Updated repository for minimum viable kilo install
* Updated Keystone wsgi and paste files from upstream. * Updated all clients in the openstack_client.yml file. * Kilo services are tracking the head of master. * Removed pinned middleware because they're pinned else where. * Added additional service references for neutron vpnaas, fwaas, and lbaas which have now been moved into their own repos and no longer exist within the core neutron repository. * The neutron vpnaas, fwaas, and lbaas have been removed from the basic plugins being loaded and a comment has been added to describe how one might add them back in. * Updated rootwrap filters for neutron dhcp and l3. * Updated heat policy.json * Added the `python-libguestfs` to the nova-compute installation packages. * Updates all services to point to the latest kilo tag Services updated due to deprecated configs: * Keystone * Glance * Nova * Neutron (is still using the deprecated nova auth plugin) * Heat * Tempest Items for future work post initial release: * roles/os_neutron/files/post-up-checksum-rules:25: TODO(cloudnull) remove this script once the bug is fixed. * roles/rabbitmq_server/tasks/rabbitmq_cluster_join.yml:17: TODO(someone): implement a more robust way of checking Implements: blueprint minimal-kilo Closes-Bug: 1428421 Closes-Bug: 1428431 Closes-Bug: 1428437 Closes-Bug: 1428445 Closes-Bug: 1428451 Closes-Bug: 1428469 Closes-Bug: 1428639 Change-Id: I28a305d9e40a9cf70148ef7d7b00d467a65ca076
This commit is contained in:
Kevin Carter
parent
8da17909bf
commit
8b1417e988
@ -44,6 +44,9 @@ nova_service_tenant_name: "service"
|
||||
nova_service_user_name: "nova"
|
||||
nova_service_role_name: "admin"
|
||||
|
||||
## Nova enabled apis
|
||||
nova_enabled_apis: "osapi_compute,metadata"
|
||||
|
||||
## Nova s3
|
||||
nova_s3_service_name: s3
|
||||
nova_s3_service_type: s3
|
||||
@ -57,6 +60,7 @@ nova_s3_service_adminurl: "{{ nova_s3_service_adminuri }}"
|
||||
nova_s3_service_internaluri: "{{ nova_s3_service_proto }}://{{ internal_lb_vip_address }}:{{ nova_s3_service_port }}"
|
||||
nova_s3_service_internalurl: "{{ nova_s3_service_internaluri }}"
|
||||
nova_s3_program_name: nova-api-ec2
|
||||
nova_s3_deprecated_but_enabled: false
|
||||
|
||||
## Nova v3
|
||||
nova_v3_service_name: novav3
|
||||
@ -86,6 +90,8 @@ nova_service_internalurl: "{{ nova_service_internaluri }}/v2/%(tenant_id)s"
|
||||
nova_program_name: nova-api-os-compute
|
||||
|
||||
## Nova ec2
|
||||
# WARNNING: The EC2 api in the nova tree has been deprecated. To consume this API you'll need to
|
||||
# uncomment the EC2 section found within the nova `api-paste.ini` file.
|
||||
nova_ec2_service_name: ec2
|
||||
nova_ec2_service_type: ec2
|
||||
nova_ec2_service_proto: http
|
||||
@ -98,6 +104,7 @@ nova_ec2_service_adminurl: "{{ nova_ec2_service_adminuri }}/services/Admin"
|
||||
nova_ec2_service_internaluri: "{{ nova_ec2_service_proto }}://{{ internal_lb_vip_address }}:{{ nova_ec2_service_port }}"
|
||||
nova_ec2_service_internalurl: "{{ nova_ec2_service_internaluri }}/services/Cloud"
|
||||
nova_ec2_program_name: nova-api-ec2
|
||||
nova_ec2_deprecated_but_enabled: false
|
||||
|
||||
## Nova spice
|
||||
nova_spice_html5proxy_base_proto: http
|
||||
@ -207,6 +214,7 @@ nova_compute_kvm_apt_packages:
|
||||
- kpartx
|
||||
- libvirt-bin
|
||||
- open-iscsi
|
||||
- python-libguestfs
|
||||
- python-libvirt
|
||||
- qemu
|
||||
- qemu-utils
|
||||
|
||||
@ -6,7 +6,8 @@ use = egg:Paste#urlmap
|
||||
/: meta
|
||||
|
||||
[pipeline:meta]
|
||||
pipeline = ec2faultwrap logrequest metaapp
|
||||
pipeline = metaapp
|
||||
# pipeline = ec2faultwrap logrequest metaapp
|
