| Ondrej Smola | 03ff34e | 2016-12-01 01:30:33 +0100 | [diff] [blame] | 1 | classes: |
| 2 | - service.keystone.server.single |
| Mykyta Karpin | 882dcac | 2018-11-30 16:37:28 +0200 | [diff] [blame] | 3 | - system.keystone.upgrade |
| Oleksii Grudev | e4ee26e | 2018-08-14 16:51:23 +0300 | [diff] [blame] | 4 | - system.linux.system.users.keystone |
| Oleksii Grudev | 614facd | 2018-08-20 13:20:29 +0300 | [diff] [blame] | 5 | - system.keystone.server.fernet_rotation.single |
| Oleksandr Shyshko | c4dd2d7 | 2018-08-30 18:30:59 +0300 | [diff] [blame] | 6 | - system.salt.minion.cert.mysql.clients.openstack.keystone |
| Oleksandr Bryndzii | a85aeec | 2018-09-12 13:53:36 +0000 | [diff] [blame] | 7 | - system.salt.minion.cert.rabbitmq.clients.openstack.keystone |
| Oleh Hryhorov | ceef60d | 2018-11-02 17:27:36 +0200 | [diff] [blame] | 8 | - system.keystone.client.os_client_config.admin_identity |
| Ondrej Smola | 03ff34e | 2016-12-01 01:30:33 +0100 | [diff] [blame] | 9 | parameters: |
| 10 | _param: |
| 11 | keystone_service_token: token |
| 12 | keystone_admin_password: password |
| 13 | mysql_admin_user: root |
| 14 | mysql_admin_password: password |
| 15 | mysql_keystone_password: password |
| Vasyl Saienko | 01eb317 | 2018-07-16 13:44:53 +0300 | [diff] [blame] | 16 | openstack_node_role: primary |
| Oleh Hryhorov | ceef60d | 2018-11-02 17:27:36 +0200 | [diff] [blame] | 17 | keystone_service_protocol: ${_param:cluster_internal_protocol} |
| Andrey Shestakov | 0c7e110 | 2017-08-10 13:39:04 +0300 | [diff] [blame] | 18 | linux: |
| 19 | system: |
| 20 | package: |
| 21 | python-pymysql: |
| 22 | fromrepo: ${_param:openstack_version} |
| 23 | version: latest |
| Ondrej Smola | 03ff34e | 2016-12-01 01:30:33 +0100 | [diff] [blame] | 24 | keystone: |
| 25 | server: |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 26 | enabled: true |
| 27 | version: ${_param:keystone_version} |
| 28 | service_token: ${_param:keystone_service_token} |
| 29 | service_tenant: service |
| 30 | admin_tenant: admin |
| 31 | admin_name: admin |
| 32 | admin_password: ${_param:keystone_admin_password} |
| 33 | admin_email: ${_param:admin_email} |
| Vasyl Saienko | 01eb317 | 2018-07-16 13:44:53 +0300 | [diff] [blame] | 34 | role: ${_param:openstack_node_role} |
| Vasyl Saienko | 7d0455d | 2018-12-06 14:43:56 +0200 | [diff] [blame] | 35 | admin_region: ${_param:openstack_region} |
| 36 | region: ${_param:openstack_region} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 37 | bind: |
| 38 | address: ${_param:single_address} |
| 39 | private_address: ${_param:single_address} |
| 40 | private_port: 35357 |
| 41 | public_address: ${_param:single_address} |
| 42 | public_port: 5000 |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 43 | database: |
| 44 | engine: mysql |
| 45 | host: ${_param:single_address} |
| 46 | name: keystone |
| 47 | password: ${_param:mysql_keystone_password} |
| 48 | user: keystone |
| Oleksandr Shyshko | c4dd2d7 | 2018-08-30 18:30:59 +0300 | [diff] [blame] | 49 | x509: |
| 50 | enabled: ${_param:openstack_mysql_x509_enabled} |
| 51 | ca_file: ${_param:mysql_keystone_ssl_ca_file} |
| 52 | key_file: ${_param:mysql_keystone_client_ssl_key_file} |
| 53 | cert_file: ${_param:mysql_keystone_client_ssl_cert_file} |
| 54 | ssl: |
| 55 | enabled: ${_param:galera_ssl_enabled} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 56 | tokens: |
| 57 | engine: fernet |
| danys94 | 6c105ec | 2017-10-05 08:40:31 +0200 | [diff] [blame] | 58 | expiration: ${_param:keystone_tokens_expiration} |
| Oleksandr Bryndzii | 79b8968 | 2019-02-27 14:23:23 +0200 | [diff] [blame] | 59 | max_active_keys: ${_param:keystone_tokens_max_active_keys} |
| 60 | allow_expired_window: ${_param:keystone_tokens_allow_expired_window} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 61 | location: /var/lib/keystone/fernet-keys |
| Andrey Shestakov | 9490db9 | 2017-06-15 17:17:37 +0300 | [diff] [blame] | 62 | credential: |
| 63 | location: /var/lib/keystone/credential-keys |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 64 | message_queue: |
| Oleksandr Shyshko | 3d1dd6f | 2018-09-20 18:22:04 +0300 | [diff] [blame] | 65 | port: ${_param:openstack_rabbitmq_port} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 66 | engine: rabbitmq |
| Jiri Broulik | 04c5ec2 | 2017-05-03 20:41:10 +0200 | [diff] [blame] | 67 | host: ${_param:single_address} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 68 | user: openstack |
| 69 | password: ${_param:rabbitmq_openstack_password} |
| 70 | virtual_host: '/openstack' |
| Petr Michalec | e710384 | 2017-02-02 07:21:01 +0100 | [diff] [blame] | 71 | ha_queues: true |
| Oleksandr Bryndzii | a85aeec | 2018-09-12 13:53:36 +0000 | [diff] [blame] | 72 | x509: |
| 73 | enabled: ${_param:openstack_rabbitmq_x509_enabled} |
| 74 | ca_file: ${_param:rabbitmq_keystone_ssl_ca_file} |
| 75 | key_file: ${_param:rabbitmq_keystone_client_ssl_key_file} |
| 76 | cert_file: ${_param:rabbitmq_keystone_client_ssl_cert_file} |
| 77 | ssl: |
| 78 | enabled: ${_param:rabbitmq_ssl_enabled} |
| Petr Michalec | e710384 | 2017-02-02 07:21:01 +0100 | [diff] [blame] | 79 | roles: |
| 80 | - admin |
| 81 | - Member |
| 82 | - image_manager |
| 83 | auth_methods: |
| 84 | - password |
| 85 | - token |
| 86 | database: |
| 87 | host: 127.0.0.1 |