1730d95acd
The staticweb middleware needs to be put after authentication middlewares to ensure correct functionality as documented in http://docs.openstack.org/developer/swift/middleware.html#staticweb Without this Swift sends a HTML response even if the request was done using a X-Auth-Token. This might result in a faulty handling of the response on the client side; for example, "swift stat containername" would report an empty, private container, while the container might actually be public readable with data stored in it. Closes-bug: 1494896 Change-Id: Id48840e0041f8d272e08def292fbedfaf76bbfbb Co-Authored-By: Christian Schwede <cschwede@redhat.com>
124 lines
3.8 KiB
YAML
124 lines
3.8 KiB
YAML
# Hiera data here applies to all controller nodes
|
|
nova::api::enabled: true
|
|
nova::conductor::enabled: true
|
|
nova::consoleauth::enabled: true
|
|
nova::vncproxy::enabled: true
|
|
nova::scheduler::enabled: true
|
|
|
|
# rabbitmq
|
|
rabbitmq::delete_guest_user: false
|
|
rabbitmq::wipe_db_on_cookie_change: true
|
|
rabbitmq::port: '5672'
|
|
rabbitmq::package_source: undef
|
|
rabbitmq::repos_ensure: false
|
|
rabbitmq_environment:
|
|
RABBITMQ_NODENAME: "rabbit@%{::hostname}"
|
|
RABBITMQ_SERVER_ERL_ARGS: '"+K true +A30 +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"'
|
|
rabbitmq_kernel_variables:
|
|
inet_dist_listen_min: '35672'
|
|
inet_dist_listen_max: '35672'
|
|
rabbitmq_config_variables:
|
|
tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]'
|
|
cluster_partition_handling: 'pause_minority'
|
|
|
|
mongodb::server::replset: tripleo
|
|
mongodb::server::journal: false
|
|
|
|
redis::port: 6379
|
|
redis::sentinel::master_name: "%{hiera('bootstrap_nodeid')}"
|
|
redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}"
|
|
redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh'
|
|
|
|
# service tenant
|
|
nova::api::admin_tenant_name: 'service'
|
|
glance::api::keystone_tenant: 'service'
|
|
glance::registry::keystone_tenant: 'service'
|
|
neutron::server::auth_tenant: 'service'
|
|
neutron::agents::metadata::auth_tenant: 'service'
|
|
cinder::api::keystone_tenant: 'service'
|
|
swift::proxy::authtoken::admin_tenant_name: 'service'
|
|
ceilometer::api::keystone_tenant: 'service'
|
|
heat::keystone_tenant: 'service'
|
|
|
|
# keystone
|
|
keystone::cron::token_flush::maxdelay: 3600
|
|
|
|
#swift
|
|
swift::proxy::pipeline:
|
|
- 'catch_errors'
|
|
- 'healthcheck'
|
|
- 'cache'
|
|
- 'ratelimit'
|
|
- 'tempurl'
|
|
- 'formpost'
|
|
- 'authtoken'
|
|
- 'keystone'
|
|
- 'staticweb'
|
|
- 'proxy-logging'
|
|
- 'proxy-server'
|
|
|
|
swift::proxy::account_autocreate: true
|
|
|
|
# glance
|
|
glance::api::pipeline: 'keystone'
|
|
glance::registry::pipeline: 'keystone'
|
|
glance::backend::swift::swift_store_create_container_on_put: true
|
|
glance::backend::rbd::rbd_store_user: 'openstack'
|
|
|
|
# neutron
|
|
neutron::core_plugin: 'ml2'
|
|
neutron::service_plugins:
|
|
- 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin'
|
|
neutron::server::sync_db: true
|
|
neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf
|
|
|
|
# nova
|
|
nova::notify_on_state_change: 'vm_and_task_state'
|
|
nova::api::default_floating_pool: 'public'
|
|
nova::api::osapi_v3: true
|
|
nova::scheduler::filter::ram_allocation_ratio: '1.0'
|
|
|
|
# cinder
|
|
cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler
|
|
|
|
# heat
|
|
heat::engine::configure_delegated_roles: false
|
|
heat::engine::trusts_delegated_roles: []
|
|
heat::instance_user: ''
|
|
|
|
# pacemaker
|
|
pacemaker::corosync::cluster_name: 'tripleo_cluster'
|
|
pacemaker::corosync::manage_fw: false
|
|
pacemaker::resource_defaults::defaults:
|
|
resource-stickiness: { value: INFINITY }
|
|
|
|
# horizon
|
|
horizon::allowed_hosts: '*'
|
|
horizon::django_session_engine: 'django.contrib.sessions.backends.cache'
|
|
|
|
# mysql
|
|
mysql::server::manage_config_file: true
|
|
mysql::server::remove_default_accounts: true
|
|
|
|
|
|
tripleo::loadbalancer::keystone_admin: true
|
|
tripleo::loadbalancer::keystone_public: true
|
|
tripleo::loadbalancer::neutron: true
|
|
tripleo::loadbalancer::cinder: true
|
|
tripleo::loadbalancer::glance_api: true
|
|
tripleo::loadbalancer::glance_registry: true
|
|
tripleo::loadbalancer::nova_ec2: true
|
|
tripleo::loadbalancer::nova_osapi: true
|
|
tripleo::loadbalancer::nova_metadata: true
|
|
tripleo::loadbalancer::nova_novncproxy: true
|
|
tripleo::loadbalancer::mysql: true
|
|
tripleo::loadbalancer::redis: true
|
|
tripleo::loadbalancer::swift_proxy_server: true
|
|
tripleo::loadbalancer::ceilometer: true
|
|
tripleo::loadbalancer::heat_api: true
|
|
tripleo::loadbalancer::heat_cloudwatch: true
|
|
tripleo::loadbalancer::heat_cfn: true
|
|
tripleo::loadbalancer::horizon: true
|
|
|
|
controller_classes: []
|