Heat: remove oslo-genconfig
This PS removes the modified oslo-genconfig from heat. Partially implements: blueprint remove-pregenerated-config-templates Change-Id: Ib4a5e1c41874e3a2eb15b5002538a2193f07ab04
This commit is contained in:
Pete Birley
parent
9e117ce95b
commit
6df59fc3d9
@ -17,99 +17,96 @@ limitations under the License.
|
||||
{{- if .Values.manifests.configmap_etc }}
|
||||
{{- $envAll := . }}
|
||||
|
||||
{{- include "heat.conf.heat_values_skeleton" .Values.conf.heat | trunc 0 -}}
|
||||
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.auth_uri -}}
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "auth_uri" | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.auth_uri -}}
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken "auth_uri" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
# FIXME(alanmeadows) fix for broken keystonemiddleware oslo config gen in newton - will remove in future
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.auth_url -}}
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.auth_url -}}
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
# Set a random string as secret key.
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.memcache_secret_key -}}
|
||||
{{- randAlphaNum 64 | set .Values.conf.heat.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.region_name -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.project_name -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.project_name -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.project_domain_name -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.project_domain_name -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.user_domain_name -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.user_domain_name -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.username -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.username -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.password -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.password -}}
|
||||
{{- set .Values.conf.heat.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.region_name -}}
|
||||
{{- set .Values.conf.heat.trustee.heat.common.context "region_name" .Values.endpoints.identity.auth.trustee.region_name | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.trustee.region_name -}}
|
||||
{{- set .Values.conf.heat.trustee "region_name" .Values.endpoints.identity.auth.trustee.region_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.project_name -}}
|
||||
{{- set .Values.conf.heat.trustee.heat.common.context "project_name" .Values.endpoints.identity.auth.trustee.project_name | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.trustee.project_name -}}
|
||||
{{- set .Values.conf.heat.trustee "project_name" .Values.endpoints.identity.auth.trustee.project_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.project_domain_name -}}
|
||||
{{- set .Values.conf.heat.trustee.heat.common.context "project_domain_name" .Values.endpoints.identity.auth.trustee.project_domain_name | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.trustee.project_domain_name -}}
|
||||
{{- set .Values.conf.heat.trustee "project_domain_name" .Values.endpoints.identity.auth.trustee.project_domain_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.user_domain_name -}}
|
||||
{{- set .Values.conf.heat.trustee.heat.common.context "user_domain_name" .Values.endpoints.identity.auth.trustee.user_domain_name | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.trustee.user_domain_name -}}
|
||||
{{- set .Values.conf.heat.trustee "user_domain_name" .Values.endpoints.identity.auth.trustee.user_domain_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.username -}}
|
||||
{{- set .Values.conf.heat.trustee.heat.common.context "username" .Values.endpoints.identity.auth.trustee.username | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.trustee.username -}}
|
||||
{{- set .Values.conf.heat.trustee "username" .Values.endpoints.identity.auth.trustee.username | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.password -}}
|
||||
{{- set .Values.conf.heat.trustee.heat.common.context "password" .Values.endpoints.identity.auth.trustee.password | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.trustee.password -}}
|
||||
{{- set .Values.conf.heat.trustee "password" .Values.endpoints.identity.auth.trustee.password | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.heat.default.heat.common.config.stack_user_domain_name -}}
|
||||
{{- set .Values.conf.heat.default.heat.common.config "stack_user_domain_name" .Values.endpoints.identity.auth.stack_user.region_name | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.DEFAULT.stack_user_domain_name -}}
|
||||
{{- set .Values.conf.heat.DEFAULT "stack_user_domain_name" .Values.endpoints.identity.auth.stack_user.region_name | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.default.heat.common.config.stack_domain_admin -}}
|
||||
{{- set .Values.conf.heat.default.heat.common.config "stack_domain_admin" .Values.endpoints.identity.auth.stack_user.username | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.DEFAULT.stack_domain_admin -}}
|
||||
{{- set .Values.conf.heat.DEFAULT "stack_domain_admin" .Values.endpoints.identity.auth.stack_user.username | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if empty .Values.conf.heat.default.heat.common.config.stack_domain_admin_password -}}
|
||||
