# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
apache::ip: {get_param: [ServiceNetMap, ApacheNetwork]}
+ apache::server_signature: 'Off'
+ apache::server_tokens: 'Prod'
apache_remote_proxy_ips_network:
str_replace:
template: "NETWORK_subnet"
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
- tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address:
- str_replace:
- template: "NETWORK_uri"
- params:
- NETWORK: {get_param: [ServiceNetMap, CinderIscsiNetwork]}
+ tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_param: [ServiceNetMap, CinderIscsiNetwork]}
step_config: |
include ::tripleo::profile::base::cinder::volume
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/glance'
glance::api::bind_port: {get_param: [EndpointMap, GlanceInternal, port]}
- glance::api::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- glance::api::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
+ glance::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ glance::api::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
glance::api::registry_host:
str_replace:
template: "'REGISTRY_HOST'"
params:
REGISTRY_HOST: {get_param: [EndpointMap, GlanceRegistryInternal, host]}
- glance::api::keystone_password: {get_param: GlancePassword}
+ glance::api::authtoken::password: {get_param: GlancePassword}
glance::api::enable_proxy_headers_parsing: true
glance::api::debug: {get_param: Debug}
glance::api::workers: {get_param: GlanceWorkers}
- 9292
- 13292
glance::keystone::auth::tenant: 'service'
- glance::api::keystone_tenant: 'service'
+ glance::api::authtoken::project_name: 'service'
glance::api::pipeline: 'keystone'
glance::api::show_image_direct_url: true
# NOTE: bind IP is found in Heat replacing the network name with the
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/glance'
- glance::registry::keystone_password: {get_param: GlancePassword}
- glance::registry::keystone_tenant: 'service'
+ glance::registry::authtoken::password: {get_param: GlancePassword}
+ glance::registry::authtoken::project_name: 'service'
glance::registry::pipeline: 'keystone'
- glance::registry::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- glance::registry::identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
+ glance::registry::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ glance::registry::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
glance::registry::debug: {get_param: Debug}
glance::registry::workers: {get_param: GlanceWorkers}
glance::db::mysql::user: glance
neutron::keystone::auth::admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
neutron::keystone::auth::password: {get_param: NeutronPassword}
neutron::keystone::auth::region: {get_param: KeystoneRegion}
- neutron::server::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- neutron::server::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+ neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
neutron::server::api_workers: {get_param: NeutronWorkers}
neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
neutron::server::l3_ha: {get_param: NeutronL3HA}
- neutron::server::password: {get_param: NeutronPassword}
+ neutron::keystone::authtoken::password: {get_param: NeutronPassword}
neutron::server::notifications::nova_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
neutron::server::notifications::tenant_name: 'service'
neutron::server::notifications::project_name: 'service'
neutron::server::notifications::password: {get_param: NovaPassword}
- neutron::server::project_name: 'service'
+ neutron::keystone::authtoken::project_name: 'service'
neutron::server::sync_db: true
neutron::db::mysql::password: {get_param: NeutronPassword}
neutron::db::mysql::user: neutron
config_settings:
neutron::agents::ml2::sriov::physical_device_mappings: {get_param: NeutronPhysicalDevMappings}
neutron::agents::ml2::sriov::exclude_devices: {get_param: NeutronExcludeDevices}
- neutron::agents::ml2::sriov::number_of_vfs: {get_param: NeutronSriovNumVFs}
+ tripleo::host::sriov::number_of_vfs: {get_param: NeutronSriovNumVFs}
step_config: |
include ::tripleo::profile::base::neutron::sriov
- get_attr: [SwiftBase, role_data, config_settings]
- swift::proxy::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
- swift::proxy::authtoken::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
- swift::proxy::authtoken::admin_password: {get_param: SwiftPassword}
- swift::proxy::authtoken::admin_tenant_name: 'service'
+ swift::proxy::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ swift::proxy::authtoken::password: {get_param: SwiftPassword}
+ swift::proxy::authtoken::project_name: 'service'
swift::proxy::node_timeout: {get_param: SwiftProxyNodeTimeout}
swift::proxy::workers: {get_param: SwiftWorkers}
swift::keystone::auth::public_url: {get_param: [EndpointMap, SwiftPublic, uri]}
import yaml
+required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords']
+
def exit_usage():
print('Usage %s <yaml file or directory>' % sys.argv[0])
sys.exit(1)
% filename)
return 1
if 'parameters' in tpl:
- required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords']
for param in required_params:
if param not in tpl['parameters']:
print('ERROR: parameter %s is required for %s.'
return 1
# yaml is OK, now walk the parameters and output a warning for unused ones
for p in tpl.get('parameters', {}):
+ if p in required_params:
+ continue
str_p = '\'%s\'' % p
in_resources = str_p in str(tpl.get('resources', {}))
in_outputs = str_p in str(tpl.get('outputs', {}))