2015-06-17 08:11:44 +00:00
|
|
|
[DEFAULT]
|
|
|
|
debug = {{ keystone_logging_debug }}
|
2016-09-30 16:21:26 -04:00
|
|
|
{% if enable_cadf_notifications | bool %}
|
2016-07-29 20:23:13 +02:00
|
|
|
notification_format = cadf
|
2016-09-19 12:59:36 -07:00
|
|
|
transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
2016-07-29 20:23:13 +02:00
|
|
|
{% endif %}
|
2016-02-11 15:34:45 +01:00
|
|
|
|
|
|
|
# NOTE(elemoine) log_dir alone does not work for Keystone
|
|
|
|
log_file = /var/log/kolla/keystone/keystone.log
|
2017-02-24 13:36:55 +00:00
|
|
|
use_stderr = True
|
2015-06-17 08:11:44 +00:00
|
|
|
|
2017-03-30 15:49:51 +08:00
|
|
|
[oslo_middleware]
|
|
|
|
enable_proxy_headers_parsing = True
|
2016-02-29 13:51:11 -05:00
|
|
|
|
2015-06-17 08:11:44 +00:00
|
|
|
[database]
|
2015-12-21 16:16:25 +00:00
|
|
|
connection = mysql+pymysql://{{ keystone_database_user }}:{{ keystone_database_password }}@{{ keystone_database_address }}/{{ keystone_database_name }}
|
2016-04-06 20:45:17 +00:00
|
|
|
max_retries = -1
|
2016-03-19 16:42:26 +00:00
|
|
|
|
2017-02-05 20:48:32 +08:00
|
|
|
{% if keystone_domain_directory.stat.exists %}
|
2016-07-07 14:36:42 +01:00
|
|
|
[identity]
|
|
|
|
domain_specific_drivers_enabled = true
|
|
|
|
domain_config_dir = /etc/keystone/domains
|
|
|
|
{% endif %}
|
|
|
|
|
2016-08-07 13:58:50 +10:00
|
|
|
[token]
|
2017-02-13 21:27:04 +08:00
|
|
|
revoke_by_id = False
|
2016-11-10 21:32:03 +08:00
|
|
|
{% if keystone_token_provider == 'uuid' %}
|
|
|
|
provider = uuid
|
|
|
|
{% elif keystone_token_provider == 'fernet' %}
|
2016-08-07 13:58:50 +10:00
|
|
|
provider = {{ keystone_token_provider }}
|
|
|
|
expiration = {{ fernet_token_expiry }}
|
|
|
|
|
|
|
|
[fernet_tokens]
|
|
|
|
max_active_keys = {{ (groups['keystone'] | length) + 1 }}
|
|
|
|
{% endif %}
|
|
|
|
|
2016-03-19 16:42:26 +00:00
|
|
|
[cache]
|
|
|
|
backend = oslo_cache.memcache_pool
|
|
|
|
enabled = True
|
2016-06-10 16:51:19 -07:00
|
|
|
|
|
|
|
{# For Kolla-Ansible, generate the memcache servers based on the list of
|
|
|
|
memcached servers in the inventory and memcached_servers should be un-set.
|
|
|
|
For Kolla-Kubernetes, it is necessary to define the memcached_servers
|
|
|
|
variable in globals.yml to set it to the Kubernetes service for memcached. #}
|
|
|
|
|
|
|
|
{% if orchestration_engine == 'KUBERNETES' %}
|
|
|
|
memcache_servers = {{ memcached_servers }}
|
|
|
|
{% else %}
|
2016-03-19 16:42:26 +00:00
|
|
|
memcache_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
2016-06-10 16:51:19 -07:00
|
|
|
{%- endif %}
|
2016-07-29 20:23:13 +02:00
|
|
|
|
2016-09-30 16:21:26 -04:00
|
|
|
{% if enable_cadf_notifications | bool %}
|
2016-07-29 20:23:13 +02:00
|
|
|
[oslo_messaging_notifications]
|
|
|
|
driver = messagingv2
|
|
|
|
{% endif %}
|
2017-04-10 15:31:41 +01:00
|
|
|
|
|
|
|
{% if enable_osprofiler | bool %}
|
|
|
|
[profiler]
|
|
|
|
enabled = true
|
|
|
|
trace_sqlalchemy = true
|
|
|
|
hmac_keys = {{ osprofiler_secret }}
|
|
|
|
{% if enable_elasticsearch | bool %}
|
|
|
|
connection_string = elasticsearch://{{ elasticsearch_address }}:{{ elasticsearch_port }}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|