gnocchi: deploy services with Keystone v3 endpoints

* Move swift_authurl to gnocchi-base hieradata, where other swift auth
  credentials live and switch it to versionless keystone endpoint.
* Force swift_auth_version to 3 for Keystone v3.
* Switch auth_uri to use versionless Keystone endpoint.
* Switch auth_url to use Keystone admin endpoint (instead of internal).
* Remove old parameters from gnocchi::api, not used anymore.

Partial-blueprint: keystone-v3

Change-Id: I2feed8b1219069128faa1a1e8dcd2ddfbae7e40a
This commit is contained in:
Emilien Macchi 2017-03-07 16:18:50 -05:00
parent 69ce3c3e48
commit 0f48e7b35e
3 changed files with 9 additions and 6 deletions

View File

@ -83,10 +83,12 @@ outputs:
gnocchi::api::enabled: true gnocchi::api::enabled: true
gnocchi::api::enable_proxy_headers_parsing: true gnocchi::api::enable_proxy_headers_parsing: true
gnocchi::api::service_name: 'httpd' gnocchi::api::service_name: 'httpd'
gnocchi::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} gnocchi::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
gnocchi::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} gnocchi::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
gnocchi::keystone::authtoken::password: {get_param: GnocchiPassword} gnocchi::keystone::authtoken::password: {get_param: GnocchiPassword}
gnocchi::keystone::authtoken::project_name: 'service' gnocchi::keystone::authtoken::project_name: 'service'
gnocchi::keystone::authtoken::user_domain_name: 'Default'
gnocchi::keystone::authtoken::project_domain_name: 'Default'
gnocchi::wsgi::apache::ssl: {get_param: EnableInternalTLS} gnocchi::wsgi::apache::ssl: {get_param: EnableInternalTLS}
gnocchi::wsgi::apache::servername: gnocchi::wsgi::apache::servername:
str_replace: str_replace:
@ -103,10 +105,6 @@ outputs:
# internal_api_subnet - > IP/CIDR # internal_api_subnet - > IP/CIDR
gnocchi::wsgi::apache::bind_host: {get_param: [ServiceNetMap, GnocchiApiNetwork]} gnocchi::wsgi::apache::bind_host: {get_param: [ServiceNetMap, GnocchiApiNetwork]}
gnocchi::wsgi::apache::wsgi_process_display_name: 'gnocchi_wsgi' gnocchi::wsgi::apache::wsgi_process_display_name: 'gnocchi_wsgi'
gnocchi::api::keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
gnocchi::api::keystone_identity_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
gnocchi::storage::swift::swift_authurl: {get_param: [EndpointMap, KeystoneInternal, uri]}
step_config: | step_config: |
include ::tripleo::profile::base::gnocchi::api include ::tripleo::profile::base::gnocchi::api
service_config_settings: service_config_settings:

View File

@ -70,8 +70,9 @@ outputs:
- '?read_default_file=/etc/my.cnf.d/tripleo.cnf&read_default_group=tripleo' - '?read_default_file=/etc/my.cnf.d/tripleo.cnf&read_default_group=tripleo'
gnocchi::db::sync::extra_opts: '--skip-storage' gnocchi::db::sync::extra_opts: '--skip-storage'
gnocchi::storage::swift::swift_user: 'service:gnocchi' gnocchi::storage::swift::swift_user: 'service:gnocchi'
gnocchi::storage::swift::swift_auth_version: 2 gnocchi::storage::swift::swift_auth_version: 3
gnocchi::storage::swift::swift_key: {get_param: GnocchiPassword} gnocchi::storage::swift::swift_key: {get_param: GnocchiPassword}
gnocchi::storage::swift::swift_authurl: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
gnocchi::storage::ceph::ceph_pool: {get_param: GnocchiRbdPoolName} gnocchi::storage::ceph::ceph_pool: {get_param: GnocchiRbdPoolName}
gnocchi::storage::ceph::ceph_username: {get_param: CephClientUserName} gnocchi::storage::ceph::ceph_username: {get_param: CephClientUserName}
gnocchi::storage::ceph::ceph_keyring: gnocchi::storage::ceph::ceph_keyring:

View File

@ -0,0 +1,4 @@
---
features:
- Deploy Gnocchi with Keystone v3 endpoints and make
sure it doesn't rely on Keystone v2 anymore.