/
heat.conf.j2
127 lines (97 loc) · 5.39 KB
/
heat.conf.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# {{ ansible_managed }}
[DEFAULT]
# Disable stderr logging
use_stderr = False
debug = {{ debug }}
fatal_deprecations = {{ heat_fatal_deprecations }}
use_journal = True
stack_domain_admin_password = {{ heat_stack_domain_admin_password }}
stack_domain_admin = {{ heat_stack_domain_admin }}
stack_user_domain_name = {{ heat_stack_user_domain_name }}
max_nested_stack_depth = {{ heat_max_nested_stack_depth }}
heat_waitcondition_server_url = {{ heat_waitcondition_server_url }}
heat_metadata_server_url = {{ heat_metadata_server_url }}
server_keystone_endpoint_type = public
trusts_delegated_roles = {{ heat_trusts_delegated_roles | join(',') }}
auth_encryption_key = {{ heat_auth_encryption_key }}
num_engine_workers = {{ heat_engine_workers | default(heat_api_threads) }}
## RPC Backend
transport_url = {{ heat_oslomsg_rpc_transport }}://{% for host in heat_oslomsg_rpc_servers.split(',') %}{{ heat_oslomsg_rpc_userid }}:{{ heat_oslomsg_rpc_password }}@{{ host }}:{{ heat_oslomsg_rpc_port }}{% if not loop.last %},{% else %}/{{ _heat_oslomsg_rpc_vhost_conf }}{% if heat_oslomsg_rpc_use_ssl | bool %}?ssl=1&ssl_version={{ heat_oslomsg_rpc_ssl_version }}&ssl_ca_file={{ heat_oslomsg_rpc_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
## Plugin dirs
plugin_dirs = {{ heat_plugin_dirs | join(',') }}
# Default region name used to get services endpoints.
region_name_for_services = {{ heat_service_region }}
default_software_config_transport = POLL_SERVER_HEAT
default_deployment_signal_transport = HEAT_SIGNAL
[clients]
endpoint_type = {{ heat_clients_endpoint }}
[clients_heat]
endpoint_type = {{ heat_clients_heat_endpoint }}
[clients_keystone]
insecure = {{ keystone_service_internaluri_insecure | bool }}
endpoint_type = {{ heat_clients_endpoint }}
auth_uri = {{ keystone_service_internaluri }}
[database]
connection = mysql+pymysql://{{ heat_galera_user }}:{{ heat_container_mysql_password }}@{{ heat_galera_address }}:{{ heat_galera_port }}/{{ heat_galera_database }}?charset=utf8{% if heat_galera_use_ssl | bool %}&ssl_verify_cert=true{% if heat_galera_ssl_ca_cert | length > 0 %}&ssl_ca={{ heat_galera_ssl_ca_cert }}{% endif %}{% endif +%}
max_overflow = {{ heat_db_max_overflow }}
max_pool_size = {{ heat_db_max_pool_size }}
pool_timeout = {{ heat_db_pool_timeout }}
connection_recycle_time = {{ heat_db_connection_recycle_time }}
[ec2authtoken]
auth_uri = {{ keystone_service_internaluri }}
[heat_api]
bind_port = {{ heat_service_port }}
workers = {{ heat_api_workers | default(heat_api_threads) }}
[heat_api_cfn]
bind_port = {{ heat_cfn_service_port }}
[oslo_messaging_rabbit]
ssl = {{ heat_oslomsg_rpc_use_ssl }}
rabbit_quorum_queue = {{ heat_oslomsg_rabbit_quorum_queues }}
rabbit_transient_quorum_queue = {{ heat_oslomsg_rabbit_transient_quorum_queues }}
rabbit_qos_prefetch_count = {{ heat_oslomsg_rabbit_qos_prefetch_count }}
use_queue_manager = {{ heat_oslomsg_rabbit_queue_manager }}
rabbit_stream_fanout = {{ heat_oslomsg_rabbit_stream_fanout }}
rabbit_quorum_delivery_limit = {{ heat_oslomsg_rabbit_quorum_delivery_limit }}
rabbit_quorum_max_memory_bytes = {{ heat_oslomsg_rabbit_quorum_max_memory_bytes }}
{% if heat_service_publicuri_proto != heat_service_internaluri_proto %}
[oslo_middleware]
enable_proxy_headers_parsing = True
{% endif %}
# Ceilometer options
[oslo_messaging_notifications]
driver = {{ (heat_oslomsg_notify_configure | bool) | ternary('messagingv2', 'noop') }}
transport_url = {{ heat_oslomsg_notify_transport }}://{% for host in heat_oslomsg_notify_servers.split(',') %}{{ heat_oslomsg_notify_userid }}:{{ heat_oslomsg_notify_password }}@{{ host }}:{{ heat_oslomsg_notify_port }}{% if not loop.last %},{% else %}/{{ _heat_oslomsg_notify_vhost_conf }}{% if heat_oslomsg_notify_use_ssl | bool %}?ssl=1&ssl_version={{ heat_oslomsg_notify_ssl_version }}&ssl_ca_file={{ heat_oslomsg_notify_ssl_ca_file }}{% else %}?ssl=0{% endif %}{% endif %}{% endfor %}
[profiler]
enabled = {{ heat_profiler_enabled }}
trace_sqlalchemy = {{ heat_profiler_trace_sqlalchemy }}
[keystone_authtoken]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ heat_keystone_auth_plugin }}
auth_url = {{ keystone_service_adminurl }}
www_authenticate_uri = {{ keystone_service_internaluri }}
project_domain_id = {{ heat_service_project_domain_id }}
user_domain_id = {{ heat_service_user_domain_id }}
project_name = {{ heat_service_project_name }}
username = {{ heat_service_user_name }}
password = {{ heat_service_password }}
region_name = {{ keystone_service_region }}
service_token_roles_required = {{ heat_service_token_roles_required | bool }}
service_token_roles = {{ heat_service_token_roles | join(',') }}
service_type = {{ heat_service_type }}
memcached_servers = {{ heat_memcached_servers }}
token_cache_time = 300
# if your memcached server is shared, use these settings to avoid cache poisoning
memcache_security_strategy = ENCRYPT
memcache_secret_key = {{ memcached_encryption_key }}
[trustee]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_type = {{ heat_keystone_trustee_auth_plugin }}
auth_url = {{ keystone_service_adminurl }}
user_domain_id = {{ heat_service_trustee_user_domain_id }}
username = {{ heat_service_trustee_user_name }}
password = {{ heat_service_trustee_password }}
[volumes]
# Indicate if cinder-backup service is enabled. This is a temporary workaround
# until cinder-backup service becomes discoverable, see LP#1334856. (boolean
# value)
backups_enabled = {{ heat_cinder_backups_enabled }}