| Ondrej Smola | 03ff34e | 2016-12-01 01:30:33 +0100 | [diff] [blame] | 1 | classes: |
| 2 | - service.keystone.server.single |
| Mykyta Karpin | 882dcac | 2018-11-30 16:37:28 +0200 | [diff] [blame] | 3 | - system.keystone.upgrade |
| Oleksii Grudev | e4ee26e | 2018-08-14 16:51:23 +0300 | [diff] [blame] | 4 | - system.linux.system.users.keystone |
| Oleksii Grudev | 614facd | 2018-08-20 13:20:29 +0300 | [diff] [blame] | 5 | - system.keystone.server.fernet_rotation.single |
| Oleksandr Shyshko | c4dd2d7 | 2018-08-30 18:30:59 +0300 | [diff] [blame] | 6 | - system.salt.minion.cert.mysql.clients.openstack.keystone |
| Oleksandr Bryndzii | a85aeec | 2018-09-12 13:53:36 +0000 | [diff] [blame] | 7 | - system.salt.minion.cert.rabbitmq.clients.openstack.keystone |
| Oleh Hryhorov | ceef60d | 2018-11-02 17:27:36 +0200 | [diff] [blame] | 8 | - system.keystone.client.os_client_config.admin_identity |
| Ondrej Smola | 03ff34e | 2016-12-01 01:30:33 +0100 | [diff] [blame] | 9 | parameters: |
| 10 | _param: |
| 11 | keystone_service_token: token |
| Ondrej Smola | 03ff34e | 2016-12-01 01:30:33 +0100 | [diff] [blame] | 12 | mysql_admin_user: root |
| Alexandr Lovtsov | 4e3d154 | 2019-04-16 13:32:30 +0300 | [diff] [blame] | 13 | keystone_tokens_expiration: 3600 |
| Vasyl Saienko | 01eb317 | 2018-07-16 13:44:53 +0300 | [diff] [blame] | 14 | openstack_node_role: primary |
| Oleh Hryhorov | ceef60d | 2018-11-02 17:27:36 +0200 | [diff] [blame] | 15 | keystone_service_protocol: ${_param:cluster_internal_protocol} |
| Andrey Shestakov | 0c7e110 | 2017-08-10 13:39:04 +0300 | [diff] [blame] | 16 | linux: |
| 17 | system: |
| 18 | package: |
| 19 | python-pymysql: |
| 20 | fromrepo: ${_param:openstack_version} |
| 21 | version: latest |
| Ondrej Smola | 03ff34e | 2016-12-01 01:30:33 +0100 | [diff] [blame] | 22 | keystone: |
| 23 | server: |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 24 | enabled: true |
| 25 | version: ${_param:keystone_version} |
| 26 | service_token: ${_param:keystone_service_token} |
| 27 | service_tenant: service |
| 28 | admin_tenant: admin |
| 29 | admin_name: admin |
| 30 | admin_password: ${_param:keystone_admin_password} |
| 31 | admin_email: ${_param:admin_email} |
| Vasyl Saienko | 01eb317 | 2018-07-16 13:44:53 +0300 | [diff] [blame] | 32 | role: ${_param:openstack_node_role} |
| Vasyl Saienko | 7d0455d | 2018-12-06 14:43:56 +0200 | [diff] [blame] | 33 | admin_region: ${_param:openstack_region} |
| 34 | region: ${_param:openstack_region} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 35 | bind: |
| 36 | address: ${_param:single_address} |
| 37 | private_address: ${_param:single_address} |
| 38 | private_port: 35357 |
| 39 | public_address: ${_param:single_address} |
| 40 | public_port: 5000 |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 41 | database: |
| 42 | engine: mysql |
| 43 | host: ${_param:single_address} |
| 44 | name: keystone |
| 45 | password: ${_param:mysql_keystone_password} |
| sgarbuz | 5f58dd7 | 2019-05-20 14:10:11 +0300 | [diff] [blame] | 46 | user: ${_param:mysql_keystone_username} |
| Oleksandr Shyshko | c4dd2d7 | 2018-08-30 18:30:59 +0300 | [diff] [blame] | 47 | x509: |
| 48 | enabled: ${_param:openstack_mysql_x509_enabled} |
| 49 | ca_file: ${_param:mysql_keystone_ssl_ca_file} |
| 50 | key_file: ${_param:mysql_keystone_client_ssl_key_file} |
| 51 | cert_file: ${_param:mysql_keystone_client_ssl_cert_file} |
| 52 | ssl: |
| 53 | enabled: ${_param:galera_ssl_enabled} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 54 | tokens: |
| 55 | engine: fernet |
| danys94 | 6c105ec | 2017-10-05 08:40:31 +0200 | [diff] [blame] | 56 | expiration: ${_param:keystone_tokens_expiration} |
| Oleksandr Bryndzii | 79b8968 | 2019-02-27 14:23:23 +0200 | [diff] [blame] | 57 | max_active_keys: ${_param:keystone_tokens_max_active_keys} |
| 58 | allow_expired_window: ${_param:keystone_tokens_allow_expired_window} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 59 | location: /var/lib/keystone/fernet-keys |
| Andrey Shestakov | 9490db9 | 2017-06-15 17:17:37 +0300 | [diff] [blame] | 60 | credential: |
| 61 | location: /var/lib/keystone/credential-keys |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 62 | message_queue: |
| Oleksandr Shyshko | 3d1dd6f | 2018-09-20 18:22:04 +0300 | [diff] [blame] | 63 | port: ${_param:openstack_rabbitmq_port} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 64 | engine: rabbitmq |
| Oleksandr Shyshko | 613e04e | 2019-08-07 12:08:51 +0300 | [diff] [blame] | 65 | use_vip_address: ${_param:openstack_rabbitmq_standalone_mode} |
| 66 | host: ${_param:openstack_message_queue_address} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 67 | user: openstack |
| 68 | password: ${_param:rabbitmq_openstack_password} |
| 69 | virtual_host: '/openstack' |
| Petr Michalec | e710384 | 2017-02-02 07:21:01 +0100 | [diff] [blame] | 70 | ha_queues: true |
| Oleksandr Bryndzii | a85aeec | 2018-09-12 13:53:36 +0000 | [diff] [blame] | 71 | x509: |
| 72 | enabled: ${_param:openstack_rabbitmq_x509_enabled} |
| 73 | ca_file: ${_param:rabbitmq_keystone_ssl_ca_file} |
| 74 | key_file: ${_param:rabbitmq_keystone_client_ssl_key_file} |
| 75 | cert_file: ${_param:rabbitmq_keystone_client_ssl_cert_file} |
| 76 | ssl: |
| 77 | enabled: ${_param:rabbitmq_ssl_enabled} |
| Petr Michalec | e710384 | 2017-02-02 07:21:01 +0100 | [diff] [blame] | 78 | roles: |
| 79 | - admin |
| 80 | - Member |
| 81 | - image_manager |
| 82 | auth_methods: |
| 83 | - password |
| 84 | - token |
| 85 | database: |
| 86 | host: 127.0.0.1 |