kolla-ansible/ansible/roles/senlin/templates/senlin.conf.j2
Christian Berendt 9dc2b019a2 senlin: add missing cafile parameter
The cafile parameter in the authentication section is required
in the senlin.conf configuration file when working with
self-signed certificates.

Change-Id: I3cd43cc7f43782a6c1d701a3e5b977bbc42e3719
2023-09-08 18:24:02 +02:00

94 lines
2.7 KiB
Django/Jinja

[DEFAULT]
debug = {{ senlin_logging_debug }}
log_dir = /var/log/kolla/senlin
transport_url = {{ rpc_transport_url }}
{% if service_name == 'senlin-api' %}
[senlin_api]
bind_host = {{ api_interface_address }}
bind_port = {{ senlin_api_listen_port }}
workers = {{ senlin_api_workers }}
{% endif %}
[authentication]
auth_url = {{ keystone_internal_url }}
cafile = {{ openstack_cacert }}
service_username = {{ senlin_keystone_user }}
service_password = {{ senlin_keystone_password }}
service_project_name = service
service_user_domain = default
service_project_domain = default
{% if service_name == 'senlin-conductor' %}
[conductor]
workers = {{ senlin_conductor_workers }}
{% endif %}
[database]
connection = mysql+pymysql://{{ senlin_database_user }}:{{ senlin_database_password }}@{{ senlin_database_address }}/{{ senlin_database_name }}
connection_recycle_time = {{ database_connection_recycle_time }}
max_pool_size = {{ database_max_pool_size }}
max_retries = -1
{% if service_name == 'senlin-engine' %}
[engine]
workers = {{ senlin_engine_workers }}
{% endif %}
{% if service_name == 'senlin-health-manager' %}
[health_manager]
workers = {{ senlin_health_manager_workers }}
{% endif %}
[keystone_authtoken]
service_type = clustering
www_authenticate_uri = {{ keystone_internal_url }}
auth_url = {{ keystone_internal_url }}
auth_type = password
project_domain_id = {{ default_project_domain_id }}
user_domain_id = {{ default_user_domain_id }}
project_name = service
username = {{ senlin_keystone_user }}
password = {{ senlin_keystone_password }}
service_token_roles_required = False
cafile = {{ openstack_cacert }}
region_name = {{ openstack_region_name }}
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[oslo_messaging_notifications]
transport_url = {{ notify_transport_url }}
{% if senlin_enabled_notification_topics %}
driver = messagingv2
topics = {{ senlin_enabled_notification_topics | map(attribute='name') | join(',') }}
{% else %}
driver = noop
{% endif %}
[oslo_messaging_rabbit]
heartbeat_in_pthread = false
{% if om_enable_rabbitmq_tls | bool %}
ssl = true
ssl_ca_file = {{ om_rabbitmq_cacert }}
{% endif %}
{% if om_enable_rabbitmq_high_availability | bool %}
amqp_durable_queues = true
{% endif %}
{% if senlin_policy_file is defined %}
[oslo_policy]
policy_file = {{ senlin_policy_file }}
{% endif %}
{% if enable_osprofiler | bool %}
[profiler]
enabled = true
trace_sqlalchemy = true
hmac_keys = {{ osprofiler_secret }}
connection_string = {{ osprofiler_backend_connection_string }}
{% endif %}