82 lines
2.6 KiB
Django/Jinja
82 lines
2.6 KiB
Django/Jinja
[DEFAULT]
|
|
debug = {{ heat.debug }}
|
|
use_syslog = False
|
|
use_stderr = True
|
|
use_forwarded_for = True
|
|
region_name_for_services = RegionOne
|
|
rpc_response_timeout=600
|
|
stack_domain_admin = {{ heat.domain.user }}
|
|
stack_domain_admin_password = {{ heat.domain.password }}
|
|
stack_user_domain_name = {{ heat.domain.name }}
|
|
heat_waitcondition_server_url = {{ address('heat-api-cfn', heat.api_cfn_port, external=True, with_scheme=True) }}/v1/waitcondition
|
|
heat_metadata_server_url = {{ address('heat-api-cfn', heat.api_cfn_port, external=True, with_scheme=True) }}
|
|
reauthentication_auth_method = trusts
|
|
|
|
[clients]
|
|
endpoint_type = internalURL
|
|
|
|
[database]
|
|
connection = mysql+pymysql://{{ heat.db.username }}:{{ heat.db.password }}@{{ address("database") }}/{{ heat.db.name }}{% if db.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
|
|
|
|
{{ keystone_authtoken.keystone_authtoken(heat.user, heat.password) }}
|
|
|
|
[trustee]
|
|
user_domain_name = {{ service_account.domain }}
|
|
project_domain_name = {{ service_account.domain }}
|
|
password = {{ heat.password }}
|
|
username = {{ heat.user }}
|
|
auth_uri = {{ address('keystone', keystone.public_port, with_scheme=True) }}
|
|
auth_url = {{ address('keystone', keystone.admin_port, with_scheme=True) }}
|
|
auth_plugin = password
|
|
auth_type = password
|
|
|
|
{% if heat.tls.enabled %}
|
|
[oslo_middleware]
|
|
enable_proxy_headers_parsing = true
|
|
|
|
[ec2authtoken]
|
|
ca_file = /opt/ccp/etc/tls/ca.pem
|
|
{% endif %}
|
|
|
|
[clients_keystone]
|
|
auth_uri = {{ address('keystone', keystone.public_port, with_scheme=True) }}
|
|
{% if security.tls.create_certificates %}
|
|
# Add this option independently from all services components, because
|
|
# Heat uses certificates only from Keystone section and then passes this
|
|
# session as argument for other clients. So it's not possible to have separate
|
|
# certificates for each client. There is a corresponding bug in upstream:
|
|
# https://bugs.launchpad.net/heat/+bug/1669367
|
|
ca_file = /opt/ccp/etc/tls/ca.pem
|
|
{% endif %}
|
|
|
|
[clients_heat]
|
|
endpoint_type = {{ heat.heat_endpoint_type }}
|
|
|
|
[heat_api]
|
|
{% if heat.tls.enabled %}
|
|
bind_host = 127.0.0.1
|
|
{% else %}
|
|
bind_host = {{ network_topology["private"]["address"] }}
|
|
{% endif %}
|
|
bind_port = {{ heat.api_port.cont }}
|
|
|
|
[heat_api_cfn]
|
|
{% if heat.tls.enabled %}
|
|
bind_host = 127.0.0.1
|
|
{% else %}
|
|
bind_host = {{ network_topology["private"]["address"] }}
|
|
{% endif %}
|
|
bind_port = {{ heat.api_cfn_port.cont }}
|
|
|
|
[cache]
|
|
backend = oslo_cache.memcache_pool
|
|
enabled = True
|
|
memcache_servers = {{ address('memcached', memcached.port) }}
|
|
|
|
[oslo_middleware]
|
|
enable_proxy_headers_parsing = true
|
|
|
|
{# messaging macros template #}
|
|
{{ oslo_messaging[messaging.backend.rpc]('rpc_config') }}
|
|
{{ oslo_messaging[messaging.backend.notifications]('notifications_config') }}
|