2b6b896105
This allows you to set the endpoint-type protocol globally for all services, e.g. internaluri can be http, and publicuri can be https. You will no longer have to specify it per service, although those settings already exist and have not changed. This patch changes no functionality for existing installs or deployments and the values are defaulted to be the same as before, but allows these values to be adjusted on a per-endpoint type basis. Change-Id: I4854216726491f6ea4e265694e702f980fddc5a6 Closes-Bug: #1399383
165 lines
6.0 KiB
YAML
165 lines
6.0 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# The variables file used by the playbooks in the Heat-api group.
|
|
# These don't have to be explicitly imported by vars_files: they are autopopulated.
|
|
|
|
# Defines that the role will be deployed on a host machine
|
|
is_metal: true
|
|
|
|
## Verbosity Options
|
|
debug: False
|
|
verbose: True
|
|
heat_fatal_deprecations: False
|
|
|
|
heat_clients_endpoint: internalURL
|
|
heat_clients_heat_endpoint: publicURL
|
|
|
|
## DB
|
|
heat_galera_user: heat
|
|
heat_galera_database: heat
|
|
|
|
## RPC
|
|
heat_rpc_backend: heat.openstack.common.rpc.impl_kombu
|
|
|
|
## Heat User / Group
|
|
heat_system_user_name: heat
|
|
heat_system_group_name: heat
|
|
heat_system_comment: heat system user
|
|
heat_system_shell: /bin/false
|
|
heat_system_home_folder: "/var/lib/{{ heat_system_user_name }}"
|
|
|
|
## Default domain
|
|
heat_project_domain_id: default
|
|
heat_project_name: admin
|
|
heat_user_domain_id: default
|
|
|
|
## Stack
|
|
heat_stack_domain_admin: stack_domain_admin
|
|
heat_stack_owner_name: heat_stack_owner
|
|
heat_stack_domain_description: Owns users and projects created by heat
|
|
heat_stack_user_domain_name: heat
|
|
heat_stack_admin_user_name: admin
|
|
heat_stack_admin_tenant_name: admin
|
|
heat_max_nested_stack_depth: 5
|
|
|
|
heat_deferred_auth_method: trusts
|
|
heat_trusts_delegated_roles: []
|
|
|
|
# osprofiler
|
|
heat_profiler_enabled: false
|
|
# heat_profiler_hmac_key is set in user_secrets.yml
|
|
heat_profiler_trace_sqlalchemy: false
|
|
|
|
## Auth
|
|
heat_service_project_name: "service"
|
|
heat_service_user_name: "heat"
|
|
heat_service_project_domain_id: "default"
|
|
heat_service_user_domain_id: "default"
|
|
|
|
## Keystone authentication middleware
|
|
heat_keystone_auth_plugin: password
|
|
|
|
## Heat api service type and data
|
|
heat_service_name: heat
|
|
heat_service_role_name: admin
|
|
heat_service_region: RegionOne
|
|
heat_service_description: "Heat Orchestration Service"
|
|
heat_service_port: 8004
|
|
heat_service_proto: http
|
|
heat_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(heat_service_proto) }}"
|
|
heat_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(heat_service_proto) }}"
|
|
heat_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(heat_service_proto) }}"
|
|
heat_service_type: orchestration
|
|
heat_service_publicuri: "{{ heat_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ heat_service_port }}"
|
|
heat_service_publicurl: "{{ heat_service_publicuri }}/v1/%(tenant_id)s"
|
|
heat_service_adminuri: "{{ heat_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ heat_service_port }}"
|
|
heat_service_adminurl: "{{ heat_service_adminuri }}/v1/%(tenant_id)s"
|
|
heat_service_internaluri: "{{ heat_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ heat_service_port }}"
|
|
heat_service_internalurl: "{{ heat_service_internaluri }}/v1/%(tenant_id)s"
|
|
heat_service_program_name: heat-api
|
|
|
|
## Heat api cfn service type and data
|
|
heat_cfn_service_name: heat-cfn
|
|
heat_cfn_service_description: "Heat CloudFormation Service"
|
|
heat_cfn_service_port: 8000
|
|
heat_cfn_service_proto: http
|
|
heat_cfn_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(heat_cfn_service_proto) }}"
|
|
heat_cfn_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(heat_cfn_service_proto) }}"
|
|
heat_cfn_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(heat_cfn_service_proto) }}"
|
|
heat_cfn_service_type: cloudformation
|
|
heat_cfn_service_publicuri: "{{ heat_cfn_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ heat_cfn_service_port }}"
|
|
heat_cfn_service_publicurl: "{{ heat_cfn_service_publicuri }}/v1"
|
|
heat_cfn_service_adminuri: "{{ heat_cfn_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ heat_cfn_service_port }}"
|
|
heat_cfn_service_adminurl: "{{ heat_cfn_service_adminuri }}/v1"
|
|
heat_cfn_service_internaluri: "{{ heat_cfn_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ heat_cfn_service_port }}"
|
|
heat_cfn_service_internalurl: "{{ heat_cfn_service_internaluri }}/v1"
|
|
heat_cfn_service_program_name: heat-api-cfn
|
|
|
|
## Heat wait and metadata server
|
|
heat_waitcondition_server_uri: "{{ heat_cfn_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ heat_cfn_service_port }}"
|
|
heat_waitcondition_server_url: "{{ heat_waitcondition_server_uri }}/v1/waitcondition"
|
|
heat_metadata_server_url: "{{ heat_cfn_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ heat_cfn_service_port }}"
|
|
|
|
## Heat cloudwatch
|
|
heat_cloudwatch_program_name: heat-api-cloudwatch
|
|
heat_engine_program_name: heat-engine
|
|
|
|
## Heat watch server
|
|
heat_watch_proto: http
|
|
heat_watch_port: 8003
|
|
heat_watch_server_uri: "{{ heat_watch_proto }}://{{ external_lb_vip_address }}:{{ heat_watch_port }}"
|
|
heat_watch_server_url: "{{ heat_watch_server_uri }}"
|
|
|
|
## Plugin dirs
|
|
heat_plugin_dirs:
|
|
- /usr/lib/heat
|
|
- /usr/local/lib/heat
|
|
|
|
## Policy vars
|
|
# Provide a list of access controls to update the default policy.json with. These changes will be merged
|
|
# with the access controls in the default policy.json. E.g.
|
|
#heat_policy_overrides:
|
|
# "cloudformation:ListStacks": "rule:deny_stack_user"
|
|
# "cloudformation:CreateStack": "rule:deny_stack_user"
|
|
|
|
heat_apt_packages:
|
|
- rsync
|
|
- libxslt1.1
|
|
|
|
heat_pip_packages:
|
|
- keystonemiddleware
|
|
- MySQL-python
|
|
- python-memcached
|
|
- pycrypto
|
|
- python-ceilometerclient
|
|
- python-cinderclient
|
|
- python-glanceclient
|
|
- python-heatclient
|
|
- python-keystoneclient
|
|
- python-neutronclient
|
|
- python-novaclient
|
|
- python-openstackclient
|
|
- python-swiftclient
|
|
- python-troveclient
|
|
- heat
|
|
|
|
## Service Names
|
|
heat_service_names:
|
|
- heat-api
|
|
- heat-api-cfn
|
|
- heat-api-cloudwatch
|
|
- heat-engine
|