From 0260f6400b4165673e6269bdc97d09fd36cb69bc Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Thu, 30 Apr 2015 09:47:52 -0400 Subject: [PATCH] [Keystone] Unite keystone admin and public url configuration Change-Id: I60ab500a7bb454b129b66b43f7117bc60c3d5a0c --- packstack/plugins/keystone_100.py | 8 ++++++++ packstack/puppet/templates/ceilometer.pp | 11 +++++------ packstack/puppet/templates/cinder.pp | 7 +++---- packstack/puppet/templates/glance.pp | 8 ++++---- packstack/puppet/templates/glance_swift.pp | 4 +--- packstack/puppet/templates/heat.pp | 2 +- packstack/puppet/templates/heat_qpid.pp | 7 +++---- packstack/puppet/templates/heat_rabbitmq.pp | 7 +++---- packstack/puppet/templates/horizon.pp | 4 +--- packstack/puppet/templates/ironic.pp | 2 +- packstack/puppet/templates/keystone.pp | 10 +++++----- packstack/puppet/templates/keystone_manila.pp | 6 +++--- packstack/puppet/templates/keystone_swift.pp | 2 +- packstack/puppet/templates/manila.pp | 2 +- packstack/puppet/templates/nagios_server.pp | 4 ++-- packstack/puppet/templates/neutron_api.pp | 3 ++- packstack/puppet/templates/neutron_metadata.pp | 4 +--- packstack/puppet/templates/neutron_notifications.pp | 2 +- packstack/puppet/templates/nova_api.pp | 3 ++- packstack/puppet/templates/nova_ceilometer.pp | 4 +--- packstack/puppet/templates/nova_compute_ironic.pp | 2 +- packstack/puppet/templates/nova_neutron.pp | 3 +-- packstack/puppet/templates/openstack_client.pp | 6 +++--- packstack/puppet/templates/sahara.pp | 5 ++--- packstack/puppet/templates/swift_proxy.pp | 3 ++- packstack/puppet/templates/trove.pp | 9 +++------ 26 files changed, 61 insertions(+), 67 deletions(-) diff --git a/packstack/plugins/keystone_100.py b/packstack/plugins/keystone_100.py index 4357f8e58..442b803c3 100644 --- a/packstack/plugins/keystone_100.py +++ b/packstack/plugins/keystone_100.py @@ -771,6 +771,14 @@ def create_manifest(config, messages): else: config['CONFIG_KEYSTONE_HOST_URL'] = config['CONFIG_CONTROLLER_HOST'] + config['CONFIG_KEYSTONE_PUBLIC_URL'] = "http://%s:5000/%s" % ( + config['CONFIG_KEYSTONE_HOST_URL'], + config['CONFIG_KEYSTONE_API_VERSION'] + ) + config['CONFIG_KEYSTONE_ADMIN_URL'] = "http://%s:35357/" % ( + config['CONFIG_KEYSTONE_HOST_URL'] + ) + fw_details = dict() key = "keystone" fw_details.setdefault(key, {}) diff --git a/packstack/puppet/templates/ceilometer.pp b/packstack/puppet/templates/ceilometer.pp index b6d1c2241..05c0d8c13 100644 --- a/packstack/puppet/templates/ceilometer.pp +++ b/packstack/puppet/templates/ceilometer.pp @@ -34,10 +34,8 @@ class { '::ceilometer::collector': } class { '::ceilometer::agent::notification': } -$config_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL') - class { '::ceilometer::agent::auth': - auth_url => "http://${config_controller_host}:35357/v2.0", + auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), auth_password => hiera('CONFIG_CEILOMETER_KS_PW'), } @@ -56,7 +54,8 @@ $bind_host = hiera('CONFIG_IP_VERSION') ? { 'ipv4' => '0.0.0.0', } class { '::ceilometer::api': - host => $bind_host, - keystone_host => hiera('CONFIG_KEYSTONE_HOST_URL'), - keystone_password => hiera('CONFIG_CEILOMETER_KS_PW'), + host => $bind_host, + keystone_auth_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), + keystone_identity_uri => hiera('CONFIG_KEYSTONE_ADMIN_URL'), + keystone_password => hiera('CONFIG_CEILOMETER_KS_PW'), } diff --git a/packstack/puppet/templates/cinder.pp b/packstack/puppet/templates/cinder.pp index c2fb15b5d..10872ccb9 100644 --- a/packstack/puppet/templates/cinder.pp +++ b/packstack/puppet/templates/cinder.pp @@ -16,7 +16,8 @@ class { '::cinder::api': keystone_password => hiera('CONFIG_CINDER_KS_PW'), keystone_tenant => 'services', keystone_user => 'cinder', - keystone_auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'), + auth_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), + identity_uri => hiera('CONFIG_KEYSTONE_ADMIN_URL'), } class { '::cinder::scheduler': } @@ -25,14 +26,12 @@ class { '::cinder::volume': } class { '::cinder::client': } -$cinder_config_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL') - # Cinder::Type requires keystone credentials Cinder::Type { os_password => hiera('CONFIG_CINDER_KS_PW'), os_tenant_name => 'services', os_username => 'cinder', - os_auth_url => "http://${cinder_config_controller_host}:5000/v2.0/", + os_auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), } class { '::cinder::backends': diff --git a/packstack/puppet/templates/glance.pp b/packstack/puppet/templates/glance.pp index 5a800d75c..ee4aa0e73 100644 --- a/packstack/puppet/templates/glance.pp +++ b/packstack/puppet/templates/glance.pp @@ -16,8 +16,8 @@ $registry_host = hiera('CONFIG_IP_VERSION') ? { class { '::glance::api': bind_host => $bind_host, registry_host => $registry_host, - auth_uri => "http://${glance_cfg_ctrl_host}:5000/", - identity_uri => "http://${glance_cfg_ctrl_host}:35357", + auth_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), + identity_uri => hiera('CONFIG_KEYSTONE_ADMIN_URL'), keystone_tenant => 'services', keystone_user => 'glance', keystone_password => hiera('CONFIG_GLANCE_KS_PW'), @@ -29,8 +29,8 @@ class { '::glance::api': } class { '::glance::registry': - auth_uri => "http://${glance_cfg_ctrl_host}:5000/", - identity_uri => "http://${glance_cfg_ctrl_host}:35357", + auth_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), + identity_uri => hiera('CONFIG_KEYSTONE_ADMIN_URL'), bind_host => $bind_host, keystone_tenant => 'services', keystone_user => 'glance', diff --git a/packstack/puppet/templates/glance_swift.pp b/packstack/puppet/templates/glance_swift.pp index 28ff14b4e..8b015422b 100644 --- a/packstack/puppet/templates/glance_swift.pp +++ b/packstack/puppet/templates/glance_swift.pp @@ -1,9 +1,7 @@ -$gla_bd_ct_h = hiera('CONFIG_KEYSTONE_HOST_URL') - class { '::glance::backend::swift': swift_store_user => 'services:glance', swift_store_key => hiera('CONFIG_GLANCE_KS_PW'), - swift_store_auth_address => "http://${gla_bd_ct_h}:35357/v2.0/", + swift_store_auth_address => hiera('CONFIG_KEYSTONE_ADMIN_URL'), swift_store_container => 'glance', swift_store_auth_version => '2', swift_store_large_object_size => '5120', diff --git a/packstack/puppet/templates/heat.pp b/packstack/puppet/templates/heat.pp index 09b3dabc4..c41a03cd7 100644 --- a/packstack/puppet/templates/heat.pp +++ b/packstack/puppet/templates/heat.pp @@ -19,7 +19,7 @@ keystone_user_role { "${keystone_admin}@admin": } class { '::heat::keystone::domain': - auth_url => "http://${heat_cfg_ctrl_host}:35357/v2.0", + auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), keystone_admin => $keystone_admin, keystone_password => hiera('CONFIG_KEYSTONE_ADMIN_PW'), keystone_tenant => 'admin', diff --git a/packstack/puppet/templates/heat_qpid.pp b/packstack/puppet/templates/heat_qpid.pp index 22cb3e73f..78f05be41 100644 --- a/packstack/puppet/templates/heat_qpid.pp +++ b/packstack/puppet/templates/heat_qpid.pp @@ -1,12 +1,11 @@ -$heat_qpid_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') $heat_qpid_cfg_heat_db_pw = hiera('CONFIG_HEAT_DB_PW') $heat_qpid_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') class { '::heat': - keystone_host => $heat_cfn_cfg_ctrl_host, keystone_password => hiera('CONFIG_HEAT_KS_PW'), - auth_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0", - keystone_ec2_uri => "http://${heat_qpid_cfg_ctrl_host}:35357/v2.0", + auth_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), + identity_uri => hiera('CONFIG_KEYSTONE_ADMIN_URL'), + keystone_ec2_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), rpc_backend => 'heat.openstack.common.rpc.impl_qpid', qpid_hostname => hiera('CONFIG_AMQP_HOST_URL'), qpid_username => hiera('CONFIG_AMQP_AUTH_USER'), diff --git a/packstack/puppet/templates/heat_rabbitmq.pp b/packstack/puppet/templates/heat_rabbitmq.pp index dc5adb49b..196239e2a 100644 --- a/packstack/puppet/templates/heat_rabbitmq.pp +++ b/packstack/puppet/templates/heat_rabbitmq.pp @@ -1,4 +1,3 @@ -$heat_rabbitmq_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') $heat_rabbitmq_cfg_heat_db_pw = hiera('CONFIG_HEAT_DB_PW') $heat_rabbitmq_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') @@ -17,10 +16,10 @@ if $kombu_ssl_keyfile { } class { '::heat': - keystone_host => $heat_rabbitmq_cfg_ctrl_host, keystone_password => hiera('CONFIG_HEAT_KS_PW'), - auth_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", - keystone_ec2_uri => "http://${heat_rabbitmq_cfg_ctrl_host}:35357/v2.0", + auth_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), + identity_uri => hiera('CONFIG_KEYSTONE_ADMIN_URL'), + keystone_ec2_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), rpc_backend => 'heat.openstack.common.rpc.impl_kombu', rabbit_host => hiera('CONFIG_AMQP_HOST_URL'), rabbit_port => hiera('CONFIG_AMQP_CLIENTS_PORT'), diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp index 33d21e7f7..97904822a 100644 --- a/packstack/puppet/templates/horizon.pp +++ b/packstack/puppet/templates/horizon.pp @@ -1,7 +1,5 @@ include ::packstack::apache_common -$keystone_host = hiera('CONFIG_KEYSTONE_HOST_URL') - $horizon_packages = ['python-memcached', 'python-netaddr'] package { $horizon_packages: @@ -26,7 +24,7 @@ $horizon_ssl = hiera('CONFIG_HORIZON_SSL') ? { class {'::horizon': secret_key => hiera('CONFIG_HORIZON_SECRET_KEY'), - keystone_url => "http://${keystone_host}:5000/v2.0", + keystone_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), keystone_default_role => '_member_', server_aliases => [hiera('CONFIG_CONTROLLER_HOST'), $::fqdn, 'localhost'], allowed_hosts => '*', diff --git a/packstack/puppet/templates/ironic.pp b/packstack/puppet/templates/ironic.pp index 64d455cb3..d87316c0b 100644 --- a/packstack/puppet/templates/ironic.pp +++ b/packstack/puppet/templates/ironic.pp @@ -3,7 +3,7 @@ ironic_config { } class { '::ironic::api': - auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'), + auth_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), admin_password => hiera('CONFIG_IRONIC_KS_PW'), } diff --git a/packstack/puppet/templates/keystone.pp b/packstack/puppet/templates/keystone.pp index f836a039b..61503f129 100644 --- a/packstack/puppet/templates/keystone.pp +++ b/packstack/puppet/templates/keystone.pp @@ -1,11 +1,11 @@ $keystone_use_ssl = false $keystone_cfg_ks_db_pw = hiera('CONFIG_KEYSTONE_DB_PW') $keystone_cfg_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') -$keystone_endpoint_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') $keystone_token_provider_str = downcase(hiera('CONFIG_KEYSTONE_TOKEN_FORMAT')) -$keystone_api_version_str = hiera('CONFIG_KEYSTONE_API_VERSION') -$keystone_url = "http://${keystone_endpoint_cfg_ctrl_host}:5000/${keystone_api_version_str}" -$keystone_admin_url = "http://${keystone_endpoint_cfg_ctrl_host}:35357/${keystone_api_version_str}" +$keystone_url = hiera('CONFIG_KEYSTONE_PUBLIC_URL') +$keystone_admin_url = hiera('CONFIG_KEYSTONE_ADMIN_URL') +$keystone_api_version = hiera('CONFIG_KEYSTONE_API_VERSION') +$keystone_versioned_admin_url = "${keystone_admin_url}/${keystone_api_version}" $bind_host = hiera('CONFIG_IP_VERSION') ? { 'ipv6' => '::0', 'ipv4' => '0.0.0.0', @@ -47,7 +47,7 @@ class { '::keystone::roles::admin': keystone::resource::service_identity { 'keystone': public_url => $keystone_url, internal_url => $keystone_url, - admin_url => $keystone_admin_url, + admin_url => $keystone_versioned_admin_url, region => hiera('CONFIG_KEYSTONE_REGION'), service_type => 'identity', service_description => 'OpenStack Identity Service', diff --git a/packstack/puppet/templates/keystone_manila.pp b/packstack/puppet/templates/keystone_manila.pp index 6888055ee..1b3cc672a 100644 --- a/packstack/puppet/templates/keystone_manila.pp +++ b/packstack/puppet/templates/keystone_manila.pp @@ -1,7 +1,7 @@ class { '::manila::keystone::auth': password => hiera('CONFIG_MANILA_KS_PW'), - public_address => hiera('CONFIG_KEYSTONE_HOST_URL'), - admin_address => hiera('CONFIG_KEYSTONE_HOST_URL'), - internal_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + public_address => hiera('CONFIG_STORAGE_HOST_URL'), + admin_address => hiera('CONFIG_STORAGE_HOST_URL'), + internal_address => hiera('CONFIG_STORAGE_HOST_URL'), } diff --git a/packstack/puppet/templates/keystone_swift.pp b/packstack/puppet/templates/keystone_swift.pp index 3c4937463..036f700af 100644 --- a/packstack/puppet/templates/keystone_swift.pp +++ b/packstack/puppet/templates/keystone_swift.pp @@ -1,5 +1,5 @@ class { '::swift::keystone::auth': - public_address => hiera('CONFIG_KEYSTONE_HOST_URL'), + public_address => hiera('CONFIG_STORAGE_HOST_URL'), region => hiera('CONFIG_KEYSTONE_REGION'), password => hiera('CONFIG_SWIFT_KS_PW'), } diff --git a/packstack/puppet/templates/manila.pp b/packstack/puppet/templates/manila.pp index f90ccc7ab..7275f58ad 100644 --- a/packstack/puppet/templates/manila.pp +++ b/packstack/puppet/templates/manila.pp @@ -16,7 +16,7 @@ class { '::manila::api': keystone_password => hiera('CONFIG_MANILA_KS_PW'), keystone_tenant => 'services', keystone_user => 'manila', - keystone_auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'), + keystone_auth_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), } class { '::manila::scheduler': diff --git a/packstack/puppet/templates/nagios_server.pp b/packstack/puppet/templates/nagios_server.pp index d315a2ba8..4d52125e2 100644 --- a/packstack/puppet/templates/nagios_server.pp +++ b/packstack/puppet/templates/nagios_server.pp @@ -54,7 +54,7 @@ class nagios_configs(){ } $nagios_cfg_ks_adm_pw = hiera('CONFIG_KEYSTONE_ADMIN_PW') - $nagios_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') + $nagios_cfg_keystone_url = hiera('CONFIG_KEYSTONE_ADMIN_URL') $keystone_admin_username = hiera('CONFIG_KEYSTONE_ADMIN_USERNAME') file { '/etc/nagios/keystonerc_admin': @@ -64,7 +64,7 @@ class nagios_configs(){ content => "export OS_USERNAME=${keystone_admin_username} export OS_TENANT_NAME=admin export OS_PASSWORD=${nagios_cfg_ks_adm_pw} -export OS_AUTH_URL=http://${nagios_cfg_ctrl_host}:35357/v2.0/ ", +export OS_AUTH_URL=${nagios_cfg_keystone_url}", } %(CONFIG_NAGIOS_MANIFEST_CONFIG)s diff --git a/packstack/puppet/templates/neutron_api.pp b/packstack/puppet/templates/neutron_api.pp index b9923d8f5..dd6ba7f6e 100644 --- a/packstack/puppet/templates/neutron_api.pp +++ b/packstack/puppet/templates/neutron_api.pp @@ -1,7 +1,8 @@ class { '::neutron::server': database_connection => $neutron_sql_connection, auth_password => $neutron_user_password, - auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'), + auth_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), + identity_uri => hiera('CONFIG_KEYSTONE_ADMIN_URL'), enabled => true, } diff --git a/packstack/puppet/templates/neutron_metadata.pp b/packstack/puppet/templates/neutron_metadata.pp index a36ab5307..8e1c29058 100644 --- a/packstack/puppet/templates/neutron_metadata.pp +++ b/packstack/puppet/templates/neutron_metadata.pp @@ -1,8 +1,6 @@ -$neutron_metadata_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') - class { '::neutron::agents::metadata': auth_password => hiera('CONFIG_NEUTRON_KS_PW'), - auth_url => "http://${neutron_metadata_cfg_ctrl_host}:35357/v2.0", + auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), auth_region => hiera('CONFIG_KEYSTONE_REGION'), shared_secret => hiera('CONFIG_NEUTRON_METADATA_PW'), metadata_ip => hiera('CONFIG_KEYSTONE_HOST_URL'), diff --git a/packstack/puppet/templates/neutron_notifications.pp b/packstack/puppet/templates/neutron_notifications.pp index 33d4f4f0d..810042531 100644 --- a/packstack/puppet/templates/neutron_notifications.pp +++ b/packstack/puppet/templates/neutron_notifications.pp @@ -6,6 +6,6 @@ class { '::neutron::server::notifications': nova_admin_password => hiera('CONFIG_NOVA_KS_PW'), nova_admin_tenant_name => 'services', nova_url => "http://${neutron_notif_cfg_ctrl_host}:8774/v2", - nova_admin_auth_url => "http://${neutron_notif_cfg_ctrl_host}:35357/v2.0", + nova_admin_auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), nova_region_name => hiera('CONFIG_KEYSTONE_REGION'), } diff --git a/packstack/puppet/templates/nova_api.pp b/packstack/puppet/templates/nova_api.pp index b714f20b4..b0a0000a0 100644 --- a/packstack/puppet/templates/nova_api.pp +++ b/packstack/puppet/templates/nova_api.pp @@ -9,7 +9,8 @@ class { '::nova::api': api_bind_address => $bind_host, metadata_listen => $bind_host, enabled => true, - auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'), + auth_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), + identity_uri => hiera('CONFIG_KEYSTONE_ADMIN_URL'), admin_password => hiera('CONFIG_NOVA_KS_PW'), neutron_metadata_proxy_shared_secret => hiera('CONFIG_NEUTRON_METADATA_PW_UNQUOTED'), } diff --git a/packstack/puppet/templates/nova_ceilometer.pp b/packstack/puppet/templates/nova_ceilometer.pp index 5e0e682b3..fa186f306 100644 --- a/packstack/puppet/templates/nova_ceilometer.pp +++ b/packstack/puppet/templates/nova_ceilometer.pp @@ -1,7 +1,5 @@ -$nova_ceil_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') - class { '::ceilometer::agent::auth': - auth_url => "http://${nova_ceil_cfg_ctrl_host}:35357/v2.0", + auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), auth_password => hiera('CONFIG_CEILOMETER_KS_PW'), } diff --git a/packstack/puppet/templates/nova_compute_ironic.pp b/packstack/puppet/templates/nova_compute_ironic.pp index 603b793ae..432925439 100644 --- a/packstack/puppet/templates/nova_compute_ironic.pp +++ b/packstack/puppet/templates/nova_compute_ironic.pp @@ -3,7 +3,7 @@ $ironic_config_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::nova::compute::ironic': admin_user => 'ironic', admin_passwd => hiera('CONFIG_IRONIC_KS_PW'), - admin_url => "http://${ironic_config_controller_host}:35357/v2.0", + admin_url => hiera('CONFIG_KEYSTONE_ADMIN_URL'), admin_tenant_name => 'services', api_endpoint => "http://${ironic_config_controller_host}:6385/v1", } diff --git a/packstack/puppet/templates/nova_neutron.pp b/packstack/puppet/templates/nova_neutron.pp index b34b29427..328ea99b6 100644 --- a/packstack/puppet/templates/nova_neutron.pp +++ b/packstack/puppet/templates/nova_neutron.pp @@ -1,4 +1,3 @@ - $nova_neutron_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::nova::network::neutron': @@ -6,7 +5,7 @@ class { '::nova::network::neutron': neutron_auth_strategy => 'keystone', neutron_url => "http://${nova_neutron_cfg_ctrl_host}:9696", neutron_admin_tenant_name => 'services', - neutron_admin_auth_url => "http://${nova_neutron_cfg_ctrl_host}:35357/v2.0", + neutron_admin_auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), neutron_region_name => hiera('CONFIG_KEYSTONE_REGION'), } diff --git a/packstack/puppet/templates/openstack_client.pp b/packstack/puppet/templates/openstack_client.pp index 62b7c68a5..89238e95e 100644 --- a/packstack/puppet/templates/openstack_client.pp +++ b/packstack/puppet/templates/openstack_client.pp @@ -14,13 +14,13 @@ if hiera('CONFIG_MANILA_INSTALL') == 'y' { $ost_cl_keystone_admin_username = hiera('CONFIG_KEYSTONE_ADMIN_USERNAME') $ost_cl_keystone_admin_pw = hiera('CONFIG_KEYSTONE_ADMIN_PW') -$ost_cl_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') +$ost_cl_ctrl_keystone_url = hiera('CONFIG_KEYSTONE_PUBLIC_URL') $ost_cl_keystone_region = hiera('CONFIG_KEYSTONE_REGION') $ost_cl_keystone_demo_pw = hiera('CONFIG_KEYSTONE_DEMO_PW') $rcadmin_content = "export OS_USERNAME=${ost_cl_keystone_admin_username} export OS_TENANT_NAME=admin export OS_PASSWORD=${ost_cl_keystone_admin_pw} -export