diff --git a/neutron/templates/etc/_neutron.conf.tpl b/neutron/templates/etc/_neutron.conf.tpl index b25bad71c8..1052c60556 100644 --- a/neutron/templates/etc/_neutron.conf.tpl +++ b/neutron/templates/etc/_neutron.conf.tpl @@ -1057,6 +1057,20 @@ # From keystonemiddleware.auth_token # +# FIXME(alanmeadows) - added the next several lines because oslo gen config refuses to generate the line items required in keystonemiddleware +# for authentication - while it does support an "auth_section" parameter to locate these elsewhere, it would be a strange divergence +# from how neutron keystone authentication is stored today - ocata and later appear to use a "service" user section which can house these details +# and does successfully generate beyond newton, so likely this whole section will be removed the next time we generate this file + +{{ if not .keystone_authtoken.keystonemiddleware.auth_token.auth_url }}#{{ end }}auth_url = {{ .keystone_authtoken.keystonemiddleware.auth_token.auth_url | default "" }} +{{ if not .keystone_authtoken.keystonemiddleware.auth_token.region_name }}#{{ end }}region_name = {{ .keystone_authtoken.keystonemiddleware.auth_token.region_name | default "" }} +{{ if not .keystone_authtoken.keystonemiddleware.auth_token.project_name }}#{{ end }}project_name = {{ .keystone_authtoken.keystonemiddleware.auth_token.project_name | default "" }} +{{ if not .keystone_authtoken.keystonemiddleware.auth_token.project_domain_name }}#{{ end }}project_domain_name = {{ .keystone_authtoken.keystonemiddleware.auth_token.project_domain_name | default "" }} +{{ if not .keystone_authtoken.keystonemiddleware.auth_token.user_domain_name }}#{{ end }}user_domain_name = {{ .keystone_authtoken.keystonemiddleware.auth_token.user_domain_name | default "" }} +{{ if not .keystone_authtoken.keystonemiddleware.auth_token.username }}#{{ end }}username = {{ .keystone_authtoken.keystonemiddleware.auth_token.username | default "" }} +{{ if not .keystone_authtoken.keystonemiddleware.auth_token.password }}#{{ end }}password = {{ .keystone_authtoken.keystonemiddleware.auth_token.password | default "" }} + + # Complete "public" Identity API endpoint. This endpoint should not be an # "admin" endpoint, as it should be accessible by all end users. # Unauthenticated clients are redirected to this endpoint to authenticate. diff --git a/neutron/values.yaml b/neutron/values.yaml index 02815369e9..7c2b48ddad 100644 --- a/neutron/values.yaml +++ b/neutron/values.yaml @@ -89,7 +89,7 @@ network: port: 8775 keystone: - + admin_user: "admin" admin_user_domain: "default" admin_password: "password" @@ -317,10 +317,12 @@ conf: keystone_authtoken: keystonemiddleware: auth_token: + auth_type: password + auth_version: v3 region_name: RegionOne project_domain_name: default project_name: admin - user_domain_name: admin + user_domain_name: default username: admin password: password ml2_conf: