openstack/openstack-helm
Code Issues Proposed changes

Auth: Update credential keys to reference service specifically

Browse Source 
This PS moves all credentials for OpenStack services from 'user' to
the service name. This allows a single yaml snippet to articulate
the credentials for a deployment.

Change-Id: Ic720109f2ba854561b23767cb480bcae91f74b6b
This commit is contained in:
portdirect 2018-01-14 19:20:34 -05:00 committed by Pete Birley
parent a72db2e8ff
commit b180d28618
83 changed files with 317 additions and 334 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
barbican/templates/configmap-etc.yaml
View File

@ -31,22 +31,22 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.barbican.keystone_authtoken.region_name -}} {{- if empty .Values.conf.barbican.keystone_authtoken.region_name -}}
{{- set .Values.conf.barbican.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.barbican.keystone_authtoken "region_name" .Values.endpoints.identity.auth.barbican.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.barbican.keystone_authtoken.project_name -}} {{- if empty .Values.conf.barbican.keystone_authtoken.project_name -}}
{{- set .Values.conf.barbican.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.barbican.keystone_authtoken "project_name" .Values.endpoints.identity.auth.barbican.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.barbican.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.barbican.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.barbican.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.barbican.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.barbican.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.barbican.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.barbican.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.barbican.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.barbican.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.barbican.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.barbican.keystone_authtoken.username -}} {{- if empty .Values.conf.barbican.keystone_authtoken.username -}}
{{- set .Values.conf.barbican.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.barbican.keystone_authtoken "username" .Values.endpoints.identity.auth.barbican.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.barbican.keystone_authtoken.password -}} {{- if empty .Values.conf.barbican.keystone_authtoken.password -}}
{{- set .Values.conf.barbican.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.barbican.keystone_authtoken "password" .Values.endpoints.identity.auth.barbican.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.barbican.keystone_authtoken.memcached_servers -}} {{- if empty .Values.conf.barbican.keystone_authtoken.memcached_servers -}}
@ -54,11 +54,11 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.barbican.DEFAULT.sql_connection -}} {{- if empty .Values.conf.barbican.DEFAULT.sql_connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.barbican.DEFAULT "sql_connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "barbican" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.barbican.DEFAULT "sql_connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.barbican.DEFAULT.transport_url -}} {{- if empty .Values.conf.barbican.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.barbican.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "barbican" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.barbican.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- $barbicanPath := index .Values "endpoints" "key_manager" "path" "default" }} {{- $barbicanPath := index .Values "endpoints" "key_manager" "path" "default" }}

4
barbican/templates/job-ks-user.yaml
View File

@ -55,11 +55,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "barbican" value: "barbican"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.barbican }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.barbican.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
barbican/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "barbican" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
barbican/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "barbican" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

10
barbican/values.yaml
View File

@ -377,10 +377,10 @@ conf:
secrets: secrets:
identity: identity:
admin: barbican-keystone-admin admin: barbican-keystone-admin
user: barbican-keystone-user barbican: barbican-keystone-user
oslo_db: oslo_db:
admin: barbican-db-admin admin: barbican-db-admin
user: barbican-db-user barbican: barbican-db-user
endpoints: endpoints:
cluster_domain_suffix: cluster.local cluster_domain_suffix: cluster.local
@ -394,7 +394,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: barbican:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: barbican username: barbican
@ -436,7 +436,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: barbican:
username: barbican username: barbican
password: password password: password
hosts: hosts:
@ -450,7 +450,7 @@ endpoints:
default: 3306 default: 3306
oslo_messaging: oslo_messaging:
auth: auth:
user: barbican:
username: rabbitmq username: rabbitmq
password: password password: password
hosts: hosts:

36
ceilometer/templates/configmap-etc.yaml
View File

@ -30,68 +30,68 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.database.connection -}} {{- if empty .Values.conf.ceilometer.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "ceilometer" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.database.event_connection -}} {{- if empty .Values.conf.ceilometer.database.event_connection -}}
{{- tuple "mongodb" "internal" "user" "mongodb" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "event_connection" | quote | trunc 0 -}} {{- tuple "mongodb" "internal" "ceilometer" "mongodb" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "event_connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.database.metering_connection -}} {{- if empty .Values.conf.ceilometer.database.metering_connection -}}
{{- tuple "mongodb" "internal" "user" "mongodb" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "metering_connection" | quote | trunc 0 -}} {{- tuple "mongodb" "internal" "ceilometer" "mongodb" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "metering_connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.DEFAULT.transport_url -}} {{- if empty .Values.conf.ceilometer.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ceilometer.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "ceilometer" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ceilometer.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.oslo_messaging_notifications.transport_url -}} {{- if empty .Values.conf.ceilometer.oslo_messaging_notifications.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ceilometer.oslo_messaging_notifications "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "ceilometer" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ceilometer.oslo_messaging_notifications "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.notification.messaging_urls -}} {{- if empty .Values.conf.ceilometer.notification.messaging_urls -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ceilometer.notification "messaging_urls" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "ceilometer" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ceilometer.notification "messaging_urls" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.keystone_authtoken.region_name -}} {{- if empty .Values.conf.ceilometer.keystone_authtoken.region_name -}}
{{- set .Values.conf.ceilometer.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.ceilometer.keystone_authtoken "region_name" .Values.endpoints.identity.auth.ceilometer.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.keystone_authtoken.project_name -}} {{- if empty .Values.conf.ceilometer.keystone_authtoken.project_name -}}
{{- set .Values.conf.ceilometer.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.ceilometer.keystone_authtoken "project_name" .Values.endpoints.identity.auth.ceilometer.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.ceilometer.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.ceilometer.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.ceilometer.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.ceilometer.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.ceilometer.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.ceilometer.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.ceilometer.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.ceilometer.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.keystone_authtoken.username -}} {{- if empty .Values.conf.ceilometer.keystone_authtoken.username -}}
{{- set .Values.conf.ceilometer.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.ceilometer.keystone_authtoken "username" .Values.endpoints.identity.auth.ceilometer.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.keystone_authtoken.password -}} {{- if empty .Values.conf.ceilometer.keystone_authtoken.password -}}
{{- set .Values.conf.ceilometer.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.ceilometer.keystone_authtoken "password" .Values.endpoints.identity.auth.ceilometer.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.service_credentials.auth_url -}} {{- if empty .Values.conf.ceilometer.service_credentials.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ceilometer.service_credentials "auth_url" | quote | trunc 0 -}} {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ceilometer.service_credentials "auth_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.service_credentials.region_name -}} {{- if empty .Values.conf.ceilometer.service_credentials.region_name -}}
{{- set .Values.conf.ceilometer.service_credentials "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.ceilometer.service_credentials "region_name" .Values.endpoints.identity.auth.ceilometer.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.service_credentials.project_name -}} {{- if empty .Values.conf.ceilometer.service_credentials.project_name -}}
{{- set .Values.conf.ceilometer.service_credentials "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.ceilometer.service_credentials "project_name" .Values.endpoints.identity.auth.ceilometer.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.service_credentials.project_domain_name -}} {{- if empty .Values.conf.ceilometer.service_credentials.project_domain_name -}}
{{- set .Values.conf.ceilometer.service_credentials "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.ceilometer.service_credentials "project_domain_name" .Values.endpoints.identity.auth.ceilometer.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.service_credentials.user_domain_name -}} {{- if empty .Values.conf.ceilometer.service_credentials.user_domain_name -}}
{{- set .Values.conf.ceilometer.service_credentials "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.ceilometer.service_credentials "user_domain_name" .Values.endpoints.identity.auth.ceilometer.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.service_credentials.username -}} {{- if empty .Values.conf.ceilometer.service_credentials.username -}}
{{- set .Values.conf.ceilometer.service_credentials "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.ceilometer.service_credentials "username" .Values.endpoints.identity.auth.ceilometer.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.service_credentials.password -}} {{- if empty .Values.conf.ceilometer.service_credentials.password -}}
{{- set .Values.conf.ceilometer.service_credentials "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.ceilometer.service_credentials "password" .Values.endpoints.identity.auth.ceilometer.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.ceilometer.dispatcher_gnocchi.url -}} {{- if empty .Values.conf.ceilometer.dispatcher_gnocchi.url -}}