||||
|
||||
[app:metaapp]
|
||||
paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory
|
||||
@ -15,42 +16,44 @@ paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory
|
||||
# EC2 #
|
||||
#######
|
||||
|
||||
[composite:ec2]
|
||||
use = egg:Paste#urlmap
|
||||
/services/Cloud: ec2cloud
|
||||
# [composite:ec2]
|
||||
# use = egg:Paste#urlmap
|
||||
# /: ec2cloud
|
||||
|
||||
[composite:ec2cloud]
|
||||
use = call:nova.api.auth:pipeline_factory
|
||||
noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor
|
||||
keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor
|
||||
# [composite:ec2cloud]
|
||||
# use = call:nova.api.auth:pipeline_factory
|
||||
# noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor
|
||||
# noauth2 = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor
|
||||
# keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor
|
||||
|
||||
[filter:ec2faultwrap]
|
||||
paste.filter_factory = nova.api.ec2:FaultWrapper.factory
|
||||
# [filter:ec2faultwrap]
|
||||
# paste.filter_factory = nova.api.ec2:FaultWrapper.factory
|
||||
|
||||
[filter:logrequest]
|
||||
paste.filter_factory = nova.api.ec2:RequestLogging.factory
|
||||
# [filter:logrequest]
|
||||
# paste.filter_factory = nova.api.ec2:RequestLogging.factory
|
||||
|
||||
[filter:ec2lockout]
|
||||
paste.filter_factory = nova.api.ec2:Lockout.factory
|
||||
# [filter:ec2lockout]
|
||||
# paste.filter_factory = nova.api.ec2:Lockout.factory
|
||||
|
||||
[filter:ec2keystoneauth]
|
||||
paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory
|
||||
# [filter:ec2keystoneauth]
|
||||
# paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory
|
||||
|
||||
[filter:ec2noauth]
|
||||
paste.filter_factory = nova.api.ec2:NoAuth.factory
|
||||
# [filter:ec2noauth]
|
||||
# paste.filter_factory = nova.api.ec2:NoAuth.factory
|
||||
|
||||
[filter:cloudrequest]
|
||||
controller = nova.api.ec2.cloud.CloudController
|
||||
paste.filter_factory = nova.api.ec2:Requestify.factory
|
||||
# [filter:cloudrequest]
|
||||
# controller = nova.api.ec2.cloud.CloudController
|
||||
# paste.filter_factory = nova.api.ec2:Requestify.factory
|
||||
|
||||
[filter:authorizer]
|
||||
paste.filter_factory = nova.api.ec2:Authorizer.factory
|
||||
# [filter:authorizer]
|
||||
# paste.filter_factory = nova.api.ec2:Authorizer.factory
|
||||
|
||||
[filter:validator]
|
||||
paste.filter_factory = nova.api.ec2:Validator.factory
|
||||
# [filter:validator]
|
||||
# paste.filter_factory = nova.api.ec2:Validator.factory
|
||||
|
||||
# [app:ec2executor]
|
||||
# paste.app_factory = nova.api.ec2:Executor.factory
|
||||
|
||||
[app:ec2executor]
|
||||
paste.app_factory = nova.api.ec2:Executor.factory
|
||||
|
||||
#############
|
||||
# OpenStack #
|
||||
@ -61,21 +64,30 @@ use = call:nova.api.openstack.urlmap:urlmap_factory
|
||||
/: oscomputeversions
|
||||
/v1.1: openstack_compute_api_v2
|
||||
/v2: openstack_compute_api_v2
|
||||
/v2.1: openstack_compute_api_v21
|
||||
/v3: openstack_compute_api_v3
|
||||
|
||||
[composite:openstack_compute_api_v2]
|
||||
use = call:nova.api.auth:pipeline_factory
|
||||
noauth = compute_req_id faultwrap sizelimit noauth ratelimit osapi_compute_app_v2
|
||||
noauth2 = compute_req_id faultwrap sizelimit noauth2 ratelimit osapi_compute_app_v2
|
||||
keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2
|
||||
keystone_nolimit = compute_req_id faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2
|
||||
|
||||
[composite:openstack_compute_api_v21]
|
||||
use = call:nova.api.auth:pipeline_factory_v21
|
||||
noauth = compute_req_id faultwrap sizelimit noauth osapi_compute_app_v21
