5865d302c6
This commit does the following: - refreshes files/environment.d/default.yaml and files/templates/AWS_CloudWatch_Alarm.yaml from kilo - adds heat_max_nested_stack_depth and heat_trusts_delegated_roles variables (the default values of the config options these variables represent changed between juno and kilo and we now default to the kilo values while giving operators the ability to upgrade to kilo with the juno values) - adds heat_profiler_hmac_key, heat_profiler_enabled, and heat_profiler_trace_sqlalchemy variables which control the enablement of osprofiler - removes unneeded [clients_*] sections from templates/heat.conf.j2 - renames heat_clients_endpoint variable to heat_clients_endpoint - adds heat_clients_heat_endpoint so we can set [clients_heat] to use externalURL rather than internalURL Partially implements blueprint: master-kilofication Change-Id: If445d2ad394539a13fece656cb4089b042df542a
105 lines
3.5 KiB
Django/Jinja
105 lines
3.5 KiB
Django/Jinja
|
|
# heat-api pipeline
|
|
[pipeline:heat-api]
|
|
pipeline = request_id faultwrap ssl versionnegotiation osprofiler authurl authtoken context apiv1app
|
|
|
|
# heat-api pipeline for standalone heat
|
|
# ie. uses alternative auth backend that authenticates users against keystone
|
|
# using username and password instead of validating token (which requires
|
|
# an admin/service token).
|
|
# To enable, in heat.conf:
|
|
# [paste_deploy]
|
|
# flavor = standalone
|
|
#
|
|
[pipeline:heat-api-standalone]
|
|
pipeline = request_id faultwrap ssl versionnegotiation authurl authpassword context apiv1app
|
|
|
|
# heat-api pipeline for custom cloud backends
|
|
# i.e. in heat.conf:
|
|
# [paste_deploy]
|
|
# flavor = custombackend
|
|
#
|
|
[pipeline:heat-api-custombackend]
|
|
pipeline = request_id faultwrap versionnegotiation context custombackendauth apiv1app
|
|
|
|
# heat-api-cfn pipeline
|
|
[pipeline:heat-api-cfn]
|
|
pipeline = cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app
|
|
|
|
# heat-api-cfn pipeline for standalone heat
|
|
# relies exclusively on authenticating with ec2 signed requests
|
|
[pipeline:heat-api-cfn-standalone]
|
|
pipeline = cfnversionnegotiation ec2authtoken context apicfnv1app
|
|
|
|
# heat-api-cloudwatch pipeline
|
|
[pipeline:heat-api-cloudwatch]
|
|
pipeline = versionnegotiation osprofiler ec2authtoken authtoken context apicwapp
|
|
|
|
# heat-api-cloudwatch pipeline for standalone heat
|
|
# relies exclusively on authenticating with ec2 signed requests
|
|
[pipeline:heat-api-cloudwatch-standalone]
|
|
pipeline = versionnegotiation ec2authtoken context apicwapp
|
|
|
|
[app:apiv1app]
|
|
paste.app_factory = heat.common.wsgi:app_factory
|
|
heat.app_factory = heat.api.openstack.v1:API
|
|
|
|
[app:apicfnv1app]
|
|
paste.app_factory = heat.common.wsgi:app_factory
|
|
heat.app_factory = heat.api.cfn.v1:API
|
|
|
|
[app:apicwapp]
|
|
paste.app_factory = heat.common.wsgi:app_factory
|
|
heat.app_factory = heat.api.cloudwatch:API
|
|
|
|
[filter:versionnegotiation]
|
|
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
heat.filter_factory = heat.api.openstack:version_negotiation_filter
|
|
|
|
[filter:faultwrap]
|
|
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
heat.filter_factory = heat.api.openstack:faultwrap_filter
|
|
|
|
[filter:cfnversionnegotiation]
|
|
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
heat.filter_factory = heat.api.cfn:version_negotiation_filter
|
|
|
|
[filter:cwversionnegotiation]
|
|
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
heat.filter_factory = heat.api.cloudwatch:version_negotiation_filter
|
|
|
|
[filter:context]
|
|
paste.filter_factory = heat.common.context:ContextMiddleware_filter_factory
|
|
|
|
[filter:ec2authtoken]
|
|
paste.filter_factory = heat.api.aws.ec2token:EC2Token_filter_factory
|
|
|
|
[filter:ssl]
|
|
paste.filter_factory = heat.common.wsgi:filter_factory
|
|
heat.filter_factory = heat.api.openstack:sslmiddleware_filter
|
|
|
|
# Middleware to set auth_url header appropriately
|
|
[filter:authurl]
|
|
paste.filter_factory = heat.common.auth_url:filter_factory
|
|
|
|
# Auth middleware that validates token against keystone
|
|
[filter:authtoken]
|
|
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
|
|
|
# Auth middleware that validates username/password against keystone
|
|
[filter:authpassword]
|
|
paste.filter_factory = heat.common.auth_password:filter_factory
|
|
|
|
# Auth middleware that validates against custom backend
|
|
[filter:custombackendauth]
|
|
paste.filter_factory = heat.common.custom_backend_auth:filter_factory
|
|
|
|
# Middleware to set x-openstack-request-id in http response header
|
|
[filter:request_id]
|
|
paste.filter_factory = oslo.middleware.request_id:RequestId.factory
|
|
|
|
[filter:osprofiler]
|
|
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
|
|
hmac_keys = {{ heat_profiler_hmac_key }}
|
|
enabled = {{ heat_profiler_enabled }}
|