2
ceilometer/templates/job-db-init-mongodb.yaml
View File

@ -48,7 +48,7 @@ spec:
- name: USER_DB_CONNECTION - name: USER_DB_CONNECTION
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: {{ .Values.secrets.mongodb.user }} name: {{ .Values.secrets.mongodb.ceilometer }}
key: DB_CONNECTION key: DB_CONNECTION
command: command:
- /tmp/db-init-mongodb.sh - /tmp/db-init-mongodb.sh

4
ceilometer/templates/job-ks-user.yaml
View File

@ -52,11 +52,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "ceilometer" value: "ceilometer"
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.ceilometer }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.ceilometer.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
ceilometer/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "ceilometer" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
ceilometer/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "ceilometer" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
ceilometer/templates/secret-mongodb.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_mongodb }} {{- if .Values.manifests.secret_mongodb }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "ceilometer" }}
{{- $secretName := index $envAll.Values.secrets.mongodb $userClass }} {{- $secretName := index $envAll.Values.secrets.mongodb $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

14
ceilometer/values.yaml
View File

@ -1600,13 +1600,13 @@ dependencies:
secrets: secrets:
identity: identity:
admin: ceilometer-keystone-admin admin: ceilometer-keystone-admin
user: ceilometer-keystone-user ceilometer: ceilometer-keystone-user
oslo_db: oslo_db:
admin: ceilometer-db-admin admin: ceilometer-db-admin
user: ceilometer-db-user ceilometer: ceilometer-db-user
mongodb: mongodb:
admin: ceilometer-mongodb-admin admin: ceilometer-mongodb-admin
user: ceilometer-mongodb-user ceilometer: ceilometer-mongodb-user
# typically overriden by environmental # typically overriden by environmental
# values, but should include all endpoints # values, but should include all endpoints
@ -1623,7 +1623,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: ceilometer:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: ceilometer username: ceilometer
@ -1710,7 +1710,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: ceilometer:
username: ceilometer username: ceilometer
password: password password: password
hosts: hosts:
@ -1727,7 +1727,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: ceilometer:
username: ceilometer username: ceilometer
password: password password: password
hosts: hosts:
@ -1749,7 +1749,7 @@ endpoints:
default: 11211 default: 11211
oslo_messaging: oslo_messaging:
auth: auth:
user: ceilometer:
username: rabbitmq username: rabbitmq
password: password password: password
hosts: hosts:

4
ceph/templates/job-ks-user.yaml
View File

@ -56,11 +56,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "ceph" value: "ceph"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.swift }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.swift.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
ceph/templates/secret-keystone-rgw.yaml
View File

@ -17,7 +17,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone_rgw }} {{- if .Values.manifests.secret_keystone_rgw }}
{{- $envAll := . }} {{- $envAll := . }}
{{- if .Values.deployment.ceph }} {{- if .Values.deployment.ceph }}
{{- range $key1, $userClass := tuple "user" }} {{- range $key1, $userClass := tuple "swift" }}
{{- $secretName := index $envAll.Values.secrets.identity "user_rgw" }} {{- $secretName := index $envAll.Values.secrets.identity "user_rgw" }}
--- ---
apiVersion: v1 apiVersion: v1

2
ceph/templates/secret-keystone.yaml
View File

@ -17,7 +17,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- if .Values.deployment.rgw_keystone_user_and_endpoints }} {{- if .Values.deployment.rgw_keystone_user_and_endpoints }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "swift" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

4
ceph/values.yaml
View File

@ -172,7 +172,7 @@ secrets:
admin: ceph-client-admin-keyring admin: ceph-client-admin-keyring
identity: identity:
admin: ceph-keystone-admin admin: ceph-keystone-admin
user: ceph-keystone-user swift: ceph-keystone-user
user_rgw: ceph-keystone-user-rgw user_rgw: ceph-keystone-user-rgw
network: network:
@ -381,7 +381,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: swift:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: swift username: swift

26
cinder/templates/configmap-etc.yaml
View File

@ -31,22 +31,22 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.region_name -}} {{- if empty .Values.conf.cinder.keystone_authtoken.region_name -}}
{{- set .Values.conf.cinder.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.cinder.keystone_authtoken "region_name" .Values.endpoints.identity.auth.cinder.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.project_name -}} {{- if empty .Values.conf.cinder.keystone_authtoken.project_name -}}
{{- set .Values.conf.cinder.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.cinder.keystone_authtoken "project_name" .Values.endpoints.identity.auth.cinder.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.cinder.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.cinder.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.cinder.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.cinder.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.cinder.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.cinder.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.cinder.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.cinder.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.username -}} {{- if empty .Values.conf.cinder.keystone_authtoken.username -}}
{{- set .Values.conf.cinder.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.cinder.keystone_authtoken "username" .Values.endpoints.identity.auth.cinder.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.password -}} {{- if empty .Values.conf.cinder.keystone_authtoken.password -}}
{{- set .Values.conf.cinder.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.cinder.keystone_authtoken "password" .Values.endpoints.identity.auth.cinder.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.memcached_servers -}} {{- if empty .Values.conf.cinder.keystone_authtoken.memcached_servers -}}
@ -54,11 +54,11 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.database.connection -}} {{- if empty .Values.conf.cinder.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.cinder.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "cinder" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.cinder.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.transport_url -}} {{- if empty .Values.conf.cinder.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.cinder.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "cinder" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.cinder.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.glance_api_servers -}} {{- if empty .Values.conf.cinder.DEFAULT.glance_api_servers -}}
@ -73,19 +73,19 @@ limitations under the License.
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.cinder.DEFAULT "backup_swift_auth_url" | quote | trunc 0 -}} {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.cinder.DEFAULT "backup_swift_auth_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.backup_swift_user_domain -}} {{- if empty .Values.conf.cinder.DEFAULT.backup_swift_user_domain -}}
{{- set .Values.conf.cinder.DEFAULT "backup_swift_user_domain" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.cinder.DEFAULT "backup_swift_user_domain" .Values.endpoints.identity.auth.cinder.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.backup_swift_user -}} {{- if empty .Values.conf.cinder.DEFAULT.backup_swift_user -}}
{{- set .Values.conf.cinder.DEFAULT "backup_swift_user" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.cinder.DEFAULT "backup_swift_user" .Values.endpoints.identity.auth.cinder.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.backup_swift_key -}} {{- if empty .Values.conf.cinder.DEFAULT.backup_swift_key -}}
{{- set .Values.conf.cinder.DEFAULT "backup_swift_key" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.cinder.DEFAULT "backup_swift_key" .Values.endpoints.identity.auth.cinder.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.backup_swift_project_domain -}} {{- if empty .Values.conf.cinder.DEFAULT.backup_swift_project_domain -}}
{{- set .Values.conf.cinder.DEFAULT "backup_swift_project_domain" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.cinder.DEFAULT "backup_swift_project_domain" .Values.endpoints.identity.auth.cinder.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.backup_swift_project -}} {{- if empty .Values.conf.cinder.DEFAULT.backup_swift_project -}}
{{- set .Values.conf.cinder.DEFAULT "backup_swift_project" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.cinder.DEFAULT "backup_swift_project" .Values.endpoints.identity.auth.cinder.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.swift_catalog_info -}} {{- if empty .Values.conf.cinder.DEFAULT.swift_catalog_info -}}
{{- set .Values.conf.cinder.DEFAULT "swift_catalog_info" "object-store:swift:internalURL" | quote | trunc 0 -}} {{- set .Values.conf.cinder.DEFAULT "swift_catalog_info" "object-store:swift:internalURL" | quote | trunc 0 -}}

4
cinder/templates/job-ks-user.yaml
View File

@ -55,11 +55,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "cinder" value: "cinder"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.cinder }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.cinder.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
cinder/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "cinder" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
cinder/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "cinder" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

