diff options
author | Zuul <zuul@review.opendev.org> | 2020-06-24 12:41:57 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2020-06-24 12:41:57 +0000 |
commit | 8078a1405e11493737e0e19dc3e85abe89fe419a (patch) | |
tree | a31ffd95551fe31e9b0b8203994a74e3797959d1 /doc | |
parent | 9c33cd2ac4aaedb9b3d2b5137340b96dc30856a6 (diff) | |
parent | 350d84ed41d52d7db8d1fdaee9a267e82a4e6073 (diff) | |
download | ironic-8078a1405e11493737e0e19dc3e85abe89fe419a.tar.gz |
Merge "Enable HTTP Basic authentication for JSON-RPC"
Diffstat (limited to 'doc')
-rw-r--r-- | doc/source/install/standalone.rst | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/doc/source/install/standalone.rst b/doc/source/install/standalone.rst index 21eb7302c..71479c47e 100644 --- a/doc/source/install/standalone.rst +++ b/doc/source/install/standalone.rst @@ -12,7 +12,7 @@ You should make the following changes to ``/etc/ironic/ironic.conf``: ... auth_strategy=noauth - Another options is ``http_basic`` where the credentials are stored in an + Another option is ``http_basic`` where the credentials are stored in an `Apache htpasswd format`_ file:: [DEFAULT] @@ -52,6 +52,27 @@ You should make the following changes to ``/etc/ironic/ironic.conf``: [DEFAULT] rpc_transport = json-rpc + JSON RPC also has its own authentication strategy. If it is not specified then + the stategy defaults to ``[DEFAULT]`` ``auth_strategy``. The following will + set JSON RPC to ``noauth``:: + + [json_rpc] + auth_strategy=noauth + + For ``http_basic`` the conductor server needs a credentials file to validate + requests:: + + [json_rpc] + auth_strategy=http_basic + http_basic_auth_user_file=/etc/ironic/htpasswd-json-rpc + + The API server also needs client-side credentials to be specified:: + + [json_rpc] + auth_strategy=http_basic + http_basic_username=myName + http_basic_password=myPassword + If you don't use Image service, it's possible to provide images to Bare Metal service via a URL. |