aboutsummaryrefslogtreecommitdiffstats
path: root/manifests/profile/base/keystone.pp
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/profile/base/keystone.pp')
-rw-r--r--manifests/profile/base/keystone.pp47
1 files changed, 25 insertions, 22 deletions
diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp
index e30f712..ff8d790 100644
--- a/manifests/profile/base/keystone.pp
+++ b/manifests/profile/base/keystone.pp
@@ -51,6 +51,22 @@
# creates the certificates.
# Defaults to hiera('generate_service_certificate', false).
#
+# [*heat_admin_domain*]
+# domain name for heat admin
+# Defaults to undef
+#
+# [*heat_admin_email*]
+# heat admin email address
+# Defaults to undef
+#
+# [*heat_admin_password*]
+# heat admin password
+# Defaults to undef
+#
+# [*heat_admin_user*]
+# heat admin user name
+# Defaults to undef
+#
# [*manage_db_purge*]
# (Optional) Whether keystone token flushing should be enabled
# Defaults to hiera('keystone_enable_db_purge', true)
@@ -74,38 +90,21 @@
# for more details.
# Defaults to hiera('step')
#
-# [*heat_admin_domain*]
-# domain name for heat admin
-# Defaults to hiera('heat::keystone::domain::domain_name', 'heat')
-#
-# [*heat_admin_user*]
-# heat admin user name
-# Defaults to hiera('heat::keystone::domain::domain_admin', 'heat_admin')
-#
-# [*heat_admin_email*]
-# heat admin email address
-# Defaults to hiera('heat::keystone::domain::domain_admin_email',
-# 'heat_admin@localhost')
-#
-# [*heat_admin_password*]
-# heat admin password
-# Defaults to hiera('heat::keystone::domain::domain_password')
-#
class tripleo::profile::base::keystone (
$admin_endpoint_network = hiera('keystone_admin_api_network', undef),
$bootstrap_node = hiera('bootstrap_nodeid', undef),
$certificates_specs = hiera('apache_certificates_specs', {}),
$enable_internal_tls = hiera('enable_internal_tls', false),
$generate_service_certificates = hiera('generate_service_certificates', false),
+ $heat_admin_domain = undef,
+ $heat_admin_email = undef,
+ $heat_admin_password = undef,
+ $heat_admin_user = undef,
$manage_db_purge = hiera('keystone_enable_db_purge', true),
$public_endpoint_network = hiera('keystone_public_api_network', undef),
$rabbit_hosts = hiera('rabbitmq_node_ips', undef),
$rabbit_port = hiera('keystone::rabbit_port', 5672),
$step = hiera('step'),
- $heat_admin_domain = hiera('heat::keystone::domain::domain_name', 'heat'),
- $heat_admin_user = hiera('heat::keystone::domain::domain_admin', 'heat_admin'),
- $heat_admin_email = hiera('heat::keystone::domain::domain_admin_email', 'heat_admin@localhost'),
- $heat_admin_password = hiera('heat::keystone::domain::domain_password'),
) {
if $::hostname == downcase($bootstrap_node) {
$sync_db = true
@@ -143,10 +142,11 @@ class tripleo::profile::base::keystone (
}
if $step >= 4 or ( $step >= 3 and $sync_db ) {
+ $rabbit_endpoints = suffix(any2array(normalize_ip_for_uri($rabbit_hosts)), ":${rabbit_port}")
class { '::keystone':
sync_db => $sync_db,
enable_bootstrap => $sync_db,
- rabbit_hosts => suffix($rabbit_hosts, ":${rabbit_port}")
+ rabbit_hosts => $rabbit_endpoints,
}
include ::keystone::config
@@ -236,6 +236,9 @@ class tripleo::profile::base::keystone (
if hiera('nova_api_enabled', false) {
include ::nova::keystone::auth
}
+ if hiera('panko_api_enabled', false) {
+ include ::panko::keystone::auth
+ }
if hiera('sahara_api_enabled', false) {
include ::sahara::keystone::auth
}