9828ad1167
The wrapper keystone_bootstrap.sh expects to parse output from the keystone-manage command. Somewhere along the line this command stopped logging to stderr resulting in it not being able to report it's changed status correctly. Closes-Bug: #1668220 Change-Id: I895ebe11b88fd239fa8cb6e1a2fed779743e4139
55 lines
2.0 KiB
Django/Jinja
55 lines
2.0 KiB
Django/Jinja
[DEFAULT]
|
|
debug = {{ keystone_logging_debug }}
|
|
{% if enable_cadf_notifications | bool %}
|
|
notification_format = cadf
|
|
transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
{% endif %}
|
|
|
|
# NOTE(elemoine) log_dir alone does not work for Keystone
|
|
log_file = /var/log/kolla/keystone/keystone.log
|
|
use_stderr = True
|
|
|
|
secure_proxy_ssl_header = HTTP_X_FORWARDED_PROTO
|
|
|
|
[database]
|
|
connection = mysql+pymysql://{{ keystone_database_user }}:{{ keystone_database_password }}@{{ keystone_database_address }}/{{ keystone_database_name }}
|
|
max_retries = -1
|
|
|
|
{% if keystone_domain_directory.stat.exists %}
|
|
[identity]
|
|
domain_specific_drivers_enabled = true
|
|
domain_config_dir = /etc/keystone/domains
|
|
{% endif %}
|
|
|
|
[token]
|
|
revoke_by_id = False
|
|
{% if keystone_token_provider == 'uuid' %}
|
|
provider = uuid
|
|
{% elif keystone_token_provider == 'fernet' %}
|
|
provider = {{ keystone_token_provider }}
|
|
expiration = {{ fernet_token_expiry }}
|
|
|
|
[fernet_tokens]
|
|
max_active_keys = {{ (groups['keystone'] | length) + 1 }}
|
|
{% endif %}
|
|
|
|
[cache]
|
|
backend = oslo_cache.memcache_pool
|
|
enabled = True
|
|
|
|
{# For Kolla-Ansible, generate the memcache servers based on the list of
|
|
memcached servers in the inventory and memcached_servers should be un-set.
|
|
For Kolla-Kubernetes, it is necessary to define the memcached_servers
|
|
variable in globals.yml to set it to the Kubernetes service for memcached. #}
|
|
|
|
{% if orchestration_engine == 'KUBERNETES' %}
|
|
memcache_servers = {{ memcached_servers }}
|
|
{% else %}
|
|
memcache_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
{%- endif %}
|
|
|
|
{% if enable_cadf_notifications | bool %}
|
|
[oslo_messaging_notifications]
|
|
driver = messagingv2
|
|
{% endif %}
|