Remove dependency on the Keystone admin auth token
Now that auth token usage is deprecated, prefer the admin user and password for all zaqar setup tasks run against keystone. Default vars in keystone namespace have also been removed. Change-Id: Ic6639d5765925ce6a50b3e9f701eafb45cd6a004
This commit is contained in:
parent
8dd77ff2c5
commit
592eab69a8
|
@ -146,10 +146,3 @@ zaqar_pip_packages:
|
|||
|
||||
## Tunable overrides
|
||||
zaqar_zaqar_conf_overrides: {}
|
||||
|
||||
## Hacking Keystone related vars
|
||||
keystone_service_adminuri_insecure: true
|
||||
keystone_auth_admin_token: ADMIN
|
||||
keystone_service_adminurl: http://192.168.33.12:35357/v3
|
||||
keystone_service_adminuri: http://192.168.33.12:35357
|
||||
keystone_service_internaluri: http://192.168.33.12:5000
|
||||
|
|
|
@ -16,8 +16,10 @@
|
|||
- name: Ensure zaqar service
|
||||
keystone:
|
||||
command: "ensure_service"
|
||||
token: "{{ keystone_auth_admin_token }}"
|
||||
endpoint: "{{ keystone_service_adminurl }}"
|
||||
login_user: "{{ keystone_admin_user_name }}"
|
||||
login_password: "{{ keystone_auth_admin_password }}"
|
||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||
service_name: "{{ zaqar_service_name }}"
|
||||
service_type: "{{ zaqar_service_type }}"
|
||||
description: "{{ zaqar_service_description }}"
|
||||
|
@ -35,8 +37,10 @@
|
|||
command: ensure_project
|
||||
project_name: "{{ zaqar_service_tenant_name }}"
|
||||
region_name: "{{ zaqar_service_region }}"
|
||||
token: "{{ keystone_auth_admin_token }}"
|
||||
endpoint: "{{ keystone_service_adminurl }}"
|
||||
login_user: "{{ keystone_admin_user_name }}"
|
||||
login_password: "{{ keystone_auth_admin_password }}"
|
||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||
insecure: "{{ keystone_service_adminuri_insecure }}"
|
||||
tags:
|
||||
- zaqar-setup
|
||||
|
@ -45,8 +49,10 @@
|
|||
- name: Ensure zaqar user
|
||||
keystone:
|
||||
command: "ensure_user"
|
||||
token: "{{ keystone_auth_admin_token }}"
|
||||
endpoint: "{{ keystone_service_adminurl }}"
|
||||
login_user: "{{ keystone_admin_user_name }}"
|
||||
login_password: "{{ keystone_auth_admin_password }}"
|
||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||
user_name: "{{ zaqar_service_user_name }}"
|
||||
tenant_name: "{{ zaqar_service_tenant_name }}"
|
||||
password: "{{ zaqar_service_user_password }}"
|
||||
|
@ -62,8 +68,10 @@
|
|||
- name: Ensure zaqar user to admin role
|
||||
keystone:
|
||||
command: "ensure_user_role"
|
||||
token: "{{ keystone_auth_admin_token }}"
|
||||
endpoint: "{{ keystone_service_adminurl }}"
|
||||
login_user: "{{ keystone_admin_user_name }}"
|
||||
login_password: "{{ keystone_auth_admin_password }}"
|
||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||
user_name: "{{ zaqar_service_user_name }}"
|
||||
tenant_name: "{{ zaqar_service_project_name }}"
|
||||
role_name: "{{ zaqar_service_role_name }}"
|
||||
|
@ -81,8 +89,10 @@
|
|||
- name: Ensure zaqar endpoint
|
||||
keystone:
|
||||
command: "ensure_endpoint"
|
||||
token: "{{ keystone_auth_admin_token }}"
|
||||
endpoint: "{{ keystone_service_adminurl }}"
|
||||
login_user: "{{ keystone_admin_user_name }}"
|
||||
login_password: "{{ keystone_auth_admin_password }}"
|
||||
login_project_name: "{{ keystone_admin_tenant_name }}"
|
||||
region_name: "{{ zaqar_service_region }}"
|
||||
service_name: "{{ zaqar_service_name }}"
|
||||
service_type: "{{ zaqar_service_type }}"
|
||||
|
|
|
@ -22,3 +22,6 @@
|
|||
zaqar_install_nginx: true
|
||||
zaqar_api_bind_address: 192.168.33.11
|
||||
zaqar_mgmt_db_connection_string: 'sqlite:////tmp/zaqar.db'
|
||||
keystone_admin_user_name: admin
|
||||
keystone_admin_tenant_name: admin
|
||||
keystone_auth_admin_password: "SuperSecretePassword"
|
||||
|
|
Loading…
Reference in New Issue