Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / keystone / c4b6ed93cbcbf8115d1887bd60048524c95f6d20 / . / tests / pillar / single.sls
blob: 06c1722bae8173a1f15d3f52e12455b47dabd365 [file] [log] [blame]
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]1keystone:
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]2# Server state
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]3 server:
4 enabled: true
5 version: liberty
sgarbuzc4b6ed92019-01-15 11:53:08 +0200[diff] [blame^]6 service_name: apache2
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]7 service_token: RANDOMSTRINGTOKEN
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]8 service_tenant: service
sgarbuzc4b6ed92019-01-15 11:53:08 +0200[diff] [blame^]9 admin_project:
10 name: projectname
11 domain: project
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]12 admin_tenant: admin
13 admin_name: admin
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]14 admin_password: passw0rd
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]15 admin_email: root@localhost
sgarbuzc4b6ed92019-01-15 11:53:08 +0200[diff] [blame^]16 enable_proxy_headers_parsing: True
17 cors:
18 allowed_origin: 'https://horizon.example.com'
19 allow_credentials: True
20 expose_headers: 'X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token'
21 allow_headers: 'X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token,X-Project-Id,X-Project-Name,X-Project-Domain-Id,X-Project-Domain-Name,X-Domain-Id,X-Domain-Name'
22 max_age: 3600
23 allow_methods: 'GET,PUT,POST,DELETE,PATCH'
24 auth_methods:
25 - password
26 - token
27 federation:
28 oidc:
29 remote_id_attribute: HTTP_OIDC_ISS
30 remote_id_attribute_value: remote_id_attribute_value
31 oidc_claim_prefix: oidc_claim_prefix
32 oidc_client_id: oidc_client_id
33 oidc_client_secret: oidc_client_secret
34 oidc_crypto_passphrase: oidc_crypto_passphrase
35 oidc_redirect_uri: oidc_redirect_uri
36 oidc_provider_metadata_url: oidc_provider_metadata_url
37 oidc_response_type: oidc_response_type
38 oidc_scope: oidc_scope
39 oidc_ssl_validate_server: oidc_ssl_validate_server
40 oidc_oauth_ssl_validate_server: oidc_oauth_ssl_validate_server
41 oidc_oauth_introspection_endpoint: oidc_oauth_introspection_endpoint
42 oidc_oauth_introspection_token_param_name: oidc_oauth_introspection_token_param_name
43 oidc_oauth_remote_user_claim: oidc_oauth_remote_user_claim
44 oidc_oauth_verify_jwks_uri: oidc_oauth_verify_jwks_uri
45 odic_token_iat_slack: odic_token_iat_slack
46 oidc_provider_issuer: oidc_provider_issuer
47 oidc_provider_authorization_endpoint: oidc_provider_authorization_endpoint
48 oidc_provider_token_endpoint: oidc_provider_token_endpoint
49 oidc_provider_token_endpoint_auth: oidc_provider_token_endpoint_auth
50 oidc_provider_user_info_endpoint: oidc_provider_user_info_endpoint
51 oidc_provider_jwks_uri: oidc_provider_jwks_uri
52 protocol: oidc
53 saml2:
54 remote_id_attribute: HTTP_OIDC_ISS
55 protocol: saml2
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]56 bind:
57 address: 0.0.0.0
58 private_address: 127.0.0.1
59 private_port: 35357
60 public_address: 127.0.0.1
61 public_port: 5000
62 region: RegionOne
63 database:
64 engine: mysql
sgarbuzc4b6ed92019-01-15 11:53:08 +0200[diff] [blame^]65 host: 127.0.0.1
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]66 name: keystone
67 password: passw0rd
68 user: keystone
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]69 tokens:
sgarbuzc4b6ed92019-01-15 11:53:08 +0200[diff] [blame^]70 engine: fernet
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]71 expiration: 86400
72 location: /etc/keystone/fernet-keys/
sgarbuzc4b6ed92019-01-15 11:53:08 +0200[diff] [blame^]73 notification: true
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]74 notification_format: cadf
vgusev779727c2018-02-16 18:10:54 +0400[diff] [blame]75 logging:
sgarbuzc4b6ed92019-01-15 11:53:08 +0200[diff] [blame^]76 debug: true
77 log_file: 'logfile.log'
78 log_dir: logdir
79 use_syslog: true
80 syslog_log_facility: LOG_USER
81 log_appender: true
vgusev779727c2018-02-16 18:10:54 +0400[diff] [blame]82 log_handlers:
83 watchedfile:
84 enabled: true
85 fluentd:
86 enabled: false
87 ossyslog:
88 enabled: false
Dmitry Ukov70256222017-11-20 19:26:38 +0400[diff] [blame]89 extra_config:
90 federation:
91 cache_group_membership_in_db: true
sgarbuzc4b6ed92019-01-15 11:53:08 +0200[diff] [blame^]92 message_queue:
93 engine: rabbitmq
94 host: 127.0.0.1
95 port: 5672
96 user: openstack
97 password: password
98 virtual_host: '/openstack'
99 ha_queues: true
100 rabbit_ha_queues: true
101 rpc_conn_pool_size: 30
102 conn_pool_min_size: 2
103 conn_pool_ttl: 1200
104 rpc_poll_timeout: 1
105 rpc_thread_pool_size: 100
106 rpc_message_ttl: 300
107 rpc_use_acks: false
108 rpc_ack_timeout_base: 15
109 rpc_ack_timeout_multiplier: 2
110 rpc_retry_attempts: 3
