Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / keystone / refs/heads/release/2019.98.1 / . / tests / pillar / single.sls
blob: e4e191e69d717bdf87756ae012ec752054107369 [file] [log] [blame]
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]1keystone:
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]2# Server state
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]3 server:
4 enabled: true
5 version: liberty
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]6 service_token: RANDOMSTRINGTOKEN
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]7 service_tenant: service
8 admin_tenant: admin
9 admin_name: admin
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]10 admin_password: passw0rd
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]11 admin_email: root@localhost
sgarbuz6875ed12018-11-16 13:14:57 +0200[diff] [blame]12 admin_project:
13 domain: project
14 name: projectname
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]15 bind:
16 address: 0.0.0.0
17 private_address: 127.0.0.1
18 private_port: 35357
19 public_address: 127.0.0.1
20 public_port: 5000
21 region: RegionOne
22 database:
23 engine: mysql
sgarbuz6875ed12018-11-16 13:14:57 +0200[diff] [blame]24 host: 127.0.0.1
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]25 name: keystone
26 password: passw0rd
27 user: keystone
sgarbuz6875ed12018-11-16 13:14:57 +0200[diff] [blame]28 connection_recycle_time: 3600
29 max_pool_size: 10
30 max_retries: -1
31 max_overflow: 30
32 domain:
33 default_domain:
34 default: True
35 domain_specific_drivers_enabled: true
36 description: 'default'
37 not_default_domain:
38 description: 'not_default'
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]39 tokens:
sgarbuz6875ed12018-11-16 13:14:57 +0200[diff] [blame]40 engine: fernet
Jakub Pavlik874d9d32016-01-25 22:19:15 +0100[diff] [blame]41 expiration: 86400
sgarbuz6875ed12018-11-16 13:14:57 +0200[diff] [blame]42 location: /var/lib/keystone/fernet-keys
43 max_active_keys: 3
44 notification: true
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]45 notification_format: cadf
vgusev779727c2018-02-16 18:10:54 +0400[diff] [blame]46 logging:
sgarbuz6875ed12018-11-16 13:14:57 +0200[diff] [blame]47 debug: false
48 log_file: keystone.log
49 log_dir: /var/log/keystone
50 use_syslog: false
51 syslog_log_facility: LOG_USER
52 log_appender: true
vgusev779727c2018-02-16 18:10:54 +0400[diff] [blame]53 log_handlers:
54 watchedfile:
55 enabled: true
56 fluentd:
sgarbuz6875ed12018-11-16 13:14:57 +0200[diff] [blame]57 enabled: true
vgusev779727c2018-02-16 18:10:54 +0400[diff] [blame]58 ossyslog:
sgarbuz6875ed12018-11-16 13:14:57 +0200[diff] [blame]59 enabled: true
Dmitry Ukov70256222017-11-20 19:26:38 +0400[diff] [blame]60 extra_config:
61 federation:
62 cache_group_membership_in_db: true
sgarbuz6875ed12018-11-16 13:14:57 +0200[diff] [blame]63 assignment:
64 backend: sql
65 auth_methods:
66 - password
67 - token
68 cache:
69 backend: 'oslo_cache.memcache_pool'
70 members:
71 - host: 127.0.0.1
72 port: 11211
73 credential:
74 location: /var/lib/keystone/credential-keys
75 cors:
76 allowed_origin: 'https://horizon.example.com'
77 allow_credentials: True
78 expose_headers: 'X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token'
79 max_age: 3600
80 allow_methods: 'GET,PUT,POST,DELETE,PATCH'
81 allow_headers: 'X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token,X-Project-Id,X-Project-Name,X-Project-Domain-Id,X-Project-Domain-Name,X-Domain-Id,X-Domain-Name'
82 backend: sql
83 hash_algorithm: sha256
84 message_queue:
85 engine: rabbitmq
86 host: 127.0.0.1
87 port: 5672
88 user: openstack
89 password: password
90 virtual_host: '/openstack'
91 ha_queues: true
92 heartbeat_timeout_threshold: 0
93 heartbeat_rate: 2
94 executor_thread_pool_size: 64
95 rpc_response_timeout: 60
96 control_exchange: keystone
97 max_request_body_size: 114688
98 enable_proxy_headers_parsing: True
99 healthcheck:
100 path: /healthcheck
101 profiler:
102 enabled: true
103 policy:
104 policy_file: 'policy.json'
105 federation:
106 federation_driver: sql
107 federated_domain_name: Federated
108 trusted_dashboard:
109 - 'https://acme.example.com/auth/websso'
110 - 'https://beta.example.com/auth/websso'
111 oidc:
112 remote_id_attribute: HTTP_OIDC_ISS
113 protocol: oidc
114 saml2:
115 remote_id_attribute: HTTP_OIDC_ISS
116 protocol: saml2
Petr Michalece9a6c2a2017-03-05 20:14:34 +0100[diff] [blame]117# Client state
118 client:
119 enabled: false
120 server:
121 identity:
122 admin:
123 host: localhost
124 port: 35357
125 token: RANDOMSTRINGTOKEN
126 roles:
127 - admin
128 - Member
129 project:
130 service:
131 description: "OpenStack Service tenant"
132 admin:
133 description: "OpenStack Admin tenant"
134 user:
135 admin:
136 is_admin: true
137 password: passw0rd
138 email: admin@localhost
139 service:
140 keystone3:
141 type: identity
142 description: OpenStack Identity Service v3
143 endpoints:
144 - region: RegionOne
145 public_address: keystone
146 public_protocol: http
147 public_port: 5000
148 public_path: '/v3'
149 internal_address: keystone
150 internal_port: 5000
151 internal_path: '/v3'
152 admin_address: keystone
153 admin_port: 35357
154 admin_path: '/v3'
155 keystone:
156 type: identity
157 description: OpenStack Identity Service
158 endpoints:
159 - region: RegionOne
160 public_address: keystone
161 public_protocol: http
162 public_port: 5000
163 public_path: '/v2.0'
164 internal_address: keystone
165 internal_port: 5000
166 internal_path: '/v2.0'
167 admin_address: keystone
168 admin_port: 35357
169 admin_path: '/v2.0'
170 # TODO: enable once salt keystone module/states are fixed
171 #keystoneR2:
172 #service: keystone
173 #type: identity
174 #description: OpenStack Identity Service
175 #endpoints:
176 #- region: RegionTwo
177 #public_address: keystone
178 #public_protocol: http
179 #public_port: 5000
180 #public_path: '/v2.0'
181 #internal_address: keystone
182 #internal_port: 5000
183 #internal_path: '/v2.0'
184 #admin_address: keystone
185 #admin_port: 35357
186 #admin_path: '/v2.0'