Heat: remove oslo-genconfig
This PS removes the modified oslo-genconfig from heat. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ib4a5e1c41874e3a2eb15b5002538a2193f07ab04
This commit is contained in:
Pete Birley
parent
9e117ce95b
commit
6df59fc3d9
@ -17,99 +17,96 @@ limitations under the License.
|
|||||||
{{- if .Values.manifests.configmap_etc }}
|
{{- if .Values.manifests.configmap_etc }}
|
||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
|
|
||||||
{{- include "heat.conf.heat_values_skeleton" .Values.conf.heat | trunc 0 -}}
|
{{- if empty .Values.conf.heat.keystone_authtoken.auth_uri -}}
|
||||||
|
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken "auth_uri" | quote | trunc 0 -}}
|
||||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.auth_uri -}}
|
|
||||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "auth_uri" | quote | trunc 0 -}}
|
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
# FIXME(alanmeadows) fix for broken keystonemiddleware oslo config gen in newton - will remove in future
|
{{- if empty .Values.conf.heat.keystone_authtoken.auth_url -}}
|
||||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.auth_url -}}
|
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
|
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
# Set a random string as secret key.
|
# Set a random string as secret key.
|
||||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
|
{{- if empty .Values.conf.heat.keystone_authtoken.memcache_secret_key -}}
|
||||||
{{- randAlphaNum 64 | set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
|
{{- randAlphaNum 64 | set .Values.conf.heat.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
|
{{- if empty .Values.conf.heat.keystone_authtoken.region_name -}}
|
||||||
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.project_name -}}
|
{{- if empty .Values.conf.heat.keystone_authtoken.project_name -}}
|
||||||
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.project_domain_name -}}
|
{{- if empty .Values.conf.heat.keystone_authtoken.project_domain_name -}}
|
||||||
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.user_domain_name -}}
|
{{- if empty .Values.conf.heat.keystone_authtoken.user_domain_name -}}
|
||||||
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.username -}}
|
{{- if empty .Values.conf.heat.keystone_authtoken.username -}}
|
||||||
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.password -}}
|
{{- if empty .Values.conf.heat.keystone_authtoken.password -}}
|
||||||
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.region_name -}}
|
{{- if empty .Values.conf.heat.trustee.region_name -}}
|
||||||
{{- set .Values.conf.heat.trustee.heat.common.context "region_name" .Values.endpoints.identity.auth.trustee.region_name | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.trustee "region_name" .Values.endpoints.identity.auth.trustee.region_name | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.project_name -}}
|
{{- if empty .Values.conf.heat.trustee.project_name -}}
|
||||||
{{- set .Values.conf.heat.trustee.heat.common.context "project_name" .Values.endpoints.identity.auth.trustee.project_name | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.trustee "project_name" .Values.endpoints.identity.auth.trustee.project_name | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.project_domain_name -}}
|
{{- if empty .Values.conf.heat.trustee.project_domain_name -}}
|
||||||
{{- set .Values.conf.heat.trustee.heat.common.context "project_domain_name" .Values.endpoints.identity.auth.trustee.project_domain_name | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.trustee "project_domain_name" .Values.endpoints.identity.auth.trustee.project_domain_name | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.user_domain_name -}}
|
{{- if empty .Values.conf.heat.trustee.user_domain_name -}}
|
||||||
{{- set .Values.conf.heat.trustee.heat.common.context "user_domain_name" .Values.endpoints.identity.auth.trustee.user_domain_name | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.trustee "user_domain_name" .Values.endpoints.identity.auth.trustee.user_domain_name | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.username -}}
|