|
||||
noauth2 = compute_req_id faultwrap sizelimit noauth2 osapi_compute_app_v21
|
||||
keystone = compute_req_id faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v21
|
||||
|
||||
[composite:openstack_compute_api_v3]
|
||||
use = call:nova.api.auth:pipeline_factory_v3
|
||||
use = call:nova.api.auth:pipeline_factory_v21
|
||||
noauth = request_id faultwrap sizelimit noauth_v3 osapi_compute_app_v3
|
||||
noauth2 = request_id faultwrap sizelimit noauth_v3 osapi_compute_app_v3
|
||||
keystone = request_id faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v3
|
||||
|
||||
[filter:request_id]
|
||||
paste.filter_factory = nova.openstack.common.middleware.request_id:RequestIdMiddleware.factory
|
||||
paste.filter_factory = oslo.middleware:RequestId.factory
|
||||
|
||||
[filter:compute_req_id]
|
||||
paste.filter_factory = nova.api.compute_req_id:ComputeReqIdMiddleware.factory
|
||||
@ -84,6 +96,9 @@ paste.filter_factory = nova.api.compute_req_id:ComputeReqIdMiddleware.factory
|
||||
paste.filter_factory = nova.api.openstack:FaultWrapper.factory
|
||||
|
||||
[filter:noauth]
|
||||
paste.filter_factory = nova.api.openstack.auth:NoAuthMiddlewareOld.factory
|
||||
|
||||
[filter:noauth2]
|
||||
paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory
|
||||
|
||||
[filter:noauth_v3]
|
||||
@ -93,11 +108,14 @@ paste.filter_factory = nova.api.openstack.auth:NoAuthMiddlewareV3.factory
|
||||
paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory
|
||||
|
||||
[filter:sizelimit]
|
||||
paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory
|
||||
paste.filter_factory = oslo.middleware:RequestBodySizeLimiter.factory
|
||||
|
||||
[app:osapi_compute_app_v2]
|
||||
paste.app_factory = nova.api.openstack.compute:APIRouter.factory
|
||||
|
||||
[app:osapi_compute_app_v21]
|
||||
paste.app_factory = nova.api.openstack.compute:APIRouterV21.factory
|
||||
|
||||
[app:osapi_compute_app_v3]
|
||||
paste.app_factory = nova.api.openstack.compute:APIRouterV3.factory
|
||||
|
||||
@ -115,4 +133,4 @@ paste.app_factory = nova.api.openstack.compute.versions:Versions.factory
|
||||
paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory
|
||||
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||
@ -18,15 +18,16 @@
|
||||
"compute:shelve": "",
|
||||
"compute:shelve_offload": "",
|
||||
"compute:unshelve": "",
|
||||
"compute:resize": "",
|
||||
"compute:confirm_resize": "",
|
||||
"compute:revert_resize": "",
|
||||
"compute:rebuild": "",
|
||||
"compute:reboot": "",
|
||||
|
||||
"compute:volume_snapshot_create": "",
|
||||
"compute:volume_snapshot_delete": "",
|
||||
|
||||
"admin_api": "is_admin:True",
|
||||
"compute:v3:servers:start": "rule:admin_or_owner",
|
||||
"compute:v3:servers:stop": "rule:admin_or_owner",
|
||||
"compute_extension:v3:os-access-ips:discoverable": "",
|
||||
"compute_extension:v3:os-access-ips": "",
|
||||
"compute_extension:accounts": "rule:admin_api",
|
||||
"compute_extension:admin_actions": "rule:admin_api",
|
||||
"compute_extension:admin_actions:pause": "rule:admin_or_owner",
|
||||
@ -41,87 +42,37 @@
|
||||
"compute_extension:admin_actions:migrateLive": "rule:admin_api",
|
||||
"compute_extension:admin_actions:resetState": "rule:admin_api",
|
||||
"compute_extension:admin_actions:migrate": "rule:admin_api",
|
||||
"compute_extension:v3:os-admin-actions": "rule:admin_api",
|
||||
"compute_extension:v3:os-admin-actions:discoverable": "",
|
||||
"compute_extension:v3:os-admin-actions:reset_network": "rule:admin_api",
|
||||
"compute_extension:v3:os-admin-actions:inject_network_info": "rule:admin_api",
|
||||
