keystone/client/core.yml - salt-models/reclass-system - Gitiles

 classes:
 - system.keystone.client.os_client_config.admin_identity
 parameters:
   _param:
     keystone_service_protocol: http
 ###TODO: the section below should be removed in the future together with same related changes in cookiecutter-templates (control_init.yml)
   linux:
     system:
       job:
         keystone_job_rotate:
           command: '/usr/bin/keystone-manage fernet_rotate --keystone-user keystone --keystone-group keystone >> /var/log/key_rotation_log 2>> /var/log/key_rotation_log'
           enabled: false
           user: root
           minute: 0
   keystone:
     client:
       enabled: true
       server:
         identity:
           admin:
             host: ${_param:keystone_service_host}
             port: 35357
             token: ${_param:keystone_service_token}
             protocol: ${_param:keystone_service_protocol}
           roles:
           - admin
           - Member
           project:
             service:
               description: "OpenStack Service tenant"
             admin:
               description: "OpenStack Admin tenant"
               user:
                 admin:
                   is_admin: true
                   password: ${_param:keystone_admin_password}
                   email: ${_param:admin_email}
                   options: ${_param:openstack_service_user_options}
         admin_identity:
           admin:
             user: admin
             password: ${_param:keystone_admin_password}
             project: admin
             host: ${_param:keystone_service_host}
             port: 5000
             region_name: ${_param:openstack_region}
             use_keystoneauth: true
             protocol: ${_param:keystone_service_protocol}
	classes:
	- system.keystone.client.os_client_config.admin_identity
	parameters:
	_param:
	keystone_service_protocol: http
	###TODO: the section below should be removed in the future together with same related changes in cookiecutter-templates (control_init.yml)
	linux:
	system:
	job:
	keystone_job_rotate:
	command: '/usr/bin/keystone-manage fernet_rotate --keystone-user keystone --keystone-group keystone >> /var/log/key_rotation_log 2>> /var/log/key_rotation_log'
	enabled: false
	user: root
	minute: 0
	keystone:
	client:
	enabled: true
	server:
	identity:
	admin:
	host: ${_param:keystone_service_host}
	port: 35357
	token: ${_param:keystone_service_token}
	protocol: ${_param:keystone_service_protocol}
	roles:
	- admin
	- Member
	project:
	service:
	description: "OpenStack Service tenant"
	admin:
	description: "OpenStack Admin tenant"
	user:
	admin:
	is_admin: true
	password: ${_param:keystone_admin_password}
	email: ${_param:admin_email}
	options: ${_param:openstack_service_user_options}
	admin_identity:
	admin:
	user: admin
	password: ${_param:keystone_admin_password}
	project: admin
	host: ${_param:keystone_service_host}
	port: 5000
	region_name: ${_param:openstack_region}
	use_keystoneauth: true
	protocol: ${_param:keystone_service_protocol}