openstack/kolla-ansible
Code Issues Proposed changes
kolla-ansible/ansible/roles/magnum/templates/magnum.conf.j2
Bharat Kunwar 78bb594264 Use public interface for Magnum client and trustee Keystone interface 
While all other clients should use internalURL, the Magnum client itself
and Keystone interface for trustee credentials should be publicly
accessible (upstream default when no config is specified) since
instances need to be able to reach them.

Closes-Bug: #1885420
Change-Id: I74359cec7147a80db24eb4aa4156c35d31a026bf
2020-07-01 08:45:12 +00:00

125 lines
3.3 KiB
Django/Jinja
Raw Blame History

[DEFAULT]
debug = {{ magnum_logging_debug }}
state_path = /var/lib/magnum
log_dir = /var/log/kolla/magnum
host = {{ api_interface_address }}
transport_url = {{ rpc_transport_url }}
{% if service_name == 'magnum-api' %}
[api]
port = {{ magnum_api_port }}
host = {{ api_interface_address }}
workers = {{ openstack_service_workers }}
{% endif %}
[database]
connection = mysql+pymysql://{{ magnum_database_user }}:{{ magnum_database_password }}@{{ magnum_database_address }}/{{ magnum_database_name }}
max_retries = -1
{% if enable_cinder | bool %}
[cinder]
default_docker_volume_type = {{ default_docker_volume_type }}
{% endif %}
[magnum_client]
region_name = {{ openstack_region_name }}
endpoint_type = publicURL
[heat_client]
region_name = {{ openstack_region_name }}
endpoint_type = internalURL
[octavia_client]
region_name = {{ openstack_region_name }}
endpoint_type = internalURL
[cinder_client]
region_name = {{ openstack_region_name }}
endpoint_type = internalURL
[barbican_client]
region_name = {{ openstack_region_name }}
endpoint_type = internalURL
[glance_client]
region_name = {{ openstack_region_name }}
endpoint_type = internalURL
[neutron_client]
region_name = {{ openstack_region_name }}
endpoint_type = internalURL
[nova_client]
region_name = {{ openstack_region_name }}
endpoint_type = internalURL
[keystone_auth]
auth_url = {{ keystone_internal_url }}/v3
user_domain_name = {{ default_user_domain_name }}
project_domain_name = {{ default_project_domain_name }}
project_name = service
password = {{ magnum_keystone_password }}
username = {{ magnum_keystone_user }}
auth_type = password
[keystone_authtoken]
auth_version = v3
www_authenticate_uri = {{ keystone_internal_url }}/v3
auth_url = {{ keystone_admin_url }}
auth_type = password
project_domain_name = {{ default_project_domain_name }}
user_domain_name = {{ default_user_domain_name }}
project_name = service
username = {{ magnum_keystone_user }}
password = {{ magnum_keystone_password }}
cafile = {{ openstack_cacert }}
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[trust]
trustee_domain_admin_password = {{ magnum_keystone_password }}
trustee_domain_admin_name = {{ magnum_trustee_domain_admin }}
trustee_domain_name = {{ magnum_trustee_domain }}
trustee_keystone_region_name = {{ openstack_region_name }}
trustee_keystone_interface = public
cluster_user_trust = {{ enable_cluster_user_trust }}
[oslo_concurrency]
lock_path = /var/lib/magnum/tmp
[oslo_middleware]
enable_proxy_headers_parsing = True
[certificates]
{% if enable_barbican | bool %}
cert_manager_type = barbican
{% else %}
cert_manager_type = x509keypair
{% endif %}
[oslo_messaging_notifications]
transport_url = {{ notify_transport_url }}
{% if magnum_enabled_notification_topics %}
driver = messaging
topics = {{ magnum_enabled_notification_topics | map(attribute='name') | join(',') }}
{% else %}
driver = noop
{% endif %}
{% if magnum_policy_file is defined %}
[oslo_policy]
policy_file = {{ magnum_policy_file }}
{% endif %}
{% if enable_osprofiler | bool %}
[profiler]
enabled = true
trace_sqlalchemy = true
hmac_keys = {{ osprofiler_secret }}
connection_string = {{ osprofiler_backend_connection_string }}
{% endif %}
View Git Blame Copy Permalink