Keystone v2.0 API was removed so we have no choice but configuring
user_domain_name and project_domain_name otherwise it fallbacks to
Keystone v2.0 and it fails. This patch sets the default value so we make
sure Keystone v3 will be used out of the box for our users.
Change-Id: I6949b5e00ec26ddc66cbe08de7420468d6b34954
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
The revocation_cache_time is deprecated for removel because of PKI
token format is no longer supported.
Update warning message and add a release note.
Change-Id: I8fea10159dfd4a8c1cee2242a2dbf9abc86b4686
Closes-Bug: #1717144
The python-memcache package is required if using memcached. By
default the package is not installed and the define has it set to
false. This change allows managing the python-memcache package
install from the authtoken class.
Change-Id: If8fea78f01e1bf54689f9ac9cb69ae4ca6be19dc
The signing_dir is deprecated for removel because of PKI token format
is no longer supported.
Update warning message and release note.
Change-Id: I9adf3d2a0301c717321a09240a15352f8712b9d9
Closes-Bug: #1652700
This adds defined anchor points for external modules to hook into the
software install, config and service dependency chain. This allows
external modules to manage software installation (virtualenv,
containers, etc) and service management (pacemaker) without needing rely
on resources that may change or be renamed.
Change-Id: I0d18ec6ffe6b54c85773a6dabb0ed7b6f59a12f4
Since we are in ocata lets remove all old parameters
in api to configure the keystone_authtoken section
Change-Id: I101d1d38ad405dd8a418cb63f7345f7fd700cebe
In ceilometer::api, use keystone::resource::authtoken to configure
keystone_authsection in the configuration file.
Some deprecations:
- ceilometer::api::identity_uri is deprecated in favor of
ceilometer::api::auth_url
- ceilometer::api::keystone_tenant is deprecated in favor of
ceilometer::api::project_name.
- ceilometer::api::keystone_user is deprecated in favor of
ceilometer::api::username.
- ceilometer::api::keystone_password is deprecated in favor of
ceilometer::api::password.
-Remove deprecated parameters
Change-Id: Iebfb4caf7d4675e17b866142292d421dcf62f63b
Related-Bug: #1604463
This change updates the ceilometer::keystone::auth class to include a
default service_name of 'ceilometer' so that if a user changes the
auth_name, the service is still created as being related to
'ceilometer'. This improves the user experiance when they want to
customize the usernames for services.
Change-Id: I472dd78c1b4fd8d3d4667aede56358cf6254617d
Closes-Bug: #1590040
Drop service dependency for Keystone_user_role.
Without that patch, Ceilometer & Keystone running in WSGI will fail to compile
the catalog because a dependency cycle:
Anchor[keystone_started] => Keystone_user_role[ceilometer@services] =>
Service[ceilometer-api] => Service[httpd] => Anchor[keystone_started]
The dependency is not really useful because it does not prevent the
service to start.
Change-Id: Id8366cd5d2ddf6da468ecc7adb7d55eb8be4c8d8
This commit adds the service description as a class parameter in order to allow
users to update from a previous version if the service description is changed
(incorrectly spelled or wrong description)
Change-Id: Ia0ddf657991db1dd82ca063a944132643054d514
Closes-Bug: #1468407
This change deprecates the following parameters:
- port (replaced by public/internal/admin_url)
- public_protocol (replaced by public_url)
- public_address (replaced by public_url)
- internal_protocol (replaced by internal_url)
- internal_address (replaced by internal_url)
- admin_protocol (replaced by admin_url)
- admin_address (replaced by admin_url)
Add deprecation warnings if any of those values are provided
while maintaining full backward compatibility.
Closes-bug: #1274979
Change-Id: Ia20f9d032fada10979383446f78ff57035b9c763
This changes the puppet-lint requirement to 1.1.x, so that we can use
puppet-lint plugins. Most of these plugins are for 4.x compat, but some
just catch common errors.
This commit also remove custom metadata rake task (this task is now
provided by puppetlabs_spec_helper).
Conflicts:
Gemfile
Change-Id: I22369948db6a2f8ddab9b8c93c3a047ff2e229ca
Refactorise the code of Keystone resources management with backward
compatibility since we don't modify the unit tests.
Change-Id: Iafbe248ef0314b8abc31d22a7631df51e23f2c48
Implements: blueprint common-openstack-identity-resource
In some cases it is useful to be able to just configure
the service in Keystone and not the service user. This
is the case when e.g. a read only LDAP backend is used.
Added a parameter configure_user (defaults to true).
Closes-Bug: 1360232
Change-Id: I541224b9bf431da957b9de31909e0aad5c9be187
Instead of forcing the name of the service in the service catalog to
match auth_name, this allows the ability to explicitly set the service
name, spearately from auth_name.
If service_name is not specified, it's value defaults to the value
of auth_name (which maintains the current behavior.)
Closes-bug: #1359755
Change-Id: I66dadaebb526cfae2b6c250b2bef97e1e6d6aafe
This changeset allows to set full url for endpoints. The default is
still to use the {public,admin,internal}_{protocol,host} and port
variables. The {public,admin,internal}_url parameters override the
_protocol, _host & port parameters.
There were previously one parameter for each {public,admin,internal}
endpoint url component (protocol, host), but not port.
Adding more parameters to allow different port would add too much
parameters and still missing the path part.
Fixes Bug#1227742
Change-Id: I834be8ab0f160b24348d218197711e8ecc392f5b