Keystone¶
There are various customizations you can do to tailor the deployment of OpenStack Keystone. You can find those below.
General Parameters¶
bootstrap.enabled
Type: bool
Description:
true
bootstrap.ks_user
Type: string
Description:
“admin”
bootstrap.script
Type: string
Description:
# admin needs the admin role for the default domain openstack role add \\ --user=\"${OS_USERNAME}\" \\ --domain=\"${OS_DEFAULT_DOMAIN}\" \\ \"admin\"conf.access_rules
Type: object
Description:
{}
conf.keystone.DEFAULT.log_config_append
Type: string
Description:
“/etc/keystone/logging.conf”
conf.keystone.DEFAULT.max_token_size
Type: int
Description:
255
conf.keystone.cache.backend
Type: string
Description:
“dogpile.cache.memcached”
conf.keystone.cache.enabled
Type: bool
Description:
true
conf.keystone.credential.key_repository
Type: string
Description:
“/etc/keystone/credential-keys/”
conf.keystone.database.max_retries
Type: int
Description:
-1
conf.keystone.fernet_tokens.key_repository
Type: string
Description:
“/etc/keystone/fernet-keys/”
conf.keystone.identity.domain_config_dir
Type: string
Description:
“/etc/keystone/domains”
conf.keystone.identity.domain_specific_drivers_enabled
Type: bool
Description:
true
conf.keystone.oslo_messaging_notifications.driver
Type: string
Description:
“messagingv2”
conf.keystone.oslo_messaging_rabbit.rabbit_ha_queues
Type: bool
Description:
true
conf.keystone.oslo_middleware.enable_proxy_headers_parsing
Type: bool
Description:
true
conf.keystone.oslo_policy.policy_file
Type: string
Description:
“/etc/keystone/policy.yaml”
conf.keystone.security_compliance.lockout_duration
Type: int
Description:
1800
conf.keystone.security_compliance.lockout_failure_attempts
Type: int
Description:
5
conf.keystone.token.expiration
Type: int
Description:
43200
conf.keystone.token.provider
Type: string
Description:
“fernet”
conf.logging.formatter_context.class
Type: string
Description:
“oslo_log.formatters.ContextFormatter”
conf.logging.formatter_context.datefmt
Type: string
Description:
“%Y-%m-%d %H:%M:%S”
conf.logging.formatter_default.datefmt
Type: string
Description:
“%Y-%m-%d %H:%M:%S”
conf.logging.formatter_default.format
Type: string
Description:
“%(message)s”
conf.logging.formatters.keys[0]
Type: string
Description:
“context”
conf.logging.formatters.keys[1]
Type: string
Description:
“default”
conf.logging.handler_null.args
Type: string
Description:
“()”
conf.logging.handler_null.class
Type: string
Description:
“logging.NullHandler”
conf.logging.handler_null.formatter
Type: string
Description:
“default”
conf.logging.handler_stderr.args
Type: string
Description:
“(sys.stderr,)”
conf.logging.handler_stderr.class
Type: string
Description:
“StreamHandler”
conf.logging.handler_stderr.formatter
Type: string
Description:
“context”
conf.logging.handler_stdout.args
Type: string
Description:
“(sys.stdout,)”
conf.logging.handler_stdout.class
Type: string
Description:
“StreamHandler”
conf.logging.handler_stdout.formatter
Type: string
Description:
“context”
conf.logging.handlers.keys[0]
Type: string
Description:
“stdout”
conf.logging.handlers.keys[1]
Type: string
Description:
“stderr”
conf.logging.handlers.keys[2]
Type: string
Description:
“null”
conf.logging.logger_amqp.handlers
Type: string
Description:
“stderr”
conf.logging.logger_amqp.level
Type: string
Description:
“WARNING”
conf.logging.logger_amqp.qualname
Type: string
Description:
“amqp”
conf.logging.logger_amqplib.handlers
Type: string
Description:
“stderr”
conf.logging.logger_amqplib.level
Type: string
Description:
“WARNING”
conf.logging.logger_amqplib.qualname
Type: string
Description:
“amqplib”
conf.logging.logger_boto.handlers
Type: string
Description:
“stderr”
conf.logging.logger_boto.level
Type: string
Description:
“WARNING”
conf.logging.logger_boto.qualname
Type: string
Description:
“boto”
conf.logging.logger_eventletwsgi.handlers
Type: string
Description:
“stderr”
conf.logging.logger_eventletwsgi.level
Type: string
Description:
“WARNING”
conf.logging.logger_eventletwsgi.qualname
Type: string
Description:
“eventlet.wsgi.server”
conf.logging.logger_keystone.handlers[0]
Type: string
Description:
“stdout”
conf.logging.logger_keystone.level
Type: string
Description:
“INFO”
conf.logging.logger_keystone.qualname
Type: string
Description:
“keystone”
conf.logging.logger_root.handlers
Type: string
Description:
“null”
