modules/roles/manifests/keystone.pp

   1 class roles::keystone {
   2
   3         Exec { logoutput => 'on_failure' }
   4
   5         include roles::openstack::params
   6
   7         $keystone_dbpass = $roles::openstack::params::keystone_dbpass
   8         $admin_token     = $roles::openstack::params::admin_token
   9         $admin_pass      = $roles::openstack::params::admin_pass
  10         $rabbit_pass     = $roles::openstack::params::rabbit_pass
  11
  12         class { '::keystone':
  13                 verbose             => true,
  14                 debug               => true,
  15                 database_connection => "postgresql://keystone:${keystone_dbpass}@bmdb1.debian.org:5435/keystone",
  16                 catalog_type        => 'sql',
  17                 admin_token         => $admin_token,
  18                 enabled             => false,
  19                 rabbit_host         => undef,
  20                 rabbit_hosts        => ['rapoport.debian.org','rainier.debian.org'],
  21                 rabbit_password     => $rabbit_pass,
  22                 rabbit_userid       => 'openstack',
  23                 rabbit_virtual_host => '/keystone',
  24                 memcache_servers    => ['localhost:11211'],
  25                 cache_backend       => 'keystone.cache.memcache_pool',
  26                 admin_endpoint      => 'https://openstack.bm.debian.org:35357/',
  27                 validate_cacert     => '/etc/ssl/ca-debian/spi-cacert-2008.pem',
  28                 validate_service    => true,
  29                 enable_ssl          => true,
  30                 validate_auth_url   => 'https://openstack.bm.debian.org:35357/',
  31                 signing_cert_subject => '/C=US/ST=Unset/L=Unset/O=Unset/CN=openstack.bm.debian.org',
  32         }
  33         #class { '::keystone::roles::admin':
  34         #       email    => 'test@puppetlabs.com',
  35         #       password => $admin_pass,
  36         #}
  37         class { '::keystone::endpoint':
  38                 public_url => 'https://openstack.bm.debian.org:5000/',
  39                 admin_url  => 'https://openstack.bm.debian.org:35357/',
  40         }
  41
  42         include ::apache
  43         class { '::keystone::wsgi::apache':
  44                 ssl      => true,
  45                 ssl_cert => '/etc/ssl/certs/openstack.bm.debian.org-chained.pem',
  46                 ssl_key  => '/etc/ssl/private/openstack.bm.debian.org.key',
  47
  48         }
  49 }
  50