4 Commits

Author SHA1 Message Date
jackning
cebed25608 Change keystone.log's permit to keystone:keystone
At present, keystone.log's user:group permit is root:kolla,
when got token from keystone, it failed. The reason is that:
Permission denied. So it shoud be changed keystone:keystone.

Change-Id: Ibbbf1d88ba16e5040f9068ea9948373d10593514
Closes-Bug: #1631685
2016-10-09 03:26:36 -04:00
Paul Bourke
b41247c656 Add header blocks to all Dockerfiles
Change needed to add header blocks to all Dockerfiles, similar to the
base.

Use case is to easily run something before packages are installed, e.g.
to COPY a local rpm in that can be added to the package list.

Change-Id: I1bbfdf0b762da0a392aa8bf47781315b45377bee
Closes-Bug: 1618969
2016-09-13 16:53:31 +01:00
Eduardo Gonzalez
8e98e5f15e Change source with dot at extend_start files
Is a best practice in Unix/Linux scripts to use dots
instead of source command.
Using dots will avoid issues with non BASH shells

TrivialFix
Change-Id: Ie6480a1954f853f79faffa093452715ebd9f7d90
Signed-off-by: Eduardo Gonzalez <dabarren@gmail.com>
2016-08-29 07:29:16 +02:00
Shaun Smekel
524868c632 Add dockerfiles for keystone fernet
This adds the docker aspects of fernet key bootstrapping as well as
distributed key rotation.

- Bootstrapping is handled in the same way as keystone bootstrap.
- A new keystone-fernet and keystone-ssh container is created to allow
  the nodes to communicate with each other (taken from nova-ssh).
- The keystone-fernet is a keystone container with crontab installed.
  This will handle key rotations through keystone-manage and trigger
  an rsync to push new tokens to other nodes.

The Ansible component is implemented in:
  https://review.openstack.org/#/c/349366

Change-Id: Id610e00e8c63c7f1bc0974c0aa1b3f44c18e1019
Partially-Implements: blueprint keystone-fernet-token
Partially-Implements: blueprint third-party-plugin-support
2016-08-25 20:13:02 +10:00