aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services/keystone.yaml
AgeCommit message (Collapse)AuthorFilesLines
2016-07-29Enable keystone to use the SSL middlewareJuan Antonio Osorio Robles1-2/+1
The http_proxy_to_wsgi middleware was recently added to keystone as default in the pipeline [1]. So this takes it into use instead of the non-standard option we were using before, which will be deprecated. We already enable this middleware for nova, cinder and heat. [1] Iad628a863e55cbf20c89ef23ebc7527ba8e1a835 Depends-On: I0fec98a6e1d9c8be4d8b8df382b78ba2815790f9 Change-Id: I8c1b84adc828a2b8c9ea11c4e2b8349427b1b206
2016-07-27Migrate Puppet Hieradata to composable servicesEmilien Macchi1-0/+12
Migrate puppet/hieradata/*.yaml parameters to puppet/services/*.yaml except for some services that are not composable yet. Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com> Change-Id: I7e5f8b18ee9aa63a1dffc6facaf88315b07d5fd7
2016-07-25Composable firewall rulesDan Prince1-0/+7
Split out the firewall rules in puppet/hieradata/controller.yaml into the composable services Depends-On: Id370362ab57347b75b1ab25afda877885b047263 Change-Id: Icaecab100d3f278035fbbb3facb9bf6c62c76c03
2016-07-22Add 'service_name' to composable servicesDan Prince1-0/+1
This patch adds a new service_name section to each composable service. We now have an explicit unit test check to ensure that service_name exists in tools/yaml-validate.py. This patch also wires service_names into hieradata on each of the roles so that tools can access the deployed services locally during deployment and upgrades. Change-Id: I60861c5aa760534db3e314bba16a13b90ea72f0c
2016-07-20Fix KeystoneWorkers default valueJiri Stransky1-1/+1
The current default doesn't get expanded to its real value correctly, the new one should work better, it's according to hiera docs: https://docs.puppet.com/hiera/3.2/variables.html Change-Id: I8d1df131d2f1eee4ae0f725358d33a3ecfa3175a
2016-07-11Repurpose KeystoneWorkers add keystone::wsgi::apache::threadsmarios1-7/+7
Now that keystone is run with wsgi apache the KeystoneWorkers param has no efffect [1]. This repurposes KeystoneWorkers to now set wsgi::apache::workers and adds the keystone::wsgi::apache::threads hardcoding to 1 (can overrride via extraconfig data) [1] https://github.com/openstack/puppet-keystone/blob/51c68fb127c28b9748b352871783c3ec6ef5c83b/manifests/init.pp#L396 Closes-Bug: 1598092 Change-Id: I503d1f0d3f4c56abfaf4609ea8290e78668013b6
2016-07-08Move keystone::db data within service templateGiulio Fidente1-0/+7
Change-Id: I934aff4960588a3957b7a7bcc90385ae48d34d1e
2016-05-30Pass MysqlVirtualIP via EndpointMapGiulio Fidente1-7/+4
By passing the MysqlVirtualIP via the EndpointMap we won't need it to be provided as a parameter to the services. This follows what is already happening for the glance registry service with I9186e56cd4746a60e65dc5ac12e6595ac56505f0. Change-Id: Iad2ab389bf64d0fc8b06eb0e7d29b5370ff27dff Co-Authored-By: Juan Antonio Osorio Robles <jaosorior@redhat.com>
2016-04-09composable keystone servicesDan Prince1-0/+135
Adds new puppet and puppet pacemaker specific services for Keystone. The puppet manifests for keystone now live in puppet-tripleo. Hiera settings are driven by the nested stack heat templates and used to control puppet-keystone and puppet-tripleo directly. The Pacemaker template extends the default keystone service and swaps in the pacemaker specific puppet-tripleo profile instead. Change-Id: I8b30438a27e9d5ec4e7d335e0bd1a931a20b03a2 Depends-On: I2faf5a78db802549053ec41678bf83bf28108189