9e4a02482d
This change adds a number of new tasks that are dependent on the value of the Keystone token provider (keystone_token_provider) user variable. If the keystone_token_provider user_variable is set to keystone.token.providers.fernet.Provider then the playbooks will appropriately create the fernet keys and distribute them to the rest of the keystone containers. This also implements key rotation for generated fernet keys similar to how the os_nova roles implement key rotation. Finally, we also need to build cryptography from master for now. Currently, 0.8.x and 0.9.x use versions of cffi<1.0 which causes a bug when used with mod_wsgi and Apache. This is fixed in cryptography master and will be released in 1.0. Closes-bug: 1463569 Change-Id: I8605e0490a8889d57c6b1b7e03e078fb0da978ab |
||
|---|---|---|
| .. | ||
| keystone-httpd.conf.j2 | ||
| keystone-ports.conf.j2 | ||
| keystone.conf.j2 | ||
| keystone.Default.conf.j2 | ||