openstack/nova
Code Issues Proposed changes

Update devref with vendordata changes.

Browse Source 
Change-Id: Id0e39e998b6fa46b0fc91d3512afdafcf50a01a2
This commit is contained in:
Michael Still 2017-02-01 14:55:08 +11:00 committed by Matt Riedemann
parent 42c1de9a1b
commit 812801561d
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/source/vendordata.rst
View File

@ -111,6 +111,12 @@ The following data is passed to your REST service as a JSON encoded POST:
| metadata | As specified by the user at boot time. |
+-------------+-------------------------------------------------+
The REST service is also passed the Keystone authentication details for the
original API request which caused this boot, which can be used by the REST
service to determine if the action is authorized.
Deployment considerations
=========================
Nova provides authentication to external metadata services in order to provide
some level of certainty that the request came from nova. This is done by
providing a service token with the request -- you can then just deploy your
metadata service with the keystone authentication WSGI middleware. This is
configured using the keystone authentication parameters in the
``vendordata_dynamic_auth`` configuration group.