Keystone Authtoken Cache: allow universal secret key to be set
This PS allows a cache secret key for all instances of keystone middleware to be defined in a single location. Change-Id: I3d5c78732d8a8bb9110117130f0d886fea609526 Partial-Bug: 1753251
This commit is contained in:
parent
16c6d31155
commit
1c85fdc390
@ -25,11 +25,6 @@ limitations under the License.
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.barbican.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
# Set a random string as secret key.
|
||||
{{- if empty .Values.conf.barbican.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.barbican.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.barbican.keystone_authtoken.region_name -}}
|
||||
{{- set .Values.conf.barbican.keystone_authtoken "region_name" .Values.endpoints.identity.auth.barbican.region_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
@ -52,6 +47,9 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.barbican.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.barbican.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.barbican.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.barbican.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.barbican.DEFAULT.sql_connection -}}
|
||||
{{- tuple "oslo_db" "internal" "barbican" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.barbican.DEFAULT "sql_connection" | quote | trunc 0 -}}
|
||||
|
@ -389,6 +389,7 @@ conf:
|
||||
auth_type: password
|
||||
auth_version: v3
|
||||
memcache_security_strategy: ENCRYPT
|
||||
memcache_secret_key: null
|
||||
database:
|
||||
max_retries: -1
|
||||
barbican_api:
|
||||
@ -492,6 +493,13 @@ endpoints:
|
||||
http:
|
||||
default: 15672
|
||||
oslo_cache:
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
|
@ -28,6 +28,9 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.ceilometer.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.ceilometer.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.ceilometer.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.ceilometer.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.ceilometer.database.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "ceilometer" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "connection" | quote | trunc 0 -}}
|
||||
|
@ -1767,6 +1767,13 @@ endpoints:
|
||||
mongodb:
|
||||
default: 27017
|
||||
oslo_cache:
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcache
|
||||
host_fqdn_override:
|
||||
|
@ -25,11 +25,6 @@ limitations under the License.
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.cinder.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
# Set a random string as secret key.
|
||||
{{- if empty .Values.conf.cinder.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.cinder.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.cinder.keystone_authtoken.region_name -}}
|
||||
{{- set .Values.conf.cinder.keystone_authtoken "region_name" .Values.endpoints.identity.auth.cinder.region_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
@ -52,6 +47,9 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.cinder.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.cinder.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.cinder.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.cinder.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.cinder.database.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "cinder" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.cinder.database "connection" | quote | trunc 0 -}}
|
||||
|
@ -795,6 +795,13 @@ endpoints:
|
||||
http:
|
||||
default: 15672
|
||||
oslo_cache:
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
|
@ -28,6 +28,9 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.congress.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.congress.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.congress.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.congress.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.congress.keystone_authtoken.auth_url -}}
|
||||
{{- tuple "identity" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.congress.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||
|
@ -241,6 +241,13 @@ endpoints:
|
||||
mysql:
|
||||
default: 3306
|
||||
oslo_cache:
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
|
@ -31,14 +31,6 @@ limitations under the License.
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance_registry.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
# Set a random string as secret key.
|
||||
{{- if empty .Values.conf.glance.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.glance.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.glance_registry.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.glance_registry.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.glance.keystone_authtoken.region_name -}}
|
||||
{{- set .Values.conf.glance.keystone_authtoken "region_name" .Values.endpoints.identity.auth.glance.region_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
@ -83,6 +75,12 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.glance_registry.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.glance_registry.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.glance.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.glance.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.glance_registry.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.glance_registry.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.glance.database.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "glance" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance.database "connection" | quote | trunc 0 -}}
|
||||
|
@ -493,6 +493,13 @@ endpoints:
|
||||
mysql:
|
||||
default: 3306
|
||||
oslo_cache:
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
|
@ -27,9 +27,8 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.gnocchi.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.gnocchi.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
# Set a random string as secret key.
|
||||
{{- if empty .Values.conf.gnocchi.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.gnocchi.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- set .Values.conf.gnocchi.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.gnocchi.keystone_authtoken.region_name -}}
|
||||
|
@ -462,6 +462,13 @@ endpoints:
|
||||
mysql:
|
||||
default: 3306
|
||||
oslo_cache:
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcache
|
||||
host_fqdn_override:
|
||||
|
@ -25,10 +25,6 @@ limitations under the License.
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
# Set a random string as secret key.
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.heat.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.region_name -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken "region_name" .Values.endpoints.identity.auth.heat.region_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
@ -80,6 +76,9 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.heat.database.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "heat" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database "connection" | quote | trunc 0 -}}
|
||||
|
@ -509,6 +509,13 @@ endpoints:
|
||||
mysql:
|
||||
default: 3306
|
||||
oslo_cache:
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
|
@ -45,6 +45,9 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.ironic.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.ironic.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.ironic.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.ironic.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.ironic.database.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "ironic" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ironic.database "connection" | quote | trunc 0 -}}
|
||||
|
@ -335,6 +335,13 @@ endpoints:
|
||||
mysql:
|
||||
default: 3306
|
||||
oslo_cache:
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
|
@ -25,11 +25,6 @@ limitations under the License.
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.magnum.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
# Set a random string as secret key.
|
||||
{{- if empty .Values.conf.magnum.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.magnum.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.magnum.keystone_authtoken.region_name -}}
|
||||
{{- set .Values.conf.magnum.keystone_authtoken "region_name" .Values.endpoints.identity.auth.magnum.region_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
@ -52,6 +47,9 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.magnum.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.magnum.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.magnum.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.magnum.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.magnum.database.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "magnum" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.magnum.database "connection" | quote | trunc 0 -}}
|
||||
|
@ -273,6 +273,13 @@ endpoints:
|
||||
mysql:
|
||||
default: 3306
|
||||
oslo_cache:
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
|
@ -25,11 +25,6 @@ limitations under the License.
