diff options
Diffstat (limited to 'deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates')
3 files changed, 83 insertions, 0 deletions
diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/aodh.conf.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/aodh.conf.j2 new file mode 100644 index 00000000..eac6e5bd --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/aodh.conf.j2 @@ -0,0 +1,41 @@ +[DEFAULT] +bind_host = {{ internal_ip }} +bind_port = 8042 +rpc_backend = rabbit +auth_strategy = keystone +debug = True +verbose = True + +[oslo_messaging_rabbit] +rabbit_hosts = {{ internal_vip.ip }} +rabbit_userid = {{ RABBIT_USER }} +rabbit_password = {{ RABBIT_PASS }} +rabbit_use_ssl = false + +[database] +connection = mongodb://aodh:{{ AODH_DBPASS }}@{{ internal_vip.ip }}:27017/aodh + +[keystone_authtoken] +auth_uri = http://{{ internal_vip.ip }}:5000 +auth_url = http://{{ internal_vip.ip }}:35357 +identity_uri = http://{{ internal_vip.ip }}:35357 +auth_plugin = password +project_domain_id = default +user_domain_id = default +project_name = service +username = aodh +password = {{ AODH_PASS }} +memcached_servers = {{ memcached_servers }} +token_cache_time = 300 +revocation_cache_time = 60 + +[service_credentials] +os_auth_url = http://{{ internal_vip.ip }}:5000/v2.0 +os_username = aodh +os_tenant_name = service +os_password = {{ AODH_PASS }} +os_endpoint_type = internalURL +os_region_name = regionOne + +[api] +host = {{ internal_ip }} diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/api_paste.ini.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/api_paste.ini.j2 new file mode 100644 index 00000000..151789c4 --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/api_paste.ini.j2 @@ -0,0 +1,22 @@ +# aodh API WSGI Pipeline +# Define the filters that make up the pipeline for processing WSGI requests +# Note: This pipeline is PasteDeploy's term rather than aodh's pipeline +# used for processing samples + +# Remove authtoken from the pipeline if you don't want to use keystone authentication +[pipeline:main] +pipeline = cors request_id authtoken api-server + +[app:api-server] +paste.app_factory = aodh.api.app:app_factory + +[filter:authtoken] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory +oslo_config_project = aodh + +[filter:request_id] +paste.filter_factory = oslo_middleware:RequestId.factory + +[filter:cors] +paste.filter_factory = oslo_middleware.cors:filter_factory +oslo_config_project = aodh diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/policy.json.j2 b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/policy.json.j2 new file mode 100644 index 00000000..4fd873e9 --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka/roles/aodh/templates/policy.json.j2 @@ -0,0 +1,20 @@ +{ + "context_is_admin": "role:admin", + "segregation": "rule:context_is_admin", + "admin_or_owner": "rule:context_is_admin or project_id:%(project_id)s", + "default": "rule:admin_or_owner", + + "telemetry:get_alarm": "rule:admin_or_owner", + "telemetry:get_alarms": "rule:admin_or_owner", + "telemetry:query_alarm": "rule:admin_or_owner", + + "telemetry:create_alarm": "", + "telemetry:change_alarm": "rule:admin_or_owner", + "telemetry:delete_alarm": "rule:admin_or_owner", + + "telemetry:get_alarm_state": "rule:admin_or_owner", + "telemetry:change_alarm_state": "rule:admin_or_owner", + + "telemetry:alarm_history": "rule:admin_or_owner", + "telemetry:query_alarm_history": "rule:admin_or_owner" +} |