Browse code
Merge "Use stevedore for keystone backends"
Jenkins authored on 2015/05/16 07:59:18Showing 1 changed files
| ... | ... |
@@ -64,21 +64,21 @@ KEYSTONE_EXTENSIONS=${KEYSTONE_EXTENSIONS:-}
|
| 64 | 64 |
# Toggle for deploying Keystone under HTTPD + mod_wsgi |
| 65 | 65 |
KEYSTONE_USE_MOD_WSGI=${KEYSTONE_USE_MOD_WSGI:-${ENABLE_HTTPD_MOD_WSGI_SERVICES}}
|
| 66 | 66 |
|
| 67 |
-# Select the backend for Keystone's service catalog |
|
| 67 |
+# Select the Catalog backend driver |
|
| 68 | 68 |
KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql}
|
| 69 | 69 |
KEYSTONE_CATALOG=$KEYSTONE_CONF_DIR/default_catalog.templates |
| 70 | 70 |
|
| 71 |
-# Select the backend for Tokens |
|
| 71 |
+# Select the token persistence backend driver |
|
| 72 | 72 |
KEYSTONE_TOKEN_BACKEND=${KEYSTONE_TOKEN_BACKEND:-sql}
|
| 73 | 73 |
|
| 74 |
-# Select the backend for Identity |
|
| 74 |
+# Select the Identity backend driver |
|
| 75 | 75 |
KEYSTONE_IDENTITY_BACKEND=${KEYSTONE_IDENTITY_BACKEND:-sql}
|
| 76 | 76 |
|
| 77 |
-# Select the backend for Assignment |
|
| 77 |
+# Select the Assignment backend driver |
|
| 78 | 78 |
KEYSTONE_ASSIGNMENT_BACKEND=${KEYSTONE_ASSIGNMENT_BACKEND:-sql}
|
| 79 | 79 |
|
| 80 |
-# Select Keystone's token format |
|
| 81 |
-# Choose from 'UUID', 'PKI', or 'PKIZ' |
|
| 80 |
+# Select Keystone's token provider (and format) |
|
| 81 |
+# Choose from 'uuid', 'pki', 'pkiz', or 'fernet' |
|
| 82 | 82 |
KEYSTONE_TOKEN_FORMAT=${KEYSTONE_TOKEN_FORMAT:-}
|
| 83 | 83 |
KEYSTONE_TOKEN_FORMAT=$(echo ${KEYSTONE_TOKEN_FORMAT} | tr '[:upper:]' '[:lower:]')
|
| 84 | 84 |
|
| ... | ... |
@@ -99,12 +99,6 @@ KEYSTONE_ADMIN_BIND_HOST=${KEYSTONE_ADMIN_BIND_HOST:-$KEYSTONE_SERVICE_HOST}
|
| 99 | 99 |
# Set the tenant for service accounts in Keystone |
| 100 | 100 |
SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
|
| 101 | 101 |
|
| 102 |
-# valid identity backends as per dir keystone/identity/backends |
|
| 103 |
-KEYSTONE_VALID_IDENTITY_BACKENDS=kvs,ldap,pam,sql |
|
| 104 |
- |
|
| 105 |
-# valid assignment backends as per dir keystone/identity/backends |
|
| 106 |
-KEYSTONE_VALID_ASSIGNMENT_BACKENDS=kvs,ldap,sql |
|
| 107 |
- |
|
| 108 | 102 |
# if we are running with SSL use https protocols |
| 109 | 103 |
if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then |
| 110 | 104 |
KEYSTONE_AUTH_PROTOCOL="https" |
| ... | ... |
@@ -225,15 +219,8 @@ function configure_keystone {
|
| 225 | 225 |
iniset $KEYSTONE_CONF DEFAULT member_role_name "_member_" |
| 226 | 226 |
fi |
| 227 | 227 |
|
| 228 |
- # check if identity backend is valid |
|
| 229 |
- if [[ "$KEYSTONE_VALID_IDENTITY_BACKENDS" =~ "$KEYSTONE_IDENTITY_BACKEND" ]]; then |
|
| 230 |
