initial commit
diff --git a/system/keystone/client/service/billometer.yml b/system/keystone/client/service/billometer.yml
new file mode 100644
index 0000000..86a153f
--- /dev/null
+++ b/system/keystone/client/service/billometer.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ billometer:
+ is_admin: true
+ password: ${_param:keystone_billometer_password}
+ email: ${_param:admin_email}
+ service:
+ billometer:
+ type: billing
+ description: OpenStack Billing Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:billometer_service_host}
+ public_port: 9753
+ public_path: '/v1'
+ internal_address: ${_param:billometer_service_host}
+ internal_port: 9753
+ internal_path: '/v1'
+ admin_address: ${_param:billometer_service_host}
+ admin_port: 9753
+ admin_path: '/v1'
diff --git a/system/keystone/client/service/ceilometer.yml b/system/keystone/client/service/ceilometer.yml
new file mode 100644
index 0000000..c40383a
--- /dev/null
+++ b/system/keystone/client/service/ceilometer.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ ceilometer:
+ is_admin: true
+ password: ${_param:keystone_ceilometer_password}
+ email: ${_param:admin_email}
+ service:
+ ceilometer:
+ type: metering
+ description: OpenStack Telemetry Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:ceilometer_service_host}
+ public_port: 8777
+ public_path: '/'
+ internal_address: ${_param:ceilometer_service_host}
+ internal_port: 8777
+ internal_path: '/'
+ admin_address: ${_param:ceilometer_service_host}
+ admin_port: 8777
+ admin_path: '/'
diff --git a/system/keystone/client/service/cinder.yml b/system/keystone/client/service/cinder.yml
new file mode 100644
index 0000000..329c7ac
--- /dev/null
+++ b/system/keystone/client/service/cinder.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ cinder:
+ is_admin: true
+ password: ${_param:keystone_cinder_password}
+ email: ${_param:admin_email}
+ service:
+ cinder:
+ type: volume
+ description: OpenStack Volume Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cinder_service_host}
+ public_port: 8776
+ public_path: '/v1/$(tenant_id)s'
+ internal_address: ${_param:cinder_service_host}
+ internal_port: 8776
+ internal_path: '/v1/$(tenant_id)s'
+ admin_address: ${_param:cinder_service_host}
+ admin_port: 8776
+ admin_path: '/v1/$(tenant_id)s'
diff --git a/system/keystone/client/service/cinder2.yml b/system/keystone/client/service/cinder2.yml
new file mode 100644
index 0000000..a24f06a
--- /dev/null
+++ b/system/keystone/client/service/cinder2.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ cinder:
+ is_admin: true
+ password: ${_param:keystone_cinder_password}
+ email: ${_param:admin_email}
+ service:
+ cinderv2:
+ type: volumev2
+ description: OpenStack Volume Service v2
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:cinder_service_host}
+ public_port: 8776
+ public_path: '/v2/$(tenant_id)s'
+ internal_address: ${_param:cinder_service_host}
+ internal_port: 8776
+ internal_path: '/v2/$(tenant_id)s'
+ admin_address: ${_param:cinder_service_host}
+ admin_port: 8776
+ admin_path: '/v2/$(tenant_id)s'
diff --git a/system/keystone/client/service/glance.yml b/system/keystone/client/service/glance.yml
new file mode 100644
index 0000000..33d90c7
--- /dev/null
+++ b/system/keystone/client/service/glance.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ glance:
+ is_admin: true
+ password: ${_param:keystone_glance_password}
+ email: ${_param:admin_email}
+ service:
+ glance:
+ type: image
+ description: OpenStack Image Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:glance_service_host}
