Fix Ubuntu keystone deployment
No package python3-setuputils available. Should probably be python3-setuptools. Version checking for fernet was failing - version now sent to stdout, not stderr. UUID tokens are long gone - always use fernet. Change-Id: I9703570695ccf1fc3e767c95629c51b5e7e8de83
This commit is contained in:
Mark Goddard
@@ -7,7 +7,7 @@ required_packages:
|
|||||||
- python3-dev
|
- python3-dev
|
||||||
- python3-mysqldb
|
- python3-mysqldb
|
||||||
- python3-pymysql
|
- python3-pymysql
|
||||||
- python3-setuputils
|
- python3-setuptools
|
||||||
- libffi-dev
|
- libffi-dev
|
||||||
- libxslt1-dev
|
- libxslt1-dev
|
||||||
- libssl-dev
|
- libssl-dev
|
||||||
|
|||||||
@@ -90,33 +90,6 @@
|
|||||||
group: "keystone"
|
group: "keystone"
|
||||||
mode: 0755
|
mode: 0755
|
||||||
|
|
||||||
- name: "Ensure /etc/keystone/fernet-keys exists"
|
|
||||||
file:
|
|
||||||
name: /etc/keystone/fernet-keys
|
|
||||||
state: directory
|
|
||||||
owner: keystone
|
|
||||||
group: keystone
|
|
||||||
mode: 0750
|
|
||||||
|
|
||||||
- name: "Retrieve Keystone major version"
|
|
||||||
command: keystone-manage --version
|
|
||||||
register: keystone_version_str
|
|
||||||
environment: "{{ bifrost_venv_env if enable_venv else {} }}"
|
|
||||||
|
|
||||||
- name: "Set Keystone major version"
|
|
||||||
set_fact:
|
|
||||||
keystone_version: "{{ keystone_version_str.stderr.split('.')[0] }}"
|
|
||||||
|
|
||||||
- name: "Set Keystone provider to uuid"
|
|
||||||
set_fact:
|
|
||||||
keystone_provider: "uuid"
|
|
||||||
when: keystone_version | int < 13
|
|
||||||
|
|
||||||
- name: "Set Keystone provider to fernet"
|
|
||||||
set_fact:
|
|
||||||
keystone_provider: "fernet"
|
|
||||||
when: keystone_version | int >= 13
|
|
||||||
|
|
||||||
- name: "Write keystone configuration from template"
|
- name: "Write keystone configuration from template"
|
||||||
template:
|
template:
|
||||||
src: keystone.conf.j2
|
src: keystone.conf.j2
|
||||||
@@ -134,7 +107,6 @@
|
|||||||
keystone-manage fernet_setup
|
keystone-manage fernet_setup
|
||||||
--keystone-user="{{ nginx_user }}" --keystone-group="{{ nginx_user }}"
|
--keystone-user="{{ nginx_user }}" --keystone-group="{{ nginx_user }}"
|
||||||
environment: "{{ bifrost_venv_env if enable_venv else {} }}"
|
environment: "{{ bifrost_venv_env if enable_venv else {} }}"
|
||||||
when: keystone_version | int >= 13
|
|
||||||
|
|
||||||
- name: "Setup Keystone Credentials"
|
- name: "Setup Keystone Credentials"
|
||||||
command: >
|
command: >
|
||||||
|
|||||||
@@ -3,7 +3,7 @@
|
|||||||
master = true
|
master = true
|
||||||
processes = 2
|
processes = 2
|
||||||
threads = 2
|
threads = 2
|
||||||
plugin = python
|
plugin = python3
|
||||||
no-orphans = true
|
no-orphans = true
|
||||||
chmod-socket = 660
|
chmod-socket = 660
|
||||||
{% if uwsgi_venv is defined and uwsgi_venv | length > 0 %}
|
{% if uwsgi_venv is defined and uwsgi_venv | length > 0 %}
|
||||||
|
|||||||
@@ -3,7 +3,7 @@
|
|||||||
master = true
|
master = true
|
||||||
processes = 2
|
processes = 2
|
||||||
threads = 2
|
threads = 2
|
||||||
plugin = python
|
plugin = python3
|
||||||
no-orphans = true
|
no-orphans = true
|
||||||
chmod-socket = 660
|
chmod-socket = 660
|
||||||
{% if uwsgi_venv is defined and uwsgi_venv | length > 0 %}
|
{% if uwsgi_venv is defined and uwsgi_venv | length > 0 %}
|
||||||
|
|||||||
@@ -23,4 +23,4 @@ use_db_reconnect = true
|
|||||||
lockout_failure_attempts = 3
|
lockout_failure_attempts = 3
|
||||||
|
|
||||||
[token]
|
[token]
|
||||||
provider = {{ keystone_provider }}
|
provider = fernet
|
||||||
|
|||||||
Reference in New Issue
Block a user