openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Merge "Use public endpoint for [keystone_authtoken] www_authenticate_uri" into stable/wallaby

This commit is contained in:
Zuul 2022-01-13 10:45:31 +00:00 committed by Gerrit Code Review
parent 8bb75e0915 58129434ac
commit 53f45407fa
18 changed files with 18 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
deployment/aodh/aodh-api-container-puppet.yaml
View File

@ -175,7 +175,7 @@ outputs:
aodh::keystone::authtoken::user_domain_name: 'Default'
aodh::keystone::authtoken::project_domain_name: 'Default'
aodh::keystone::authtoken::password: {get_param: AodhPassword}
aodh::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
aodh::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
aodh::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
aodh::keystone::authtoken::region_name: {get_param: KeystoneRegion}
aodh::keystone::authtoken::interface: 'internal'

2
deployment/barbican/barbican-api-container-puppet.yaml
View File

@ -245,7 +245,7 @@ outputs:
- get_attr: [BarbicanApiLogging, config_settings]
- apache::default_vhost: false
barbican::keystone::authtoken::password: {get_param: BarbicanPassword}
barbican::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
barbican::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
barbican::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
barbican::keystone::authtoken::project_name: 'service'
barbican::keystone::authtoken::region_name: {get_param: KeystoneRegion}

2
deployment/cinder/cinder-api-container-puppet.yaml
View File

@ -165,7 +165,7 @@ outputs:
- get_attr: [CinderBase, role_data, config_settings]
- get_attr: [ApacheServiceBase, role_data, config_settings]
- keystone_resources_managed: false
- cinder::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
- cinder::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
cinder::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
cinder::keystone::authtoken::password: {get_param: CinderPassword}
cinder::keystone::authtoken::project_name: 'service'

2
deployment/deprecated/novajoin/novajoin-container-puppet.yaml
View File

@ -132,7 +132,7 @@ outputs:
# kerberos via puppet.
nova::metadata::novajoin::api::configure_kerberos: true
nova::metadata::novajoin::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
nova::metadata::novajoin::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
nova::metadata::novajoin::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
nova::metadata::novajoin::authtoken::password: {get_param: NovajoinPassword}
nova::metadata::novajoin::authtoken::project_name: 'service'
nova::metadata::novajoin::authtoken::region_name: {get_param: KeystoneRegion}

2
deployment/designate/designate-api-container-puppet.yaml
View File

@ -101,7 +101,7 @@ outputs:
map_merge:
- get_attr: [DesignateBase, role_data, config_settings]
- designate::api::enable_proxy_headers_parsing: true
designate::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
designate::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
designate::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
designate::keystone::authtoken::project_name: 'service'
designate::keystone::authtoken::password: {get_param: DesignatePassword}

2
deployment/glance/glance-api-container-puppet.yaml
View File

@ -479,7 +479,7 @@ outputs:
read_default_group: tripleo
glance::api::bind_port: {get_param: [EndpointMap, GlanceInternal, port]}
glance::api::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
glance::api::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
glance::api::authtoken::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
glance::api::enable_v1_api: false
glance::api::enable_v2_api: true

2
deployment/gnocchi/gnocchi-api-container-puppet.yaml
View File

@ -200,7 +200,7 @@ outputs:
gnocchi::cors::allow_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Auth-Token'
gnocchi::cors::expose_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma'
gnocchi::cors::allow_methods: 'GET,POST,PUT,DELETE,OPTIONS,PATCH'
gnocchi::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
gnocchi::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
gnocchi::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
gnocchi::keystone::authtoken::password: {get_param: GnocchiPassword}
gnocchi::keystone::authtoken::project_name: 'service'

2
deployment/heat/heat-base-puppet.yaml
View File

@ -187,7 +187,7 @@ outputs:
heat::keystone::authtoken::project_name: 'service'
heat::keystone::authtoken::user_domain_name: 'Default'
heat::keystone::authtoken::project_domain_name: 'Default'
heat::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
heat::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
heat::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
heat::keystone::authtoken::password: {get_param: HeatPassword}
heat::keystone::authtoken::region_name: {get_param: KeystoneRegion}

2
deployment/ironic/ironic-api-container-puppet.yaml
View File

@ -138,7 +138,7 @@ outputs:
ironic::api::authtoken::user_domain_name: 'Default'
ironic::api::authtoken::project_domain_name: 'Default'
ironic::api::authtoken::username: 'ironic'
ironic::api::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
ironic::api::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
ironic::api::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
ironic::api::authtoken::region_name: {get_param: KeystoneRegion }
ironic::api::authtoken::interface: 'internal'