{{- set .Values.conf.heat.default.heat.common.config "stack_domain_admin_password" .Values.endpoints.identity.auth.stack_user.password | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.DEFAULT.stack_domain_admin_password -}}
|
||||
{{- set .Values.conf.heat.DEFAULT "stack_domain_admin_password" .Values.endpoints.identity.auth.stack_user.password | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.keystone_authtoken.memcached_servers -}}
|
||||
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.heat.database.oslo.db.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database.oslo.db "connection" | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.database.connection -}}
|
||||
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database "connection" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.heat.default.oslo.messaging.transport_url -}}
|
||||
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.heat.default.oslo.messaging "transport_url" | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.DEFAULT.transport_url -}}
|
||||
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.heat.DEFAULT "transport_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.heat.default.heat.common.config.heat_metadata_server_url -}}
|
||||
{{- tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.cloudformation.path.default | set .Values.conf.heat.default.heat.common.config "heat_metadata_server_url" | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.DEFAULT.heat_metadata_server_url -}}
|
||||
{{- tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.cloudformation.path.default | set .Values.conf.heat.DEFAULT "heat_metadata_server_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.heat.default.heat.common.config.heat_waitcondition_server_url -}}
|
||||
{{- cat (tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup") "waitcondition" | replace " " "/" | set .Values.conf.heat.default.heat.common.config "heat_waitcondition_server_url" | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.DEFAULT.heat_waitcondition_server_url -}}
|
||||
{{- cat (tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup") "waitcondition" | replace " " "/" | set .Values.conf.heat.DEFAULT "heat_waitcondition_server_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.heat.default.heat.common.config.heat_watch_server_url -}}
|
||||
{{- tuple "cloudwatch" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix "/" | set .Values.conf.heat.default.heat.common.config "heat_watch_server_url" | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.DEFAULT.heat_watch_server_url -}}
|
||||
{{- tuple "cloudwatch" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix "/" | set .Values.conf.heat.DEFAULT "heat_watch_server_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.heat.clients_keystone.heat.common.config.auth_uri -}}
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.clients_keystone.heat.common.config "auth_uri" | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.clients_keystone.auth_uri -}}
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.clients_keystone "auth_uri" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.heat.trustee.heat.common.context.auth_url -}}
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.trustee.heat.common.context "auth_url" | quote | trunc 0 -}}
|
||||
{{- if empty .Values.conf.heat.trustee.auth_url -}}
|
||||
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.trustee "auth_url" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
---
|
||||
@ -119,9 +116,9 @@ metadata:
|
||||
name: heat-etc
|
||||
data:
|
||||
heat.conf: |+
|
||||
{{- tuple .Values.conf.heat "etc/_heat.conf.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
|
||||
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.heat | indent 4 }}
|
||||
api-paste.ini: |+
|
||||
{{- tuple .Values.conf.paste "etc/_api-paste.ini.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
|
||||
{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }}
|
||||
policy.json: |+
|
||||
{{ toJson .Values.conf.policy | indent 4 }}
|
||||
{{- end }}
|
||||
|
||||
@ -59,10 +59,10 @@ spec:
|
||||
- /tmp/heat-api.sh
|
||||
- stop
|
||||
ports:
|
||||
- containerPort: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
|
||||
- containerPort: {{ .Values.conf.heat.heat_api.bind_port }}
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
|
||||
port: {{ .Values.conf.heat.heat_api.bind_port }}
|
||||
volumeMounts:
|
||||
- name: pod-etc-heat
|
||||
mountPath: /etc/heat
|
||||
|
||||
@ -59,10 +59,10 @@ spec:
|
||||
- /tmp/heat-cfn.sh
|
||||
- stop
|
||||
ports:
|
||||
- containerPort: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
|
||||
- containerPort: {{ .Values.conf.heat.heat_api_cfn.bind_port }}
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
|
||||
port: {{ .Values.conf.heat.heat_api_cfn.bind_port }}
|
||||
volumeMounts:
|
||||
- name: pod-etc-heat
|
||||
mountPath: /etc/heat
|
||||
|
||||
@ -59,10 +59,10 @@ spec:
|
||||
- /tmp/heat-cloudwatch.sh
|
||||
- stop
|
||||
ports:
|
||||
- containerPort: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
|
||||
- containerPort: {{ .Values.conf.heat.heat_api_cloudwatch.bind_port }}
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
|
||||
port: {{ .Values.conf.heat.heat_api_cloudwatch.bind_port }}
|
||||
volumeMounts:
|
||||
- name: pod-etc-heat
|
||||
mountPath: /etc/heat
|
||||
|
||||
@ -1,105 +0,0 @@
|
||||
|
||||
# heat-api pipeline
|
||||
[pipeline:heat-api]
|
||||
pipeline = cors request_id faultwrap http_proxy_to_wsgi versionnegotiation osprofiler authurl authtoken context apiv1app
