e3da2c2e3e
A role to setup a host as a kerberos client This is largely a port of the client ports of openstack-infra/puppet-kerberos. This is a generic role because it will be used from Zuul jobs (wheel-builds) and in the control-plane (servers mounting AFS) Tested-By: https://review.openstack.org/589335 Needed-By: https://review.openstack.org/590636 Change-Id: I4b38ea7ec2325071a67068555ef47e15d559c18e
21 lines
548 B
ReStructuredText
21 lines
548 B
ReStructuredText
An ansible role to configure a kerberos client
|
|
|
|
**Role Variables**
|
|
|
|
.. zuul:rolevar:: kerberos_realm
|
|
|
|
The realm for Kerberos authentication. You must set the realm.
|
|
e.g. ``MY.COMPANY.COM``. This will be the default realm.
|
|
|
|
.. zuul:rolevar:: kerberos_admin_server
|
|
:default: {{ ansible_fqdn }}
|
|
|
|
The host where the administraion server is running. Typically this
|
|
is the master Kerberos server.
|
|
|
|
.. zuul:rolevar:: kerberos_kdcs
|
|
:default: [ {{ ansible_fqdn }} ]
|
|
|
|
A list of key distribution center (KDC) hostnames for the realm.
|
|
|