4341b79b3a
This patch introduces an insecure flag for the Keystone internal and admin endpoints: * keystone_service_adminuri_insecure * keystone_service_internaluri_insecure Both values default to false. If you have setup SSL endpoints for Keystone using an untrusted certificate then you should set the appropriate flag to true in your user_variables. This patch is used to enable testing and development with Keystone SSL endpoints without having to make use of SSL certificates signed by a trusted, public CA. The patch introduces a new optional argument (insecure) to the keystone, glance and neutron Ansible libraries. This is a boolean value which, when true, enables these libraries to access Keystone endpoints 'insecurely'. When these libraries are used in plays, the appropriate value is set automatically as per the above conditions. Implements: blueprint keystone-federation Change-Id: Ia07e7e201f901042dd06a86efe5c6f6725e9ce13
28 lines
842 B
Plaintext
28 lines
842 B
Plaintext
# Do not edit, changes will be overwritten
|
|
|
|
# COMMON CINDER ENVS
|
|
export CINDER_ENDPOINT_TYPE={{ openrc_cinder_endpoint_type }}
|
|
|
|
# COMMON NOVA ENVS
|
|
export NOVA_ENDPOINT_TYPE={{ openrc_nova_endpoint_type }}
|
|
|
|
# COMMON OPENSTACK ENVS
|
|
export OS_ENDPOINT_TYPE={{ openrc_os_endpoint_type }}
|
|
export OS_USERNAME={{ openrc_os_username }}
|
|
export OS_PASSWORD={{ openrc_os_password }}
|
|
export OS_TENANT_NAME={{ openrc_os_tenant_name }}
|
|
export OS_AUTH_URL={{ openrc_os_auth_url }}
|
|
export OS_NO_CACHE=1
|
|
|
|
{% if openrc_insecure | bool %}
|
|
# Convenience Aliases for Self-Signed Certs
|
|
alias cinder='cinder --insecure'
|
|
alias glance='glance --insecure'
|
|
alias heat='heat --insecure'
|
|
alias keystone='keystone --insecure'
|
|
alias neutron='neutron --insecure'
|
|
alias nova='nova --insecure'
|
|
alias openstack='openstack --insecure'
|
|
alias swift='swift --insecure'
|
|
{% endif %}
|