openstack/tripleo-heat-templates
Code Issues Proposed changes
1eeedbc095
tripleo-heat-templates/environments
History
Cyril Lopez 4db1c9f8e4 Add trigger to setup a LDAP backend as keystone domaine 
It is using a trigger tripleo::profile::base::keystone::ldap_backend_enable in puppet-tripleo
who will call a define in puppet-keysone ldap_backend.pp.

Given the following environment:

parameter_defaults:
  KeystoneLDAPDomainEnable: true
  KeystoneLDAPBackendConfigs:
    tripleoldap:
      url: ldap://192.0.2.250
      user: cn=openstack,ou=Users,dc=redhat,dc=example,dc=com
      password: Secrete
      suffix: dc=redhat,dc=example,dc=com
      user_tree_dn: ou=Users,dc=redhat,dc=example,dc=com
      user_filter: "(memberOf=cn=OSuser,ou=Groups,dc=redhat,dc=example,dc=com)"
      user_objectclass: person
      user_id_attribute: cn
      user_allow_create: false
      user_allow_update: false
      user_allow_delete: false
  ControllerExtraConfig:
    nova::keystone::authtoken::auth_version: v3
    cinder::keystone::authtoken::auth_version: v3

It would then create a domain called tripleoldap with an LDAP
configuration as defined by the hash. The parameters from the
hash are defined by the keystone::ldap_backend resource in
puppet-keystone.

More backends can be added as more entries to that hash.

This also enables multi-domain support for horizon.

Conflicts:

    puppet/services/keystone.yaml

Closes-Bug: 1677603
Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
Depends-On: I1593c6a33ed1a0ea51feda9dfb6e1690eaeac5db
Change-Id: I6c815e4596d595bfa2a018127beaf21249a10643
Signed-off-by: Cyril Lopez <cylopez@redhat.com>
(cherry picked from commit 347f5434b3)
2017-04-07 10:25:47 +03:00
..
contrail Re-organizes Contrail services to the correct roles 2017-02-08 20:25:41 +01:00
services Add trigger to setup a LDAP backend as keystone domaine 2017-04-07 10:25:47 +03:00
updates Merge "Add deployed-server backwards compatible template" 2017-01-16 10:06:43 +00:00
auditd.yaml Add AuditD composable service 2017-01-27 13:23:18 +00:00
ceph-radosgw.yaml Add support for deploying Ceph RGW role 2016-09-10 09:45:25 -04:00
cinder-backup.yaml Disable cinder-backup by default 2016-08-19 12:06:37 +02:00
cinder-dellps-config.yaml Composable services support for Cinder Dell EMC PS Series 2017-02-07 11:54:24 +00:00
cinder-dellsc-config.yaml Composable service support for Cinder Dell EMC Storage Center 2017-02-03 12:07:33 -06:00
cinder-hpelefthand-config.yaml HPELeftHandISCSIDriver support for Cinder 2017-01-13 16:48:59 +00:00
cinder-iser.yaml Added support for pass-through iSER configuration 2016-09-23 09:51:41 -04:00
cinder-netapp-config.yaml Use netapp_host_type instead of netapp_eseries_host_type 2016-09-29 10:52:12 +02:00
cinder-scaleio-config.yaml Enables support for configuring Cinder with Dell EMC 2017-02-07 12:06:47 -06:00
collectd-environment.yaml implement a collectd composable service 2017-02-07 11:54:14 +00:00
config-debug.yaml Allow enabling debug mode for config management (Puppet) 2015-09-30 15:30:22 +02:00
debug.yaml Add new environment for debug 2016-10-07 17:27:22 +00:00
deployed-server-bootstrap-environment-centos.yaml Deployed server bootstrap via Heat 2017-01-16 10:48:00 -05:00
deployed-server-bootstrap-environment-rhel.yaml Add deployed server bootstrap for RHEL 2017-01-26 15:06:46 -05:00
deployed-server-environment.j2.yaml Nic config mappings for deployed-server 2017-03-28 11:45:11 +00:00
deployed-server-noop-ctlplane.yaml Add deployed server bootstrap to noop-ctlplane 2017-01-17 18:34:47 -05:00
deployed-server-pacemaker-environment.yaml Add environment for deployed-server with pacemaker 2017-04-05 18:53:56 +00:00
docker-network.yaml Network Isolation support for containerized compute 2016-01-04 20:41:41 +00:00
docker.yaml Use overcloud-full instead of atomic-image 2016-12-19 18:13:57 +01:00
enable_congress.yaml adding Congress Support 2017-02-10 09:59:38 -05:00
enable_tacker.yaml Adding Tacker Support 2017-02-09 20:23:36 +00:00
enable-internal-tls.yaml Add novajoin entries to the TLS-everywhere environment file 2017-01-25 22:54:34 +02:00
enable-swap-partition.yaml Fix for AllNodesExtraConfig and fix environment files to create swap files/partitions 2017-01-16 15:47:50 +01:00
enable-swap.yaml Fix for AllNodesExtraConfig and fix environment files to create swap files/partitions 2017-01-16 15:47:50 +01:00
enable-tls.yaml Move resource registry override to enable-tls.yaml 2016-08-23 08:53:50 +03:00
external-loadbalancer-vip-v6.yaml Modify external loadbalancer environments to use new FixedIPs 2016-11-21 17:29:38 +00:00
external-loadbalancer-vip.yaml Modify external loadbalancer environments to use new FixedIPs 2016-11-21 17:29:38 +00:00
horizon_password_validation.yaml Manage password_validator regex 2017-01-25 16:45:22 +00:00
host-config-pre-network.j2.yaml Fix empty parameter_default error in environment file 2017-02-14 11:19:55 +05:30
hyperconverged-ceph.yaml Align HCI environment file with list of services from roles_data 2017-02-24 13:30:02 -05:00
inject-trust-anchor-hiera.yaml Add deployment of CAs via hieradata 2016-08-22 18:10:26 +03:00
inject-trust-anchor.yaml Enable trust anchor injection 2015-11-25 15:16:08 +02:00
ips-from-pool-all.yaml Add Management net to ips-from-pool-all example 2016-06-29 11:40:36 +01:00
ips-from-pool.yaml Add sample environment file to document usage of predictable IPs 2015-12-15 12:52:15 +01:00
logging-environment.yaml Fixed NoneType issue when logging-environment.yaml is used 2016-09-30 15:13:57 +02:00
low-memory-usage.yaml Increase apache ServerLimit and workers to 100 2017-02-21 23:12:15 -05:00
major-upgrade-all-in-one.yaml Disable puppet on upgrade for roles not upgrading 2017-02-03 11:43:47 +00:00
major-upgrade-aodh-migration.yaml No-op Puppet for upgrades/migrations according to composable roles 2016-09-22 14:59:20 +02:00
major-upgrade-ceilometer-wsgi-mitaka-newton.yaml Ceilometer Wsgi Mitaka->Newton upgrades 2016-10-07 11:43:33 +03:00
major-upgrade-composable-steps.yaml Only set EnableConfigPurge on major upgrades 2017-03-28 17:55:43 +01:00
major-upgrade-converge.yaml Only set EnableConfigPurge on major upgrades 2017-03-28 17:55:43 +01:00
major-upgrade-pacemaker-converge.yaml Adds Environment File for Removing Sahara during M/N upgrade 2016-10-05 16:32:31 +03:00
major-upgrade-pacemaker-init.yaml No-op Puppet for upgrades/migrations according to composable roles 2016-09-22 14:59:20 +02:00
major-upgrade-pacemaker.yaml No-op Puppet for upgrades/migrations according to composable roles 2016-09-22 14:59:20 +02:00
major-upgrade-remove-sahara.yaml Adds Environment File for Removing Sahara during M/N upgrade 2016-10-05 16:32:31 +03:00
