openstack
/
magnum
Code Issues Proposed changes
magnum/magnum/conf
History
Feilong Wang d8df9d0c36 [fedora-atomic][k8s] Support default Keystone auth policy file 
With the new config option `keystone_auth_default_policy`, cloud admin
can set a default keystone auth policy for k8s cluster when the
keystone auth is enabled. As a result, user can use their current
keystone user to access k8s cluster as long as they're assigned
correct roles, and they will get the pre-defined permissions
set by the cloud provider.

The default policy now is based on the v2 format recently introduced
in k8s-keystone-auth which is getting more useful now. For example,
in v1 it doesn't support a policy for user to access resources from
all namespaces but kube-system, but v2 can do that.

NOTE: Now we're using openstackmagnum dockerhub repo until CPO
team fixing their image release issue.

Task: 30069
Story: 1755770

Change-Id: I2425e957bd99edc92482b6f11ca0b1f91fe59ff6
 		2019-06-11 11:57:15 +12:00
..
__init__.py [fedora-atomic][k8s] Support default Keystone auth policy file 2019-06-11 11:57:15 +12:00
api.py Support magnum-api multiple process workers 2017-01-09 20:25:55 +08:00
barbican.py Centralize config option: all clients section 2016-09-22 00:59:44 +00:00
certificates.py Centralize config option: certificates section 2016-09-22 05:57:39 +00:00
cinder.py Add default for [cinder]default_docker_volume_type 2017-08-21 10:06:41 +00:00
cluster.py Delete Octavia loadbalancers for fedora atomic k8s driver 2018-12-13 13:18:40 +13:00
cluster_heat.py Centralize config option: cluster_heat section 2016-09-22 05:56:43 +00:00
cluster_templates.py Centralize config option: cluster_template section 2016-09-22 12:44:18 +07:00
conductor.py Support magnum-conductor multiple process workers 2017-05-02 02:21:29 +00:00
database.py Fix db config 2017-03-28 14:31:26 +00:00
docker.py Move to docker python SDK 2.x.x 2017-06-09 15:03:25 +00:00
docker_registry.py Centralize config option: docker_registry section 2016-10-11 11:05:40 +07:00
drivers.py Deprecate send_cluster_metrics 2018-08-20 10:53:50 +12:00
glance.py Centralize config option: all clients section 2016-09-22 00:59:44 +00:00
heat.py Centralize config option: all clients section 2016-09-22 00:59:44 +00:00
keystone.py Centralize config option: keystone_auth section 2016-09-22 05:57:53 +00:00
kubernetes.py [fedora-atomic][k8s] Support default Keystone auth policy file 2019-06-11 11:57:15 +12:00
magnum_client.py Centralize config option: all clients section 2016-09-22 00:59:44 +00:00
neutron.py Centralize config option: all clients section 2016-09-22 00:59:44 +00:00
nova.py Centralize config option: all clients section 2016-09-22 00:59:44 +00:00
octavia.py Add Octavia python client for Magnum 2018-11-05 11:45:41 -08:00
opts.py Init magnum centralize config 2016-09-20 10:12:33 +07:00
paths.py Centralize config option: paths section 2016-09-22 05:56:53 +00:00
profiler.py Integrate OSProfiler in Magnum 2017-01-24 07:43:31 +07:00
quota.py Resource Quota - Add config option to limit clusters 2017-01-23 11:00:02 -06:00
rpc.py Remove unused config periodic_global_stack_list 2017-08-17 06:10:59 +00:00
services.py Use HostAddressOpt for opts that accept IP and hostnames 2018-06-13 22:23:14 -04:00
trust.py Add missing ws separator between words 2018-11-21 14:24:53 +08:00
utils.py Centralize config option: urlfetch and periodic 2016-10-11 04:04:38 +00:00
x509.py Centralize config option: x509 section 2016-09-22 05:58:01 +00:00