| Ondrej Smola | 03ff34e | 2016-12-01 01:30:33 +0100 | [diff] [blame] | 1 | classes: |
| 2 | - service.keystone.server.single |
| Oleksii Grudev | e4ee26e | 2018-08-14 16:51:23 +0300 | [diff] [blame] | 3 | - system.linux.system.users.keystone |
| Oleksii Grudev | 614facd | 2018-08-20 13:20:29 +0300 | [diff] [blame] | 4 | - system.keystone.server.fernet_rotation.single |
| Oleksandr Shyshko | c4dd2d7 | 2018-08-30 18:30:59 +0300 | [diff] [blame] | 5 | - system.salt.minion.cert.mysql.clients.openstack.keystone |
| Oleksandr Bryndzii | a85aeec | 2018-09-12 13:53:36 +0000 | [diff] [blame] | 6 | - system.salt.minion.cert.rabbitmq.clients.openstack.keystone |
| Ondrej Smola | 03ff34e | 2016-12-01 01:30:33 +0100 | [diff] [blame] | 7 | parameters: |
| 8 | _param: |
| 9 | keystone_service_token: token |
| 10 | keystone_admin_password: password |
| 11 | mysql_admin_user: root |
| 12 | mysql_admin_password: password |
| 13 | mysql_keystone_password: password |
| danys94 | 6c105ec | 2017-10-05 08:40:31 +0200 | [diff] [blame] | 14 | keystone_tokens_expiration: 3600 |
| Vasyl Saienko | 01eb317 | 2018-07-16 13:44:53 +0300 | [diff] [blame] | 15 | openstack_node_role: primary |
| Oleksandr Shyshko | c4dd2d7 | 2018-08-30 18:30:59 +0300 | [diff] [blame] | 16 | openstack_mysql_x509_enabled: False |
| Oleksandr Bryndzii | a85aeec | 2018-09-12 13:53:36 +0000 | [diff] [blame] | 17 | openstack_rabbitmq_x509_enabled: False |
| Oleksandr Shyshko | c4dd2d7 | 2018-08-30 18:30:59 +0300 | [diff] [blame] | 18 | galera_ssl_enabled: False |
| Oleksandr Bryndzii | a85aeec | 2018-09-12 13:53:36 +0000 | [diff] [blame] | 19 | rabbitmq_ssl_enabled: False |
| Andrey Shestakov | 0c7e110 | 2017-08-10 13:39:04 +0300 | [diff] [blame] | 20 | linux: |
| 21 | system: |
| 22 | package: |
| 23 | python-pymysql: |
| 24 | fromrepo: ${_param:openstack_version} |
| 25 | version: latest |
| Ondrej Smola | 03ff34e | 2016-12-01 01:30:33 +0100 | [diff] [blame] | 26 | keystone: |
| 27 | server: |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 28 | enabled: true |
| 29 | version: ${_param:keystone_version} |
| 30 | service_token: ${_param:keystone_service_token} |
| 31 | service_tenant: service |
| 32 | admin_tenant: admin |
| 33 | admin_name: admin |
| 34 | admin_password: ${_param:keystone_admin_password} |
| 35 | admin_email: ${_param:admin_email} |
| Vasyl Saienko | 01eb317 | 2018-07-16 13:44:53 +0300 | [diff] [blame] | 36 | role: ${_param:openstack_node_role} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 37 | bind: |
| 38 | address: ${_param:single_address} |
| 39 | private_address: ${_param:single_address} |
| 40 | private_port: 35357 |
| 41 | public_address: ${_param:single_address} |
| 42 | public_port: 5000 |
| 43 | region: ${_param:openstack_region} |
| 44 | database: |
| 45 | engine: mysql |
| 46 | host: ${_param:single_address} |
| 47 | name: keystone |
| 48 | password: ${_param:mysql_keystone_password} |
| 49 | user: keystone |
| Oleksandr Shyshko | c4dd2d7 | 2018-08-30 18:30:59 +0300 | [diff] [blame] | 50 | x509: |
| 51 | enabled: ${_param:openstack_mysql_x509_enabled} |
| 52 | ca_file: ${_param:mysql_keystone_ssl_ca_file} |
| 53 | key_file: ${_param:mysql_keystone_client_ssl_key_file} |
| 54 | cert_file: ${_param:mysql_keystone_client_ssl_cert_file} |
| 55 | ssl: |
| 56 | enabled: ${_param:galera_ssl_enabled} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 57 | tokens: |
| 58 | engine: fernet |
| danys94 | 6c105ec | 2017-10-05 08:40:31 +0200 | [diff] [blame] | 59 | expiration: ${_param:keystone_tokens_expiration} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 60 | max_active_keys: 3 |
| 61 | location: /var/lib/keystone/fernet-keys |
| Andrey Shestakov | 9490db9 | 2017-06-15 17:17:37 +0300 | [diff] [blame] | 62 | credential: |
| 63 | location: /var/lib/keystone/credential-keys |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 64 | message_queue: |
| 65 | engine: rabbitmq |
| Jiri Broulik | 04c5ec2 | 2017-05-03 20:41:10 +0200 | [diff] [blame] | 66 | host: ${_param:single_address} |
| Jiri Broulik | 8725413 | 2017-05-01 08:33:02 +0200 | [diff] [blame] | 67 | user: openstack |
| 68 | password: ${_param:rabbitmq_openstack_password} |
| 69 | virtual_host: '/openstack' |
| Petr Michalec | e710384 | 2017-02-02 07:21:01 +0100 | [diff] [blame] | 70 | ha_queues: true |
| Oleksandr Bryndzii | a85aeec | 2018-09-12 13:53:36 +0000 | [diff] [blame] | 71 | x509: |
| 72 | enabled: ${_param:openstack_rabbitmq_x509_enabled} |
| 73 | ca_file: ${_param:rabbitmq_keystone_ssl_ca_file} |
| 74 | key_file: ${_param:rabbitmq_keystone_client_ssl_key_file} |
| 75 | cert_file: ${_param:rabbitmq_keystone_client_ssl_cert_file} |
| 76 | ssl: |
| 77 | enabled: ${_param:rabbitmq_ssl_enabled} |
| Petr Michalec | e710384 | 2017-02-02 07:21:01 +0100 | [diff] [blame] | 78 | roles: |
| 79 | - admin |
| 80 | - Member |
| 81 | - image_manager |
| 82 | auth_methods: |
| 83 | - password |
| 84 | - token |
| 85 | database: |
| 86 | host: 127.0.0.1 |