diff options
Diffstat (limited to 'puppet/services/keystone.yaml')
-rw-r--r-- | puppet/services/keystone.yaml | 21 |
1 files changed, 3 insertions, 18 deletions
diff --git a/puppet/services/keystone.yaml b/puppet/services/keystone.yaml index 48e74875..d45ed86e 100644 --- a/puppet/services/keystone.yaml +++ b/puppet/services/keystone.yaml @@ -4,24 +4,11 @@ description: > OpenStack Keystone service configured with Puppet parameters: - KeystoneCACertificate: - default: '' - description: Keystone self-signed certificate authority certificate. - type: string KeystoneEnableDBPurge: default: true description: | Whether to create cron job for purging soft deleted rows in Keystone database. type: boolean - KeystoneSigningCertificate: - default: '' - description: Keystone certificate for verifying token validity. - type: string - KeystoneSigningKey: - default: '' - description: Keystone key for signing tokens. - type: string - hidden: true KeystoneSSLCertificate: default: '' description: Keystone certificate for verifying token validity. @@ -105,11 +92,9 @@ outputs: - '/keystone' keystone::admin_token: {get_param: AdminToken} keystone::roles::admin::password: {get_param: AdminPassword} - keystone_ca_certificate: {get_param: KeystoneCACertificate} - keystone_signing_key: {get_param: KeystoneSigningKey} - keystone_signing_certificate: {get_param: KeystoneSigningCertificate} keystone_ssl_certificate: {get_param: KeystoneSSLCertificate} keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey} + keystone::enable_proxy_headers_parsing: true keystone::debug: {get_param: Debug} keystone::db::mysql::password: {get_param: AdminToken} keystone::rabbit_userid: {get_param: RabbitUserName} @@ -138,8 +123,6 @@ outputs: keystone::roles::admin::admin_tenant: 'admin' keystone::cron::token_flush::destination: '/dev/null' keystone::config::keystone_config: - DEFAULT/secure_proxy_ssl_header: - value: 'HTTP_X_FORWARDED_PROTO' ec2/driver: value: 'keystone.contrib.ec2.backends.sql.Ec2' keystone::service_name: 'httpd' @@ -148,6 +131,8 @@ outputs: keystone::wsgi::apache::workers: {get_param: KeystoneWorkers} # override via extraconfig: keystone::wsgi::apache::threads: 1 + keystone::db::database_db_max_retries: -1 + keystone::db::database_max_retries: -1 tripleo.keystone.firewall_rules: '111 keystone': dport: |