|
||||
|
||||
# heat-api pipeline for standalone heat
|
||||
# ie. uses alternative auth backend that authenticates users against keystone
|
||||
# using username and password instead of validating token (which requires
|
||||
# an admin/service token).
|
||||
# To enable, in heat.conf:
|
||||
# [paste_deploy]
|
||||
# flavor = standalone
|
||||
#
|
||||
[pipeline:heat-api-standalone]
|
||||
pipeline = cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authpassword context apiv1app
|
||||
|
||||
# heat-api pipeline for custom cloud backends
|
||||
# i.e. in heat.conf:
|
||||
# [paste_deploy]
|
||||
# flavor = custombackend
|
||||
#
|
||||
[pipeline:heat-api-custombackend]
|
||||
pipeline = cors request_id faultwrap versionnegotiation context custombackendauth apiv1app
|
||||
|
||||
# heat-api-cfn pipeline
|
||||
[pipeline:heat-api-cfn]
|
||||
pipeline = cors http_proxy_to_wsgi cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app
|
||||
|
||||
# heat-api-cfn pipeline for standalone heat
|
||||
# relies exclusively on authenticating with ec2 signed requests
|
||||
[pipeline:heat-api-cfn-standalone]
|
||||
pipeline = cors http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app
|
||||
|
||||
# heat-api-cloudwatch pipeline
|
||||
[pipeline:heat-api-cloudwatch]
|
||||
pipeline = cors versionnegotiation osprofiler ec2authtoken authtoken context apicwapp
|
||||
|
||||
# heat-api-cloudwatch pipeline for standalone heat
|
||||
# relies exclusively on authenticating with ec2 signed requests
|
||||
[pipeline:heat-api-cloudwatch-standalone]
|
||||
pipeline = cors versionnegotiation ec2authtoken context apicwapp
|
||||
|
||||
[app:apiv1app]
|
||||
paste.app_factory = heat.common.wsgi:app_factory
|
||||
heat.app_factory = heat.api.openstack.v1:API
|
||||
|
||||
[app:apicfnv1app]
|
||||
paste.app_factory = heat.common.wsgi:app_factory
|
||||
heat.app_factory = heat.api.cfn.v1:API
|
||||
|
||||
[app:apicwapp]
|
||||
paste.app_factory = heat.common.wsgi:app_factory
|
||||
heat.app_factory = heat.api.cloudwatch:API
|
||||
|
||||
[filter:versionnegotiation]
|
||||
paste.filter_factory = heat.common.wsgi:filter_factory
|
||||
heat.filter_factory = heat.api.openstack:version_negotiation_filter
|
||||
|
||||
[filter:cors]
|
||||
paste.filter_factory = oslo_middleware.cors:filter_factory
|
||||
oslo_config_project = heat
|
||||
|
||||
[filter:faultwrap]
|
||||
paste.filter_factory = heat.common.wsgi:filter_factory
|
||||
heat.filter_factory = heat.api.openstack:faultwrap_filter
|
||||
|
||||
[filter:cfnversionnegotiation]
|
||||
paste.filter_factory = heat.common.wsgi:filter_factory
|
||||
heat.filter_factory = heat.api.cfn:version_negotiation_filter
|
||||
|
||||
[filter:cwversionnegotiation]
|
||||
paste.filter_factory = heat.common.wsgi:filter_factory
|
||||
heat.filter_factory = heat.api.cloudwatch:version_negotiation_filter
|
||||
|
||||
[filter:context]
|
||||
paste.filter_factory = heat.common.context:ContextMiddleware_filter_factory
|
||||
|
||||
[filter:ec2authtoken]
|
||||
paste.filter_factory = heat.api.aws.ec2token:EC2Token_filter_factory
|
||||
|
||||
[filter:http_proxy_to_wsgi]
|
||||
paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory
|
||||
|
||||
# Middleware to set auth_url header appropriately
|
||||
[filter:authurl]
|
||||
paste.filter_factory = heat.common.auth_url:filter_factory
|
||||
|
||||
# Auth middleware that validates token against keystone
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||
