> On Nov 27, 2013, at 2:25 PM, "Georgy Okrokvertskhov" > <[email protected]> wrote: > > Hi, > > I am working on the user-authentication BP implementation. I need to > introduce a new configuration option for enable or disable keystone > authentication for incoming request. I am looking for a right place for this > option. > > The current situation is that we have two places for configuration, one is > oslo.config and second one is a pecan configuration. My initial intension was > to add all parameters to solum.conf file like it is done for nova. Keystone > middleware anyway use oslo.config for keystone connection parameters. > At the same time there are projects (Ceilometer and Ironic) which have > enable_acl parameter as a part of pecan config. > > From my perspective it is not reasonable to have authentication options in > two different places. I would rather use solum.conf for all parameters and > limit pecan config usage to pecan specific options.
I agree that we should not require administrators to edit a bunch of config files to get a working solum config. I think config options in solum.conf should override ones et elsewhere. If auth is already set up for keystone in oslo.config, and no equivalent options are set in solum.conf, then we should use the oslo.config settings. I agree that the pecan config should only be used for pecan specific options. > I am looking for your input on this. > > Thanks, > Georgy > _______________________________________________ > OpenStack-dev mailing list > [email protected] > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
