0ffa770b83
ResellerAdmin role should be created always when Swift is enabled and not only for Ceilometer. The role is needed for normal users to get administration rights for their Swift projects and is required to pass DefCore (OpenStack Powered) certification. Change-Id: I4faa63b8fae1814e382de2794301248cc0f4a90a Closes-Bug: #1700729
81 lines
2.5 KiB
Django/Jinja
81 lines
2.5 KiB
Django/Jinja
[DEFAULT]
|
|
bind_ip = {{ api_interface_address }}
|
|
bind_port = {{ swift_proxy_server_port }}
|
|
|
|
log_udp_host = {{ api_interface_address }}
|
|
log_udp_port = {{ fluentd_syslog_port }}
|
|
log_name = {{ service_name }}
|
|
log_facility = LOG_LOCAL0
|
|
log_level = INFO
|
|
workers = {{ openstack_service_workers }}
|
|
|
|
[pipeline:main]
|
|
pipeline = catch_errors gatekeeper healthcheck cache container_sync bulk ratelimit authtoken keystoneauth slo dlo {% if enable_ceilometer | bool %}ceilometer {% endif %}proxy-server
|
|
|
|
[app:proxy-server]
|
|
use = egg:swift#proxy
|
|
allow_account_management = true
|
|
account_autocreate = true
|
|
|
|
[filter:cache]
|
|
use = egg:swift#memcache
|
|
memcache_servers = {% for host in groups['swift-proxy-server'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
|
|
[filter:catch_errors]
|
|
use = egg:swift#catch_errors
|
|
|
|
[filter:healthcheck]
|
|
use = egg:swift#healthcheck
|
|
|
|
[filter:proxy-logging]
|
|
use = egg:swift#proxy_logging
|
|
|
|
[filter:authtoken]
|
|
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
|
auth_uri = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_public_port }}
|
|
auth_url = {{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ keystone_admin_port }}
|
|
auth_type = password
|
|
project_domain_id = default
|
|
user_domain_id = default
|
|
project_name = service
|
|
username = {{ swift_keystone_user }}
|
|
password = {{ swift_keystone_password }}
|
|
|
|
memcache_security_strategy = ENCRYPT
|
|
memcache_secret_key = {{ memcache_secret_key }}
|
|
memcached_servers = {% for host in groups['memcached'] %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
|
|
|
|
[filter:keystoneauth]
|
|
use = egg:swift#keystoneauth
|
|
operator_roles = admin,{{ keystone_default_user_role }},ResellerAdmin
|
|
|
|
{% if enable_ceilometer | bool %}
|
|
[filter:ceilometer]
|
|
paste.filter_factory = ceilometermiddleware.swift:filter_factory
|
|
control_exchange = swift
|
|
url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %}
|
|
|
|
driver = messagingv2
|
|
topic = notifications
|
|
log_level = WARN
|
|
{% endif %}
|
|
|
|
[filter:container_sync]
|
|
use = egg:swift#container_sync
|
|
|
|
[filter:bulk]
|
|
use = egg:swift#bulk
|
|
|
|
[filter:ratelimit]
|
|
use = egg:swift#ratelimit
|
|
|
|
[filter:gatekeeper]
|
|
use = egg:swift#gatekeeper
|
|
|
|
[filter:slo]
|
|
use = egg:swift#slo
|
|
|
|
[filter:dlo]
|
|
use = egg:swift#dlo
|