diff options
Diffstat (limited to 'deploy/adapters/ansible')
6 files changed, 152 insertions, 16 deletions
diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2 new file mode 100755 index 00000000..89a70686 --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2 @@ -0,0 +1,18 @@ +{% set work_threads = (ansible_processor_vcpus + 1) // 2 %} +{% if work_threads > 10 %} + set work_threads = 10 +{% endif %} + +<VirtualHost {{ internal_ip }}:80> + WSGIScriptAlias /horizon {{ horizon_dir }}/wsgi/django.wsgi + WSGIDaemonProcess horizon user=horizon group=horizon processes=4 threads={{ work_threads }} + WSGIProcessGroup horizon + Alias /static {{ horizon_dir }}/static/ + Alias /horizon/static {{ horizon_dir }}/static/ + <Directory {{ horizon_dir }}/wsgi> + Order allow,deny + Allow from all + </Directory> +</VirtualHost> + + diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/wsgi-keystone.conf.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/wsgi-keystone.conf.j2 new file mode 100644 index 00000000..f5f9d339 --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/wsgi-keystone.conf.j2 @@ -0,0 +1,50 @@ +{% set work_threads = (ansible_processor_vcpus + 1) // 2 %} +{% if work_threads > 10 %} + set work_threads = 10 +{% endif %} + +<VirtualHost {{ internal_ip }}:5000> + WSGIDaemonProcess keystone-public processes=4 threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP} + WSGIProcessGroup keystone-public + WSGIScriptAlias / /usr/bin/keystone-wsgi-public + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + <IfVersion >= 2.4> + ErrorLogFormat "%{cu}t %M" + </IfVersion> + ErrorLog /var/log/{{ http_service_name }}/keystone.log + CustomLog /var/log/{{ http_service_name }}/keystone_access.log combined + + <Directory /usr/bin> + <IfVersion >= 2.4> + Require all granted + </IfVersion> + <IfVersion < 2.4> + Order allow,deny + Allow from all + </IfVersion> + </Directory> +</VirtualHost> + +<VirtualHost {{ internal_ip }}:35357> + WSGIDaemonProcess keystone-admin processes=4 threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP} + WSGIProcessGroup keystone-admin + WSGIScriptAlias / /usr/bin/keystone-wsgi-admin + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + <IfVersion >= 2.4> + ErrorLogFormat "%{cu}t %M" + </IfVersion> + ErrorLog /var/log/{{ http_service_name }}/keystone.log + CustomLog /var/log/{{ http_service_name }}/keystone_access.log combined + + <Directory /usr/bin> + <IfVersion >= 2.4> + Require all granted + </IfVersion> + <IfVersion < 2.4> + Order allow,deny + Allow from all + </IfVersion> + </Directory> +</VirtualHost> diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/moon/files/controllers.py b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/moon/files/controllers.py index b4466ef6..f6ec8be5 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/moon/files/controllers.py +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/moon/files/controllers.py @@ -7,7 +7,7 @@ from keystone.common import controller from keystone import config from keystone import exception from keystone.models import token_model -from keystone.contrib.moon.exception import * # noqa +from keystone.contrib.moon.exception import * # noqa: F403 from oslo_log import log from uuid import uuid4 import requests @@ -17,7 +17,7 @@ CONF = config.CONF LOG = log.getLogger(__name__) -@dependency.requires('configuration_api') +@dependency.requires('configuration_api') # noqa: F405 class Configuration(controller.V3Controller): collection_name = 'configurations' member_name = 'configuration' @@ -48,7 +48,7 @@ class Configuration(controller.V3Controller): user_id) -@dependency.requires('tenant_api', 'resource_api') +@dependency.requires('tenant_api', 'resource_api') # noqa: F405 class Tenants(controller.V3Controller): def __init__(self): @@ -152,7 +152,7 @@ def callback(self, context, prep_info, *args, **kwargs): raise exception.Unauthorized -@dependency.requires('authz_api') +@dependency.requires('authz_api') # noqa: F405 class Authz_v3(controller.V3Controller): def __init__(self): @@ -168,7 +168,7 @@ class Authz_v3(controller.V3Controller): return {'authz': False, 'comment': unicode(e)} -@dependency.requires('admin_api', 'root_api') +@dependency.requires('admin_api', 'root_api') # noqa: F405 class IntraExtensions(controller.V3Controller): collection_name = 'intra_extensions' member_name = 'intra_extension' @@ -926,7 +926,7 @@ class IntraExtensions(controller.V3Controller): user_id, intra_extension_id, sub_meta_rule_id, rule_id, rule_list) -@dependency.requires('authz_api') +@dependency.requires('authz_api') # noqa: F405 class InterExtensions(controller.V3Controller): def __init__(self): @@ -968,7 +968,7 @@ class InterExtensions(controller.V3Controller): # self.interextension_api.delete_inter_extension(kw['inter_extension_id']) -@dependency.requires('moonlog_api', 'authz_api') +@dependency.requires('moonlog_api', 'authz_api') # noqa: F405 class Logs(controller.V3Controller): def __init__(self): @@ -987,7 +987,7 @@ class Logs(controller.V3Controller): return self.moonlog_api.get_logs(user_id, options) -@dependency.requires('identity_api', "token_provider_api", "resource_api") +@dependency.requires('identity_api', "token_provider_api", "resource_api") # noqa: F405 class MoonAuth(controller.V3Controller): def __init__(self): diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2 