diff options
Diffstat (limited to 'deploy/adapters/ansible')
6 files changed, 70 insertions, 4 deletions
diff --git a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/main.yml b/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/main.yml index 9e97a29c..b049ee0b 100644 --- a/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka/roles/keystone/vars/main.yml @@ -157,7 +157,7 @@ os_users: tenant_description: "Service Tenant" - user: demo - password: "" + password: "{{ DEMO_PASS }}" email: heat@demo.com role: heat_stack_user tenant: demo diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2 new file mode 100644 index 00000000..96472779 --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/dashboard/templates/openstack-dashboard.conf.j2 @@ -0,0 +1,16 @@ +{% set work_threads = (ansible_processor_vcpus + 1) // 2 %} +{% if work_threads > 10 %} +{% set work_threads = 10 %} +{% endif %} + +<VirtualHost {{ internal_ip }}:80> + WSGIScriptAlias /horizon {{ horizon_dir }}/wsgi/django.wsgi + WSGIDaemonProcess horizon user=horizon group=horizon processes=4 threads={{ work_threads }} + WSGIProcessGroup horizon + Alias /static {{ horizon_dir }}/static/ + Alias /horizon/static {{ horizon_dir }}/static/ + <Directory {{ horizon_dir }}/wsgi> + Order allow,deny + Allow from all + </Directory> +</VirtualHost> diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/wsgi-keystone.conf.j2 b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/wsgi-keystone.conf.j2 new file mode 100644 index 00000000..55c89839 --- /dev/null +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/templates/wsgi-keystone.conf.j2 @@ -0,0 +1,50 @@ +{% set work_threads = (ansible_processor_vcpus + 1) // 2 %} +{% if work_threads > 10 %} +{% set work_threads = 10 %} +{% endif %} + +<VirtualHost {{ internal_ip }}:5000> + WSGIDaemonProcess keystone-public processes=4 threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP} + WSGIProcessGroup keystone-public + WSGIScriptAlias / /usr/bin/keystone-wsgi-public + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + <IfVersion >= 2.4> + ErrorLogFormat "%{cu}t %M" + </IfVersion> + ErrorLog /var/log/{{ http_service_name }}/keystone.log + CustomLog /var/log/{{ http_service_name }}/keystone_access.log combined + + <Directory /usr/bin> + <IfVersion >= 2.4> + Require all granted + </IfVersion> + <IfVersion < 2.4> + Order allow,deny + Allow from all + </IfVersion> + </Directory> +</VirtualHost> + +<VirtualHost {{ internal_ip }}:35357> + WSGIDaemonProcess keystone-admin processes=4 threads={{ work_threads }} user=keystone group=keystone display-name=%{GROUP} + WSGIProcessGroup keystone-admin + WSGIScriptAlias / /usr/bin/keystone-wsgi-admin + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + <IfVersion >= 2.4> + ErrorLogFormat "%{cu}t %M" + </IfVersion> + ErrorLog /var/log/{{ http_service_name }}/keystone.log + CustomLog /var/log/{{ http_service_name }}/keystone_access.log combined + + <Directory /usr/bin> + <IfVersion >= 2.4> + Require all granted + </IfVersion> + <IfVersion < 2.4> + Order allow,deny + Allow from all + </IfVersion> + </Directory> +</VirtualHost> diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/vars/main.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/vars/main.yml index ac548a09..b4d3d7e0 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/vars/main.yml +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/keystone/vars/main.yml @@ -165,7 +165,7 @@ os_users: tenant_description: "Service Tenant" - user: demo - password: "" + password: "{{ DEMO_PASS }}" email: heat@demo.com role: heat_stack_user tenant: demo diff --git a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/moon/tasks/moon-controller.yml b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/moon/tasks/moon-controller.yml index 7a507c88..95dd2e89 100644 --- a/deploy/adapters/ansible/openstack_mitaka_xenial/roles/moon/tasks/moon-controller.yml +++ b/deploy/adapters/ansible/openstack_mitaka_xenial/roles/moon/tasks/moon-controller.yml @@ -142,7 +142,7 @@ ############################################# - name: wait for keystone ready - wait_for: port=35357 delay=3 timeout=10 host={{ internal_vip.ip }} + wait_for: port=35357 delay=3 timeout=10 host={{ internal_ip }} #- name: cron job to purge expired tokens hourly # cron: diff --git a/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml b/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml index 574ebabd..e7e9297e 100644 --- a/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml +++ b/deploy/adapters/ansible/roles/keystone/tasks/keystone_config.yml @@ -12,7 +12,7 @@ shell: su -s /bin/sh -c 'keystone-manage db_sync' keystone - name: wait for keystone ready - wait_for: port=35357 delay=3 timeout=10 host={{ internal_vip.ip }} + wait_for: port=35357 delay=3 timeout=10 host={{ internal_ip }} - name: cron job to purge expired tokens hourly cron: |