conf.logging.logger_root.level
Type: string
Description:
“WARNING”
conf.logging.logger_sqlalchemy.handlers
Type: string
Description:
“stderr”
conf.logging.logger_sqlalchemy.level
Type: string
Description:
“WARNING”
conf.logging.logger_sqlalchemy.qualname
Type: string
Description:
“sqlalchemy”
conf.logging.loggers.keys[0]
Type: string
Description:
“root”
conf.logging.loggers.keys[1]
Type: string
Description:
“keystone”
conf.mpm_event
Type: string
Description:
<IfModule mpm_event_module> ServerLimit 1024 StartServers 32 MinSpareThreads 32 MaxSpareThreads 256 ThreadsPerChild 25 MaxRequestsPerChild 128 ThreadLimit 720 </IfModule>conf.policy
Type: object
Description:
{}
conf.rabbitmq.policies[0].apply-to
Type: string
Description:
“all”
conf.rabbitmq.policies[0].definition.ha-mode
Type: string
Description:
“all”
conf.rabbitmq.policies[0].definition.ha-sync-mode
Type: string
Description:
“automatic”
conf.rabbitmq.policies[0].definition.message-ttl
Type: int
Description:
70000
conf.rabbitmq.policies[0].name
Type: string
Description:
“ha_ttl_keystone”
conf.rabbitmq.policies[0].pattern
Type: string
Description:
“^(?!(amq\.|reply_)).*”
conf.rabbitmq.policies[0].priority
Type: int
Description:
0
conf.rabbitmq.policies[0].vhost
Type: string
Description:
“keystone”
conf.rally_tests.run_tempest
Type: bool
Description:
false
conf.rally_tests.tests.”KeystoneBasic.add_and_remove_user_role”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.add_and_remove_user_role”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.add_and_remove_user_role”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.add_and_remove_user_role”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.authenticate_user_and_validate_token”[0].args
Type: object
Description:
{}
conf.rally_tests.tests.”KeystoneBasic.authenticate_user_and_validate_token”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.authenticate_user_and_validate_token”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.authenticate_user_and_validate_token”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.authenticate_user_and_validate_token”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_add_and_list_user_roles”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_add_and_list_user_roles”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_add_and_list_user_roles”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_add_and_list_user_roles”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_ec2credential”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_ec2credential”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_ec2credential”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_ec2credential”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_role”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_role”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_role”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_role”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_service”[0].args.description
Type: string
Description:
“test_description”
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_service”[0].args.service_type
Type: string
Description:
“Rally_test_type”
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_service”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_service”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_service”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_and_delete_service”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_and_get_role”[0].args
Type: object
Description:
{}
conf.rally_tests.tests.”KeystoneBasic.create_and_get_role”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_get_role”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_get_role”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_and_get_role”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_and_list_ec2credentials”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_list_ec2credentials”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_list_ec2credentials”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_and_list_ec2credentials”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_and_list_services”[0].args.description
Type: string
Description:
“test_description”
conf.rally_tests.tests.”KeystoneBasic.create_and_list_services”[0].args.service_type
Type: string
Description:
