diff options
Diffstat (limited to 'puppet/services/glance-api.yaml')
| -rw-r--r-- | puppet/services/glance-api.yaml | 86 |
1 files changed, 75 insertions, 11 deletions
diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml index 89e6ee0f..80ba9aef 100644 --- a/puppet/services/glance-api.yaml +++ b/puppet/services/glance-api.yaml @@ -4,11 +4,23 @@ description: > OpenStack Glance API service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + CephClientUserName: + default: openstack + type: string Debug: default: '' description: Set to True to enable debugging on all services. @@ -33,9 +45,19 @@ parameters: constraints: - allowed_values: ['swift', 'file', 'rbd'] GlanceWorkers: - default: 0 - description: Number of workers for Glance service. - type: number + default: '' + description: | + Number of API worker processes for Glance. If left unset (empty string), the + default value will result in the configuration being left unset and a + system-dependent default value will be chosen (e.g.: number of + processors). Please note that this will create a large number of + processes on systems with a large number of CPUs resulting in excess + memory consumption. It is recommended that a suitable non-default value + be selected on such systems. + type: string + GlanceRbdPoolName: + default: images + type: string RabbitPassword: description: The password for RabbitMQ type: string @@ -54,11 +76,28 @@ parameters: Rabbit client subscriber parameter to specify an SSL connection to the RabbitMQ host. type: string + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint + MonitoringSubscriptionGlanceApi: + default: 'overcloud-glance-api' + type: string + GlanceApiLoggingSource: + type: json + default: + tag: openstack.glance.api + path: /var/log/glance/api.log outputs: role_data: description: Role data for the Glance API role. value: + service_name: glance_api + monitoring_subscription: {get_param: MonitoringSubscriptionGlanceApi} + logging_source: {get_param: GlanceApiLoggingSource} + logging_groups: + - glance config_settings: glance::api::database_connection: list_join: @@ -70,14 +109,16 @@ outputs: - {get_param: [EndpointMap, MysqlInternal, host]} - '/glance' glance::api::bind_port: {get_param: [EndpointMap, GlanceInternal, port]} - glance::api::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } - glance::api::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } + glance::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } + glance::api::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } glance::api::registry_host: str_replace: template: "'REGISTRY_HOST'" params: REGISTRY_HOST: {get_param: [EndpointMap, GlanceRegistryInternal, host]} - glance::api::keystone_password: {get_param: GlancePassword} + glance::api::registry_client_protocol: {get_param: [EndpointMap, GlanceRegistryInternal, protocol] } + glance::api::authtoken::password: {get_param: GlancePassword} + glance::api::enable_proxy_headers_parsing: true glance::api::debug: {get_param: Debug} glance::api::workers: {get_param: GlanceWorkers} glance_notifier_strategy: {get_param: GlanceNotifierStrategy} @@ -85,15 +126,38 @@ outputs: glance::backend::swift::swift_store_auth_address: {get_param: [EndpointMap, KeystoneInternal, uri] } glance::backend::swift::swift_store_user: service:glance glance::backend::swift::swift_store_key: {get_param: GlancePassword} + glance::backend::swift::swift_store_create_container_on_put: true + glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName} + glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName} glance_backend: {get_param: GlanceBackend} - glance::db::mysql::password: {get_param: GlancePassword} glance::notify::rabbitmq::rabbit_userid: {get_param: RabbitUserName} glance::notify::rabbitmq::rabbit_port: {get_param: RabbitClientPort} glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword} glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL} - glance::keystone::auth::public_url: {get_param: [EndpointMap, GlancePublic, uri]} - glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]} - glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]} - glance::keystone::auth::password: {get_param: GlancePassword } + glance::registry::db::database_db_max_retries: -1 + glance::registry::db::database_max_retries: -1 + tripleo.glance_api.firewall_rules: + '112 glance_api': + dport: + - 9292 + - 13292 + glance::api::authtoken::project_name: 'service' + glance::api::pipeline: 'keystone' + glance::api::show_image_direct_url: true + # NOTE: bind IP is found in Heat replacing the network name with the + # local node IP for the given network; replacement examples + # (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + glance::api::bind_host: {get_param: [ServiceNetMap, GlanceApiNetwork]} step_config: | include ::tripleo::profile::base::glance::api + service_config_settings: + keystone: + glance::keystone::auth::public_url: {get_param: [EndpointMap, GlancePublic, uri]} + glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]} + glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]} + glance::keystone::auth::password: {get_param: GlancePassword } + glance::keystone::auth::region: {get_param: KeystoneRegion} + glance::keystone::auth::tenant: 'service' |