Add glance registry config
This commit is contained in:
Pete Birley
parent
b31a365aea
commit
b1ce9b093b
@ -13,5 +13,7 @@ data:
|
|||||||
{{ tuple "etc/_glance-api-paste.ini.tpl" . | include "template" | indent 4 }}
|
{{ tuple "etc/_glance-api-paste.ini.tpl" . | include "template" | indent 4 }}
|
||||||
glance-registry.conf: |+
|
glance-registry.conf: |+
|
||||||
{{ tuple "etc/_glance-registry.conf.tpl" . | include "template" | indent 4 }}
|
{{ tuple "etc/_glance-registry.conf.tpl" . | include "template" | indent 4 }}
|
||||||
|
glance-registry-paste.ini: |+
|
||||||
|
{{ tuple "etc/_glance-registry-paste.ini.tpl" . | include "template" | indent 4 }}
|
||||||
policy.json: |+
|
policy.json: |+
|
||||||
{{ tuple "etc/_policy.json.tpl" . | include "template" | indent 4 }}
|
{{ tuple "etc/_policy.json.tpl" . | include "template" | indent 4 }}
|
||||||
|
|||||||
@ -36,7 +36,7 @@ spec:
|
|||||||
command:
|
command:
|
||||||
- glance-api
|
- glance-api
|
||||||
- --config-file
|
- --config-file
|
||||||
- /etc/glance/glance-registry.conf
|
- /etc/glance/glance-api.conf
|
||||||
ports:
|
ports:
|
||||||
- containerPort: {{ .Values.network.port.api }}
|
- containerPort: {{ .Values.network.port.api }}
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
|
|||||||
@ -41,6 +41,14 @@ spec:
|
|||||||
mountPath: /etc/glance/glance-registry.conf
|
mountPath: /etc/glance/glance-registry.conf
|
||||||
subPath: glance-registry.conf
|
subPath: glance-registry.conf
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
- name: glanceregistrypaste
|
||||||
|
mountPath: /etc/glance/glance-registry-paste.ini
|
||||||
|
subPath: glance-registry-paste.ini
|
||||||
|
readOnly: true
|
||||||
|
- name: glancepolicy
|
||||||
|
mountPath: /etc/glance/policy.json
|
||||||
|
subPath: policy.json
|
||||||
|
readOnly: true
|
||||||
volumes:
|
volumes:
|
||||||
- name: etcglance
|
- name: etcglance
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
|
|||||||
35
glance/templates/etc/_glance-registry-paste.ini.tpl
Normal file
35
glance/templates/etc/_glance-registry-paste.ini.tpl
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
# Use this pipeline for no auth - DEFAULT
|
||||||
|
[pipeline:glance-registry]
|
||||||
|
pipeline = healthcheck osprofiler unauthenticated-context registryapp
|
||||||
|
|
||||||
|
# Use this pipeline for keystone auth
|
||||||
|
[pipeline:glance-registry-keystone]
|
||||||
|
pipeline = healthcheck osprofiler authtoken context registryapp
|
||||||
|
|
||||||
|
# Use this pipeline for authZ only. This means that the registry will treat a
|
||||||
|
# user as authenticated without making requests to keystone to reauthenticate
|
||||||
|
# the user.
|
||||||
|
[pipeline:glance-registry-trusted-auth]
|
||||||
|
pipeline = healthcheck osprofiler context registryapp
|
||||||
|
|
||||||
|
[app:registryapp]
|
||||||
|
paste.app_factory = glance.registry.api:API.factory
|
||||||
|
|
||||||
|
[filter:healthcheck]
|
||||||
|
paste.filter_factory = oslo_middleware:Healthcheck.factory
|
||||||
|
backends = disable_by_file
|
||||||
|
disable_by_file_path = /etc/glance/healthcheck_disable
|
||||||
|
|
||||||
|
[filter:context]
|
||||||
|
paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory
|
||||||
|
|
||||||
|
[filter:unauthenticated-context]
|
||||||
|
paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
|
||||||
|
|
||||||
|
[filter:authtoken]
|
||||||
|
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||||
|
|
||||||
|
[filter:osprofiler]
|
||||||
|
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
|
||||||
|
hmac_keys = SECRET_KEY #DEPRECATED
|
||||||
|
enabled = yes #DEPRECATED
|
||||||
Loading…
Reference in New Issue
Block a user