1 files changed, 13 insertions, 0 deletions

diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml
index de920de3..abc738d9 100644
--- a/puppet/services/keystone.yaml
+++ b/puppet/services/keystone.yaml
@@ -110,6 +110,7 @@ outputs:
         keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
         keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
         keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
+        keystone::enable_proxy_headers_parsing: true
         keystone::debug: {get_param: Debug}
         keystone::db::mysql::password: {get_param: AdminToken}
         keystone::rabbit_userid: {get_param: RabbitUserName}
@@ -132,10 +133,22 @@ outputs:
         keystone::db::mysql::allowed_hosts:
           - '%'
           - "%{hiera('mysql_bind_host')}"
+        keystone::rabbit_heartbeat_timeout_threshold: 60
+        keystone::cron::token_flush::maxdelay: 3600
+        keystone::roles::admin::service_tenant: 'service'
+        keystone::roles::admin::admin_tenant: 'admin'
+        keystone::cron::token_flush::destination: '/dev/null'
+        keystone::config::keystone_config:
+          ec2/driver:
+            value: 'keystone.contrib.ec2.backends.sql.Ec2'
+        keystone::service_name: 'httpd'
+        keystone::wsgi::apache::ssl: false
 
         keystone::wsgi::apache::workers: {get_param: KeystoneWorkers}
         # override via extraconfig:
         keystone::wsgi::apache::threads: 1
+        keystone::db::database_db_max_retries: -1
+        keystone::db::database_max_retries: -1
         tripleo.keystone.firewall_rules:
           '111 keystone':
             dport: