These parameters were deprecated in favor of the separate classes for
client options[1].
[1] 0d043d793f
Change-Id: I28b7462f2330409b9dee7debba63ce756a0a74b1
This change introduces support for [clients] parameters and
[clients_<service>] parameters, which determine behavior of service
clients used by heat for communication with the OpenStack services.
- Implementation of heat::clients::<service> are generally same.
Only cinder, heat, keystone and nova provides additional parameters.
- The existing parameters in the base heat class are deprecated in
favor of the new classes.
Change-Id: Icdf4f0201dd1e5f93a450473709851977ec20034
This change introduces the new heat::trustee class to manage
the parameters in the [trustee] options. These options have been set
according to authtoken parameters but it makes maintenance complicated
and the logic doesn't work properly when noauth is used.
This change also removes the [trustee] project_domain_name parameter
because the parameter has never been used actually.
Change-Id: I694a8ea771cc4d4dcfbf8384ece2be10d83ab3f0
... because the max_stacks_per_tenant parameter is used by heat-engine,
and the very similar max_resources_per_stack parameter is implemented
in heat::engine.
Change-Id: I57a8e8b9643d999c8ed379895f998ee1d09fb1a8
The default of 100 is barely useable. Let's add a new parameter
max_stacks_per_tenant to allow increasing this.
Change-Id: I2bd9ce729b5e2b5ff6577951989b93390cb3a6bf
oslo.messaging RabbitMQ driver have now a new option that allow user to
run the RabbitMQ heartbeat over a native python thread.
These change allow user to use this new option.
Change-Id: Ifa7b63cf0e0f276c4bdfc1b840506303355647b1
Closes-Bug: #1840868
So that we can increase it from the default 114688
Useful in case for example the OS-Federation mapping is too large.
If this limit is breached heat will return a 413 Entity Too Large
and not log anything to heat.log.
Change-Id: I90f15091088db67e6d33ef6272e59de69c4fe601
Closes-Bug: #1835161
Remove the deprecated rabbit params which has been deprecated for
two years. The default_transport_url has been present for a while
now and should be used.
Change-Id: I9c95be8843e51ac69c95d141507d767aa017afbf
Now that the v2.0 API has been removed, we don't have a reason to
include deployment instructions for two separate applications on
different ports.
Change-Id: Ia81c354ea593954e79a0779f222208c027fcdede
By default, the ::heat class configures clients_keystone/auth_uri to the
value of ::heat::keystone::authtoken::auth_url, which is generally the
admin endpoint on port 35357.
However, since this URI can be used by non-admin clients running inside
instances, such as os-collect-config, a better default value would be to
use either the public or internal Keystone endpoint, depending on the
deployment. This commit changes the default to the public Keystone
endpoint defined in ::heat::keystone::authtoken::www_authenticate_uri.
It is still possible to provide a custom value using the
heat_clients_keystone_uri parameter.
Change-Id: Idb0f408776ef27f16a522e4443531fd97276669b
Closes-Bug: #1763700
It is usually the same as auth_url which is defined there
$::heat::keystone::authtoken::auth_url. We can now point this to
another part of the catalog (ie, public vs internal for instance).
Co-Authored-By: Sergii Golovatiuk <sgolovat@redhat.com>
Change-Id: I4429d86d831f49f1bc0fef04379a81ada20b6ab6
Param keystone_ec2_uri was providing default value. It was raising an
engine service error on ifras where ec2 endpoint was not created.
Change-Id: I48c47a2c59ec89212a45125b373844e340731fd9
Param heartbeat_timeout_threshold by default is set to 60 in oslo module.
We shouldn't set hardcoded value, but take default one.
Change-Id: Id572fd98846f640d88cbb46c4a74f9fd43813d8b
Oslo.messaging uses the transport_url to represent the rpc and
notification messaging driver to use and its full configuration. The
rpc_backend configuration option is deprecated for removal and
should not gate oslo.messaging driver configuration options.
