Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / reclass-system / e992a7d4e679fb2c712c7664942dd0cfb8eedf34 / . / keystone / server / single.yml
blob: 10a5331ef661ad1e8ba1e6f6f12a0d6b51f0215d [file] [log] [blame]
Ondrej Smola03ff34e2016-12-01 01:30:33 +0100[diff] [blame]1classes:
2- service.keystone.server.single
Oleksii Grudeve4ee26e2018-08-14 16:51:23 +0300[diff] [blame]3- system.linux.system.users.keystone
Oleksii Grudev614facd2018-08-20 13:20:29 +0300[diff] [blame]4- system.keystone.server.fernet_rotation.single
Oleksandr Shyshkoc4dd2d72018-08-30 18:30:59 +0300[diff] [blame]5- system.salt.minion.cert.mysql.clients.openstack.keystone
Oleksandr Bryndziia85aeec2018-09-12 13:53:36 +0000[diff] [blame]6- system.salt.minion.cert.rabbitmq.clients.openstack.keystone
Ondrej Smola03ff34e2016-12-01 01:30:33 +0100[diff] [blame]7parameters:
8 _param:
9 keystone_service_token: token
10 keystone_admin_password: password
11 mysql_admin_user: root
12 mysql_admin_password: password
13 mysql_keystone_password: password
danys946c105ec2017-10-05 08:40:31 +0200[diff] [blame]14 keystone_tokens_expiration: 3600
Vasyl Saienko01eb3172018-07-16 13:44:53 +0300[diff] [blame]15 openstack_node_role: primary
Oleksandr Shyshkoc4dd2d72018-08-30 18:30:59 +0300[diff] [blame]16 openstack_mysql_x509_enabled: False
Oleksandr Bryndziia85aeec2018-09-12 13:53:36 +0000[diff] [blame]17 openstack_rabbitmq_x509_enabled: False
Oleksandr Shyshkoc4dd2d72018-08-30 18:30:59 +0300[diff] [blame]18 galera_ssl_enabled: False
Oleksandr Bryndziia85aeec2018-09-12 13:53:36 +0000[diff] [blame]19 rabbitmq_ssl_enabled: False
Oleksandr Shyshko3d1dd6f2018-09-20 18:22:04 +0300[diff] [blame]20 openstack_rabbitmq_port: 5672
Andrey Shestakov0c7e1102017-08-10 13:39:04 +0300[diff] [blame]21 linux:
22 system:
23 package:
24 python-pymysql:
25 fromrepo: ${_param:openstack_version}
26 version: latest
Ondrej Smola03ff34e2016-12-01 01:30:33 +0100[diff] [blame]27 keystone:
28 server:
Jiri Broulik87254132017-05-01 08:33:02 +0200[diff] [blame]29 enabled: true
30 version: ${_param:keystone_version}
31 service_token: ${_param:keystone_service_token}
32 service_tenant: service
33 admin_tenant: admin
34 admin_name: admin
35 admin_password: ${_param:keystone_admin_password}
36 admin_email: ${_param:admin_email}
Vasyl Saienko01eb3172018-07-16 13:44:53 +0300[diff] [blame]37 role: ${_param:openstack_node_role}
Jiri Broulik87254132017-05-01 08:33:02 +0200[diff] [blame]38 bind:
39 address: ${_param:single_address}
40 private_address: ${_param:single_address}
41 private_port: 35357
42 public_address: ${_param:single_address}
43 public_port: 5000
44 region: ${_param:openstack_region}
45 database:
46 engine: mysql
47 host: ${_param:single_address}
48 name: keystone
49 password: ${_param:mysql_keystone_password}
50 user: keystone
Oleksandr Shyshkoc4dd2d72018-08-30 18:30:59 +0300[diff] [blame]51 x509:
52 enabled: ${_param:openstack_mysql_x509_enabled}
53 ca_file: ${_param:mysql_keystone_ssl_ca_file}
54 key_file: ${_param:mysql_keystone_client_ssl_key_file}
55 cert_file: ${_param:mysql_keystone_client_ssl_cert_file}
56 ssl:
57 enabled: ${_param:galera_ssl_enabled}
Jiri Broulik87254132017-05-01 08:33:02 +0200[diff] [blame]58 tokens:
59 engine: fernet
danys946c105ec2017-10-05 08:40:31 +0200[diff] [blame]60 expiration: ${_param:keystone_tokens_expiration}
Jiri Broulik87254132017-05-01 08:33:02 +0200[diff] [blame]61 max_active_keys: 3
62 location: /var/lib/keystone/fernet-keys
Andrey Shestakov9490db92017-06-15 17:17:37 +0300[diff] [blame]63 credential:
64 location: /var/lib/keystone/credential-keys
Jiri Broulik87254132017-05-01 08:33:02 +0200[diff] [blame]65 message_queue:
Oleksandr Shyshko3d1dd6f2018-09-20 18:22:04 +0300[diff] [blame]66 port: ${_param:openstack_rabbitmq_port}
Jiri Broulik87254132017-05-01 08:33:02 +0200[diff] [blame]67 engine: rabbitmq
Jiri Broulik04c5ec22017-05-03 20:41:10 +0200[diff] [blame]68 host: ${_param:single_address}
Jiri Broulik87254132017-05-01 08:33:02 +0200[diff] [blame]69 user: openstack
70 password: ${_param:rabbitmq_openstack_password}
71 virtual_host: '/openstack'
Petr Michalece7103842017-02-02 07:21:01 +0100[diff] [blame]72 ha_queues: true
Oleksandr Bryndziia85aeec2018-09-12 13:53:36 +0000[diff] [blame]73 x509:
74 enabled: ${_param:openstack_rabbitmq_x509_enabled}
75 ca_file: ${_param:rabbitmq_keystone_ssl_ca_file}
76 key_file: ${_param:rabbitmq_keystone_client_ssl_key_file}
77 cert_file: ${_param:rabbitmq_keystone_client_ssl_cert_file}
78 ssl:
79 enabled: ${_param:rabbitmq_ssl_enabled}
Petr Michalece7103842017-02-02 07:21:01 +0100[diff] [blame]80 roles:
81 - admin
82 - Member
83 - image_manager
84 auth_methods:
85 - password
86 - token
87 database:
88 host: 127.0.0.1