"compute_extension:v3:os-admin-actions:reset_state": "rule:admin_api",
|
||||
"compute_extension:v3:os-admin-password": "",
|
||||
"compute_extension:v3:os-admin-password:discoverable": "",
|
||||
"compute_extension:aggregates": "rule:admin_api",
|
||||
"compute_extension:v3:os-aggregates:discoverable": "",
|
||||
"compute_extension:v3:os-aggregates:index": "rule:admin_api",
|
||||
"compute_extension:v3:os-aggregates:create": "rule:admin_api",
|
||||
"compute_extension:v3:os-aggregates:show": "rule:admin_api",
|
||||
"compute_extension:v3:os-aggregates:update": "rule:admin_api",
|
||||
"compute_extension:v3:os-aggregates:delete": "rule:admin_api",
|
||||
"compute_extension:v3:os-aggregates:add_host": "rule:admin_api",
|
||||
"compute_extension:v3:os-aggregates:remove_host": "rule:admin_api",
|
||||
"compute_extension:v3:os-aggregates:set_metadata": "rule:admin_api",
|
||||
"compute_extension:agents": "rule:admin_api",
|
||||
"compute_extension:v3:os-agents": "rule:admin_api",
|
||||
"compute_extension:v3:os-agents:discoverable": "",
|
||||
"compute_extension:attach_interfaces": "",
|
||||
"compute_extension:v3:os-attach-interfaces": "",
|
||||
"compute_extension:v3:os-attach-interfaces:discoverable": "",
|
||||
"compute_extension:baremetal_nodes": "rule:admin_api",
|
||||
"compute_extension:cells": "rule:admin_api",
|
||||
"compute_extension:v3:os-cells": "rule:admin_api",
|
||||
"compute_extension:v3:os-cells:discoverable": "",
|
||||
"compute_extension:cells:create": "rule:admin_api",
|
||||
"compute_extension:cells:delete": "rule:admin_api",
|
||||
"compute_extension:cells:update": "rule:admin_api",
|
||||
"compute_extension:cells:sync_instances": "rule:admin_api",
|
||||
"compute_extension:certificates": "",
|
||||
"compute_extension:v3:os-certificates:create": "",
|
||||
"compute_extension:v3:os-certificates:show": "",
|
||||
"compute_extension:v3:os-certificates:discoverable": "",
|
||||
"compute_extension:cloudpipe": "rule:admin_api",
|
||||
"compute_extension:cloudpipe_update": "rule:admin_api",
|
||||
"compute_extension:console_output": "",
|
||||
"compute_extension:v3:consoles:discoverable": "",
|
||||
"compute_extension:v3:os-console-output:discoverable": "",
|
||||
"compute_extension:v3:os-console-output": "",
|
||||
"compute_extension:consoles": "",
|
||||
"compute_extension:v3:os-remote-consoles": "",
|
||||
"compute_extension:v3:os-remote-consoles:discoverable": "",
|
||||
"compute_extension:createserverext": "",
|
||||
"compute_extension:v3:os-create-backup:discoverable": "",
|
||||
"compute_extension:v3:os-create-backup": "rule:admin_or_owner",
|
||||
"compute_extension:deferred_delete": "",
|
||||
"compute_extension:v3:os-deferred-delete": "",
|
||||
"compute_extension:v3:os-deferred-delete:discoverable": "",
|
||||
"compute_extension:disk_config": "",
|
||||
"compute_extension:evacuate": "rule:admin_api",
|
||||
"compute_extension:v3:os-evacuate": "rule:admin_api",
|
||||
"compute_extension:v3:os-evacuate:discoverable": "",
|
||||
"compute_extension:extended_server_attributes": "rule:admin_api",
|
||||
"compute_extension:v3:os-extended-server-attributes": "rule:admin_api",
|
||||
"compute_extension:v3:os-extended-server-attributes:discoverable": "",
|
||||
"compute_extension:extended_status": "",
|
||||
"compute_extension:v3:os-extended-status": "",
|
||||
"compute_extension:v3:os-extended-status:discoverable": "",
|
||||
"compute_extension:extended_availability_zone": "",
|
||||
"compute_extension:v3:os-extended-availability-zone": "",
|
||||
"compute_extension:v3:os-extended-availability-zone:discoverable": "",
|
||||
"compute_extension:extended_ips": "",
