openstack/kolla
Code Issues Proposed changes

Merge "Support Keystone Domain specific files"

Browse Source
This commit is contained in:
Jenkins 2016-07-18 12:15:52 +00:00 committed by Gerrit Code Review
commit d665e01f57
4 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
ansible/roles/keystone/tasks/config.yml
View File

@ -1,4 +1,8 @@
--- ---
- name: Check if Keystone Domain specific settings enabled
local_action: stat path="{{ node_custom_config }}/keystone/domains"
register: keystone_domain_cfg
- name: Ensuring config directories exist - name: Ensuring config directories exist
file: file:
path: "{{ node_config_directory }}/{{ item }}" path: "{{ node_config_directory }}/{{ item }}"
@ -7,6 +11,15 @@
with_items: with_items:
- "keystone" - "keystone"
- name: Creating Keystone Domain directory
file:
dest: "{{ node_config_directory }}/{{ item }}/domains/"
state: "directory"
when:
keystone_domain_cfg.stat.exists
with_items:
- "keystone"
- name: Copying over config.json files for services - name: Copying over config.json files for services
template: template:
src: "{{ item }}.json.j2" src: "{{ item }}.json.j2"
@ -29,6 +42,13 @@
with_items: with_items:
- "keystone" - "keystone"
- name: Copying Keystone Domain specific settings
copy:
src: "{{ item }}"
dest: "{{ node_config_directory }}/keystone/domains/"
with_fileglob:
- "{{ node_custom_config }}/keystone/domains/*"
- name: Copying over wsgi-keystone.conf - name: Copying over wsgi-keystone.conf
template: template:
src: "wsgi-keystone.conf.j2" src: "wsgi-keystone.conf.j2"

6
ansible/roles/keystone/templates/keystone.conf.j2
View File

@ -10,6 +10,12 @@ secure_proxy_ssl_header = HTTP_X_FORWARDED_PROTO
connection = mysql+pymysql://{{ keystone_database_user }}:{{ keystone_database_password }}@{{ keystone_database_address }}/{{ keystone_database_name }} connection = mysql+pymysql://{{ keystone_database_user }}:{{ keystone_database_password }}@{{ keystone_database_address }}/{{ keystone_database_name }}
max_retries = -1 max_retries = -1
{% if keystone_domain_cfg.stat.exists %}
[identity]
domain_specific_drivers_enabled = true
domain_config_dir = /etc/keystone/domains
{% endif %}
[cache] [cache]
backend = oslo_cache.memcache_pool backend = oslo_cache.memcache_pool
enabled = True enabled = True

7
ansible/roles/keystone/templates/keystone.json.j2
View File

@ -9,6 +9,13 @@
"owner": "keystone", "owner": "keystone",
"perm": "0600" "perm": "0600"
}, },
{
"source": "{{ container_config_directory }}/domains",
"dest": "/etc/keystone/domains",
"owner": "keystone",
"perm": "0600",
"optional": true
},
{ {
"source": "{{ container_config_directory }}/wsgi-keystone.conf", "source": "{{ container_config_directory }}/wsgi-keystone.conf",
"dest": "/etc/{{ keystone_dir }}/wsgi-keystone.conf", "dest": "/etc/{{ keystone_dir }}/wsgi-keystone.conf",

4
releasenotes/notes/support-ldap-e678ce5b0a7eaedb.yaml Normal file
View File

@ -0,0 +1,4 @@
---
features:
- LDAP & AD support has been added to the base images, and support
for Keystone multidomains config files.