heat_template_version: 2016-04-08 description: > OpenStack Swift Proxy service configured with Puppet parameters: ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json Debug: default: '' description: Set to True to enable debugging on all services. type: string SwiftPassword: description: The password for the swift service account, used by the swift proxy services. type: string hidden: true SwiftProxyNodeTimeout: default: 60 description: Timeout for requests going from swift-proxy to swift a/c/o services. type: number SwiftWorkers: default: 0 description: Number of workers for Swift service. type: number KeystoneRegion: type: string default: 'regionOne' description: Keystone region for endpoint resources: SwiftBase: type: ./swift-base.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: role_data: description: Role data for the Swift proxy service. value: service_name: swift_proxy config_settings: map_merge: - get_attr: [SwiftBase, role_data, config_settings] - swift::proxy::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} swift::proxy::authtoken::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} swift::proxy::authtoken::admin_password: {get_param: SwiftPassword} swift::proxy::authtoken::admin_tenant_name: 'service' swift::proxy::node_timeout: {get_param: SwiftProxyNodeTimeout} swift::proxy::workers: {get_param: SwiftWorkers} swift::keystone::auth::public_url: {get_param: [EndpointMap, SwiftPublic, uri]} swift::keystone::auth::internal_url: {get_param: [EndpointMap, SwiftInternal, uri]} swift::keystone::auth::admin_url: {get_param: [EndpointMap, SwiftAdmin, uri]} swift::keystone::auth::public_url_s3: {get_param: [EndpointMap, SwiftS3Public, uri]} swift::keystone::auth::internal_url_s3: {get_param: [EndpointMap, SwiftS3Internal, uri]} swift::keystone::auth::admin_url_s3: {get_param: [EndpointMap, SwiftS3Admin, uri]} swift::keystone::auth::password: {get_param: SwiftPassword} swift::keystone::auth::region: {get_param: KeystoneRegion} tripleo.swift_proxy.firewall_rules: '122 swift proxy': dport: - 8080 - 13808 swift::keystone::auth::tenant: 'service' swift::keystone::auth::configure_s3_endpoint: false swift::keystone::auth::operator_roles: - admin - swiftoperator - ResellerAdmin swift::proxy::keystone::operator_roles: - admin - swiftoperator - ResellerAdmin swift::proxy::pipeline: - 'catch_errors' - 'healthcheck' - 'proxy-logging' - 'cache' - 'ratelimit' - 'bulk' - 'tempurl' - 'formpost' - 'authtoken' - 'keystone' - 'staticweb' - 'proxy-logging' - 'proxy-server' swift::proxy::account_autocreate: true # NOTE: bind IP is found in Heat replacing the network name with the # local node IP for the given network; replacement examples # (eg. for internal_api): # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR swift::proxy::proxy_local_net_ip: {get_param: [ServiceNetMap, SwiftProxyNetwork]} step_config: | include ::tripleo::profile::base::swift::proxy