This reverts commit f8fd06011aed5cd9028a8c1e206762a78e137df7.
Based on the code, overall uses service_credentials, but looks like a
few parts is using keystonemiddleware.auth_*
Closes-Bug: #1775956
Change-Id: I766a5624737cae892fe77fa8151b20e0972ed5b2
1. Now, the aodh use [service_credentials] to get credentials[0],
remove the unused [keystone_authtoken]
2. Move memcache stuff into service_credentials section
refer to https://review.openstack.org/#/c/570393/
Change-Id: I08cf3ec4e9ca32cc83d74bd4204e7e170b01feb7
Aodh service credential defaults to publicURL.
Aodh should work with the internal interface (v3 API Identity syntax):
.....
[service_credentials]
interface = internal
.....
Change-Id: Ie11290be25291fee1938032ae6294546fb7a98f3
If SSL is enabled, api of multiple services returns
wrong external URL without https prefix.
Removal of condition for deletion of http header.
Change-Id: I4264e04d0d6b9a3e11ef7dd7add6c5e166cf9fb4
Closes-Bug: #1749155
Closes-Bug: #1717491
Since pbr 1.4.0, wsgi_scripts entrypoing is supported and it will
generated a wsgi compatible binary file. No need to copied it to
/var/www/cgi-bin/aodh folder.
Change-Id: Iacb08fba8a238c3d4ef075aa58d38b439409b2f5
This change allows the following use cases:
1. Using an already-configured MariaDB / MySQL server / Cluster
2. Using already-created DB users, without requiring root DB access.
Update: added external mariadb precheck
Change-Id: I78b0d178306d7c5293b0bf53e445f19f18b4b824
Implements: blueprint external-mariadb-support.
Closes-Bug: #1603121
This will copy both of yaml or json policy file
if it exists
Change-Id: Ie5e03e0307d239f1079d2522e353367f7f954e77
Implements: blueprint support-custom-policy-yaml
Co-authored-By: Duong Ha-Quang <duonghq@vn.fujitsu.com>
This commit separates the messaging rpc and notify transports in order
to support separate and different oslo.messaging backends
This patch:
* add rpc and notify variables
* update service role conf templates
* add example to globals.yaml
* add release note
Implements: blueprint hybrid-messaging
Change-Id: I34691c2895c8563f1f322f0850ecff98d11b5185
Apache access log formats are modified to be consistent with
the format defined in wsgi-keystone.conf, which includes
the response time (%D) and X-forwarder-For fields.
Change-Id: I02aa5eb106fb894196dfb6e22daf2968e27ed3cb
Closes-Bug: #1703571
Trace method is enabled in default for httpd. There is security risk
with trace enabled. So disable it in default. more info please check[0].
[0] https://security.stackexchange.com/a/7711
Change-Id: I4496a6d058d88e1abfb210085f189e7a610e0362
Closes-Bug: #1705160
change perm 0640 to 0600
change gnocchi user to root, because wsgi config should use root user
TrivialFix
Change-Id: I474788d4d402aaf085534ea15b554d9c69fb1e56
* The recently merged aodh role is trying to copy api_paste.ini on startup
which is already present at build time.
* memcache_servers was using incorrect for loop syntax
Note, the trim_blocks header is to solve the issue highlighted by
Jeffrey[0]
[0] http://lists.openstack.org/pipermail/openstack-dev/2016-September/103532.html
Change-Id: I8baa5446b3b6271d57d54c4c1663a338d8ab3cc8
Closes-Bug: #1624462