10
cinder/values.yaml
View File

@ -599,10 +599,10 @@ dependencies:
secrets: secrets:
identity: identity:
admin: cinder-keystone-admin admin: cinder-keystone-admin
user: cinder-keystone-user cinder: cinder-keystone-user
oslo_db: oslo_db:
admin: cinder-db-admin admin: cinder-db-admin
user: cinder-db-user cinder: cinder-db-user
rbd: rbd:
backup: cinder-backup-rbd-keyring backup: cinder-backup-rbd-keyring
volume: cinder-volume-rbd-keyring volume: cinder-volume-rbd-keyring
@ -622,7 +622,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: cinder:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: cinder username: cinder
@ -724,7 +724,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: cinder:
username: cinder username: cinder
password: password password: password
hosts: hosts:
@ -738,7 +738,7 @@ endpoints:
default: 3306 default: 3306
oslo_messaging: oslo_messaging:
auth: auth:
user: cinder:
username: rabbitmq username: rabbitmq
password: password password: password
hosts: hosts:

16
congress/templates/configmap-etc.yaml
View File

@ -18,11 +18,11 @@ limitations under the License.
{{- $envAll := . }} {{- $envAll := . }}
{{- if empty .Values.conf.congress.DEFAULT.transport_url -}} {{- if empty .Values.conf.congress.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.congress.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "congress" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.congress.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.congress.database.connection -}} {{- if empty .Values.conf.congress.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.congress.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "congress" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.congress.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.congress.keystone_authtoken.memcached_servers -}} {{- if empty .Values.conf.congress.keystone_authtoken.memcached_servers -}}
@ -38,22 +38,22 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.congress.keystone_authtoken.region_name -}} {{- if empty .Values.conf.congress.keystone_authtoken.region_name -}}
{{- set .Values.conf.congress.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.congress.keystone_authtoken "region_name" .Values.endpoints.identity.auth.congress.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.congress.keystone_authtoken.project_name -}} {{- if empty .Values.conf.congress.keystone_authtoken.project_name -}}
{{- set .Values.conf.congress.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.congress.keystone_authtoken "project_name" .Values.endpoints.identity.auth.congress.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.congress.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.congress.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.congress.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.congress.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.congress.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.congress.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.congress.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.congress.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.congress.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.congress.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.congress.keystone_authtoken.username -}} {{- if empty .Values.conf.congress.keystone_authtoken.username -}}
{{- set .Values.conf.congress.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.congress.keystone_authtoken "username" .Values.endpoints.identity.auth.congress.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.congress.keystone_authtoken.password -}} {{- if empty .Values.conf.congress.keystone_authtoken.password -}}
{{- set .Values.conf.congress.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.congress.keystone_authtoken "password" .Values.endpoints.identity.auth.congress.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}

4
congress/templates/job-ks-user.yaml
View File

@ -55,11 +55,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "congress" value: "congress"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.congress }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.congress.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
congress/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "congress" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
congress/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "congress" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

29
congress/values.yaml
View File

@ -124,10 +124,10 @@ dependencies:
secrets: secrets:
identity: identity:
admin: congress-keystone-admin admin: congress-keystone-admin
user: congress-keystone-user congress: congress-keystone-user
oslo_db: oslo_db:
admin: congress-db-admin admin: congress-db-admin
user: congress-db-user congress: congress-db-user
rbd: images-rbd-keyring rbd: images-rbd-keyring
endpoints: endpoints:
@ -142,7 +142,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: congress:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: congress username: congress
@ -184,7 +184,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: congress:
username: congress username: congress
password: password password: password
hosts: hosts:
@ -206,7 +206,7 @@ endpoints:
default: 11211 default: 11211
oslo_messaging: oslo_messaging:
auth: auth:
user: congress:
username: rabbitmq username: rabbitmq
password: password password: password
hosts: hosts:
@ -218,25 +218,6 @@ endpoints:
port: port:
amqp: amqp:
default: 5672 default: 5672
ceph_object_store:
name: radosgw
namespace: ceph
auth:
user:
username: congress
password: password
tmpurlkey: supersecret
hosts:
default: ceph-rgw
host_fqdn_override:
default: null
path:
default: /auth/v1.0
scheme:
default: http
port:
api:
default: 8088
policy: policy:
datasource_services: datasource_services:

32
glance/templates/configmap-etc.yaml
View File

@ -40,41 +40,41 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.region_name -}} {{- if empty .Values.conf.glance.keystone_authtoken.region_name -}}
{{- set .Values.conf.glance.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.glance.keystone_authtoken "region_name" .Values.endpoints.identity.auth.glance.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.project_name -}} {{- if empty .Values.conf.glance.keystone_authtoken.project_name -}}
{{- set .Values.conf.glance.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.glance.keystone_authtoken "project_name" .Values.endpoints.identity.auth.glance.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.glance.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.glance.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.glance.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.glance.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.glance.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.glance.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.glance.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.glance.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.username -}} {{- if empty .Values.conf.glance.keystone_authtoken.username -}}
{{- set .Values.conf.glance.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.glance.keystone_authtoken "username" .Values.endpoints.identity.auth.glance.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.password -}} {{- if empty .Values.conf.glance.keystone_authtoken.password -}}
{{- set .Values.conf.glance.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.glance.keystone_authtoken "password" .Values.endpoints.identity.auth.glance.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.region_name -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.region_name -}}
{{- set .Values.conf.glance_registry.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.glance_registry.keystone_authtoken "region_name" .Values.endpoints.identity.auth.glance.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.project_name -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.project_name -}}
{{- set .Values.conf.glance_registry.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.glance_registry.keystone_authtoken "project_name" .Values.endpoints.identity.auth.glance.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.glance_registry.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.glance_registry.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.glance.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.glance_registry.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.glance_registry.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.glance.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.username -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.username -}}
{{- set .Values.conf.glance_registry.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.glance_registry.keystone_authtoken "username" .Values.endpoints.identity.auth.glance.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.password -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.password -}}
{{- set .Values.conf.glance_registry.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.glance_registry.keystone_authtoken "password" .Values.endpoints.identity.auth.glance.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.memcached_servers -}} {{- if empty .Values.conf.glance.keystone_authtoken.memcached_servers -}}
@ -85,17 +85,17 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.database.connection -}} {{- if empty .Values.conf.glance.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "glance" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance_registry.connection -}} {{- if empty .Values.conf.glance_registry.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance_registry.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "glance" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance_registry.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.DEFAULT.transport_url -}} {{- if empty .Values.conf.glance.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.glance.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "glance" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.glance.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance_registry.DEFAULT.transport_url -}} {{- if empty .Values.conf.glance_registry.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.glance_registry.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "glance" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.glance_registry.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.DEFAULT.registry_host -}} {{- if empty .Values.conf.glance.DEFAULT.registry_host -}}

12
glance/templates/etc/_swift-store.conf.tpl
View File

@ -18,13 +18,13 @@ limitations under the License.
{{- if eq .Values.storage "radosgw" }} {{- if eq .Values.storage "radosgw" }}
auth_version = 1 auth_version = 1
auth_address = {{ tuple "ceph_object_store" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }} auth_address = {{ tuple "ceph_object_store" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}
user = {{ .Values.endpoints.ceph_object_store.auth.user.username }}:swift user = {{ .Values.endpoints.ceph_object_store.auth.glance.username }}:swift
key = {{ .Values.endpoints.ceph_object_store.auth.user.password }} key = {{ .Values.endpoints.ceph_object_store.auth.glance.password }}
{{- else }} {{- else }}
user = {{ .Values.endpoints.identity.auth.user.project_name }}:{{ .Values.endpoints.identity.auth.user.username }} user = {{ .Values.endpoints.identity.auth.glance.project_name }}:{{ .Values.endpoints.identity.auth.glance.username }}
key = {{ .Values.endpoints.identity.auth.user.password }} key = {{ .Values.endpoints.identity.auth.glance.password }}
auth_address = {{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }} auth_address = {{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}
user_domain_name = {{ .Values.endpoints.identity.auth.user.user_domain_name }} user_domain_name = {{ .Values.endpoints.identity.auth.glance.user_domain_name }}
project_domain_name = {{ .Values.endpoints.identity.auth.user.project_domain_name }} project_domain_name = {{ .Values.endpoints.identity.auth.glance.project_domain_name }}
auth_version = 3 auth_version = 3
{{- end -}} {{- end -}}

4
glance/templates/job-ks-user.yaml
View File

@ -55,11 +55,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "glance" value: "glance"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.glance }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.glance.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