|
||||
"compute_extension:extended_ips_mac": "",
|
||||
"compute_extension:extended_vif_net": "",
|
||||
"compute_extension:v3:extension_info:discoverable": "",
|
||||
"compute_extension:extended_volumes": "",
|
||||
"compute_extension:v3:os-extended-volumes": "",
|
||||
"compute_extension:v3:os-extended-volumes:swap": "",
|
||||
"compute_extension:v3:os-extended-volumes:discoverable": "",
|
||||
"compute_extension:v3:os-extended-volumes:attach": "",
|
||||
"compute_extension:v3:os-extended-volumes:detach": "",
|
||||
"compute_extension:fixed_ips": "rule:admin_api",
|
||||
"compute_extension:flavor_access": "",
|
||||
"compute_extension:flavor_access:addTenantAccess": "rule:admin_api",
|
||||
"compute_extension:flavor_access:removeTenantAccess": "rule:admin_api",
|
||||
"compute_extension:v3:flavor-access": "",
|
||||
"compute_extension:v3:flavor-access:discoverable": "",
|
||||
"compute_extension:v3:flavor-access:remove_tenant_access": "rule:admin_api",
|
||||
"compute_extension:v3:flavor-access:add_tenant_access": "rule:admin_api",
|
||||
"compute_extension:flavor_disabled": "",
|
||||
"compute_extension:flavor_rxtx": "",
|
||||
"compute_extension:v3:os-flavor-rxtx": "",
|
||||
"compute_extension:v3:os-flavor-rxtx:discoverable": "",
|
||||
"compute_extension:flavor_swap": "",
|
||||
"compute_extension:flavorextradata": "",
|
||||
"compute_extension:flavorextraspecs:index": "",
|
||||
@ -129,15 +80,7 @@
|
||||
"compute_extension:flavorextraspecs:create": "rule:admin_api",
|
||||
"compute_extension:flavorextraspecs:update": "rule:admin_api",
|
||||
"compute_extension:flavorextraspecs:delete": "rule:admin_api",
|
||||
"compute_extension:v3:flavors:discoverable": "",
|
||||
"compute_extension:v3:flavor-extra-specs:discoverable": "",
|
||||
"compute_extension:v3:flavor-extra-specs:index": "",
|
||||
"compute_extension:v3:flavor-extra-specs:show": "",
|
||||
"compute_extension:v3:flavor-extra-specs:create": "rule:admin_api",
|
||||
"compute_extension:v3:flavor-extra-specs:update": "rule:admin_api",
|
||||
"compute_extension:v3:flavor-extra-specs:delete": "rule:admin_api",
|
||||
"compute_extension:flavormanage": "rule:admin_api",
|
||||
"compute_extension:v3:flavor-manage": "rule:admin_api",
|
||||
"compute_extension:floating_ip_dns": "",
|
||||
"compute_extension:floating_ip_pools": "",
|
||||
"compute_extension:floating_ips": "",
|
||||
@ -145,99 +88,39 @@
|
||||
"compute_extension:fping": "",
|
||||
"compute_extension:fping:all_tenants": "rule:admin_api",
|
||||
"compute_extension:hide_server_addresses": "is_admin:False",
|
||||
"compute_extension:v3:os-hide-server-addresses": "is_admin:False",
|
||||
"compute_extension:v3:os-hide-server-addresses:discoverable": "",
|
||||
"compute_extension:hosts": "rule:admin_api",
|
||||
"compute_extension:v3:os-hosts": "rule:admin_api",
|
||||
"compute_extension:v3:os-hosts:discoverable": "",
|
||||
"compute_extension:hypervisors": "rule:admin_api",
|
||||
"compute_extension:v3:os-hypervisors": "rule:admin_api",
|
||||
"compute_extension:v3:os-hypervisors:discoverable": "",
|
||||
"compute_extension:image_size": "",
|
||||
"compute_extension:instance_actions": "",
|
||||
"compute_extension:v3:os-instance-actions": "",
|
||||
"compute_extension:v3:os-instance-actions:discoverable": "",
|
||||
"compute_extension:instance_actions:events": "rule:admin_api",
|
||||
"compute_extension:v3:os-instance-actions:events": "rule:admin_api",
|
||||
"compute_extension:instance_usage_audit_log": "rule:admin_api",
|
||||
"compute_extension:v3:ips:discoverable": "",
|
||||
"compute_extension:keypairs": "",
|
||||
"compute_extension:keypairs:index": "",
|
||||
"compute_extension:keypairs:show": "",
|
||||
"compute_extension:keypairs:create": "",
|
||||
"compute_extension:keypairs:delete": "",
|
||||
"compute_extension:v3:keypairs:discoverable": "",
|
||||
"compute_extension:v3:keypairs": "",
|
||||
"compute_extension:v3:keypairs:index": "",
|
||||
"compute_extension:v3:keypairs:show": "",
|
||||
"compute_extension:v3:keypairs:create": "",
|
||||
"compute_extension:v3:keypairs:delete": "",
|
||||
"compute_extension:v3:os-lock-server:discoverable": "",
|
||||
"compute_extension:v3:os-lock-server:lock": "rule:admin_or_owner",
|
||||
"compute_extension:v3:os-lock-server:unlock": "rule:admin_or_owner",
|
||||
"compute_extension:v3:os-migrate-server:discoverable": "",
|
||||
"compute_extension:v3:os-migrate-server:migrate": "rule:admin_api",
|
||||
"compute_extension:v3:os-migrate-server:migrate_live": "rule:admin_api",
|
||||
"compute_extension:multinic": "",
|
||||
"compute_extension:v3:os-multinic": "",
|
||||
"compute_extension:v3:os-multinic:discoverable": "",
|
||||
"compute_extension:networks": "rule:admin_api",
|
||||
"compute_extension:networks:view": "",
|
||||
"compute_extension:networks_associate": "rule:admin_api",
|
||||
"compute_extension:v3:os-pause-server:discoverable": "",
|
||||
"compute_extension:v3:os-pause-server:pause": "rule:admin_or_owner",
|
||||
"compute_extension:v3:os-pause-server:unpause": "rule:admin_or_owner",
|
||||
"compute_extension:v3:os-pci:pci_servers": "",
|
||||
"compute_extension:v3:os-pci:discoverable": "",
|
||||
"compute_extension:v3:os-pci:index": "rule:admin_api",
|
||||
"compute_extension:v3:os-pci:detail": "rule:admin_api",
|
||||
"compute_extension:v3:os-pci:show": "rule:admin_api",
|
||||
"compute_extension:quotas:show": "",
|
||||
"compute_extension:quotas:update": "rule:admin_api",
|
||||
"compute_extension:quotas:delete": "rule:admin_api",
|
||||
"compute_extension:v3:os-quota-sets:discoverable": "",
|
||||
"compute_extension:v3:os-quota-sets:show": "",
|
||||
"compute_extension:v3:os-quota-sets:update": "rule:admin_api",
|
||||
"compute_extension:v3:os-quota-sets:delete": "rule:admin_api",
|
||||
"compute_extension:v3:os-quota-sets:detail": "rule:admin_api",
|
||||
"compute_extension:quota_classes": "",
|
||||
"compute_extension:rescue": "",
|
||||
"compute_extension:v3:os-rescue": "",
|
||||
"compute_extension:v3:os-rescue:discoverable": "",
|
||||
"compute_extension:v3:os-scheduler-hints:discoverable": "",
|
||||
"compute_extension:security_group_default_rules": "rule:admin_api",
|
||||
"compute_extension:security_groups": "",
|
||||
"compute_extension:v3:os-security-groups": "",
|
||||
"compute_extension:v3:os-security-groups:discoverable": "",
|
||||
"compute_extension:server_diagnostics": "rule:admin_api",
|
||||
"compute_extension:v3:os-server-diagnostics": "rule:admin_api",
|
||||
"compute_extension:v3:os-server-diagnostics:discoverable": "",
|
||||
"compute_extension:server_groups": "",
|
||||
"compute_extension:server_password": "",
|
||||
"compute_extension:v3:os-server-password": "",
|
||||
"compute_extension:v3:os-server-password:discoverable": "",
|
||||
"compute_extension:server_usage": "",
|
||||
"compute_extension:v3:os-server-usage": "",
|
||||
"compute_extension:v3:os-server-usage:discoverable": "",
|
||||
"compute_extension:services": "rule:admin_api",
|
||||
"compute_extension:v3:os-services": "rule:admin_api",
|
||||
"compute_extension:v3:os-services:discoverable": "",
|
||||
"compute_extension:v3:server-metadata:discoverable": "",
|
||||
"compute_extension:v3:servers:discoverable": "",
|
||||
"compute_extension:shelve": "",
|
||||