“Rally_test_type”
conf.rally_tests.tests.”KeystoneBasic.create_and_list_services”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_list_services”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_list_services”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_and_list_services”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_and_list_tenants”[0].args
Type: object
Description:
{}
conf.rally_tests.tests.”KeystoneBasic.create_and_list_tenants”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_list_tenants”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_list_tenants”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_and_list_tenants”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_and_list_users”[0].args
Type: object
Description:
{}
conf.rally_tests.tests.”KeystoneBasic.create_and_list_users”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_list_users”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_and_list_users”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_and_list_users”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_delete_user”[0].args
Type: object
Description:
{}
conf.rally_tests.tests.”KeystoneBasic.create_delete_user”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_delete_user”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_delete_user”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_delete_user”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_tenant”[0].args
Type: object
Description:
{}
conf.rally_tests.tests.”KeystoneBasic.create_tenant”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_tenant”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_tenant”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_tenant”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_tenant_with_users”[0].args.users_per_tenant
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_tenant_with_users”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_tenant_with_users”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_tenant_with_users”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_tenant_with_users”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_update_and_delete_tenant”[0].args
Type: object
Description:
{}
conf.rally_tests.tests.”KeystoneBasic.create_update_and_delete_tenant”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_update_and_delete_tenant”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_update_and_delete_tenant”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_update_and_delete_tenant”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_user”[0].args
Type: object
Description:
{}
conf.rally_tests.tests.”KeystoneBasic.create_user”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_user”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_user”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_user”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_user_set_enabled_and_delete”[0].args.enabled
Type: bool
Description:
true
conf.rally_tests.tests.”KeystoneBasic.create_user_set_enabled_and_delete”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_user_set_enabled_and_delete”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_user_set_enabled_and_delete”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_user_set_enabled_and_delete”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_user_set_enabled_and_delete”[1].args.enabled
Type: bool
Description:
false
conf.rally_tests.tests.”KeystoneBasic.create_user_set_enabled_and_delete”[1].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_user_set_enabled_and_delete”[1].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_user_set_enabled_and_delete”[1].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_user_set_enabled_and_delete”[1].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.create_user_update_password”[0].args
Type: object
Description:
{}
conf.rally_tests.tests.”KeystoneBasic.create_user_update_password”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_user_update_password”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.create_user_update_password”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.create_user_update_password”[0].sla.failure_rate.max
Type: int
Description:
0
conf.rally_tests.tests.”KeystoneBasic.get_entities”[0].runner.concurrency
