Add configuration for containerized keystone to VIM
Adding configuration to the VIM for containerized keystone. The VIM will now support two keystone instances: - platform: bare metal keystone used to authenticate with platform services (e.g. sysinv, patching) - openstack: containerized keystone used to authenticate with openstack services (e.g. nova, neutron, cinder) For now, the same configuration will be used for both, as we still only deploy with the baremetal keystone. Story: 2002876 Task: 26872 Change-Id: If4bd46a4c14cc65978774001cb2887e5d3e3607b
This commit is contained in:
parent
0ffdae6953
commit
e3c1fbed88
@ -6,6 +6,14 @@
|
||||
|
||||
class nfv::nfvi (
|
||||
$enabled = false,
|
||||
$platform_username = 'admin',
|
||||
$platform_tenant = 'admin',
|
||||
$platform_user_domain = 'Default',
|
||||
$platform_project_domain = 'Default',
|
||||
$platform_auth_protocol = 'http',
|
||||
$platform_auth_host = '127.0.0.1',
|
||||
$platform_auth_port = 5000,
|
||||
$platform_keyring_service = undef,
|
||||
$openstack_username = 'admin',
|
||||
$openstack_tenant = 'admin',
|
||||
$openstack_user_domain = 'Default',
|
||||
@ -13,6 +21,7 @@ class nfv::nfvi (
|
||||
$openstack_auth_protocol = 'http',
|
||||
$openstack_auth_host = '127.0.0.1',
|
||||
$openstack_auth_port = 5000,
|
||||
$openstack_keyring_service = undef,
|
||||
$openstack_nova_api_host = '127.0.0.1',
|
||||
$keystone_region_name = 'RegionOne',
|
||||
$keystone_service_name = 'keystone',
|
||||
@ -80,7 +89,17 @@ class nfv::nfvi (
|
||||
|
||||
nfv_plugin_nfvi_config {
|
||||
|
||||
/* OpenStack Information */
|
||||
/* Platform Authentication Information */
|
||||
'platform/username': value => $platform_username;
|
||||
'platform/tenant': value => $platform_tenant;
|
||||
'platform/user_domain_name': value => $platform_user_domain;
|
||||
'platform/project_domain_name': value => $platform_project_domain;
|
||||
'platform/authorization_protocol': value => $platform_auth_protocol;
|
||||
'platform/authorization_ip': value => $platform_auth_host;
|
||||
'platform/authorization_port': value => $platform_auth_port;
|
||||
'platform/keyring_service': value => $platform_keyring_service;
|
||||
|
||||
/* OpenStack Authentication Information */
|
||||
'openstack/username': value => $openstack_username;
|
||||
'openstack/tenant': value => $openstack_tenant;
|
||||
'openstack/user_domain_name': value => $openstack_user_domain;
|
||||
@ -88,6 +107,7 @@ class nfv::nfvi (
|
||||
'openstack/authorization_protocol': value => $openstack_auth_protocol;
|
||||
'openstack/authorization_ip': value => $openstack_auth_host;
|
||||
'openstack/authorization_port': value => $openstack_auth_port;
|
||||
'openstack/keyring_service': value => $openstack_keyring_service;
|
||||
|
||||
'keystone/region_name': value => $keystone_region_name;
|
||||
'keystone/service_name': value => $keystone_service_name;
|
||||
|
@ -1,5 +1,5 @@
|
||||
#
|
||||
# Copyright (c) 2017 Wind River Systems, Inc.
|
||||
# Copyright (c) 2017-2018 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
@ -15,6 +15,7 @@ class NfvPuppet(openstack.OpenstackBasePuppet):
|
||||
|
||||
SERVICE_NAME = 'vim'
|
||||
SERVICE_PORT = 4545
|
||||
PLATFORM_KEYRING_SERVICE = 'CGCS'
|
||||
|
||||
def get_secure_static_config(self):
|
||||
kspass = self._get_service_password(self.SERVICE_NAME)
|
||||
@ -45,21 +46,39 @@ class NfvPuppet(openstack.OpenstackBasePuppet):
|
||||
|
||||
'nfv::nfvi::nova_endpoint_override':
|
||||
self._get_nova_endpoint_url(),
|
||||
'nfv::nfvi::openstack_auth_host':
|
||||
self._keystone_auth_address(),
|
||||
'nfv::nfvi::openstack_nova_api_host':
|
||||
self._get_management_address(),
|
||||
'nfv::nfvi::host_listener_host':
|
||||
self._get_management_address(),
|
||||
|
||||
'nfv::nfvi::platform_username':
|
||||
self._operator.keystone.get_admin_user_name(),
|
||||
'nfv::nfvi::platform_tenant':
|
||||
self._operator.keystone.get_admin_project_name(),
|
||||
'nfv::nfvi::platform_auth_host':
|
||||
self._keystone_auth_address(),
|
||||
'nfv::nfvi::platform_user_domain':
|
||||
self._operator.keystone.get_admin_user_domain(),
|
||||
'nfv::nfvi::platform_project_domain':
|
||||
self._operator.keystone.get_admin_project_domain(),
|
||||
'nfv::nfvi::platform_keyring_service':
|
||||
self.PLATFORM_KEYRING_SERVICE,
|
||||
|
||||
# TODO(Bart Wensley): When we switch to the pod based keystone,
|
||||
# this will change to use those credentials.
|
||||
'nfv::nfvi::openstack_username':
|
||||
self._operator.keystone.get_admin_user_name(),
|
||||
'nfv::nfvi::openstack_tenant':
|
||||
self._operator.keystone.get_admin_project_name(),
|
||||
'nfv::nfvi::openstack_auth_host':
|
||||
self._keystone_auth_address(),
|
||||
'nfv::nfvi::openstack_user_domain':
|
||||
self._operator.keystone.get_admin_user_domain(),
|
||||
'nfv::nfvi::openstack_project_domain':
|
||||
self._operator.keystone.get_admin_project_domain(),
|
||||
'nfv::nfvi::openstack_keyring_service':
|
||||
self.PLATFORM_KEYRING_SERVICE,
|
||||
|
||||
'nfv::nfvi::keystone_region_name': self._keystone_region_name(),
|
||||
'nfv::nfvi::keystone_service_name':
|
||||
self._operator.keystone.get_service_name(),
|
||||
|
Loading…
Reference in New Issue
Block a user