d33895f3b1
Step one in an AFS cell is getting kerberos working. This does not provide end-to-end KDC management - the realm still needs to be created by hand. Change-Id: I891d784d676ab79e7aca9c883dd9e705a30db6e5
24 lines
567 B
Puppet
24 lines
567 B
Puppet
# kerberos kdc servers
|
|
class openstack_project::kdc (
|
|
$slave = false,
|
|
$sysadmins = [],
|
|
) {
|
|
class { 'openstack_project::server':
|
|
iptables_public_tcp_ports => [88,464,749,754],
|
|
iptables_public_udp_ports => [88,464,749],
|
|
sysadmins => $sysadmins
|
|
}
|
|
class { 'kerberos::server':
|
|
realm => 'OPENSTACK.ORG',
|
|
kdcs => [
|
|
'kdc01.openstack.org',
|
|
'kdc02.openstack.org',
|
|
],
|
|
admin_server => 'kdc.openstack.org',
|
|
slaves => [
|
|
'kdc02.openstack.org',
|
|
],
|
|
slave => $slave,
|
|
}
|
|
}
|