2
deployment/ironic/ironic-inspector-container-puppet.yaml
View File

@ -282,7 +282,7 @@ outputs:
ironic::inspector::pxe_filter::driver: dnsmasq
ironic::inspector::logging::debug: {get_param: Debug}
ironic::inspector::always_store_ramdisk_logs: {get_param: Debug}
ironic::inspector::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
ironic::inspector::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri, uri_no_suffix] }
ironic::inspector::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
ironic::inspector::authtoken::username: 'ironic'
ironic::inspector::authtoken::password: {get_param: IronicPassword}

2
deployment/manila/manila-api-container-puppet.yaml
View File

@ -171,7 +171,7 @@ outputs:
- get_attr: [ManilaBase, role_data, config_settings]
- get_attr: [ApacheServiceBase, role_data, config_settings]
- manila::keystone::authtoken::password: {get_param: ManilaPassword}
manila::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
manila::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
manila::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
manila::keystone::authtoken::project_name: 'service'
manila::keystone::authtoken::user_domain_name: 'Default'

2
deployment/manila/manila-share-container-puppet.yaml
View File

@ -92,7 +92,7 @@ outputs:
- get_attr: [ManilaBase, role_data, config_settings]
# keystone_authtoken
- manila::keystone::authtoken::password: {get_param: ManilaPassword}
manila::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
manila::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri]}
manila::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
manila::keystone::authtoken::project_name: 'service'
manila::keystone::authtoken::user_domain_name: 'Default'

3
deployment/neutron/neutron-api-container-puppet.yaml
View File

@ -295,7 +295,7 @@ outputs:
read_default_group: tripleo
neutron::policy::policies: {get_param: NeutronApiPolicies}
neutron::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
neutron::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
neutron::server::agent_down_time: {get_param: NeutronAgentDownTime}
neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
@ -318,7 +318,6 @@ outputs:
neutron::quota::quota_port: {get_param: NeutronPortQuota}
neutron::quota::quota_security_group: {get_param: NeutronSecurityGroupQuota}
neutron::server::placement::password: {get_param: NovaPassword}
neutron::server::placement::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
neutron::server::placement::project_domain_name: 'Default'
neutron::server::placement::project_name: 'service'
neutron::server::placement::user_domain_name: 'Default'

2
deployment/nova/nova-api-container-puppet.yaml
View File

@ -345,7 +345,7 @@ outputs:
nova::keystone::authtoken::user_domain_name: 'Default'
nova::keystone::authtoken::project_domain_name: 'Default'
nova::keystone::authtoken::password: {get_param: NovaPassword}
nova::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
nova::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
nova::keystone::authtoken::region_name: {get_param: KeystoneRegion}
nova::keystone::authtoken::interface: 'internal'

2
deployment/nova/nova-metadata-container-puppet.yaml
View File

@ -155,7 +155,7 @@ outputs:
- apache::default_vhost: false
- nova::keystone::authtoken::project_name: 'service'
nova::keystone::authtoken::password: {get_param: NovaPassword}
nova::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
nova::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
nova::keystone::authtoken::region_name: {get_param: KeystoneRegion}
nova::keystone::authtoken::interface: 'internal'

2
deployment/octavia/octavia-api-container-puppet.yaml
View File

@ -164,7 +164,7 @@ outputs:
- {get_attr: [OctaviaBase, role_data, config_settings]}
- {get_attr: [OctaviaWorker, role_data, config_settings]}
- {get_attr: [OctaviaProviderConfig, role_data, config_settings]}
- octavia::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- octavia::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
octavia::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
octavia::keystone::authtoken::project_name: {get_param: OctaviaProjectName}
octavia::keystone::authtoken::password: {get_param: OctaviaPassword}

2
deployment/placement/placement-api-container-puppet.yaml
View File

@ -154,7 +154,7 @@ outputs:
- apache::default_vhost: false
- placement::keystone::authtoken::project_name: 'service'
placement::keystone::authtoken::password: {get_param: PlacementPassword}
placement::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
placement::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
placement::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
placement::keystone::authtoken::region_name: {get_param: KeystoneRegion}
placement::keystone::authtoken::interface: 'internal'

2
deployment/swift/swift-proxy-container-puppet.yaml
View File

@ -167,7 +167,7 @@ outputs:
- cors_allowed_origin_unset
- {}
- swift::proxy::cors_allow_origin: {get_param: SwiftCorsAllowedOrigin}
- swift::proxy::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
- swift::proxy::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]}
swift::proxy::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
swift::proxy::authtoken::password: {get_param: SwiftPassword}
swift::proxy::authtoken::project_name: 'service'