barbican/server/cluster.yml - salt-models/reclass-system - Gitiles

 classes:
 - service.barbican.server.cluster
 - system.haproxy.proxy.listen.openstack.barbican
 - system.salt.minion.cert.mysql.clients.openstack.barbican
 - system.salt.minion.cert.rabbitmq.clients.openstack.barbican
 parameters:
   barbican:
     server:
       role: ${_param:openstack_node_role}
       identity:
         user: ${_param:keystone_barbican_username}
         password: ${_param:keystone_barbican_password}
         protocol: ${_param:cluster_internal_protocol}
       database:
         user: ${_param:mysql_barbican_username}
         password: ${_param:mysql_barbican_password}
         host: ${_param:openstack_database_address}
         x509:
           enabled: ${_param:openstack_mysql_x509_enabled}
           ca_file: ${_param:mysql_barbican_ssl_ca_file}
           key_file: ${_param:mysql_barbican_client_ssl_key_file}
           cert_file: ${_param:mysql_barbican_client_ssl_cert_file}
         ssl:
           enabled: ${_param:galera_ssl_enabled}
       message_queue:
         use_vip_address: ${_param:openstack_rabbitmq_standalone_mode}
         host: ${_param:openstack_message_queue_address}
         port: ${_param:openstack_rabbitmq_port}
         x509:
           enabled: ${_param:openstack_rabbitmq_x509_enabled}
           ca_file: ${_param:rabbitmq_barbican_ssl_ca_file}
           key_file: ${_param:rabbitmq_barbican_client_ssl_key_file}
           cert_file: ${_param:rabbitmq_barbican_client_ssl_cert_file}
         ssl:
           enabled: ${_param:rabbitmq_ssl_enabled}
       cache:
         security:
           enabled: ${_param:barbican_memcache_security_enabled}
           strategy: ${_param:openstack_memcache_security_strategy}
           secret_key: ${_param:barbican_memcache_secret_key}
       # Keystone notification topic. Should be overridden from cluster level (see PROD-32645)
       ks_notifications_topic: notifications
   linux:
     system:
       package:
         python-pymysql:
           fromrepo: ${_param:openstack_version}
           version: latest
       user:
         barbican:
           enabled: true
           name: barbican
           home: /var/lib/barbican
           shell: /bin/bash
           system: True
	classes:
	- service.barbican.server.cluster
	- system.haproxy.proxy.listen.openstack.barbican
	- system.salt.minion.cert.mysql.clients.openstack.barbican
	- system.salt.minion.cert.rabbitmq.clients.openstack.barbican
	parameters:
	barbican:
	server:
	role: ${_param:openstack_node_role}
	identity:
	user: ${_param:keystone_barbican_username}
	password: ${_param:keystone_barbican_password}
	protocol: ${_param:cluster_internal_protocol}
	database:
	user: ${_param:mysql_barbican_username}
	password: ${_param:mysql_barbican_password}
	host: ${_param:openstack_database_address}
	x509:
	enabled: ${_param:openstack_mysql_x509_enabled}
	ca_file: ${_param:mysql_barbican_ssl_ca_file}
	key_file: ${_param:mysql_barbican_client_ssl_key_file}
	cert_file: ${_param:mysql_barbican_client_ssl_cert_file}
	ssl:
	enabled: ${_param:galera_ssl_enabled}
	message_queue:
	use_vip_address: ${_param:openstack_rabbitmq_standalone_mode}
	host: ${_param:openstack_message_queue_address}
	port: ${_param:openstack_rabbitmq_port}
	x509:
	enabled: ${_param:openstack_rabbitmq_x509_enabled}
	ca_file: ${_param:rabbitmq_barbican_ssl_ca_file}
	key_file: ${_param:rabbitmq_barbican_client_ssl_key_file}
	cert_file: ${_param:rabbitmq_barbican_client_ssl_cert_file}
	ssl:
	enabled: ${_param:rabbitmq_ssl_enabled}
	cache:
	security:
	enabled: ${_param:barbican_memcache_security_enabled}
	strategy: ${_param:openstack_memcache_security_strategy}
	secret_key: ${_param:barbican_memcache_secret_key}
	# Keystone notification topic. Should be overridden from cluster level (see PROD-32645)
	ks_notifications_topic: notifications
	linux:
	system:
	package:
	python-pymysql:
	fromrepo: ${_param:openstack_version}
	version: latest
	user:
	barbican:
	enabled: true
	name: barbican
	home: /var/lib/barbican
	shell: /bin/bash
	system: True