Remove default for the RabbitMQ password

[apex-tripleo-heat-templates.git] / puppet / controller.yaml

diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index 186dce6..3ff0639 100644 (file)
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -238,7 +238,7 @@ parameters:
     type: string
     hidden: true
   HeatStackDomainAdminPassword:
-    description: Password for heat_domain_admin user.
+    description: Password for heat_stack_domain_admin user.
     type: string
     hidden: true
   HeatAuthEncryptionKey:
@@ -595,7 +595,6 @@ parameters:
     default: ''  # Has to be here because of the ignored empty value bug
     hidden: true
   RabbitPassword:
-    default: guest
     description: The password for RabbitMQ
     type: string
     hidden: true
@@ -621,6 +620,10 @@ parameters:
     default: false
     description: Enable IPv6 in RabbitMQ
     type: boolean
+  RedisPassword:
+    type: string
+    description: The password to access the Redis service
+    hidden: true
   RedisVirtualIP:
     type: string
     default: ''  # Has to be here because of the ignored empty value bug
@@ -1149,7 +1152,8 @@ resources:
             - ''
             - - 'redis://'
               - {get_param: RedisVirtualIPUri}
-              - ':6379'
+              - ':6379/?password='
+              - {get_param: RedisPassword}
         ceilometer_dsn:
           list_join:
             - ''
@@ -1242,6 +1246,7 @@ resources:
         horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
         rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
         redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
+        redis_password: {get_param: RedisPassword}
         redis_vip: {get_param: RedisVirtualIP}
         sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
         memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
@@ -1295,7 +1300,7 @@ resources:
               mapped_data:
                 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
                 ceph::profile::params::public_network: {get_input: ceph_public_network}
-                ceph::mon::public_addr: {get_input: ceph_public_ip}
+                ceph::profile::params::public_addr: {get_input: ceph_public_ip}
             database:
               raw_data: {get_file: hieradata/database.yaml}
             object:
@@ -1410,9 +1415,11 @@ resources:
                 heat::debug: {get_input: debug}
                 heat::db::mysql::password: {get_input: heat_password}
                 heat_enable_db_purge: {get_input: heat_enable_db_purge}
+                heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password}
 
                 # Keystone
                 keystone::admin_token: {get_input: admin_token}
+                keystone::roles::admin::password: {get_input: admin_password}
                 keystone_ca_certificate: {get_input: keystone_ca_certificate}
                 keystone_signing_key: {get_input: keystone_signing_key}
                 keystone_signing_certificate: {get_input: keystone_signing_certificate}
@@ -1611,6 +1618,9 @@ resources:
                 rabbit_ipv6: {get_input: rabbit_ipv6}
                 # Redis
                 redis::bind: {get_input: redis_network}
+                redis::requirepass: {get_input: redis_password}
+                redis::masterauth: {get_input: redis_password}
+                redis::sentinel_auth_pass: {get_input: redis_password}
                 redis_vip: {get_input: redis_vip}
                 # Firewall
                 tripleo::firewall::manage_firewall: {get_input: manage_firewall}