Puppet Class: swift::proxy::keystone
- Defined in:
- manifests/proxy/keystone.pp
Overview
This class can be set to manage keystone middleware for swift proxy
Parameters
[*operator_roles*]
(Optional) a list of keystone roles a user must have to gain access to Swift.
Defaults to ['admin', 'SwiftOperator']
Must be an array of strings
Swift operator roles must be defined in swift::keystone::auth because
keystone API access is usually not available on Swift proxy nodes.
[*reseller_prefix*]
(Optional) The prefix used for reseller URL.
Defaults to 'AUTH_'
[*reseller_admin_role*]
The reseller admin role has the ability to create and delete accounts.
This role defines who has the ability to manage other swift accounts.
(Optional)
Defaults to Undef.
[*project_reader_roles*]
Project reader roles are similar to account owners, but are not
allowed to write any data.
(Optional)
Default to $facts['os_service_default']
[*system_reader_roles*]
System reader roles are similar to reseller_admin_roles, but are not
allowed to write any data.
(Optional)
Default to $facts['os_service_default']
Authors
Dan Bode dan@puppetlabs.com
Francois Charlier fcharlier@ploup.net
40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
# File 'manifests/proxy/keystone.pp', line 40
class swift::proxy::keystone(
$operator_roles = ['admin', 'SwiftOperator'],
$reseller_prefix = 'AUTH_',
$reseller_admin_role = undef,
$project_reader_roles = $facts['os_service_default'],
$system_reader_roles = $facts['os_service_default'],
) {
include swift::deps
swift_proxy_config {
'filter:keystone/use': value => 'egg:swift#keystoneauth';
'filter:keystone/operator_roles': value => join(any2array($operator_roles), ', ');
'filter:keystone/reseller_prefix': value => $reseller_prefix;
'filter:keystone/reseller_admin_role': value => $reseller_admin_role;
'filter:keystone/project_reader_roles': value => join(any2array($project_reader_roles), ', ');
'filter:keystone/system_reader_roles': value => join(any2array($system_reader_roles), ', ');
}
}
|