chef/cookbooks/heat/templates/default/heat.conf.erb
[DEFAULT]
reauthentication_auth_method = trusts
trusts_delegated_roles = <%= @trusts_delegated_roles.join(',') %>
heat_metadata_server_url = <%= @heat_metadata_server_url %>
heat_waitcondition_server_url = <%= @heat_waitcondition_server_url %>
region_name_for_services = <%= @keystone_settings['endpoint_region'] %>
stack_user_domain_id = <%= @stack_user_domain %>
stack_domain_admin = <%= @stack_domain_admin %>
stack_domain_admin_password = <%= @stack_domain_admin_password %>
num_engine_workers = <%= [node["cpu"]["total"], 2, 4].sort[1] %>
auth_encryption_key = <%= @auth_encryption_key %>
<% if node[:platform_family] == "suse" -%>
loadbalancer_template = /etc/heat/loadbalancer.template
<% end -%>
debug = <%= node[:heat][:debug] ? 'true' : 'false' %>
log_dir = /var/log/heat
use_stderr = false
transport_url = <%= @rabbit_settings[:url] %>
control_exchange = heat
[clients]
endpoint_type = internalURL
insecure = <%= @keystone_settings['insecure'] %>
[clients_barbican]
endpoint_type = internalURL
insecure = <%= @keystone_settings['insecure'] %>
[clients_ceilometer]
endpoint_type = internalURL
insecure = <%= @keystone_settings['insecure'] %>
[clients_cinder]
endpoint_type = internalURL
insecure = <%= @keystone_settings['insecure'] %>
[clients_glance]
endpoint_type = internalURL
insecure = <%= @keystone_settings['insecure'] %>
[clients_heat]
endpoint_type = publicURL
insecure = <%= @keystone_settings['insecure'] %>
[clients_keystone]
endpoint_type = internalURL
insecure = <%= @keystone_settings['insecure'] %>
www_authenticate_uri = <%= @keystone_settings['public_auth_url'] %>
[clients_magnum]
endpoint_type = publicURL
insecure = <%= @keystone_settings['insecure'] %>
[clients_manila]
endpoint_type = internalURL
insecure = <%= @keystone_settings['insecure'] %>
[clients_neutron]
endpoint_type = internalURL
insecure = <%= @keystone_settings['insecure'] %>
[clients_nova]
endpoint_type = internalURL
insecure = <%= @keystone_settings['insecure'] %>
[clients_sahara]
endpoint_type = internalURL
insecure = <%= @keystone_settings['insecure'] %>
[clients_swift]
endpoint_type = internalURL
insecure = <%= @keystone_settings['insecure'] %>
[clients_trove]
endpoint_type = internalURL
insecure = <%= @keystone_settings['insecure'] %>
[database]
connection = <%= @database_connection %>
[eventlet_opts]
wsgi_keep_alive = false
[heat_api]
bind_host = <%= @bind_host %>
bind_port = <%= @api_port %>
<% if node[:heat][:api][:protocol] == "https" %>
cert_file = <%= @heat_ssl[:certfile] %>
key_file = <%= @heat_ssl[:keyfile] %>
<% end %>
workers = <%= [node["cpu"]["total"], 2, 4].sort[1] %>
max_header_line = <%= node[:heat][:max_header_line] %>
[heat_api_cfn]
bind_host = <%= @bind_host %>
bind_port = <%= @cfn_port %>
<% if node[:heat][:api][:protocol] == "https" %>
cert_file = <%= @heat_ssl[:certfile] %>
key_file = <%= @heat_ssl[:keyfile] %>
<% end %>
workers = <%= [node["cpu"]["total"], 2, 4].sort[1] %>
max_header_line = <%= node[:heat][:max_header_line] %>
[keystone_authtoken]
auth_type = password
www_authenticate_uri = <%= @keystone_settings['public_auth_url'] %>
auth_url = <%= @keystone_settings['internal_auth_url'] %>
auth_version = <%= @keystone_settings['api_version_for_middleware'] %>
insecure = <%= @keystone_settings['insecure'] %>
region_name = <%= @keystone_settings['endpoint_region'] %>
username = <%= @keystone_settings['service_user'] %>
password = <%= @keystone_settings['service_password'] %>
project_name = <%= @keystone_settings['service_tenant'] %>
project_domain_name = <%= @keystone_settings['admin_domain'] %>
user_domain_name = <%= @keystone_settings['admin_domain'] %>
memcached_servers = <%= @memcached_servers.join(',') %>
memcache_security_strategy = ENCRYPT
memcache_secret_key = <%= node[:heat][:memcache_secret_key] %>
memcache_pool_socket_timeout = 1
service_token_roles_required = true
service_token_roles = admin
<% if node[:heat][:api][:protocol] == "https" %>
[ssl]
<% if node[:heat][:ssl][:cert_required] %>
ca_file = <%= @heat_ssl[:ca_certs] %>
<% end %>
cert_file = <%= @heat_ssl[:certfile] %>
key_file = <%= @heat_ssl[:keyfile] %>
<% end %>
[trustee]
auth_type = password
auth_url = <%= @keystone_settings['internal_auth_url'] %>
username = <%= @keystone_settings['service_user'] %>
password = <%= @keystone_settings['service_password'] %>
user_domain_name = <%= @keystone_settings['admin_domain'] %>
[oslo_messaging_rabbit]
amqp_durable_queues = <%= @rabbit_settings[:durable_queues] %>
rabbit_ha_queues = <%= @rabbit_settings[:ha_queues] %>
ssl = <%= @rabbit_settings[:use_ssl] %>
<% if @rabbit_settings[:client_ca_certs] -%>
ssl_ca_file = <%= @rabbit_settings[:client_ca_certs] %>
<% end -%>
heartbeat_timeout_threshold = <%= @rabbit_settings[:heartbeat_timeout] %>