b/deploy/adapters/ansible/openstack_newton_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2 new file mode 100755 index 00000000..89a70686 --- /dev/null +++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2 @@ -0,0 +1,18 @@ +{% set work_threads = (ansible_processor_vcpus + 1) // 2 %} +{% if work_threads > 10 %} + set work_threads = 10 +{% endif %} + +<VirtualHost {{ internal_ip }}:80> + WSGIScriptAlias /horizon {{ horizon_dir }}/wsgi/django.wsgi + WSGIDaemonProcess horizon user=horizon group=horizon processes=4 threads={{ work_threads }} + WSGIProcessGroup horizon + Alias /static {{ horizon_dir }}/static/ + Alias /horizon/static {{ horizon_dir }}/static/ + <Directory {{ horizon_dir }}/wsgi> + Order allow,deny + Allow from all + </Directory> +</VirtualHost> + + diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/wsgi-keystone.conf.j2 b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/wsgi-keystone.conf.j2 new file mode 100644 index 00000000..f5f9d339 --- /dev/null +++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/keystone/templates/wsgi-keystone.conf.j2 @@ -0,0 +1,50 @@ +{% set work_threads = (ansible_processor_vcpus + 1) // 2 %} +{% if work_threads > 10 %} + set work_threads = 10 +{% endif %} + +<VirtualHost {{ internal_ip }}:5000> + WSGIDaemonProcess keystone-public processes=4 threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP} + WSGIProcessGroup keystone-public + WSGIScriptAlias / /usr/bin/keystone-wsgi-public + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + <IfVersion >= 2.4> + ErrorLogFormat "%{cu}t %M" + </IfVersion> + ErrorLog /var/log/{{ http_service_name }}/keystone.log + CustomLog /var/log/{{ http_service_name }}/keystone_access.log combined + + <Directory /usr/bin> + <IfVersion >= 2.4> + Require all granted + </IfVersion> + <IfVersion < 2.4> + Order allow,deny + Allow from all + </IfVersion> + </Directory> +</VirtualHost> + +<VirtualHost {{ internal_ip }}:35357> + WSGIDaemonProcess keystone-admin processes=4 threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP} + WSGIProcessGroup keystone-admin + WSGIScriptAlias / /usr/bin/keystone-wsgi-admin + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + <IfVersion >= 2.4> + ErrorLogFormat "%{cu}t %M" + </IfVersion> + ErrorLog /var/log/{{ http_service_name }}/keystone.log + CustomLog /var/log/{{ http_service_name }}/keystone_access.log combined + + <Directory /usr/bin> + <IfVersion >= 2.4> + Require all granted + </IfVersion> + <IfVersion < 2.4> + Order allow,deny + Allow from all + </IfVersion> + </Directory> +</VirtualHost> diff --git a/deploy/adapters/ansible/openstack_newton_xenial/roles/moon/files/controllers.py b/deploy/adapters/ansible/openstack_newton_xenial/roles/moon/files/controllers.py index f55191d4..fd107a5e 100644 --- a/deploy/adapters/ansible/openstack_newton_xenial/roles/moon/files/controllers.py +++ b/deploy/adapters/ansible/openstack_newton_xenial/roles/moon/files/controllers.py @@ -7,7 +7,7 @@ from keystone.common import controller from keystone import config from keystone import exception from keystone.models import token_model -from keystone.contrib.moon.exception import * # noqa +from keystone.contrib.moon.exception import * # noqa: F403 from oslo_log import log from uuid import uuid4 import requests @@ -17,7 +17,7 @@ CONF = config.CONF LOG = log.getLogger(__name__) -@dependency.requires('configuration_api') +@dependency.requires('configuration_api') # noqa: 405 class Configuration(controller.V3Controller): collection_name = 'configurations' member_name = 'configuration' @@ -48,7 +48,7 @@ class Configuration(controller.V3Controller): user_id) -@dependency.requires('tenant_api', 'resource_api') +@dependency.requires('tenant_api', 'resource_api') # noqa: 405 class Tenants(controller.V3Controller): def __init__(self): @@ -152,7 +152,7 @@ def callback(self, context, prep_info, *args, **kwargs): raise exception.Unauthorized -@dependency.requires('authz_api') +@dependency.requires('authz_api') # noqa: 405 class Authz_v3(controller.V3Controller): def __init__(self): @@ -168,7 +168,7 @@ class Authz_v3(controller.V3Controller): return {'authz': False, 'comment': unicode(e)} -@dependency.requires('admin_api', 'root_api') +@dependency.requires('admin_api', 'root_api') # noqa: 405 class IntraExtensions(controller.V3Controller): collection_name = 'intra_extensions' member_name = 'intra_extension' @@ -926,7 +926,7 @@ class IntraExtensions(controller.V3Controller): user_id, intra_extension_id, sub_meta_rule_id, rule_id, rule_list) -@dependency.requires('authz_api') +@dependency.requires('authz_api') # noqa: 405 class InterExtensions(controller.V3Controller): def __init__(self): @@ -968,7 +968,7 @@ class InterExtensions(controller.V3Controller): # self.interextension_api.delete_inter_extension(kw['inter_extension_id']) -@dependency.requires('moonlog_api', 'authz_api') +@dependency.requires('moonlog_api', 'authz_api') # noqa: 405 class Logs(controller.V3Controller): def __init__(self): @@ -987,7 +987,7 @@ class Logs(controller.V3Controller): return self.moonlog_api.get_logs(user_id, options) -@dependency.requires('identity_api', "token_provider_api", "resource_api") +@dependency.requires('identity_api', "token_provider_api", "resource_api") # noqa: 405 class MoonAuth(controller.V3Controller): def __init__(self): |