heat_template_version: 2016-04-08 description: > OpenStack Glance API service configured with Puppet parameters: ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json CephClientUserName: default: openstack type: string Debug: default: '' description: Set to True to enable debugging on all services. type: string GlanceNotifierStrategy: description: Strategy to use for Glance notification queue type: string default: noop GlanceLogFile: description: The filepath of the file to use for logging messages from Glance. type: string default: '' GlancePassword: description: The password for the glance service and db account, used by the glance services. type: string hidden: true GlanceBackend: default: swift description: The short name of the Glance backend to use. Should be one of swift, rbd, or file type: string constraints: - allowed_values: ['swift', 'file', 'rbd'] GlanceWorkers: default: '' description: | Number of API worker processes for Glance. If left unset (empty string), the default value will result in the configuration being left unset and a system-dependent default value will be chosen (e.g.: number of processors). Please note that this will create a large number of processes on systems with a large number of CPUs resulting in excess memory consumption. It is recommended that a suitable non-default value be selected on such systems. type: string GlanceRbdPoolName: default: images type: string RabbitPassword: description: The password for RabbitMQ type: string hidden: true RabbitUserName: default: guest description: The username for RabbitMQ type: string RabbitClientPort: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number RabbitClientUseSSL: default: false description: > Rabbit client subscriber parameter to specify an SSL connection to the RabbitMQ host. type: string KeystoneRegion: type: string default: 'regionOne' description: Keystone region for endpoint MonitoringSubscriptionGlanceApi: default: 'overcloud-glance-api' type: string GlanceApiLoggingSource: type: json default: tag: openstack.glance.api path: /var/log/glance/api.log outputs: role_data: description: Role data for the Glance API role. value: service_name: glance_api monitoring_subscription: {get_param: MonitoringSubscriptionGlanceApi} logging_source: {get_param: GlanceApiLoggingSource} logging_groups: - glance config_settings: glance::api::database_connection: list_join: - '' - - {get_param: [EndpointMap, MysqlInternal, protocol]} - '://glance:' - {get_param: GlancePassword} - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/glance' glance::api::bind_port: {get_param: [EndpointMap, GlanceInternal, port]} glance::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } glance::api::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } glance::api::registry_host: str_replace: template: "'REGISTRY_HOST'" params: REGISTRY_HOST: {get_param: [EndpointMap, GlanceRegistryInternal, host]} glance::api::registry_client_protocol: {get_param: [EndpointMap, GlanceRegistryInternal, protocol] } glance::api::authtoken::password: {get_param: GlancePassword} glance::api::enable_proxy_headers_parsing: true glance::api::debug: {get_param: Debug} glance::api::workers: {get_param: GlanceWorkers} glance_notifier_strategy: {get_param: GlanceNotifierStrategy} glance_log_file: {get_param: GlanceLogFile} glance::backend::swift::swift_store_auth_address: {get_param: [EndpointMap, KeystoneInternal, uri] } glance::backend::swift::swift_store_user: service:glance glance::backend::swift::swift_store_key: {get_param: GlancePassword} glance::backend::swift::swift_store_create_container_on_put: true glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName} glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName} glance_backend: {get_param: GlanceBackend} glance::db::mysql::password: {get_param: GlancePassword} glance::notify::rabbitmq::rabbit_userid: {get_param: RabbitUserName} glance::notify::rabbitmq::rabbit_port: {get_param: RabbitClientPort} glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword} glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL} glance::registry::db::database_db_max_retries: -1 glance::registry::db::database_max_retries: -1 tripleo.glance_api.firewall_rules: '112 glance_api': dport: - 9292 - 13292 glance::api::authtoken::project_name: 'service' glance::api::pipeline: 'keystone' glance::api::show_image_direct_url: true # NOTE: bind IP is found in Heat replacing the network name with the # local node IP for the given network; replacement examples # (eg. for internal_api): # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR glance::api::bind_host: {get_param: [ServiceNetMap, GlanceApiNetwork]} step_config: | include ::tripleo::profile::base::glance::api service_config_settings: keystone: glance::keystone::auth::public_url: {get_param: [EndpointMap, GlancePublic, uri]} glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]} glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]} glance::keystone::auth::password: {get_param: GlancePassword } glance::keystone::auth::region: {get_param: KeystoneRegion} glance::keystone::auth::tenant: 'service'