[DEFAULT] debug = {{ keystone_logging_debug }} {% if enable_cadf_notifications | bool %} notification_format = cadf transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} {% endif %} # NOTE(elemoine) log_dir alone does not work for Keystone log_file = /var/log/kolla/keystone/keystone.log use_stderr = True [oslo_middleware] enable_proxy_headers_parsing = True [database] connection = mysql+pymysql://{{ keystone_database_user }}:{{ keystone_database_password }}@{{ keystone_database_address }}/{{ keystone_database_name }} max_retries = -1 {% if keystone_domain_directory.stat.exists %} [identity] domain_specific_drivers_enabled = true domain_config_dir = /etc/keystone/domains {% endif %} [token] revoke_by_id = False {% if keystone_token_provider == 'uuid' %} provider = uuid {% elif keystone_token_provider == 'fernet' %} provider = {{ keystone_token_provider }} expiration = {{ fernet_token_expiry }} [fernet_tokens] max_active_keys = {{ (groups['keystone'] | length) + 1 }} {% endif %} [cache] backend = oslo_cache.memcache_pool enabled = True memcache_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %} {% if enable_cadf_notifications | bool %} [oslo_messaging_notifications] driver = messagingv2 {% endif %} {% if enable_osprofiler | bool %} [profiler] enabled = true trace_sqlalchemy = true hmac_keys = {{ osprofiler_secret }} {% if enable_elasticsearch | bool %} connection_string = elasticsearch://{{ elasticsearch_address }}:{{ elasticsearch_port }} {% endif %} {% endif %} {% if enable_grafana | bool %} [cors] allowed_origin = {{ public_protocol }}://{{ kolla_external_fqdn }}:{{ grafana_server_port }} {% endif %}