32279c4a32
Manage all Keystone resources with Ansible Change-Id: I96a3351fca26cd8bb122a86cb4c3a58d5f88573e (cherry picked from commit7f40baabcd
) keystone: fix trailing space Change-Id: Id3642bd4f539f496d00298ab7996720f14cd0a3c (cherry picked from commit4c167191dc
) deployment: document keystone_resources Bring some documentation into the deployment README about the new keystone_resources interface. Change-Id: I17c2c451136eb4729e4751a250d5545019ea84ff (cherry picked from commit362e92fb82
) Add novajoin to EndpointMap Previously, novajoin was relying on hiera data to populate endpoints in keystone, but that recently changed for the rest of the OpenStack services. This commit updates novajoin to use the same approach with EndpointMap. Otherwise, deploying the undercloud fails with an error message similar to the following: Cannot create an endpoint with an invalid URL: http://%{hiera('ctlplane')}:9090/v1/. Change-Id: I0e177a5e21ed9fb5eacba7a766c153ba99af34ae (cherry picked from commit18e51ca533
) keystone/ldap: add missing cloud name ... or Ansible will use the default "openstack" cloud, which isn't good. We need to create domains in the actual overcloud. Change-Id: I129d7355364c87c40f51372b402620790a31ec81 (cherry picked from commitb3538251d6
)
189 lines
7.5 KiB
YAML
189 lines
7.5 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
Openstack Heat base service. Shared for all Heat services.
|
|
|
|
parameters:
|
|
Debug:
|
|
default: false
|
|
description: Set to True to enable debugging on all services.
|
|
type: boolean
|
|
HeatDebug:
|
|
default: ''
|
|
description: Set to True to enable debugging Heat services.
|
|
type: string
|
|
constraints:
|
|
- allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE']
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
HeatPassword:
|
|
description: The password for the Heat service and db account, used by the Heat services.
|
|
type: string
|
|
hidden: true
|
|
KeystoneRegion:
|
|
type: string
|
|
default: 'regionOne'
|
|
description: Keystone region for endpoint
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
HeatCronPurgeDeletedEnsure:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Ensure
|
|
default: 'present'
|
|
HeatCronPurgeDeletedMinute:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Minute
|
|
default: '1'
|
|
HeatCronPurgeDeletedHour:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Hour
|
|
default: '0'
|
|
HeatCronPurgeDeletedMonthday:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Month Day
|
|
default: '*'
|
|
HeatCronPurgeDeletedMonth:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Month
|
|
default: '*'
|
|
HeatCronPurgeDeletedWeekday:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Week Day
|
|
default: '*'
|
|
HeatCronPurgeDeletedMaxDelay:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Max Delay
|
|
default: '3600'
|
|
HeatCronPurgeDeletedUser:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - User
|
|
default: 'heat'
|
|
HeatCronPurgeDeletedAge:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Age
|
|
default: '30'
|
|
HeatCronPurgeDeletedAgeType:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Age type
|
|
default: 'days'
|
|
HeatCronPurgeDeletedDestination:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Log destination
|
|
default: '/dev/null'
|
|
HeatYaqlLimitIterators:
|
|
type: number
|
|
description: >
|
|
The maximum number of elements in collection yaql expressions can take
|
|
for its evaluation.
|
|
default: 1000
|
|
HeatYaqlMemoryQuota:
|
|
type: number
|
|
description: >
|
|
The maximum size of memory in bytes that yaql exrpessions can take for
|
|
its evaluation.
|
|
default: 100000
|
|
HeatMaxJsonBodySize:
|
|
default: 4194304
|
|
description: Maximum raw byte size of the Heat API JSON request body.
|
|
type: number
|
|
NotificationDriver:
|
|
type: string
|
|
default: 'messagingv2'
|
|
description: Driver or drivers to handle sending notifications.
|
|
HeatCorsAllowedOrigin:
|
|
type: string
|
|
default: ''
|
|
description: Indicate whether this resource may be shared with the domain received in the request
|
|
"origin" header.
|
|
|
|
conditions:
|
|
service_debug_unset: {equals : [{get_param: HeatDebug}, '']}
|
|
cors_allowed_origin_unset: {equals : [{get_param: HeatCorsAllowedOrigin}, '']}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Shared role data for the Heat services.
|
|
value:
|
|
service_name: heat_base
|
|
config_settings:
|
|
map_merge:
|
|
-
|
|
if:
|
|
- cors_allowed_origin_unset
|
|
- {}
|
|
- heat::cors::allowed_origin: {get_param: HeatCorsAllowedOrigin}
|
|
- heat::notification_driver: {get_param: NotificationDriver}
|
|
heat::logging::debug:
|
|
if:
|
|
- service_debug_unset
|
|
- {get_param: Debug }
|
|
- {get_param: HeatDebug }
|
|
heat::enable_proxy_headers_parsing: true
|
|
heat::rpc_response_timeout: 600
|
|
heat::rabbit_heartbeat_timeout_threshold: 60
|
|
heat::region_name: {get_param: KeystoneRegion}
|
|
heat::keystone::authtoken::project_name: 'service'
|
|
heat::keystone::authtoken::user_domain_name: 'Default'
|
|
heat::keystone::authtoken::project_domain_name: 'Default'
|
|
heat::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
|
|
heat::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
|
|
heat::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
|
|
heat::keystone::authtoken::password: {get_param: HeatPassword}
|
|
heat::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
|
heat::heat_keystone_clients_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
|
|
heat::keystone::domain::domain_name: 'heat_stack'
|
|
heat::keystone::domain::domain_admin: 'heat_stack_domain_admin'
|
|
heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost'
|
|
heat::db::database_db_max_retries: -1
|
|
heat::db::database_max_retries: -1
|
|
heat::yaql_memory_quota: {get_param: HeatYaqlMemoryQuota}
|
|
heat::yaql_limit_iterators: {get_param: HeatYaqlLimitIterators}
|
|
heat::cors::max_age: 3600
|
|
heat::cors::allow_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Auth-Token'
|
|
heat::cors::expose_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma'
|
|
heat::cron::purge_deleted::ensure: {get_param: HeatCronPurgeDeletedEnsure}
|
|
heat::cron::purge_deleted::minute: {get_param: HeatCronPurgeDeletedMinute}
|
|
heat::cron::purge_deleted::hour: {get_param: HeatCronPurgeDeletedHour}
|
|
heat::cron::purge_deleted::monthday: {get_param: HeatCronPurgeDeletedMonthday}
|
|
heat::cron::purge_deleted::month: {get_param: HeatCronPurgeDeletedMonth}
|
|
heat::cron::purge_deleted::weekday: {get_param: HeatCronPurgeDeletedWeekday}
|
|
heat::cron::purge_deleted::maxdelay: {get_param: HeatCronPurgeDeletedMaxDelay}
|
|
heat::cron::purge_deleted::user: {get_param: HeatCronPurgeDeletedUser}
|
|
heat::cron::purge_deleted::age: {get_param: HeatCronPurgeDeletedAge}
|
|
heat::cron::purge_deleted::age_type: {get_param: HeatCronPurgeDeletedAgeType}
|
|
heat::cron::purge_deleted::destination: {get_param: HeatCronPurgeDeletedDestination}
|
|
heat::max_json_body_size: {get_param: HeatMaxJsonBodySize}
|