[DEFAULT] debug = {{ keystone_logging_debug }} {% if enable_cadf_notifications | bool %} notification_format = cadf {% endif %} transport_url = {{ rpc_transport_url }} # NOTE(elemoine) log_dir alone does not work for Keystone log_file = /var/log/kolla/keystone/keystone.log use_stderr = True [oslo_middleware] enable_proxy_headers_parsing = True {% if keystone_policy_file is defined %} [oslo_policy] policy_file = {{ keystone_policy_file }} {% endif %} [database] connection = mysql+pymysql://{{ keystone_database_user }}:{{ keystone_database_password }}@{{ keystone_database_address }}/{{ keystone_database_name }} max_retries = -1 {% if keystone_domain_directory.stat.exists %} [identity] domain_specific_drivers_enabled = true domain_config_dir = /etc/keystone/domains {% endif %} [token] revoke_by_id = False provider = {{ keystone_token_provider }} expiration = {{ fernet_token_expiry }} [fernet_tokens] max_active_keys = {{ (groups['keystone'] | length) + 1 }} [cache] backend = oslo_cache.memcache_pool enabled = True memcache_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} [oslo_messaging_notifications] transport_url = {{ notify_transport_url }} {% if enable_cadf_notifications | bool %} driver = messagingv2 {% endif %} {% if enable_osprofiler | bool %} [profiler] enabled = true trace_sqlalchemy = true hmac_keys = {{ osprofiler_secret }} {% if enable_elasticsearch | bool %} connection_string = elasticsearch://{{ elasticsearch_address }}:{{ elasticsearch_port }} {% endif %} {% endif %} {% if enable_grafana | bool %} [cors] allowed_origin = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ grafana_server_port }} {% endif %}