+ public_port: 9292
+ public_path: ''
+ internal_address: ${_param:glance_service_host}
+ internal_port: 9292
+ internal_path: ''
+ admin_address: ${_param:glance_service_host}
+ admin_port: 9292
+ admin_path: ''
diff --git a/system/keystone/client/service/heat-cfn.yml b/system/keystone/client/service/heat-cfn.yml
new file mode 100644
index 0000000..3bb5449
--- /dev/null
+++ b/system/keystone/client/service/heat-cfn.yml
@@ -0,0 +1,20 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ service:
+ heat-cfn:
+ type: cloudformation
+ description: OpenStack CloudFormation Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:heat_service_host}
+ public_port: 8000
+ public_path: '/v1'
+ internal_address: ${_param:heat_service_host}
+ internal_port: 8000
+ internal_path: '/v1'
+ admin_address: ${_param:heat_service_host}
+ admin_port: 8000
+ admin_path: '/v1'
diff --git a/system/keystone/client/service/heat.yml b/system/keystone/client/service/heat.yml
new file mode 100644
index 0000000..233cc75
--- /dev/null
+++ b/system/keystone/client/service/heat.yml
@@ -0,0 +1,30 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ roles:
+ - heat_stack_user
+ - heat_stack_owner
+ project:
+ service:
+ user:
+ heat:
+ is_admin: true
+ password: ${_param:keystone_heat_password}
+ email: ${_param:admin_email}
+ service:
+ heat:
+ type: orchestration
+ description: OpenStack Orchestration Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:heat_service_host}
+ public_port: 8004
+ public_path: '/v1/%(tenant_id)s'
+ internal_address: ${_param:heat_service_host}
+ internal_port: 8004
+ internal_path: '/v1/%(tenant_id)s'
+ admin_address: ${_param:heat_service_host}
+ admin_port: 8004
+ admin_path: '/v1/%(tenant_id)s'
diff --git a/system/keystone/client/service/keystone.yml b/system/keystone/client/service/keystone.yml
new file mode 100644
index 0000000..914777c
--- /dev/null
+++ b/system/keystone/client/service/keystone.yml
@@ -0,0 +1,20 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ service:
+ keystone:
+ type: identity
+ description: OpenStack Identity Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:keystone_service_host}
+ public_port: 5000
+ public_path: '/v2.0'
+ internal_address: ${_param:keystone_service_host}
+ internal_port: 5000
+ internal_path: '/v2.0'
+ admin_address: ${_param:keystone_service_host}
+ admin_port: 35357
+ admin_path: '/v2.0'
diff --git a/system/keystone/client/service/keystone3.yml b/system/keystone/client/service/keystone3.yml
new file mode 100644
index 0000000..9aaedc2
--- /dev/null
+++ b/system/keystone/client/service/keystone3.yml
@@ -0,0 +1,20 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ service:
+ keystone3:
+ type: identity
+ description: OpenStack Identity Service v3
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:keystone_service_host}
+ public_port: 5000
+ public_path: '/v3'
+ internal_address: ${_param:keystone_service_host}
+ internal_port: 5000
+ internal_path: '/v3'
+ admin_address: ${_param:keystone_service_host}
+ admin_port: 35357
+ admin_path: '/v3'
diff --git a/system/keystone/client/service/neutron.yml b/system/keystone/client/service/neutron.yml
new file mode 100644
index 0000000..48ca372
--- /dev/null
+++ b/system/keystone/client/service/neutron.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ neutron:
+ is_admin: true
+ password: ${_param:keystone_neutron_password}
+ email: ${_param:admin_email}
+ service:
+ neutron:
+ type: network
+ description: OpenStack Networking Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:neutron_service_host}
