diff options
Diffstat (limited to 'docker/services/keystone.yaml')
-rw-r--r-- | docker/services/keystone.yaml | 64 |
1 files changed, 7 insertions, 57 deletions
diff --git a/docker/services/keystone.yaml b/docker/services/keystone.yaml index 3f8baef7..0597b906 100644 --- a/docker/services/keystone.yaml +++ b/docker/services/keystone.yaml @@ -33,7 +33,7 @@ parameters: KeystoneTokenProvider: description: The keystone token format type: string - default: 'uuid' + default: 'fernet' constraints: - allowed_values: ['uuid', 'fernet'] @@ -46,9 +46,6 @@ resources: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} -conditions: - keystone_fernet_tokens: {equals: [{get_param: KeystoneTokenProvider}, "fernet"]} - outputs: role_data: description: Role data for the Keystone API role. @@ -76,53 +73,6 @@ outputs: kolla_config: /var/lib/kolla/config_files/keystone.json: command: /usr/sbin/httpd -DFOREGROUND - config_files: - - dest: /etc/keystone/keystone.conf - owner: keystone - perm: '0640' - source: /var/lib/kolla/config_files/src/etc/keystone/keystone.conf - - dest: /etc/keystone/credential-keys/0 - owner: keystone - perm: '0600' - source: /var/lib/kolla/config_files/src/etc/keystone/credential-keys/0 - - dest: /etc/keystone/credential-keys/1 - owner: keystone - perm: '0600' - source: /var/lib/kolla/config_files/src/etc/keystone/credential-keys/1 - - dest: /etc/keystone/fernet-keys/0 - owner: keystone - perm: '0600' - source: /var/lib/kolla/config_files/src/etc/keystone/fernet-keys/0 - optional: {if: [keystone_fernet_tokens, false, true]} - - dest: /etc/keystone/fernet-keys/1 - owner: keystone - perm: '0600' - source: /var/lib/kolla/config_files/src/etc/keystone/fernet-keys/1 - optional: {if: [keystone_fernet_tokens, false, true]} - - dest: /etc/httpd/conf.d/10-keystone_wsgi_admin.conf - owner: root - perm: '0644' - source: /var/lib/kolla/config_files/src/etc/httpd/conf.d/10-keystone_wsgi_admin.conf - - dest: /etc/httpd/conf.d/10-keystone_wsgi_main.conf - owner: root - perm: '0644' - source: /var/lib/kolla/config_files/src/etc/httpd/conf.d/10-keystone_wsgi_main.conf - - dest: /etc/httpd/conf/httpd.conf - owner: root - perm: '0644' - source: /var/lib/kolla/config_files/src/etc/httpd/conf/httpd.conf - - dest: /etc/httpd/conf/ports.conf - owner: root - perm: '0644' - source: /var/lib/kolla/config_files/src/etc/httpd/conf/ports.conf - - dest: /var/www/cgi-bin/keystone/keystone-admin - owner: keystone - perm: '0644' - source: /var/lib/kolla/config_files/src/var/www/cgi-bin/keystone/keystone-admin - - dest: /var/www/cgi-bin/keystone/keystone-public - owner: keystone - perm: '0644' - source: /var/lib/kolla/config_files/src/var/www/cgi-bin/keystone/keystone-public docker_config: step_3: keystone-init-log: @@ -140,8 +90,9 @@ outputs: detach: false volumes: &keystone_volumes - /var/lib/kolla/config_files/keystone.json:/var/lib/kolla/config_files/config.json:ro - - /var/lib/config-data/keystone/:/var/lib/kolla/config_files/src:ro - - /var/lib/config-data/keystone/etc/httpd/conf.modules.d:/etc/httpd/conf.modules.d:ro + - /var/lib/config-data/keystone/var/www/:/var/www/:ro + - /var/lib/config-data/keystone/etc/keystone/:/etc/keystone/:ro + - /var/lib/config-data/keystone/etc/httpd/:/etc/httpd/:ro - /etc/hosts:/etc/hosts:ro - /etc/localtime:/etc/localtime:ro - logs:/var/log @@ -168,11 +119,10 @@ outputs: config_volume: 'keystone_init_tasks' puppet_tags: 'keystone_config,keystone_domain_config,keystone_endpoint,keystone_identity_provider,keystone_paste_ini,keystone_role,keystone_service,keystone_tenant,keystone_user,keystone_user_role,keystone_domain' step_config: 'include ::tripleo::profile::base::keystone' - config_image: - list_join: - - '/' - - [ {get_param: DockerNamespace}, {get_param: DockerKeystoneImage} ] + config_image: *keystone_image upgrade_tasks: - name: Stop and disable keystone service (running under httpd) tags: step2 service: name=httpd state=stopped enabled=no + metadata_settings: + get_attr: [KeystoneBase, role_data, metadata_settings] |