Merge "Use keystone_authtoken macros for auth"
This commit is contained in:
commit
147cb68a0f
@ -19,16 +19,7 @@ port = {{ ironic.api_port.cont }}
|
|||||||
connection = mysql+pymysql://{{ ironic.db.username }}:{{ ironic.db.password }}@{{ address(service.database) }}/{{ ironic.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
|
connection = mysql+pymysql://{{ ironic.db.username }}:{{ ironic.db.password }}@{{ address(service.database) }}/{{ ironic.db.name }}{% if percona.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
|
||||||
max_retries = -1
|
max_retries = -1
|
||||||
|
|
||||||
[keystone_authtoken]
|
{{ keystone_authtoken.keystone_authtoken(ironic.username, ironic.password) }}
|
||||||
auth_uri = {{ address('keystone', keystone.public_port, with_scheme=True) }}
|
|
||||||
auth_url = {{ address('keystone', keystone.admin_port, with_scheme=True) }}
|
|
||||||
auth_type = password
|
|
||||||
project_domain_id = default
|
|
||||||
user_domain_id = default
|
|
||||||
project_name = service
|
|
||||||
username = {{ ironic.username }}
|
|
||||||
password = {{ ironic.password }}
|
|
||||||
memcached_servers = {{ address('memcached', memcached.port) }}
|
|
||||||
|
|
||||||
[service_catalog]
|
[service_catalog]
|
||||||
auth_type = password
|
auth_type = password
|
||||||
|
@ -31,14 +31,15 @@ service:
|
|||||||
- ironic.conf
|
- ironic.conf
|
||||||
- name: ironic-user-create
|
- name: ironic-user-create
|
||||||
type: single
|
type: single
|
||||||
command: openstack user create --project service --password {{ ironic.password }} {{ ironic.username }}
|
command: openstack user create --domain {{ service_account.domain }} --password {{ ironic.password }} {{ ironic.username }}
|
||||||
dependencies:
|
dependencies:
|
||||||
- keystone-create-project
|
- keystone-create-domain
|
||||||
- name: ironic-role-add
|
- name: ironic-role-add
|
||||||
dependencies:
|
dependencies:
|
||||||
- ironic-user-create
|
- ironic-user-create
|
||||||
|
- keystone-create-project
|
||||||
type: single
|
type: single
|
||||||
command: openstack role add --project service --user {{ ironic.username }} admin
|
command: openstack role add --project {{ service_account.project }} --user {{ ironic.username }} admin
|
||||||
- name: ironic-service-create
|
- name: ironic-service-create
|
||||||
dependencies:
|
dependencies:
|
||||||
- keystone
|
- keystone
|
||||||
|
Loading…
Reference in New Issue
Block a user