Merge "Update docs for password auth configuration options"
This commit is contained in:
commit
ad40c61ea9
@ -243,74 +243,96 @@ so that the watcher service is configured for your needs.
|
|||||||
#rabbit_port = 5672
|
#rabbit_port = 5672
|
||||||
|
|
||||||
|
|
||||||
#. Configure the Watcher Service to use these credentials with the Identity
|
#. Watcher API shall validate the token provided by every incoming request,
|
||||||
Service. Replace IDENTITY_IP with the IP of the Identity server, and
|
via keystonemiddleware, which requires the Watcher service to be configured
|
||||||
replace WATCHER_PASSWORD with the password you chose for the ``watcher``
|
with the right credentials for the Identity service.
|
||||||
user in the Identity Service::
|
|
||||||
|
|
||||||
[keystone_authtoken]
|
In the configuration section here below:
|
||||||
|
|
||||||
# Complete public Identity API endpoint (string value)
|
* replace IDENTITY_IP with the IP of the Identity server
|
||||||
#auth_uri=<None>
|
* replace WATCHER_PASSWORD with the password you chose for the ``watcher``
|
||||||
auth_uri=http://IDENTITY_IP:5000/
|
user
|
||||||
|
* replace KEYSTONE_SERVICE_PROJECT_NAME with the name of project created
|
||||||
|
for OpenStack services (e.g. ``service``) ::
|
||||||
|
|
||||||
# API version of the admin Identity API endpoint. (string value)
|
[keystone_authtoken]
|
||||||
#auth_version=<None>
|
|
||||||
auth_version=v3
|
|
||||||
|
|
||||||
# Complete admin Identity API endpoint. This should specify the
|
# Authentication type to load (unknown value)
|
||||||
# unversioned root endpoint e.g. https://localhost:35357/ (string
|
# Deprecated group/name - [DEFAULT]/auth_plugin
|
||||||
# value)
|
#auth_type = <None>
|
||||||
#identity_uri = <None>
|
auth_type = password
|
||||||
identity_uri = http://IDENTITY_IP:5000
|
|
||||||
|
|
||||||
# Keystone account username (string value)
|
# Authentication URL (unknown value)
|
||||||
#admin_user=<None>
|
#auth_url = <None>
|
||||||
admin_user=watcher
|
auth_url = http://IDENTITY_IP:35357
|
||||||
|
|
||||||
# Keystone account password (string value)
|
# Username (unknown value)
|
||||||
#admin_password=<None>
|
# Deprecated group/name - [DEFAULT]/username
|
||||||
admin_password=WATCHER_DBPASSWORD
|
#username = <None>
|
||||||
|
username=watcher
|
||||||
|
|
||||||
# Keystone service account tenant name to validate user tokens
|
# User's password (unknown value)
|
||||||
# (string value)
|
#password = <None>
|
||||||
#admin_tenant_name=admin
|
password = WATCHER_PASSWORD
|
||||||
admin_tenant_name=KEYSTONE_SERVICE_PROJECT_NAME
|
|
||||||
|
|
||||||
# Directory used to cache files related to PKI tokens (string
|
# Domain ID containing project (unknown value)
|
||||||
# value)
|
#project_domain_id = <None>
|
||||||
#signing_dir=<None>
|
project_domain_id = default
|
||||||
|
|
||||||
#. Configure the credentials to use to authenticate with the Identity Service
|
# User's domain id (unknown value)
|
||||||
for the different project clients::
|
#user_domain_id = <None>
|
||||||
|
user_domain_id = default
|
||||||
|
|
||||||
[watcher_clients_auth]
|
# Project name to scope to (unknown value)
|
||||||
|
# Deprecated group/name - [DEFAULT]/tenant-name
|
||||||
|
#project_name = <None>
|
||||||
|
project_name = KEYSTONE_SERVICE_PROJECT_NAME
|
||||||
|
|
||||||
# Authentication type to load (unknown value)
|
#. Watcher's decision engine and applier interact with other OpenStack
|
||||||
# Deprecated group/name - [DEFAULT]/auth_plugin
|
projects through those projects' clients. In order to instantiate these
|
||||||
#auth_type = <None>
|
clients, Watcher needs to request a new session from the Identity service
|
||||||
auth_type = password
|
using the right credentials.
