keystone/map.jinja - salt-formulas/keystone - Gitiles

 {%- set default_params = {
     'cacert_file': salt['grains.filter_by']({
         'Debian': '/etc/ssl/certs/ca-certificates.crt',
         'RedHat': '/etc/pki/tls/certs/ca-bundle.crt'
     }),
     'enabled': false,
     'bind': {
       'private_protocol': 'http',
       'public_protocol': 'http', },
     'credential': {
       'location': '/var/lib/keystone/credential-keys'
       }
     }

 %}

 {% set server = salt['grains.filter_by']({
     'BaseDefaults': default_params,
     'Debian': {
         'pkgs': ['keystone', 'python-keystone', 'python-keystoneclient', 'python-psycopg2', 'python-mysqldb', 'python-six', 'python-memcache', 'python-openstackclient', 'gettext-base', 'python-pycadf'],
         'service_name': 'keystone',
         'version': 'icehouse',
         'api_version': '2',
         'cors': {},
         'oslo_policy': {
           'policy_file': 'policy.json'
         },
         'hash_algorithm': 'sha256',
         'max_request_body_size': '114688',
         'tokens': {
           'engine': 'database',
           'expiration': '86400'
         },
         'notification': False,
         'roles': ['admin', 'Member'],
         'cacert': '/etc/ssl/certs/ca-certificates.crt',
         'security_compliance': {},
         'logging': {
           'app_name': 'keystone',
           'log_appender': false,
           'log_handlers': {
             'watchedfile': {
               'enabled': true
             }
           },
         },
     },
     'RedHat': {
         'pkgs': ['openstack-keystone', 'openstack-utils', 'python-keystone', 'python-keystoneclient', 'python-pycadf'],
         'service_name': 'openstack-keystone',
         'api_version': '2',
         'version': 'icehouse',
         'cors': {},
         'oslo_policy': {
           'policy_file': 'policy.json'
         },
         'hash_algorithm': 'sha256',
         'max_request_body_size': '114688',
         'tokens': {
           'engine': 'database',
           'expiration': '86400'
         },
         'notification': False,
         'roles': ['admin', 'Member'],
         'cacert': '/etc/pki/tls/certs/ca-bundle.crt',
         'security_compliance': {},
         'logging': {
           'app_name': 'keystone',
           'log_appender': false,
           'log_handlers': {
             'watchedfile': {
               'enabled': true
             }
           },
         },
     },
 }, merge=pillar.get('keystone', {}).get('server', {}), base='BaseDefaults') %}

 {%- set client_default_params = {
       'enabled': false
     }
 %}

 {% set client = salt['grains.filter_by']({
     'BaseDefaults': client_default_params,
     'Debian': {
         'pkgs': ['python-keystoneclient', 'python-openstackclient'],
         'service': 'keystone',
         'roles': ['admin', 'Member'],
         'os_client_config': {
             'pkgs': ['python-os-client-config'],
         },
     },
     'RedHat': {
         'pkgs': ['python-keystoneclient'],
         'roles': ['admin', 'Member'],
     },
 }, merge=pillar.get('keystone', {}).get('client', {}), base='BaseDefaults') %}

 {% set control = salt['grains.filter_by']({
     'Debian': {
         'pkgs': [],
     },
     'RedHat': {
         'pkgs': [],
     },
 }, merge=pillar.get('keystone', {}).get('control', {})) %}

 {% set monitoring = salt['grains.filter_by']({
     'default': {
         'error_log_rate': 0.2,
         'http_response_time_p90': 3,
         'failed_auths': {
             'percentage': 50,
             'all_auths_rate': 0.1,
         },
         'endpoint_failed_major_threshold': 0.5,
         'telegraf_openstack_input_plugin_interval': '3m',
         'telegraf_openstack_output_plugin_expiration_interval': '6m',
         'output_openstack_port': 9127,
         'telegraf_openstack_api_input_plugin_interval': '15s',
         'telegraf_openstack_api_expiration_interval': '30s',
         'output_openstack_api_port': 9128,
         'api_monitoring_duration' : '5m'
     },
 }, grain='os_family', merge=salt['pillar.get']('keystone:monitoring')) %}
	{%- set default_params = {
	'cacert_file': salt['grains.filter_by']({
	'Debian': '/etc/ssl/certs/ca-certificates.crt',
	'RedHat': '/etc/pki/tls/certs/ca-bundle.crt'
	}),
	'enabled': false,
	'bind': {
	'private_protocol': 'http',
	'public_protocol': 'http', },
	'credential': {
	'location': '/var/lib/keystone/credential-keys'
	}
	}

