[api] section, configure the host:
CONTROLLER_IP with the IP address on which you wish magnum api should listen.
[certificates] section, select
x509keypair if you don't have barbican installed):
Use barbican to store certificates:
Barbican is recommended for production environments.
To store x509 certificates in magnum's database:
[cinder_client] section, configure the region name:
[database] section, configure database access:
MAGNUM_DBPASS with the password you chose for the magnum database.
[trust] sections, configure Identity service access:
[keystone_authtoken] ... memcached_servers = controller:11211 auth_version = v3 auth_uri = http://controller:5000/v3 project_domain_id = default project_name = service user_domain_id = default password = MAGNUM_PASS username = magnum auth_url = http://controller:35357 auth_type = password [trust] ... trustee_domain_name = magnum trustee_domain_admin_name = magnum_domain_admin trustee_domain_admin_password = DOMAIN_ADMIN_PASS trustee_keystone_interface = KEYSTONE_INTERFACE
Replace MAGNUM_PASS with the password you chose for the magnum user in the Identity service and DOMAIN_ADMIN_PASS with the password you chose for the
Replace KEYSTONE_INTERFACE with either
internal depending on your network configuration. If your instances cannot reach internal keystone endpoint which is often the case in production environments it should be set to
public. Default to
[oslo_messaging_notifications] section, configure the
[DEFAULT] section, configure
RabbitMQ message queue access:
RABBIT_PASS with the password you chose for the
openstack account in