49006e56d9
Fixes an issue where access rules failed to validate:
Cannot validate request with restricted access rules. Set
service_type in [keystone_authtoken] to allow access rule validation
I've used the values from the endpoint. This was mostly a straight
forward copy and paste, except:
- versioned endpoints e.g cinderv3 where I stripped the version
- monasca has multiple endpoints associated with a single service. For
this, I concatenated logging and monitoring to be logging-monitoring.
Closes-Bug: #1965111
Change-Id: Ic4b3ab60abad8c3dd96cd4923a67f2a8f9d195d7
75 lines
2.2 KiB
Django/Jinja
75 lines
2.2 KiB
Django/Jinja
[DEFAULT]
|
|
debug = {{ solum_logging_debug }}
|
|
log_dir = /var/log/kolla/solum
|
|
transport_url = {{ rpc_transport_url }}
|
|
|
|
{% if service_name == 'solum-api' %}
|
|
bind_host = {{ api_interface_address }}
|
|
bind_port = {{ solum_application_deployment_port }}
|
|
{% endif %}
|
|
|
|
[api]
|
|
image_format = vm
|
|
port = {{ solum_application_deployment_port }}
|
|
workers = {{ openstack_service_workers }}
|
|
{% if service_name == 'solum-api' %}
|
|
host = {{ api_interface_address }}
|
|
{% endif %}
|
|
|
|
[conductor]
|
|
topic = solum-conductor
|
|
|
|
[deployer]
|
|
growth_factor = 1.1
|
|
wait_interval = 1
|
|
max_attempts = 2000
|
|
handler = heat
|
|
topic = solum-deployer
|
|
|
|
[worker]
|
|
proj_dir = /solum
|
|
handler = shell
|
|
topic = solum-worker
|
|
task_log_dir = /var/log/kolla/solum/worker
|
|
image_storage = glance
|
|
docker_build_timeout = 1800
|
|
lp_operator_tenant_name = service
|
|
lp_operator_password = {{ solum_keystone_password }}
|
|
lp_operator_user = {{ solum_keystone_user }}
|
|
|
|
[builder]
|
|
port = {{ solum_image_builder_public_endpoint }}
|
|
host = {{ ansible_facts.hostname }}_{{ item }}
|
|
|
|
[database]
|
|
connection = mysql+pymysql://{{ solum_database_user }}:{{ solum_database_password }}@{{ solum_database_address }}/{{ solum_database_name }}
|
|
connection_recycle_time = {{ database_connection_recycle_time }}
|
|
max_pool_size = {{ database_max_pool_size }}
|
|
max_retries = -1
|
|
|
|
[keystone_authtoken]
|
|
service_type = application_deployment
|
|
www_authenticate_uri = {{ keystone_internal_url }}
|
|
auth_url = {{ keystone_internal_url }}
|
|
auth_type = password
|
|
project_domain_id = {{ default_project_domain_id }}
|
|
user_domain_id = {{ default_user_domain_id }}
|
|
project_name = service
|
|
username = {{ solum_keystone_user }}
|
|
password = {{ solum_keystone_password }}
|
|
cafile = {{ openstack_cacert }}
|
|
region_name = {{ openstack_region_name }}
|
|
|
|
memcache_security_strategy = ENCRYPT
|
|
memcache_secret_key = {{ memcache_secret_key }}
|
|
memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
|
|
[oslo_messaging_notifications]
|
|
transport_url = {{ notify_transport_url }}
|
|
|
|
{% if om_enable_rabbitmq_tls | bool %}
|
|
[oslo_messaging_rabbit]
|
|
ssl = true
|
|
ssl_ca_file = {{ om_rabbitmq_cacert }}
|
|
{% endif %}
|