- iniset $KEYSTONE_CONF identity driver "keystone.identity.backends.$KEYSTONE_IDENTITY_BACKEND.Identity" |
|
| 231 |
- fi |
|
| 232 |
- |
|
| 233 |
- # check if assignment backend is valid |
|
| 234 |
- if [[ "$KEYSTONE_VALID_ASSIGNMENT_BACKENDS" =~ "$KEYSTONE_ASSIGNMENT_BACKEND" ]]; then |
|
| 235 |
- iniset $KEYSTONE_CONF assignment driver "keystone.assignment.backends.$KEYSTONE_ASSIGNMENT_BACKEND.Assignment" |
|
| 236 |
- fi |
|
| 228 |
+ iniset $KEYSTONE_CONF identity driver "$KEYSTONE_IDENTITY_BACKEND" |
|
| 229 |
+ iniset $KEYSTONE_CONF assignment driver "$KEYSTONE_ASSIGNMENT_BACKEND" |
|
| 237 | 230 |
|
| 238 | 231 |
iniset_rpc_backend keystone $KEYSTONE_CONF |
| 239 | 232 |
|
| ... | ... |
@@ -257,23 +244,17 @@ function configure_keystone {
|
| 257 | 257 |
iniset $KEYSTONE_CONF DEFAULT admin_token "$SERVICE_TOKEN" |
| 258 | 258 |
|
| 259 | 259 |
if [[ "$KEYSTONE_TOKEN_FORMAT" != "" ]]; then |
| 260 |
- iniset $KEYSTONE_CONF token provider keystone.token.providers.$KEYSTONE_TOKEN_FORMAT.Provider |
|
| 260 |
+ iniset $KEYSTONE_CONF token provider $KEYSTONE_TOKEN_FORMAT |
|
| 261 | 261 |
fi |
| 262 | 262 |
|
| 263 | 263 |
iniset $KEYSTONE_CONF database connection `database_connection_url keystone` |
| 264 | 264 |
iniset $KEYSTONE_CONF ec2 driver "keystone.contrib.ec2.backends.sql.Ec2" |
| 265 | 265 |
|
| 266 |
- if [[ "$KEYSTONE_TOKEN_BACKEND" = "sql" ]]; then |
|
| 267 |
- iniset $KEYSTONE_CONF token driver keystone.token.persistence.backends.sql.Token |
|
| 268 |
- elif [[ "$KEYSTONE_TOKEN_BACKEND" = "memcache" ]]; then |
|
| 269 |
- iniset $KEYSTONE_CONF token driver keystone.token.persistence.backends.memcache.Token |
|
| 270 |
- else |
|
| 271 |
- iniset $KEYSTONE_CONF token driver keystone.token.persistence.backends.kvs.Token |
|
| 272 |
- fi |
|
| 266 |
+ iniset $KEYSTONE_CONF token driver "$KEYSTONE_TOKEN_BACKEND" |
|
| 273 | 267 |
|
| 268 |
+ iniset $KEYSTONE_CONF catalog driver "$KEYSTONE_CATALOG_BACKEND" |
|
| 274 | 269 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = "sql" ]]; then |
| 275 | 270 |
# Configure ``keystone.conf`` to use sql |
| 276 |
- iniset $KEYSTONE_CONF catalog driver keystone.catalog.backends.sql.Catalog |
|
| 277 | 271 |
inicomment $KEYSTONE_CONF catalog template_file |
| 278 | 272 |
else |
| 279 | 273 |
cp -p $FILES/default_catalog.templates $KEYSTONE_CATALOG |
| ... | ... |
@@ -300,7 +281,6 @@ function configure_keystone {
|
| 300 | 300 |
" -i $KEYSTONE_CATALOG |
| 301 | 301 |
|
| 302 | 302 |
# Configure ``keystone.conf`` to use templates |
| 303 |
- iniset $KEYSTONE_CONF catalog driver "keystone.catalog.backends.templated.Catalog" |
|
| 304 | 303 |
iniset $KEYSTONE_CONF catalog template_file "$KEYSTONE_CATALOG" |
| 305 | 304 |
fi |
| 306 | 305 |
|