diff --git a/manifests/cinder.pp b/manifests/cinder.pp index b8690e2b6..955a2bffa 100644 --- a/manifests/cinder.pp +++ b/manifests/cinder.pp @@ -88,12 +88,13 @@ class openstack_integration::cinder ( amqp_sasl_mechanisms => 'PLAIN', } class { 'cinder::keystone::authtoken': - password => 'a_big_secret', - user_domain_name => 'Default', - project_domain_name => 'Default', - auth_url => $::openstack_integration::config::keystone_admin_uri, - www_authenticate_uri => $::openstack_integration::config::keystone_auth_uri, - memcached_servers => $::openstack_integration::config::memcached_servers, + password => 'a_big_secret', + user_domain_name => 'Default', + project_domain_name => 'Default', + auth_url => $::openstack_integration::config::keystone_admin_uri, + www_authenticate_uri => $::openstack_integration::config::keystone_auth_uri, + memcached_servers => $::openstack_integration::config::memcached_servers, + service_token_roles_required => true, } class { 'cinder::api': default_volume_type => 'BACKEND_1', diff --git a/manifests/nova.pp b/manifests/nova.pp index f59fc546f..cc57c7ef2 100644 --- a/manifests/nova.pp +++ b/manifests/nova.pp @@ -88,6 +88,7 @@ class openstack_integration::nova ( public_url => "${::openstack_integration::config::base_url}:8774/v2.1", internal_url => "${::openstack_integration::config::base_url}:8774/v2.1", admin_url => "${::openstack_integration::config::base_url}:8774/v2.1", + roles => ['admin', 'service'], password => 'a_big_secret', } class { 'nova::keystone::authtoken': @@ -98,6 +99,13 @@ class openstack_integration::nova ( www_authenticate_uri => $::openstack_integration::config::keystone_auth_uri, memcached_servers => $::openstack_integration::config::memcached_servers, } + class { 'nova::keystone::service_user': + send_service_user_token => true, + password => 'a_big_secret', + user_domain_name => 'Default', + project_domain_name => 'Default', + auth_url => $::openstack_integration::config::keystone_admin_uri, + } class { 'nova::logging': debug => true, }