Browse code
Function for auth_token middleware config
Each project was configuring the auth_token middleware using several
lines of inisets. Since all the projects should configure the
auth_token middleware in the same way create a function and call it.
Change-Id: I3b6727d5a3bdc0ca600d8faa23bc6db32bb32260
Brant Knudson authored on 2014/09/20 07:22:22Showing 12 changed files
- lib/ceilometer
- lib/cinder
- lib/glance
- lib/heat
- lib/ironic
- lib/keystone
- lib/neutron
- lib/nova
- lib/sahara
- lib/swift
- lib/trove
- lib/zaqar
| ... | ... |
@@ -146,11 +146,7 @@ function configure_ceilometer {
|
| 146 | 146 |
iniset $CEILOMETER_CONF service_credentials os_password $SERVICE_PASSWORD |
| 147 | 147 |
iniset $CEILOMETER_CONF service_credentials os_tenant_name $SERVICE_TENANT_NAME |
| 148 | 148 |
|
| 149 |
- iniset $CEILOMETER_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI |
|
| 150 |
- iniset $CEILOMETER_CONF keystone_authtoken admin_user ceilometer |
|
| 151 |
- iniset $CEILOMETER_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 152 |
- iniset $CEILOMETER_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 153 |
- iniset $CEILOMETER_CONF keystone_authtoken signing_dir $CEILOMETER_AUTH_CACHE_DIR |
|
| 149 |
+ configure_auth_token_middleware $CEILOMETER_CONF ceilometer $CEILOMETER_AUTH_CACHE_DIR |
|
| 154 | 150 |
|
| 155 | 151 |
if [ "$CEILOMETER_BACKEND" = 'mysql' ] || [ "$CEILOMETER_BACKEND" = 'postgresql' ] ; then |
| 156 | 152 |
iniset $CEILOMETER_CONF database connection `database_connection_url ceilometer` |
| ... | ... |
@@ -212,12 +212,7 @@ function configure_cinder {
|
| 212 | 212 |
inicomment $CINDER_API_PASTE_INI filter:authtoken admin_password |
| 213 | 213 |
inicomment $CINDER_API_PASTE_INI filter:authtoken signing_dir |
| 214 | 214 |
|
| 215 |
- iniset $CINDER_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI |
|
| 216 |
- iniset $CINDER_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA |
|
| 217 |
- iniset $CINDER_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 218 |
- iniset $CINDER_CONF keystone_authtoken admin_user cinder |
|
| 219 |
- iniset $CINDER_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 220 |
- iniset $CINDER_CONF keystone_authtoken signing_dir $CINDER_AUTH_CACHE_DIR |
|
| 215 |
+ configure_auth_token_middleware $CINDER_CONF cinder $CINDER_AUTH_CACHE_DIR |
|
| 221 | 216 |
|
| 222 | 217 |
iniset $CINDER_CONF DEFAULT auth_strategy keystone |
| 223 | 218 |
iniset $CINDER_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL |
| ... | ... |
@@ -302,10 +297,6 @@ function configure_cinder {
|
| 302 | 302 |
-e 's/snapshot_autoextend_percent =.*/snapshot_autoextend_percent = 20/' \ |
| 303 | 303 |
/etc/lvm/lvm.conf |
| 304 | 304 |
fi |
| 305 |
- configure_API_version $CINDER_CONF $IDENTITY_API_VERSION |
|
| 306 |
- iniset $CINDER_CONF keystone_authtoken admin_user cinder |
|
| 307 |
- iniset $CINDER_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 308 |
- iniset $CINDER_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 309 | 305 |
|
| 310 | 306 |
iniset $CINDER_CONF DEFAULT osapi_volume_workers "$API_WORKERS" |
| 311 | 307 |
} |
| ... | ... |
@@ -96,13 +96,7 @@ function configure_glance {
|
| 96 | 96 |
iniset $GLANCE_REGISTRY_CONF DEFAULT sql_connection $dburl |
| 97 | 97 |
iniset $GLANCE_REGISTRY_CONF DEFAULT use_syslog $SYSLOG |
| 98 | 98 |
iniset $GLANCE_REGISTRY_CONF paste_deploy flavor keystone |
| 99 |
