X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=site_type%2Fovsdpdk%2Fairship-treasuremap%2Fglobal%2Fv4.0%2Fsoftware%2Fcharts%2Fosh%2Fopenstack-keystone%2Fkeystone.yaml;fp=site_type%2Fovsdpdk%2Fairship-treasuremap%2Fglobal%2Fv4.0%2Fsoftware%2Fcharts%2Fosh%2Fopenstack-keystone%2Fkeystone.yaml;h=368da513b3899592b425337dda6ba169c899594c;hb=fe885c06b13b6807209a76d0226a40d84ec61df3;hp=0000000000000000000000000000000000000000;hpb=f75a047e5d98eea7d43cfbe6ade55ce2e2e0f3a9;p=yaml_builds.git diff --git a/site_type/ovsdpdk/airship-treasuremap/global/v4.0/software/charts/osh/openstack-keystone/keystone.yaml b/site_type/ovsdpdk/airship-treasuremap/global/v4.0/software/charts/osh/openstack-keystone/keystone.yaml new file mode 100644 index 0000000..368da51 --- /dev/null +++ b/site_type/ovsdpdk/airship-treasuremap/global/v4.0/software/charts/osh/openstack-keystone/keystone.yaml @@ -0,0 +1,259 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: keystone + labels: + name: keystone-global + component: keystone + layeringDefinition: + abstract: false + layer: global + storagePolicy: cleartext + substitutions: + # Chart source + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .charts.osh.keystone + dest: + path: .source + + # Images + - src: + schema: pegleg/SoftwareVersions/v1 + name: software-versions + path: .images.osh.keystone + dest: + path: .values.images.tags + + # Endpoints + - src: + schema: pegleg/EndpointCatalogue/v1 + name: osh_endpoints + path: .osh.identity + dest: + path: .values.endpoints.identity + - src: + schema: pegleg/EndpointCatalogue/v1 + name: osh_endpoints + path: .osh.oslo_db + dest: + path: .values.endpoints.oslo_db + - src: + schema: pegleg/EndpointCatalogue/v1 + name: osh_endpoints + path: .osh.keystone_oslo_messaging + dest: + path: .values.endpoints.oslo_messaging + - src: + schema: pegleg/EndpointCatalogue/v1 + name: osh_endpoints + path: .osh.oslo_cache + dest: + path: .values.endpoints.oslo_cache + - src: + schema: pegleg/EndpointCatalogue/v1 + name: osh_infra_endpoints + path: .osh_infra.fluentd + dest: + path: .values.endpoints.fluentd + + # Service Accounts + - src: + schema: pegleg/AccountCatalogue/v1 + name: osh_service_accounts + path: .osh.keystone.admin + dest: + path: .values.endpoints.identity.auth.admin + - src: + schema: pegleg/AccountCatalogue/v1 + name: osh_service_accounts + path: .osh.keystone.oslo_messaging.admin + dest: + path: .values.endpoints.oslo_messaging.auth.admin + - src: + schema: pegleg/AccountCatalogue/v1 + name: osh_service_accounts + path: .osh.keystone.oslo_messaging.keystone + dest: + path: .values.endpoints.oslo_messaging.auth.keystone + - src: + schema: pegleg/AccountCatalogue/v1 + name: osh_service_accounts + path: .osh.keystone.oslo_db + dest: + path: .values.endpoints.oslo_db.auth.keystone + - src: + schema: pegleg/AccountCatalogue/v1 + name: osh_service_accounts + path: .osh.keystone.oslo_db.database + dest: + path: .values.endpoints.oslo_db.path + pattern: DB_NAME + + # Secrets + - dest: + path: .values.endpoints.identity.auth.admin.password + src: + schema: deckhand/Passphrase/v1 + name: osh_keystone_admin_password + path: . + - dest: + path: .values.endpoints.oslo_messaging.auth.admin.password + src: + schema: deckhand/Passphrase/v1 + name: osh_keystone_oslo_messaging_admin_password + path: . + - dest: + path: .values.endpoints.oslo_messaging.auth.keystone.password + src: + schema: deckhand/Passphrase/v1 + name: osh_keystone_oslo_messaging_password + path: . + - dest: + path: .values.endpoints.oslo_db.auth.keystone.password + src: + schema: deckhand/Passphrase/v1 + name: osh_keystone_oslo_db_password + path: . + - dest: + path: .values.endpoints.oslo_db.auth.admin.password + src: + schema: deckhand/Passphrase/v1 + name: osh_oslo_db_admin_password + path: . + - dest: + path: .values.endpoints.oslo_cache.auth.memcache_secret_key + src: + schema: deckhand/Passphrase/v1 + name: osh_oslo_cache_secret_key + path: . + +data: + chart_name: keystone + release: keystone + namespace: openstack + wait: + timeout: 900 + labels: + release_group: airship-keystone + install: + no_hooks: false + upgrade: + no_hooks: false + pre: + delete: + - type: job + labels: + release_group: airship-keystone + post: + create: [] + values: + bootstrap: + script: | + openstack role create --or-show _member_ + openstack role add \ + --user="${OS_USERNAME}" \ + --user-domain="${OS_USER_DOMAIN_NAME}" \ + --project-domain="${OS_PROJECT_DOMAIN_NAME}" \ + --project="${OS_PROJECT_NAME}" \ + "_member_" + + #NOTE(portdirect): required for all users who operate heat stacks + openstack role create --or-show heat_stack_owner + openstack role add \ + --user="${OS_USERNAME}" \ + --user-domain="${OS_USER_DOMAIN_NAME}" \ + --project-domain="${OS_PROJECT_DOMAIN_NAME}" \ + --project="${OS_PROJECT_NAME}" \ + "heat_stack_owner" + conf: + logging: + loggers: + keys: + - root + - keystone + handlers: + keys: + - stdout + - stderr + - "null" + - fluent + formatters: + keys: + - context + - default + - fluent + logger_root: + level: WARNING + handlers: null + logger_keystone: + level: INFO + handlers: + - stdout + - stderr + - fluent + qualname: keystone + logger_amqp: + level: WARNING + handlers: stderr + qualname: amqp + logger_amqplib: + level: WARNING + handlers: stderr + qualname: amqplib + logger_eventletwsgi: + level: WARNING + handlers: stderr + qualname: eventlet.wsgi.server + logger_sqlalchemy: + level: WARNING + handlers: stderr + qualname: sqlalchemy + logger_boto: + level: WARNING + handlers: stderr + qualname: boto + handler_null: + class: logging.NullHandler + formatter: default + args: () + handler_stdout: + class: StreamHandler + args: (sys.stdout,) + formatter: context + handler_stderr: + class: StreamHandler + args: (sys.stderr,) + formatter: context + handler_fluent: + class: fluent.handler.FluentHandler + args: ('openstack.keystone', 'fluentd-logging.osh-infra', 24224) + formatter: fluent + formatter_fluent: + class: oslo_log.formatters.FluentFormatter + formatter_context: + class: oslo_log.formatters.ContextFormatter + formatter_default: + format: "%(message)s" + keystone: + identity: + driver: sql + default_domain_id: default + domain_specific_drivers_enabled: True + domain_configurations_from_database: True + domain_config_dir: /etc/keystonedomains + pod: + replicas: + api: 2 + labels: + api: + node_selector_key: openstack-control-plane + node_selector_value: enabled + job: + node_selector_key: openstack-control-plane + node_selector_value: enabled + dependencies: + - osh-helm-toolkit +...