keystone/server/fernet_rotation/cluster.yml - salt-models/reclass-system - Gitiles

 parameters:
   _param:
     fernet_rotation_driver: 'rsync'
     credential_rotation_driver: 'rsync'
   keystone:
     server:
       tokens:
         fernet_sync_nodes_list:
           sync_node01:
             name: ${_param:cluster_node02_hostname}
             enabled: True
           sync_node02:
             name: ${_param:cluster_node03_hostname}
             enabled: True
         fernet_rotation_driver: ${_param:fernet_rotation_driver}
       credential:
         credential_sync_nodes_list:
           sync_node01:
             name: ${_param:cluster_node02_hostname}
             enabled: True
           sync_node02:
             name: ${_param:cluster_node03_hostname}
             enabled: True
         credential_rotation_driver: ${_param:credential_rotation_driver}
   linux:
     system:
       package:
         rsync:
           version: latest
       cron:
         user:
           keystone:
             enabled: true
       job:
         keystone_fernet_rotate_rsync:
           command: '/var/lib/keystone/keystone_keys_rotate.sh -r -s -t fernet >> /var/log/keystone/keystone-rotate.log 2>> /var/log/keystone/keystone-rotate.log'
           enabled: true
           user: keystone
           minute: ${_param:keystone_fernet_rotate_rsync_minute}
           hour: ${_param:keystone_fernet_rotate_rsync_hour}
         keystone_credential_rotate_rsync:
           command: '/var/lib/keystone/keystone_keys_rotate.sh -r -s -t credential >> /var/log/keystone/keystone-rotate.log 2>> /var/log/keystone/keystone-rotate.log'
           enabled: true
           user: keystone
           hour: 0
           minute: 0
	parameters:
	_param:
	fernet_rotation_driver: 'rsync'
	credential_rotation_driver: 'rsync'
	keystone:
	server:
	tokens:
	fernet_sync_nodes_list:
	sync_node01:
	name: ${_param:cluster_node02_hostname}
	enabled: True
	sync_node02:
	name: ${_param:cluster_node03_hostname}
	enabled: True
	fernet_rotation_driver: ${_param:fernet_rotation_driver}
	credential:
	credential_sync_nodes_list:
	sync_node01:
	name: ${_param:cluster_node02_hostname}
	enabled: True
	sync_node02:
	name: ${_param:cluster_node03_hostname}
	enabled: True
	credential_rotation_driver: ${_param:credential_rotation_driver}
	linux:
	system:
	package:
	rsync:
	version: latest
	cron:
	user:
	keystone:
	enabled: true
	job:
	keystone_fernet_rotate_rsync:
	command: '/var/lib/keystone/keystone_keys_rotate.sh -r -s -t fernet >> /var/log/keystone/keystone-rotate.log 2>> /var/log/keystone/keystone-rotate.log'
	enabled: true
	user: keystone
	minute: ${_param:keystone_fernet_rotate_rsync_minute}
	hour: ${_param:keystone_fernet_rotate_rsync_hour}
	keystone_credential_rotate_rsync:
	command: '/var/lib/keystone/keystone_keys_rotate.sh -r -s -t credential >> /var/log/keystone/keystone-rotate.log 2>> /var/log/keystone/keystone-rotate.log'
	enabled: true
	user: keystone
	hour: 0
	minute: 0