Add an insecure option for Keystone client

Change-Id: I05cea4c79ad89d2c55008ea0d7ba9eefa5908fa2 Closes-Bug: #1232437
2013-10-31 11:27:03 +01:00 · 2013-10-31 11:27:03 +01:00 · d48b4a3a4e
commit d48b4a3a4e
parent 190a02a5fd
3 changed files with 11 additions and 1 deletions
--- a/ceilometer/central/manager.py
+++ b/ceilometer/central/manager.py
@ -73,7 +73,8 @@ class AgentManager(agent.AgentManager):
            tenant_name=cfg.CONF.service_credentials.os_tenant_name,
            cacert=cfg.CONF.service_credentials.os_cacert,
            auth_url=cfg.CONF.service_credentials.os_auth_url,
-            region_name=cfg.CONF.service_credentials.os_region_name)
+            region_name=cfg.CONF.service_credentials.os_region_name,
+            insecure=cfg.CONF.service_credentials.insecure)

        super(AgentManager, self).interval_task(task)

--- a/ceilometer/service.py
+++ b/ceilometer/service.py
@ -73,6 +73,10 @@ CLI_OPTIONS = [
               default=os.environ.get('OS_ENDPOINT_TYPE', 'publicURL'),
               help='Type of endpoint in Identity service catalog to use for '
                    'communication with OpenStack services.'),
+    cfg.BoolOpt('insecure',
+                default=False,
+                help='Does not perform X.509 certificate validation when'
+                     'establishing SSL connection with identity service.'),
 ]
 cfg.CONF.register_cli_opts(CLI_OPTIONS, group="service_credentials")

--- a/etc/ceilometer/ceilometer.conf.sample
+++ b/etc/ceilometer/ceilometer.conf.sample
@ -709,6 +709,11 @@
 # communication with OpenStack services. (string value)
 #os_endpoint_type=publicURL

+# Does not perform X.509 certificate validation
+# whenestablishing SSL connection with identity service.
+# (boolean value)
+#insecure=false
+

 [dispatcher_file]