kolla-ansible/ansible/roles/heat/templates/heat.conf.j2
Pierre Riteau 943fedee62 Remove [trustee]/auth_uri option from heat.conf
According to the code, docs and oslo-config-validator, this
configuration option is not supported.

Change-Id: I34410e5267d527ec629748f35771f227183810b6
2023-01-16 13:30:56 +01:00

103 lines
3.1 KiB
Django/Jinja

[DEFAULT]
debug = {{ heat_logging_debug }}
log_dir = /var/log/kolla/heat
log_file = $log_dir/{{ service_name }}.log
heat_metadata_server_url = {{ heat_cfn_public_base_endpoint }}
heat_waitcondition_server_url = {{ heat_cfn_public_base_endpoint }}/v1/waitcondition
heat_stack_user_role = {{ heat_stack_user_role }}
stack_domain_admin = heat_domain_admin
stack_domain_admin_password = {{ heat_domain_admin_password }}
stack_user_domain_name = heat_user_domain
{% if service_name == 'heat-engine' %}
num_engine_workers = {{ heat_engine_workers }}
{% endif %}
transport_url = {{ rpc_transport_url }}
region_name_for_services = {{ openstack_region_name }}
server_keystone_endpoint_type = public
[database]
connection = mysql+pymysql://{{ heat_database_user }}:{{ heat_database_password }}@{{ heat_database_address }}/{{ heat_database_name }}
connection_recycle_time = {{ database_connection_recycle_time }}
max_pool_size = {{ database_max_pool_size }}
max_retries = -1
[keystone_authtoken]
service_type = orchestration
www_authenticate_uri = {{ keystone_internal_url }}
auth_url = {{ keystone_internal_url }}
auth_type = password
project_domain_id = {{ default_project_domain_id }}
user_domain_id = {{ default_user_domain_id }}
project_name = service
username = {{ heat_keystone_user }}
password = {{ heat_keystone_password }}
cafile = {{ openstack_cacert }}
region_name = {{ openstack_region_name }}
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcache_secret_key }}
memcached_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[cache]
backend = oslo_cache.memcache_pool
enabled = True
memcache_servers = {% for host in groups['memcached'] %}{{ 'api' | kolla_address(host) | put_address_in_context('memcache') }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
[trustee]
auth_url = {{ keystone_internal_url }}
auth_type = password
user_domain_id = {{ default_user_domain_id }}
username = {{ heat_keystone_user }}
password = {{ heat_keystone_password }}
[ec2authtoken]
auth_uri = {{ keystone_internal_url }}
[oslo_messaging_notifications]
transport_url = {{ notify_transport_url }}
{% if heat_enabled_notification_topics %}
driver = messagingv2
topics = {{ heat_enabled_notification_topics | map(attribute='name') | join(',') }}
{% else %}
driver = noop
{% endif %}
[oslo_messaging_rabbit]
heartbeat_in_pthread = {{ service_name == 'heat-api' or service_name == 'heat-api-cfn' }}
{% if om_enable_rabbitmq_tls | bool %}
ssl = true
ssl_ca_file = {{ om_rabbitmq_cacert }}
{% endif %}
{% if om_enable_rabbitmq_high_availability | bool %}
amqp_durable_queues = true
{% endif %}
{% if heat_policy_file is defined %}
[oslo_policy]
policy_file = {{ heat_policy_file }}
{% endif %}
[clients]
endpoint_type = internalURL
ca_file = {{ openstack_cacert }}
[oslo_middleware]
enable_proxy_headers_parsing = True
{% if enable_osprofiler | bool %}
[profiler]
enabled = true
trace_sqlalchemy = true
hmac_keys = {{ osprofiler_secret }}
connection_string = {{ osprofiler_backend_connection_string }}
{% endif %}