diff options
Diffstat (limited to 'puppet/services/keystone.yaml')
-rw-r--r-- | puppet/services/keystone.yaml | 33 |
1 files changed, 19 insertions, 14 deletions
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index 1654f0e7..83bab349 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -45,18 +45,11 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint - KeystoneWorkers: - default: 0 - description: Number of workers for Keystone service. - type: number EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json - MysqlVirtualIPUri: - type: string - default: '' Debug: type: string default: '' @@ -91,21 +84,25 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number - + KeystoneWorkers: + type: string + description: Set the number of workers for keystone::wsgi::apache + default: '"%{::processorcount}"' outputs: role_data: description: Role data for the Keystone role. value: + service_name: keystone config_settings: - keystone_dsn: &keystone_dsn + keystone::database_connection: list_join: - '' - - - 'mysql+pymysql://keystone:' + - - {get_param: [EndpointMap, MysqlInternal, protocol]} + - '://keystone:' - {get_param: AdminToken} - '@' - - {get_param: MysqlVirtualIPUri} + - {get_param: [EndpointMap, MysqlInternal, host]} - '/keystone' - keystone::database_connection: *keystone_dsn keystone::admin_token: {get_param: AdminToken} keystone::roles::admin::password: {get_param: AdminPassword} keystone_ca_certificate: {get_param: KeystoneCACertificate} @@ -127,9 +124,17 @@ outputs: keystone::endpoint::internal_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} keystone::endpoint::admin_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} keystone::endpoint::region: {get_param: KeystoneRegion} - keystone::admin_workers: {get_param: KeystoneWorkers} - keystone::public_workers: {get_param: KeystoneWorkers} keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge} keystone::public_endpoint: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} + keystone::db::mysql::user: keystone + keystone::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + keystone::db::mysql::dbname: keystone + keystone::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" + + keystone::wsgi::apache::workers: {get_param: KeystoneWorkers} + # override via extraconfig: + keystone::wsgi::apache::threads: 1 step_config: | include ::tripleo::profile::base::keystone |