EnableInternalTLS:
type: boolean
default: false
+ KeystoneCronTokenFlushEnsure:
+ type: string
+ description: >
+ Cron to purge expired tokens - Ensure
+ default: 'present'
+ KeystoneCronTokenFlushMinute:
+ type: string
+ description: >
+ Cron to purge expired tokens - Minute
+ default: '1'
+ KeystoneCronTokenFlushHour:
+ type: string
+ description: >
+ Cron to purge expired tokens - Hour
+ default: '0'
+ KeystoneCronTokenFlushMonthday:
+ type: string
+ description: >
+ Cron to purge expired tokens - Month Day
+ default: '*'
+ KeystoneCronTokenFlushMonth:
+ type: string
+ description: >
+ Cron to purge expired tokens - Month
+ default: '*'
+ KeystoneCronTokenFlushWeekday:
+ type: string
+ description: >
+ Cron to purge expired tokens - Week Day
+ default: '*'
+ KeystoneCronTokenFlushMaxDelay:
+ type: string
+ description: >
+ Cron to purge expired tokens - Max Delay
+ default: '0'
+ KeystoneCronTokenFlushDestination:
+ type: string
+ description: >
+ Cron to purge expired tokens - Log destination
+ default: '/var/log/keystone/keystone-tokenflush.log'
+ KeystoneCronTokenFlushUser:
+ type: string
+ description: >
+ Cron to purge expired tokens - User
+ default: 'keystone'
resources:
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/keystone'
- - '?bind_address='
- - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
+ - '?read_default_file=/etc/my.cnf.d/tripleo.cnf&read_default_group=tripleo'
keystone::admin_token: {get_param: AdminToken}
keystone::admin_password: {get_param: AdminPassword}
keystone::roles::admin::password: {get_param: AdminPassword}
keystone::endpoint::internal_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
keystone::endpoint::admin_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
keystone::endpoint::region: {get_param: KeystoneRegion}
+ keystone::endpoint::version: ''
keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
keystone::rabbit_heartbeat_timeout_threshold: 60
keystone::cron::token_flush::maxdelay: 3600
# NOTE: this applies to all 2 bind IP settings below...
keystone::wsgi::apache::bind_host: {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}
keystone::wsgi::apache::admin_bind_host: {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}
+ keystone::cron::token_flush::ensure: {get_param: KeystoneCronTokenFlushEnsure}
+ keystone::cron::token_flush::minute: {get_param: KeystoneCronTokenFlushMinute}
+ keystone::cron::token_flush::hour: {get_param: KeystoneCronTokenFlushHour}
+ keystone::cron::token_flush::monthday: {get_param: KeystoneCronTokenFlushMonthday}
+ keystone::cron::token_flush::month: {get_param: KeystoneCronTokenFlushMonth}
+ keystone::cron::token_flush::weekday: {get_param: KeystoneCronTokenFlushWeekday}
+ keystone::cron::token_flush::maxdelay: {get_param: KeystoneCronTokenFlushMaxDelay}
+ keystone::cron::token_flush::destination: {get_param: KeystoneCronTokenFlushDestination}
+ keystone::cron::token_flush::user: {get_param: KeystoneCronTokenFlushUser}
+
step_config: |
include ::tripleo::profile::base::keystone
service_config_settings:
- name: Stop keystone service (running under httpd)
tags: step2
service: name=httpd state=stopped
- - name: Sync keystone DB
- tags: step5
- command: keystone-manage db_sync
- - name: Start keystone service (running under httpd)
- tags: step6
- service: name=httpd state=started
+ metadata_settings:
+ get_attr: [ApacheServiceBase, role_data, metadata_settings]
Code Review / apex-tripleo-heat-templates.git / blobdiff