|
||||
# Auth middleware that validates username/password against keystone
|
||||
[filter:authpassword]
|
||||
paste.filter_factory = heat.common.auth_password:filter_factory
|
||||
|
||||
# Auth middleware that validates against custom backend
|
||||
[filter:custombackendauth]
|
||||
paste.filter_factory = heat.common.custom_backend_auth:filter_factory
|
||||
|
||||
# Middleware to set x-openstack-request-id in http response header
|
||||
[filter:request_id]
|
||||
paste.filter_factory = oslo_middleware.request_id:RequestId.factory
|
||||
|
||||
[filter:osprofiler]
|
||||
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
|
||||
File diff suppressed because it is too large
Load Diff
@ -1,16 +1,18 @@
|
||||
# Copyright 2017 The Openstack-Helm Authors.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- $envAll := . }}
|
||||
{{- $dependencies := .Values.dependencies.trusts }}
|
||||
@ -52,7 +54,7 @@ spec:
|
||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||
{{- end }}
|
||||
- name: SERVICE_OS_ROLES
|
||||
value: {{ .Values.conf.heat.default.heat.common.config.trusts_delegated_roles }}
|
||||
value: {{ .Values.conf.heat.DEFAULT.trusts_delegated_roles }}
|
||||
- name: SERVICE_OS_TRUSTEE
|
||||
value: {{ .Values.endpoints.identity.auth.trustee.username }}
|
||||
volumes:
|
||||
|
||||
@ -24,7 +24,7 @@ metadata:
|
||||
spec:
|
||||
ports:
|
||||
- name: h-api
|
||||
port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
|
||||
port: {{ .Values.conf.heat.heat_api.bind_port }}
|
||||
{{ if .Values.network.api.node_port.enabled }}
|
||||
nodePort: {{ .Values.network.api.node_port.port }}
|
||||
{{ end }}
|
||||
|
||||
@ -24,7 +24,7 @@ metadata:
|
||||
spec:
|
||||
ports:
|
||||
- name: h-cfn
|
||||
port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
|
||||
port: {{ .Values.conf.heat.heat_api_cfn.bind_port }}
|
||||
{{ if .Values.network.cfn.node_port.enabled }}
|
||||
nodePort: {{ .Values.network.cfn.node_port.port }}
|
||||
{{ end }}
|
||||
|
||||
@ -24,7 +24,7 @@ metadata:
|
||||
spec:
|
||||
ports:
|
||||
- name: h-cwh
|
||||
port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
|
||||
port: {{ .Values.conf.heat.heat_api_cloudwatch.bind_port }}
|
||||
{{ if .Values.network.cloudwatch.node_port.enabled }}
|
||||
nodePort: {{ .Values.network.cloudwatch.node_port.port }}
|
||||
{{ end }}
|
||||
|
||||
@ -39,8 +39,62 @@ images:
|
||||
|
||||
conf:
|
||||
paste:
|
||||
override:
|
||||
append:
|
||||
pipeline:heat-api:
|
||||
pipeline: cors request_id faultwrap http_proxy_to_wsgi versionnegotiation osprofiler authurl authtoken context apiv1app
|
||||
pipeline:heat-api-standalone:
|
||||
pipeline: cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authpassword context apiv1app
|
||||
pipeline:heat-api-custombackend:
|
||||
pipeline: cors request_id faultwrap versionnegotiation context custombackendauth apiv1app
|
||||
pipeline:heat-api-cfn:
|
||||
pipeline: cors http_proxy_to_wsgi cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app
|
||||
pipeline:heat-api-cfn-standalone:
|
||||
pipeline: cors http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app
|
||||
pipeline:heat-api-cloudwatch:
|
||||
pipeline: cors versionnegotiation osprofiler ec2authtoken authtoken context apicwapp
|
||||
pipeline:heat-api-cloudwatch-standalone:
|
||||
pipeline: cors versionnegotiation ec2authtoken context apicwapp
|
||||
app:apiv1app:
|
||||
