Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / reclass-system / 97385f22163b9352926333126d19471512b6ccf8^! / . / keystone
commit97385f22163b9352926333126d19471512b6ccf8[log] [tgz]
authorInessa Vasilevskaya <ivasilevskaya@mirantis.com>Wed Dec 05 19:55:37 2018 +0100
committerivasilevskaya <ivasilevskaya@mirantis.com>Wed Dec 12 11:13:37 2018 +0000
tree835a2b360e8fae353475393837a02f41ae989a13
parent59641335f5c895a22ae8aa837cb7e00577e6db4c [diff]
[OC] add opencontrail admin

In order to stop using shared credentials a
separate contrail admin user has to be created.
This user will operate as admin in the same
admin tenant as keystone admin and will be
used with contrail services.

PROD-23356

Change-Id: Ife79c50282e637ee1a2fc4331eff0b518d2c66e2

diff --git a/keystone/client/v3/service/contrail.yml b/keystone/client/v3/service/contrail.yml
index 1b5701f..e6277d5 100644
--- a/keystone/client/v3/service/contrail.yml
+++ b/keystone/client/v3/service/contrail.yml

@@ -3,8 +3,28 @@
     contrail_service_protocol: http
   keystone:
     client:
+      server:
+        contrail_identity:
+          admin:
+            user: contrail
+            password: ${_param:opencontrail_admin_password}
+            project: admin
+            host: ${_param:keystone_service_host}
+            port: 5000
+            region_name: ${_param:openstack_region}
+            use_keystoneauth: true
+            protocol: ${_param:keystone_service_protocol}
       resources:
         v3:
+          users:
+            contrail:
+              password: ${_param:opencontrail_admin_password}
+              email: ${_param:admin_email}
+              is_admin: true
+              roles:
+                admin:
+                  name: admin
+                  project_id: admin
           services:
             opencontrail:
               type: contrail