OS_AUTH_URL=http://${ost_cl_ctrl_host}:5000/v2.0/ +export OS_AUTH_URL=${ost_cl_ctrl_keystone_url} export OS_REGION_NAME=${ost_cl_keystone_region} export PS1='[\\u@\\h \\W(keystone_admin)]\\$ ' " @@ -38,7 +38,7 @@ if hiera('CONFIG_PROVISION_DEMO') == 'y' { content => "export OS_USERNAME=demo export OS_TENANT_NAME=demo export OS_PASSWORD=${ost_cl_keystone_demo_pw} -export OS_AUTH_URL=http://${ost_cl_ctrl_host}:5000/v2.0/ +export OS_AUTH_URL=${ost_cl_ctrl_keystone_url} export PS1='[\\u@\\h \\W(keystone_demo)]\\$ ' ", } diff --git a/packstack/puppet/templates/sahara.pp b/packstack/puppet/templates/sahara.pp index 792f2ee75..7140ff5f8 100644 --- a/packstack/puppet/templates/sahara.pp +++ b/packstack/puppet/templates/sahara.pp @@ -3,7 +3,6 @@ $sahara_cfg_sahara_mariadb_host = hiera('CONFIG_MARIADB_HOST_URL') $sahara_cfg_config_neutron_install = hiera('CONFIG_NEUTRON_INSTALL') -$sahara_cfg_controller_host = hiera('CONFIG_KEYSTONE_HOST_URL') class { '::sahara': database_connection => "mysql://sahara:${sahara_cfg_sahara_db_pw}@${sahara_cfg_sahara_mariadb_host}/sahara", @@ -12,8 +11,8 @@ class { '::sahara': keystone_username => 'sahara', keystone_password => hiera('CONFIG_SAHARA_KS_PW'), keystone_tenant => 'services', - keystone_url => "http://${sahara_cfg_controller_host}:5000/v2.0", - identity_url => "http://${sahara_cfg_controller_host}:35357/", + keystone_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), + identity_url => hiera('CONFIG_KEYSTONE_ADMIN_URL'), use_neutron => ($sahara_cfg_config_neutron_install == 'y'), service_host => hiera('CONFIG_SAHARA_HOST'), } diff --git a/packstack/puppet/templates/swift_proxy.pp b/packstack/puppet/templates/swift_proxy.pp index c4bab13cd..e3b246631 100644 --- a/packstack/puppet/templates/swift_proxy.pp +++ b/packstack/puppet/templates/swift_proxy.pp @@ -70,6 +70,7 @@ class { '::swift::proxy::authtoken': admin_tenant_name => 'services', admin_password => hiera('CONFIG_SWIFT_KS_PW'), # assume that the controller host is the swift api server - auth_host => hiera('CONFIG_STORAGE_HOST_URL'), + auth_uri => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), + identity_uri => hiera('CONFIG_KEYSTONE_ADMIN_URL'), } diff --git a/packstack/puppet/templates/trove.pp b/packstack/puppet/templates/trove.pp index 64ccb90dc..d1d30ffab 100644 --- a/packstack/puppet/templates/trove.pp +++ b/packstack/puppet/templates/trove.pp @@ -7,8 +7,7 @@ class { '::trove::api': bind_host => $bind_host, enabled => true, keystone_password => hiera('CONFIG_TROVE_KS_PW'), - auth_host => hiera('CONFIG_KEYSTONE_HOST_URL'), - auth_port => 35357, + auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), cert_file => false, key_file => false, ca_file => false, @@ -16,16 +15,14 @@ class { '::trove::api': debug => hiera('CONFIG_DEBUG_MODE'), } -$trove_cfg_ctrl_host = hiera('CONFIG_KEYSTONE_HOST_URL') - class { '::trove::conductor': - auth_url => "http://${trove_cfg_ctrl_host}:5000/v2.0", + auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), verbose => true, debug => hiera('CONFIG_DEBUG_MODE'), } class { '::trove::taskmanager': - auth_url => "http://${trove_cfg_ctrl_host}:5000/v2.0", + auth_url => hiera('CONFIG_KEYSTONE_PUBLIC_URL'), verbose => true, debug => hiera('CONFIG_DEBUG_MODE'), }