Updating default keystone API verson to 3

The keystone API version 3 has become the default API version
for a long time and our CI already uses keystone v3 API only.

In addition, our documentation recommended to use the cached session,
so switching the default API version to 3 does not hit the limitation
on the maximum size of session data when using the cookie-based
sessions.

This is based on django_opensatck_auth review
https://review.openstack.org/#/c/158384/

Implements blueprint: default-keystone-api-3
Change-Id: I79e9fbd3567cc69468694dbf043fecf422347c7e
This commit is contained in:
Akihiro Motoki 2017-12-21 02:48:35 +09:00
parent ad17915e43
commit cd49510878
7 changed files with 23 additions and 14 deletions

View File

@ -224,12 +224,12 @@ The standard installation uses a non-encrypted HTTP channel.
# For multiple regions uncomment this configuration, and add (endpoint, title).
# AVAILABLE_REGIONS = [
# ('http://cluster1.example.com:5000/v2.0', 'cluster1'),
# ('http://cluster2.example.com:5000/v2.0', 'cluster2'),
# ('http://cluster1.example.com:5000/v3', 'cluster1'),
# ('http://cluster2.example.com:5000/v3', 'cluster2'),
# ]
OPENSTACK_HOST = "127.0.0.1"
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member"
# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the

View File

@ -556,7 +556,7 @@ Default:
{
"data-processing": 1.1,
"identity": 2.0,
"identity": 3,
"volume": 2,
"compute": 2
}
@ -1173,7 +1173,7 @@ AVAILABLE_REGIONS
Default: ``None``
A list of tuples which define multiple regions. The tuple format is
``('http://{{ keystone_host }}:5000/v2.0', '{{ region_name }}')``. If any regions
``('http://{{ keystone_host }}:5000/v3', '{{ region_name }}')``. If any regions
are specified the login form will have a dropdown selector for authenticating
to the appropriate region, and there will be a region switcher dropdown in
the site header when logged in.
@ -1371,7 +1371,7 @@ OPENSTACK_KEYSTONE_URL
Horizon's `OPENSTACK_HOST`_ documentation
Default: ``"http://%s:5000/v2.0" % OPENSTACK_HOST``
Default: ``"http://%s:5000/v3" % OPENSTACK_HOST``
The full URL for the Keystone endpoint used for authentication. Unless you
are using HTTPS, running your Keystone server on a nonstandard port, or using

View File

@ -52,7 +52,7 @@ from within the ``horizon`` directory.
$ cp openstack_dashboard/local/local_settings.py.example openstack_dashboard/local/local_settings.py
Horizon connects to the rest of OpenStack via a Keystone service catalog. By
default Horizon looks for an endpoint at ``http://localhost:5000/v2.0``; this
default Horizon looks for an endpoint at ``http://localhost:5000/v3``; this
can be customised by modifying the ``OPENSTACK_HOST`` and
``OPENSTACK_KEYSTONE_URL`` values in
``openstack_dashboard/local/local_settings.py``

View File

@ -126,7 +126,7 @@ def remove_project_cache(token):
# Helper for figuring out keystone version
# Implementation will change when API version discovery is available
def get_keystone_version():
return getattr(settings, 'OPENSTACK_API_VERSIONS', {}).get('identity', 2.0)
return getattr(settings, 'OPENSTACK_API_VERSIONS', {}).get('identity', 3)
def get_session():

View File

@ -183,12 +183,12 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
# For multiple regions uncomment this configuration, and add (endpoint, title).
#AVAILABLE_REGIONS = [
# ('http://cluster1.example.com:5000/v2.0', 'cluster1'),
# ('http://cluster2.example.com:5000/v2.0', 'cluster2'),
# ('http://cluster1.example.com:5000/v3', 'cluster1'),
# ('http://cluster2.example.com:5000/v3', 'cluster2'),
#]
OPENSTACK_HOST = "127.0.0.1"
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
# For setting the default service region on a per-endpoint basis. Note that the

View File

@ -142,8 +142,8 @@ settings_utils.find_static_files(HORIZON_CONFIG, AVAILABLE_THEMES,
HORIZON_IMAGES_UPLOAD_MODE = 'legacy'
AVAILABLE_REGIONS = [
('http://localhost:5000/v2.0', 'local'),
('http://remote:5000/v2.0', 'remote'),
('http://localhost:5000/v3', 'local'),
('http://remote:5000/v3', 'remote'),
]
OPENSTACK_API_VERSIONS = {
@ -151,7 +151,7 @@ OPENSTACK_API_VERSIONS = {
"image": 2
}
OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v2.0"
OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v3"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

View File

@ -0,0 +1,9 @@
---
features:
- The keystone v3 API now becomes the default keystone API version.
upgrade:
- |
The default keystone API vesion is switch to ``v3``.
If you still use the keystone v2.0 API by default, you need to configure
``OPENSTACK_API_VERSIONS`` and ``OPENSTACK_KEYSTONE_URL``
to point to the keystone v2.0 API.