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.get_entities”[0].runner.times
Type: int
Description:
1
conf.rally_tests.tests.”KeystoneBasic.get_entities”[0].runner.type
Type: string
Description:
“constant”
conf.rally_tests.tests.”KeystoneBasic.get_entities”[0].sla.failure_rate.max
Type: int
Description:
0
conf.security
Type: string
Description:
# # Disable access to the entire file system except for the directories that # are explicitly allowed later. # # This currently breaks the configurations that come with some web application # Debian packages. # #<Directory /> # AllowOverride None # Require all denied #</Directory> # Changing the following options will not really affect the security of the # server, but might make attacks slightly more difficult in some cases. # # ServerTokens # This directive configures what you return as the Server HTTP response # Header. The default is 'Full' which sends information about the OS-Type # and compiled in modules. # Set to one of: Full | OS | Minimal | Minor | Major | Prod # where Full conveys the most information, and Prod the least. ServerTokens Prod # # Optionally add a line containing the server version and virtual host # name to server-generated pages (internal error documents, FTP directory # listings, mod_status and mod_info output etc., but not CGI generated # documents or custom error documents). # Set to \"EMail\" to also include a mailto: link to the ServerAdmin. # Set to one of: On | Off | EMail ServerSignature Off # # Allow TRACE method # # Set to \"extended\" to also reflect the request body (only for testing and # diagnostic purposes). # # Set to one of: On | Off | extended TraceEnable Off # # Forbid access to version control directories # # If you use version control systems in your document root, you should # probably deny access to their directories. For example, for subversion: # #<DirectoryMatch \"/\\.svn\"> # Require all denied #</DirectoryMatch> # # Setting this header will prevent MSIE from interpreting files as something # else than declared by the content type in the HTTP headers. # Requires mod_headers to be enabled. # #Header set X-Content-Type-Options: \"nosniff\" # # Setting this header will prevent other sites from embedding pages from this # site as frames. This defends against clickjacking attacks. # Requires mod_headers to be enabled. # #Header set X-Frame-Options: \"sameorigin\"conf.software.apache2.a2dismod
Type: string
Description:
nil
conf.software.apache2.a2enmod
Type: string
Description:
nil
conf.software.apache2.binary
Type: string
Description:
“apache2”
conf.software.apache2.conf_dir
Type: string
Description:
“/etc/apache2/conf-enabled”
conf.software.apache2.mods_dir
Type: string
Description:
“/etc/apache2/mods-available”
conf.software.apache2.site_dir
Type: string
Description:
“/etc/apache2/sites-enable”
conf.software.apache2.start_parameters
Type: string
Description:
“-DFOREGROUND”
conf.sso_callback_template
Type: string
Description:
<!DOCTYPE html> <html xmlns=\"http://www.w3.org/1999/xhtml\"> <head> <title>Keystone WebSSO redirect</title> </head> <body> <form id=\"sso\" name=\"sso\" action=\"$host\" method=\"post\"> Please wait... <br/> <input type=\"hidden\" name=\"token\" id=\"token\" value=\"$token\"/> <noscript> <input type=\"submit\" name=\"submit_no_javascript\" id=\"submit_no_javascript\" value=\"If your JavaScript is disabled, please click to continue\"/> </noscript> </form> <script type=\"text/javascript\"> window.onload = function() { document.forms['sso'].submit(); } </script> </body> </html>conf.wsgi_keystone
Type: string
Description:
{{- $portInt := tuple \"identity\" \"service\" \"api\" $ | include \"helm-toolkit.endpoints.endpoint_port_lookup\" }} Listen 0.0.0.0:{{ $portInt }} LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\"\" combined LogFormat \"%{X-Forwarded-For}i %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\"\" proxy SetEnvIf X-Forwarded-For \"^.*\\..*\\..*\\..*\" forwarded CustomLog /dev/stdout combined env=!forwarded CustomLog /dev/stdout proxy env=forwarded <VirtualHost *:{{ $portInt }}> WSGIDaemonProcess keystone-public processes=1 threads=1 user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-public WSGIScriptAlias / /var/www/cgi-bin/keystone/keystone-wsgi-public WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On <IfVersion >= 2.4> ErrorLogFormat \"%{cu}t %M\" </IfVersion> ErrorLog /dev/stdout SetEnvIf X-Forwarded-For \"^.*\\..*\\..*\\..*\" forwarded CustomLog /dev/stdout combined env=!forwarded CustomLog /dev/stdout proxy env=forwarded </VirtualHost>dependencies.dynamic.common.local_image_registry.jobs[0]
