From 8072ae85082dd060d1cb8e3bcba76da8372ed593 Mon Sep 17 00:00:00 2001 From: Dan Sneddon Date: Tue, 26 May 2015 17:54:01 -0700 Subject: Map Keystone services to isolated networks This change adds parameters to specify which networks the Keystone API services will use. If the external network exists, Keystone will bind to the IP on that network for the public API, otherwise it will default to the IP on the Undercloud 'ctlplane' network. If the internal_api network exists it will be used for the Keystone Admin API, otherwise it will default to the 'ctlplane' IP. The networks these APIs are bound to can be overridden in an environment file. Change-Id: I6694ef6ca3b9b7afbde5d4f9d173723b9ce71b20 --- puppet/controller-puppet.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'puppet/controller-puppet.yaml') diff --git a/puppet/controller-puppet.yaml b/puppet/controller-puppet.yaml index 3f134d87..ca650979 100644 --- a/puppet/controller-puppet.yaml +++ b/puppet/controller-puppet.yaml @@ -798,8 +798,8 @@ resources: keystone_ssl_certificate: {get_input: keystone_ssl_certificate} keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key} keystone::database_connection: {get_input: keystone_dsn} - keystone::public_bind_host: {get_input: controller_host} - keystone::admin_bind_host: {get_input: controller_host} + keystone::public_bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + keystone::admin_bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} keystone::debug: {get_input: debug} # MongoDB mongodb::server::bind_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} -- cgit 1.2.3-korg