111 executor_thread_pool_size: 64
112 rpc_response_timeout: 60
113 control_exchange: openstack
114 ssl:
115 version: TLSv1_2
116 cacert_file: ssl_ca_certs
117 x509:
118 key_file: kombu_ssl_keyfile
119 cert_file: kombu_ssl_certfile
120 rabbit_retry_interval: 1
121 rabbit_retry_backoff: 2
122 rabbit_interval_max: 30
123 rabbit_transient_queues_ttl: 1800
124 heartbeat_timeout_threshold: 60
125 heartbeat_rate: 2
126 channel_max: 2
127 frame_max: 2
128 heartbeat_interval: 3
129 socket_timeout: 10
130 tcp_user_timeout: 10
131 host_connection_reconnect_delay: 10
132 connection_factory: single
133 pool_max_size: 30
134 pool_max_overflow: 0
135 pool_timeout: 30
136 pool_recycle: 600
137 pool_stale: 60
138 default_serializer_type: json
139 notification_persistence: false
140 default_notification_exchange: exchange
141 notification_listener_prefetch_count: 100
142 default_notification_retry_attempts: 1
143 notification_retry_delay: 10
144 rpc_queue_expiration: 60
145 default_rpc_exchange: rpc_exchange
146 rpc_reply_exchange: rpc_reply_exchange
147 rpc_listener_prefetch_count: 100
148 rpc_reply_listener_prefetch_count: 100
149 rpc_reply_retry_attempts: 10
150 rpc_reply_retry_delay: 10
151 default_rpc_retry_attempts: 10
152 rpc_retry_delay: 10
153 rabbit_qos_prefetch_count: 64
154 healthcheck:
155 path: '/healthcheck'
156 max_request_body_size: 114688
157 profiler:
158 enabled: True
159 cache:
160 enabled: True
161 host: 127.0.0.1
162 port: 11211
163 policy:
164 policy_file: 'policy.json'
165 domain:
166 testing:
167 description: "Test domain"
168 backend: ldap
169 identity:
170 backend: ldap
171 driver: ldap
172 assignment:
173 backend: sql
174 driver: keystone.assignment.backends.sql.Assignment
175 ldap:
176 url: "ldaps://idm.domain.com"
177 suffix: "dc=cloud,dc=domain,dc=com"
178 uid: keystone
179 password: password
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]180# Client state
181 client:
182 enabled: false
sgarbuzc4b6ed92019-01-15 11:53:08 +0200[diff] [blame^]183 os_client_config:
184 enabled: true
185 cfgs:
186 root:
187 content:
188 clouds:
189 admin_identity:
190 region_name: RegionOne
191 identity_api_version: '3'
192 interface: 'internal'
193 auth:
194 username: 'admin'
195 password: passw0rd
196 user_domain_name: 'Default'
197 project_name: 'admin'
198 project_domain_name: 'Default'
199 auth_url: 'http://127.0.0.1:5000'
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]200 server:
sgarbuzc4b6ed92019-01-15 11:53:08 +0200[diff] [blame^]201 admin_identity:
202 admin:
203 user: admin
204 password: passw0rd
205 project: admin
206 host: localhost
207 port: 5000
208 region_name: RegionOne
209 use_keystoneauth: true
210 protocol: http
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]211 identity:
212 admin:
213 host: localhost
214 port: 35357
215 token: RANDOMSTRINGTOKEN
216 roles:
217 - admin
218 - Member
219 project:
220 service:
221 description: "OpenStack Service tenant"
222 admin:
223 description: "OpenStack Admin tenant"
224 user:
225 admin:
226 is_admin: true
227 password: passw0rd
228 email: admin@localhost
229 service:
230 keystone3:
231 type: identity
232 description: OpenStack Identity Service v3
233 endpoints:
234 - region: RegionOne
235 public_address: keystone
236 public_protocol: http
237 public_port: 5000
238 public_path: '/v3'
239 internal_address: keystone
240 internal_port: 5000
241 internal_path: '/v3'
242 admin_address: keystone
243 admin_port: 35357
244 admin_path: '/v3'
245 keystone:
246 type: identity
247 description: OpenStack Identity Service
248 endpoints:
249 - region: RegionOne
250 public_address: keystone
251 public_protocol: http
252 public_port: 5000
253 public_path: '/v2.0'
254 internal_address: keystone
255 internal_port: 5000
256 internal_path: '/v2.0'
257 admin_address: keystone
258 admin_port: 35357
259 admin_path: '/v2.0'
sgarbuzc4b6ed92019-01-15 11:53:08 +0200[diff] [blame^]260apache:
261 server:
262 enabled: true
263 default_mpm: event
264 mpm:
265 prefork:
266 enabled: true
267 servers:
268 start: 5
269 spare:
270 min: 2
271 max: 10
272 max_requests: 0
273 max_clients: 20
274 limit: 20
275 site:
276 keystone:
277 enabled: true
278 type: keystone
279 name: wsgi
280 host:
281 name: localhost
282 pkgs:
283 - apache2
284 modules:
285 - wsgi
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]286# CI related dependencies
287mysql:
288 client:
289 enabled: true
290 version: '5.7'
291 admin:
292 host: localhost
293 port: 3306
294 user: admin
295 password: password
296 encoding: utf8
297 server:
298 enabled: true
299 version: "5.7"
300 force_encoding: utf8
301 bind:
302 address: 0.0.0.0
303 port: 3306
304 protocol: tcp
305 database:
306 keystone:
307 encoding: utf8
308 users:
309 - host: '%'
310 name: keystone
311 password: passw0rd
312 rights: all
313 - host: 127.0.0.1
314 name: keystone
315 password: passw0rd
316 rights: all