ffd6e3bf32
Service user passwords will now be updated in keystone if services are reconfigured with new passwords set in config. This behaviour can be overridden. Closes-Bug: #2045990 Change-Id: I91671dda2242255e789b521d19348b0cccec266f
30 lines
1.1 KiB
YAML
30 lines
1.1 KiB
YAML
---
|
|
fixes:
|
|
- |
|
|
Changes to service user passwords in ``passwords.yml`` will now be applied
|
|
when reconfiguring services.
|
|
|
|
This behaviour can reverted by setting
|
|
``update_keystone_service_user_passwords: false``.
|
|
|
|
Fixes `LP#2045990
|
|
<https://bugs.launchpad.net/kolla-ansible/+bug/2045990>`__
|
|
upgrade:
|
|
- |
|
|
If credentials are updated in ``passwords.yml`` kolla-ansible is now able
|
|
to update these credentials in the keystone database and in the on disk
|
|
config files.
|
|
|
|
The changes to ``passwords.yml`` are applied once ``kolla-ansible -i
|
|
INVENTORY`` reconfigure has been run.
|
|
|
|
If you want to revert to the old behavior - credentials not automatically
|
|
updating during reconfigure if they changed in ``passwords.yml`` - you can
|
|
specify this by setting ``update_keystone_service_user_passwords: false``
|
|
in your globals.yml.
|
|
|
|
Notice that passwords are only changed if you change them in
|
|
``passwords.yml``. This mechanism is not a complete solution for automatic
|
|
credential rollover. No passwords are changed if you do not change them
|
|
inside ``passwords.yml``.
|