+ public_port: 9696
+ public_path: '/'
+ internal_address: ${_param:neutron_service_host}
+ internal_port: 9696
+ internal_path: '/'
+ admin_address: ${_param:neutron_service_host}
+ admin_port: 9696
+ admin_path: '/'
diff --git a/system/keystone/client/service/nova-ec2.yml b/system/keystone/client/service/nova-ec2.yml
new file mode 100644
index 0000000..b729061
--- /dev/null
+++ b/system/keystone/client/service/nova-ec2.yml
@@ -0,0 +1,20 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ service:
+ nova-ec2:
+ type: ec2
+ description: OpenStack EC2 Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:nova_service_host}
+ public_port: 8773
+ public_path: '/services/Cloud'
+ internal_address: ${_param:nova_service_host}
+ internal_port: 8773
+ internal_path: '/services/Cloud'
+ admin_address: ${_param:nova_service_host}
+ admin_port: 8773
+ admin_path: '/services/Admin'
diff --git a/system/keystone/client/service/nova.yml b/system/keystone/client/service/nova.yml
new file mode 100644
index 0000000..1497d69
--- /dev/null
+++ b/system/keystone/client/service/nova.yml
@@ -0,0 +1,27 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ nova:
+ is_admin: true
+ password: ${_param:keystone_nova_password}
+ email: ${_param:admin_email}
+ service:
+ nova:
+ type: compute
+ description: OpenStack Compute Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:nova_service_host}
+ public_port: 8774
+ public_path: '/v2/$(tenant_id)s'
+ internal_address: ${_param:nova_service_host}
+ internal_port: 8774
+ internal_path: '/v2/$(tenant_id)s'
+ admin_address: ${_param:nova_service_host}
+ admin_port: 8774
+ admin_path: '/v2/$(tenant_id)s'
diff --git a/system/keystone/client/service/nova21.yml b/system/keystone/client/service/nova21.yml
new file mode 100644
index 0000000..e09a9df
--- /dev/null
+++ b/system/keystone/client/service/nova21.yml
@@ -0,0 +1,41 @@
+parameters:
+ keystone:
+ client:
+ server:
+ identity:
+ project:
+ service:
+ user:
+ nova:
+ is_admin: true
+ password: ${_param:keystone_nova_password}
+ email: ${_param:admin_email}
+ service:
+ nova20:
+ type: compute_legacy
+ description: OpenStack Compute Service
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:nova_service_host}
+ public_port: 8774
+ public_path: '/v2/$(tenant_id)s'
+ internal_address: ${_param:nova_service_host}
+ internal_port: 8774
+ internal_path: '/v2/$(tenant_id)s'
+ admin_address: ${_param:nova_service_host}
+ admin_port: 8774
+ admin_path: '/v2/$(tenant_id)s'
+ nova:
+ type: compute
+ description: OpenStack Compute Service v2.1
+ endpoints:
+ - region: ${_param:openstack_region}
+ public_address: ${_param:nova_service_host}
+ public_port: 8774
+ public_path: '/v2.1'
+ internal_address: ${_param:nova_service_host}
+ internal_port: 8774
+ internal_path: '/v2.1'
+ admin_address: ${_param:nova_service_host}
+ admin_port: 8774
+ admin_path: '/v2.1'
diff --git a/system/keystone/client/single.yml b/system/keystone/client/single.yml
new file mode 100644
index 0000000..6d7a4c6
--- /dev/null
+++ b/system/keystone/client/single.yml
@@ -0,0 +1,40 @@
+classes:
+- system.keystone.client.service.cinder
+- system.keystone.client.service.cinder2
+- system.keystone.client.service.glance
+- system.keystone.client.service.heat
+- system.keystone.client.service.heat-cfn
+- system.keystone.client.service.keystone
+- system.keystone.client.service.neutron
+- system.keystone.client.service.nova-ec2
+parameters:
+ linux:
+ system:
+ job:
+ keystone_job_rotate:
+ command: '/usr/bin/keystone-manage fernet_rotate --keystone-user keystone --keystone-group keystone >> /var/log/key_rotation_log 2>> /var/log/key_rotation_log'
