Adds config options for using SSL
Adds auth_ca_cert and auth_insecure config options. Change-Id: I4be39f47968a260d3958ef498050aba23a1aefe3 Closes-Bug: #1535823
This commit is contained in:
parent
811de8e9ab
commit
06134e437a
@ -75,6 +75,12 @@ keystone_opts = [
|
||||
cfg.StrOpt('admin_token',
|
||||
default=os.environ.get('SERVICE_TOKEN'),
|
||||
help=_('The admin token.')),
|
||||
cfg.StrOpt('auth_ca_cert',
|
||||
default=os.environ.get('SERVICE_CA_CERT'),
|
||||
help=_('The CA certification file.')),
|
||||
cfg.BoolOpt('auth_insecure',
|
||||
default=False,
|
||||
help=_("Turn off verification of the certificate for ssl")),
|
||||
]
|
||||
binding_opts = [
|
||||
cfg.StrOpt('veth_dst_prefix',
|
||||
|
@ -88,13 +88,16 @@ def get_neutron_client():
|
||||
password = keystone_conf.admin_password
|
||||
auth_token = keystone_conf.admin_token
|
||||
auth_uri = keystone_conf.auth_uri.rstrip('/')
|
||||
ca_cert = keystone_conf.auth_ca_cert
|
||||
insecure = keystone_conf.auth_insecure
|
||||
|
||||
neutron_uri = cfg.CONF.neutron_client.neutron_uri
|
||||
if username and password:
|
||||
# Authenticate with password crentials
|
||||
neutron_client = utils.get_neutron_client(
|
||||
url=neutron_uri, username=username, tenant_name=tenant_name,
|
||||
password=password, auth_url=auth_uri)
|
||||
password=password, auth_url=auth_uri,
|
||||
ca_cert=ca_cert, insecure=insecure)
|
||||
else:
|
||||
neutron_client = utils.get_neutron_client_simple(
|
||||
url=neutron_uri, auth_url=auth_uri, token=auth_token)
|
||||
|
@ -40,11 +40,12 @@ def get_neutron_client_simple(url, auth_url, token):
|
||||
|
||||
|
||||
def get_neutron_client(url, username, tenant_name, password,
|
||||
auth_url, timeout=30):
|
||||
auth_url, ca_cert, insecure, timeout=30):
|
||||
|
||||
return client_v2.Client(endpoint_url=url, timeout=timeout,
|
||||
username=username, tenant_name=tenant_name,
|
||||
password=password, auth_url=auth_url)
|
||||
password=password, auth_url=auth_url,
|
||||
ca_cert=ca_cert, insecure=insecure)
|
||||
|
||||
|
||||
# Return all errors as JSON. From http://flask.pocoo.org/snippets/83/
|
||||
|
Loading…
Reference in New Issue
Block a user