19402ff049
Replace the cinder, glance and nova service_config_settings in the BarbicanApi template with a reference to the settings in the BarbicanClient template. This consolidates the settings in one place. Update the BarbicanClient's service_config_settings so it handles all cinder services that access barbican (c-api, c-volume, c-backup). This change takes advantage of a recent enhancement in puppet-cinder (see https://review.opendev.org/739126). Depends-On: Ie3c95da2c0dab83e3c4b7e10f8a3531301692da5 Change-Id: I42b7c4a2add1dc25083c4c0e8a162ca4a3880e2a
60 lines
2.0 KiB
YAML
60 lines
2.0 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
OpenStack Barbican client configuration
|
|
|
|
parameters:
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the Barbican client.
|
|
value:
|
|
service_name: barbican_client
|
|
service_config_settings:
|
|
nova_compute:
|
|
nova::compute::keymgr_backend: barbican
|
|
nova::compute::barbican_endpoint:
|
|
get_param: [EndpointMap, BarbicanInternal, uri]
|
|
nova::compute::barbican_auth_endpoint:
|
|
get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]
|
|
cinder_api: &cinder_barbican_config
|
|
cinder::keymgr_backend: barbican
|
|
cinder::keymgr_encryption_api_url:
|
|
get_param: [EndpointMap, BarbicanInternal, uri]
|
|
cinder::keymgr_encryption_auth_url:
|
|
get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]
|
|
cinder_volume: *cinder_barbican_config
|
|
cinder_backup: *cinder_barbican_config
|
|
glance_api:
|
|
glance::api::keymgr_backend: barbican
|
|
glance::api::keymgr_encryption_api_url:
|
|
get_param: [EndpointMap, BarbicanInternal, uri]
|
|
glance::api::keymgr_encryption_auth_url:
|
|
get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]
|