Switched to application credentials
Change-Id: Ibca427d210700f6b5bd8e009f7470fbaa66cfc79
This commit is contained in:
Mohammed Naser
parent
2ac93ec53a
commit
467e8a443d
|
|
@ -113,3 +113,39 @@ function _configure_neutron_common {
|
|||
_neutron_setup_rootwrap
|
||||
}
|
||||
export -f _configure_neutron_common
|
||||
|
||||
function _configure_neutron_service {
|
||||
Q_API_PASTE_FILE=$NEUTRON_CONF_DIR/api-paste.ini
|
||||
cp $NEUTRON_DIR/etc/api-paste.ini $Q_API_PASTE_FILE
|
||||
|
||||
# Update either configuration file with plugin
|
||||
iniset $NEUTRON_CONF DEFAULT core_plugin $Q_PLUGIN_CLASS
|
||||
|
||||
iniset $NEUTRON_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
|
||||
iniset $NEUTRON_CONF oslo_policy policy_file $Q_POLICY_FILE
|
||||
iniset $NEUTRON_CONF DEFAULT allow_overlapping_ips $Q_ALLOW_OVERLAPPING_IP
|
||||
|
||||
iniset $NEUTRON_CONF DEFAULT auth_strategy $Q_AUTH_STRATEGY
|
||||
|
||||
kubernetes_ensure_resource secret/neutron-application-credential
|
||||
NEUTRON_APPLICATION_CREDENTIAL_SECRET=$(get_data_from_secret neutron-application-credential openstack secret)
|
||||
NEUTRON_APPLICATION_CREDENTIAL_ID=$(get_data_from_secret neutron-application-credential openstack id)
|
||||
|
||||
iniset $NEUTRON_CONF keystone_authtoken auth_url $KEYSTONE_AUTH_URI_V3
|
||||
iniset $NEUTRON_CONF keystone_authtoken auth_type v3applicationcredential
|
||||
iniset $NEUTRON_CONF keystone_authtoken application_credential_id $NEUTRON_APPLICATION_CREDENTIAL_ID
|
||||
iniset $NEUTRON_CONF keystone_authtoken application_credential_secret $NEUTRON_APPLICATION_CREDENTIAL_SECRET
|
||||
|
||||
# Configuration for neutron notifications to nova.
|
||||
iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_status_changes $Q_NOTIFY_NOVA_PORT_STATUS_CHANGES
|
||||
iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_data_changes $Q_NOTIFY_NOVA_PORT_DATA_CHANGES
|
||||
|
||||
iniset $NEUTRON_CONF nova auth_url $KEYSTONE_AUTH_URI_V3
|
||||
iniset $NEUTRON_CONF nova auth_type v3applicationcredential
|
||||
iniset $NEUTRON_CONF nova application_credential_id $NEUTRON_APPLICATION_CREDENTIAL_ID
|
||||
iniset $NEUTRON_CONF nova application_credential_secret $NEUTRON_APPLICATION_CREDENTIAL_SECRET
|
||||
|
||||
# Configure plugin
|
||||
neutron_plugin_configure_service
|
||||
}
|
||||
export -f _configure_neutron_service
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ service.
|
|||
"""
|
||||
|
||||
from openstack_operator import database
|
||||
from openstack_operator import identity
|
||||
from openstack_operator import utils
|
||||
|
||||
MEMCACHED = True
|
||||
|
|
@ -36,3 +37,5 @@ def create_or_resume(spec, **_):
|
|||
|
||||
utils.create_or_update('neutron/daemonset.yml.j2', spec=spec)
|
||||
utils.create_or_update('neutron/service.yml.j2')
|
||||
|
||||
identity.ensure_application_credential(name="neutron")
|
||||
|
|
|
|||
Loading…
Reference in New Issue