+ enabled: true
+ user: root
+ minute: 0
+ keystone:
+ client:
+ enabled: true
+ server:
+ identity:
+ admin:
+ host: ${_param:keystone_service_host}
+ port: 35357
+ token: ${_param:keystone_service_token}
+ roles:
+ - admin
+ - Member
+ project:
+ service:
+ description: "OpenStack Service tenant"
+ admin:
+ description: "OpenStack Admin tenant"
+ user:
+ admin:
+ is_admin: true
+ password: ${_param:keystone_admin_password}
+ email: ${_param:admin_email}
diff --git a/system/keystone/server/cluster.yml b/system/keystone/server/cluster.yml
new file mode 100644
index 0000000..f21d31d
--- /dev/null
+++ b/system/keystone/server/cluster.yml
@@ -0,0 +1,42 @@
+classes:
+- service.keystone.server.cluster
+- service.keepalived.cluster.single
+- system.keystone.server.storage.glusterfs
+- system.haproxy.proxy.listen.openstack.keystone
+parameters:
+ keystone:
+ server:
+ enabled: true
+ version: ${_param:keystone_version}
+ service_token: ${_param:keystone_service_token}
+ service_tenant: service
+ admin_tenant: admin
+ admin_name: admin
+ admin_password: ${_param:keystone_admin_password}
+ admin_email: ${_param:admin_email}
+ bind:
+ address: ${_param:cluster_local_address}
+ private_address: ${_param:cluster_vip_address}
+ private_port: 35357
+ public_address: ${_param:cluster_vip_address}
+ public_port: 5000
+ region: ${_param:openstack_region}
+ database:
+ engine: mysql
+ host: ${_param:openstack_database_address}
+ name: keystone
+ password: ${_param:mysql_keystone_password}
+ user: keystone
+ tokens:
+ engine: fernet
+ expiration: 3600
+ max_active_keys: 3
+ location: /var/lib/keystone/fernet-keys
+ message_queue:
+ engine: rabbitmq
+ host: ${_param:openstack_message_queue_address}
+ port: 5672
+ user: openstack
+ password: ${_param:rabbitmq_openstack_password}
+ virtual_host: '/openstack'
+ ha_queues: true
\ No newline at end of file
diff --git a/system/keystone/server/single.yml b/system/keystone/server/single.yml
new file mode 100644
index 0000000..38be60f
--- /dev/null
+++ b/system/keystone/server/single.yml
@@ -0,0 +1,17 @@
+classes:
+- service.keystone.server.single
+parameters:
+ _param:
+ keystone_service_token: token
+ keystone_admin_password: password
+ mysql_admin_user: root
+ mysql_admin_password: password
+ mysql_keystone_password: password
+ keystone:
+ server:
+ roles:
+ - admin
+ - Member
+ - image_manager
+ database:
+ host: 127.0.0.1
diff --git a/system/keystone/server/storage/glusterfs.yml b/system/keystone/server/storage/glusterfs.yml
new file mode 100644
index 0000000..54a4197
--- /dev/null
+++ b/system/keystone/server/storage/glusterfs.yml
@@ -0,0 +1,35 @@
+classes:
+- service.glusterfs.server
+- service.glusterfs.client
+parameters:
+ glusterfs:
+ server:
+ peers:
+ - ${_param:cluster_node01_address}
+ - ${_param:cluster_node02_address}
+ - ${_param:cluster_node03_address}
+ volumes:
+ keystone-keys:
+ storage: /srv/glusterfs/keystone-keys
+ replica: 3
+ bricks:
+ - ${_param:cluster_node01_address}:/srv/glusterfs/keystone-keys
+ - ${_param:cluster_node02_address}:/srv/glusterfs/keystone-keys
+ - ${_param:cluster_node03_address}:/srv/glusterfs/keystone-keys
+ options:
+ cluster.readdir-optimize: On
+ nfs.disable: On
+ network.remote-dio: On
+ diagnostics.client-log-level: WARNING
+ diagnostics.brick-log-level: WARNING
+ client:
+ volumes:
+ keystone-keys:
+ path: /var/lib/keystone/fernet-keys
+ server: ${_param:glusterfs_service_host}
+ user: keystone
+ group: keystone
+ keystone:
+ server:
+ tokens:
+ location: /var/lib/keystone/fernet-keys