final bugfix

neutron/templates/etc/_neutron.conf.tpl

@@ -1057,6 +1057,20 @@
 # From keystonemiddleware.auth_token
 #
 
+# FIXME(alanmeadows) - added the next several lines because oslo gen config refuses to generate the line items required in keystonemiddleware 
+# for authentication - while it does support an "auth_section" parameter to locate these elsewhere, it would be a strange divergence 
+# from how neutron keystone authentication is stored today - ocata and later appear to use a "service" user section which can house these details
+# and does successfully generate beyond newton, so likely this whole section will be removed the next time we generate this file
+
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.auth_url }}#{{ end }}auth_url = {{ .keystone_authtoken.keystonemiddleware.auth_token.auth_url | default "<None>" }}
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.region_name }}#{{ end }}region_name = {{ .keystone_authtoken.keystonemiddleware.auth_token.region_name | default "<None>" }}
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.project_name }}#{{ end }}project_name = {{ .keystone_authtoken.keystonemiddleware.auth_token.project_name | default "<None>" }}
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.project_domain_name }}#{{ end }}project_domain_name = {{ .keystone_authtoken.keystonemiddleware.auth_token.project_domain_name | default "<None>" }}
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.user_domain_name }}#{{ end }}user_domain_name = {{ .keystone_authtoken.keystonemiddleware.auth_token.user_domain_name | default "<None>" }}
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.username }}#{{ end }}username = {{ .keystone_authtoken.keystonemiddleware.auth_token.username | default "<None>" }}
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.password }}#{{ end }}password = {{ .keystone_authtoken.keystonemiddleware.auth_token.password | default "<None>" }}
+
+
 # Complete "public" Identity API endpoint. This endpoint should not be an
 # "admin" endpoint, as it should be accessible by all end users.
 # Unauthenticated clients are redirected to this endpoint to authenticate.

neutron/values.yaml

@@ -89,7 +89,7 @@ network:
     port: 8775
 
 keystone:
-  
+
   admin_user: "admin"
   admin_user_domain: "default"
   admin_password: "password"
@@ -317,10 +317,12 @@ conf:
     keystone_authtoken:
       keystonemiddleware:
         auth_token:
+          auth_type: password
+          auth_version: v3
           region_name: RegionOne
           project_domain_name: default
           project_name: admin
-          user_domain_name: admin
+          user_domain_name: default
           username: admin
           password: password          
   ml2_conf: