Update nova chart to support service token
Add capability for nova to send service token. Default to disabled. Config setup is similar to keystone_authtoken. Upstream openstack-helm review: https://review.opendev.org/#/c/667690 Story: 2003909 Task: 34311 Change-Id: I9f217a4c98298a861f2ade03a620895697e79122 Signed-off-by: Gerry Kopec <gerry.kopec@windriver.com>
This commit is contained in:
parent
39170d7238
commit
61aa15a5f4
@ -5,4 +5,4 @@ TAR="$TAR_NAME-$SHA.tar.gz"
|
||||
|
||||
COPY_LIST="${CGCS_BASE}/downloads/$TAR $PKG_BASE/files/* "
|
||||
|
||||
TIS_PATCH_VER=18
|
||||
TIS_PATCH_VER=19
|
||||
|
@ -36,6 +36,7 @@ Patch14: 0014-Cinder-Support-backup-driver-specification-by-module.patch
|
||||
Patch15: 0015-Add-Placement-Chart.patch
|
||||
Patch16: 0016-Cinder-rename-is_ceph_volume-configured.patch
|
||||
Patch17: 0017-Cinder-support-multiple-ceph-volume-backends.patch
|
||||
Patch18: 0018-Nova-add-service-token.patch
|
||||
|
||||
BuildRequires: helm
|
||||
BuildRequires: openstack-helm-infra
|
||||
@ -63,6 +64,7 @@ Openstack Helm charts
|
||||
%patch15 -p1
|
||||
%patch16 -p1
|
||||
%patch17 -p1
|
||||
%patch18 -p1
|
||||
|
||||
%build
|
||||
# initialize helm and build the toolkit
|
||||
|
@ -0,0 +1,69 @@
|
||||
From 0ce54f2f141d24d1cf5795db8679039c67ffac50 Mon Sep 17 00:00:00 2001
|
||||
From: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
Date: Tue, 25 Jun 2019 20:20:41 -0400
|
||||
Subject: [PATCH] Nova: add service token
|
||||
|
||||
Add capability for nova to send service token. Default to disabled.
|
||||
Config setup is similar to keystone_authtoken.
|
||||
|
||||
Change-Id: I666f8f52fed50c61f67397b3da58133a2f9b49d3
|
||||
Signed-off-by: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
---
|
||||
nova/templates/configmap-etc.yaml | 26 ++++++++++++++++++++++++++
|
||||
nova/values.yaml | 3 +++
|
||||
2 files changed, 29 insertions(+)
|
||||
|
||||
diff --git a/nova/templates/configmap-etc.yaml b/nova/templates/configmap-etc.yaml
|
||||
index 0d1e7a5..5446830 100644
|
||||
--- a/nova/templates/configmap-etc.yaml
|
||||
+++ b/nova/templates/configmap-etc.yaml
|
||||
@@ -52,6 +52,32 @@ limitations under the License.
|
||||
{{- $_ := set .Values.conf.nova.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
|
||||
{{- end -}}
|
||||
|
||||
+{{- if .Values.conf.nova.service_user.send_service_user_token -}}
|
||||
+
|
||||
+{{- if empty .Values.conf.nova.service_user.auth_url -}}
|
||||
+{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.nova.service_user "auth_url" -}}
|
||||
+{{- end -}}
|
||||
+{{- if empty .Values.conf.nova.service_user.region_name -}}
|
||||
+{{- $_ := set .Values.conf.nova.service_user "region_name" .Values.endpoints.identity.auth.nova.region_name -}}
|
||||
+{{- end -}}
|
||||
+{{- if empty .Values.conf.nova.service_user.project_name -}}
|
||||
+{{- $_ := set .Values.conf.nova.service_user "project_name" .Values.endpoints.identity.auth.nova.project_name -}}
|
||||
+{{- end -}}
|
||||
+{{- if empty .Values.conf.nova.service_user.project_domain_name -}}
|
||||
+{{- $_ := set .Values.conf.nova.service_user "project_domain_name" .Values.endpoints.identity.auth.nova.project_domain_name -}}
|
||||
+{{- end -}}
|
||||
+{{- if empty .Values.conf.nova.service_user.user_domain_name -}}
|
||||
+{{- $_ := set .Values.conf.nova.service_user "user_domain_name" .Values.endpoints.identity.auth.nova.user_domain_name -}}
|
||||
+{{- end -}}
|
||||
+{{- if empty .Values.conf.nova.service_user.username -}}
|
||||
+{{- $_ := set .Values.conf.nova.service_user "username" .Values.endpoints.identity.auth.nova.username -}}
|
||||
+{{- end -}}
|
||||
+{{- if empty .Values.conf.nova.service_user.password -}}
|
||||
+{{- $_ := set .Values.conf.nova.service_user "password" .Values.endpoints.identity.auth.nova.password -}}
|
||||
+{{- end -}}
|
||||
+
|
||||
+{{- end -}}
|
||||
+
|
||||
{{- if empty .Values.conf.nova.database.connection -}}
|
||||
{{- $_ := tuple "oslo_db" "internal" "nova" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.database "connection" -}}
|
||||
{{- end -}}
|
||||
diff --git a/nova/values.yaml b/nova/values.yaml
|
||||
index 433ec3a..ee00591 100644
|
||||
--- a/nova/values.yaml
|
||||
+++ b/nova/values.yaml
|
||||
@@ -1507,6 +1507,9 @@ conf:
|
||||
auth_type: password
|
||||
auth_version: v3
|
||||
memcache_security_strategy: ENCRYPT
|
||||
+ service_user:
|
||||
+ auth_type: password
|
||||
+ send_service_user_token: false
|
||||
libvirt:
|
||||
connection_uri: "qemu+tcp://127.0.0.1/system"
|
||||
images_type: qcow2
|
||||
--
|
||||
1.8.3.1
|
||||
|
Loading…
Reference in New Issue
Block a user