ceph-rgw should not use the keystone admin token
Bug #1642524 reported by
Giulio Fidente
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
High
|
Emilien Macchi |
Bug Description
Currently the ceph-rgw service is given access to keystone via admin token, this is insecure and will be deprecated. We should migrate the ceph-rgw config to use keystone v3 instead.
Changed in tripleo: | |
milestone: | none → ocata-2 |
Changed in tripleo: | |
assignee: | nobody → Keith Schincke (keith-schincke) |
Changed in tripleo: | |
assignee: | Keith Schincke (keith-schincke) → Emilien Macchi (emilienm) |
status: | Confirmed → In Progress |
To post a comment you must log in.
puppet-ceph provides needed support for this request.
tht and puppet-tripleo need to be updated to provide support for new feature.