Create fragments for managing keystone.conf

This commit introduces fragments to manage the keystone.conf file. It introduces the following templates that can be used to manage part of the final keystone file - footer (things that dont need to be configured) - sqlite - configures db as sqlite - mysql - configures db as mysql - identity - manages the identity used - ldap - adds ldap snippet - default - DEFAULT config section - sql_catalog - adds sql catalog support - template_catalog - adds template support for catalogs The templates can be assembled using keystone::config into a customizable final template.
2012-03-29 14:37:39 -07:00 · 2012-03-29 14:37:39 -07:00 · b4493112d9
parent ccb37d4ee5
commit b4493112d9
8 changed files with 119 additions and 0 deletions
--- a/manifests/config.pp
+++ b/manifests/config.pp
@ -0,0 +1,19 @@
+#
+# Can be used to specify configuration
+# sections in keystone
+#
+# It will assume that the config
+#
+#
+define keystone::config(
+  $config    = {},
+  $file_name = regsubst($name, ':', '_', 'G'),
+  $content   = template("keystone/${name}.erb"),
+  $order     = undef
+) {
+  concat::fragment { $name:
+    target  => '/etc/keystone/keystone.conf',
+    content => $content,
+    order   => $order,
+  }
+}
--- a/templates/DEFAULT.erb
+++ b/templates/DEFAULT.erb
@ -0,0 +1,10 @@
+[DEFAULT]
+bind_host     = <%= config['bind_host'] %>
+public_port   = <%= config['public_port'] %>
+admin_port    = <%= config['admin_port'] %>
+admin_token   = <%= config['admin_token'] %>
+compute_port  = <%= config['compute_port'] %>
+verbose       = <%= config['log_verbose'] %>
+debug         = <%= config['log_debug'] %>
+log_file      = /var/log/keystone/keystone.log
+use_syslog    = <%= config['use_syslog'] %>
--- a/templates/footer.erb
+++ b/templates/footer.erb
@ -0,0 +1,68 @@
+
+[token]
+driver = keystone.token.backends.kvs.Token
+expiration = 86400
+
+[policy]
+driver = keystone.policy.backends.rules.Policy
+
+[ec2]
+driver = keystone.contrib.ec2.backends.sql.Ec2
+
+[filter:debug]
+paste.filter_factory = keystone.common.wsgi:Debug.factory
+
+[filter:token_auth]
+paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory
+
+[filter:admin_token_auth]
+paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory
+
+[filter:xml_body]
+paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory
+
+[filter:json_body]
+paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory
+
+[filter:crud_extension]
+paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory
+
+[filter:ec2_extension]
+paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory
+
+[filter:s3_extension]
+paste.filter_factory = keystone.contrib.s3:S3Extension.factory
+
+[app:public_service]
+paste.app_factory = keystone.service:public_app_factory
+
+[app:admin_service]
+paste.app_factory = keystone.service:admin_app_factory
+
+[pipeline:public_api]
+pipeline = token_auth admin_token_auth xml_body json_body debug ec2_extension public_service
+
+[pipeline:admin_api]
+pipeline = token_auth admin_token_auth xml_body json_body debug ec2_extension s3_extension crud_extension admin_service
+
+[app:public_version_service]
+paste.app_factory = keystone.service:public_version_app_factory
+
+[app:admin_version_service]
+paste.app_factory = keystone.service:admin_version_app_factory
+
+[pipeline:public_version_api]
+pipeline = xml_body public_version_service
+
+[pipeline:admin_version_api]
+pipeline = xml_body admin_version_service
+
+[composite:main]
+use = egg:Paste#urlmap
+/v2.0 = public_api
+/ = public_version_api
+
+[composite:admin]
+use = egg:Paste#urlmap
+/v2.0 = admin_api
+/ = admin_version_api
--- a/templates/identity.erb
+++ b/templates/identity.erb
@ -0,0 +1,2 @@
+[identity]
+driver = keystone.identity.backends.sql.Identity
--- a/templates/ldap.erb
+++ b/templates/ldap.erb
@ -0,0 +1,9 @@
+[ldap]
+url = ldap://localhost
+tree_dn = dc=example,dc=com
+user_tree_dn = ou=Users,dc=example,dc=com
+role_tree_dn = ou=Roles,dc=example,dc=com
+tenant_tree_dn = ou=Groups,dc=example,dc=com
+user = dc=Manager,dc=example,dc=com
+password = freeipa4all
+suffix = cn=example,cn=com
--- a/templates/sql.erb
+++ b/templates/sql.erb
@ -0,0 +1,6 @@
+[<%= name %>]
+connection    = mysql://<%= "#{config['user']}:#{config['password']}@#{config['host']}/#{config['dbname']}" %>
+idle_timeout  = <%= config['idle_timeout'] %>
+min_pool_size = <%= config['min_pool_size'] %>
+max_pool_size = <%= config['max_pool_size'] %>
+pool_timeout  = <%= config['pool_timeout'] %>
--- a/templates/sql_catalog.erb
+++ b/templates/sql_catalog.erb
@ -0,0 +1,2 @@
+[catalog]
+driver=keystone.catalog.backends.sql.Catalog
--- a/templates/template_catalog.erb
+++ b/templates/template_catalog.erb
@ -0,0 +1,3 @@
+[catalog]
+driver = keystone.catalog.backends.templated.TemplatedCatalog
+template_file = /etc/keystone/default_catalog.templates