Change auth_strategy default to keystone
The current default for auth_strategy is noauth, which is not how it is expected to be set in production environments. Note: Functional tests should be good with noauth. Co-Authored-By: Adam Harwell <flux.adam@gmail.com> Co-Authored-By: Michael Johnson <johnsomor@gmail.com> Change-Id: Ifc80fff06a1d793d7cee0b207af10061784e48db
This commit is contained in:
parent
a669d7e4f1
commit
75c1c5f22a
@ -18,7 +18,7 @@ Listen %OCTAVIA_SERVICE_PORT%
|
||||
|
||||
<VirtualHost *:%OCTAVIA_SERVICE_PORT%>
|
||||
|
||||
WSGIDaemonProcess octavia-wsgi processes=%APIWORKERS% threads=1 display-name=%{GROUP} %VIRTUALENV%
|
||||
WSGIDaemonProcess octavia-wsgi processes=%APIWORKERS% threads=1 user=%USER% display-name=%{GROUP} %VIRTUALENV%
|
||||
WSGIProcessGroup octavia-wsgi
|
||||
WSGIScriptAlias / /usr/local/bin/octavia-wsgi
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
|
@ -112,6 +112,7 @@ function _configure_octavia_apache_wsgi {
|
||||
sudo cp ${OCTAVIA_DIR}/devstack/files/wsgi/octavia-api.template $octavia_apache_conf
|
||||
sudo sed -e "
|
||||
s|%OCTAVIA_SERVICE_PORT%|$octavia_api_port|g;
|
||||
s|%USER%|$APACHE_USER|g;
|
||||
s|%APACHE_NAME%|$APACHE_NAME|g;
|
||||
s|%SSLENGINE%|$octavia_ssl|g;
|
||||
s|%SSLCERTFILE%|$octavia_certfile|g;
|
||||
@ -138,7 +139,7 @@ function _stop_octavia_apache_wsgi {
|
||||
}
|
||||
|
||||
function create_octavia_accounts {
|
||||
create_service_user "octavia"
|
||||
create_service_user $OCTAVIA
|
||||
|
||||
local octavia_service=$(get_or_create_service "octavia" \
|
||||
"load-balancer" "Octavia Load Balancing Service")
|
||||
@ -177,7 +178,6 @@ function octavia_configure {
|
||||
iniset $OCTAVIA_CONF service_auth project_name $OCTAVIA_PROJECT_NAME
|
||||
iniset $OCTAVIA_CONF service_auth project_domain_name $OCTAVIA_PROJECT_DOMAIN_NAME
|
||||
iniset $OCTAVIA_CONF service_auth cafile $SSL_BUNDLE_FILE
|
||||
iniset $OCTAVIA_CONF service_auth signing_dir $signing_dir
|
||||
iniset $OCTAVIA_CONF service_auth memcached_servers $SERVICE_HOST:11211
|
||||
|
||||
# Setting other required default options
|
||||
@ -516,7 +516,7 @@ function octavia_cleanup {
|
||||
# create_octavia_cache_dir() - Part of the configure_octavia() process
|
||||
function create_octavia_cache_dir {
|
||||
# Create cache dir
|
||||
sudo install -d -o $STACK_USER $OCTAVIA_AUTH_CACHE_DIR
|
||||
sudo install -d -o $APACHE_USER $OCTAVIA_AUTH_CACHE_DIR
|
||||
rm -f $OCTAVIA_AUTH_CACHE_DIR/*
|
||||
}
|
||||
|
||||
|
@ -6,7 +6,7 @@
|
||||
# api_handler = queue_producer
|
||||
#
|
||||
# How should authentication be handled (keystone, noauth)
|
||||
# auth_strategy = noauth
|
||||
# auth_strategy = keystone
|
||||
#
|
||||
# Plugin options are hot_plug_plugin (Hot-pluggable controller plugin)
|
||||
#
|
||||
|
@ -35,7 +35,7 @@ core_opts = [
|
||||
help=_("The host IP to bind to")),
|
||||
cfg.PortOpt('bind_port', default=9876,
|
||||
help=_("The port to bind to")),
|
||||
cfg.StrOpt('auth_strategy', default=constants.NOAUTH,
|
||||
cfg.StrOpt('auth_strategy', default=constants.KEYSTONE,
|
||||
choices=[constants.NOAUTH,
|
||||
constants.KEYSTONE,
|
||||
constants.TESTING],
|
||||
|
@ -60,7 +60,7 @@ class BaseAPITest(base_db_test.OctaviaDBTestBase):
|
||||
conf.config(api_handler='simulated_handler')
|
||||
conf.config(group="controller_worker",
|
||||
network_driver='network_noop_driver')
|
||||
conf.config(auth_strategy='noauth')
|
||||
conf.config(auth_strategy=constants.NOAUTH)
|
||||
self.lb_repo = repositories.LoadBalancerRepository()
|
||||
self.listener_repo = repositories.ListenerRepository()
|
||||
self.listener_stats_repo = repositories.ListenerStatisticsRepository()
|
||||
|
@ -69,6 +69,7 @@ class BaseAPITest(base_db_test.OctaviaDBTestBase):
|
||||
self.conf.config(api_handler='simulated_handler')
|
||||
self.conf.config(group="controller_worker",
|
||||
network_driver='network_noop_driver')
|
||||
self.conf.config(auth_strategy=constants.NOAUTH)
|
||||
self.lb_repo = repositories.LoadBalancerRepository()
|
||||
self.listener_repo = repositories.ListenerRepository()
|
||||
self.listener_stats_repo = repositories.ListenerStatisticsRepository()
|
||||
|
Loading…
Reference in New Issue
Block a user