"compute_extension:shelveOffload": "rule:admin_api",
|
||||
"compute_extension:v3:os-shelve:shelve": "",
|
||||
"compute_extension:v3:os-shelve:shelve:discoverable": "",
|
||||
"compute_extension:v3:os-shelve:shelve_offload": "rule:admin_api",
|
||||
"compute_extension:simple_tenant_usage:show": "rule:admin_or_owner",
|
||||
"compute_extension:v3:os-suspend-server:discoverable": "",
|
||||
"compute_extension:v3:os-suspend-server:suspend": "rule:admin_or_owner",
|
||||
"compute_extension:v3:os-suspend-server:resume": "rule:admin_or_owner",
|
||||
"compute_extension:simple_tenant_usage:list": "rule:admin_api",
|
||||
"compute_extension:unshelve": "",
|
||||
"compute_extension:v3:os-shelve:unshelve": "",
|
||||
"compute_extension:users": "rule:admin_api",
|
||||
"compute_extension:v3:os-user-data:discoverable": "",
|
||||
"compute_extension:virtual_interfaces": "",
|
||||
"compute_extension:virtual_storage_arrays": "",
|
||||
"compute_extension:volumes": "",
|
||||
@ -248,34 +131,13 @@
|
||||
"compute_extension:volume_attachments:delete": "",
|
||||
"compute_extension:volumetypes": "",
|
||||
"compute_extension:availability_zone:list": "",
|
||||
"compute_extension:v3:os-availability-zone:list": "",
|
||||
"compute_extension:v3:os-availability-zone:discoverable": "",
|
||||
"compute_extension:availability_zone:detail": "rule:admin_api",
|
||||
"compute_extension:v3:os-availability-zone:detail": "rule:admin_api",
|
||||
"compute_extension:used_limits_for_admin": "rule:admin_api",
|
||||
"compute_extension:migrations:index": "rule:admin_api",
|
||||
"compute_extension:v3:os-migrations:index": "rule:admin_api",
|
||||
"compute_extension:v3:os-migrations:discoverable": "",
|
||||
"compute_extension:os-assisted-volume-snapshots:create": "rule:admin_api",
|
||||
"compute_extension:os-assisted-volume-snapshots:delete": "rule:admin_api",
|
||||
"compute_extension:console_auth_tokens": "rule:admin_api",
|
||||
"compute_extension:v3:os-console-auth-tokens": "rule:admin_api",
|
||||
"compute_extension:os-server-external-events:create": "rule:admin_api",
|
||||
"compute_extension:v3:os-server-external-events:create": "rule:admin_api",
|
||||
|
||||
"volume:create": "",
|
||||
"volume:get_all": "",
|
||||
"volume:get_volume_metadata": "",
|
||||
"volume:get_snapshot": "",
|
||||
"volume:get_all_snapshots": "",
|
||||
|
||||
|
||||
"volume_extension:types_manage": "rule:admin_api",
|
||||
"volume_extension:types_extra_specs": "rule:admin_api",
|
||||
"volume_extension:volume_admin_actions:reset_status": "rule:admin_api",
|
||||
"volume_extension:snapshot_admin_actions:reset_status": "rule:admin_api",
|
||||
"volume_extension:volume_admin_actions:force_delete": "rule:admin_api",
|
||||
|
||||
|
||||
"network:get_all": "",
|
||||
"network:get": "",
|
||||
@ -298,7 +160,6 @@
|
||||
"network:get_floating_ips_by_project": "",
|
||||
"network:get_floating_ips_by_fixed_address": "",
|
||||
"network:allocate_floating_ip": "",
|
||||
"network:deallocate_floating_ip": "",
|
||||
"network:associate_floating_ip": "",
|
||||
"network:disassociate_floating_ip": "",
|
||||
"network:release_floating_ip": "",
|
||||
@ -320,5 +181,6 @@
|
||||
"network:get_dns_entries_by_name": "",
|
||||
"network:create_private_dns_domain": "",
|
||||
"network:create_public_dns_domain": "",
|
||||
"network:delete_dns_domain": ""
|
||||
"network:delete_dns_domain": "",
|
||||
"network:attach_external_network": "rule:admin_api"
|
||||
}
|
||||
|
||||
@ -60,6 +60,8 @@
|
||||
service_internalurl: "{{ nova_s3_service_internalurl }}"
|
||||
service_adminurl: "{{ nova_s3_service_adminurl }}"
|
||||
role_name: "{{ nova_service_role_name }}"