{{- if empty .Values.conf.heat.trustee.username -}}
|
||||||
{{- set .Values.conf.heat.trustee.heat.common.context "username" .Values.endpoints.identity.auth.trustee.username | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.trustee "username" .Values.endpoints.identity.auth.trustee.username | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.password -}}
|
{{- if empty .Values.conf.heat.trustee.password -}}
|
||||||
{{- set .Values.conf.heat.trustee.heat.common.context "password" .Values.endpoints.identity.auth.trustee.password | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.trustee "password" .Values.endpoints.identity.auth.trustee.password | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
{{- if empty .Values.conf.heat.default.heat.common.config.stack_user_domain_name -}}
|
{{- if empty .Values.conf.heat.DEFAULT.stack_user_domain_name -}}
|
||||||
{{- set .Values.conf.heat.default.heat.common.config "stack_user_domain_name" .Values.endpoints.identity.auth.stack_user.region_name | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.DEFAULT "stack_user_domain_name" .Values.endpoints.identity.auth.stack_user.region_name | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.default.heat.common.config.stack_domain_admin -}}
|
{{- if empty .Values.conf.heat.DEFAULT.stack_domain_admin -}}
|
||||||
{{- set .Values.conf.heat.default.heat.common.config "stack_domain_admin" .Values.endpoints.identity.auth.stack_user.username | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.DEFAULT "stack_domain_admin" .Values.endpoints.identity.auth.stack_user.username | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
{{- if empty .Values.conf.heat.default.heat.common.config.stack_domain_admin_password -}}
|
{{- if empty .Values.conf.heat.DEFAULT.stack_domain_admin_password -}}
|
||||||
{{- set .Values.conf.heat.default.heat.common.config "stack_domain_admin_password" .Values.endpoints.identity.auth.stack_user.password | quote | trunc 0 -}}
|
{{- set .Values.conf.heat.DEFAULT "stack_domain_admin_password" .Values.endpoints.identity.auth.stack_user.password | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
|
{{- if empty .Values.conf.heat.keystone_authtoken.memcached_servers -}}
|
||||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
|
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
{{- if empty .Values.conf.heat.database.oslo.db.connection -}}
|
{{- if empty .Values.conf.heat.database.connection -}}
|
||||||
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database.oslo.db "connection" | quote | trunc 0 -}}
|
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database "connection" | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
{{- if empty .Values.conf.heat.default.oslo.messaging.transport_url -}}
|
{{- if empty .Values.conf.heat.DEFAULT.transport_url -}}
|
||||||
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.heat.default.oslo.messaging "transport_url" | quote | trunc 0 -}}
|
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.heat.DEFAULT "transport_url" | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
{{- if empty .Values.conf.heat.default.heat.common.config.heat_metadata_server_url -}}
|
{{- if empty .Values.conf.heat.DEFAULT.heat_metadata_server_url -}}
|
||||||
{{- tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.cloudformation.path.default | set .Values.conf.heat.default.heat.common.config "heat_metadata_server_url" | quote | trunc 0 -}}
|
{{- tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.cloudformation.path.default | set .Values.conf.heat.DEFAULT "heat_metadata_server_url" | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
{{- if empty .Values.conf.heat.default.heat.common.config.heat_waitcondition_server_url -}}
|
{{- if empty .Values.conf.heat.DEFAULT.heat_waitcondition_server_url -}}
|
||||||
{{- cat (tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup") "waitcondition" | replace " " "/" | set .Values.conf.heat.default.heat.common.config "heat_waitcondition_server_url" | quote | trunc 0 -}}
|
{{- cat (tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup") "waitcondition" | replace " " "/" | set .Values.conf.heat.DEFAULT "heat_waitcondition_server_url" | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
{{- if empty .Values.conf.heat.default.heat.common.config.heat_watch_server_url -}}
|
{{- if empty .Values.conf.heat.DEFAULT.heat_watch_server_url -}}
|
||||||
{{- tuple "cloudwatch" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix "/" | set .Values.conf.heat.default.heat.common.config "heat_watch_server_url" | quote | trunc 0 -}}
|
{{- tuple "cloudwatch" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix "/" | set .Values.conf.heat.DEFAULT "heat_watch_server_url" | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
{{- if empty .Values.conf.heat.clients_keystone.heat.common.config.auth_uri -}}
|
{{- if empty .Values.conf.heat.clients_keystone.auth_uri -}}
|
||||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.clients_keystone.heat.common.config "auth_uri" | quote | trunc 0 -}}
|
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.clients_keystone "auth_uri" | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.auth_url -}}
|
{{- if empty .Values.conf.heat.trustee.auth_url -}}
|
||||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.trustee.heat.common.context "auth_url" | quote | trunc 0 -}}
|
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.trustee "auth_url" | quote | trunc 0 -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
---
|
---
|
||||||
@ -119,9 +116,9 @@ metadata:
|
|||||||
name: heat-etc
|
name: heat-etc
|
||||||
data:
|
data:
|
||||||
heat.conf: |+
|
heat.conf: |+
|
||||||
{{- tuple .Values.conf.heat "etc/_heat.conf.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
|
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.heat | indent 4 }}
|
||||||
api-paste.ini: |+
|
api-paste.ini: |+
|
||||||
{{- tuple .Values.conf.paste "etc/_api-paste.ini.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
|
{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }}
|
||||||
policy.json: |+
|
policy.json: |+
|
||||||
{{ toJson .Values.conf.policy | indent 4 }}
|
{{ toJson .Values.conf.policy | indent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
@ -59,10 +59,10 @@ spec:
|
|||||||
- /tmp/heat-api.sh
|
- /tmp/heat-api.sh
|
||||||
- stop
|
- stop
|
||||||
ports:
|
ports:
|
||||||
- containerPort: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
|
- containerPort: {{ .Values.conf.heat.heat_api.bind_port }}
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
tcpSocket:
|
tcpSocket:
|
||||||
port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
|
port: {{ .Values.conf.heat.heat_api.bind_port }}
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: pod-etc-heat
|
- name: pod-etc-heat
|
||||||
mountPath: /etc/heat
|
mountPath: /etc/heat
|
||||||
|
|||||||
@ -59,10 +59,10 @@ spec:
|
|||||||
- /tmp/heat-cfn.sh
|
- /tmp/heat-cfn.sh
|
||||||
- stop
|
- stop
|
||||||
ports:
|
ports:
|
||||||
- containerPort: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
|
- containerPort: {{ .Values.conf.heat.heat_api_cfn.bind_port }}
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
tcpSocket:
|
tcpSocket:
|
||||||
port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
|
port: {{ .Values.conf.heat.heat_api_cfn.bind_port }}
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: pod-etc-heat
|
- name: pod-etc-heat
|
||||||
mountPath: /etc/heat
|
mountPath: /etc/heat
|
||||||
|
|||||||
@ -59,10 +59,10 @@ spec:
|
|||||||
- /tmp/heat-cloudwatch.sh
|
- /tmp/heat-cloudwatch.sh
|
||||||
- stop
|
- stop
|
||||||
ports:
|
ports:
|
||||||
- containerPort: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
|
- containerPort: {{ .Values.conf.heat.heat_api_cloudwatch.bind_port }}
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
tcpSocket:
|
tcpSocket:
|
||||||
port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
|
port: {{ .Values.conf.heat.heat_api_cloudwatch.bind_port }}
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: pod-etc-heat
|
- name: pod-etc-heat
|
||||||
mountPath: /etc/heat
|
mountPath: /etc/heat
|
||||||
|
|||||||
@ -1,105 +0,0 @@
|
|||||||
|
|
||||||
# heat-api pipeline
|
|
||||||
[pipeline:heat-api]
|
|
||||||
pipeline = cors request_id faultwrap http_proxy_to_wsgi versionnegotiation osprofiler authurl authtoken context apiv1app
