Mohammed Naser f19778eb46 Configure Keystone to get a list of all HAproxy instances
This will allow Keystone to be able to put the correct IP address
in the logs using the X-Forwarded-For headers.

Depends-On: I9006dbb15837178cee7de869372c901040095e2b
Change-Id: Ic439514885edf6e63f94172943a0424e3c3a9fbf
2018-04-22 13:30:07 +00:00

65 lines
2.9 KiB
YAML

---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# These are here rather than in keystone_all because
# both the os_ceilometer and os_keystone roles require them
# RPC
keystone_rabbitmq_userid: keystone
keystone_rabbitmq_vhost: /keystone
keystone_rabbitmq_port: "{{ rabbitmq_port }}"
keystone_rabbitmq_servers: "{{ rabbitmq_servers }}"
keystone_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}"
keystone_rabbitmq_host_group: "{{ rabbitmq_host_group }}"
# Telemetry notifications
keystone_rabbitmq_telemetry_userid: "{{ keystone_rabbitmq_userid }}"
keystone_rabbitmq_telemetry_password: "{{ keystone_rabbitmq_password }}"
keystone_rabbitmq_telemetry_vhost: "{{ keystone_rabbitmq_vhost }}"
keystone_rabbitmq_telemetry_port: "{{ keystone_rabbitmq_port }}"
keystone_rabbitmq_telemetry_servers: "{{ keystone_rabbitmq_servers }}"
keystone_rabbitmq_telemetry_use_ssl: "{{ keystone_rabbitmq_use_ssl }}"
keystone_rabbitmq_telemetry_host_group: "{{ keystone_rabbitmq_host_group }}"
# If there are any Ceilometer hosts in the environment, then enable its usage
keystone_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}"
# The MySQL details for the keystone service
keystone_galera_user: keystone
keystone_galera_database: keystone
keystone_galera_address: "{{ galera_address }}"
# The system user for all keystone services
keystone_system_user_name: keystone
keystone_external_ssl: "{{ openstack_external_ssl }}"
keystone_cache_servers: "[{% for host in groups['memcached_all'] %}\"{{ hostvars[host]['container_address'] }}:{{ memcached_port }}\"{% if not loop.last %},{% endif %}{% endfor %}]"
keystone_service_in_ldap: "{{ service_ldap_backend_enabled }}"
# Hosts allowed to override remote IP with X-Forwarded-For
keystone_set_real_ip_from: "{{ groups['haproxy_all'] | map('extract', hostvars, 'container_address') | list }}"
# Ensure that the package state matches the global setting
keystone_package_state: "{{ package_state }}"
# venv fetch configuration
keystone_venv_tag: "{{ venv_tag }}"
keystone_bin: "/openstack/venvs/keystone-{{ keystone_venv_tag }}/bin"
keystone_venv_download_url: "{{ venv_base_download_url }}/keystone-{{ openstack_release }}-{{ ansible_architecture | lower }}.tgz"
# locations for fetching the default files from the git source
keystone_git_config_lookup_location: "{{openstack_repo_url }}/openstackgit/keystone"