Merge "Remove outdated Neutron auth options"
[apex-tripleo-heat-templates.git] / puppet / services / glance-api.yaml
1 heat_template_version: 2016-04-08
2
3 description: >
4   OpenStack Glance API service configured with Puppet
5
6 parameters:
7   EndpointMap:
8     default: {}
9     description: Mapping of service endpoint -> protocol. Typically set
10                  via parameter_defaults in the resource registry.
11     type: json
12   CephClientUserName:
13     default: openstack
14     type: string
15   Debug:
16     default: ''
17     description: Set to True to enable debugging on all services.
18     type: string
19   GlanceNotifierStrategy:
20     description: Strategy to use for Glance notification queue
21     type: string
22     default: noop
23   GlanceLogFile:
24     description: The filepath of the file to use for logging messages from Glance.
25     type: string
26     default: ''
27   GlancePassword:
28     description: The password for the glance service and db account, used by the glance services.
29     type: string
30     hidden: true
31   GlanceBackend:
32     default: swift
33     description: The short name of the Glance backend to use. Should be one
34       of swift, rbd, or file
35     type: string
36     constraints:
37     - allowed_values: ['swift', 'file', 'rbd']
38   GlanceWorkers:
39     default: 0
40     description: Number of workers for Glance service.
41     type: number
42   GlanceRbdPoolName:
43     default: images
44     type: string
45   RabbitPassword:
46     description: The password for RabbitMQ
47     type: string
48     hidden: true
49   RabbitUserName:
50     default: guest
51     description: The username for RabbitMQ
52     type: string
53   RabbitClientPort:
54     default: 5672
55     description: Set rabbit subscriber port, change this if using SSL
56     type: number
57   RabbitClientUseSSL:
58     default: false
59     description: >
60         Rabbit client subscriber parameter to specify
61         an SSL connection to the RabbitMQ host.
62     type: string
63   KeystoneRegion:
64     type: string
65     default: 'regionOne'
66     description: Keystone region for endpoint
67
68 outputs:
69   role_data:
70     description: Role data for the Glance API role.
71     value:
72       service_name: glance_api
73       config_settings:
74         glance::api::database_connection:
75           list_join:
76             - ''
77             - - {get_param: [EndpointMap, MysqlInternal, protocol]}
78               - '://glance:'
79               - {get_param: GlancePassword}
80               - '@'
81               - {get_param: [EndpointMap, MysqlInternal, host]}
82               - '/glance'
83         glance::api::bind_port: {get_param: [EndpointMap, GlanceInternal, port]}
84         glance::api::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
85         glance::api::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
86         glance::api::registry_host:
87           str_replace:
88             template: "'REGISTRY_HOST'"
89             params:
90               REGISTRY_HOST: {get_param: [EndpointMap, GlanceRegistryInternal, host]}
91         glance::api::keystone_password: {get_param: GlancePassword}
92         glance::api::enable_proxy_headers_parsing: true
93         glance::api::debug: {get_param: Debug}
94         glance::api::workers: {get_param: GlanceWorkers}
95         glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
96         glance_log_file: {get_param: GlanceLogFile}
97         glance::backend::swift::swift_store_auth_address: {get_param: [EndpointMap, KeystoneInternal, uri] }
98         glance::backend::swift::swift_store_user: service:glance
99         glance::backend::swift::swift_store_key: {get_param: GlancePassword}
100         glance::backend::swift::swift_store_create_container_on_put: true
101         glance::backend::rbd::rbd_store_pool: {get_param: GlanceRbdPoolName}
102         glance::backend::rbd::rbd_store_user: {get_param: CephClientUserName}
103         glance_backend: {get_param: GlanceBackend}
104         glance::db::mysql::password: {get_param: GlancePassword}
105         glance::notify::rabbitmq::rabbit_userid: {get_param: RabbitUserName}
106         glance::notify::rabbitmq::rabbit_port: {get_param: RabbitClientPort}
107         glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword}
108         glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
109         glance::keystone::auth::public_url: {get_param: [EndpointMap, GlancePublic, uri]}
110         glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]}
111         glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]}
112         glance::keystone::auth::password: {get_param: GlancePassword }
113         glance::keystone::auth::region: {get_param: KeystoneRegion}
114         glance::registry::db::database_db_max_retries: -1
115         glance::registry::db::database_max_retries: -1
116         tripleo.glance_api.firewall_rules:
117           '112 glance_api':
118             dport:
119               - 9292
120               - 13292
121         glance::keystone::auth::tenant: 'service'
122         glance::api::keystone_tenant: 'service'
123         glance::api::pipeline: 'keystone'
124         glance::api::show_image_direct_url: true
125
126       step_config: |
127         include ::tripleo::profile::base::glance::api