openstack/kolla-ansible
Code Issues Proposed changes
532b81d6ee
kolla-ansible/ansible/roles/manila/templates/manila.conf.j2
Will Szumski 49006e56d9 Add keystone_authtoken.service_type 
Fixes an issue where access rules failed to validate:

    Cannot validate request with restricted access rules. Set
    service_type in [keystone_authtoken] to allow access rule validation

I've used the values from the endpoint. This was mostly a straight
forward copy and paste, except:

- versioned endpoints e.g cinderv3 where I stripped the version
- monasca has multiple endpoints associated with a single service. For
  this, I concatenated logging and monitoring to be logging-monitoring.

Closes-Bug: #1965111
Change-Id: Ic4b3ab60abad8c3dd96cd4923a67f2a8f9d195d7
2022-06-09 22:49:38 +02:00

72 lines
2.2 KiB
Django/Jinja
Raw Blame History

[DEFAULT]
debug = {{ manila_logging_debug }}
log_dir = /var/log/kolla/manila
use_forwarded_for = true
my_ip = {{ api_interface_address }}
osapi_share_listen = {{ api_interface_address }}
osapi_share_listen_port = {{ manila_api_port }}
osapi_share_workers = {{ openstack_service_workers }}
rootwrap_config = /etc/manila/rootwrap.conf
api_paste_config = /etc/manila/api-paste.ini
enabled_share_protocols = "{{ manila_backends|selectattr('enabled', 'equalto', true)|sum(attribute='protocols', start=[]) | unique | join(',') }}"
auth_strategy = keystone
os_region_name = {{ openstack_region_name }}
transport_url = {{ rpc_transport_url }}
[oslo_concurrency]
lock_path = /var/lib/manila/tmp
[database]
connection = mysql+pymysql://{{ manila_database_user }}:{{ manila_database_password }}@{{ manila_database_address }}/{{ manila_database_name }}
connection_recycle_time = {{ database_connection_recycle_time }}
max_pool_size = {{ database_max_pool_size }}
max_retries = -1
[keystone_authtoken]
service_type = share
www_authenticate_uri = {{ keystone_internal_url }}
auth_url = {{ keystone_internal_url }}
auth_type = password
project_domain_id = {{ default_project_domain_id }}
user_domain_id = {{ default_user_domain_id }}
project_name = service
username = {{ manila_keystone_user }}
password = {{ manila_keystone_password }}
cafile = {{ openstack_cacert }}
region_name = {{ openstack_region_name }}
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[oslo_messaging_notifications]
transport_url = {{ notify_transport_url }}
{% if manila_enabled_notification_topics %}
driver = messagingv2
topics = {{ manila_enabled_notification_topics | map(attribute='name') | join(',') }}
{% else %}
driver = noop
{% endif %}
{% if om_enable_rabbitmq_tls | bool %}
[oslo_messaging_rabbit]
ssl = true
ssl_ca_file = {{ om_rabbitmq_cacert }}
{% endif %}
[oslo_middleware]
enable_proxy_headers_parsing = True
{% if manila_policy_file is defined %}
[oslo_policy]
policy_file = {{ manila_policy_file }}
{% endif %}
View Git Blame Copy Permalink