6
glance/templates/job-storage-init.yaml
View File

@ -108,11 +108,11 @@ spec:
{{ end }} {{ end }}
{{- if eq .Values.storage "radosgw" }} {{- if eq .Values.storage "radosgw" }}
- name: RADOSGW_USERNAME - name: RADOSGW_USERNAME
value: {{ .Values.endpoints.ceph_object_store.auth.user.username | quote }} value: {{ .Values.endpoints.ceph_object_store.auth.glance.username | quote }}
- name: RADOSGW_PASSWORD - name: RADOSGW_PASSWORD
value: {{ .Values.endpoints.ceph_object_store.auth.user.password | quote }} value: {{ .Values.endpoints.ceph_object_store.auth.glance.password | quote }}
- name: RADOSGW_TMPURL_KEY - name: RADOSGW_TMPURL_KEY
value: {{ .Values.endpoints.ceph_object_store.auth.user.tmpurlkey | quote }} value: {{ .Values.endpoints.ceph_object_store.auth.glance.tmpurlkey | quote }}
{{ end }} {{ end }}
command: command:
- /tmp/storage-init.sh - /tmp/storage-init.sh

2
glance/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "glance" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
glance/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "glance" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

12
glance/values.yaml
View File

@ -378,10 +378,10 @@ dependencies:
secrets: secrets:
identity: identity:
admin: glance-keystone-admin admin: glance-keystone-admin
user: glance-keystone-user glance: glance-keystone-user
oslo_db: oslo_db:
admin: glance-db-admin admin: glance-db-admin
user: glance-db-user glance: glance-db-user
rbd: images-rbd-keyring rbd: images-rbd-keyring
# typically overriden by environmental # typically overriden by environmental
@ -399,7 +399,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: glance:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: glance username: glance
@ -456,7 +456,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: glance:
username: glance username: glance
password: password password: password
hosts: hosts:
@ -478,7 +478,7 @@ endpoints:
default: 11211 default: 11211
oslo_messaging: oslo_messaging:
auth: auth:
user: glance:
username: rabbitmq username: rabbitmq
password: password password: password
hosts: hosts:
@ -494,7 +494,7 @@ endpoints:
name: radosgw name: radosgw
namespace: ceph namespace: ceph
auth: auth:
user: glance:
username: glance username: glance
password: password password: password
tmpurlkey: supersecret tmpurlkey: supersecret

18
gnocchi/templates/configmap-etc.yaml
View File

@ -33,33 +33,33 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.gnocchi.keystone_authtoken.region_name -}} {{- if empty .Values.conf.gnocchi.keystone_authtoken.region_name -}}
{{- set .Values.conf.gnocchi.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.gnocchi.keystone_authtoken "region_name" .Values.endpoints.identity.auth.gnocchi.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.gnocchi.keystone_authtoken.project_name -}} {{- if empty .Values.conf.gnocchi.keystone_authtoken.project_name -}}
{{- set .Values.conf.gnocchi.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.gnocchi.keystone_authtoken "project_name" .Values.endpoints.identity.auth.gnocchi.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.gnocchi.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.gnocchi.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.gnocchi.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.gnocchi.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.gnocchi.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.gnocchi.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.gnocchi.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.gnocchi.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.gnocchi.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.gnocchi.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.gnocchi.keystone_authtoken.username -}} {{- if empty .Values.conf.gnocchi.keystone_authtoken.username -}}
{{- set .Values.conf.gnocchi.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.gnocchi.keystone_authtoken "username" .Values.endpoints.identity.auth.gnocchi.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.gnocchi.keystone_authtoken.password -}} {{- if empty .Values.conf.gnocchi.keystone_authtoken.password -}}
{{- set .Values.conf.gnocchi.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.gnocchi.keystone_authtoken "password" .Values.endpoints.identity.auth.gnocchi.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.gnocchi.database.connection -}} {{- if empty .Values.conf.gnocchi.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "gnocchi" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.gnocchi.indexer.url -}} {{- if empty .Values.conf.gnocchi.indexer.url -}}
{{ if eq .Values.conf.gnocchi.indexer.driver "postgresql" }} {{ if eq .Values.conf.gnocchi.indexer.driver "postgresql" }}
{{- tuple "oslo_db_postgresql" "internal" "user" "postgresql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.indexer "url" | quote | trunc 0 -}} {{- tuple "oslo_db_postgresql" "internal" "gnocchi" "postgresql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.indexer "url" | quote | trunc 0 -}}
{{ else }} {{ else }}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.indexer "url" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "gnocchi" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.indexer "url" | quote | trunc 0 -}}
{{ end }} {{ end }}
{{- end -}} {{- end -}}

4
gnocchi/templates/job-ks-user.yaml
View File

@ -55,11 +55,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "gnocchi" value: "gnocchi"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.gnocchi }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.gnocchi.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
gnocchi/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "gnocchi" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
gnocchi/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "gnocchi" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
{{- $auth := index $envAll.Values.endpoints.identity.auth $userClass }} {{- $auth := index $envAll.Values.endpoints.identity.auth $userClass }}
{{ $osAuthType := $auth.os_auth_type }} {{ $osAuthType := $auth.os_auth_type }}

10
gnocchi/values.yaml
View File

@ -342,10 +342,10 @@ conf:
secrets: secrets:
identity: identity:
admin: gnocchi-keystone-admin admin: gnocchi-keystone-admin
user: gnocchi-keystone-user gnocchi: gnocchi-keystone-user
oslo_db: oslo_db:
admin: gnocchi-db-admin admin: gnocchi-db-admin
user: gnocchi-db-user gnocchi: gnocchi-db-user
rbd: gnocchi-rbd-keyring rbd: gnocchi-rbd-keyring
# typically overriden by environmental # typically overriden by environmental
@ -365,7 +365,7 @@ endpoints:
region_name: "RegionOne" region_name: "RegionOne"
os_auth_type: "password" os_auth_type: "password"
os_tenant_name: "admin" os_tenant_name: "admin"
user: gnocchi:
username: "gnocchi" username: "gnocchi"
user_domain_name: "default" user_domain_name: "default"
role: "admin" role: "admin"
@ -409,7 +409,7 @@ endpoints:
admin: admin:
username: postgres username: postgres
password: password password: password
user: gnocchi:
username: gnocchi username: gnocchi
password: password password: password
hosts: hosts:
@ -426,7 +426,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: gnocchi:
username: gnocchi username: gnocchi
password: password password: password
hosts: hosts:

34
heat/templates/configmap-etc.yaml
View File

@ -30,51 +30,51 @@ limitations under the License.
{{- randAlphaNum 64 | set .Values.conf.heat.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}} {{- randAlphaNum 64 | set .Values.conf.heat.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.region_name -}} {{- if empty .Values.conf.heat.keystone_authtoken.region_name -}}
{{- set .Values.conf.heat.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.heat.keystone_authtoken "region_name" .Values.endpoints.identity.auth.heat.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.project_name -}} {{- if empty .Values.conf.heat.keystone_authtoken.project_name -}}
{{- set .Values.conf.heat.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.heat.keystone_authtoken "project_name" .Values.endpoints.identity.auth.heat.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.heat.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.heat.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.heat.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.heat.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.heat.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.heat.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.heat.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.heat.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.username -}} {{- if empty .Values.conf.heat.keystone_authtoken.username -}}
{{- set .Values.conf.heat.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.heat.keystone_authtoken "username" .Values.endpoints.identity.auth.heat.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.password -}} {{- if empty .Values.conf.heat.keystone_authtoken.password -}}
{{- set .Values.conf.heat.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.heat.keystone_authtoken "password" .Values.endpoints.identity.auth.heat.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.trustee.region_name -}} {{- if empty .Values.conf.heat.trustee.region_name -}}
{{- set .Values.conf.heat.trustee "region_name" .Values.endpoints.identity.auth.trustee.region_name | quote | trunc 0 -}} {{- set .Values.conf.heat.trustee "region_name" .Values.endpoints.identity.auth.heat_trustee.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.trustee.project_name -}} {{- if empty .Values.conf.heat.trustee.project_name -}}
{{- set .Values.conf.heat.trustee "project_name" .Values.endpoints.identity.auth.trustee.project_name | quote | trunc 0 -}} {{- set .Values.conf.heat.trustee "project_name" .Values.endpoints.identity.auth.heat_trustee.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.trustee.project_domain_name -}} {{- if empty .Values.conf.heat.trustee.project_domain_name -}}
{{- set .Values.conf.heat.trustee "project_domain_name" .Values.endpoints.identity.auth.trustee.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.heat.trustee "project_domain_name" .Values.endpoints.identity.auth.heat_trustee.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.trustee.user_domain_name -}} {{- if empty .Values.conf.heat.trustee.user_domain_name -}}
{{- set .Values.conf.heat.trustee "user_domain_name" .Values.endpoints.identity.auth.trustee.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.heat.trustee "user_domain_name" .Values.endpoints.identity.auth.heat_trustee.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.trustee.username -}} {{- if empty .Values.conf.heat.trustee.username -}}
{{- set .Values.conf.heat.trustee "username" .Values.endpoints.identity.auth.trustee.username | quote | trunc 0 -}} {{- set .Values.conf.heat.trustee "username" .Values.endpoints.identity.auth.heat_trustee.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.trustee.password -}} {{- if empty .Values.conf.heat.trustee.password -}}
{{- set .Values.conf.heat.trustee "password" .Values.endpoints.identity.auth.trustee.password | quote | trunc 0 -}} {{- set .Values.conf.heat.trustee "password" .Values.endpoints.identity.auth.heat_trustee.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.DEFAULT.stack_user_domain_name -}} {{- if empty .Values.conf.heat.DEFAULT.stack_user_domain_name -}}
{{- set .Values.conf.heat.DEFAULT "stack_user_domain_name" .Values.endpoints.identity.auth.stack_user.domain_name | quote | trunc 0 -}} {{- set .Values.conf.heat.DEFAULT "stack_user_domain_name" .Values.endpoints.identity.auth.heat_stack_user.domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.DEFAULT.stack_domain_admin -}} {{- if empty .Values.conf.heat.DEFAULT.stack_domain_admin -}}
{{- set .Values.conf.heat.DEFAULT "stack_domain_admin" .Values.endpoints.identity.auth.stack_user.username | quote | trunc 0 -}} {{- set .Values.conf.heat.DEFAULT "stack_domain_admin" .Values.endpoints.identity.auth.heat_stack_user.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.DEFAULT.stack_domain_admin_password -}} {{- if empty .Values.conf.heat.DEFAULT.stack_domain_admin_password -}}
{{- set .Values.conf.heat.DEFAULT "stack_domain_admin_password" .Values.endpoints.identity.auth.stack_user.password | quote | trunc 0 -}} {{- set .Values.conf.heat.DEFAULT "stack_domain_admin_password" .Values.endpoints.identity.auth.heat_stack_user.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.memcached_servers -}} {{- if empty .Values.conf.heat.keystone_authtoken.memcached_servers -}}
@ -82,11 +82,11 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.database.connection -}} {{- if empty .Values.conf.heat.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "heat" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.DEFAULT.transport_url -}} {{- if empty .Values.conf.heat.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.heat.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "heat" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.heat.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.DEFAULT.heat_metadata_server_url -}} {{- if empty .Values.conf.heat.DEFAULT.heat_metadata_server_url -}}

18
heat/templates/job-ks-user.yaml
View File

@ -55,11 +55,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "heat" value: "heat"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.heat }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.heat.role | quote }}
- name: heat-ks-trustee-user - name: heat-ks-trustee-user
image: {{ .Values.images.tags.ks_user }} image: {{ .Values.images.tags.ks_user }}
imagePullPolicy: {{ .Values.images.pull_policy }} imagePullPolicy: {{ .Values.images.pull_policy }}
@ -76,11 +76,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "heat" value: "heat"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.trustee }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.heat_trustee }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.trustee.role | quote }} value: {{ .Values.endpoints.identity.auth.heat_trustee.role | quote }}
- name: heat-ks-domain-user - name: heat-ks-domain-user
image: {{ .Values.images.tags.ks_user }} image: {{ .Values.images.tags.ks_user }}
imagePullPolicy: {{ .Values.images.pull_policy }} imagePullPolicy: {{ .Values.images.pull_policy }}
@ -100,25 +100,25 @@ spec:
- name: SERVICE_OS_REGION_NAME - name: SERVICE_OS_REGION_NAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: {{ .Values.secrets.identity.stack_user }} name: {{ .Values.secrets.identity.heat_stack_user }}
key: OS_REGION_NAME key: OS_REGION_NAME
- name: SERVICE_OS_DOMAIN_NAME - name: SERVICE_OS_DOMAIN_NAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: {{ .Values.secrets.identity.stack_user }} name: {{ .Values.secrets.identity.heat_stack_user }}
key: OS_DOMAIN_NAME key: OS_DOMAIN_NAME
- name: SERVICE_OS_USERNAME - name: SERVICE_OS_USERNAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: {{ .Values.secrets.identity.stack_user }} name: {{ .Values.secrets.identity.heat_stack_user }}
key: OS_USERNAME key: OS_USERNAME
- name: SERVICE_OS_PASSWORD - name: SERVICE_OS_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: {{ .Values.secrets.identity.stack_user }} name: {{ .Values.secrets.identity.heat_stack_user }}
key: OS_PASSWORD key: OS_PASSWORD
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.stack_user.role | quote }} value: {{ .Values.endpoints.identity.auth.heat_stack_user.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
heat/templates/job-trusts.yaml
View File

@ -60,7 +60,7 @@ spec:
- name: SERVICE_OS_ROLES - name: SERVICE_OS_ROLES
value: {{ .Values.conf.heat.DEFAULT.trusts_delegated_roles }} value: {{ .Values.conf.heat.DEFAULT.trusts_delegated_roles }}
- name: SERVICE_OS_TRUSTEE - name: SERVICE_OS_TRUSTEE
value: {{ .Values.endpoints.identity.auth.trustee.username }} value: {{ .Values.endpoints.identity.auth.heat_trustee.username }}
volumes: volumes:
- name: heat-bin - name: heat-bin
configMap: configMap:

2
heat/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "heat" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

12
heat/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" "trustee" }} {{- range $key1, $userClass := tuple "admin" "heat" "heat_trustee" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1
@ -31,12 +31,12 @@ data:
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ $envAll.Values.secrets.identity.stack_user }} name: {{ $envAll.Values.secrets.identity.heat_stack_user }}
type: Opaque type: Opaque
data: data:
OS_AUTH_URL: {{ tuple "identity" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc | indent 4 }} OS_AUTH_URL: {{ tuple "identity" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc | indent 4 }}
OS_REGION_NAME: {{ .Values.endpoints.identity.auth.stack_user.region_name | b64enc | indent 4 }} OS_REGION_NAME: {{ .Values.endpoints.identity.auth.heat_stack_user.region_name | b64enc | indent 4 }}
OS_DOMAIN_NAME: {{ .Values.endpoints.identity.auth.stack_user.domain_name | b64enc | indent 4 }} OS_DOMAIN_NAME: {{ .Values.endpoints.identity.auth.heat_stack_user.domain_name | b64enc | indent 4 }}
OS_USERNAME: {{ .Values.endpoints.identity.auth.stack_user.username | b64enc | indent 4 }} OS_USERNAME: {{ .Values.endpoints.identity.auth.heat_stack_user.username | b64enc | indent 4 }}
OS_PASSWORD: {{ .Values.endpoints.identity.auth.stack_user.password | b64enc | indent 4 }} OS_PASSWORD: {{ .Values.endpoints.identity.auth.heat_stack_user.password | b64enc | indent 4 }}
{{- end }} {{- end }}

18
heat/values.yaml
View File

@ -332,12 +332,12 @@ dependencies:
secrets: secrets:
identity: identity:
admin: heat-keystone-admin admin: heat-keystone-admin
user: heat-keystone-user heat: heat-keystone-user
trustee: heat-keystone-trustee heat_trustee: heat-keystone-trustee
stack_user: heat-keystone-stack-user heat_stack_user: heat-keystone-stack-user
oslo_db: oslo_db:
admin: heat-db-admin admin: heat-db-admin
user: heat-db-user heat: heat-db-user
# typically overriden by environmental # typically overriden by environmental
# values, but should include all endpoints # values, but should include all endpoints
@ -354,7 +354,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: heat:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: heat username: heat
@ -362,7 +362,7 @@ endpoints:
project_name: service project_name: service
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
trustee: heat_trustee:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: heat-trust username: heat-trust
@ -370,7 +370,7 @@ endpoints:
project_name: service project_name: service
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
stack_user: heat_stack_user:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: heat-domain username: heat-domain
@ -442,7 +442,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: heat:
username: heat username: heat
password: password password: password
hosts: hosts:
@ -464,7 +464,7 @@ endpoints:
default: 11211 default: 11211
oslo_messaging: oslo_messaging:
auth: auth:
user: heat:
username: rabbitmq username: rabbitmq
password: password password: password
hosts: hosts:

