Code Review / apex-tripleo-heat-templates.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Apache: Use conditional instead of nested stack for TLS-specific bits
[apex-tripleo-heat-templates.git] / puppet / services / neutron-api.yaml
diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml
index bb191ff..7a24ffd 100644 (file)
--- a/puppet/services/neutron-api.yaml
+++ b/puppet/services/neutron-api.yaml
@@ -57,6 +57,9 @@ parameters:
     default:
       tag: openstack.neutron.api
       path: /var/log/neutron/server.log
+  EnableInternalTLS:
+    type: boolean
+    default: false
 
   # DEPRECATED: the following options are deprecated and are currently maintained
   # for backwards compatibility. They will be removed in the Ocata cycle.
@@ -71,10 +74,6 @@ parameters:
       removed in Ocata.  Future releases will enable L3 HA by default if it is
       appropriate for the deployment type. Alternate mechanisms will be
       available to override.
-  EnableInternalTLS:
-    type: boolean
-    default: false
-
 parameter_groups:
 - label: deprecated
   description: |
@@ -128,18 +127,20 @@ outputs:
                   - {get_param: [EndpointMap, MysqlInternal, host]}
                   - '/ovs_neutron'
                   - '?read_default_file=/etc/my.cnf.d/tripleo.cnf&read_default_group=tripleo'
-            neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+            neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
             neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
             neutron::server::api_workers: {get_param: NeutronWorkers}
             neutron::server::rpc_workers: {get_param: NeutronWorkers}
             neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
             neutron::server::enable_proxy_headers_parsing: true
             neutron::keystone::authtoken::password: {get_param: NeutronPassword}
-            neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
+            neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneInternal, uri_no_suffix ] }
             neutron::server::notifications::tenant_name: 'service'
             neutron::server::notifications::project_name: 'service'
             neutron::server::notifications::password: {get_param: NovaPassword}
             neutron::keystone::authtoken::project_name: 'service'
+            neutron::keystone::authtoken::user_domain_name: 'Default'
+            neutron::keystone::authtoken::project_domain_name: 'Default'
             neutron::server::sync_db: true
             tripleo.neutron_api.firewall_rules:
               '114 neutron api':
@@ -202,3 +203,5 @@ outputs:
           tags: step1
           when: neutron_server_enabled.rc == 0
           service: name=neutron-server state=stopped
+      metadata_settings:
+        get_attr: [TLSProxyBase, role_data, metadata_settings]