58126e14d7
Add alternative authentication middleware to authenticate against Keystone using
username and password instead of validating existing auth token. The benefit
being that you no longer require admin/service token to authenticate users.
To use, update heat-api.conf:
[paste_deploy]
flavor = standalone
This should make it possible to try heat out against existing public
clouds.
Change-Id: Ia584bba78e8984581f0fb6882bbb17d5efa238db
48 lines
1.1 KiB
Plaintext
48 lines
1.1 KiB
Plaintext
[DEFAULT]
|
|
# Show more verbose log output (sets INFO log level output)
|
|
verbose = True
|
|
|
|
# Show debugging output in logs (sets DEBUG log level output)
|
|
debug = True
|
|
|
|
# Turn off standard error logging
|
|
use_stderr = False
|
|
|
|
# Log to this file. Make sure the user running heat-api-cfn has
|
|
# permissions to write to this file!
|
|
log_file = /var/log/heat/api.log
|
|
|
|
# Send logs to syslog (/dev/log) instead of to file specified
|
|
# by `log_file`
|
|
use_syslog = False
|
|
|
|
# Facility to use. If unset defaults to LOG_USER.
|
|
# syslog_log_facility = LOG_LOCAL0
|
|
|
|
# Address to bind the server to
|
|
bind_host = 0.0.0.0
|
|
|
|
# Port the bind the server to
|
|
bind_port = 8004
|
|
|
|
rpc_backend=heat.openstack.common.rpc.impl_qpid
|
|
|
|
|
|
|
|
# Uncomment to deploy different flavor of heat-api pipeline:
|
|
# [paste_deploy]
|
|
# flavor = custombackend
|
|
# flavor = standalone
|
|
|
|
[keystone_authtoken]
|
|
auth_host = 127.0.0.1
|
|
auth_port = 35357
|
|
auth_protocol = http
|
|
auth_uri = http://127.0.0.1:5000/v2.0
|
|
|
|
# These must be set to your local values in order for the token
|
|
# authentication to work.
|
|
admin_tenant_name = service
|
|
admin_user = heat
|
|
admin_password = verybadpass
|