	%}

	{% set server = salt['grains.filter_by']({
	'BaseDefaults': default_params,
	'Debian': {
	'pkgs': ['keystone', 'python-keystone', 'python-keystoneclient', 'python-psycopg2', 'python-mysqldb', 'python-six', 'python-memcache', 'python-openstackclient', 'gettext-base', 'python-pycadf'],
	'service_name': 'keystone',
	'version': 'icehouse',
	'api_version': '2',
	'cors': {},
	'oslo_policy': {
	'policy_file': 'policy.json'
	},
	'hash_algorithm': 'sha256',
	'max_request_body_size': '114688',
	'tokens': {
	'engine': 'database',
	'expiration': '86400'
	},
	'notification': False,
	'roles': ['admin', 'Member'],
	'cacert': '/etc/ssl/certs/ca-certificates.crt',
	'security_compliance': {},
	'logging': {
	'app_name': 'keystone',
	'log_appender': false,
	'log_handlers': {
	'watchedfile': {
	'enabled': true
	}
	},
	},
	},
	'RedHat': {
	'pkgs': ['openstack-keystone', 'openstack-utils', 'python-keystone', 'python-keystoneclient', 'python-pycadf'],
	'service_name': 'openstack-keystone',
	'api_version': '2',
	'version': 'icehouse',
	'cors': {},
	'oslo_policy': {
	'policy_file': 'policy.json'
	},
	'hash_algorithm': 'sha256',
	'max_request_body_size': '114688',
	'tokens': {
	'engine': 'database',
	'expiration': '86400'
	},
	'notification': False,
	'roles': ['admin', 'Member'],
	'cacert': '/etc/pki/tls/certs/ca-bundle.crt',
	'security_compliance': {},
	'logging': {
	'app_name': 'keystone',
	'log_appender': false,
	'log_handlers': {
	'watchedfile': {
	'enabled': true
	}
	},
	},
	},
	}, merge=pillar.get('keystone', {}).get('server', {}), base='BaseDefaults') %}

	{%- set client_default_params = {
	'enabled': false
	}
	%}

	{% set client = salt['grains.filter_by']({
	'BaseDefaults': client_default_params,
	'Debian': {
	'pkgs': ['python-keystoneclient', 'python-openstackclient'],
	'service': 'keystone',
	'roles': ['admin', 'Member'],
	'os_client_config': {
	'pkgs': ['python-os-client-config'],
	},
	},
	'RedHat': {
	'pkgs': ['python-keystoneclient'],
	'roles': ['admin', 'Member'],
	},
	}, merge=pillar.get('keystone', {}).get('client', {}), base='BaseDefaults') %}

	{% set control = salt['grains.filter_by']({
	'Debian': {
	'pkgs': [],
	},
	'RedHat': {
	'pkgs': [],
	},
	}, merge=pillar.get('keystone', {}).get('control', {})) %}

	{% set monitoring = salt['grains.filter_by']({
	'default': {
	'error_log_rate': 0.2,
	'http_response_time_p90': 3,
	'failed_auths': {
	'percentage': 50,
	'all_auths_rate': 0.1,
	},
	'endpoint_failed_major_threshold': 0.5,
	'telegraf_openstack_input_plugin_interval': '3m',
	'telegraf_openstack_output_plugin_expiration_interval': '6m',
	'output_openstack_port': 9127,
	'telegraf_openstack_api_input_plugin_interval': '15s',
	'telegraf_openstack_api_expiration_interval': '30s',
	'output_openstack_api_port': 9128,
	'api_monitoring_duration' : '5m'
	},
	}, grain='os_family', merge=salt['pillar.get']('keystone:monitoring')) %}