|
|
||||||
|
|
||||||
# heat-api pipeline for standalone heat
|
|
||||||
# ie. uses alternative auth backend that authenticates users against keystone
|
|
||||||
# using username and password instead of validating token (which requires
|
|
||||||
# an admin/service token).
|
|
||||||
# To enable, in heat.conf:
|
|
||||||
# [paste_deploy]
|
|
||||||
# flavor = standalone
|
|
||||||
#
|
|
||||||
[pipeline:heat-api-standalone]
|
|
||||||
pipeline = cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authpassword context apiv1app
|
|
||||||
|
|
||||||
# heat-api pipeline for custom cloud backends
|
|
||||||
# i.e. in heat.conf:
|
|
||||||
# [paste_deploy]
|
|
||||||
# flavor = custombackend
|
|
||||||
#
|
|
||||||
[pipeline:heat-api-custombackend]
|
|
||||||
pipeline = cors request_id faultwrap versionnegotiation context custombackendauth apiv1app
|
|
||||||
|
|
||||||
# heat-api-cfn pipeline
|
|
||||||
[pipeline:heat-api-cfn]
|
|
||||||
pipeline = cors http_proxy_to_wsgi cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app
|
|
||||||
|
|
||||||
# heat-api-cfn pipeline for standalone heat
|
|
||||||
# relies exclusively on authenticating with ec2 signed requests
|
|
||||||
[pipeline:heat-api-cfn-standalone]
|
|
||||||
pipeline = cors http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app
|
|
||||||
|
|
||||||
# heat-api-cloudwatch pipeline
|
|
||||||
[pipeline:heat-api-cloudwatch]
|
|
||||||
pipeline = cors versionnegotiation osprofiler ec2authtoken authtoken context apicwapp
|
|
||||||
|
|
||||||
# heat-api-cloudwatch pipeline for standalone heat
|
|
||||||
# relies exclusively on authenticating with ec2 signed requests
|
|
||||||
[pipeline:heat-api-cloudwatch-standalone]
|
|
||||||
pipeline = cors versionnegotiation ec2authtoken context apicwapp
|
|
||||||
|
|
||||||
[app:apiv1app]
|
|
||||||
paste.app_factory = heat.common.wsgi:app_factory
|
|
||||||
heat.app_factory = heat.api.openstack.v1:API
|
|
||||||
|
|
||||||
[app:apicfnv1app]
|
|
||||||
paste.app_factory = heat.common.wsgi:app_factory
|
|
||||||
heat.app_factory = heat.api.cfn.v1:API
|
|
||||||
|
|
||||||
[app:apicwapp]
|
|
||||||
paste.app_factory = heat.common.wsgi:app_factory
|
|
||||||
heat.app_factory = heat.api.cloudwatch:API
|
|
||||||
|
|
||||||
[filter:versionnegotiation]
|
|
||||||
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
||||||
heat.filter_factory = heat.api.openstack:version_negotiation_filter
|
|
||||||
|
|
||||||
[filter:cors]
|
|
||||||
paste.filter_factory = oslo_middleware.cors:filter_factory
|
|
||||||
oslo_config_project = heat
|
|
||||||
|
|
||||||
[filter:faultwrap]
|
|
||||||
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
||||||
heat.filter_factory = heat.api.openstack:faultwrap_filter
|
|
||||||
|
|
||||||
[filter:cfnversionnegotiation]
|
|
||||||
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
||||||
heat.filter_factory = heat.api.cfn:version_negotiation_filter
|
|
||||||
|
|
||||||
[filter:cwversionnegotiation]
|
|
||||||
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
||||||
heat.filter_factory = heat.api.cloudwatch:version_negotiation_filter
|
|
||||||
|
|
||||||
[filter:context]
|
|
||||||
paste.filter_factory = heat.common.context:ContextMiddleware_filter_factory
|
|
||||||
|
|
||||||
[filter:ec2authtoken]
|
|
||||||
paste.filter_factory = heat.api.aws.ec2token:EC2Token_filter_factory
