From fd9208025eae0304fa5b6936749fbee96cf9b814 Mon Sep 17 00:00:00 2001
From: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Date: Thu, 14 Jan 2016 17:17:27 +0200
Subject: Enable keystone handling of X-Forwarded-Proto header

If the X-Forwarded-Proto header is received by keystone, this option
will make the service properly handle it. This is useful, for instance,
if TLS is enabled for the admin endpoint.

Change-Id: I31a1f51591e8423367e61eafc3af9b2d61278468
---
 puppet/manifests/overcloud_controller_pacemaker.pp | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'puppet/manifests/overcloud_controller_pacemaker.pp')

diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index 583a4fd4..f8d3fd76 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -496,11 +496,10 @@ if hiera('step') >= 3 {
     manage_service => false,
     enabled        => false,
   }
+  include ::keystone::config
 
   #TODO: need a cleanup-keystone-tokens.sh solution here
-  keystone_config {
-    'ec2/driver': value => 'keystone.contrib.ec2.backends.sql.Ec2';
-  }
+
   file { [ '/etc/keystone/ssl', '/etc/keystone/ssl/certs', '/etc/keystone/ssl/private' ]:
     ensure  => 'directory',
     owner   => 'keystone',
-- 
cgit 1.2.3-korg