|
||||||
|
|
||||||
# Authentication URL (unknown value)
|
In the configuration section here below:
|
||||||
#auth_url = <None>
|
|
||||||
auth_url = http://IDENTITY_IP:35357
|
|
||||||
|
|
||||||
# Username (unknown value)
|
* replace IDENTITY_IP with the IP of the Identity server
|
||||||
# Deprecated group/name - [DEFAULT]/username
|
* replace WATCHER_PASSWORD with the password you chose for the ``watcher``
|
||||||
#username = <None>
|
user
|
||||||
username=watcher
|
* replace KEYSTONE_SERVICE_PROJECT_NAME with the name of project created
|
||||||
|
for OpenStack services (e.g. ``service``) ::
|
||||||
|
|
||||||
# User's password (unknown value)
|
[watcher_clients_auth]
|
||||||
#password = <None>
|
|
||||||
password = WATCHER_PASSWORD
|
|
||||||
|
|
||||||
# Domain ID containing project (unknown value)
|
# Authentication type to load (unknown value)
|
||||||
#project_domain_id = <None>
|
# Deprecated group/name - [DEFAULT]/auth_plugin
|
||||||
project_domain_id = default
|
#auth_type = <None>
|
||||||
|
auth_type = password
|
||||||
|
|
||||||
# User's domain id (unknown value)
|
# Authentication URL (unknown value)
|
||||||
#user_domain_id = <None>
|
#auth_url = <None>
|
||||||
user_domain_id = default
|
auth_url = http://IDENTITY_IP:35357
|
||||||
|
|
||||||
|
# Username (unknown value)
|
||||||
|
# Deprecated group/name - [DEFAULT]/username
|
||||||
|
#username = <None>
|
||||||
|
username=watcher
|
||||||
|
|
||||||
|
# User's password (unknown value)
|
||||||
|
#password = <None>
|
||||||
|
password = WATCHER_PASSWORD
|
||||||
|
|
||||||
|
# Domain ID containing project (unknown value)
|
||||||
|
#project_domain_id = <None>
|
||||||
|
project_domain_id = default
|
||||||
|
|
||||||
|
# User's domain id (unknown value)
|
||||||
|
#user_domain_id = <None>
|
||||||
|
user_domain_id = default
|
||||||
|
|
||||||
|
# Project name to scope to (unknown value)
|
||||||
|
# Deprecated group/name - [DEFAULT]/tenant-name
|
||||||
|
#project_name = <None>
|
||||||
|
project_name = KEYSTONE_SERVICE_PROJECT_NAME
|
||||||
|
|
||||||
#. Configure the clients to use a specific version if desired. For example, to
|
#. Configure the clients to use a specific version if desired. For example, to
|
||||||
configure Watcher to use a Nova client with version 2.1, use::
|
configure Watcher to use a Nova client with version 2.1, use::
|
||||||
|
2
tox.ini
2
tox.ini
@ -67,4 +67,4 @@ import_exceptions = watcher._i18n
|
|||||||
[doc8]
|
[doc8]
|
||||||
extension=.rst
|
extension=.rst
|
||||||
# todo: stop ignoring doc/source/man when https://bugs.launchpad.net/doc8/+bug/1502391 is fixed
|
# todo: stop ignoring doc/source/man when https://bugs.launchpad.net/doc8/+bug/1502391 is fixed
|
||||||
ignore-path=doc/source/image_src,doc/source/man
|
ignore-path=doc/source/image_src,doc/source/man,doc/source/api
|
||||||
|
Loading…
Reference in New Issue
Block a user