keystone.pp

class iaas::profile::keystone (
  $admin_token = undef,
  $admin_email = undef,
  $admin_password = undef,
  $admin_tenant = undef,
  $tenants = hiera('iaas::profile::keystone::tenants', {}),
  $users = hiera('iaas::profile::keystone::users', {}),

##verbose, debug
  $verbose = hiera('iaas::verbose', undef),
  $debug = hiera('iaas::debug', undef),

  $public_interface = hiera('iaas::public_interface', undef),
  $admin_interface = hiera('iaas::admin_interface', undef),

  $region = hiera('iaas::region', undef),

#VIP1
  $endpoint_main = hiera('iaas::main_address', undef),
#VIP2
  $endpoint_admin = hiera('iaas::admin_address', undef),

##rhosts
#  $endpoint = hiera('iaas::main_address', undef),
  $rhosts = hiera('iaas::profile::rabbitmq::rhosts', undef),
  $rabbitmq_user = hiera('iaas::profile::rabbitmq::user', undef),
  $rabbitmq_password = hiera('iaas::profile::rabbitmq::password', undef),
) {

##Leave commented if DB is not controller
#  iaas::resources::database { 'keystone': }
  include iaas::resources::connectors

  if $endpoint_admin == '' {
    $real_endpoint_admin = $endpoint_main
  }else{
    $real_endpoint_admin = $endpoint_admin
  }

  class { '::keystone':
##added verbose, debug
    verbose => $verbose,
    debug => $debug,
    admin_token => $admin_token,
    database_connection => $iaas::resources::connectors::keystone,
    admin_bind_host => $::facts["ipaddress_${admin_interface}"],
    public_bind_host => $::facts["ipaddress_${admin_interface}"],
    admin_endpoint => "http://${real_endpoint_admin}:35357",
##rhosts - uncomment as needed
#    rabbit_host => $endpoint,
    rabbit_hosts => $rhosts,
    rabbit_userid => $rabbitmq_user,
    rabbit_password => $rabbitmq_password,
    mysql_module => '2.3',
    database_idle_timeout => 3600,
  }

  class { 'keystone::roles::admin':
    email => $admin_email,
    password => $admin_password,
    admin_tenant => $admin_tenant,
  }

  class { 'keystone::endpoint':
    public_url => "http://${endpoint_main}:5000",
    admin_url => "http://${real_endpoint_admin}:35357",
    internal_url => "http://${real_endpoint_admin}:5000",
    region => $region,
  }

  create_resources('iaas::resources::tenant', $tenants)
  create_resources('iaas::resources::user', $users)

}