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.mistral.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
# Set a random string as secret key.
|
||||
{{- if empty .Values.conf.mistral.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.mistral.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.mistral.keystone_authtoken.region_name -}}
|
||||
{{- set .Values.conf.mistral.keystone_authtoken "region_name" .Values.endpoints.identity.auth.mistral.region_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
@ -52,6 +47,9 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.mistral.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.mistral.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.mistral.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.mistral.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.mistral.database.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "mistral" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.mistral.database "connection" | quote | trunc 0 -}}
|
||||
|
@ -246,6 +246,13 @@ endpoints:
|
||||
http:
|
||||
default: 15672
|
||||
oslo_cache:
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
|
@ -25,11 +25,6 @@ limitations under the License.
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.neutron.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||
{{- end }}
|
||||
|
||||
# Set a random string as secret key.
|
||||
{{- if empty .Values.conf.neutron.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.neutron.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.neutron.keystone_authtoken.project_name -}}
|
||||
{{- set .Values.conf.neutron.keystone_authtoken "project_name" .Values.endpoints.identity.auth.neutron.project_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
@ -52,6 +47,9 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.neutron.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.neutron.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end }}
|
||||
{{- if empty .Values.conf.neutron.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.neutron.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.neutron.database.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "neutron" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.neutron.database "connection" | quote | trunc 0 -}}
|
||||
|
@ -1073,49 +1073,56 @@ secrets:
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
oslo_db:
|
||||
auth:
|
||||
admin:
|
||||
username: root
|
||||
password: password
|
||||
neutron:
|
||||
username: neutron
|
||||
password: password
|
||||
hosts:
|
||||
default: mariadb
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
path: /neutron
|
||||
scheme: mysql+pymysql
|
||||
port:
|
||||
mysql:
|
||||
default: 3306
|
||||
auth:
|
||||
admin:
|
||||
username: root
|
||||
password: password
|
||||
neutron:
|
||||
username: neutron
|
||||
password: password
|
||||
hosts:
|
||||
default: mariadb
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
path: /neutron
|
||||
scheme: mysql+pymysql
|
||||
port:
|
||||
mysql:
|
||||
default: 3306
|
||||
oslo_messaging:
|
||||
auth:
|
||||
admin:
|
||||
auth:
|
||||
admin:
|
||||
username: rabbitmq
|
||||
password: password
|
||||
neutron:
|
||||
username: neutron
|
||||
password: password
|
||||
hosts:
|
||||
default: rabbitmq
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
path: /
|
||||
scheme: rabbit
|
||||
port:
|
||||
amqp:
|
||||
default: 5672
|
||||
http:
|
||||
default: 15672
|
||||
neutron:
|
||||
username: neutron
|
||||
password: password
|
||||
hosts:
|
||||
default: rabbitmq
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
path: /
|
||||
scheme: rabbit
|
||||
port:
|
||||
amqp:
|
||||
default: 5672
|
||||
http:
|
||||
default: 15672
|
||||
oslo_cache:
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
memcache:
|
||||
default: 11211
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
memcache:
|
||||
default: 11211
|
||||
compute:
|
||||
name: nova
|
||||
hosts:
|
||||
|
@ -26,11 +26,6 @@ limitations under the License.
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.nova.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
# Set a random string as secret key.
|
||||
{{- if empty .Values.conf.nova.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.nova.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.nova.keystone_authtoken.region_name -}}
|
||||
{{- set .Values.conf.nova.keystone_authtoken "region_name" .Values.endpoints.identity.auth.nova.region_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
@ -53,6 +48,9 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.nova.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.nova.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.nova.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.nova.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.nova.database.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "nova" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.database "connection" | quote | trunc 0 -}}
|
||||
|
@ -1140,6 +1140,13 @@ endpoints:
|
||||
http:
|
||||
default: 15672
|
||||
oslo_cache:
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
|
@ -44,6 +44,9 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.rally.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.rally.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.rally.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.rally.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.rally.database.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "rally" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.rally.database "connection" | quote | trunc 0 -}}
|
||||
|
@ -251,6 +251,9 @@ endpoints:
|
||||
mysql:
|
||||
default: 3306
|
||||
oslo_cache:
|
||||
auth:
|
||||
keystone_authtoken:
|
||||
secret_key: null
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
|
@ -26,11 +26,6 @@ limitations under the License.
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.senlin.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
# Set a random string as secret key.
|
||||
{{- if empty .Values.conf.senlin.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.senlin.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.senlin.keystone_authtoken.region_name -}}
|
||||
{{- set .Values.conf.senlin.keystone_authtoken "region_name" .Values.endpoints.identity.auth.senlin.region_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
@ -53,6 +48,9 @@ limitations under the License.
|
||||
{{- if empty .Values.conf.senlin.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.senlin.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.senlin.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- set .Values.conf.senlin.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.senlin.database.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "senlin" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.senlin.database "connection" | quote | trunc 0 -}}
|
||||
|
@ -286,6 +286,13 @@ endpoints:
|
||||
mysql:
|
||||
default: 3306
|
||||
oslo_cache:
|
||||
auth:
|
||||
# NOTE(portdirect): this is used to define the value for keystone
|
||||
# authtoken cache encryption key, if not set it will be populated
|
||||
# automatically with a random value, but to take advantage of
|
||||
# this feature all services should be set to use the same key,
|
||||
# and memcache service.
|
||||
memcache_secret_key: null
|
||||
hosts:
|
||||
default: memcached
|
||||
host_fqdn_override:
|
||||
|
Loading…
Reference in New Issue
Block a user