Add an insecure option for Keystone client

Change-Id: I05cea4c79ad89d2c55008ea0d7ba9eefa5908fa2
Closes-Bug: #1232437

ceilometer/central/manager.py

@@ -73,7 +73,8 @@ class AgentManager(agent.AgentManager):
             tenant_name=cfg.CONF.service_credentials.os_tenant_name,
             cacert=cfg.CONF.service_credentials.os_cacert,
             auth_url=cfg.CONF.service_credentials.os_auth_url,
-            region_name=cfg.CONF.service_credentials.os_region_name)
+            region_name=cfg.CONF.service_credentials.os_region_name,
+            insecure=cfg.CONF.service_credentials.insecure)
 
         super(AgentManager, self).interval_task(task)
 

ceilometer/service.py

@@ -73,6 +73,10 @@ CLI_OPTIONS = [
                default=os.environ.get('OS_ENDPOINT_TYPE', 'publicURL'),
                help='Type of endpoint in Identity service catalog to use for '
                     'communication with OpenStack services.'),
+    cfg.BoolOpt('insecure',
+                default=False,
+                help='Does not perform X.509 certificate validation when'
+                     'establishing SSL connection with identity service.'),
 ]
 cfg.CONF.register_cli_opts(CLI_OPTIONS, group="service_credentials")
 

etc/ceilometer/ceilometer.conf.sample

@@ -709,6 +709,11 @@
 # communication with OpenStack services. (string value)
 #os_endpoint_type=publicURL
 
+# Does not perform X.509 certificate validation
+# whenestablishing SSL connection with identity service.
+# (boolean value)
+#insecure=false
+
 
 [dispatcher_file]