4
horizon/templates/etc/_local_settings.tpl
View File

@ -148,8 +148,8 @@ DATABASES = {
# Database configuration here # Database configuration here
'ENGINE': 'django.db.backends.mysql', 'ENGINE': 'django.db.backends.mysql',
'NAME': '{{ .Values.endpoints.oslo_db.path | base }}', 'NAME': '{{ .Values.endpoints.oslo_db.path | base }}',
'USER': '{{ .Values.endpoints.oslo_db.auth.user.username }}', 'USER': '{{ .Values.endpoints.oslo_db.auth.horizon.username }}',
'PASSWORD': '{{ .Values.endpoints.oslo_db.auth.user.password }}', 'PASSWORD': '{{ .Values.endpoints.oslo_db.auth.horizon.password }}',
'HOST': '{{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}', 'HOST': '{{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}',
'default-character-set': 'utf8', 'default-character-set': 'utf8',
'PORT': '{{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}' 'PORT': '{{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}'

2
horizon/templates/job-db-drop.yaml
View File

@ -60,7 +60,7 @@ spec:
- name: DB_CONNECTION - name: DB_CONNECTION
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: {{ .Values.secrets.oslo_db.user }} name: {{ .Values.secrets.oslo_db.horizon }}
key: DB_CONNECTION key: DB_CONNECTION
command: command:
- /tmp/db-drop.py - /tmp/db-drop.py

2
horizon/templates/job-db-init.yaml
View File

@ -54,7 +54,7 @@ spec:
- name: DB_CONNECTION - name: DB_CONNECTION
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: {{ .Values.secrets.oslo_db.user }} name: {{ .Values.secrets.oslo_db.horizon }}
key: DB_CONNECTION key: DB_CONNECTION
command: command:
- /tmp/db-init.py - /tmp/db-init.py

2
horizon/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "horizon" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

4
horizon/values.yaml
View File

@ -1216,7 +1216,7 @@ pod:
secrets: secrets:
oslo_db: oslo_db:
admin: horizon-db-admin admin: horizon-db-admin
user: horizon-db-user horizon: horizon-db-user
# typically overriden by environmental # typically overriden by environmental
# values, but should include all endpoints # values, but should include all endpoints
@ -1266,7 +1266,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: horizon:
username: horizon username: horizon
password: password password: password
hosts: hosts:

4
keystone/templates/configmap-etc.yaml
View File

@ -18,11 +18,11 @@ limitations under the License.
{{- $envAll := . }} {{- $envAll := . }}
{{- if empty .Values.conf.keystone.database.connection -}} {{- if empty .Values.conf.keystone.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.keystone.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "keystone" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.keystone.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.keystone.DEFAULT.transport_url -}} {{- if empty .Values.conf.keystone.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.keystone.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "keystone" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.keystone.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.keystone.cache.memcache_servers -}} {{- if empty .Values.conf.keystone.cache.memcache_servers -}}

2
keystone/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "keystone" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

8
keystone/values.yaml
View File

@ -516,7 +516,7 @@ secrets:
admin: keystone-keystone-admin admin: keystone-keystone-admin
oslo_db: oslo_db:
admin: keystone-db-admin admin: keystone-db-admin
user: keystone-db-user keystone: keystone-db-user
# typically overriden by environmental # typically overriden by environmental
# values, but should include all endpoints # values, but should include all endpoints
@ -554,7 +554,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: keystone:
username: keystone username: keystone
password: password password: password
hosts: hosts:
@ -569,8 +569,8 @@ endpoints:
oslo_messaging: oslo_messaging:
namespace: null namespace: null
auth: auth:
user: keystone:
username: keystone username: rabbitmq
password: password password: password
hosts: hosts:
default: rabbitmq default: rabbitmq

16
magnum/templates/configmap-etc.yaml
View File

@ -31,22 +31,22 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.magnum.keystone_authtoken.region_name -}} {{- if empty .Values.conf.magnum.keystone_authtoken.region_name -}}
{{- set .Values.conf.magnum.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.magnum.keystone_authtoken "region_name" .Values.endpoints.identity.auth.magnum.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.magnum.keystone_authtoken.project_name -}} {{- if empty .Values.conf.magnum.keystone_authtoken.project_name -}}
{{- set .Values.conf.magnum.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.magnum.keystone_authtoken "project_name" .Values.endpoints.identity.auth.magnum.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.magnum.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.magnum.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.magnum.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.magnum.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.magnum.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.magnum.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.magnum.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.magnum.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.magnum.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.magnum.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.magnum.keystone_authtoken.username -}} {{- if empty .Values.conf.magnum.keystone_authtoken.username -}}
{{- set .Values.conf.magnum.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.magnum.keystone_authtoken "username" .Values.endpoints.identity.auth.magnum.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.magnum.keystone_authtoken.password -}} {{- if empty .Values.conf.magnum.keystone_authtoken.password -}}
{{- set .Values.conf.magnum.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.magnum.keystone_authtoken "password" .Values.endpoints.identity.auth.magnum.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.magnum.keystone_authtoken.memcached_servers -}} {{- if empty .Values.conf.magnum.keystone_authtoken.memcached_servers -}}
@ -54,11 +54,11 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.magnum.database.connection -}} {{- if empty .Values.conf.magnum.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.magnum.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "magnum" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.magnum.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.magnum.DEFAULT.transport_url -}} {{- if empty .Values.conf.magnum.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.magnum.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "magnum" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.magnum.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
--- ---

4
magnum/templates/job-ks-user.yaml
View File

@ -55,11 +55,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "magnum" value: "magnum"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.magnum }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.magnum.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
magnum/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "magnum" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
magnum/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "magnum" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

20
magnum/values.yaml
View File

@ -182,10 +182,10 @@ dependencies:
secrets: secrets:
identity: identity:
admin: magnum-keystone-admin admin: magnum-keystone-admin
user: magnum-keystone-user magnum: magnum-keystone-user
oslo_db: oslo_db:
admin: magnum-db-admin admin: magnum-db-admin
user: magnum-db-user magnum: magnum-db-user
# typically overriden by environmental # typically overriden by environmental
# values, but should include all endpoints # values, but should include all endpoints
@ -202,7 +202,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: magnum:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: magnum username: magnum
@ -244,7 +244,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: magnum:
username: magnum username: magnum
password: password password: password
hosts: hosts:
@ -266,7 +266,7 @@ endpoints:
default: 11211 default: 11211
oslo_messaging: oslo_messaging:
auth: auth:
user: magnum:
username: rabbitmq username: rabbitmq
password: password password: password
hosts: hosts:
@ -284,11 +284,11 @@ pod:
magnum: magnum:
uid: 1000 uid: 1000
affinity: affinity:
anti: anti:
type: type:
default: preferredDuringSchedulingIgnoredDuringExecution default: preferredDuringSchedulingIgnoredDuringExecution
topologyKey: topologyKey:
default: kubernetes.io/hostname default: kubernetes.io/hostname
mounts: mounts:
magnum_api: magnum_api:
init_container: null init_container: null