This patch:
* deprecate rpc_backend
* remove conditional check
* update spec tests
* add release note
Change-Id: I1537c9e0db956d4271c8334a0aa543cd20c57e67
Now TripleO sets this value, we can use os_service_default for
the default value and we won't have duplicated resource.
Change-Id: I00a47d6dae5be6ea18d93ac8b47c0c0cc58fe43f
Add support for clients/endpoint_type parameter.
Note: Default to False now, because TripleO already sets this resource.
and we don't want duplicated resource.
Once we switch TripleO to use this new option, the default will
become os_service_default.
Change-Id: If707c5623c0e34e9219eeafdafaf0ac42daf5c8d
Closes-Bug: #1675409
The configuration is done via the oslo::messaging::rabbit resource
from puppet-oslo. We should be checking for the resource that we're
using instead of the underlying configuration file.
Change-Id: Ibc69ae286d723ebecf8a86c247cf807ccf0604b4
A recent commit removed it from puppet-oslo. We shouldn't be checking it
any more here.
[1] I7ccd995ef01c2d54427684718adba054260fdd52
Change-Id: Ib7e30196d8b336aafc5ce92f7c5d62fe31adc5a8
Since we are in ocata lets remove all old parameters in api
to configure the keystone_authtoken section
Change-Id: I7f18b79b9107baad78129b098246bd9c931420dc
Option "auth_plugin" from group "trustee" is deprecated in Heat.
Use option "auth_type" from group "trustee" instead.
Change-Id: I19024ad7be968c7364dbb8ff94372a168f6f6096
Closes-Bug: #1633282
This may required in instances where socket.gethostname() (the default)
does not return an FQDN and an FQDN (or other identifer) is desired.
Change-Id: Ibb86cdcf7e6304eabc1fe165feec9555bfadb32f
In Heat, [clients_keystone] auth_uri has to be the admin URL even we
would believe not.
It has been confired with how Heat's gate is running with Devstack and
also with TripleO CI currently failing with the current implementation.
Change-Id: I7a9d10b0a8092b3d0c70708b57637098cfe2b56d
Switch keystone_authtoken parameters for the new class
heat::keystone::authtoken to configure the keystone_authtoken section
in heat.conf.
Some deprecations:
- heat::auth_uri is deprecated in favor of
heat::keystone::authtoken::auth_uri.
- heat::identity_uri is deprecated in favor of
heat::keystone::authtoken::auth_url.
- heat::auth_plugin is deprecated in favor of
heat::keystone::authtoken::auth_type.
- heat::keystone_user is deprecated in favor of
heat::keystone::authtoken::username.
- heat::keystone_tenant is deprecated in favor of
heat::keystone::authtoken::project_name.
- heat::keystone_password is deprecated in favor of
heat::keystone::authtoken::password.
- heat::keystone_user_domain_name is deprecated in favor of
heat::keystone::authtoken::user_domain_name.
- heat::keystone_user_domain_id is deprecated, use the name option.
- heat::keystone_project_domain_name is deprecated in favor of
heat::keystone::authtoken::project_domain_name.
- heat::keystone_project_domain_id is deprecated, use the name option.
- heat::memcached_servers is deprecated in favor of
heat::keystone::authtoken::memcached_servers.
Change-Id: I466558e98176f20743271191df64dc327f0efcc6
Closes-bug: #1604463
In a previous patch [1] we introduced new parameters to configure domain
name for project & user but the parameters were not used anywhere.
Now they are, and we can deploy Keystone from trunk.
Also modify default values for *_domain_id parameters to use
os_service_default.
[1] 48b80077
Change-Id: Ib4e8590219559d056252924b21b93fd9acd08715
This change adds the abiltity to manage the memcached servers for the
keystone authtoken configuration in heat
Change-Id: Ifa1f98607b4c0298a2723765870ef466dbb8447a
Add the option in order to facilitate management.
User can ensure that only the options they hoped
are configured.
Change-Id: I3756c7123fe35dc15da9f0ee526c0039f9e74ad9
Takashi Kajinami