8ef7434770
A recent change in keystone [1] has deprecated the token auth
mechanism that we used. We reintroduce it temporarily while a more
permanant solution is worked on.
[1] 5286b4a297
Change-Id: I4d585733a9abd201c1b0680e6196dd2a36db3c7e
Closes-Bug: #1545292
76 lines
2.7 KiB
Django/Jinja
76 lines
2.7 KiB
Django/Jinja
FROM {{ namespace }}/{{ image_prefix }}openstack-base:{{ tag }}
|
|
MAINTAINER {{ maintainer }}
|
|
|
|
{% if install_type == 'binary' %}
|
|
{% if base_distro in ['fedora', 'centos', 'oraclelinux', 'rhel'] %}
|
|
|
|
RUN yum -y install openstack-keystone \
|
|
python-keystoneclient \
|
|
httpd \
|
|
mod_wsgi \
|
|
&& yum clean all
|
|
|
|
RUN mkdir -p /var/www/cgi-bin/keystone \
|
|
&& cp -a /usr/share/keystone/keystone-dist-paste.ini /etc/keystone/keystone-paste.ini \
|
|
&& cp -a /usr/share/keystone/keystone.wsgi /var/www/cgi-bin/keystone/main \
|
|
&& cp -a /usr/share/keystone/keystone.wsgi /var/www/cgi-bin/keystone/admin \
|
|
&& sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf
|
|
|
|
{% elif base_distro in ['ubuntu'] %}
|
|
|
|
RUN apt-get install -y --no-install-recommends \
|
|
keystone \
|
|
apache2 \
|
|
libapache2-mod-wsgi \
|
|
&& apt-get clean
|
|
|
|
RUN mkdir -p /var/www/cgi-bin/keystone \
|
|
&& cp -a /usr/share/keystone/wsgi.py /var/www/cgi-bin/keystone/main \
|
|
&& cp -a /usr/share/keystone/wsgi.py /var/www/cgi-bin/keystone/admin \
|
|
&& echo > /etc/apache2/ports.conf
|
|
|
|
{% endif %}
|
|
{% elif install_type == 'source' %}
|
|
{% if base_distro in ['fedora', 'centos', 'oraclelinux', 'rhel'] %}
|
|
|
|
RUN yum -y install \
|
|
httpd \
|
|
mod_wsgi \
|
|
&& yum clean all \
|
|
&& sed -i -r 's,^(Listen 80),#\1,' /etc/httpd/conf/httpd.conf
|
|
|
|
{% elif base_distro in ['ubuntu', 'debian'] %}
|
|
|
|
RUN apt-get install -y --no-install-recommends \
|
|
apache2 \
|
|
libapache2-mod-wsgi \
|
|
&& echo > /etc/apache2/ports.conf \
|
|
&& apt-get clean
|
|
|
|
{% endif %}
|
|
|
|
ADD keystone-archive /keystone-source
|
|
RUN ln -s keystone-source/* keystone \
|
|
&& useradd --user-group keystone \
|
|
&& /var/lib/kolla/venv/bin/pip --no-cache-dir install --upgrade -c requirements/upper-constraints.txt /keystone \
|
|
&& mkdir -p /etc/keystone /var/www/cgi-bin/keystone /var/log/apache2 /home/keystone \
|
|
&& cp -r /keystone/etc/* /etc/keystone/ \
|
|
&& cp /keystone/httpd/keystone.py /var/www/cgi-bin/keystone/admin \
|
|
&& cp /keystone/httpd/keystone.py /var/www/cgi-bin/keystone/main \
|
|
&& chown -R keystone: /etc/keystone /var/www/cgi-bin/keystone /var/log/apache2 /home/keystone
|
|
|
|
{% endif %}
|
|
|
|
# NOTE(SamYaple): This is to reintroduce a deprecated option as a quick-fix
|
|
# until the correct new procedure is implemented.
|
|
# TODO(SamYaple): Replace this with `keystone-manage bootstrap`
|
|
RUN sed -i 's|token_auth json_body|token_auth admin_token_auth json_body|g' /etc/keystone/keystone-paste.ini
|
|
|
|
RUN chown -R keystone: /var/www/cgi-bin/keystone \
|
|
&& chmod 755 /var/www/cgi-bin/keystone/*
|
|
|
|
COPY extend_start.sh /usr/local/bin/kolla_extend_start
|
|
RUN chmod 755 /usr/local/bin/kolla_extend_start
|
|
|
|
{{ include_footer }}
|