openstack-ansible/playbooks/roles/os_keystone/templates/keystone.conf.j2

# {{ ansible_managed }}

[DEFAULT]
verbose = {{ verbose }}
debug = {{ debug }}
admin_token = {{ keystone_auth_admin_token }}
{% if keystone_public_endpoint is defined %}
public_endpoint = {{ keystone_public_endpoint }}
{% endif %}
admin_endpoint = {{ keystone_service_adminuri }}
fatal_deprecations = {{ keystone_fatal_deprecations }}

log_file = keystone.log
log_dir = /var/log/keystone
rabbit_hosts = {{ rabbitmq_servers }}
rabbit_userid = {{ rabbitmq_userid }}
rabbit_password = {{ rabbitmq_password }}
rpc_backend = {{ keystone_rpc_backend }}


[memcache]
servers = {{ keystone_memcached_servers }}
max_compare_and_set_retry = {{ keystone_memcached_max_compare_and_set_retry }}


{% if keystone_cache_backend_argument is defined %}
[cache]
backend = dogpile.cache.memcached
backend_argument = {{ keystone_cache_backend_argument }}
config_prefix = cache.keystone
distributed_lock = True
expiration_time = {{ keystone_cache_expiration_time }}
enabled = true
{% endif %}


[revoke]
caching = true
driver = {{ keystone_revocation_driver }}
expiration_buffer = {{ keystone_revocation_expiration_buffer }}
cache_time = {{ keystone_revocation_cache_time }}


[auth]
methods = {{ keystone_auth_methods }}


[database]
connection = mysql://{{ keystone_galera_user }}:{{ keystone_container_mysql_password }}@{{ galera_address }}/{{ keystone_galera_database }}?charset=utf8
idle_timeout = {{ keystone_database_idle_timeout }}
min_pool_size = {{ keystone_database_min_pool_size }}
max_pool_size = {{ keystone_database_max_pool_size }}
pool_timeout = {{ keystone_database_pool_timeout }}


[identity]
driver = {{ keystone_identity_driver }}


[assignment]
driver = {{ keystone_assignment_driver }}


[resource]
cache_time = {{ keystone_resource_cache_time }}
caching = true
driver = {{ keystone_resource_driver }}


{% if keystone_ldap is defined %}
{% for section in keystone_ldap|dictsort %}
[{{ section.0 }}]
{% for key, value in section.1.items() %}
{{ key }} = {{ value }}
{% endfor %}
{% endfor %}
{% endif %}


[token]
enforce_token_bind = permissive
expiration = {{ keystone_token_expiration }}
caching = true
cache_time = {{ keystone_token_cache_time }}
provider = {{ keystone_token_provider }}
driver = {{ keystone_token_driver }}


[eventlet_server]
admin_bind_host = {{ keystone_bind_address }}
admin_port = {{ keystone_admin_port }}
public_port = {{ keystone_service_port }}