b328838104
* Use username/password instead of service token for service auth to Keystone
* Updates files/glance-*-paste.ini and files/swift/proxy-server.conf
* keystone_data.sh creates 'service' tenant, 'nova' and 'glance' users
('swift' and 'quantum' if those services are enabled)
* Uses $SERVICE_PASSWORD for the service auth password. There is no default;
to default to $ADMIN_PASSWORD, place the assignment in localrc.
Fixes bug 942983
Change-Id: If78eed1b509a9c1e8441bb4cfa095da9052f9395
35 lines
1.4 KiB
INI
35 lines
1.4 KiB
INI
[pipeline:glance-registry]
|
|
#pipeline = context registryapp
|
|
# NOTE: use the following pipeline for keystone
|
|
pipeline = authtoken auth-context context registryapp
|
|
|
|
[app:registryapp]
|
|
paste.app_factory = glance.common.wsgi:app_factory
|
|
glance.app_factory = glance.registry.api.v1:API
|
|
|
|
[filter:context]
|
|
context_class = glance.registry.context.RequestContext
|
|
paste.filter_factory = glance.common.wsgi:filter_factory
|
|
glance.filter_factory = glance.common.context:ContextMiddleware
|
|
|
|
[filter:authtoken]
|
|
paste.filter_factory = keystone.middleware.auth_token:filter_factory
|
|
# FIXME(dtroyer): remove these service_* entries after auth_token is updated
|
|
service_host = %KEYSTONE_SERVICE_HOST%
|
|
service_port = %KEYSTONE_SERVICE_PORT%
|
|
service_protocol = %KEYSTONE_SERVICE_PROTOCOL%
|
|
auth_host = %KEYSTONE_AUTH_HOST%
|
|
auth_port = %KEYSTONE_AUTH_PORT%
|
|
auth_protocol = %KEYSTONE_AUTH_PROTOCOL%
|
|
auth_uri = %KEYSTONE_SERVICE_PROTOCOL%://%KEYSTONE_SERVICE_HOST%:%KEYSTONE_SERVICE_PORT%/
|
|
# FIXME(dtroyer): remove admin_token after auth_token is updated
|
|
admin_token = %SERVICE_TOKEN%
|
|
admin_tenant_name = %SERVICE_TENANT_NAME%
|
|
admin_user = %SERVICE_USERNAME%
|
|
admin_password = %SERVICE_PASSWORD%
|
|
|
|
[filter:auth-context]
|
|
context_class = glance.registry.context.RequestContext
|
|
paste.filter_factory = glance.common.wsgi:filter_factory
|
|
glance.filter_factory = keystone.middleware.glance_auth_token:KeystoneContextMiddleware
|