3 files changed, 88 insertions, 0 deletions

diff --git a/deploy/adapters/ansible/openstack_osp9/roles/aodh/templates/aodh.conf.j2 b/deploy/adapters/ansible/openstack_osp9/roles/aodh/templates/aodh.conf.j2
new file mode 100755
index 00000000..d4d232be
--- /dev/null
+++ b/deploy/adapters/ansible/openstack_osp9/roles/aodh/templates/aodh.conf.j2
@@ -0,0 +1,46 @@
+{% set memcached_servers = [] %}
+{% for host in haproxy_hosts.values() %}
+{% set _ = memcached_servers.append('%s:11211'% host) %}
+{% endfor %}
+{% set memcached_servers = memcached_servers|join(',') %}
+
+[DEFAULT]
+bind_host = {{ internal_ip }}
+bind_port = 8042
+rpc_backend = rabbit
+auth_strategy = keystone
+debug = True
+
+[oslo_messaging_rabbit]
+rabbit_hosts = {{ internal_vip.ip }}
+rabbit_userid = {{ RABBIT_USER }}
+rabbit_password = {{ RABBIT_PASS }}
+#rabbit_use_ssl = false
+
+[database]
+connection = mysql://aodh:{{ AODH_DBPASS }}@{{ db_host }}/aodh
+
+[keystone_authtoken]
+auth_uri = http://{{ internal_vip.ip }}:5000
+auth_url = http://{{ internal_vip.ip }}:35357
+identity_uri = http://{{ internal_vip.ip }}:35357
+auth_plugin = password
+project_domain_id = default
+user_domain_id = default
+project_name = service
+username = aodh
+password = {{ AODH_PASS }}
+memcached_servers = {{ memcached_servers }}
+token_cache_time = 300
+revocation_cache_time = 60
+
+[service_credentials]
+os_auth_url = http://{{ internal_vip.ip }}:5000/v2.0
+os_username = aodh
+os_tenant_name = service
+os_password = {{ AODH_PASS }}
+os_endpoint_type = internalURL
+os_region_name = RegionOne
+
+[api]
+host = {{ internal_ip }}
diff --git a/deploy/adapters/ansible/openstack_osp9/roles/aodh/templates/api_paste.ini.j2 b/deploy/adapters/ansible/openstack_osp9/roles/aodh/templates/api_paste.ini.j2
new file mode 100755
index 00000000..151789c4
--- /dev/null
+++ b/deploy/adapters/ansible/openstack_osp9/roles/aodh/templates/api_paste.ini.j2
@@ -0,0 +1,22 @@
+# aodh API WSGI Pipeline
+# Define the filters that make up the pipeline for processing WSGI requests
+# Note: This pipeline is PasteDeploy's term rather than aodh's pipeline
+# used for processing samples
+
+# Remove authtoken from the pipeline if you don't want to use keystone authentication
+[pipeline:main]
+pipeline = cors request_id authtoken api-server
+
+[app:api-server]
+paste.app_factory = aodh.api.app:app_factory
+
+[filter:authtoken]
+paste.filter_factory = keystonemiddleware.auth_token:filter_factory
+oslo_config_project = aodh
+
+[filter:request_id]
+paste.filter_factory = oslo_middleware:RequestId.factory
+
+[filter:cors]
+paste.filter_factory = oslo_middleware.cors:filter_factory
+oslo_config_project = aodh
diff --git a/deploy/adapters/ansible/openstack_osp9/roles/aodh/templates/policy.json.j2 b/deploy/adapters/ansible/openstack_osp9/roles/aodh/templates/policy.json.j2
new file mode 100755
index 00000000..4fd873e9
--- /dev/null
+++ b/deploy/adapters/ansible/openstack_osp9/roles/aodh/templates/policy.json.j2
@@ -0,0 +1,20 @@
+{
+    "context_is_admin": "role:admin",
+    "segregation": "rule:context_is_admin",
+    "admin_or_owner": "rule:context_is_admin or project_id:%(project_id)s",
+    "default": "rule:admin_or_owner",
+
+    "telemetry:get_alarm": "rule:admin_or_owner",
+    "telemetry:get_alarms": "rule:admin_or_owner",
+    "telemetry:query_alarm": "rule:admin_or_owner",
+
+    "telemetry:create_alarm": "",
+    "telemetry:change_alarm": "rule:admin_or_owner",
+    "telemetry:delete_alarm": "rule:admin_or_owner",
+
+    "telemetry:get_alarm_state": "rule:admin_or_owner",
+    "telemetry:change_alarm_state": "rule:admin_or_owner",
+
+    "telemetry:alarm_history": "rule:admin_or_owner",
+    "telemetry:query_alarm_history": "rule:admin_or_owner"
+}