|
|
||||||
|
|
||||||
[filter:http_proxy_to_wsgi]
|
|
||||||
paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory
|
|
||||||
|
|
||||||
# Middleware to set auth_url header appropriately
|
|
||||||
[filter:authurl]
|
|
||||||
paste.filter_factory = heat.common.auth_url:filter_factory
|
|
||||||
|
|
||||||
# Auth middleware that validates token against keystone
|
|
||||||
[filter:authtoken]
|
|
||||||
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
|
||||||
|
|
||||||
# Auth middleware that validates username/password against keystone
|
|
||||||
[filter:authpassword]
|
|
||||||
paste.filter_factory = heat.common.auth_password:filter_factory
|
|
||||||
|
|
||||||
# Auth middleware that validates against custom backend
|
|
||||||
[filter:custombackendauth]
|
|
||||||
paste.filter_factory = heat.common.custom_backend_auth:filter_factory
|
|
||||||
|
|
||||||
# Middleware to set x-openstack-request-id in http response header
|
|
||||||
[filter:request_id]
|
|
||||||
paste.filter_factory = oslo_middleware.request_id:RequestId.factory
|
|
||||||
|
|
||||||
[filter:osprofiler]
|
|
||||||
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
|
|
||||||
File diff suppressed because it is too large
Load Diff
@ -1,16 +1,18 @@
|
|||||||
# Copyright 2017 The Openstack-Helm Authors.
|
{{/*
|
||||||
#
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
# you may not use this file except in compliance with the License.
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# You may obtain a copy of the License at
|
you may not use this file except in compliance with the License.
|
||||||
#
|
You may obtain a copy of the License at
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
Unless required by applicable law or agreed to in writing, software
|
||||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
# See the License for the specific language governing permissions and
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
# limitations under the License.
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
{{- $dependencies := .Values.dependencies.trusts }}
|
{{- $dependencies := .Values.dependencies.trusts }}
|
||||||
@ -52,7 +54,7 @@ spec:
|
|||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
- name: SERVICE_OS_ROLES
|
- name: SERVICE_OS_ROLES
|
||||||
value: {{ .Values.conf.heat.default.heat.common.config.trusts_delegated_roles }}
|
value: {{ .Values.conf.heat.DEFAULT.trusts_delegated_roles }}
|
||||||
- name: SERVICE_OS_TRUSTEE
|
- name: SERVICE_OS_TRUSTEE
|
||||||
value: {{ .Values.endpoints.identity.auth.trustee.username }}
|
value: {{ .Values.endpoints.identity.auth.trustee.username }}
|
||||||
volumes:
|
volumes:
|
||||||
|
|||||||
@ -24,7 +24,7 @@ metadata:
|
|||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- name: h-api
|
- name: h-api
|
||||||
port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
|
port: {{ .Values.conf.heat.heat_api.bind_port }}
|
||||||
{{ if .Values.network.api.node_port.enabled }}
|
{{ if .Values.network.api.node_port.enabled }}
|
||||||
nodePort: {{ .Values.network.api.node_port.port }}
|
nodePort: {{ .Values.network.api.node_port.port }}
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|||||||
@ -24,7 +24,7 @@ metadata:
|
|||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- name: h-cfn
