| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
To support tempest, modify keystone identity.sh
script to:
* add user with username=alt_demo, tenant=alt_demo,
and password=password into keystone.
* add user "admin" into tenant "demo".
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
Since Grizzly release Keystone defaults to storing tokens in PKI
format. Some software works better with keystone if tokens
are in the older UUID format. This change allows a simple way
to set the storage format within the bitbake receipes. The default
is to use the newer PKI format.
Signed-off-by: Keith Holman <Keith.Holman@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
authentication chaining
The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and
icehouse before icehouse-rc2 allows remote attackers to cause a denial of
service (CPU consumption) via a large number of the same authentication
method in a request, aka "authentication chaining."
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Modify Keystone identity.sh to add Swift user, service,
and service endpoints into Keystone.
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
| |
Explicitly enable --log-dir to enable logging where available
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
Add status/reload to sysvinit scripts
Modify tgtd to make start/stop work better (borrowed from Debian's
implementation)
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
Tests in keystone/tests are failed because they
looks for some config files at wrong location.
Currently all the keystone config files are at
/etc/keystone.
Signed-off-by: Vu Tran <vu.tran@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
Explicitly update the default keystone configuration file to indicate
the sql token backend, and set the default timeout value to 3600 seconds.
This both improves performance and ages out tokens sooner, keeping the
token list and database smaller.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Updating the ceilometer component to the latest havana stable updates.
Of note in the update is the removel of the old global statistics table
for ceilometer.
To properly display metering statistics after this update the keystone
credentials need to be udpated in keystone (add ceilometer with an
admin role) and ceilometer to use the proper username/password to
authenticate.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
To support the execution of the chkconfig and service scripts, we need
to ensure a consistent header on the initscripts, and a consistent
environment that allows scratch files to be written.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
Introducing the OpenStack Havana heat component. This initial integration
covers the basic integration with keystone and horizon, but does not
fully enable stack management. Subsequent updates will enable the full
functionality.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
Create the metering service and endpoints required to interact with the
ceilometer component.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
Update the default system identities to include the roles and users required
to support ceilometer.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Updating the OpenStack networking component to the havana release version.
As part of this switch, we rename the components from quantum to neutron
and switch to a git based build for the client and servers.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
To make keystone work properly in a node with "real" IP addresses,
both the configuration and identity setup script should use the
external address and not localhost.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Sometimes it is desirable to double check the identities, roles and
ids in the system. To re-intialize the database, we can allow identity.sh
to be re run.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
| |
Create the default openrc file for the keystone python install.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
The keystone package is only installed on a controller node.
This way the credentials can be loaded on both types of nodes.
Signed-off-by: Mihai Prica <prica.mihai@gmail.com>
|
| |
|
|
|
|
|
| |
The user and password for postgresql are defined in the
identity class and are loaded by the recipes from this class.
Signed-off-by: Mihai Prica <prica.mihai@gmail.com>
|
| |
|
|
| |
Signed-off-by: Mihai Prica <prica.mihai@gmail.com>
|
| |
|
|
| |
Signed-off-by: Mihai Prica <prica.mihai@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The identity.sh script creates all the users and other
configurations for the openstack services. The openrc
file contains some environment variables that are used
by the openstack CLI commands.
Signed-off-by: Mihai Prica <prica.mihai@gmail.com>
|
| |
|
|
| |
Signed-off-by: Mihai Prica <prica.mihai@gmail.com>
|
|
|
The configuration file contains default options.
Signed-off-by: Mihai Prica <prica.mihai@gmail.com>
|
