fuel-ccp-keystone

Commit Graph

Author	SHA1	Message	Date
Andreas Jaeger	a497e15a00	Retire repository Fuel (from openstack namespace) and fuel-ccp (in x namespace) repositories are unused and ready to retire. This change removes all content from the repository and adds the usual README file to point out that the repository is retired following the process from https://docs.openstack.org/infra/manual/drivers.html#retiring-a-project See also http://lists.openstack.org/pipermail/openstack-discuss/2019-December/011647.html Depends-On: https://review.opendev.org/699362 Change-Id: Iaf61f1be5c082af0f602834e86748e667a4273e5	2019-12-18 09:48:37 +01:00
Mikhail	6b1425984e	Fix command for waiting completion connections Change-Id: I5c335fe18ca0db54f423678020a869d1d2d18aaf	2017-03-24 18:41:39 +04:00
Mikhail	972f335ff1	Wait for the completion connections before drop container Change-Id: Iee4105b6f80239fd6f7f1e13556a88e7260d36a0	2017-03-24 06:22:33 +00:00
Sergey Reshetnyak	49c835ec09	LDAP intergation This patch adds support LDAP as authentication backend Change-Id: Ic6d04450dcdc68c41aa503370fcc347c894f0093	2017-03-13 17:16:19 +03:00
Sergey Reshetnyak	6024c6d218	Create admin role in keystone Change-Id: I30b0eebbf09a37f78182f13e426a5826064c4160	2017-03-13 17:03:42 +03:00
Jenkins	c4380d9a73	Merge "Adjust to per-service configuration"	2017-03-03 13:58:55 +00:00
Andrey Pavlov	b05b455502	Do not depend on local deps Change-Id: Ifda69b80815cbf8d0b62504edab41a98db90cf49	2017-03-01 14:34:08 +04:00
Andrey Pavlov	44d3f32580	Adjust to per-service configuration Change-Id: Ibf904393843030511a98bc983e57557ad6a9eb77 Depends-On: Ia4d29167cea6dfd19a1970706aafda51a31d5b24	2017-02-28 11:28:40 +00:00
Dmitry Klenov	a797cce765	Restricting access to fernet keys folder Leaving access to fernet dir for owner only. This improves security and resolves 'fernet dir is world-readable' warning. Change-Id: I463a56d41697b8c4c1454758267e906665187b15	2017-02-28 10:46:06 +00:00
Jenkins	2557ed0d3e	Merge "Moving tls flag from percona to db group"	2017-02-21 06:43:22 +00:00
Andrey Pavlov	fd81b5e308	Moving tls flag from percona to db group Change-Id: I14498d05bebaa632354b588a7b5ec35c6e94b375 Depends-On: I2ff95f7a1cbb14cb1cd9e35677f95c30a4523340	2017-02-20 14:28:06 +00:00
Sergey Kraynev	401b3d6a90	Fix name of nginx container Change-Id: Ifd46ec5dfef64b64c31a350f9eb20119cafa2a9b	2017-02-20 12:14:05 +00:00
Sergey Kraynev	0a9850e1d4	Add TLS support for Keystone - Add files for certificates - Add config file for nginx service - Update service definition by adding new container for nginx - Update wsgi to use localhost This patch requires patches in other repos: - fuel-ccp - fuel-ccp-entrypoint - fuel-ccp-nginx Co-Authored-By: Artur Zarzycki <azarzycki@mirantis.com> Depends-On: I65002b7ff9cfa2faf9d5bce470334aae95334d00 Depends-On: I88bc21571589dcd4c31bb5ce5015a75676ed2d85 Depends-On: I0660cc3ca2723bc06871b61f859adfed42c0d807 Change-Id: If796ea145c0a6b1bcb711496a4ad97a0a4ac2fb2	2017-02-17 10:58:57 +00:00
Jenkins	0fa07c72fa	Merge "Add DB SSL support"	2017-02-15 15:58:54 +00:00
Jenkins	0563e47d58	Merge "Make service account configurable"	2017-02-14 10:32:58 +00:00
Proskurin Kirill	f5127808a9	Add DB SSL support Change-Id: Ic13c24e32b9259cba432db0b25d7145f0614c248 Depends-On: I9e6d9ee439cab734eba02320d58ccfcd73e23106	2017-02-13 12:07:28 +00:00
Sergey Reshetnyak	c236b0776b	Make service account configurable Change-Id: I7353611fde5a7916d707603315a613607e8b4013	2017-02-10 17:01:53 +03:00
Dmitry Klenov	cef1b979ba	Enable fernet keys generation This change effectively enables fernet keys generation and their usage via the mechanism of k8s secrets. Legacy approach with pre-generated fernet key is removed. Change-Id: Ibdf0a0eafb48930d5536f35511be78c1e5df9921 Partial-Bug: #1651392 Partial-Bug: #1651394 Depends-On: Iaaede4ccb94c99d70f3ecad040d5ab6c41428c5e Depends-On: I577b3f36a12d14b4b5d546d9633d4629eb5d8a37	2017-02-10 13:15:25 +00:00
Bartosz Kupidura	c48dfa6dbe	Add annotations for prometheus Change-Id: Ib4a74ec02988c68524f62946b0d916de8891edc1	2017-01-19 12:57:11 +01:00
Kirill Bespalov	c01a53c6df	Add notifications support The change does not enable notifications, just configure right transport url for it via oslo_messaging template. Change-Id: I466404295a34fd7f4232e728469280b188ccf9af	2017-01-17 13:58:53 +00:00
Jenkins	f1c587a383	Merge "Adding minimal dsl version for services"	2016-11-22 11:06:24 +00:00
Jenkins	b4be289d02	Merge "Adjust urls with new 'address' functionality"	2016-11-22 09:59:14 +00:00
Andrey Pavlov	6a0acb8133	Adding minimal dsl version for services Change-Id: I4d4b9f363138b85198222ac2e770930ce7bd6ab5	2016-11-21 12:26:04 +00:00
Yuriy Taraday	128def6f69	Add proper readiness probe Also remove liveness one as it does nothing Depends-On: I8b74906ba3b5cc358f51831d1f87a8a7f0335f02 Depends-On: I2e8aaeeabcb0c2ddfcf605008763a7a938a578b4 Change-Id: I6a59b65966369f2e08e1b3ff3de9ceda703cd26e	2016-11-18 20:08:51 +03:00
Andrey Pavlov	291be02668	Adjust urls with new 'address' functionality * explisit scheme replaced with with_scheme flag * ports provided to address function Change-Id: I4406560721678837425539706696ef5973efa500	2016-11-18 08:35:55 +00:00
Sergey Reshetnyak	d4e93847cd	Use database service name from config Change-Id: Icf97a02ed235e93cde45fdc94a50049cb38f69a9 Depends-on: Iacc3f02fdd4f39edb5c95d144ffff00b65baa55a	2016-11-17 15:45:36 +03:00
Proskurin Kirill	278d15cc54	Fernet tokens shouldn't world readable Change-Id: I60398b31b73f7e437c8b54a6918776cc0f4f1c31	2016-11-16 11:34:45 +00:00
Jenkins	ef45fb4f8b	Merge "Add credential keys setup"	2016-11-15 10:17:08 +00:00
Proskurin Kirill	b3503d709e	Add credential keys setup Same as "keystone_mamage credential_setup" Change-Id: I8bf71402905c2c0de72a002cffa5ca6eef3609e6	2016-11-14 13:16:22 +00:00
Yuriy Taraday	294fd9f8e8	Add upgrade definition Also grant keystone user super priviledges as they are required for expand migrations Change-Id: Ie49c5f6e71e50716464897eff38d6506ef102897	2016-11-14 14:31:34 +03:00
Andrey Pavlov	1b75819259	Adding scheme for ingress address Scheme was added with with_scheme=True flag Change-Id: I66c44c640516519e99ccf4a6da67669ec3fb4ba8 Depends-On: Iea6b885efdbf0d18268b181007a61dff36b904f0	2016-11-10 17:50:47 +00:00
Yuriy Taraday	439fedc36e	Remove explicit creation of _member_ role It is now created by keystone-manage bootstrap, see CRs Ib9b7fd3695799766c91e2fbeaaa9015c575b2829 in openstack/keystone. Change-Id: If979e82fa306d676f36d867fc542f3be0f584e3e	2016-11-02 17:34:17 +03:00
Andrey Pavlov	0741a57b1a	Adding ingress support Adding ingress objects creation for service Change-Id: I295acae92c5ca6c2667edd293834bf5fc672b393 Depends-On: Ic621af6930f078eea17fd83fce26b42cd32ecf01	2016-10-27 08:10:48 +00:00
Andrey Pavlov	8b17fae393	Ports configuration refactoring Ports configuration has been changed: before: port: 123:3333 after: port: cont: 123 node: 3333 Change-Id: Ic2933d3326afd4090c7a941ebaaebd9cdbaba464 Depends-On: I54ab8dd02fc88b821a1f0d05c08f98b618730150	2016-10-26 17:29:23 +00:00
Aleksandr Mogylchenko	912ab8901b	Migrate liveness check to new format Change-Id: I9f9d071c8cff73f8e4095d4ac56c62f443204eae Depends-On: I920029d4cb14981427e7f978778506fb0b69c435	2016-10-26 14:11:26 +02:00
Yuriy Taraday	5a0f74523f	Convert all DB config to nested Change-Id: Ic41a3b25a612e1e4bcd2f55f6cca96aec51f563f Depends-On: Iab018288f1a884a72ff687d89b68ca08df47ba06	2016-10-06 15:47:54 +03:00
Jenkins	87c891ea81	Merge "Convert all Keystone-specific configs to nested"	2016-10-04 17:46:38 +00:00
Jenkins	1268e5333c	Merge "Add basic Fernet tokens support"	2016-10-04 08:17:45 +00:00
Yuriy Taraday	0ec695e5a9	Convert all Keystone-specific configs to nested Change-Id: I393f8898657543a8c4536159e9a6d773b13cefbf	2016-10-04 00:34:52 +03:00
Andrey	c4f0150732	Adding missed "address" for mariadb service Change-Id: I4836721da23330e6336b1cd986112c47dd898831	2016-10-03 09:28:01 +00:00
Yuriy Taraday	3798cda9da	Add basic Fernet tokens support Tokens are propagated from config for now, no additional security. Rotation is not supported, at all. Change-Id: Ifa67cc3f98f1316dd61c132c0b1d662ee6ea9b0a	2016-09-30 05:59:59 +00:00
Andrey	7ae08cd7ed	Add "address" to all services Replace all <some_service> occurences with {{ address('<some_service>') }} Change-Id: Iab9378b0f0fb888661a344fa906a9c1993598be5 Depends-on: I163857fa0c671e21725d7276540f5fbba09619d2 Depends-on: Ibbb12e016570936468effbbd0648d4690abe3aab	2016-09-26 17:56:38 +00:00
Sergey Lukjanov	3e010f47da	Add post job to create _member_ role In OpenStack deployment it's expected to have _member_ role. For example, you'll not be able to change quotas w/o this role in Horizon. Change-Id: Ief0c4d75d7409c4ea38982f017f7b1694c452369	2016-09-20 04:08:13 -07:00
Sergey Lukjanov	a272377180	Yaml linter execution and config improved Change-Id: I3ad51cee9f63c6113132236ffb26c5802f3b1c60	2016-09-16 19:52:34 -07:00
Dmitriy Ukhlov	83f75afce7	Adapt to new fuel-ccp rendering approach Change-Id: If8f4ddcdf46cd600c6a79f7a101a6d05e1a73907	2016-09-13 16:40:26 +03:00
Alexander Makarov	5cc43e81f4	Enable memcached for keystone Add memcached settings to keystone config template and corresponding memcached dependency. Change-Id: I118228de9bd8d191bc7266d05540de8839b2d41b	2016-09-02 19:07:50 +03:00
Proskurin Kirill	138be47799	Add volume for Keystone access logs for heka collecting Change-Id: Iac338a9e3183428c07357d02d3a597d78249b155	2016-08-18 18:06:51 +03:00
Sergey Reshetnyak	cac9ba0d19	Drop hardcoded node selector Change-Id: I2d1ea4020f2bbc81abae25e3c3dba8e462dec453	2016-07-28 12:31:22 +00:00
Andrey	0155e7d9ae	Changing openstackclient commands Change-Id: I5ff295133ee2aec1ee00e68f3e5761cb2513d2ff Depends-On: I828047a4dae3452e4817eb8963474522883ae088	2016-07-22 18:04:02 +00:00
Proskurin Kirill	a1de41f6a7	Moved additional files to /opt/ccp directory Change-Id: Ie24596d00a59f8ed9a30a426ac2e1767791286fd Depends-On: Ib5a4413206c9fb6134bcceccddec26be24a6cf2e	2016-07-05 14:43:07 +02:00

1 2

53 Commits