aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services/glance-api.yaml
diff options
context:
space:
mode:
authorDan Prince <dprince@redhat.com>2016-09-15 09:19:15 +0200
committerDan Prince <dprince@redhat.com>2016-09-23 07:43:21 -0400
commit9d67d7b3b11b688be0b40fc2fcfb1daf5b5157df (patch)
tree528b9bc390e8b4997eeaa8f0f32f027791851387 /puppet/services/glance-api.yaml
parentf9d6db86edd89efe59fe0db9564ebfae05954788 (diff)
Move keystone::auth into service_config_settings
This patch moves the keystone::auth settings for all services into the new service_config_settings section. This is important because we execute the keystone commands via puppet only on the role containing the keystone service and without these settings it will fail. Note that yaql merging/filtering is used here to ensure that service_config_settings is optional in service templates, and also that we'll only deploy hieradata for a given service on a node running the service (the key in the service_config_settings map must match the service_name in the service template for this to work). e.g the following will result in only deploying keystone: 123 in hiera on the role running the "keystone" service, regardless of which service template defines it. service_config_settings: keystone: keystone: 123 Co-Authored-By: Steven Hardy <shardy@redhat.com> Change-Id: I0c2fce037a1a38772f998d582a816b4b703f8265 Closes-bug: 1620829
Diffstat (limited to 'puppet/services/glance-api.yaml')
-rw-r--r--puppet/services/glance-api.yaml14
1 files changed, 8 insertions, 6 deletions
diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml
index 51f19baf..c399bf4e 100644
--- a/puppet/services/glance-api.yaml
+++ b/puppet/services/glance-api.yaml
@@ -135,11 +135,6 @@ outputs:
glance::notify::rabbitmq::rabbit_port: {get_param: RabbitClientPort}
glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword}
glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
- glance::keystone::auth::public_url: {get_param: [EndpointMap, GlancePublic, uri]}
- glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]}
- glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]}
- glance::keystone::auth::password: {get_param: GlancePassword }
- glance::keystone::auth::region: {get_param: KeystoneRegion}
glance::registry::db::database_db_max_retries: -1
glance::registry::db::database_max_retries: -1
tripleo.glance_api.firewall_rules:
@@ -147,7 +142,6 @@ outputs:
dport:
- 9292
- 13292
- glance::keystone::auth::tenant: 'service'
glance::api::authtoken::project_name: 'service'
glance::api::pipeline: 'keystone'
glance::api::show_image_direct_url: true
@@ -160,3 +154,11 @@ outputs:
glance::api::bind_host: {get_param: [ServiceNetMap, GlanceApiNetwork]}
step_config: |
include ::tripleo::profile::base::glance::api
+ service_config_settings:
+ keystone:
+ glance::keystone::auth::public_url: {get_param: [EndpointMap, GlancePublic, uri]}
+ glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]}
+ glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]}
+ glance::keystone::auth::password: {get_param: GlancePassword }
+ glance::keystone::auth::region: {get_param: KeystoneRegion}
+ glance::keystone::auth::tenant: 'service'