|
||||
when: >
|
||||
nova_s3_deprecated_but_enabled == true or nova_s3_deprecated_but_enabled == 'True'
|
||||
tags:
|
||||
- nova-api
|
||||
- nova-api-s3
|
||||
@ -77,6 +79,8 @@
|
||||
service_internalurl: "{{ nova_ec2_service_internalurl }}"
|
||||
service_adminurl: "{{ nova_ec2_service_adminurl }}"
|
||||
role_name: "{{ nova_service_role_name }}"
|
||||
when: >
|
||||
nova_ec2_deprecated_but_enabled == true or nova_ec2_deprecated_but_enabled == 'True'
|
||||
tags:
|
||||
- nova-api
|
||||
- nova-api-ec2
|
||||
|
||||
@ -56,7 +56,9 @@
|
||||
system_user: "{{ nova_system_user_name }}"
|
||||
system_group: "{{ nova_system_group_name }}"
|
||||
service_home: "{{ nova_system_home_folder }}"
|
||||
when: inventory_hostname in groups['nova_api_ec2']
|
||||
when: >
|
||||
inventory_hostname in groups['nova_api_ec2'] and
|
||||
(nova_ec2_deprecated_but_enabled == true or nova_ec2_deprecated_but_enabled == 'True')
|
||||
|
||||
- include: nova_upstart_common_init.yml
|
||||
vars:
|
||||
@ -65,7 +67,9 @@
|
||||
system_user: "{{ nova_system_user_name }}"
|
||||
system_group: "{{ nova_system_group_name }}"
|
||||
service_home: "{{ nova_system_home_folder }}"
|
||||
when: inventory_hostname in groups['nova_api_ec2']
|
||||
when: >
|
||||
inventory_hostname in groups['nova_api_ec2'] and
|
||||
(nova_ec2_deprecated_but_enabled == true or nova_ec2_deprecated_but_enabled == 'True')
|
||||
|
||||
- include: nova_upstart_common_init.yml
|
||||
vars:
|
||||
|
||||
@ -10,7 +10,6 @@ verbose = {{ verbose }}
|
||||
fatal_deprecations = {{ nova_fatal_deprecations }}
|
||||
log_dir = /var/log/nova
|
||||
state_path = {{ nova_system_home_folder }}
|
||||
lock_path = /var/lock/nova
|
||||
rootwrap_config = /etc/nova/rootwrap.conf
|
||||
service_down_time = 120
|
||||
|
||||
@ -47,23 +46,20 @@ allow_resize_to_same_host = True
|
||||
image_cache_manager_interval = {{ nova_image_cache_manager_interval }}
|
||||
|
||||
# Api's
|
||||
enabled_apis = osapi_compute,metadata,ec2
|
||||
enabled_apis = {{ nova_enabled_apis }}
|
||||
osapi_compute_workers = {{ nova_osapi_compute_workers | default(api_threads) }}
|
||||
{% if nova_ec2_deprecated_but_enabled == true or nova_ec2_deprecated_but_enabled == 'True' %}
|
||||
ec2_workers = {{ nova_ec2_workers | default(api_threads) }}
|
||||
ec2_dmz_host = {{ external_lb_vip_address }}
|
||||
{% endif %}
|
||||
{% if nova_s3_deprecated_but_enabled == true or nova_s3_deprecated_but_enabled == 'True' %}
|
||||
s3_port = {{ nova_s3_service_port }}
|
||||
s3_host = {{ ansible_ssh_host }}
|
||||
{% endif %}
|
||||
|
||||
# Rpc all
|
||||
amqp_auto_delete = False
|
||||
rpc_backend = {{ nova_rpc_backend }}
|
||||
|
||||
# RabbitMQ
|
||||
rabbit_port = {{ rabbitmq_port }}
|
||||
rabbit_userid = {{ rabbitmq_userid }}
|
||||
rabbit_password = {{ rabbitmq_password }}
|
||||
rabbit_hosts = {{ rabbitmq_servers }}
|
||||
|
||||
# Metadata
|
||||
metadata_host = {{ internal_lb_vip_address }}
|
||||
metadata_port = {{ nova_metadata_port }}
|
||||
@ -176,6 +172,18 @@ connection = mysql://{{ nova_galera_user }}:{{ nova_container_mysql_password }}@
|
||||
{% endif %}
|
||||
|
||||
|
||||
[oslo_concurrency]
|
||||
lock_path = /var/lock/nova
|
||||
|
||||
|
||||
[oslo_messaging_rabbit]
|
||||
amqp_auto_delete = False
|
||||
rabbit_port = {{ rabbitmq_port }}
|
||||
rabbit_userid = {{ rabbitmq_userid }}
|
||||
rabbit_password = {{ rabbitmq_password }}
|
||||
rabbit_hosts = {{ rabbitmq_servers }}
|
||||
|
||||
|
||||
[libvirt]
|
||||
vif_driver = {{ nova_libvirt_vif_driver }}
|
||||
inject_partition = -2
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user