Simplify identity endpoint
Per the Keystone Install Guide[1] the admin endpoint is superseded in favor of a single public endpoint. As a result, the admin endpoint is no longer deployed by default. [1] https://docs.openstack.org/keystone/queens/install/keystone-install-ubuntu.html#install-and-configure-components Change-Id: I7e1ee2fa32e5d9b816bd3624524e6680a278ed5d Implements: blueprint simplify-identity-endpoint
This commit is contained in:
parent
eda01f5a0f
commit
7696912e7a
|
@ -64,11 +64,11 @@ if node['openstack']['image_api']['conf']['glance_store']['default_store'] == 'f
|
|||
end
|
||||
end
|
||||
|
||||
identity_endpoint = public_endpoint 'identity'
|
||||
node.default['openstack']['image_api']['conf_secrets']
|
||||
.[]('keystone_authtoken')['password'] =
|
||||
get_password 'service', 'openstack-image'
|
||||
|
||||
identity_endpoint = public_endpoint 'identity'
|
||||
auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
|
||||
|
||||
db_user = node['openstack']['db']['image']['username']
|
||||
|
|
|
@ -26,9 +26,8 @@ class ::Chef::Recipe
|
|||
include ::Openstack
|
||||
end
|
||||
|
||||
identity_admin_endpoint = admin_endpoint 'identity'
|
||||
|
||||
auth_url = ::URI.decode identity_admin_endpoint.to_s
|
||||
identity_endpoint = public_endpoint 'identity'
|
||||
auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
|
||||
|
||||
interfaces = {
|
||||
public: { url: public_endpoint('image_api') },
|
||||
|
|
|
@ -32,7 +32,9 @@ package 'curl' do
|
|||
action :upgrade
|
||||
end
|
||||
|
||||
auth_uri = public_endpoint('identity').to_s
|
||||
identity_endpoint = public_endpoint 'identity'
|
||||
auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
|
||||
|
||||
# admin_user = node['openstack']['image_api']['conf']['keystone_authtoken']['username']
|
||||
# admin_pass = get_password admin_user, admin_pass
|
||||
admin_user = node['openstack']['identity']['admin_user']
|
||||
|
@ -55,7 +57,7 @@ node['openstack']['image']['upload_images'].each do |img|
|
|||
identity_user admin_user
|
||||
identity_pass admin_pass
|
||||
identity_tenant admin_project_name
|
||||
identity_uri auth_uri
|
||||
identity_uri auth_url
|
||||
identity_user_domain_name admin_domain
|
||||
identity_project_domain_name admin_project_domain_name
|
||||
action :upload
|
||||
|
|
|
@ -39,14 +39,15 @@ if node['openstack']['mq']['service_type'] == 'rabbit'
|
|||
node.default['openstack']['image_registry']['conf_secrets']['DEFAULT']['transport_url'] = rabbit_transport_url 'image'
|
||||
end
|
||||
|
||||
identity_endpoint = public_endpoint 'identity'
|
||||
registry_bind = node['openstack']['bind_service']['all']['image_registry']
|
||||
registry_bind_address = bind_address registry_bind
|
||||
|
||||
node.default['openstack']['image_registry']['conf_secrets']
|
||||
.[]('keystone_authtoken')['password'] = get_password 'service', 'openstack-image'
|
||||
|
||||
identity_endpoint = public_endpoint 'identity'
|
||||
auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
|
||||
|
||||
glance_user = node['openstack']['image']['user']
|
||||
glance_group = node['openstack']['image']['group']
|
||||
|
||||
|
|
|
@ -29,8 +29,7 @@ platform_options['swift_packages'].each do |pkg|
|
|||
end
|
||||
|
||||
identity_endpoint = public_endpoint 'identity'
|
||||
swift_store_auth_address =
|
||||
auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
|
||||
swift_store_auth_address = ::URI.decode identity_endpoint.to_s
|
||||
tenant = node['openstack']['image_api']['conf']['keystone_authtoken']['project']
|
||||
user = node['openstack']['image_api']['conf']['keystone_authtoken']['user']
|
||||
swift_store_user = "#{tenant}_#{user}"
|
||||
|
|
|
@ -11,7 +11,7 @@ describe 'openstack-image::identity_registration' do
|
|||
include_context 'image-stubs'
|
||||
|
||||
connection_params = {
|
||||
openstack_auth_url: 'http://127.0.0.1:35357/v3/auth/tokens',
|
||||
openstack_auth_url: 'http://127.0.0.1:5000/v3/auth/tokens',
|
||||
openstack_username: 'admin',
|
||||
openstack_api_key: 'admin-pass',
|
||||
openstack_project_name: 'admin',
|
||||
|
|
|
@ -6,16 +6,19 @@ ChefSpec::Coverage.start! { add_filter 'openstack-image' }
|
|||
|
||||
require 'chef/application'
|
||||
|
||||
LOG_LEVEL = :fatal
|
||||
RSpec.configure do |config|
|
||||
config.color = true
|
||||
config.formatter = :documentation
|
||||
config.log_level = :fatal
|
||||
end
|
||||
|
||||
REDHAT_OPTS = {
|
||||
platform: 'redhat',
|
||||
version: '7.3',
|
||||
log_level: LOG_LEVEL,
|
||||
version: '7.4',
|
||||
}.freeze
|
||||
UBUNTU_OPTS = {
|
||||
platform: 'ubuntu',
|
||||
version: '16.04',
|
||||
log_level: LOG_LEVEL,
|
||||
}.freeze
|
||||
|
||||
# Helper methods
|
||||
|
@ -166,12 +169,8 @@ shared_examples 'syslog use' do
|
|||
end
|
||||
|
||||
shared_examples 'keystone attribute setter' do |version|
|
||||
it 'sets the auth_uri value' do
|
||||
expect(chef_run).to render_file(file.name).with_content(%r{^auth_uri = http://127.0.0.1:5000/v3$})
|
||||
end
|
||||
|
||||
it 'sets the identity_uri value' do
|
||||
expect(chef_run).to render_file(file.name).with_content(%r{^identity_uri = http://127.0.0.1:35357/$})
|
||||
expect(chef_run).to render_file(file.name).with_content(%r{^identity_uri = http://127.0.0.1:5000/$})
|
||||
end
|
||||
|
||||
context 'auth version' do
|
||||
|
|
Loading…
Reference in New Issue