1 class roles::keystone {
3 Exec { logoutput => 'on_failure' }
5 include roles::openstack::params
7 $keystone_dbpass = $roles::openstack::params::keystone_dbpass
8 $admin_token = $roles::openstack::params::admin_token
9 $admin_pass = $roles::openstack::params::admin_pass
10 $rabbit_pass = $roles::openstack::params::rabbit_pass
15 sql_connection => "postgresql://keystone:${keystone_dbpass}@bmdb1.debian.org:5435/keystone",
16 catalog_type => 'sql',
17 admin_token => $admin_token,
20 rabbit_hosts => ['rapoport.debian.org','rainier.debian.org'],
21 rabbit_password => $rabbit_pass,
22 rabbit_userid => 'openstack',
23 rabbit_virtual_host => '/keystone',
24 memcache_servers => ['localhost:11211'],
25 cache_backend => 'keystone.cache.memcache_pool',
26 admin_endpoint => 'https://openstack.bm.debian.org:35357/',
27 validate_cacert => '/etc/ssl/debian/certs/ca.crt',
28 validate_service => true,
30 class { '::keystone::roles::admin':
31 email => 'test@puppetlabs.com',
32 password => $admin_pass,
34 class { '::keystone::endpoint':
35 public_url => 'https://openstack.bm.debian.org:5000/',
36 admin_url => 'https://openstack.bm.debian.org:35357/',
40 class { '::keystone::wsgi::apache':
42 ssl_cert => '/etc/ssl/debian/certs/openstack.bm.debian.org.crt-chained',
43 ssl_key => '/etc/ssl/private/openstack.bm.debian.org.key',