paste.app_factory: heat.common.wsgi:app_factory
|
||||
heat.app_factory: heat.api.openstack.v1:API
|
||||
app:apicfnv1app:
|
||||
paste.app_factory: heat.common.wsgi:app_factory
|
||||
heat.app_factory: heat.api.cfn.v1:API
|
||||
app:apicwapp:
|
||||
paste.app_factory: heat.common.wsgi:app_factory
|
||||
heat.app_factory: heat.api.cloudwatch:API
|
||||
filter:versionnegotiation:
|
||||
paste.filter_factory: heat.common.wsgi:filter_factory
|
||||
heat.filter_factory: heat.api.openstack:version_negotiation_filter
|
||||
filter:cors:
|
||||
paste.filter_factory: oslo_middleware.cors:filter_factory
|
||||
oslo_config_project: heat
|
||||
filter:faultwrap:
|
||||
paste.filter_factory: heat.common.wsgi:filter_factory
|
||||
heat.filter_factory: heat.api.openstack:faultwrap_filter
|
||||
filter:cfnversionnegotiation:
|
||||
paste.filter_factory: heat.common.wsgi:filter_factory
|
||||
heat.filter_factory: heat.api.cfn:version_negotiation_filter
|
||||
filter:cwversionnegotiation:
|
||||
paste.filter_factory: heat.common.wsgi:filter_factory
|
||||
heat.filter_factory: heat.api.cloudwatch:version_negotiation_filter
|
||||
filter:context:
|
||||
paste.filter_factory: heat.common.context:ContextMiddleware_filter_factory
|
||||
filter:ec2authtoken:
|
||||
paste.filter_factory: heat.api.aws.ec2token:EC2Token_filter_factory
|
||||
filter:http_proxy_to_wsgi:
|
||||
paste.filter_factory: oslo_middleware:HTTPProxyToWSGI.factory
|
||||
filter:authurl:
|
||||
paste.filter_factory: heat.common.auth_url:filter_factory
|
||||
filter:authtoken:
|
||||
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
|
||||
filter:authpassword:
|
||||
paste.filter_factory: heat.common.auth_password:filter_factory
|
||||
filter:custombackendauth:
|
||||
paste.filter_factory: heat.common.custom_backend_auth:filter_factory
|
||||
filter:request_id:
|
||||
paste.filter_factory: oslo_middleware.request_id:RequestId.factory
|
||||
filter:osprofiler:
|
||||
paste.filter_factory: osprofiler.web:WsgiMiddleware.factory
|
||||
policy:
|
||||
context_is_admin: role:admin and is_admin_project:True
|
||||
project_admin: role:admin
|
||||
@ -131,57 +185,32 @@ conf:
|
||||
resource_types:OS::Nova::HostAggregate: rule:project_admin
|
||||
resource_types:OS::Cinder::QoSSpecs: rule:project_admin
|
||||
heat:
|
||||
override:
|
||||
append:
|
||||
default:
|
||||
heat:
|
||||
common:
|
||||
config:
|
||||
DEFAULT:
|
||||
num_engine_workers: 4
|
||||
trusts_delegated_roles: ""
|
||||
keystone_authtoken:
|
||||
keystonemiddleware:
|
||||
auth_token:
|
||||
auth_type: password
|
||||
auth_version: v3
|
||||
memcache_security_strategy: ENCRYPT
|
||||
database:
|
||||
max_retries: -1
|
||||
trustee:
|
||||
heat:
|
||||
common:
|
||||
context:
|
||||
auth_type: password
|
||||
auth_version: v3
|
||||
heat_api:
|
||||
heat:
|
||||
common:
|
||||
wsgi:
|
||||
bind_port: 8004
|
||||
workers: 4
|
||||
heat_api_cloudwatch:
|
||||
heat:
|
||||
common:
|
||||
wsgi:
|
||||
bind_port: 8003
|
||||
workers: 4
|
||||
heat_api_cfn:
|
||||
heat:
|
||||
common:
|
||||
wsgi:
|
||||
bind_port: 8000
|
||||
workers: 4
|
||||
paste_deploy:
|
||||
heat.common:
|
||||
config:
|
||||
api_paste_config: /etc/heat/api-paste.ini
|
||||
clients:
|
||||
heat:
|
||||
common:
|
||||
config:
|
||||
endpoint_type: internalURL
|
||||
clients_keystone:
|
||||
heat:
|
||||
common:
|
||||
config:
|
||||
endpoint_type: internalURL
|
||||
|
||||
network:
|
||||
|
||||
Loading…
Reference in New Issue
Block a user