Simplify identity endpoint
Per the Keystone Install Guide[1] the admin endpoint is superseded in favor of a single public endpoint. As a result, the admin endpoint is no longer deployed by default. [1] https://docs.openstack.org/keystone/queens/install/keystone-install-ubuntu.html#install-and-configure-components Change-Id: I188edfcfbd6f8261a648c03b6e46532b960d3ac6 Implements: blueprint simplify-identity-endpoint
This commit is contained in:
parent
c26101bfba
commit
93882de603
|
@ -48,13 +48,12 @@ end
|
||||||
glance_api_endpoint = internal_endpoint 'image_api'
|
glance_api_endpoint = internal_endpoint 'image_api'
|
||||||
cinder_api_bind = node['openstack']['bind_service']['all']['block-storage']
|
cinder_api_bind = node['openstack']['bind_service']['all']['block-storage']
|
||||||
cinder_api_bind_address = bind_address cinder_api_bind
|
cinder_api_bind_address = bind_address cinder_api_bind
|
||||||
identity_endpoint = internal_endpoint 'identity'
|
identity_endpoint = public_endpoint 'identity'
|
||||||
identity_admin_endpoint = admin_endpoint 'identity'
|
|
||||||
node.default['openstack']['block-storage']['conf_secrets']
|
node.default['openstack']['block-storage']['conf_secrets']
|
||||||
.[]('keystone_authtoken')['password'] =
|
.[]('keystone_authtoken')['password'] =
|
||||||
get_password 'service', 'openstack-block-storage'
|
get_password 'service', 'openstack-block-storage'
|
||||||
auth_uri = identity_endpoint.to_s
|
|
||||||
auth_url = identity_admin_endpoint.to_s
|
auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
|
||||||
|
|
||||||
directory '/etc/cinder' do
|
directory '/etc/cinder' do
|
||||||
group node['openstack']['block-storage']['group']
|
group node['openstack']['block-storage']['group']
|
||||||
|
@ -68,7 +67,6 @@ node.default['openstack']['block-storage']['conf'].tap do |conf|
|
||||||
conf['DEFAULT']['glance_api_servers'] = glance_api_endpoint.to_s
|
conf['DEFAULT']['glance_api_servers'] = glance_api_endpoint.to_s
|
||||||
conf['DEFAULT']['osapi_volume_listen'] = cinder_api_bind_address
|
conf['DEFAULT']['osapi_volume_listen'] = cinder_api_bind_address
|
||||||
conf['DEFAULT']['osapi_volume_listen_port'] = cinder_api_bind['port']
|
conf['DEFAULT']['osapi_volume_listen_port'] = cinder_api_bind['port']
|
||||||
conf['keystone_authtoken']['auth_uri'] = auth_uri
|
|
||||||
conf['keystone_authtoken']['auth_url'] = auth_url
|
conf['keystone_authtoken']['auth_url'] = auth_url
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -26,8 +26,8 @@ class ::Chef::Recipe
|
||||||
include ::Openstack
|
include ::Openstack
|
||||||
end
|
end
|
||||||
|
|
||||||
identity_admin_endpoint = admin_endpoint 'identity'
|
identity_endpoint = public_endpoint 'identity'
|
||||||
auth_url = ::URI.decode identity_admin_endpoint.to_s
|
auth_url = auth_uri_transform identity_endpoint.to_s, node['openstack']['api']['auth']['version']
|
||||||
|
|
||||||
interfaces = {
|
interfaces = {
|
||||||
public: { url: public_endpoint('block-storage') },
|
public: { url: public_endpoint('block-storage') },
|
||||||
|
|
|
@ -69,15 +69,6 @@ describe 'openstack-block-storage::cinder-common' do
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'keystone authtoken attributes' do
|
context 'keystone authtoken attributes' do
|
||||||
context 'endpoint related' do
|
|
||||||
it 'has auth_uri' do
|
|
||||||
expect(chef_run).to render_config_file(file.name).with_section_content('keystone_authtoken', %r{^auth_uri = http://127.0.0.1:5000/v3$})
|
|
||||||
end
|
|
||||||
it 'has auth_url' do
|
|
||||||
expect(chef_run).to render_config_file(file.name).with_section_content('keystone_authtoken', %r{^auth_url = http://127.0.0.1:35357/v3$})
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
it do
|
it do
|
||||||
expect(chef_run).not_to render_file(file.name).with_content(/^auth_version = v2.0$/)
|
expect(chef_run).not_to render_file(file.name).with_content(/^auth_version = v2.0$/)
|
||||||
end
|
end
|
||||||
|
|
|
@ -13,7 +13,7 @@ describe 'openstack-block-storage::identity_registration' do
|
||||||
include_context 'block-storage-stubs'
|
include_context 'block-storage-stubs'
|
||||||
|
|
||||||
connection_params = {
|
connection_params = {
|
||||||
openstack_auth_url: 'http://127.0.0.1:35357/v3/auth/tokens',
|
openstack_auth_url: 'http://127.0.0.1:5000/v3/auth/tokens',
|
||||||
openstack_username: 'admin',
|
openstack_username: 'admin',
|
||||||
openstack_api_key: 'emc_test_pass',
|
openstack_api_key: 'emc_test_pass',
|
||||||
openstack_project_name: 'admin',
|
openstack_project_name: 'admin',
|
||||||
|
|
|
@ -9,16 +9,19 @@ ChefSpec::Coverage.start! { add_filter 'openstack-block-storage' }
|
||||||
|
|
||||||
require 'chef/application'
|
require 'chef/application'
|
||||||
|
|
||||||
LOG_LEVEL = :fatal
|
RSpec.configure do |config|
|
||||||
|
config.color = true
|
||||||
|
config.formatter = :documentation
|
||||||
|
config.log_level = :fatal
|
||||||
|
end
|
||||||
|
|
||||||
REDHAT_OPTS = {
|
REDHAT_OPTS = {
|
||||||
platform: 'redhat',
|
platform: 'redhat',
|
||||||
version: '7.3',
|
version: '7.4',
|
||||||
log_level: LOG_LEVEL,
|
|
||||||
}.freeze
|
}.freeze
|
||||||
UBUNTU_OPTS = {
|
UBUNTU_OPTS = {
|
||||||
platform: 'ubuntu',
|
platform: 'ubuntu',
|
||||||
version: '16.04',
|
version: '16.04',
|
||||||
log_level: LOG_LEVEL,
|
|
||||||
}.freeze
|
}.freeze
|
||||||
|
|
||||||
shared_context 'block-storage-stubs' do
|
shared_context 'block-storage-stubs' do
|
||||||
|
@ -110,8 +113,7 @@ shared_examples 'creates_cinder_conf' do |service, user, group, action = :restar
|
||||||
/^project_name = service$/,
|
/^project_name = service$/,
|
||||||
/^user_domain_name = Default/,
|
/^user_domain_name = Default/,
|
||||||
/^project_domain_name = Default/,
|
/^project_domain_name = Default/,
|
||||||
%r{^auth_uri = http://127.0.0.1:5000/v3$},
|
%r{^auth_url = http://127.0.0.1:5000/v3$},
|
||||||
%r{^auth_url = http://127.0.0.1:35357/v3$},
|
|
||||||
/^password = cinder-pass$/,
|
/^password = cinder-pass$/,
|
||||||
].each do |line|
|
].each do |line|
|
||||||
expect(chef_run).to render_config_file(file.name)
|
expect(chef_run).to render_config_file(file.name)
|
||||||
|
|
Loading…
Reference in New Issue