1 # Example using v3 domains. The admin user is created in the domain
2 # named 'admin_domain', and assigned the role 'admin' in the 'admin'
3 # project in the domain 'admin_domain'. The keystone service account is
4 # created in default domain, and assigned the
5 # role 'admin' in the project 'services' in the default domain.
6 # NOTE: Until all of the other services support using Keystone v3
7 # with keystone_authtoken middleware that supports v3, they cannot
8 # specify a domain for authentication, and so have to be in the
11 # To be sure everything is working, run:
12 # $ export OS_IDENTITY_API_VERSION=3
13 # $ export OS_USERNAME=admin
14 # $ export OS_USER_DOMAIN_NAME=admin_domain
15 # $ export OS_PASSWORD=ChangeMe
16 # $ export OS_PROJECT_NAME=admin
17 # $ export OS_PROJECT_DOMAIN_NAME=admin_domain
18 # $ export OS_AUTH_URL=http://keystone.local:35357/v3
19 # $ openstack user list
22 Exec { logoutput => 'on_failure' }
25 class { '::mysql::server': }
26 class { '::keystone::db::mysql':
27 password => 'keystone',
32 database_connection => 'mysql://keystone:keystone@127.0.0.1/keystone',
33 admin_token => 'admin_token',
36 class { '::keystone::roles::admin':
37 email => 'test@example.tld',
38 password => 'a_big_secret',
39 admin => 'admin', # username
40 admin_tenant => 'admin', # project name
41 admin_user_domain => 'admin', # domain for user
42 admin_tenant_domain => 'admin', # domain for project
44 class { '::keystone::endpoint':
45 public_url => 'http://127.0.0.1:5000/',
46 admin_url => 'http://127.0.0.1:35357/',