Type: string
Description:
“keystone-image-repo-sync”
dependencies.dynamic.common.local_image_registry.services[0].endpoint
Type: string
Description:
“node”
dependencies.dynamic.common.local_image_registry.services[0].service
Type: string
Description:
“local_image_registry”
dependencies.dynamic.rabbit_init.services[0].endpoint
Type: string
Description:
“internal”
dependencies.dynamic.rabbit_init.services[0].service
Type: string
Description:
“oslo_messaging”
dependencies.static.api.jobs[0]
Type: string
Description:
“keystone-db-sync”
dependencies.static.api.jobs[1]
Type: string
Description:
“keystone-credential-setup”
dependencies.static.api.jobs[2]
Type: string
Description:
“keystone-fernet-setup”
dependencies.static.api.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.api.services[0].service
Type: string
Description:
“oslo_cache”
dependencies.static.api.services[1].endpoint
Type: string
Description:
“internal”
dependencies.static.api.services[1].service
Type: string
Description:
“oslo_db”
dependencies.static.bootstrap.jobs[0]
Type: string
Description:
“keystone-domain-manage”
dependencies.static.bootstrap.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.bootstrap.services[0].service
Type: string
Description:
“identity”
dependencies.static.credential_cleanup.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.credential_cleanup.services[0].service
Type: string
Description:
“oslo_db”
dependencies.static.credential_rotate.jobs[0]
Type: string
Description:
“keystone-credential-setup”
dependencies.static.credential_setup
Type: string
Description:
nil
dependencies.static.db_drop.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.db_drop.services[0].service
Type: string
Description:
“oslo_db”
dependencies.static.db_init.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.db_init.services[0].service
Type: string
Description:
“oslo_db”
dependencies.static.db_sync.jobs[0]
Type: string
Description:
“keystone-db-init”
dependencies.static.db_sync.jobs[1]
Type: string
Description:
“keystone-credential-setup”
dependencies.static.db_sync.jobs[2]
Type: string
Description:
“keystone-fernet-setup”
dependencies.static.db_sync.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.db_sync.services[0].service
Type: string
Description:
“oslo_db”
dependencies.static.domain_manage.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.domain_manage.services[0].service
Type: string
Description:
“identity”
dependencies.static.fernet_rotate.jobs[0]
Type: string
Description:
“keystone-fernet-setup”
dependencies.static.fernet_setup
Type: string
Description:
nil
dependencies.static.image_repo_sync.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.image_repo_sync.services[0].service
Type: string
Description:
“local_image_registry”
dependencies.static.tests.services[0].endpoint
Type: string
Description:
“internal”
dependencies.static.tests.services[0].service
Type: string
Description:
“identity”
endpoints.cluster_domain_suffix
Type: string
Description:
“cluster.local”
endpoints.fluentd.host_fqdn_override.default
Type: string
Description:
nil
endpoints.fluentd.hosts.default
Type: string
Description:
“fluentd-logging”
endpoints.fluentd.name
Type: string
Description:
“fluentd”
endpoints.fluentd.namespace
Type: string
Description:
nil
endpoints.fluentd.path.default
Type: string
Description:
nil
endpoints.fluentd.port.metrics.default
Type: int
Description:
24220
endpoints.fluentd.port.service.default
Type: int
Description:
24224
endpoints.fluentd.scheme
Type: string
Description:
“http”
endpoints.identity.auth.admin.default_domain_id
Type: string
Description:
“default”
endpoints.identity.auth.admin.password
Type: string
Description:
“password”
endpoints.identity.auth.admin.project_domain_name
Type: string
Description:
“default”
endpoints.identity.auth.admin.project_name
Type: string
Description:
“admin”
endpoints.identity.auth.admin.region_name
Type: string
Description:
“RegionOne”
endpoints.identity.auth.admin.user_domain_name
Type: string
Description:
“default”
endpoints.identity.auth.admin.username
Type: string
Description:
“admin”
