| # Copyright (c) 2022 VEXXHOST, Inc. |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); you may |
| # not use this file except in compliance with the License. You may obtain |
| # a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
| # License for the specific language governing permissions and limitations |
| # under the License. |
| |
| _openstack_helm_keystone_values: |
| endpoints: "{{ openstack_helm_endpoints }}" |
| images: |
| pull_policy: Always |
| tags: |
| bootstrap: "{{ openstack_helm_keystone_image_repository }}/heat:{{ openstack_helm_keystone_heat_image_tag }}" |
| db_drop: "{{ openstack_helm_keystone_image_repository }}/heat:{{ openstack_helm_keystone_heat_image_tag }}" |
| db_init: "{{ openstack_helm_keystone_image_repository }}/heat:{{ openstack_helm_keystone_heat_image_tag }}" |
| dep_check: "{{ openstack_helm_keystone_image_repository }}/kubernetes-entrypoint:latest" |
| keystone_api: "{{ openstack_helm_keystone_image_repository }}/keystone:{{ openstack_helm_keystone_image_tag }}" |
| keystone_credential_cleanup: "{{ openstack_helm_keystone_image_repository }}/heat:{{ openstack_helm_keystone_heat_image_tag }}" |
| keystone_credential_rotate: "{{ openstack_helm_keystone_image_repository }}/keystone:{{ openstack_helm_keystone_image_tag }}" |
| keystone_credential_setup: "{{ openstack_helm_keystone_image_repository }}/keystone:{{ openstack_helm_keystone_image_tag }}" |
| keystone_db_sync: "{{ openstack_helm_keystone_image_repository }}/keystone:{{ openstack_helm_keystone_image_tag }}" |
| keystone_domain_manage: "{{ openstack_helm_keystone_image_repository }}/heat:{{ openstack_helm_keystone_heat_image_tag }}" |
| keystone_fernet_rotate: "{{ openstack_helm_keystone_image_repository }}/keystone:{{ openstack_helm_keystone_image_tag }}" |
| keystone_fernet_setup: "{{ openstack_helm_keystone_image_repository }}/keystone:{{ openstack_helm_keystone_image_tag }}" |
| ks_user: "{{ openstack_helm_keystone_image_repository }}/heat:{{ openstack_helm_keystone_heat_image_tag }}" |
| rabbit_init: "{{ openstack_helm_keystone_image_repository }}/rabbitmq:3.8.23-management" |
| pod: |
| # mounts = { |
| # keystone_api = { |
| # keystone_api = { |
| # volumeMounts = [ |
| # { |
| # name = kubernetes_config_map.keystone_ldap_ca.metadata[0].name |
| # mountPath = "/etc/keystone/ldap" |
| # }, |
| # { |
| # name = kubernetes_config_map.keystone_openid_connect_metadata.metadata[0].name |
| # mountPath = "/var/lib/apache2/oidc" |
| # } |
| # ], |
| # volumes = [ |
| # { |
| # name = kubernetes_config_map.keystone_ldap_ca.metadata[0].name |
| # configMap = { |
| # name = kubernetes_config_map.keystone_ldap_ca.metadata[0].name |
| # } |
| # }, |
| # { |
| # name = kubernetes_config_map.keystone_openid_connect_metadata.metadata[0].name |
| # configMap = { |
| # name = kubernetes_config_map.keystone_openid_connect_metadata.metadata[0].name |
| # } |
| # } |
| # ] |
| # } |
| # } |
| # }, |
| replicas: |
| api: 3 |
| conf: |
| keystone: |
| DEFAULT: |
| log_config_append: null |
| auth: |
| methods: password,token,openid,application_credential |
| cors: |
| allowed_origins: "*" |
| federation: |
| assertion_prefix: OIDC- |
| remote_id_attribute: OIDC-iss |
| # TODO(mnaser): Lookup using openstack_helm_endpoints |
| trusted_dashboard: "https://{{ openstack_helm_endpoints_horizon_api_host }}/auth/websso/" |
| identity: |
| domain_configurations_from_database: true |
| oslo_messaging_notifications: |
| driver: noop |
| manifests: |
| job_credential_cleanup: false |
| ingress_api: false |
| service_ingress_api: false |