aboutsummaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible/roles/keystone/templates
diff options
context:
space:
mode:
Diffstat (limited to 'deploy/adapters/ansible/roles/keystone/templates')
-rw-r--r--deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v2.sh15
-rw-r--r--deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh11
-rw-r--r--deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh10
-rw-r--r--deploy/adapters/ansible/roles/keystone/templates/keystone.conf51
-rw-r--r--deploy/adapters/ansible/roles/keystone/templates/wsgi-keystone.conf.j210
5 files changed, 62 insertions, 35 deletions
diff --git a/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v2.sh b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v2.sh
new file mode 100644
index 00000000..6ba620ff
--- /dev/null
+++ b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc-v2.sh
@@ -0,0 +1,15 @@
+##############################################################################
+# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+# Verify the Identity Service installation
+export OS_PASSWORD={{ ADMIN_PASS }}
+export OS_TENANT_NAME=admin
+export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v2.0
+export OS_USERNAME=admin
+export OS_VOLUME_API_VERSION=2
+
diff --git a/deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh
index 6ba620ff..94d5850f 100644
--- a/deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh
+++ b/deploy/adapters/ansible/roles/keystone/templates/admin-openrc.sh
@@ -7,9 +7,12 @@
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
# Verify the Identity Service installation
-export OS_PASSWORD={{ ADMIN_PASS }}
+export OS_PROJECT_DOMAIN_NAME=default
+export OS_USER_DOMAIN_NAME=default
export OS_TENANT_NAME=admin
-export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v2.0
+export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
-export OS_VOLUME_API_VERSION=2
-
+export OS_PASSWORD={{ ADMIN_PASS }}
+export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v3
+export OS_IDENTITY_API_VERSION=3
+export OS_IMAGE_API_VERSION=2
diff --git a/deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh b/deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh
index 5807e868..920f42ed 100644
--- a/deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh
+++ b/deploy/adapters/ansible/roles/keystone/templates/demo-openrc.sh
@@ -6,8 +6,12 @@
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
+export OS_PROJECT_DOMAIN_NAME=default
+export OS_USER_DOMAIN_NAME=default
+export OS_TENANT_NAME=demo
+export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD={{ DEMO_PASS }}
-export OS_TENANT_NAME=demo
-export OS_AUTH_URL=http://{{ internal_vip.ip }}:35357/v2.0
-
+export OS_AUTH_URL=http://{{ internal_vip.ip }}:5000/v3
+export OS_IDENTITY_API_VERSION=3
+export OS_IMAGE_API_VERSION=2
diff --git a/deploy/adapters/ansible/roles/keystone/templates/keystone.conf b/deploy/adapters/ansible/roles/keystone/templates/keystone.conf
index 649fc32c..919be344 100644
--- a/deploy/adapters/ansible/roles/keystone/templates/keystone.conf
+++ b/deploy/adapters/ansible/roles/keystone/templates/keystone.conf
@@ -7,51 +7,52 @@
{% set memcached_servers = memcached_servers|join(',') %}
{% set rabbitmq_servers = rabbitmq_servers|join(',') %}
[DEFAULT]
-admin_token={{ ADMIN_TOKEN }}
debug={{ DEBUG }}
log_dir = /var/log/keystone
[cache]
-backend=keystone.cache.memcache_pool
-memcache_servers={{ memcached_servers}}
+backend = keystone.cache.memcache_pool
+memcache_servers = {{ memcached_servers}}
enabled=true
[revoke]
-driver=sql
-expiration_buffer=3600
-caching=true
+driver = sql
+expiration_buffer = 3600
+caching = true
[database]
connection = mysql://keystone:{{ KEYSTONE_DBPASS }}@{{ db_host }}/keystone?charset=utf8
-idle_timeout=30
-min_pool_size=5
-max_pool_size=120
-pool_timeout=30
+idle_timeout = 30
+min_pool_size = 5
+max_pool_size = 120
+pool_timeout = 30
+[fernet_tokens]
+key_repository = /etc/keystone/fernet-keys/
[identity]
-default_domain_id=default
-driver=sql
+default_domain_id = default
+driver = sql
[assignment]
-driver=sql
+driver = sql
[resource]
-driver=sql
-caching=true
-cache_time=3600
-
+driver = sql
+caching = true
+cache_time = 3600
+
[token]
-enforce_token_bind=permissive
-expiration=43200
-provider=uuid
-driver=sql
-caching=true
-cache_time=3600
+enforce_token_bind = permissive
+expiration = 43200
+provider = fernet
+driver = sql
+caching = true
+cache_time = 3600
[eventlet_server]
-public_bind_host= {{ identity_host }}
-admin_bind_host= {{ identity_host }}
+public_bind_host = {{ identity_host }}
+admin_bind_host = {{ identity_host }}
[oslo_messaging_rabbit]
rabbit_userid = {{ RABBIT_USER }}
diff --git a/deploy/adapters/ansible/roles/keystone/templates/wsgi-keystone.conf.j2 b/deploy/adapters/ansible/roles/keystone/templates/wsgi-keystone.conf.j2
index 64d864af..55c89839 100644
--- a/deploy/adapters/ansible/roles/keystone/templates/wsgi-keystone.conf.j2
+++ b/deploy/adapters/ansible/roles/keystone/templates/wsgi-keystone.conf.j2
@@ -1,6 +1,10 @@
- {% set work_threads = (ansible_processor_vcpus + 1) // 2 %}
+{% set work_threads = (ansible_processor_vcpus + 1) // 2 %}
+{% if work_threads > 10 %}
+{% set work_threads = 10 %}
+{% endif %}
+
<VirtualHost {{ internal_ip }}:5000>
- WSGIDaemonProcess keystone-public processes={{ work_threads }} threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP}
+ WSGIDaemonProcess keystone-public processes=4 threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
@@ -23,7 +27,7 @@
</VirtualHost>
<VirtualHost {{ internal_ip }}:35357>
- WSGIDaemonProcess keystone-admin processes={{ work_threads }} threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP}
+ WSGIDaemonProcess keystone-admin processes=4 threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}