endpoints.identity.auth.test.default_domain_id
Type: string
Description:
“default”
endpoints.identity.auth.test.password
Type: string
Description:
“password”
endpoints.identity.auth.test.project_domain_name
Type: string
Description:
“default”
endpoints.identity.auth.test.project_name
Type: string
Description:
“test”
endpoints.identity.auth.test.region_name
Type: string
Description:
“RegionOne”
endpoints.identity.auth.test.role
Type: string
Description:
“admin”
endpoints.identity.auth.test.user_domain_name
Type: string
Description:
“default”
endpoints.identity.auth.test.username
Type: string
Description:
“keystone-test”
endpoints.identity.host_fqdn_override.default
Type: string
Description:
nil
endpoints.identity.hosts.default
Type: string
Description:
“keystone”
endpoints.identity.hosts.internal
Type: string
Description:
“keystone-api”
endpoints.identity.name
Type: string
Description:
“keystone”
endpoints.identity.namespace
Type: string
Description:
nil
endpoints.identity.path.default
Type: string
Description:
“/v3”
endpoints.identity.port.api.default
Type: int
Description:
80
endpoints.identity.port.api.internal
Type: int
Description:
5000
endpoints.identity.port.api.service
Type: int
Description:
5000
endpoints.identity.scheme.default
Type: string
Description:
“http”
endpoints.identity.scheme.service
Type: string
Description:
“http”
endpoints.ingress.hosts.default
Type: string
Description:
“ingress”
endpoints.ingress.name
Type: string
Description:
“ingress”
endpoints.ingress.namespace
Type: string
Description:
nil
endpoints.ingress.port.ingress.default
Type: int
Description:
80
endpoints.kube_dns.host_fqdn_override.default
Type: string
Description:
nil
endpoints.kube_dns.hosts.default
Type: string
Description:
“kube-dns”
endpoints.kube_dns.name
Type: string
Description:
“kubernetes-dns”
endpoints.kube_dns.namespace
Type: string
Description:
“kube-system”
endpoints.kube_dns.path.default
Type: string
Description:
nil
endpoints.kube_dns.port.dns.default
Type: int
Description:
53
endpoints.kube_dns.port.dns.protocol
Type: string
Description:
“UDP”
endpoints.kube_dns.scheme
Type: string
Description:
“http”
endpoints.ldap.auth.client.tls.ca
Type: string
Description:
nil
endpoints.local_image_registry.host_fqdn_override.default
Type: string
Description:
nil
endpoints.local_image_registry.hosts.default
Type: string
Description:
“localhost”
endpoints.local_image_registry.hosts.internal
Type: string
Description:
“docker-registry”
endpoints.local_image_registry.hosts.node
Type: string
Description:
“localhost”
endpoints.local_image_registry.name
Type: string
Description:
“docker-registry”
endpoints.local_image_registry.namespace
Type: string
Description:
“docker-registry”
endpoints.local_image_registry.port.registry.node
Type: int
Description:
5000
endpoints.oci_image_registry.auth.enabled
Type: bool
Description:
false
endpoints.oci_image_registry.auth.keystone.password
Type: string
Description:
“password”
endpoints.oci_image_registry.auth.keystone.username
Type: string
Description:
“keystone”
endpoints.oci_image_registry.host_fqdn_override.default
Type: string
Description:
nil
endpoints.oci_image_registry.hosts.default
Type: string
Description:
“localhost”
endpoints.oci_image_registry.name
Type: string
Description:
“oci-image-registry”
endpoints.oci_image_registry.namespace
Type: string
Description:
“oci-image-registry”
endpoints.oci_image_registry.port.registry.default
Type: string
Description:
nil
endpoints.oslo_cache.host_fqdn_override.default
Type: string
Description:
nil
endpoints.oslo_cache.hosts.default
Type: string
Description:
“memcached”
endpoints.oslo_cache.namespace
Type: string
Description:
nil
endpoints.oslo_cache.port.memcache.default
Type: int
Description:
11211
endpoints.oslo_db.auth.admin.password
Type: string
Description:
“password”
endpoints.oslo_db.auth.admin.secret.tls.internal
Type: string
Description:
“mariadb-tls-direct”
endpoints.oslo_db.auth.admin.username
Type: string
Description:
“root”
endpoints.oslo_db.auth.keystone.password
Type: string
Description:
“password”
endpoints.oslo_db.auth.keystone.username
Type: string
Description:
“keystone”
endpoints.oslo_db.host_fqdn_override.default
Type: string
Description:
nil
endpoints.oslo_db.hosts.default
Type: string
Description:
“mariadb”
endpoints.oslo_db.namespace
Type: string
Description:
nil
endpoints.oslo_db.path
Type: string
