Create fragments for managing keystone.conf
This commit introduces fragments to manage the keystone.conf file. It introduces the following templates that can be used to manage part of the final keystone file - footer (things that dont need to be configured) - sqlite - configures db as sqlite - mysql - configures db as mysql - identity - manages the identity used - ldap - adds ldap snippet - default - DEFAULT config section - sql_catalog - adds sql catalog support - template_catalog - adds template support for catalogs The templates can be assembled using keystone::config into a customizable final template.
This commit is contained in:
parent
ccb37d4ee5
commit
b4493112d9
|
@ -0,0 +1,19 @@
|
|||
#
|
||||
# Can be used to specify configuration
|
||||
# sections in keystone
|
||||
#
|
||||
# It will assume that the config
|
||||
#
|
||||
#
|
||||
define keystone::config(
|
||||
$config = {},
|
||||
$file_name = regsubst($name, ':', '_', 'G'),
|
||||
$content = template("keystone/${name}.erb"),
|
||||
$order = undef
|
||||
) {
|
||||
concat::fragment { $name:
|
||||
target => '/etc/keystone/keystone.conf',
|
||||
content => $content,
|
||||
order => $order,
|
||||
}
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
[DEFAULT]
|
||||
bind_host = <%= config['bind_host'] %>
|
||||
public_port = <%= config['public_port'] %>
|
||||
admin_port = <%= config['admin_port'] %>
|
||||
admin_token = <%= config['admin_token'] %>
|
||||
compute_port = <%= config['compute_port'] %>
|
||||
verbose = <%= config['log_verbose'] %>
|
||||
debug = <%= config['log_debug'] %>
|
||||
log_file = /var/log/keystone/keystone.log
|
||||
use_syslog = <%= config['use_syslog'] %>
|
|
@ -0,0 +1,68 @@
|
|||
|
||||
[token]
|
||||
driver = keystone.token.backends.kvs.Token
|
||||
expiration = 86400
|
||||
|
||||
[policy]
|
||||
driver = keystone.policy.backends.rules.Policy
|
||||
|
||||
[ec2]
|
||||
driver = keystone.contrib.ec2.backends.sql.Ec2
|
||||
|
||||
[filter:debug]
|
||||
paste.filter_factory = keystone.common.wsgi:Debug.factory
|
||||
|
||||
[filter:token_auth]
|
||||
paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory
|
||||
|
||||
[filter:admin_token_auth]
|
||||
paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory
|
||||
|
||||
[filter:xml_body]
|
||||
paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory
|
||||
|
||||
[filter:json_body]
|
||||
paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory
|
||||
|
||||
[filter:crud_extension]
|
||||
paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory
|
||||
|
||||
[filter:ec2_extension]
|
||||
paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory
|
||||
|
||||
[filter:s3_extension]
|
||||
paste.filter_factory = keystone.contrib.s3:S3Extension.factory
|
||||
|
||||
[app:public_service]
|
||||
paste.app_factory = keystone.service:public_app_factory
|
||||
|
||||
[app:admin_service]
|
||||
paste.app_factory = keystone.service:admin_app_factory
|
||||
|
||||
[pipeline:public_api]
|
||||
pipeline = token_auth admin_token_auth xml_body json_body debug ec2_extension public_service
|
||||
|
||||
[pipeline:admin_api]
|
||||
pipeline = token_auth admin_token_auth xml_body json_body debug ec2_extension s3_extension crud_extension admin_service
|
||||
|
||||
[app:public_version_service]
|
||||
paste.app_factory = keystone.service:public_version_app_factory
|
||||
|
||||
[app:admin_version_service]
|
||||
paste.app_factory = keystone.service:admin_version_app_factory
|
||||
|
||||
[pipeline:public_version_api]
|
||||
pipeline = xml_body public_version_service
|
||||
|
||||
[pipeline:admin_version_api]
|
||||
pipeline = xml_body admin_version_service
|
||||
|
||||
[composite:main]
|
||||
use = egg:Paste#urlmap
|
||||
/v2.0 = public_api
|
||||
/ = public_version_api
|
||||
|
||||
[composite:admin]
|
||||
use = egg:Paste#urlmap
|
||||
/v2.0 = admin_api
|
||||
/ = admin_version_api
|
|
@ -0,0 +1,2 @@
|
|||
[identity]
|
||||
driver = keystone.identity.backends.sql.Identity
|
|
@ -0,0 +1,9 @@
|
|||
[ldap]
|
||||
url = ldap://localhost
|
||||
tree_dn = dc=example,dc=com
|
||||
user_tree_dn = ou=Users,dc=example,dc=com
|
||||
role_tree_dn = ou=Roles,dc=example,dc=com
|
||||
tenant_tree_dn = ou=Groups,dc=example,dc=com
|
||||
user = dc=Manager,dc=example,dc=com
|
||||
password = freeipa4all
|
||||
suffix = cn=example,cn=com
|
|
@ -0,0 +1,6 @@
|
|||
[<%= name %>]
|
||||
connection = mysql://<%= "#{config['user']}:#{config['password']}@#{config['host']}/#{config['dbname']}" %>
|
||||
idle_timeout = <%= config['idle_timeout'] %>
|
||||
min_pool_size = <%= config['min_pool_size'] %>
|
||||
max_pool_size = <%= config['max_pool_size'] %>
|
||||
pool_timeout = <%= config['pool_timeout'] %>
|
|
@ -0,0 +1,2 @@
|
|||
[catalog]
|
||||
driver=keystone.catalog.backends.sql.Catalog
|
|
@ -0,0 +1,3 @@
|
|||
[catalog]
|
||||
driver = keystone.catalog.backends.templated.TemplatedCatalog
|
||||
template_file = /etc/keystone/default_catalog.templates
|
Loading…
Reference in New Issue