|
- name: h-cfn
|
||||||
port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
|
port: {{ .Values.conf.heat.heat_api_cfn.bind_port }}
|
||||||
{{ if .Values.network.cfn.node_port.enabled }}
|
{{ if .Values.network.cfn.node_port.enabled }}
|
||||||
nodePort: {{ .Values.network.cfn.node_port.port }}
|
nodePort: {{ .Values.network.cfn.node_port.port }}
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|||||||
@ -24,7 +24,7 @@ metadata:
|
|||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- name: h-cwh
|
- name: h-cwh
|
||||||
port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
|
port: {{ .Values.conf.heat.heat_api_cloudwatch.bind_port }}
|
||||||
{{ if .Values.network.cloudwatch.node_port.enabled }}
|
{{ if .Values.network.cloudwatch.node_port.enabled }}
|
||||||
nodePort: {{ .Values.network.cloudwatch.node_port.port }}
|
nodePort: {{ .Values.network.cloudwatch.node_port.port }}
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|||||||
121
heat/values.yaml
121
heat/values.yaml
@ -39,8 +39,62 @@ images:
|
|||||||
|
|
||||||
conf:
|
conf:
|
||||||
paste:
|
paste:
|
||||||
override:
|
pipeline:heat-api:
|
||||||
append:
|
pipeline: cors request_id faultwrap http_proxy_to_wsgi versionnegotiation osprofiler authurl authtoken context apiv1app
|
||||||
|
pipeline:heat-api-standalone:
|
||||||
|
pipeline: cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authpassword context apiv1app
|
||||||
|
pipeline:heat-api-custombackend:
|
||||||
|
pipeline: cors request_id faultwrap versionnegotiation context custombackendauth apiv1app
|
||||||
|
pipeline:heat-api-cfn:
|
||||||
|
pipeline: cors http_proxy_to_wsgi cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app
|
||||||
|
pipeline:heat-api-cfn-standalone:
|
||||||
|
pipeline: cors http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app
|
||||||
|
pipeline:heat-api-cloudwatch:
|
||||||
|
pipeline: cors versionnegotiation osprofiler ec2authtoken authtoken context apicwapp
|
||||||
|
pipeline:heat-api-cloudwatch-standalone:
|
||||||
|
pipeline: cors versionnegotiation ec2authtoken context apicwapp
|
||||||
|
app:apiv1app:
|
||||||
|
paste.app_factory: heat.common.wsgi:app_factory
|
||||||
|
heat.app_factory: heat.api.openstack.v1:API
|
||||||
|
app:apicfnv1app:
|
||||||
|
paste.app_factory: heat.common.wsgi:app_factory
|
||||||
|
heat.app_factory: heat.api.cfn.v1:API
|
||||||
|
app:apicwapp:
|
||||||
|
paste.app_factory: heat.common.wsgi:app_factory
|
||||||
|
heat.app_factory: heat.api.cloudwatch:API
|
||||||
|
filter:versionnegotiation:
|
||||||
|
paste.filter_factory: heat.common.wsgi:filter_factory
|
||||||
|
heat.filter_factory: heat.api.openstack:version_negotiation_filter
|
||||||
|
filter:cors:
|
||||||
|
paste.filter_factory: oslo_middleware.cors:filter_factory
|
||||||
|
oslo_config_project: heat
|
||||||
|
filter:faultwrap:
|
||||||
|
paste.filter_factory: heat.common.wsgi:filter_factory
|
||||||
|
heat.filter_factory: heat.api.openstack:faultwrap_filter
|
||||||
|
filter:cfnversionnegotiation:
|
||||||
|
paste.filter_factory: heat.common.wsgi:filter_factory
|
||||||
|
heat.filter_factory: heat.api.cfn:version_negotiation_filter
|
||||||
|
filter:cwversionnegotiation:
|
||||||
|
paste.filter_factory: heat.common.wsgi:filter_factory
|
||||||
|
heat.filter_factory: heat.api.cloudwatch:version_negotiation_filter
