372e991bec
As described here: https://github.com/openstack/keystone/blob/master/keystone/resource/core.py#L841 https://github.com/openstack/keystone/blob/master/keystone/conf/identity.py#L21 * default project domain name MUST be named 'Default' * default project domain id MUST be named 'default' * default project user name MUST be named 'Default' * default project user id MUST be named 'default' Change-Id: I610a0416647fdea31bb04889364da5395d8c8d74
119 lines
4.2 KiB
Django/Jinja
119 lines
4.2 KiB
Django/Jinja
[DEFAULT]
|
|
debug = {{ heat_logging_debug }}
|
|
|
|
log_dir = /var/log/kolla/heat
|
|
|
|
heat_watch_server_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ heat_api_cfn_port }}
|
|
heat_metadata_server_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ heat_api_cfn_port }}
|
|
heat_waitcondition_server_url = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ heat_api_cfn_port }}/v1/waitcondition
|
|
|
|
heat_stack_user_role = {{ heat_stack_user_role }}
|
|
|
|
stack_domain_admin = heat_domain_admin
|
|
stack_domain_admin_password = {{ heat_domain_admin_password }}
|
|
stack_user_domain_name = heat_user_domain
|
|
|
|
deferred_auth_method = trusts
|
|
trusts_delegated_roles = heat_stack_owner
|
|
|
|
{% if service_name == 'heat-engine' %}
|
|
num_engine_workers = {{ openstack_service_workers }}
|
|
{% endif %}
|
|
|
|
transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
|
|
{% if service_name == 'heat-api' %}
|
|
[heat_api]
|
|
bind_host = {{ api_interface_address }}
|
|
bind_port = {{ heat_api_port }}
|
|
workers = {{ openstack_service_workers }}
|
|
{% endif %}
|
|
|
|
{% if service_name == 'heat-api-cfn' %}
|
|
[heat_api_cfn]
|
|
bind_host = {{ api_interface_address }}
|
|
bind_port = {{ heat_api_cfn_port }}
|
|
workers = {{ openstack_service_workers }}
|
|
{% endif %}
|
|
|
|
[database]
|
|
connection = mysql+pymysql://{{ heat_database_user }}:{{ heat_database_password }}@{{ heat_database_address }}/{{ heat_database_name }}
|
|
max_retries = -1
|
|
|
|
[keystone_authtoken]
|
|
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
|
|
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
|
|
auth_type = password
|
|
project_domain_id = {{ default_project_domain_id }}
|
|
user_domain_id = {{ default_user_domain_id }}
|
|
project_name = service
|
|
username = {{ heat_keystone_user }}
|
|
password = {{ heat_keystone_password }}
|
|
|
|
memcache_security_strategy = ENCRYPT
|
|
memcache_secret_key = {{ memcache_secret_key }}
|
|
memcached_servers = {% for host in groups['memcached'] %}{% if orchestration_engine == 'KUBERNETES' %}memcached{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
|
|
|
|
[cache]
|
|
backend = oslo_cache.memcache_pool
|
|
enabled = True
|
|
memcache_servers = {% for host in groups['memcached'] %}{% if orchestration_engine == 'KUBERNETES' %}memcached{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
|
|
|
|
[trustee]
|
|
{% if orchestration_engine == 'KUBERNETES' %}
|
|
auth_uri = {{ keystone_internal_url }}
|
|
auth_url = {{ keystone_admin_url }}
|
|
{% else %}
|
|
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
|
|
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
|
|
{% endif %}
|
|
auth_type = password
|
|
user_domain_id = {{ default_user_domain_id }}
|
|
username = {{ heat_keystone_user }}
|
|
password = {{ heat_keystone_password }}
|
|
|
|
[ec2authtoken]
|
|
{% if orchestration_engine == 'KUBERNETES' %}
|
|
auth_uri = {{ keystone_internal_url }}/v3
|
|
{% else %}
|
|
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}/v3
|
|
{% endif %}
|
|
|
|
[clients_keystone]
|
|
{% if orchestration_engine == 'KUBERNETES' %}
|
|
auth_uri = {{ keystone_internal_url }}
|
|
{% else %}
|
|
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
|
|
{% endif %}
|
|
|
|
[oslo_messaging_notifications]
|
|
{% if enable_ceilometer | bool %}
|
|
driver = messagingv2
|
|
topics = 'notifications'
|
|
{% else %}
|
|
driver = noop
|
|
{% endif %}
|
|
|
|
[clients]
|
|
endpoint_type = internalURL
|
|
|
|
[clients_heat]
|
|
endpoint_type = publicURL
|
|
|
|
{% if public_protocol != internal_protocol and kolla_external_fqdn != kolla_internal_fqdn %}
|
|
[oslo_middleware]
|
|
enable_proxy_headers_parsing = True
|
|
{% endif %}
|
|
|
|
{% if enable_osprofiler | bool %}
|
|
[profiler]
|
|
enabled = true
|
|
trace_sqlalchemy = true
|
|
hmac_keys = {{ osprofiler_secret }}
|
|
{% if enable_elasticsearch | bool %}
|
|
connection_string = elasticsearch://{{ elasticsearch_address }}:{{ elasticsearch_port }}
|
|
{% endif %}
|
|
{% endif %}
|