openstack/sahara
Code Issues Proposed changes
a126fb2140
sahara/devstack
History
Luigi Toscano 5abae32028 Fully switch to keystone authtoken parameters 
The old v2 parameters are not set anymore by puppet-sahara:
https://review.openstack.org/#/c/441223/
and trust (which means cluster operations) is broken.

Because puppet-sahara is used by TripleO and Packstack, we consider
this a critical issue.

We now switch to the "new" v3 parameters from keystone_authtoken, as
incentivized by that puppet-sahara change.

We no longer use the custom options admin_user_domain_name and
admin_project_domain_name, as [keystone_authtoken] can provide them.

Note 1: A workaround is needed to access some of the configs in
[keystone_authtoken], as they are considered private for
keystonemiddleware. In sahara-api, it would have been possible to
grab these configs with only a slight bit of magic, as sahara-api
is a keystonemiddleware-enabled WSGI application. However, with
sahara-engine it is not as straightforward, since keystonemiddleware
is not integrated there. Therefore, to access these private configs
we use a very sneaky workaround inspired by [0]. This should be
removed in Queens: we should add a separate, non-private
[clients_keystone] section in sahara.conf. That is the standard way to
grab service user credentials when excluded from access to
[keystone_authtoken]. Unfortunately we could not have done that in Pike
as it was too late to have a new puppet-sahara release.

Note 2: tools/get_auth_token.py was not changed as it probably
requires other changes to work with Identity v3.

[0] Ibbc738ee4c90392af47f1b6d69aee3c8dbbf3c17

Closes-Bug: #1709091
Co-Authored-By: Jeremy Freudberg <jeremyfreudberg@gmail.com>

Change-Id: I930e544b16f0871f5e8dc1a42aae34518ff25bcd
2017-08-09 14:43:21 +00:00
..
files Add ability to install with Apache in devstack 2017-03-19 12:31:08 +00:00
upgrade remove workaround in grenade 2017-06-15 12:12:03 +00:00
exercise.sh Fix bashate warnings 2015-11-26 14:47:45 +03:00
plugin.sh Fully switch to keystone authtoken parameters 2017-08-09 14:43:21 +00:00
README.rst enable heat during devstack installation 2017-08-07 09:11:06 +08:00
settings Use neutronclient for all network operations 2017-06-07 13:05:16 -04:00

README.rst

Enabling in Devstack

  1. Download DevStack
  2. Add this repo as an external repository in local.conf
[[local|localrc]]
enable_plugin sahara git://git.openstack.org/openstack/sahara
enable_plugin heat git://git.openstack.org/openstack/heat

Optionally, a git refspec may be provided as follows:

[[local|localrc]]
enable_plugin sahara git://git.openstack.org/openstack/sahara <refspec>
  1. run stack.sh