Allow keystone endpoint_type interpolation for Heat clients
- Add 'endpoint_type_default' identity parameter to access
internal services, default 'internalURL'
- Add 'endpoint_type_heat' identity parameter so Heat could
provide it to external clients, default 'publicURL'
Change-Id: Iff99c7b79634c65605e8509cfe919bc47ff1a787
diff --git a/.gitreview b/.gitreview
new file mode 100644
index 0000000..76d660f
--- /dev/null
+++ b/.gitreview
@@ -0,0 +1,4 @@
+[gerrit]
+host=gerrit.mcp.mirantis.net
+port=29418
+project=salt-formulas/heat.git
diff --git a/README.rst b/README.rst
index d5bfc0c..ac06056 100644
--- a/README.rst
+++ b/README.rst
@@ -53,6 +53,8 @@
tenant: service
user: heat
password: password
+ endpoint_type_default: internalURL
+ endpoint_type_heat: publicURL
message_queue:
engine: rabbitmq
host: 10.0.106.20
diff --git a/heat/files/juno/heat.conf.Debian b/heat/files/juno/heat.conf.Debian
index ccb1503..24d48ad 100644
--- a/heat/files/juno/heat.conf.Debian
+++ b/heat/files/juno/heat.conf.Debian
@@ -587,7 +587,7 @@
# Type of endpoint in Identity service catalog to use for
# communication with the OpenStack service. (string value)
-#endpoint_type=publicURL
+endpoint_type = {{ server.identity.get('endpoint_type_default', 'publicURL') }}
# Optional CA cert file to use in SSL connections. (string
# value)
@@ -606,6 +606,10 @@
#insecure=false
+[clients_heat]
+endpoint_type = {{ server.identity.get('endpoint_type_heat',
+ server.identity.get('endpoint_type_default', 'publicURL')) }}
+
[clients_ceilometer]
#
diff --git a/heat/files/kilo/heat.conf.Debian b/heat/files/kilo/heat.conf.Debian
index 1b6ba83..a198e42 100644
--- a/heat/files/kilo/heat.conf.Debian
+++ b/heat/files/kilo/heat.conf.Debian
@@ -911,6 +911,12 @@
{%- from "opencontrail/map.jinja" import client with context %}
+[clients]
+endpoint_type = {{ server.identity.get('endpoint_type_default', 'publicURL') }}
+
+[clients_heat]
+endpoint_type = {{ server.identity.get('endpoint_type_heat',
+ server.identity.get('endpoint_type_default', 'publicURL')) }}
[clients_contrail]
user={{ client.identity.user }}
diff --git a/heat/files/liberty/heat.conf.Debian b/heat/files/liberty/heat.conf.Debian
index 8b5874e..68ce5f0 100644
--- a/heat/files/liberty/heat.conf.Debian
+++ b/heat/files/liberty/heat.conf.Debian
@@ -918,6 +918,12 @@
{%- from "opencontrail/map.jinja" import client with context %}
+[clients]
+endpoint_type = {{ server.identity.get('endpoint_type_default', 'publicURL') }}
+
+[clients_heat]
+endpoint_type = {{ server.identity.get('endpoint_type_heat',
+ server.identity.get('endpoint_type_default', 'publicURL')) }}
[clients_contrail]
user={{ client.identity.user }}
diff --git a/heat/files/mitaka/heat.conf.Debian b/heat/files/mitaka/heat.conf.Debian
index 5d22d0b..7c1ac1a 100644
--- a/heat/files/mitaka/heat.conf.Debian
+++ b/heat/files/mitaka/heat.conf.Debian
@@ -742,6 +742,12 @@
keystone_ec2_uri=http://{{ server.identity.host }}:5000/v2.0/ec2tokens
+[clients]
+endpoint_type = {{ server.identity.get('endpoint_type_default', 'publicURL') }}
+
+[clients_heat]
+endpoint_type = {{ server.identity.get('endpoint_type_heat',
+ server.identity.get('endpoint_type_default', 'publicURL')) }}
[clients_keystone]
auth_uri=http://{{ server.identity.host }}:35357
diff --git a/heat/files/mitaka/heat.conf.RedHat b/heat/files/mitaka/heat.conf.RedHat
index 7f2a7ad..59ecd5c 100644
--- a/heat/files/mitaka/heat.conf.RedHat
+++ b/heat/files/mitaka/heat.conf.RedHat
@@ -720,6 +720,12 @@
