Tacker uses OpenStack Barbican for secret keys
Use the OpenStack Barbican component instead of OpenStack Keystone as secret key handler. The reason behind is the way that Tacker handles the secret keys of complex scenarios (specially the scenarios with HA) and how they are stored or retrieved between different VMs or Blades. Change-Id: I63d40c5239d2585e8bb7ac3b9338252c9e28c4c6 Signed-off-by: Panagiotis Karalis <pkaralis@intracom-telecom.com>
This commit is contained in:
parent
8ddb25da3f
commit
dc536599f8
|
@ -129,6 +129,8 @@ tacker_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(
|
|||
tacker_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(tacker_service_proto) }}"
|
||||
tacker_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(tacker_service_proto) }}"
|
||||
|
||||
## Barbican service
|
||||
barbican_keys_backend: false
|
||||
|
||||
#NOTE: move password to tests/test-vars.yml
|
||||
tacker_service_password: password
|
||||
|
|
|
@ -103,6 +103,7 @@ mgmt_driver = noop,openwrt
|
|||
monitor_driver = ping, http_ping
|
||||
|
||||
[vim_keys]
|
||||
use_barbican = {{ barbican_keys_backend | bool }}
|
||||
openstack = {{ tacker_etc_dir }}/vim/fernet_keys
|
||||
|
||||
[oslo_messaging_rabbit]
|
||||
|
|
Loading…
Reference in New Issue