Browse code
Merge "Use keystoneauth middleware from swift."
Jenkins authored on 2012/08/17 02:10:59Showing 2 changed files
| ... | ... |
@@ -1528,7 +1528,7 @@ if is_service_enabled swift; then |
| 1528 | 1528 |
# which has some default username and password if you have |
| 1529 | 1529 |
# configured keystone it will checkout the directory. |
| 1530 | 1530 |
if is_service_enabled key; then |
| 1531 |
- swift_auth_server+="authtoken keystone" |
|
| 1531 |
+ swift_auth_server+="authtoken keystoneauth" |
|
| 1532 | 1532 |
else |
| 1533 | 1533 |
swift_auth_server=tempauth |
| 1534 | 1534 |
fi |
| ... | ... |
@@ -1558,23 +1558,20 @@ if is_service_enabled swift; then |
| 1558 | 1558 |
|
| 1559 | 1559 |
iniset ${SWIFT_CONFIG_PROXY_SERVER} app:proxy-server account_autocreate true
|
| 1560 | 1560 |
|
| 1561 |
- cat <<EOF>>${SWIFT_CONFIG_PROXY_SERVER}
|
|
| 1561 |
+ # Configure Keystone |
|
| 1562 |
+ sed -i '/^# \[filter:authtoken\]/,/^# \[filter:keystoneauth\]$/ s/^#[ \t]*//' ${SWIFT_CONFIG_PROXY_SERVER}
|
|
| 1563 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_host $KEYSTONE_AUTH_HOST
|
|
| 1564 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_port $KEYSTONE_AUTH_PORT
|
|
| 1565 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
|
|
| 1566 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/
|
|
| 1567 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME
|
|
| 1568 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken admin_user swift
|
|
| 1569 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken admin_password $SERVICE_PASSWORD
|
|
| 1562 | 1570 |
|
| 1563 |
-[filter:keystone] |
|
| 1564 |
-paste.filter_factory = keystone.middleware.swift_auth:filter_factory |
|
| 1565 |
-operator_roles = Member,admin |
|
| 1571 |
+ iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} filter:keystoneauth use
|
|
| 1572 |
+ iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} filter:keystoneauth operator_roles
|
|
| 1573 |
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:keystoneauth operator_roles "Member, admin"
|
|
| 1566 | 1574 |
|
| 1567 |
-[filter:authtoken] |
|
| 1568 |
-paste.filter_factory = keystone.middleware.auth_token:filter_factory |
|
| 1569 |
-auth_host = ${KEYSTONE_AUTH_HOST}
|
|
| 1570 |
-auth_port = ${KEYSTONE_AUTH_PORT}
|
|
| 1571 |
-auth_protocol = ${KEYSTONE_AUTH_PROTOCOL}
|
|
| 1572 |
-auth_uri = ${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}/
|
|
| 1573 |
-admin_tenant_name = ${SERVICE_TENANT_NAME}
|
|
| 1574 |
-admin_user = swift |
|
| 1575 |
-admin_password = ${SERVICE_PASSWORD}
|
|
| 1576 |
-delay_auth_decision = 1 |
|
| 1577 |
-EOF |
|
| 1578 | 1575 |
if is_service_enabled swift3;then |
| 1579 | 1576 |
cat <<EOF>>${SWIFT_CONFIG_PROXY_SERVER}
|
| 1580 | 1577 |
# NOTE(chmou): s3token middleware is not updated yet to use only |