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI |
|
| 100 |
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA |
|
| 101 |
- configure_API_version $GLANCE_REGISTRY_CONF $IDENTITY_API_VERSION |
|
| 102 |
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 103 |
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken admin_user glance |
|
| 104 |
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 105 |
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/registry |
|
| 99 |
+ configure_auth_token_middleware $GLANCE_REGISTRY_CONF glance $GLANCE_AUTH_CACHE_DIR/registry |
|
| 106 | 100 |
if is_service_enabled qpid || [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; then |
| 107 | 101 |
iniset $GLANCE_REGISTRY_CONF DEFAULT notification_driver messaging |
| 108 | 102 |
fi |
| ... | ... |
@@ -115,17 +109,11 @@ function configure_glance {
|
| 115 | 115 |
iniset $GLANCE_API_CONF DEFAULT use_syslog $SYSLOG |
| 116 | 116 |
iniset $GLANCE_API_CONF DEFAULT image_cache_dir $GLANCE_CACHE_DIR/ |
| 117 | 117 |
iniset $GLANCE_API_CONF paste_deploy flavor keystone+cachemanagement |
| 118 |
- iniset $GLANCE_API_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI |
|
| 119 |
- iniset $GLANCE_API_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA |
|
| 120 |
- configure_API_version $GLANCE_API_CONF $IDENTITY_API_VERSION |
|
| 121 |
- iniset $GLANCE_API_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 122 |
- iniset $GLANCE_API_CONF keystone_authtoken admin_user glance |
|
| 123 |
- iniset $GLANCE_API_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 118 |
+ configure_auth_token_middleware $GLANCE_API_CONF glance $GLANCE_AUTH_CACHE_DIR/api |
|
| 124 | 119 |
if is_service_enabled qpid || [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; then |
| 125 | 120 |
iniset $GLANCE_API_CONF DEFAULT notification_driver messaging |
| 126 | 121 |
fi |
| 127 | 122 |
iniset_rpc_backend glance $GLANCE_API_CONF DEFAULT |
| 128 |
- iniset $GLANCE_API_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/api |
|
| 129 | 123 |
if [ "$VIRT_DRIVER" = 'xenserver' ]; then |
| 130 | 124 |
iniset $GLANCE_API_CONF DEFAULT container_formats "ami,ari,aki,bare,ovf,tgz" |
| 131 | 125 |
iniset $GLANCE_API_CONF DEFAULT disk_formats "ami,ari,aki,vhd,raw,iso" |
| ... | ... |
@@ -110,14 +110,7 @@ function configure_heat {
|
| 110 | 110 |
setup_colorized_logging $HEAT_CONF DEFAULT tenant user |
| 111 | 111 |
fi |
| 112 | 112 |
|
| 113 |
- # keystone authtoken |
|
| 114 |
- iniset $HEAT_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI |
|
| 115 |
- configure_API_version $HEAT_CONF $IDENTITY_API_VERSION |
|
| 116 |
- iniset $HEAT_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA |
|
| 117 |
- iniset $HEAT_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 118 |
- iniset $HEAT_CONF keystone_authtoken admin_user heat |
|
| 119 |
- iniset $HEAT_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 120 |
- iniset $HEAT_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR |
|
| 113 |
+ configure_auth_token_middleware $HEAT_CONF heat $HEAT_AUTH_CACHE_DIR |
|
| 121 | 114 |
|
| 122 | 115 |
if is_ssl_enabled_service "key"; then |
| 123 | 116 |
iniset $HEAT_CONF clients_keystone ca_file $KEYSTONE_SSL_CA |
| ... | ... |
@@ -243,14 +243,8 @@ function configure_ironic {
|
| 243 | 243 |
function configure_ironic_api {
|
| 244 | 244 |
iniset $IRONIC_CONF_FILE DEFAULT auth_strategy keystone |
| 245 | 245 |
