Un-hardcoding domain/user name, removing domain for heat stack
The patch makes two things:
1. Make it possible to un-hardcode domain/user name for heat
stack;
2. Remove deprecated and unused heat:server:stack_domain_admin:domain
option from service level.
Change-Id: Ic8da908d1f40a96995ff1f3cb0385d9a279e604c
Related-Prod: PROD-25486
diff --git a/heat/files/ocata/heat.conf.Debian b/heat/files/ocata/heat.conf.Debian
index 1a84373..f2d78ab 100644
--- a/heat/files/ocata/heat.conf.Debian
+++ b/heat/files/ocata/heat.conf.Debian
@@ -223,13 +223,13 @@
# Keystone username, a user with roles sufficient to manage
# users and projects in the stack_user_domain. (string value)
-stack_domain_admin = heat_domain_admin
+stack_domain_admin = {{ server.stack_domain_admin.get('name', 'heat_domain_admin') }}
# Keystone password for stack_domain_admin user. (string
# value)
stack_domain_admin_password={{ server.stack_domain_admin.password }}
-stack_user_domain_name = heat_user_domain
+stack_user_domain_name = {{ server.stack_domain_admin.get('stack_user_domain_name', 'heat_user_domain') }}
{%- else %}
diff --git a/heat/files/pike/heat.conf.Debian b/heat/files/pike/heat.conf.Debian
index abaf53f..0ddef86 100644
--- a/heat/files/pike/heat.conf.Debian
+++ b/heat/files/pike/heat.conf.Debian
@@ -230,13 +230,13 @@
# Keystone username, a user with roles sufficient to manage
# users and projects in the stack_user_domain. (string value)
-stack_domain_admin = heat_domain_admin
+stack_domain_admin = {{ server.stack_domain_admin.get('name', 'heat_domain_admin') }}
# Keystone password for stack_domain_admin user. (string
# value)
stack_domain_admin_password={{ server.stack_domain_admin.password }}
-stack_user_domain_name = heat_user_domain
+stack_user_domain_name = {{ server.stack_domain_admin.get('stack_user_domain_name', 'heat_user_domain') }}
{%- else %}
diff --git a/heat/files/queens/heat.conf.Debian b/heat/files/queens/heat.conf.Debian
index fe8dd55..b6896ba 100644
--- a/heat/files/queens/heat.conf.Debian
+++ b/heat/files/queens/heat.conf.Debian
@@ -238,7 +238,7 @@
# Keystone username, a user with roles sufficient to manage users and projects
# in the stack_user_domain. (string value)
#stack_domain_admin = <None>
-stack_domain_admin = heat_domain_admin
+stack_domain_admin = {{ server.stack_domain_admin.get('name', 'heat_domain_admin') }}
# Keystone password for stack_domain_admin user. (string value)
#stack_domain_admin_password = <None>
@@ -260,7 +260,7 @@
{%- endif %}
# Maximum raw byte size of any template. (integer value)
-max_template_size = {{ server.get('max_template_size', 5440000) }}
+max_template_size = {{ server.get('max_template_size', 5440000) }}
# Maximum depth allowed when using nested stacks. (integer value)
#max_nested_stack_depth = 5
@@ -1277,7 +1277,7 @@
# User's domain name (string value)
#user_domain_name = <None>
-user_domain_name = {{ server.identity.get('user_domain_name', 'default') }}
+user_domain_name = {{ server.identity.get('user_domain_name', 'Default') }}
# User's password (string value)
#password = <None>
diff --git a/heat/server.sls b/heat/server.sls
index 02e73b4..6dd526a 100644
--- a/heat/server.sls
+++ b/heat/server.sls
@@ -160,7 +160,12 @@
heat_keystone_setup:
cmd.run:
- - name: 'source /root/keystonercv3; heat-keystone-setup-domain --stack-user-domain-name heat_user_domain --stack-domain-admin heat_domain_admin --stack-domain-admin-password {{ server.stack_domain_admin.password }}'
+ - name: >-
+ source /root/keystonercv3;
+ heat-keystone-setup-domain
+ --stack-user-domain-name {{ server.stack_domain_admin.stack_user_domain_name|default('heat_user_domain') }}
+ --stack-domain-admin {{ server.stack_domain_admin.name|default('heat_domain_admin') }}
+ --stack-domain-admin-password {{ server.stack_domain_admin.password }}
- shell: /bin/bash
- require:
- file: /etc/heat/heat.conf
diff --git a/metadata/service/server/cluster.yml b/metadata/service/server/cluster.yml
index 198b80c..b9d2430 100644
--- a/metadata/service/server/cluster.yml
+++ b/metadata/service/server/cluster.yml
@@ -14,7 +14,7 @@
stack_domain_admin:
name: heat_domain_admin
password: ${_param:heat_domain_admin_password}
- domain: heat
+ stack_user_domain_name: heat_user_domain
enabled: true
region: RegionOne
version: ${_param:heat_version}
diff --git a/metadata/service/server/single.yml b/metadata/service/server/single.yml
index 732a975..3cc782e 100644
--- a/metadata/service/server/single.yml
+++ b/metadata/service/server/single.yml
@@ -14,7 +14,7 @@
stack_domain_admin:
name: heat_domain_admin
password: ${_param:heat_domain_admin_password}
- domain: heat
+ stack_user_domain_name: heat_user_domain
enabled: true
region: RegionOne
version: ${_param:heat_version}