kube-keystone.sh script only supports user/pass authentication
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Kubernetes Control Plane Charm |
Triaged
|
Medium
|
Unassigned |
Bug Description
The kube-keystone.sh script only supports username and password based authentication to get a token for kubectl login. This does not work when keystone is configured with an external authentication source. That is, when keystone doesn't store usernames and passwords.
kube-keystone.sh should either be responsive to the deployed keystone config or offer an alternative function or function arg to support application credential as opposed to user/pass login.
Relevant documentation for this scenario similar to that for LDAP (https:/
A working get_keystone_
get_keystone_token ()
{
data='{
"auth": {
"identity": {
],
}
}
}
}';
token=$(curl -s -i -H "Content-Type: application/json" -d "${data}" "${OS_AUTH_
if [ -z "$token" ]; then
echo "Invalid authentication information";
else
echo $(echo ${token} | awk -F ': ' '{print $2}' | sed -e 's/[[:space:
fi
}
Changed in charm-kubernetes-master: | |
importance: | Undecided → Medium |
status: | New → Triaged |