openstack/puppet-keystone
Code Issues Proposed changes
898 Commits 6 Branches 45 Tags
a5da52ec52
Commit Graph

6 Commits

Author SHA1 Message Date
Emilien Macchi
3f0c6d5f96 examples: fix apache_with_paths.pp 
Minor fix for examples, to avoid any confusion.

Change-Id: I6e07b0823b141f65be237303a15520d46cda5e5a
Closes-bug: #1267627
 2015-04-15 10:00:06 -04:00
Sebastien Badia
c453d7f313 Add Puppet 4.x lint checks 
The puppet-lint requirement is now changed, so we can use puppet-lint
plugins. Most of these plugins are for 4.x compat, but some just catch
common errors.

Change-Id: I988929331e3f0cbef5e10ec9116cdba9ded16967
 2015-03-16 09:16:00 +01:00
Mathieu Gagné
29b6875331 Remove deprecated parameters 
* keystone::endpoint::public_port (deprecated since 4.0.0)
* keystone::endpoint::public_protocol (deprecated since 4.0.0)
* keystone::endpoint::public_address (deprecated since 4.0.0)
* keystone::endpoint::internal_address (deprecated since 4.0.0)
* keystone::endpoint::internal_port (deprecated since 4.0.0)
* keystone::endpoint::admin_address (deprecated since 4.0.0)
* keystone::endpoint::admin_port (deprecated since 4.0.0)
* keystone::sql_connection (deprecated since 4.1.0)
* keystone::idle_timeout (deprecated since 4.1.0)
* keystone::bind_host (deprecated since 4.0.0)
* keystone::token_format (deprecated since 3.0.0)

Change-Id: I8b8ed42d4d81aa8091f2fae38f05cb74428051a9
 2014-11-25 14:18:10 -05:00
Emilien Macchi
6aa7a17941 enabling tokens flushing using cron 
This patch is for configuring a flush token cron when using database as
backend for tokens storage.
While potentially useful for auditing in production environments,
the accumulation of expired tokens will considerably
increase database size and may decrease service performance,
particularly in test environments with limited resources.
It's recommanded to create a crontab to flush tokens every hour.

Change-Id: Icd819cc95b3440f43c5b588f9f2dd6ca47b25a71
Signed-off-by: Emilien Macchi <emilien.macchi@enovance.com>
 2014-05-21 19:50:52 +02:00
François Charlier
9cc9e347d5 Updated endpoints to support paths and ssl 
- Add {public,admin,internal}_url parameters to override other
  {public,admin,internal}_ parameters.
- Also change some 'real_' prefix into '_real' suffix to respect the
coding guide.
- Fixed parsing the ssl/enable value in the provider.
- Update examples

Change-Id: I78d2695eb5cb1287538afe154668da9fe23e62a3
 2013-12-09 14:48:17 +01:00
François Charlier
e35a6dc6ee Enable serving keystone from apache mod_wsgi 
Serving keystone from a wsgi container is recommended for production
setups. SSL is enabled by default.

See the following URLs for explanations:
    http://adam.younglogic.com/2012/03/keystone-should-move-to-apache-httpd/
    https://etherpad.openstack.org/havana-keystone-performance

Documentation in manifests/wsgi/apache.pp

Apache can be configured as a drop in replacement for keystone (using
    ports 5000 & 35357) or with paths using the standard SSL port. See
examples in examples/apache_*.pp

- Also change some 'real_' prefix into '_real' suffix to respect the
coding guide.
- Added the '--insecure' option to keystone client in the provider to
allow using self-signed certificates.
- Fixed parsing the ssl/enable value in the provider.

There is no integer verification done in the manifests
and to get around a bug in rspec, which has been fixed
in https://github.com/rodjek/rspec-puppet/pull/107,
certain parameters that should be integer are treated as
strings

files/httpd/keystone.py updated with lastest from keystone git repo

Change-Id: Ide8c090d105c1ea75a14939f5e8ddb7d24ca3f1c
 2013-11-21 13:35:31 -05:00