diff options
author | Dan Prince <dprince@redhat.com> | 2016-03-21 21:26:53 -0400 |
---|---|---|
committer | Dan Prince <dprince@redhat.com> | 2016-04-09 08:36:04 -0400 |
commit | de0ac7b2d6a2b58e2c39f06c8d4a72278b574201 (patch) | |
tree | 285fd3c24d505c541670db76e077b32ed1230583 /puppet/manifests/overcloud_controller.pp | |
parent | 2198be81563cc68551fa8defbba36ae3bf98d222 (diff) |
composable keystone services
Adds new puppet and puppet pacemaker specific services for
Keystone.
The puppet manifests for keystone now live in puppet-tripleo.
Hiera settings are driven by the nested stack heat templates
and used to control puppet-keystone and puppet-tripleo
directly.
The Pacemaker template extends the default keystone service and
swaps in the pacemaker specific puppet-tripleo profile instead.
Change-Id: I8b30438a27e9d5ec4e7d335e0bd1a931a20b03a2
Depends-On: I2faf5a78db802549053ec41678bf83bf28108189
Diffstat (limited to 'puppet/manifests/overcloud_controller.pp')
-rw-r--r-- | puppet/manifests/overcloud_controller.pp | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index c6667ae6..0bf5f886 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -212,42 +212,6 @@ if hiera('step') >= 2 { if hiera('step') >= 4 { - include ::keystone - include ::keystone::config - include ::keystone::roles::admin - include ::keystone::endpoint - include ::keystone::wsgi::apache - - #TODO: need a cleanup-keystone-tokens.sh solution here - - file { [ '/etc/keystone/ssl', '/etc/keystone/ssl/certs', '/etc/keystone/ssl/private' ]: - ensure => 'directory', - owner => 'keystone', - group => 'keystone', - require => Package['keystone'], - } - file { '/etc/keystone/ssl/certs/signing_cert.pem': - content => hiera('keystone_signing_certificate'), - owner => 'keystone', - group => 'keystone', - notify => Service['keystone'], - require => File['/etc/keystone/ssl/certs'], - } - file { '/etc/keystone/ssl/private/signing_key.pem': - content => hiera('keystone_signing_key'), - owner => 'keystone', - group => 'keystone', - notify => Service['keystone'], - require => File['/etc/keystone/ssl/private'], - } - file { '/etc/keystone/ssl/certs/ca.pem': - content => hiera('keystone_ca_certificate'), - owner => 'keystone', - group => 'keystone', - notify => Service['keystone'], - require => File['/etc/keystone/ssl/certs'], - } - $glance_backend = downcase(hiera('glance_backend', 'swift')) case $glance_backend { 'swift': { $backend_store = 'glance.store.swift.Store' } @@ -684,14 +648,10 @@ if hiera('step') >= 4 { } #END STEP 4 if hiera('step') >= 5 { - $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) $heat_enable_db_purge = hiera('heat_enable_db_purge', true) - if $keystone_enable_db_purge { - include ::keystone::cron::token_flush - } if $nova_enable_db_purge { include ::nova::cron::archive_deleted_rows } @@ -703,7 +663,6 @@ if hiera('step') >= 5 { } if downcase(hiera('bootstrap_nodeid')) == $::hostname { - include ::keystone::roles::admin # Class ::heat::keystone::domain has to run on bootstrap node # because it creates DB entities via API calls. include ::heat::keystone::domain |