1], so it's required to set user_domain_name and project_domain_name otherwise all requests fallbacks to keystone v2.0 and fails. [1] https://review.openstack.org/#/c/499783/ Change-Id: I820ffe3601733d7e7ea95f09ba0e3c1034a9d44a --- manifests/keystone/authtoken.pp | 8 ++++---- .../notes/keystone_default_domain-db4c0623d909bfc3.yaml | 6 ++++++ spec/classes/ec2api_keystone_authtoken_spec.rb | 4 ++-- 3 files changed, 12 insertions(+), 6 deletions(-) create mode 100644 releasenotes/notes/keystone_default_domain-db4c0623d909bfc3.yaml diff --git a/manifests/keystone/authtoken.pp b/manifests/keystone/authtoken.pp index c056d44..bc54711 100644 --- a/manifests/keystone/authtoken.pp +++ b/manifests/keystone/authtoken.pp @@ -21,11 +21,11 @@ # # [*user_domain_name*] # (Optional) Name of domain for $username -# Defaults to $::os_service_default +# Defaults to 'Default' # # [*project_domain_name*] # (Optional) Name of domain for $project_name -# Defaults to $::os_service_default +# Defaults to 'Default' # # [*insecure*] # (Optional) If true, explicitly allow TLS without checking server cert @@ -191,8 +191,8 @@ class ec2api::keystone::authtoken( $username = 'ec2api', $auth_url = 'http://localhost:35357', $project_name = 'services', - $user_domain_name = $::os_service_default, - $project_domain_name = $::os_service_default, + $user_domain_name = 'Default', + $project_domain_name = 'Default', $insecure = $::os_service_default, $auth_section = $::os_service_default, $auth_type = 'password', diff --git a/releasenotes/notes/keystone_default_domain-db4c0623d909bfc3.yaml b/releasenotes/notes/keystone_default_domain-db4c0623d909bfc3.yaml new file mode 100644 index 0000000..b2da73a --- /dev/null +++ b/releasenotes/notes/keystone_default_domain-db4c0623d909bfc3.yaml @@ -0,0 +1,6 @@ +--- +issues: + - | + Keystone v2.0 API was removed so we need to set a default value + for user_domain_name and project_domain name to 'Default' which + is set during keystone bootstrap. diff --git a/spec/classes/ec2api_keystone_authtoken_spec.rb b/spec/classes/ec2api_keystone_authtoken_spec.rb index 51f1a30..64a5014 100644 --- a/spec/classes/ec2api_keystone_authtoken_spec.rb +++ b/spec/classes/ec2api_keystone_authtoken_spec.rb @@ -19,8 +19,8 @@ describe 'ec2api::keystone::authtoken' do is_expected.to contain_ec2api_config('keystone_authtoken/password').with_value('ec2api_password') is_expected.to contain_ec2api_config('keystone_authtoken/auth_url').with_value('http://localhost:35357') is_expected.to contain_ec2api_config('keystone_authtoken/project_name').with_value('services') - is_expected.to contain_ec2api_config('keystone_authtoken/user_domain_name').with_value('') - is_expected.to contain_ec2api_config('keystone_authtoken/project_domain_name').with_value('') + is_expected.to contain_ec2api_config('keystone_authtoken/user_domain_name').with_value('Default') + is_expected.to contain_ec2api_config('keystone_authtoken/project_domain_name').with_value('Default') is_expected.to contain_ec2api_config('keystone_authtoken/insecure').with_value('') is_expected.to contain_ec2api_config('keystone_authtoken/auth_section').with_value('') is_expected.to contain_ec2api_config('keystone_authtoken/auth_type').with_value('password')