Remove pki support

Change-Id: I13f6b84d14ee316653aad013fadd45978f30f0a4
Implements: blueprint remove-pki
This commit is contained in:
ZhongShengping 2016-12-29 11:17:40 +08:00
parent c568e8f73a
commit a502f70cf6
2 changed files with 0 additions and 10 deletions

View File

@ -44,7 +44,6 @@ connection = mysql+pymysql://{{ glance_galera_user }}:{{ glance_container_mysql_
[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ glance_keystone_auth_plugin }}
signing_dir = {{ glance_system_user_home }}/cache/api
auth_url = {{ keystone_service_adminurl }}
auth_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ glance_service_project_domain_id }}
@ -57,15 +56,11 @@ region_name = {{ keystone_service_region }}
memcached_servers = {{ memcached_servers }}
token_cache_time = 300
revocation_cache_time = 60
# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}
# if your keystone deployment uses PKI, and you value security over performance:
check_revocations_for_cached = False
[oslo_policy]
policy_file = {{ glance_policy_file }}
policy_default_rule = {{ glance_policy_default_rule }}

View File

@ -26,7 +26,6 @@ connection = mysql+pymysql://{{ glance_galera_user }}:{{ glance_container_mysql_
[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ glance_keystone_auth_plugin }}
signing_dir = {{ glance_system_user_home }}/cache/registry/
auth_url = {{ keystone_service_adminurl }}
auth_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ glance_service_project_domain_id }}
@ -39,15 +38,11 @@ region_name = {{ keystone_service_region }}
memcached_servers = {{ memcached_servers }}
token_cache_time = 300
revocation_cache_time = 60
# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}
# if your keystone deployment uses PKI, and you value security over performance:
check_revocations_for_cached = False
[oslo_messaging_rabbit]
rabbit_use_ssl = {{ glance_rabbitmq_use_ssl }}
rabbit_notification_exchange = glance