x/compass-adapters
Code Issues Proposed changes
compass-adapters/chef/cookbooks/openstack-identity/templates/default/keystone.conf.erb
SamSu 6b99d63774 fixed a bug in binding ip of keystone when HA enable 
Change-Id: I3fa77233d69c7ebcd4c4adba7b354411280cd860
2014-04-07 19:15:57 -07:00

173 lines
5.4 KiB
Plaintext
Raw Blame History

<%= node["openstack"]["identity"]["custom_template_banner"] %>
[DEFAULT]
public_port = <%= node["openstack"]["identity"]["service_port"] %>
admin_port = <%= node["openstack"]["identity"]["admin_port"] %>
admin_token = <%= @bootstrap_token %>
bind_host = <%= @ip_address %>
compute_port = 8774
verbose = <%= node["openstack"]["identity"]["verbose"] %>
debug = <%= node["openstack"]["identity"]["debug"] %>
<% if node["openstack"]["identity"]["syslog"]["use"] %>
log_config = /etc/openstack/logging.conf
<% else %>
log_file = /var/log/keystone/keystone.log
<% end %>
public_endpoint = <%= @public_endpoint %>
admin_endpoint = <%= @admin_endpoint %>
<% if @memcache_servers -%>
[memcache]
servers = <%= @memcache_servers %>
<% end -%>
[sql]
connection = <%= @sql_connection %>
idle_timeout = 200
min_pool_size = 5
max_pool_size = 10
pool_timeout = 200
[ldap]
#url = ldap://localhost
#tree_dn = dc=example,dc=com
#user_tree_dn = ou=Users,dc=example,dc=com
#role_tree_dn = ou=Roles,dc=example,dc=com
#tenant_tree_dn = ou=Groups,dc=example,dc=com
#user = dc=Manager,dc=example,dc=com
#password = freeipa4all
#suffix = cn=example,cn=com
[identity]
driver = keystone.identity.backends.<%= node["openstack"]["identity"]["identity"]["backend"] %>.Identity
[catalog]
<% if node["openstack"]["identity"]["catalog"]["backend"] == "templated" -%>
# templated driver uses different class name :(
driver = keystone.catalog.backends.templated.TemplatedCatalog
<% else -%>
driver = keystone.catalog.backends.<%= node["openstack"]["identity"]["catalog"]["backend"] %>.Catalog
<% end -%>
template_file = /etc/keystone/default_catalog.templates
[token]
driver = keystone.token.backends.<%= node["openstack"]["identity"]["token"]["backend"] %>.Token
# Amount of time a token should remain valid (in seconds)
expiration = 86400
[policy]
driver = keystone.policy.backends.rules.Policy
[ec2]
driver = keystone.contrib.ec2.backends.sql.Ec2
[ssl]
#enable = True
#certfile = /etc/keystone/ssl/certs/keystone.pem
#keyfile = /etc/keystone/ssl/private/keystonekey.pem
#ca_certs = /etc/keystone/ssl/certs/ca.pem
#cert_required = True
[signing]
<% if node["openstack"]["auth"]["strategy"] == "pki" -%>
token_format = PKI
certfile = <%= node["openstack"]["identity"]["signing"]["certfile"] %>
keyfile = <%= node["openstack"]["identity"]["signing"]["keyfile"] %>
ca_certs = <%= node["openstack"]["identity"]["signing"]["ca_certs"] %>
key_size = <%= node["openstack"]["identity"]["signing"]["key_size"] %>
valid_days = <%= node["openstack"]["identity"]["signing"]["valid_days"] %>
ca_password = <%= node["openstack"]["identity"]["signing"]["ca_password"] %>
<% else -%>
token_format = UUID
<% end -%>
[auth]
methods = password,token
password = keystone.auth.plugins.password.Password
token = keystone.auth.plugins.token.Token
[filter:debug]
paste.filter_factory = keystone.common.wsgi:Debug.factory
[filter:token_auth]
paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory
[filter:admin_token_auth]
paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory
[filter:xml_body]
paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory
[filter:json_body]
paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory
[filter:user_crud_extension]
paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory
[filter:crud_extension]
paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory
[filter:ec2_extension]
paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory
[filter:s3_extension]
paste.filter_factory = keystone.contrib.s3:S3Extension.factory
[filter:url_normalize]
paste.filter_factory = keystone.middleware:NormalizingFilter.factory
[filter:sizelimit]
paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory
[filter:stats_monitoring]
paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory
[filter:stats_reporting]
paste.filter_factory = keystone.contrib.stats:StatsExtension.factory
[filter:access_log]
paste.filter_factory = keystone.contrib.access:AccessLogMiddleware.factory
[app:public_service]
paste.app_factory = keystone.service:public_app_factory
[app:service_v3]
paste.app_factory = keystone.service:v3_app_factory
[app:admin_service]
paste.app_factory = keystone.service:admin_app_factory
[pipeline:public_api]
pipeline = access_log sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service
[pipeline:admin_api]
pipeline = access_log sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service
[pipeline:api_v3]
pipeline = access_log sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension service_v3
[app:public_version_service]
paste.app_factory = keystone.service:public_version_app_factory
[app:admin_version_service]
paste.app_factory = keystone.service:admin_version_app_factory
[pipeline:public_version_api]
pipeline = access_log sizelimit stats_monitoring url_normalize xml_body public_version_service
[pipeline:admin_version_api]
pipeline = access_log sizelimit stats_monitoring url_normalize xml_body admin_version_service
[composite:main]
use = egg:Paste#urlmap
/v2.0 = public_api
/v3 = api_v3
/ = public_version_api
[composite:admin]
use = egg:Paste#urlmap
/v2.0 = admin_api
/v3 = api_v3
/ = admin_version_api
View Git Blame Copy Permalink