From 637b3a010deb88b7a892b9bddaf3973ff394a420 Mon Sep 17 00:00:00 2001
From: Yifei Xue <xueyifei@huawei.com>
Date: Fri, 22 Apr 2016 16:09:02 +0800
Subject: Add Aodh support for Compass

JIRA: COMPASS-374

Change-Id: I923f66b5ab42a0b30d0f91701873d36f8e5147ba
Signed-off-by: Yifei Xue <xueyifei@huawei.com>
---
 .../ansible/roles/aodh/templates/aodh.conf.j2      | 41 ++++++++++++++++++++++
 .../ansible/roles/aodh/templates/api_paste.ini.j2  | 22 ++++++++++++
 .../ansible/roles/aodh/templates/policy.json.j2    | 20 +++++++++++
 3 files changed, 83 insertions(+)
 create mode 100644 deploy/adapters/ansible/roles/aodh/templates/aodh.conf.j2
 create mode 100644 deploy/adapters/ansible/roles/aodh/templates/api_paste.ini.j2
 create mode 100644 deploy/adapters/ansible/roles/aodh/templates/policy.json.j2

(limited to 'deploy/adapters/ansible/roles/aodh/templates')

diff --git a/deploy/adapters/ansible/roles/aodh/templates/aodh.conf.j2 b/deploy/adapters/ansible/roles/aodh/templates/aodh.conf.j2
new file mode 100644
index 00000000..eac6e5bd
--- /dev/null
+++ b/deploy/adapters/ansible/roles/aodh/templates/aodh.conf.j2
@@ -0,0 +1,41 @@
+[DEFAULT]
+bind_host = {{ internal_ip }}
+bind_port = 8042
+rpc_backend = rabbit
+auth_strategy = keystone
+debug = True
+verbose = True
+
+[oslo_messaging_rabbit]
+rabbit_hosts = {{ internal_vip.ip }}
+rabbit_userid = {{ RABBIT_USER }}
+rabbit_password = {{ RABBIT_PASS }}
+rabbit_use_ssl = false
+
+[database]
+connection = mongodb://aodh:{{ AODH_DBPASS }}@{{ internal_vip.ip }}:27017/aodh
+
+[keystone_authtoken]
+auth_uri = http://{{ internal_vip.ip }}:5000
+auth_url = http://{{ internal_vip.ip }}:35357
+identity_uri = http://{{ internal_vip.ip }}:35357
+auth_plugin = password
+project_domain_id = default
+user_domain_id = default
+project_name = service
+username = aodh
+password = {{ AODH_PASS }}
+memcached_servers = {{ memcached_servers }}
+token_cache_time = 300
+revocation_cache_time = 60
+
+[service_credentials]
+os_auth_url = http://{{ internal_vip.ip }}:5000/v2.0
+os_username = aodh
+os_tenant_name = service
+os_password = {{ AODH_PASS }}
+os_endpoint_type = internalURL
+os_region_name = regionOne
+
+[api]
+host = {{ internal_ip }}
diff --git a/deploy/adapters/ansible/roles/aodh/templates/api_paste.ini.j2 b/deploy/adapters/ansible/roles/aodh/templates/api_paste.ini.j2
new file mode 100644
index 00000000..151789c4
--- /dev/null
+++ b/deploy/adapters/ansible/roles/aodh/templates/api_paste.ini.j2
@@ -0,0 +1,22 @@
+# aodh API WSGI Pipeline
+# Define the filters that make up the pipeline for processing WSGI requests
+# Note: This pipeline is PasteDeploy's term rather than aodh's pipeline
+# used for processing samples
+
+# Remove authtoken from the pipeline if you don't want to use keystone authentication
+[pipeline:main]
+pipeline = cors request_id authtoken api-server
+
+[app:api-server]
+paste.app_factory = aodh.api.app:app_factory
+
+[filter:authtoken]
+paste.filter_factory = keystonemiddleware.auth_token:filter_factory
+oslo_config_project = aodh
+
+[filter:request_id]
+paste.filter_factory = oslo_middleware:RequestId.factory
+
+[filter:cors]
+paste.filter_factory = oslo_middleware.cors:filter_factory
+oslo_config_project = aodh
diff --git a/deploy/adapters/ansible/roles/aodh/templates/policy.json.j2 b/deploy/adapters/ansible/roles/aodh/templates/policy.json.j2
new file mode 100644
index 00000000..4fd873e9
--- /dev/null
+++ b/deploy/adapters/ansible/roles/aodh/templates/policy.json.j2
@@ -0,0 +1,20 @@
+{
+    "context_is_admin": "role:admin",
+    "segregation": "rule:context_is_admin",
+    "admin_or_owner": "rule:context_is_admin or project_id:%(project_id)s",
+    "default": "rule:admin_or_owner",
+
+    "telemetry:get_alarm": "rule:admin_or_owner",
+    "telemetry:get_alarms": "rule:admin_or_owner",
+    "telemetry:query_alarm": "rule:admin_or_owner",
+
+    "telemetry:create_alarm": "",
+    "telemetry:change_alarm": "rule:admin_or_owner",
+    "telemetry:delete_alarm": "rule:admin_or_owner",
+
+    "telemetry:get_alarm_state": "rule:admin_or_owner",
+    "telemetry:change_alarm_state": "rule:admin_or_owner",
+
+    "telemetry:alarm_history": "rule:admin_or_owner",
+    "telemetry:query_alarm_history": "rule:admin_or_owner"
+}
-- 
cgit 1.2.3-korg