manila-cephfsnative-config.yaml Fix inconsistent Manila service naming 2016-11-10 17:06:47 +00:00
manila-generic-config.yaml Fix inconsistent Manila service naming 2016-11-10 17:06:47 +00:00
manila-netapp-config.yaml Fix inconsistent Manila service naming 2016-11-10 17:06:47 +00:00
mongodb-nojournal.yaml Always use parameter_defaults in environment files 2016-04-11 14:15:39 -04:00
monitoring-environment.yaml Prefill Sensu client custom config 2016-10-13 11:53:58 +02:00
net-bond-with-vlans-no-external.yaml neutron: don't set external_network_bridge option by default 2017-02-23 14:46:39 +00:00
net-bond-with-vlans-v6.yaml neutron: don't set external_network_bridge option by default 2017-02-23 14:46:39 +00:00
net-bond-with-vlans.yaml neutron: don't set external_network_bridge option by default 2017-02-23 14:46:39 +00:00
net-multiple-nics-v6.yaml Add IPv6 versions of the Controller NIC configs 2016-03-05 03:22:03 +01:00
net-multiple-nics.yaml Add network templates for multiple NIC configuration 2015-11-05 14:09:45 +00:00
net-single-nic-linux-bridge-with-vlans.yaml neutron: don't set external_network_bridge option by default 2017-02-23 14:46:39 +00:00
net-single-nic-with-vlans-no-external.yaml neutron: don't set external_network_bridge option by default 2017-02-23 14:46:39 +00:00
net-single-nic-with-vlans-v6.yaml neutron: don't set external_network_bridge option by default 2017-02-23 14:46:39 +00:00
net-single-nic-with-vlans.yaml neutron: don't set external_network_bridge option by default 2017-02-23 14:46:39 +00:00
network-environment.yaml neutron: don't set external_network_bridge option by default 2017-02-23 14:46:39 +00:00
network-isolation-no-tunneling.yaml Add missing VIP definitions into -no-tunneling env file 2017-01-03 21:42:42 +01:00
network-isolation-v6.yaml configure horizon with memcached ipv6 when needed 2016-03-23 15:43:10 -04:00
network-isolation.yaml Add missing VIP definitions into -no-tunneling env file 2017-01-03 21:42:42 +01:00
network-management-v6.yaml Add IPv6 support for the management network 2016-06-20 14:02:44 +02:00
network-management.yaml Add IPv6 support for the management network 2016-06-20 14:02:44 +02:00
neutron-midonet.yaml Composable Midonet compute plugin 2016-07-12 09:48:31 -04:00
neutron-ml2-bigswitch.yaml Re-Add bigswitch agent support 2017-03-31 18:01:10 +00:00
neutron-ml2-cisco-n1kv.yaml Enable Cisco N1KV driver 2015-09-30 09:22:33 +03:00
neutron-ml2-cisco-nexus-ucsm.yaml Change the default value for NetworkNexusVxlanGlobalConfig 2016-02-24 19:08:07 +03:00
neutron-ml2-fujitsu-cfab.yaml Add THT for networking-fujitsu 2017-01-10 10:54:02 -05:00
neutron-ml2-fujitsu-fossw.yaml Add THT for fossw ML2 plugin in networking-fujitsu 2017-01-19 12:55:47 -05:00
neutron-ml2-ovn.yaml OVN plugin configuration fixes 2017-02-02 21:30:38 +05:30
neutron-nuage-config.yaml Updated Nuage neutron plugin name 2016-10-31 13:05:52 -04:00
neutron-opendaylight.yaml Fixes port binding controller for OpenDaylight 2017-04-03 15:28:06 +00:00
neutron-ovs-dpdk.yaml Added DPDK environment file and nic configs samples 2016-08-30 08:49:05 +05:30
neutron-ovs-dvr.yaml Revert "Set NeutronL3HA to false when deploying DVR" 2016-11-28 11:19:22 +02:00
neutron-plumgrid.yaml Composable Plumgrid compute plugin 2016-07-12 09:48:31 -04:00
neutron-sriov.yaml Remove unused SR-IOV parameter NeutronSupportedPCIVendorDevs 2017-02-02 11:18:07 +05:30
nova-nuage-config.yaml Changes for configuring Nuage 2015-11-30 14:22:08 -05:00
overcloud-steps.yaml Rename -puppet.yaml templates. 2015-09-22 08:30:01 -04:00
puppet-ceph-devel.yaml Add cinder-backup service as role 2016-08-10 19:02:08 +00:00
puppet-ceph-external.yaml Allow user to configure Ceph rbd_default_features 2017-01-16 22:39:47 +00:00
puppet-ceph.yaml Describe use of Manila/CephFS in capabilites_map 2017-01-30 16:41:29 +00:00
puppet-pacemaker-no-restart.yaml Allow to manually disable post-puppet restarts 2016-06-14 16:10:10 +02:00
puppet-pacemaker.yaml pacemaker remote profile support 2017-01-24 12:18:14 +01:00
puppet-tenant-vlan.yaml Remove NeutronEnableTunnelling from templates 2016-08-12 20:46:38 -02:30
README.md Add a directory for overcloud heat environments 2015-05-15 12:28:00 +02:00
sshd-banner.yaml Adds SSH Banner text into sshd_config 2017-01-26 11:04:01 +00:00
storage-environment.yaml Re-add NFS backend for Glance 2016-10-21 16:22:40 +02:00
tls-endpoints-public-dns.yaml adding Congress Support 2017-02-10 09:59:38 -05:00
tls-endpoints-public-ip.yaml adding Congress Support 2017-02-10 09:59:38 -05:00
tls-everywhere-endpoints-dns.yaml adding Congress Support 2017-02-10 09:59:38 -05:00
undercloud.yaml Template and role support for the undercloud 2017-01-06 20:01:14 -05:00
use-dns-for-vips.yaml Stop using puppet to configure VIPs in /etc/hosts 2016-11-27 13:20:33 -05:00

README.md

This directory contains Heat environment file snippets which can be used to enable features in the Overcloud.

Configuration

These can be enabled using the -e [path to environment yaml] option with heatclient.

Below is an example of how to enable the Ceph template using devtest_overcloud.sh:

export OVERCLOUD\_CUSTOM\_HEAT\_ENV=$TRIPLEO\_ROOT/tripleo-heat-templates/environments/ceph_devel.yaml