16
mistral/templates/configmap-etc.yaml
View File

@ -31,22 +31,22 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.mistral.keystone_authtoken.region_name -}} {{- if empty .Values.conf.mistral.keystone_authtoken.region_name -}}
{{- set .Values.conf.mistral.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.mistral.keystone_authtoken "region_name" .Values.endpoints.identity.auth.mistral.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.mistral.keystone_authtoken.project_name -}} {{- if empty .Values.conf.mistral.keystone_authtoken.project_name -}}
{{- set .Values.conf.mistral.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.mistral.keystone_authtoken "project_name" .Values.endpoints.identity.auth.mistral.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.mistral.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.mistral.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.mistral.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.mistral.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.mistral.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.mistral.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.mistral.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.mistral.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.mistral.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.mistral.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.mistral.keystone_authtoken.username -}} {{- if empty .Values.conf.mistral.keystone_authtoken.username -}}
{{- set .Values.conf.mistral.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.mistral.keystone_authtoken "username" .Values.endpoints.identity.auth.mistral.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.mistral.keystone_authtoken.password -}} {{- if empty .Values.conf.mistral.keystone_authtoken.password -}}
{{- set .Values.conf.mistral.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.mistral.keystone_authtoken "password" .Values.endpoints.identity.auth.mistral.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.mistral.keystone_authtoken.memcached_servers -}} {{- if empty .Values.conf.mistral.keystone_authtoken.memcached_servers -}}
@ -54,11 +54,11 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.mistral.database.connection -}} {{- if empty .Values.conf.mistral.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.mistral.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "mistral" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.mistral.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.mistral.DEFAULT.transport_url -}} {{- if empty .Values.conf.mistral.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.mistral.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "mistral" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.mistral.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
--- ---

4
mistral/templates/job-ks-user.yaml
View File

@ -55,11 +55,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "mistral" value: "mistral"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.mistral }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.mistral.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
mistral/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "mistral" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
mistral/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "mistral" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

10
mistral/values.yaml
View File

@ -129,10 +129,10 @@ dependencies:
secrets: secrets:
identity: identity:
admin: mistral-keystone-admin admin: mistral-keystone-admin
user: mistral-keystone-user mistral: mistral-keystone-user
oslo_db: oslo_db:
admin: mistral-db-admin admin: mistral-db-admin
user: mistral-db-user mistral: mistral-db-user
# typically overriden by environmental # typically overriden by environmental
# values, but should include all endpoints # values, but should include all endpoints
@ -149,7 +149,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: mistral:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: mistral username: mistral
@ -191,7 +191,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: mistral:
username: mistral username: mistral
password: password password: password
hosts: hosts:
@ -205,7 +205,7 @@ endpoints:
default: 3306 default: 3306
oslo_messaging: oslo_messaging:
auth: auth:
user: mistral:
username: rabbitmq username: rabbitmq
password: password password: password
hosts: hosts:

16
neutron/templates/configmap-etc.yaml
View File

@ -31,22 +31,22 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.project_name -}} {{- if empty .Values.conf.neutron.keystone_authtoken.project_name -}}
{{- set .Values.conf.neutron.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.neutron.keystone_authtoken "project_name" .Values.endpoints.identity.auth.neutron.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.neutron.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.neutron.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.neutron.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.neutron.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.neutron.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.neutron.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.neutron.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.neutron.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.username -}} {{- if empty .Values.conf.neutron.keystone_authtoken.username -}}
{{- set .Values.conf.neutron.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.neutron.keystone_authtoken "username" .Values.endpoints.identity.auth.neutron.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.password -}} {{- if empty .Values.conf.neutron.keystone_authtoken.password -}}
{{- set .Values.conf.neutron.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.neutron.keystone_authtoken "password" .Values.endpoints.identity.auth.neutron.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.region_name -}} {{- if empty .Values.conf.neutron.keystone_authtoken.region_name -}}
{{- set .Values.conf.neutron.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.neutron.keystone_authtoken "region_name" .Values.endpoints.identity.auth.neutron.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.memcached_servers -}} {{- if empty .Values.conf.neutron.keystone_authtoken.memcached_servers -}}
@ -54,11 +54,11 @@ limitations under the License.
{{- end }} {{- end }}
{{- if empty .Values.conf.neutron.database.connection -}} {{- if empty .Values.conf.neutron.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.neutron.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "neutron" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.neutron.database "connection" | quote | trunc 0 -}}
{{- end }} {{- end }}
{{- if empty .Values.conf.neutron.DEFAULT.transport_url -}} {{- if empty .Values.conf.neutron.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.neutron.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "neutron" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.neutron.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end }} {{- end }}
{{- if empty .Values.conf.neutron.nova.auth_url -}} {{- if empty .Values.conf.neutron.nova.auth_url -}}

4
neutron/templates/job-ks-user.yaml
View File

@ -55,11 +55,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "neutron" value: "neutron"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.neutron }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.neutron.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
neutron/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "neutron" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
neutron/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "neutron" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

10
neutron/values.yaml
View File

@ -1060,10 +1060,10 @@ conf:
secrets: secrets:
identity: identity:
admin: neutron-keystone-admin admin: neutron-keystone-admin
user: neutron-keystone-user neutron: neutron-keystone-user
oslo_db: oslo_db:
admin: neutron-db-admin admin: neutron-db-admin
user: neutron-db-user neutron: neutron-db-user
# typically overriden by environmental # typically overriden by environmental
# values, but should include all endpoints # values, but should include all endpoints
@ -1075,7 +1075,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: neutron:
username: neutron username: neutron
password: password password: password
hosts: hosts:
@ -1089,7 +1089,7 @@ endpoints:
default: 3306 default: 3306
oslo_messaging: oslo_messaging:
auth: auth:
user: neutron:
username: rabbitmq username: rabbitmq
password: password password: password
hosts: hosts:
@ -1151,7 +1151,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: neutron:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: neutron username: neutron

20
nova/templates/configmap-etc.yaml
View File

@ -32,22 +32,22 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.keystone_authtoken.region_name -}} {{- if empty .Values.conf.nova.keystone_authtoken.region_name -}}
{{- set .Values.conf.nova.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.nova.keystone_authtoken "region_name" .Values.endpoints.identity.auth.nova.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.keystone_authtoken.project_name -}} {{- if empty .Values.conf.nova.keystone_authtoken.project_name -}}
{{- set .Values.conf.nova.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.nova.keystone_authtoken "project_name" .Values.endpoints.identity.auth.nova.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.nova.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.nova.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.nova.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.nova.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.nova.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.nova.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.nova.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.nova.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.keystone_authtoken.username -}} {{- if empty .Values.conf.nova.keystone_authtoken.username -}}
{{- set .Values.conf.nova.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.nova.keystone_authtoken "username" .Values.endpoints.identity.auth.nova.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.keystone_authtoken.password -}} {{- if empty .Values.conf.nova.keystone_authtoken.password -}}
{{- set .Values.conf.nova.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.nova.keystone_authtoken "password" .Values.endpoints.identity.auth.nova.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.keystone_authtoken.memcached_servers -}} {{- if empty .Values.conf.nova.keystone_authtoken.memcached_servers -}}
@ -55,19 +55,19 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.database.connection -}} {{- if empty .Values.conf.nova.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "nova" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.api_database.connection -}} {{- if empty .Values.conf.nova.api_database.connection -}}
{{- tuple "oslo_db_api" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.api_database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db_api" "internal" "nova" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.api_database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.cell0_database.connection -}} {{- if empty .Values.conf.nova.cell0_database.connection -}}
{{- tuple "oslo_db_cell0" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.cell0_database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db_cell0" "internal" "nova" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.cell0_database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.DEFAULT.transport_url -}} {{- if empty .Values.conf.nova.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "nova" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.nova.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.glance.api_servers -}} {{- if empty .Values.conf.nova.glance.api_servers -}}

4
nova/templates/job-ks-user.yaml
View File

@ -55,11 +55,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "nova" value: "nova"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.nova }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.nova.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
nova/templates/secret-db-api.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db_api }} {{- if .Values.manifests.secret_db_api }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "nova" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db_api $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db_api $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
nova/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "nova" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
nova/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "nova" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

20
nova/values.yaml
View File

@ -1043,17 +1043,17 @@ conf:
secrets: secrets:
identity: identity:
admin: nova-keystone-admin admin: nova-keystone-admin
user: nova-keystone-user nova: nova-keystone-user
placement: nova-keystone-placement placement: nova-keystone-placement
oslo_db: oslo_db:
admin: nova-db-admin admin: nova-db-admin
user: nova-db-user nova: nova-db-user
oslo_db_api: oslo_db_api:
admin: nova-db-api-admin admin: nova-db-api-admin
user: nova-db-api-user nova: nova-db-api-user
oslo_db_cell0: oslo_db_cell0:
admin: nova-db-api-admin admin: nova-db-api-admin
user: nova-db-api-user nova: nova-db-api-user
# typically overriden by environmental # typically overriden by environmental
# values, but should include all endpoints # values, but should include all endpoints
@ -1065,7 +1065,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: nova:
username: nova username: nova
password: password password: password
hosts: hosts:
@ -1082,7 +1082,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: nova:
username: nova username: nova
password: password password: password
hosts: hosts:
@ -1099,7 +1099,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: nova:
username: nova username: nova
password: password password: password
hosts: hosts:
@ -1113,7 +1113,7 @@ endpoints:
default: 3306 default: 3306
oslo_messaging: oslo_messaging:
auth: auth:
user: nova:
username: rabbitmq username: rabbitmq
password: password password: password
hosts: hosts:
@ -1143,7 +1143,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: nova:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: nova username: nova
@ -1151,6 +1151,8 @@ endpoints:
project_name: service project_name: service
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
#NOTE(portdirect): the neutron user is not managed by the nova chart
# these values should match those set in the neutron chart.
neutron: neutron:
region_name: RegionOne region_name: RegionOne
project_name: service project_name: service

14
rally/templates/configmap-etc.yaml
View File

@ -23,22 +23,22 @@ limitations under the License.
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.rally.keystone_authtoken "auth_url" | quote | trunc 0 -}} {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.rally.keystone_authtoken "auth_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.rally.keystone_authtoken.region_name -}} {{- if empty .Values.conf.rally.keystone_authtoken.region_name -}}
{{- set .Values.conf.rally.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.rally.keystone_authtoken "region_name" .Values.endpoints.identity.auth.rally.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.rally.keystone_authtoken.project_name -}} {{- if empty .Values.conf.rally.keystone_authtoken.project_name -}}
{{- set .Values.conf.rally.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.rally.keystone_authtoken "project_name" .Values.endpoints.identity.auth.rally.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.rally.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.rally.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.rally.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.rally.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.rally.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.rally.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.rally.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.rally.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.rally.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.rally.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.rally.keystone_authtoken.username -}} {{- if empty .Values.conf.rally.keystone_authtoken.username -}}
{{- set .Values.conf.rally.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.rally.keystone_authtoken "username" .Values.endpoints.identity.auth.rally.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.rally.keystone_authtoken.password -}} {{- if empty .Values.conf.rally.keystone_authtoken.password -}}
{{- set .Values.conf.rally.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.rally.keystone_authtoken "password" .Values.endpoints.identity.auth.rally.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.rally.keystone_authtoken.memcached_servers -}} {{- if empty .Values.conf.rally.keystone_authtoken.memcached_servers -}}
@ -46,7 +46,7 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.rally.database.connection -}} {{- if empty .Values.conf.rally.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.rally.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "rally" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.rally.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
--- ---

4
rally/templates/job-ks-user.yaml
View File

@ -54,11 +54,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "rally" value: "rally"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.rally }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.rally.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
rally/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "rally" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
rally/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "rally" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

8
rally/values.yaml
View File

@ -178,10 +178,10 @@ dependencies:
secrets: secrets:
identity: identity:
admin: rally-keystone-admin admin: rally-keystone-admin
user: rally-keystone-user rally: rally-keystone-user
oslo_db: oslo_db:
admin: rally-db-admin admin: rally-db-admin
user: rally-db-user rally: rally-db-user
endpoints: endpoints:
cluster_domain_suffix: cluster.local cluster_domain_suffix: cluster.local
@ -195,7 +195,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: rally:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: rally username: rally
@ -237,7 +237,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: rally:
username: rally username: rally
password: password password: password
hosts: hosts:

16
senlin/templates/configmap-etc.yaml
View File

@ -32,22 +32,22 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.senlin.keystone_authtoken.region_name -}} {{- if empty .Values.conf.senlin.keystone_authtoken.region_name -}}
{{- set .Values.conf.senlin.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}} {{- set .Values.conf.senlin.keystone_authtoken "region_name" .Values.endpoints.identity.auth.senlin.region_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.senlin.keystone_authtoken.project_name -}} {{- if empty .Values.conf.senlin.keystone_authtoken.project_name -}}
{{- set .Values.conf.senlin.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}} {{- set .Values.conf.senlin.keystone_authtoken "project_name" .Values.endpoints.identity.auth.senlin.project_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.senlin.keystone_authtoken.project_domain_name -}} {{- if empty .Values.conf.senlin.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.senlin.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}} {{- set .Values.conf.senlin.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.senlin.project_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.senlin.keystone_authtoken.user_domain_name -}} {{- if empty .Values.conf.senlin.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.senlin.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}} {{- set .Values.conf.senlin.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.senlin.user_domain_name | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.senlin.keystone_authtoken.username -}} {{- if empty .Values.conf.senlin.keystone_authtoken.username -}}
{{- set .Values.conf.senlin.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}} {{- set .Values.conf.senlin.keystone_authtoken "username" .Values.endpoints.identity.auth.senlin.username | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.senlin.keystone_authtoken.password -}} {{- if empty .Values.conf.senlin.keystone_authtoken.password -}}
{{- set .Values.conf.senlin.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}} {{- set .Values.conf.senlin.keystone_authtoken "password" .Values.endpoints.identity.auth.senlin.password | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.senlin.keystone_authtoken.memcached_servers -}} {{- if empty .Values.conf.senlin.keystone_authtoken.memcached_servers -}}
@ -55,11 +55,11 @@ limitations under the License.
{{- end -}} {{- end -}}
{{- if empty .Values.conf.senlin.database.connection -}} {{- if empty .Values.conf.senlin.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.senlin.database "connection" | quote | trunc 0 -}} {{- tuple "oslo_db" "internal" "senlin" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.senlin.database "connection" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.senlin.DEFAULT.transport_url -}} {{- if empty .Values.conf.senlin.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.senlin.DEFAULT "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "senlin" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.senlin.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
--- ---

4
senlin/templates/job-ks-user.yaml
View File

@ -55,11 +55,11 @@ spec:
{{- end }} {{- end }}
- name: SERVICE_OS_SERVICE_NAME - name: SERVICE_OS_SERVICE_NAME
value: "senlin" value: "senlin"
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.user }} {{- with $env := dict "ksUserSecret" .Values.secrets.identity.senlin }}
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }} {{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
{{- end }} {{- end }}
- name: SERVICE_OS_ROLE - name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.user.role | quote }} value: {{ .Values.endpoints.identity.auth.senlin.role | quote }}
volumes: volumes:
- name: ks-user-sh - name: ks-user-sh
configMap: configMap:

2
senlin/templates/secret-db.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_db }} {{- if .Values.manifests.secret_db }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "senlin" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }} {{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

2
senlin/templates/secret-keystone.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
{{- if .Values.manifests.secret_keystone }} {{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }} {{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "user" }} {{- range $key1, $userClass := tuple "admin" "senlin" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }} {{- $secretName := index $envAll.Values.secrets.identity $userClass }}
--- ---
apiVersion: v1 apiVersion: v1

10
senlin/values.yaml
View File

@ -194,10 +194,10 @@ dependencies:
secrets: secrets:
identity: identity:
admin: senlin-keystone-admin admin: senlin-keystone-admin
user: senlin-keystone-user senlin: senlin-keystone-user
oslo_db: oslo_db:
admin: senlin-db-admin admin: senlin-db-admin
user: senlin-db-user senlin: senlin-db-user
# typically overriden by environmental # typically overriden by environmental
# values, but should include all endpoints # values, but should include all endpoints
@ -214,7 +214,7 @@ endpoints:
project_name: admin project_name: admin
user_domain_name: default user_domain_name: default
project_domain_name: default project_domain_name: default
user: senlin:
role: admin role: admin
region_name: RegionOne region_name: RegionOne
username: senlin username: senlin
@ -256,7 +256,7 @@ endpoints:
admin: admin:
username: root username: root
password: password password: password
user: senlin:
username: senlin username: senlin
password: password password: password
hosts: hosts:
@ -278,7 +278,7 @@ endpoints:
default: 11211 default: 11211
oslo_messaging: oslo_messaging:
auth: auth:
user: senlin:
username: rabbitmq username: rabbitmq
password: password password: password
hosts: hosts: