summaryrefslogtreecommitdiffstats
path: root/puppet/services/glance-api.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/services/glance-api.yaml')
-rw-r--r--puppet/services/glance-api.yaml86
1 files changed, 75 insertions, 11 deletions
diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml
index 89e6ee0f..80ba9aef 100644
--- a/puppet/services/glance-api.yaml
+++ b/puppet/services/glance-api.yaml
@@ -4,11 +4,23 @@ description: >
OpenStack Glance API service configured with Puppet
parameters:
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry. This
+ mapping overrides those in ServiceNetMapDefaults.
+ type: json
+ DefaultPasswords:
+ default: {}
+ type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
+ CephClientUserName:
+ default: openstack
+ type: string
Debug:
default: ''
description: Set to True to enable debugging on all services.
@@ -33,9 +45,19 @@ parameters:
constraints:
- allowed_values: ['swift', 'file', 'rbd']
GlanceWorkers:
- default: 0
- description: Number of workers for Glance service.
- type: number
+ default: ''
+ description: |
+ Number of API worker processes for Glance. If left unset (empty string), the
+ default value will result in the configuration being left unset and a
+ system-dependent default value will be chosen (e.g.: number of
+ processors). Please note that this will create a large number of
+ processes on systems with a large number of CPUs resulting in excess
+ memory consumption. It is recommended that a suitable non-default value
+ be selected on such systems.
+ type: string
+ GlanceRbdPoolName:
+ default: images
+ type: string
RabbitPassword:
description: The password for RabbitMQ
type: string
@@ -54,11 +76,28 @@ parameters:
Rabbit client subscriber parameter to specify
an SSL connection to the RabbitMQ host.
type: string
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
+ MonitoringSubscriptionGlanceApi:
+ default: 'overcloud-glance-api'
+ type: string
+ GlanceApiLoggingSource:
+ type: json
+ default:
+ tag: openstack.glance.api
+ path: /var/log/glance/api.log
outputs:
role_data:
description: Role data for the Glance API role.
value:
+ service_name: glance_api
+ monitoring_subscription: {get_param: MonitoringSubscriptionGlanceApi}
+ logging_source: {get_param: GlanceApiLoggingSource}
+ logging_groups:
+ - glance
config_settings:
glance::api::database_connection:
list_join:
@@ -70,14 +109,16 @@ outputs:
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/glance'
glance::api::bind_port: {get_param: [EndpointMap, GlanceInternal, port]}
- glance::api::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- glance::api::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
+ glance::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ glance::api::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
glance::api::registry_host:
str_replace:
template: "'REGISTRY_HOST'"
params:
REGISTRY_HOST: {get_param: [EndpointMap, GlanceRegistryInternal, host]}
- glance::api::keystone_password: {get_param: GlancePassword}
+ glance::api::registry_client_protocol: {get_param: [EndpointMap, GlanceRegistryInternal, protocol] }
+ glance::api::authtoken::password: {get_param: GlancePassword}
+ glance::api::enable_proxy_headers_parsing: true
glance::api::debug: {get_param: Debug}
glance::api::workers: {get_param: GlanceWorkers}
glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
@@ -85,15 +126,38 @@ outputs:
glance::backend::swift::swift_store_auth_address: {get_param: [EndpointMap, KeystoneInternal, uri] }
glance::backend::swift::swift_store_user: service:glance
glance::backend::swift::swift_store_key: {get_param: GlancePassword}
+ glance::backend::swift::swift_store_create_container_on_put: true
+ glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName}
+ glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName}
glance_backend: {get_param: GlanceBackend}
- glance::db::mysql::password: {get_param: GlancePassword}
glance::notify::rabbitmq::rabbit_userid: {get_param: RabbitUserName}
glance::notify::rabbitmq::rabbit_port: {get_param: RabbitClientPort}
glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword}
glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
- glance::keystone::auth::public_url: {get_param: [EndpointMap, GlancePublic, uri]}
- glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]}
- glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]}
- glance::keystone::auth::password: {get_param: GlancePassword }
+ glance::registry::db::database_db_max_retries: -1
+ glance::registry::db::database_max_retries: -1
+ tripleo.glance_api.firewall_rules:
+ '112 glance_api':
+ dport:
+ - 9292
+ - 13292
+ glance::api::authtoken::project_name: 'service'
+ glance::api::pipeline: 'keystone'
+ glance::api::show_image_direct_url: true
+ # NOTE: bind IP is found in Heat replacing the network name with the
+ # local node IP for the given network; replacement examples
+ # (eg. for internal_api):
+ # internal_api -> IP
+ # internal_api_uri -> [IP]
+ # internal_api_subnet - > IP/CIDR
+ glance::api::bind_host: {get_param: [ServiceNetMap, GlanceApiNetwork]}
step_config: |
include ::tripleo::profile::base::glance::api
+ service_config_settings:
+ keystone:
+ glance::keystone::auth::public_url: {get_param: [EndpointMap, GlancePublic, uri]}
+ glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]}
+ glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]}
+ glance::keystone::auth::password: {get_param: GlancePassword }
+ glance::keystone::auth::region: {get_param: KeystoneRegion}
+ glance::keystone::auth::tenant: 'service'