iniset $IRONIC_CONF_FILE DEFAULT policy_file $IRONIC_POLICY_JSON |
| 246 |
- iniset $IRONIC_CONF_FILE keystone_authtoken identity_uri $KEYSTONE_AUTH_URI |
|
| 247 |
- iniset $IRONIC_CONF_FILE keystone_authtoken cafile $KEYSTONE_SSL_CA |
|
| 248 |
- iniset $IRONIC_CONF_FILE keystone_authtoken auth_uri $KEYSTONE_SERVICE_URI |
|
| 249 |
- iniset $IRONIC_CONF_FILE keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 250 |
- iniset $IRONIC_CONF_FILE keystone_authtoken admin_user ironic |
|
| 251 |
- iniset $IRONIC_CONF_FILE keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 246 |
+ configure_auth_token_middleware $IRONIC_CONF_FILE ironic $IRONIC_AUTH_CACHE_DIR/api |
|
| 252 | 247 |
iniset_rpc_backend ironic $IRONIC_CONF_FILE DEFAULT |
| 253 |
- iniset $IRONIC_CONF_FILE keystone_authtoken signing_dir $IRONIC_AUTH_CACHE_DIR/api |
|
| 254 | 248 |
|
| 255 | 249 |
cp -p $IRONIC_DIR/etc/ironic/policy.json $IRONIC_POLICY_JSON |
| 256 | 250 |
} |
| ... | ... |
@@ -386,11 +386,37 @@ function create_keystone_accounts {
|
| 386 | 386 |
} |
| 387 | 387 |
|
| 388 | 388 |
# Configure the API version for the OpenStack projects. |
| 389 |
-# configure_API_version conf_file version |
|
| 389 |
+# configure_API_version conf_file version [section] |
|
| 390 | 390 |
function configure_API_version {
|
| 391 | 391 |
local conf_file=$1 |
| 392 | 392 |
local api_version=$2 |
| 393 |
- iniset $conf_file keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$api_version |
|
| 393 |
+ local section=${3:-keystone_authtoken}
|
|
| 394 |
+ iniset $conf_file $section auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$api_version |
|
| 395 |
+} |
|
| 396 |
+ |
|
| 397 |
+# Configure the service to use the auth token middleware. |
|
| 398 |
+# |
|
| 399 |
+# configure_auth_token_middleware conf_file admin_user signing_dir [section] |
|
| 400 |
+# |
|
| 401 |
+# section defaults to keystone_authtoken, which is where auth_token looks in |
|
| 402 |
+# the .conf file. If the paste config file is used (api-paste.ini) then |
|
| 403 |
+# provide the section name for the auth_token filter. |
|
| 404 |
+function configure_auth_token_middleware {
|
|
| 405 |
+ local conf_file=$1 |
|
| 406 |
+ local admin_user=$2 |
|
| 407 |
+ local signing_dir=$3 |
|
| 408 |
+ local section=${4:-keystone_authtoken}
|
|
| 409 |
+ |
|
| 410 |
+ iniset $conf_file $section auth_host $KEYSTONE_AUTH_HOST |
|
| 411 |
+ iniset $conf_file $section auth_port $KEYSTONE_AUTH_PORT |
|
| 412 |
+ iniset $conf_file $section auth_protocol $KEYSTONE_AUTH_PROTOCOL |
|
| 413 |
+ iniset $conf_file $section identity_uri $KEYSTONE_AUTH_URI |
|
| 414 |
+ iniset $conf_file $section cafile $KEYSTONE_SSL_CA |
|
| 415 |
+ configure_API_version $conf_file $IDENTITY_API_VERSION $section |
|
| 416 |
+ iniset $conf_file $section admin_tenant_name $SERVICE_TENANT_NAME |
|
| 417 |
+ iniset $conf_file $section admin_user $admin_user |
|
| 418 |
+ iniset $conf_file $section admin_password $SERVICE_PASSWORD |
|
| 419 |
+ iniset $conf_file $section signing_dir $signing_dir |
|
| 394 | 420 |
} |
| 395 | 421 |
|
| 396 | 422 |
# init_keystone() - Initialize databases, etc. |
| ... | ... |
@@ -794,7 +794,7 @@ function _configure_neutron_metadata_agent {
|
| 794 | 794 |
iniset $Q_META_CONF_FILE DEFAULT nova_metadata_ip $Q_META_DATA_IP |
| 795 | 795 |
iniset $Q_META_CONF_FILE DEFAULT root_helper "$Q_RR_COMMAND" |
| 796 | 796 |
|
| 797 |
- _neutron_setup_keystone $Q_META_CONF_FILE DEFAULT True True |
|
| 797 |
+ _neutron_setup_keystone $Q_META_CONF_FILE DEFAULT |
|
| 798 | 798 |
|
| 799 | 799 |
} |
| 800 | 800 |
|
| ... | ... |
@@ -936,23 +936,9 @@ function _neutron_setup_rootwrap {
|
| 936 | 936 |
function _neutron_setup_keystone {
|
| 937 | 937 |
local conf_file=$1 |
| 938 | 938 |
local section=$2 |
| 939 |
- local use_auth_url=$3 |
|
| 940 |
- local skip_auth_cache=$4 |
|
| 941 | 939 |
|
| 942 |
- if [[ -n $use_auth_url ]]; then |
|
| 943 |
- iniset $conf_file $section auth_url $KEYSTONE_SERVICE_URI/v2.0 |
|
| 944 |
- else |
|
| 945 |
- iniset $conf_file $section auth_uri $KEYSTONE_SERVICE_URI |
|
| 946 |
- iniset $conf_file $section identity_uri $KEYSTONE_AUTH_URI |
|
| 947 |
- fi |
|
| 948 |
- iniset $conf_file $section admin_tenant_name $SERVICE_TENANT_NAME |
|
| 949 |
- iniset $conf_file $section admin_user $Q_ADMIN_USERNAME |
|
| 950 |
- iniset $conf_file $section admin_password $SERVICE_PASSWORD |
|
| 951 |
- if [[ -z $skip_auth_cache ]]; then |
|
| 952 |
- iniset $conf_file $section signing_dir $NEUTRON_AUTH_CACHE_DIR |
|
| 953 |
- # Create cache dir |
|
| 954 |
- create_neutron_cache_dir |
|
| 955 |
- fi |
|
| 940 |
+ create_neutron_cache_dir |
|
| 941 |
+ configure_auth_token_middleware $conf_file $Q_ADMIN_USERNAME $NEUTRON_AUTH_CACHE_DIR $section |
|
| 956 | 942 |
} |
| 957 | 943 |
|
| 958 | 944 |
function _neutron_setup_interface_driver {
|
| ... | ... |
@@ -438,17 +438,9 @@ function create_nova_conf {
|
| 438 | 438 |
iniset $NOVA_CONF DEFAULT osapi_compute_listen_port "$NOVA_SERVICE_PORT_INT" |
| 439 | 439 |
fi |
| 440 | 440 |
|
| 441 |
- # Add keystone authtoken configuration |
|
| 442 |
- |
|
| 443 |
- iniset $NOVA_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI |
|
| 444 |
- iniset $NOVA_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 445 |
- iniset $NOVA_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA |
|
| 446 |
- iniset $NOVA_CONF keystone_authtoken admin_user nova |
|
| 447 |
- iniset $NOVA_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 441 |
+ configure_auth_token_middleware $NOVA_CONF nova $NOVA_AUTH_CACHE_DIR |
|
| 448 | 442 |
fi |
| 449 | 443 |
|
| 450 |
- iniset $NOVA_CONF keystone_authtoken signing_dir $NOVA_AUTH_CACHE_DIR |
|
| 451 |
- |
|
| 452 | 444 |
if [ -n "$NOVA_STATE_PATH" ]; then |
| 453 | 445 |
iniset $NOVA_CONF DEFAULT state_path "$NOVA_STATE_PATH" |
| 454 | 446 |
iniset $NOVA_CONF DEFAULT lock_path "$NOVA_STATE_PATH" |
| ... | ... |
@@ -106,16 +106,7 @@ function configure_sahara {
|
| 106 | 106 |
sudo chown $STACK_USER $SAHARA_AUTH_CACHE_DIR |
| 107 | 107 |
rm -rf $SAHARA_AUTH_CACHE_DIR/* |
| 108 | 108 |
|
| 109 |
- # Set actual keystone auth configs |
|
| 110 |
- iniset $SAHARA_CONF_FILE keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/ |
|
| 111 |
- iniset $SAHARA_CONF_FILE keystone_authtoken auth_host $KEYSTONE_AUTH_HOST |
|
| 112 |
- iniset $SAHARA_CONF_FILE keystone_authtoken auth_port $KEYSTONE_AUTH_PORT |
|
| 113 |
- iniset $SAHARA_CONF_FILE keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL |
|
| 114 |
- iniset $SAHARA_CONF_FILE keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 115 |
- iniset $SAHARA_CONF_FILE keystone_authtoken admin_user sahara |
|
| 116 |
- iniset $SAHARA_CONF_FILE keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 117 |
- iniset $SAHARA_CONF_FILE keystone_authtoken signing_dir $SAHARA_AUTH_CACHE_DIR |
|
| 118 |
- iniset $SAHARA_CONF_FILE keystone_authtoken cafile $KEYSTONE_SSL_CA |
