diff options
Diffstat (limited to 'deploy/adapters/ansible/roles/keystone/templates')
5 files changed, 62 insertions, 35 deletions
diff --git a/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v2.sh b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v2.sh new file mode 100644 index 00000000..6ba620ff --- /dev/null +++ b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v2.sh @@ -0,0 +1,15 @@ +############################################################################## +# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +# Verify the Identity Service installation +export OS_PASSWORD={{ ADMIN_PASS }} +export OS_TENANT_NAME=admin +export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v2.0 +export OS_USERNAME=admin +export OS_VOLUME_API_VERSION=2 + diff --git a/deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh index 6ba620ff..94d5850f 100644 --- a/deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh +++ b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh @@ -7,9 +7,12 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## # Verify the Identity Service installation -export OS_PASSWORD={{ ADMIN_PASS }} +export OS_PROJECT_DOMAIN_NAME=default +export OS_USER_DOMAIN_NAME=default export OS_TENANT_NAME=admin -export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v2.0 +export OS_PROJECT_NAME=admin export OS_USERNAME=admin -export OS_VOLUME_API_VERSION=2 - +export OS_PASSWORD={{ ADMIN_PASS }} +export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v3 +export OS_IDENTITY_API_VERSION=3 +export OS_IMAGE_API_VERSION=2 diff --git a/deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh b/deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh index 5807e868..920f42ed 100644 --- a/deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh +++ b/deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh @@ -6,8 +6,12 @@ # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## +export OS_PROJECT_DOMAIN_NAME=default +export OS_USER_DOMAIN_NAME=default +export OS_TENANT_NAME=demo +export OS_PROJECT_NAME=demo export OS_USERNAME=demo export OS_PASSWORD={{ DEMO_PASS }} -export OS_TENANT_NAME=demo -export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v2.0 - +export OS_AUTH_URL=http://{{ internal_vip.ip }}:5000/v3 +export OS_IDENTITY_API_VERSION=3 +export OS_IMAGE_API_VERSION=2 diff --git a/deploy/adapters/ansible/roles/keystone/templates/keystone.conf b/deploy/adapters/ansible/roles/keystone/templates/keystone.conf index 649fc32c..919be344 100644 --- a/deploy/adapters/ansible/roles/keystone/templates/keystone.conf +++ b/deploy/adapters/ansible/roles/keystone/templates/keystone.conf @@ -7,51 +7,52 @@ {% set memcached_servers = memcached_servers|join(',') %} {% set rabbitmq_servers = rabbitmq_servers|join(',') %} [DEFAULT] -admin_token={{ ADMIN_TOKEN }} debug={{ DEBUG }} log_dir = /var/log/keystone [cache] -backend=keystone.cache.memcache_pool -memcache_servers={{ memcached_servers}} +backend = keystone.cache.memcache_pool +memcache_servers = {{ memcached_servers}} enabled=true [revoke] -driver=sql -expiration_buffer=3600 -caching=true +driver = sql +expiration_buffer = 3600 +caching = true [database] connection = mysql://keystone:{{ KEYSTONE_DBPASS }}@{{ db_host }}/keystone?charset=utf8 -idle_timeout=30 -min_pool_size=5 -max_pool_size=120 -pool_timeout=30 +idle_timeout = 30 +min_pool_size = 5 +max_pool_size = 120 +pool_timeout = 30 +[fernet_tokens] +key_repository = /etc/keystone/fernet-keys/ [identity] -default_domain_id=default -driver=sql +default_domain_id = default +driver = sql [assignment] -driver=sql +driver = sql [resource] -driver=sql -caching=true -cache_time=3600 - +driver = sql +caching = true +cache_time = 3600 + [token] -enforce_token_bind=permissive -expiration=43200 -provider=uuid -driver=sql -caching=true -cache_time=3600 +enforce_token_bind = permissive +expiration = 43200 +provider = fernet +driver = sql +caching = true +cache_time = 3600 [eventlet_server] -public_bind_host= {{ identity_host }} -admin_bind_host= {{ identity_host }} +public_bind_host = {{ identity_host }} +admin_bind_host = {{ identity_host }} [oslo_messaging_rabbit] rabbit_userid = {{ RABBIT_USER }} diff --git a/deploy/adapters/ansible/roles/keystone/templates/wsgi-keystone.conf.j2 b/deploy/adapters/ansible/roles/keystone/templates/wsgi-keystone.conf.j2 index 64d864af..55c89839 100644 --- a/deploy/adapters/ansible/roles/keystone/templates/wsgi-keystone.conf.j2 +++ b/deploy/adapters/ansible/roles/keystone/templates/wsgi-keystone.conf.j2 @@ -1,6 +1,10 @@ - {% set work_threads = (ansible_processor_vcpus + 1) // 2 %} +{% set work_threads = (ansible_processor_vcpus + 1) // 2 %} +{% if work_threads > 10 %} +{% set work_threads = 10 %} +{% endif %} + <VirtualHost {{ internal_ip }}:5000> - WSGIDaemonProcess keystone-public processes={{ work_threads }} threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP} + WSGIDaemonProcess keystone-public processes=4 threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-public WSGIScriptAlias / /usr/bin/keystone-wsgi-public WSGIApplicationGroup %{GLOBAL} @@ -23,7 +27,7 @@ </VirtualHost> <VirtualHost {{ internal_ip }}:35357> - WSGIDaemonProcess keystone-admin processes={{ work_threads }} threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP} + WSGIDaemonProcess keystone-admin processes=4 threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-admin WSGIScriptAlias / /usr/bin/keystone-wsgi-admin WSGIApplicationGroup %{GLOBAL} |