Use trusts in heat.conf
Change-Id: Ie91b3498e9f9d0d74a502ba6945db531ef967516 Closes-Bug: #1492736
This commit is contained in:
parent
4caf6fafca
commit
64b767f9f6
@ -10,7 +10,9 @@ stack_domain_admin_password = {{ heat_domain_admin_password }}
|
|||||||
stack_user_domain_name = heat_user_domain
|
stack_user_domain_name = heat_user_domain
|
||||||
|
|
||||||
rpc_backend = rabbit
|
rpc_backend = rabbit
|
||||||
deferred_auth_method = password
|
notification_driver = noop
|
||||||
|
deferred_auth_method = trusts
|
||||||
|
trusts_delegated_role = heat_stack_owner
|
||||||
|
|
||||||
syslog_log_facility=LOG_LOCAL0
|
syslog_log_facility=LOG_LOCAL0
|
||||||
use_syslog=yes
|
use_syslog=yes
|
||||||
@ -46,6 +48,16 @@ project_name = service
|
|||||||
username = heat
|
username = heat
|
||||||
password = {{ heat_keystone_password }}
|
password = {{ heat_keystone_password }}
|
||||||
|
|
||||||
|
[trustee]
|
||||||
|
auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }}
|
||||||
|
auth_url = http://{{ kolla_internal_address }}:{{ keystone_admin_port }}
|
||||||
|
auth_plugin = password
|
||||||
|
project_domain_id = default
|
||||||
|
user_domain_id = default
|
||||||
|
project_name = service
|
||||||
|
username = heat
|
||||||
|
password = {{ heat_keystone_password }}
|
||||||
|
|
||||||
[ec2authtoken]
|
[ec2authtoken]
|
||||||
auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }}
|
auth_uri = http://{{ kolla_internal_address }}:{{ keystone_public_port }}
|
||||||
|
|
||||||
|
@ -4,8 +4,10 @@
|
|||||||
# of the KOLLA_BOOTSTRAP variable being set, including empty.
|
# of the KOLLA_BOOTSTRAP variable being set, including empty.
|
||||||
if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
|
if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
|
||||||
heat-manage db_sync
|
heat-manage db_sync
|
||||||
openstack domain create heat_user_domain
|
openstack domain create heat
|
||||||
openstack user create --domain heat_user_domain heat_domain_admin --password ${HEAT_DOMAIN_ADMIN_PASSWORD}
|
openstack user create --domain heat heat_domain_admin --password ${HEAT_DOMAIN_ADMIN_PASSWORD}
|
||||||
openstack role add --domain heat_user_domain --user heat_domain_admin admin
|
openstack role add --domain heat --user heat_domain_admin admin
|
||||||
|
openstack role create heat_stack_owner
|
||||||
|
openstack role create heat_stack_user
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
Loading…
Reference in New Issue
Block a user