|
| 109 |
+ configure_auth_token_middleware $SAHARA_CONF_FILE sahara $SAHARA_AUTH_CACHE_DIR |
|
| 119 | 110 |
|
| 120 | 111 |
# Set configuration to send notifications |
| 121 | 112 |
|
| ... | ... |
@@ -382,15 +382,7 @@ function configure_swift {
|
| 382 | 382 |
|
| 383 | 383 |
# Configure Keystone |
| 384 | 384 |
sed -i '/^# \[filter:authtoken\]/,/^# \[filter:keystoneauth\]$/ s/^#[ \t]*//' ${SWIFT_CONFIG_PROXY_SERVER}
|
| 385 |
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_host $KEYSTONE_AUTH_HOST
|
|
| 386 |
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_port $KEYSTONE_AUTH_PORT
|
|
| 387 |
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
|
|
| 388 |
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken cafile $KEYSTONE_SSL_CA
|
|
| 389 |
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/
|
|
| 390 |
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME
|
|
| 391 |
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken admin_user swift
|
|
| 392 |
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken admin_password $SERVICE_PASSWORD
|
|
| 393 |
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken signing_dir $SWIFT_AUTH_CACHE_DIR
|
|
| 385 |
+ configure_auth_token_middleware ${SWIFT_CONFIG_PROXY_SERVER} swift $SWIFT_AUTH_CACHE_DIR filter:authtoken
|
|
| 394 | 386 |
# This causes the authtoken middleware to use the same python logging |
| 395 | 387 |
# adapter provided by the swift proxy-server, so that request transaction |
| 396 | 388 |
# IDs will included in all of its log messages. |
| ... | ... |
@@ -128,12 +128,7 @@ function configure_trove {
|
| 128 | 128 |
cp $TROVE_LOCAL_CONF_DIR/api-paste.ini $TROVE_CONF_DIR/api-paste.ini |
| 129 | 129 |
TROVE_API_PASTE_INI=$TROVE_CONF_DIR/api-paste.ini |
| 130 | 130 |
|
| 131 |
- iniset $TROVE_API_PASTE_INI filter:authtoken identity_uri $KEYSTONE_AUTH_URI |
|
| 132 |
- iniset $TROVE_API_PASTE_INI filter:authtoken cafile $KEYSTONE_SSL_CA |
|
| 133 |
- iniset $TROVE_API_PASTE_INI filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 134 |
- iniset $TROVE_API_PASTE_INI filter:authtoken admin_user trove |
|
| 135 |
- iniset $TROVE_API_PASTE_INI filter:authtoken admin_password $SERVICE_PASSWORD |
|
| 136 |
- iniset $TROVE_API_PASTE_INI filter:authtoken signing_dir $TROVE_AUTH_CACHE_DIR |
|
| 131 |
+ configure_auth_token_middleware $TROVE_API_PASTE_INI trove $TROVE_AUTH_CACHE_DIR filter:authtoken |
|
| 137 | 132 |
|
| 138 | 133 |
# (Re)create trove conf files |
| 139 | 134 |
rm -f $TROVE_CONF_DIR/trove.conf |
| ... | ... |
@@ -107,11 +107,7 @@ function configure_zaqar {
|
| 107 | 107 |
iniset $ZAQAR_CONF DEFAULT log_file $ZAQAR_API_LOG_FILE |
| 108 | 108 |
iniset $ZAQAR_CONF 'drivers:transport:wsgi' bind $ZAQAR_SERVICE_HOST |
| 109 | 109 |
|
| 110 |
- iniset $ZAQAR_CONF keystone_authtoken auth_protocol http |
|
| 111 |
- iniset $ZAQAR_CONF keystone_authtoken admin_user zaqar |
|
| 112 |
- iniset $ZAQAR_CONF keystone_authtoken admin_password $SERVICE_PASSWORD |
|
| 113 |
- iniset $ZAQAR_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME |
|
| 114 |
- iniset $ZAQAR_CONF keystone_authtoken signing_dir $ZAQAR_AUTH_CACHE_DIR |
|
| 110 |
+ configure_auth_token_middleware $ZAQAR_CONF zaqar $ZAQAR_AUTH_CACHE_DIR |
|
| 115 | 111 |
|
| 116 | 112 |
if [ "$ZAQAR_BACKEND" = 'mysql' ] || [ "$ZAQAR_BACKEND" = 'postgresql' ] ; then |
| 117 | 113 |
iniset $ZAQAR_CONF drivers storage sqlalchemy |