42e8bc6e42
Refresh 2023.2 -> 2024.1 which will impact all charms, so we should not need to pre-seed the edge channel before this works. Refresh 23.09 -> 24.03 for OVN charms. Option sql_connection is removed form 2024.1 release [1] Use below snippet for magnum-k8s conf template [database] connection = <> Update horizon local_settings.py.j2 template [1] https://docs.openstack.org/releasenotes/oslo.db/en_GB/2024.1.html Mark tempest test as non-voting as its currently unstable. Change-Id: I4e277a4c5e438e2f2112a167b0f3050c1526cd0a
92 lines
2.3 KiB
YAML
92 lines
2.3 KiB
YAML
# Copyright 2021 Canonical Ltd.
|
|
# See LICENSE file for licensing details.
|
|
|
|
name: keystone-k8s
|
|
summary: OpenStack identity service
|
|
maintainer: Openstack Charmers <openstack-charmers@lists.ubuntu.com>
|
|
description: |
|
|
Keystone is an OpenStack project that provides Identity, Token, Catalog and
|
|
Policy services for use specifically by projects in the OpenStack family. It
|
|
implements OpenStack's Identity API.
|
|
version: 3
|
|
bases:
|
|
- name: ubuntu
|
|
channel: 22.04/stable
|
|
assumes:
|
|
- k8s-api
|
|
- juju >= 3.1
|
|
tags:
|
|
- openstack
|
|
- identity
|
|
- misc
|
|
source: https://opendev.org/openstack/charm-keystone-k8s
|
|
issues: https://bugs.launchpad.net/charm-keystone-k8s
|
|
|
|
provides:
|
|
identity-service:
|
|
interface: keystone
|
|
identity-credentials:
|
|
interface: keystone-credentials
|
|
identity-ops:
|
|
interface: keystone-resources
|
|
send-ca-cert:
|
|
interface: certificate_transfer
|
|
|
|
requires:
|
|
database:
|
|
interface: mysql_client
|
|
limit: 1
|
|
ingress-internal:
|
|
interface: ingress
|
|
limit: 1
|
|
optional: true
|
|
ingress-public:
|
|
interface: ingress
|
|
limit: 1
|
|
amqp:
|
|
interface: rabbitmq
|
|
optional: true
|
|
domain-config:
|
|
interface: keystone-domain-config
|
|
|
|
peers:
|
|
peers:
|
|
interface: keystone-peer
|
|
|
|
storage:
|
|
fernet-keys:
|
|
type: filesystem
|
|
description: |
|
|
Persistent storage for the location of fernet keys
|
|
minimum-size: 5M
|
|
|
|
credential-keys:
|
|
type: filesystem
|
|
description: |
|
|
Persistent storage for the location of credential keys
|
|
minimum-size: 5M
|
|
|
|
containers:
|
|
# The primary container that runs the keystone services
|
|
keystone:
|
|
resource: keystone-image
|
|
mounts:
|
|
- storage: fernet-keys
|
|
# The fernet keys used for generated tokens are stored here. With a
|
|
# mounted storage option, the fernet keys are persisted across
|
|
# container restarts.
|
|
location: /etc/keystone/fernet-keys/
|
|
|
|
- storage: credential-keys
|
|
# The credential keys used for generated credentials are stored here.
|
|
# With a mounted storage option, the credential keys are persisted
|
|
# across container restarts.
|
|
location: /etc/keystone/credential-keys/
|
|
|
|
resources:
|
|
keystone-image:
|
|
type: oci-image
|
|
description: OCI image for OpenStack Keystone
|
|
# ghcr.io/canonical/keystone:2024.1
|
|
upstream-source: ghcr.io/canonical/keystone:2024.1
|