Merge "Enable keystonemiddleware cache encryption"

2017-08-25 01:56:10 +00:00 · 2017-08-25 01:56:10 +00:00 · d04e69c438
commit d04e69c438
parent 4740486f63 c35f08c4fa
18 changed files with 57 additions and 0 deletions
--- a/barbican/templates/configmap-etc.yaml
+++ b/barbican/templates/configmap-etc.yaml
@ -27,6 +27,11 @@ limitations under the License.
 {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.barbican.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
 {{- end -}}
 # Set a random string as secret key.
 {{- if empty .Values.conf.barbican.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
 {{- randAlphaNum 64 | set .Values.conf.barbican.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
 {{- end -}}
 {{- if empty .Values.conf.barbican.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
 {{- set .Values.conf.barbican.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
 {{- end -}}
--- a/barbican/values.yaml
+++ b/barbican/values.yaml
@ -188,6 +188,7 @@ conf:
        auth_token:
          auth_type: password
          auth_version: v3
          memcache_security_strategy: ENCRYPT
    database:
      oslo:
        db:
--- a/cinder/templates/configmap-etc.yaml
+++ b/cinder/templates/configmap-etc.yaml
@ -28,6 +28,11 @@ limitations under the License.
 {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.cinder.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
 {{- end -}}
 # Set a random string as secret key.
 {{- if empty .Values.conf.cinder.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
 {{- randAlphaNum 64 | set .Values.conf.cinder.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
 {{- end -}}
 {{- if empty .Values.conf.cinder.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
 {{- set .Values.conf.cinder.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
 {{- end -}}
--- a/cinder/values.yaml
+++ b/cinder/values.yaml
@ -217,6 +217,7 @@ conf:
        auth_token:
          auth_version: v3
          auth_type: password
          memcache_security_strategy: ENCRYPT
    oslo_concurrency:
      oslo:
        concurrency:
--- a/glance/templates/configmap-etc.yaml
+++ b/glance/templates/configmap-etc.yaml
@ -35,6 +35,14 @@ limitations under the License.
 {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
 {{- end -}}
 # Set a random string as secret key.
 {{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
 {{- randAlphaNum 64 | set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
 {{- end -}}
 {{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
 {{- randAlphaNum 64 | set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
 {{- end -}}
 {{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
 {{- set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
 {{- end -}}
--- a/glance/values.yaml
+++ b/glance/values.yaml
@ -90,6 +90,7 @@ conf:
        auth_token:
          auth_type: password
          auth_version: v3
          memcache_security_strategy: ENCRYPT
    glance_store:
      glance:
        store:
@ -119,6 +120,7 @@ conf:
        auth_token:
          auth_type: password
          auth_version: v3
          memcache_security_strategy: ENCRYPT
    paste_deploy:
      glance:
        registry:
--- a/heat/templates/configmap-etc.yaml
+++ b/heat/templates/configmap-etc.yaml
@ -28,6 +28,10 @@ limitations under the License.
 {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
 {{- end -}}
 # Set a random string as secret key.
 {{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
 {{- randAlphaNum 64 | set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
 {{- end -}}
 {{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
 {{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
 {{- end -}}
--- a/heat/values.yaml
+++ b/heat/values.yaml
@ -58,6 +58,7 @@ conf:
        auth_token:
          auth_type: password
          auth_version: v3
          memcache_security_strategy: ENCRYPT
    trustee:
      heat:
        common:
--- a/magnum/templates/configmap-etc.yaml
+++ b/magnum/templates/configmap-etc.yaml
@ -28,6 +28,11 @@ limitations under the License.
 {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.magnum.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
 {{- end -}}
 # Set a random string as secret key.
 {{- if empty .Values.conf.magnum.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
 {{- randAlphaNum 64 | set .Values.conf.magnum.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
 {{- end -}}
 {{- if empty .Values.conf.magnum.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
 {{- set .Values.conf.magnum.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
 {{- end -}}
--- a/magnum/values.yaml
+++ b/magnum/values.yaml
@ -50,6 +50,7 @@ conf:
        auth_token:
          auth_type: password
          auth_version: v3
          memcache_security_strategy: ENCRYPT
    api:
      magnum:
        port: 9511
--- a/mistral/templates/configmap-etc.yaml
+++ b/mistral/templates/configmap-etc.yaml
@ -27,6 +27,11 @@ limitations under the License.
 {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.mistral.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
 {{- end -}}
 # Set a random string as secret key.
 {{- if empty .Values.conf.mistral.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
 {{- randAlphaNum 64 | set .Values.conf.mistral.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
 {{- end -}}
 {{- if empty .Values.conf.mistral.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
 {{- set .Values.conf.mistral.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
 {{- end -}}
--- a/mistral/values.yaml
+++ b/mistral/values.yaml
@ -237,6 +237,7 @@ conf:
        auth_token:
          auth_type: password
          auth_version: v3
          memcache_security_strategy: ENCRYPT
 pod:
  affinity:
--- a/neutron/templates/configmap-etc.yaml
+++ b/neutron/templates/configmap-etc.yaml
@ -38,6 +38,11 @@ limitations under the License.
 {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.neutron.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
 {{- end }}
 # Set a random string as secret key.
 {{- if empty .Values.conf.neutron.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
 {{- randAlphaNum 64 | set .Values.conf.neutron.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
 {{- end -}}
 {{- if empty .Values.conf.neutron.keystone_authtoken.keystonemiddleware.auth_token.project_name -}}
 {{- set .Values.conf.neutron.keystone_authtoken.keystonemiddleware.auth_token "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}}
 {{- end -}}
--- a/neutron/values.yaml
+++ b/neutron/values.yaml
@ -459,6 +459,7 @@ conf:
        auth_token:
          auth_type: password
          auth_version: v3
          memcache_security_strategy: ENCRYPT
  ml2_conf:
    override:
    append:
--- a/nova/templates/configmap-etc.yaml
+++ b/nova/templates/configmap-etc.yaml
@ -28,6 +28,11 @@ limitations under the License.
 {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.nova.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
 {{- end -}}
 # Set a random string as secret key.
 {{- if empty .Values.conf.nova.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
 {{- randAlphaNum 64 | set .Values.conf.nova.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
 {{- end -}}
 {{- if empty .Values.conf.nova.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
 {{- set .Values.conf.nova.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
 {{- end -}}
--- a/nova/values.yaml
+++ b/nova/values.yaml
@ -371,6 +371,7 @@ conf:
        auth_token:
          auth_type: password
          auth_version: v3
          memcache_security_strategy: ENCRYPT
    libvirt:
      nova:
--- a/senlin/templates/configmap-etc.yaml
+++ b/senlin/templates/configmap-etc.yaml
@ -28,6 +28,11 @@ limitations under the License.
 {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.senlin.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
 {{- end -}}
 # Set a random string as secret key.
 {{- if empty .Values.conf.senlin.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
 {{- randAlphaNum 64 | set .Values.conf.senlin.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
 {{- end -}}
 {{- if empty .Values.conf.senlin.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
 {{- set .Values.conf.senlin.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
 {{- end -}}
--- a/senlin/values.yaml
+++ b/senlin/values.yaml
@ -50,6 +50,7 @@ conf:
        auth_token:
          auth_type: password
          auth_version: v3
          memcache_security_strategy: ENCRYPT
    senlin_api:
      senlin:
        config: