scenario003: deploy keystone with fernet tokens
On Scenario003, deploy keystone with fernet tokens, to improve testing coverage and test out-of-the-box deployment. On other scenarios, deploy uuid by default. Change-Id: Id84982fc2a3843e4b413c6f3112e70fd2f749b9b
This commit is contained in:
3 changed files with 17 additions and 1 deletions
@@ -36,6 +36,7 @@ scenario](#All-In-One).
| ssl | yes | yes | yes | no |
| ipv6 | centos7 | centos7 | centos7 | no |
| keystone | X | X | X | X |
| tokens | uuid | uuid | fernet | uuid |
| glance | rbd | swift | file | file |
| nova | rbd | X | X | X |
| neutron | ovs | ovs | linuxbridge | ovs |
@@ -38,7 +38,9 @@ class { '::openstack_integration::config':
include::openstack_integration::cacert
include::openstack_integration::rabbitmq
include::openstack_integration::mysql
include::openstack_integration::keystone
class{ '::openstack_integration::keystone':
token_provider => 'fernet',
}
include::openstack_integration::glance
class{ '::openstack_integration::neutron':
driver => 'linuxbridge',
@@ -11,9 +11,14 @@
#andtheassociatedconfigurationinkeystone.confissetupright.
#Defaultstofalse
#
#[*token_provider*]
#(optional)Definethetokenprovidertouse.
#Defaultto'uuid'.
#
classopenstack_integration::keystone(
$default_domain=undef,
$using_domain_config=false,
$token_provider='uuid',
){
include ::openstack_integration::config
@@ -27,6 +32,12 @@ class openstack_integration::keystone (
Exec['update-ca-certificates']~>Service['httpd']
}
if$token_provider=='fernet'{
$enable_fernet_setup = true
}else{
$enable_fernet_setup = false
}
class{ '::keystone::client': }
class{ '::keystone::cron::token_flush': }
class{ '::keystone::db::mysql':
@@ -45,6 +56,8 @@ class openstack_integration::keystone (
public_bind_host => $::openstack_integration::config::host,
admin_bind_host => $::openstack_integration::config::host,
manage_policyrcd => true,
token_provider => $token_provider,
enable_fernet_setup => $enable_fernet_setup,
}
include::apache
class{ '::keystone::wsgi::apache':
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.