From b3aa6330625d8b274e986617c0bac86c6c7866a8 Mon Sep 17 00:00:00 2001
From: Alan Meadows <alan.meadows@gmail.com>
Date: Mon, 10 Apr 2017 14:09:43 -0700
Subject: [PATCH] final bugfix

---
 neutron/templates/etc/_neutron.conf.tpl | 14 ++++++++++++++
 neutron/values.yaml                     |  6 ++++--
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/neutron/templates/etc/_neutron.conf.tpl b/neutron/templates/etc/_neutron.conf.tpl
index b25bad71c8..1052c60556 100644
--- a/neutron/templates/etc/_neutron.conf.tpl
+++ b/neutron/templates/etc/_neutron.conf.tpl
@@ -1057,6 +1057,20 @@
 # From keystonemiddleware.auth_token
 #
 
+# FIXME(alanmeadows) - added the next several lines because oslo gen config refuses to generate the line items required in keystonemiddleware 
+# for authentication - while it does support an "auth_section" parameter to locate these elsewhere, it would be a strange divergence 
+# from how neutron keystone authentication is stored today - ocata and later appear to use a "service" user section which can house these details
+# and does successfully generate beyond newton, so likely this whole section will be removed the next time we generate this file
+
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.auth_url }}#{{ end }}auth_url = {{ .keystone_authtoken.keystonemiddleware.auth_token.auth_url | default "<None>" }}
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.region_name }}#{{ end }}region_name = {{ .keystone_authtoken.keystonemiddleware.auth_token.region_name | default "<None>" }}
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.project_name }}#{{ end }}project_name = {{ .keystone_authtoken.keystonemiddleware.auth_token.project_name | default "<None>" }}
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.project_domain_name }}#{{ end }}project_domain_name = {{ .keystone_authtoken.keystonemiddleware.auth_token.project_domain_name | default "<None>" }}
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.user_domain_name }}#{{ end }}user_domain_name = {{ .keystone_authtoken.keystonemiddleware.auth_token.user_domain_name | default "<None>" }}
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.username }}#{{ end }}username = {{ .keystone_authtoken.keystonemiddleware.auth_token.username | default "<None>" }}
+{{ if not .keystone_authtoken.keystonemiddleware.auth_token.password }}#{{ end }}password = {{ .keystone_authtoken.keystonemiddleware.auth_token.password | default "<None>" }}
+
+
 # Complete "public" Identity API endpoint. This endpoint should not be an
 # "admin" endpoint, as it should be accessible by all end users.
 # Unauthenticated clients are redirected to this endpoint to authenticate.
diff --git a/neutron/values.yaml b/neutron/values.yaml
index 02815369e9..7c2b48ddad 100644
--- a/neutron/values.yaml
+++ b/neutron/values.yaml
@@ -89,7 +89,7 @@ network:
     port: 8775
 
 keystone:
-  
+
   admin_user: "admin"
   admin_user_domain: "default"
   admin_password: "password"
@@ -317,10 +317,12 @@ conf:
     keystone_authtoken:
       keystonemiddleware:
         auth_token:
+          auth_type: password
+          auth_version: v3
           region_name: RegionOne
           project_domain_name: default
           project_name: admin
-          user_domain_name: admin
+          user_domain_name: default
           username: admin
           password: password          
   ml2_conf: