1 class roles::keystone {
3 Exec { logoutput => 'on_failure' }
5 include roles::openstack::params
7 $keystone_dbpass = $roles::openstack::params::keystone_dbpass
8 $admin_token = $roles::openstack::params::admin_token
9 $admin_pass = $roles::openstack::params::admin_pass
10 $rabbit_pass = $roles::openstack::params::rabbit_pass
15 database_connection => "postgresql://keystone:${keystone_dbpass}@bmdb1.debian.org:5435/keystone",
16 catalog_type => 'sql',
17 admin_token => $admin_token,
20 rabbit_hosts => ['rapoport.debian.org','rainier.debian.org'],
21 rabbit_password => $rabbit_pass,
22 rabbit_userid => 'openstack',
23 rabbit_virtual_host => '/keystone',
24 memcache_servers => ['localhost:11211'],
25 cache_backend => 'keystone.cache.memcache_pool',
26 admin_endpoint => 'https://openstack.bm.debian.org:35357/',
27 validate_cacert => '/etc/ssl/ca-debian/spi-cacert-2008.pem',
28 validate_service => true,
30 validate_auth_url => 'https://openstack.bm.debian.org:35357/',
31 signing_cert_subject => '/C=US/ST=Unset/L=Unset/O=Unset/CN=openstack.bm.debian.org',
33 #class { '::keystone::roles::admin':
34 # email => 'test@puppetlabs.com',
35 # password => $admin_pass,
37 class { '::keystone::endpoint':
38 public_url => 'https://openstack.bm.debian.org:5000/',
39 admin_url => 'https://openstack.bm.debian.org:35357/',
43 class { '::keystone::wsgi::apache':
45 ssl_cert => '/etc/ssl/certs/openstack.bm.debian.org-chained.pem',
46 ssl_key => '/etc/ssl/private/openstack.bm.debian.org.key',