Use trusts in heat.conf

Change-Id: Ie91b3498e9f9d0d74a502ba6945db531ef967516
Closes-Bug: #1492736
This commit is contained in:
Michal Rostecki 2015-10-17 09:50:03 +02:00
parent 4caf6fafca
commit 64b767f9f6
2 changed files with 18 additions and 4 deletions

View File

@ -10,7 +10,9 @@ stack_domain_admin_password = {{ heat_domain_admin_password }}
stack_user_domain_name = heat_user_domain
rpc_backend = rabbit
deferred_auth_method = password
notification_driver = noop
deferred_auth_method = trusts
trusts_delegated_role = heat_stack_owner
syslog_log_facility=LOG_LOCAL0
use_syslog=yes
@ -46,6 +48,16 @@ project_name = service
username = heat
password = {{ heat_keystone_password }}
[trustee]
auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }}
auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }}
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = heat
password = {{ heat_keystone_password }}
[ec2authtoken]
auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }}

View File

@ -4,8 +4,10 @@
# of the KOLLA_BOOTSTRAP variable being set, including empty.
if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
heat-manage db_sync
openstack domain create heat_user_domain
openstack user create --domain heat_user_domain heat_domain_admin --password ${HEAT_DOMAIN_ADMIN_PASSWORD}
openstack role add --domain heat_user_domain --user heat_domain_admin admin
openstack domain create heat
openstack user create --domain heat heat_domain_admin --password ${HEAT_DOMAIN_ADMIN_PASSWORD}
openstack role add --domain heat --user heat_domain_admin admin
openstack role create heat_stack_owner
openstack role create heat_stack_user
exit 0
fi