Remove keystone admin leftovers
Change-Id: Ic153a91beb30daa334ccbb0430ce8340bd6c480f
This commit is contained in:
parent
13ba75cccf
commit
99ab6aedbb
@ -406,12 +406,9 @@ iscsi_port: "3260"
|
||||
|
||||
keystone_public_port: "{{ haproxy_single_external_frontend_public_port if haproxy_single_external_frontend | bool else keystone_public_listen_port }}"
|
||||
keystone_public_listen_port: "5000"
|
||||
# NOTE(yoctozepto): Admin port settings are kept only for upgrade compatibility.
|
||||
# TODO(yoctozepto): Remove after Zed.
|
||||
keystone_admin_port: "35357"
|
||||
keystone_admin_listen_port: "{{ keystone_admin_port }}"
|
||||
keystone_internal_port: "5000"
|
||||
keystone_internal_listen_port: "{{ keystone_internal_port }}"
|
||||
|
||||
keystone_ssh_port: "8023"
|
||||
|
||||
kuryr_port: "23750"
|
||||
@ -665,8 +662,6 @@ vitrage_api_listen_port: "{{ vitrage_api_port }}"
|
||||
|
||||
public_protocol: "{{ 'https' if kolla_enable_tls_external | bool else 'http' }}"
|
||||
internal_protocol: "{{ 'https' if kolla_enable_tls_internal | bool else 'http' }}"
|
||||
# TODO(yoctozepto): Remove after Zed. Kept for compatibility only.
|
||||
admin_protocol: "{{ internal_protocol }}"
|
||||
|
||||
##################
|
||||
# Firewall options
|
||||
@ -969,8 +964,6 @@ acme_client_servers: []
|
||||
keystone_internal_fqdn: "{{ kolla_internal_fqdn }}"
|
||||
keystone_external_fqdn: "{{ kolla_external_fqdn }}"
|
||||
|
||||
# TODO(yoctozepto): Remove after Zed. Kept for compatibility only.
|
||||
keystone_admin_url: "{{ keystone_internal_fqdn | kolla_url(admin_protocol, keystone_admin_port) }}"
|
||||
keystone_internal_url: "{{ keystone_internal_fqdn | kolla_url(internal_protocol, keystone_internal_port) }}"
|
||||
keystone_public_url: "{{ keystone_external_fqdn | kolla_url(public_protocol, keystone_public_port) }}"
|
||||
|
||||
|
@ -26,15 +26,6 @@ keystone_services:
|
||||
port: "{{ keystone_public_port }}"
|
||||
listen_port: "{{ keystone_public_listen_port }}"
|
||||
backend_http_extra: "{{ ['balance source'] if enable_keystone_federation | bool else [] }}"
|
||||
# NOTE(yoctozepto): Admin port settings are kept only for upgrade compatibility.
|
||||
# TODO(yoctozepto): Remove after Zed.
|
||||
keystone_admin:
|
||||
enabled: "{{ enable_keystone and kolla_action == 'upgrade' }}"
|
||||
mode: "http"
|
||||
external: false
|
||||
tls_backend: "{{ keystone_enable_tls_backend }}"
|
||||
port: "{{ keystone_admin_port }}"
|
||||
listen_port: "{{ keystone_admin_listen_port }}"
|
||||
keystone-ssh:
|
||||
container_name: "keystone_ssh"
|
||||
group: "keystone"
|
||||
|
@ -48,14 +48,3 @@
|
||||
run_once: True
|
||||
when:
|
||||
- not use_preconfigured_databases | bool
|
||||
|
||||
# TODO(yoctozepto): Remove after Zed (in AA).
|
||||
# This is needed to update the admin endpoint as the port has
|
||||
# changed in the same release (Zed), i.e., the admin endpoint uses the
|
||||
# same port as the other ones (public, internal).
|
||||
- import_role:
|
||||
name: service-ks-register
|
||||
vars:
|
||||
service_ks_register_auth: "{{ openstack_keystone_auth }}"
|
||||
service_ks_register_services: "{{ keystone_ks_services }}"
|
||||
run_once: True
|
||||
|
@ -8,11 +8,6 @@ LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
Listen {{ api_interface_address | put_address_in_context('url') }}:{{ keystone_public_listen_port }}
|
||||
{% if kolla_action == 'upgrade' %}
|
||||
# NOTE(yoctozepto): Admin port settings are kept only for upgrade compatibility.
|
||||
# TODO(yoctozepto): Remove after Zed.
|
||||
Listen {{ api_interface_address | put_address_in_context('url') }}:{{ keystone_admin_listen_port }}
|
||||
{% endif %}
|
||||
|
||||
ServerSignature Off
|
||||
ServerTokens Prod
|
||||
@ -116,26 +111,3 @@ LogLevel info
|
||||
{% endif %}
|
||||
</VirtualHost>
|
||||
|
||||
{% if kolla_action == 'upgrade' %}
|
||||
# NOTE(yoctozepto): Admin port settings are kept only for upgrade compatibility.
|
||||
# TODO(yoctozepto): Remove after Zed.
|
||||
<VirtualHost *:{{ keystone_admin_listen_port }}>
|
||||
WSGIDaemonProcess keystone-admin processes={{ keystone_api_workers }} threads=1 user=keystone group=keystone display-name=keystone-admin
|
||||
WSGIProcessGroup keystone-admin
|
||||
WSGIScriptAlias / {{ binary_path }}/keystone-wsgi-admin
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
ErrorLog "{{ keystone_log_dir }}/keystone-apache-admin-error.log"
|
||||
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b %D \"%{Referer}i\" \"%{User-Agent}i\"" logformat
|
||||
CustomLog "{{ keystone_log_dir }}/keystone-apache-admin-access.log" logformat
|
||||
|
||||
{% if keystone_enable_tls_backend | bool %}
|
||||
SSLEngine on
|
||||
SSLCertificateFile /etc/keystone/certs/keystone-cert.pem
|
||||
SSLCertificateKeyFile /etc/keystone/certs/keystone-key.pem
|
||||
{% endif %}
|
||||
</VirtualHost>
|
||||
{% endif %}
|
||||
|
@ -44,9 +44,6 @@ function upgrade {
|
||||
|
||||
kolla-ansible -i ${RAW_INVENTORY} -vvv upgrade &> /tmp/logs/ansible/upgrade
|
||||
|
||||
# NOTE(yoctozepto): These actions remove the leftovers of the admin port.
|
||||
# TODO(yoctozepto): Remove after Zed.
|
||||
kolla-ansible -i ${RAW_INVENTORY} -vvv deploy --tags keystone &> /tmp/logs/ansible/upgrade-deploy
|
||||
kolla-ansible -i ${RAW_INVENTORY} -vvv post-deploy &> /tmp/logs/ansible/upgrade-post-deploy
|
||||
|
||||
kolla-ansible -i ${RAW_INVENTORY} -vvv validate-config &> /tmp/logs/ansible/validate-config
|
||||
|
Loading…
Reference in New Issue
Block a user