From 1f3d58a97df5fbafb1fee4f04486a0ebd47048e8 Mon Sep 17 00:00:00 2001
From: Lars Kellogg-Stedman <lars@redhat.com>
Date: Fri, 17 Oct 2014 10:15:59 -0400
Subject: [PATCH] fix nova auth configuration

Based on
http://lists.openstack.org/pipermail/openstack/2014-January/004667.html,
there is confusion in the openstack community on how auth_uri in
nova.conf is supposed to interact with the other auth_* settings.

I've modified our config to use both for now.

Change-Id: I1433305e23d872cd773599c85053ba8f9aeb6145
---
 .../nova-ctr-base/config-nova-controller.sh       | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/docker/nova-controller/nova-ctr-base/config-nova-controller.sh b/docker/nova-controller/nova-ctr-base/config-nova-controller.sh
index 5c786bac7d..104466cdda 100755
--- a/docker/nova-controller/nova-ctr-base/config-nova-controller.sh
+++ b/docker/nova-controller/nova-ctr-base/config-nova-controller.sh
@@ -67,13 +67,18 @@ crudini --set $cfg DEFAULT admin_token "${KEYSTONE_ADMIN_TOKEN}"
 
 crudini --set $cfg conductor workers 8
 
-for option in auth_protocol auth_host auth_port; do
-    crudini --del $cfg \
-        keystone_authtoken \
-        $option
-done
+# disabled pending answers to http://lists.openstack.org/pipermail/openstack/2014-October/009997.html
+#for option in auth_protocol auth_host auth_port; do
+#    crudini --del $cfg \
+#        keystone_authtoken \
+#        $option
+#done
 
 crudini --set $cfg keystone_authtoken auth_uri "http://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/"
+crudini --set $cfg keystone_authtoken auth_protocol http
+crudini --set $cfg keystone_authtoken auth_host ${KEYSTONE_PUBLIC_SERVICE_HOST}
+crudini --set $cfg keystone_authtoken auth_port 5000
+
 crudini --set $cfg keystone_authtoken admin_user ${NOVA_KEYSTONE_USER}
 crudini --set $cfg keystone_authtoken admin_password "${NOVA_KEYSTONE_PASSWORD}"
 crudini --set $cfg keystone_authtoken admin_tenant_name ${ADMIN_TENANT_NAME}