|
||||||
|
filter:context:
|
||||||
|
paste.filter_factory: heat.common.context:ContextMiddleware_filter_factory
|
||||||
|
filter:ec2authtoken:
|
||||||
|
paste.filter_factory: heat.api.aws.ec2token:EC2Token_filter_factory
|
||||||
|
filter:http_proxy_to_wsgi:
|
||||||
|
paste.filter_factory: oslo_middleware:HTTPProxyToWSGI.factory
|
||||||
|
filter:authurl:
|
||||||
|
paste.filter_factory: heat.common.auth_url:filter_factory
|
||||||
|
filter:authtoken:
|
||||||
|
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
|
||||||
|
filter:authpassword:
|
||||||
|
paste.filter_factory: heat.common.auth_password:filter_factory
|
||||||
|
filter:custombackendauth:
|
||||||
|
paste.filter_factory: heat.common.custom_backend_auth:filter_factory
|
||||||
|
filter:request_id:
|
||||||
|
paste.filter_factory: oslo_middleware.request_id:RequestId.factory
|
||||||
|
filter:osprofiler:
|
||||||
|
paste.filter_factory: osprofiler.web:WsgiMiddleware.factory
|
||||||
policy:
|
policy:
|
||||||
context_is_admin: role:admin and is_admin_project:True
|
context_is_admin: role:admin and is_admin_project:True
|
||||||
project_admin: role:admin
|
project_admin: role:admin
|
||||||
@ -131,58 +185,33 @@ conf:
|
|||||||
resource_types:OS::Nova::HostAggregate: rule:project_admin
|
resource_types:OS::Nova::HostAggregate: rule:project_admin
|
||||||
resource_types:OS::Cinder::QoSSpecs: rule:project_admin
|
resource_types:OS::Cinder::QoSSpecs: rule:project_admin
|
||||||
heat:
|
heat:
|
||||||
override:
|
DEFAULT:
|
||||||
append:
|
num_engine_workers: 4
|
||||||
default:
|
trusts_delegated_roles: ""
|
||||||
heat:
|
|
||||||
common:
|
|
||||||
config:
|
|
||||||
num_engine_workers: 4
|
|
||||||
trusts_delegated_roles: ""
|
|
||||||
keystone_authtoken:
|
keystone_authtoken:
|
||||||
keystonemiddleware:
|
auth_type: password
|
||||||
auth_token:
|
auth_version: v3
|
||||||
auth_type: password
|
memcache_security_strategy: ENCRYPT
|
||||||
auth_version: v3
|
database:
|
||||||
memcache_security_strategy: ENCRYPT
|
max_retries: -1
|
||||||
trustee:
|
trustee:
|
||||||
heat:
|
auth_type: password
|
||||||
common:
|
auth_version: v3
|
||||||
context:
|
|
||||||
auth_type: password
|
|
||||||
auth_version: v3
|
|
||||||
heat_api:
|
heat_api:
|
||||||
heat:
|
bind_port: 8004
|
||||||
common:
|
workers: 4
|
||||||
wsgi:
|
|
||||||
bind_port: 8004
|
|
||||||
workers: 4
|
|
||||||
heat_api_cloudwatch:
|
heat_api_cloudwatch:
|
||||||
heat:
|
bind_port: 8003
|
||||||
common:
|
workers: 4
|
||||||
wsgi:
|
|
||||||
bind_port: 8003
|
|
||||||
workers: 4
|
|
||||||
heat_api_cfn:
|
heat_api_cfn:
|
||||||
heat:
|
bind_port: 8000
|
||||||
common:
|
workers: 4
|
||||||
wsgi:
|
|
||||||
bind_port: 8000
|
|
||||||
workers: 4
|
|
||||||
paste_deploy:
|
paste_deploy:
|
||||||
heat.common:
|
api_paste_config: /etc/heat/api-paste.ini
|
||||||
config:
|
|
||||||
api_paste_config: /etc/heat/api-paste.ini
|
|
||||||
clients:
|
clients:
|
||||||
heat:
|
endpoint_type: internalURL
|
||||||
common:
|
|
||||||
config:
|
|
||||||
endpoint_type: internalURL
|
|
||||||
clients_keystone:
|
clients_keystone:
|
||||||
heat:
|
endpoint_type: internalURL
|
||||||
common:
|
|
||||||
config:
|
|
||||||
endpoint_type: internalURL
|
|
||||||
|
|
||||||
network:
|
network:
|
||||||
api:
|
api:
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user