| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
| |
The patches are taken from Debian.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
| |
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
| |
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of creating tenant/user/role and service/endpoint for all
openstack services in keystone postinstall, now each of the services
creates keystone identities by itself in its own postinstall.
The existing identity.sh has been re-written to be a utility that takes
parameters, and the service postinstall calls identity.sh to create its
own keystone identities. The identity.sh can also be used as a tool to
manually create keystone identities at run time.
Signed-off-by: Andy Ning <andy.ning@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of creating tenant/user/role and service/endpoint for all
openstack services in keystone postinstall, now each of the services
creates keystone identities by itself in its own postinstall.
The exiting identity.bbclass has been re-written so that each of
the individual postinstalls will queue up keystone identity creation
in /etc/keystone/service-user-setup at runtime. And
service-user-setup will be run as the last postinstall to create
keytstone identities for all the services.
Signed-off-by: Andy Ning <andy.ning@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Instead of creating tenant/user/role and service/endpoint for all
openstack services in keystone postinstall, now each of the services
creates its own keystone identities by queueing them up in its postinstall
to a file /etc/keystone/service-user-setup. service-user-setup
script, when run as the last postinstall, calls identity.sh with keystone
identity parameters to create necessary identities for the services.
Signed-off-by: Andy Ning <andy.ning@windriver.com>
|
| |
|
|
|
|
| |
Add a README file pertaining to the openldap/keystone/pam usage.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
Adding /etc/keystone/hybrid-backend-setup and
convert_keystone_backend.py to set the backend
for keystone to hybrid and starts openldap and
restarts keystone.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
Modify python-keystone to use openldap. keystone's identity and
assignment backends are configured to utilitze the hybrid backend for
keystone. This backend uses the SQL backend by default and goes to the ldap
database if the user doesn't exist.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
| |
- modify pam configuration files to use ldap
- modify sshd to enable pam
- modify nsswitch.conf to use ldap
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Enabling OpenLDAP support in keystone and the controller as a distro
feature
Add packages openldap python-ldap nss-pam-ldapd, libsasl2-modules,
python-keystone-hybrid-backend, pam-plugin-mkhomedir and cyrus-sasl to
the controller task
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
| |
This project provides two alternative backends for Keystone:
hybrid SQL and LDAP backends for OpenStack Keystone
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
| |
Package nss-pam-ldapd, this is a daemon enabling pam/ldap
authentication.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add openstack specific parts of openldap.
openldap's init script initializes the data with the basic tree structures
needed for keystone - the Group, User and Role tree.
Additionally, we add two variables which can be set in local.conf,
LDAP_DN - default DN for ldap
default: "dc=my-domain,dc=com"
LDAP_DATADIR - default directory for ldap's data directory
default: "/etc/openldap-data/"
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
|
|
|
|
| |
Include Rally benchmarking feature into all-in-one
image when OPENSTACK_EXTRA_FEATURES variable
includes "benchmarking" feature.
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
uwsgi is using pkg-config to detect whether or not yajl is present
in the build. We do want to use yajl, so we add an explicit dependency
and pkgconfig inherit.
Without this, build errors may occur, since the build paths that don't
use yajl are not supported.
And finally, to prevent the searching of host include paths, we set
UWSGI_REMOVE_INCLUDES and purge local directories. This ensures that
only the sysroot and package config settings are used.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Some of the openstack data is associated with external resources
(ie glance may have external files), we explicitly invoke the delete commands on those
in additional to dropping and recreating the databases.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Ceilometer now requires api_paste.ini for the API to start and
be functionaly. So we add it to our core package, and update
the .conf file with the name.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
Updating horizon to the juno release branch. New required packages
have been added to support this integration.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
Introducing the saharaclient, without full sahara support, to meet the
client requirements of horizon.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Updating the ceilometer project to the juno release branches. With this
update, we can drop one patch that isno longer needed, and refresh another
for juno.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
Updating glance to the latest juno development branch. The only
significant changes are the introduction of new requirement packages
on the rdepends.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
| |
Updating neutron to the juno branches. No configuration or startup
changes were required.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Since rabbitmq uses HOME as the location for the erlang cookie,
rabbitmq will fail to start if that directory is not on the
system.
To ensure that this is configurable, we use the bitbake variable
ROOT_HOME and replace a placeholder in the initscript.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
| |
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
| |
To integrate with the default nova auth token support in juno, we
introduce the keystone middleware split. This was formerly part of
keystoneclient, but is now a standalone package/repository.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
| |
Updating keystone client to 0.9.0 in preparation for juno compability.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
|
| |
Updating keystone to the juno release candidate. Also adding new
dependencies.
Note: also ensure that the new keystoneclient and keystonemiddleware
are used.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
|
|
|
|
| |
Updating nova to the juno development branches. We also add new
dependencies that the update brings.
Note: keystone must also be on Juno for a workable nova service.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
|
| |
|
|
|
| |
Signed-off-by: Vu Tran <vu.tran@windriver.com>
|