{%- from "opencontrail/map.jinja" import client with context %}
+[clients]
+endpoint_type = {{ server.identity.get('endpoint_type_default', 'publicURL') }}
+
+[clients_heat]
+endpoint_type = {{ server.identity.get('endpoint_type_heat',
+ server.identity.get('endpoint_type_default', 'publicURL')) }}
[clients_contrail]
user={{ client.identity.user }}
diff --git a/metadata/service/server/cluster.yml b/metadata/service/server/cluster.yml
index 1fd1cb5..a919431 100644
--- a/metadata/service/server/cluster.yml
+++ b/metadata/service/server/cluster.yml
@@ -3,6 +3,9 @@
classes:
- service.heat.support
parameters:
+ _param:
+ heat_client_default_endpoint_type: internalURL
+ heat_client_heat_endpoint_type: publicURL
heat:
server:
stack_domain_admin:
@@ -42,6 +45,8 @@
tenant: service
user: heat
password: ${_param:keystone_heat_password}
+ endpoint_type_default: ${_param:heat_client_default_endpoint_type}
+ endpoint_type_heat: ${_param:heat_client_heat_endpoint_type}
message_queue:
engine: rabbitmq
host: ${_param:cluster_vip_address}
diff --git a/metadata/service/server/container.yml b/metadata/service/server/container.yml
index 822d900..a063428 100644
--- a/metadata/service/server/container.yml
+++ b/metadata/service/server/container.yml
@@ -1,4 +1,7 @@
parameters:
+ _param:
+ heat_client_default_endpoint_type: internalURL
+ heat_client_heat_endpoint_type: publicURL
kubernetes:
control:
configmap:
@@ -45,6 +48,8 @@
tenant: service
user: heat
password: ${_param:keystone_heat_password}
+ endpoint_type_default: ${_param:heat_client_default_endpoint_type}
+ endpoint_type_heat: ${_param:heat_client_heat_endpoint_type}
message_queue:
engine: rabbitmq
host: ${_param:rabbitmq_service_host}
diff --git a/metadata/service/server/single.yml b/metadata/service/server/single.yml
index 253345c..1f80888 100644
--- a/metadata/service/server/single.yml
+++ b/metadata/service/server/single.yml
@@ -3,6 +3,9 @@
classes:
- service.heat.support
parameters:
+ _param:
+ heat_client_default_endpoint_type: internalURL
+ heat_client_heat_endpoint_type: publicURL
heat:
server:
stack_domain_admin:
@@ -42,6 +45,8 @@
tenant: service
user: heat
password: ${_param:keystone_heat_password}
+ endpoint_type_default: ${_param:heat_client_default_endpoint_type}
+ endpoint_type_heat: ${_param:heat_client_heat_endpoint_type}
message_queue:
engine: rabbitmq
host: ${_param:single_address}
diff --git a/tests/pillar/server_cluster.sls b/tests/pillar/server_cluster.sls
index 1a338d4..0a8e0f5 100644
--- a/tests/pillar/server_cluster.sls
+++ b/tests/pillar/server_cluster.sls
@@ -40,6 +40,8 @@
admin_tenant: admin
admin_user: admin
admin_password: admin
+ endpoint_type_default: internalURL
+ endpoint_type_heat: publicURL
message_queue:
engine: rabbitmq
members:
diff --git a/tests/pillar/server_plugin_dirs.sls b/tests/pillar/server_plugin_dirs.sls
index ebe11e8..846bab0 100644
--- a/tests/pillar/server_plugin_dirs.sls
+++ b/tests/pillar/server_plugin_dirs.sls
@@ -40,6 +40,7 @@
admin_tenant: admin
admin_user: admin
admin_password: admin
+ endpoint_type_default: internalURL
message_queue:
engine: rabbitmq
host: 127.0.0.1
diff --git a/tests/pillar/server_single.sls b/tests/pillar/server_single.sls
index c90d7ed..1600f46 100644
--- a/tests/pillar/server_single.sls
+++ b/tests/pillar/server_single.sls
@@ -40,6 +40,8 @@
admin_tenant: admin
admin_user: admin
admin_password: admin
+ endpoint_type_default: internalURL
+ endpoint_type_heat: internalURL
message_queue:
engine: rabbitmq
host: 127.0.0.1