Add auth_token settings to cinder.conf.sample.
Updates our example config file so that it includes configuration settings for the auth_token middleware. A step towards using cinder.conf instead of the api-paste.ini config file for authtoken configuration. Once https://review.openstack.org/#/c/52259/ lands I'll push another review which removes the settings from api-paste.ini (which takes priority). Related-Bug #1240753 Change-Id: I6636d33ee522757145ac97fc354324a8b9379700
This commit is contained in:
Dan Prince
@@ -1778,3 +1778,32 @@
|
||||
#volume_dd_blocksize=1M
|
||||
|
||||
|
||||
[keystone_authtoken]
|
||||
|
||||
#
|
||||
# Options defined in keystoneclient's authtoken middleware
|
||||
#
|
||||
|
||||
# Host providing the admin Identity API endpoint
|
||||
auth_host = 127.0.0.1
|
||||
|
||||
# Port of the admin Identity API endpoint
|
||||
auth_port = 35357
|
||||
|
||||
# Protocol of the admin Identity API endpoint
|
||||
auth_protocol = http
|
||||
|
||||
# Keystone service account tenant name to validate user tokens
|
||||
admin_tenant_name = %SERVICE_TENANT_NAME%
|
||||
|
||||
# Keystone account username
|
||||
admin_user = %SERVICE_USER%
|
||||
|
||||
# Keystone account password
|
||||
admin_password = %SERVICE_PASSWORD%
|
||||
|
||||
# Directory used to cache files related to PKI tokens
|
||||
# signing_dir is configurable, but the default behavior of the authtoken
|
||||
# middleware should be sufficient. It will create a temporary directory
|
||||
# in the home directory for the user the cinder process is running as.
|
||||
#signing_dir = /var/lib/cinder/keystone-signing
|
||||
|
||||
@@ -49,3 +49,35 @@ PYTHONPATH=./:${PYTHONPATH} \
|
||||
|
||||
# When we use openstack.common.config.generate we won't need this any more
|
||||
sed -i 's/^#connection=sqlite.*/#connection=sqlite:\/\/\/\/cinder\/openstack\/common\/db\/$sqlite_db/' $OUTPUTFILE
|
||||
|
||||
cat >> $OUTPUTFILE <<-EOF_CAT
|
||||
[keystone_authtoken]
|
||||
|
||||
#
|
||||
# Options defined in keystoneclient's authtoken middleware
|
||||
#
|
||||
|
||||
# Host providing the admin Identity API endpoint
|
||||
auth_host = 127.0.0.1
|
||||
|
||||
# Port of the admin Identity API endpoint
|
||||
auth_port = 35357
|
||||
|
||||
# Protocol of the admin Identity API endpoint
|
||||
auth_protocol = http
|
||||
|
||||
# Keystone service account tenant name to validate user tokens
|
||||
admin_tenant_name = %SERVICE_TENANT_NAME%
|
||||
|
||||
# Keystone account username
|
||||
admin_user = %SERVICE_USER%
|
||||
|
||||
# Keystone account password
|
||||
admin_password = %SERVICE_PASSWORD%
|
||||
|
||||
# Directory used to cache files related to PKI tokens
|
||||
# signing_dir is configurable, but the default behavior of the authtoken
|
||||
# middleware should be sufficient. It will create a temporary directory
|
||||
# in the home directory for the user the cinder process is running as.
|
||||
#signing_dir = /var/lib/cinder/keystone-signing
|
||||
EOF_CAT
|
||||
|
||||
Reference in New Issue
Block a user