Description:
“/keystone”
endpoints.oslo_db.port.mysql.default
Type: int
Description:
3306
endpoints.oslo_db.scheme
Type: string
Description:
“mysql+pymysql”
endpoints.oslo_messaging.auth.admin.password
Type: string
Description:
“password”
endpoints.oslo_messaging.auth.admin.secret.tls.internal
Type: string
Description:
“rabbitmq-tls-direct”
endpoints.oslo_messaging.auth.admin.username
Type: string
Description:
“rabbitmq”
endpoints.oslo_messaging.auth.keystone.password
Type: string
Description:
“password”
endpoints.oslo_messaging.auth.keystone.username
Type: string
Description:
“keystone”
endpoints.oslo_messaging.host_fqdn_override.default
Type: string
Description:
nil
endpoints.oslo_messaging.hosts.default
Type: string
Description:
“rabbitmq”
endpoints.oslo_messaging.namespace
Type: string
Description:
nil
endpoints.oslo_messaging.path
Type: string
Description:
“/keystone”
endpoints.oslo_messaging.port.amqp.default
Type: int
Description:
5672
endpoints.oslo_messaging.port.http.default
Type: int
Description:
15672
endpoints.oslo_messaging.scheme
Type: string
Description:
“rabbit”
endpoints.oslo_messaging.statefulset.name
Type: string
Description:
“rabbitmq-rabbitmq”
endpoints.oslo_messaging.statefulset.replicas
Type: int
Description:
2
helm3_hook
Type: bool
Description:
true
images.local_registry.active
Type: bool
Description:
false
images.local_registry.exclude[0]
Type: string
Description:
“dep_check”
images.local_registry.exclude[1]
Type: string
Description:
“image_repo_sync”
images.pull_policy
Type: string
Description:
“IfNotPresent”
images.tags.bootstrap
Type: string
Description:
“docker.io/openstackhelm/heat:2024.1-ubuntu_jammy”
images.tags.db_drop
Type: string
Description:
“docker.io/openstackhelm/heat:2024.1-ubuntu_jammy”
images.tags.db_init
Type: string
Description:
“docker.io/openstackhelm/heat:2024.1-ubuntu_jammy”
images.tags.dep_check
Type: string
Description:
“quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal”
images.tags.image_repo_sync
Type: string
Description:
“docker.io/docker:17.07.0”
images.tags.keystone_api
Type: string
Description:
“docker.io/openstackhelm/keystone:2024.1-ubuntu_jammy”
images.tags.keystone_credential_cleanup
Type: string
Description:
“docker.io/openstackhelm/heat:2024.1-ubuntu_jammy”
images.tags.keystone_credential_rotate
Type: string
Description:
“docker.io/openstackhelm/keystone:2024.1-ubuntu_jammy”
images.tags.keystone_credential_setup
Type: string
Description:
“docker.io/openstackhelm/keystone:2024.1-ubuntu_jammy”
images.tags.keystone_db_sync
Type: string
Description:
“docker.io/openstackhelm/keystone:2024.1-ubuntu_jammy”
images.tags.keystone_domain_manage
Type: string
Description:
“docker.io/openstackhelm/keystone:2024.1-ubuntu_jammy”
images.tags.keystone_fernet_rotate
Type: string
Description:
“docker.io/openstackhelm/keystone:2024.1-ubuntu_jammy”
images.tags.keystone_fernet_setup
Type: string
Description:
“docker.io/openstackhelm/keystone:2024.1-ubuntu_jammy”
images.tags.ks_user
Type: string
Description:
“docker.io/openstackhelm/heat:2024.1-ubuntu_jammy”
images.tags.rabbit_init
Type: string
Description:
“docker.io/rabbitmq:3.13-management”
images.tags.test
Type: string
Description:
“docker.io/xrally/xrally-openstack:2.0.0”
jobs.credential_rotate.cron
Type: string
Description:
“0 0 1 * *”
jobs.credential_rotate.group
Type: string
Description:
“keystone”
jobs.credential_rotate.history.failed
Type: int
Description:
1
jobs.credential_rotate.history.success
Type: int
Description:
3
jobs.credential_rotate.migrate_wait
Type: int
Description:
120
jobs.credential_rotate.user
Type: string
Description:
“keystone”
jobs.credential_setup.group
Type: string
Description:
“keystone”
jobs.credential_setup.user
Type: string
Description:
“keystone”
jobs.fernet_rotate.cron
Type: string
Description:
“0 */12 * * *”
jobs.fernet_rotate.group
Type: string
Description:
“keystone”
jobs.fernet_rotate.history.failed
Type: int
Description:
1
jobs.fernet_rotate.history.success
Type: int
Description:
3
jobs.fernet_rotate.user
Type: string
Description:
“keystone”
jobs.fernet_setup.group
Type: string
Description:
“keystone”
jobs.fernet_setup.user
Type: string
Description:
“keystone”
labels.api.node_selector_key
Type: string
Description:
“openstack-control-plane”
labels.api.node_selector_value
Type: string
Description:
“enabled”
labels.job.node_selector_key
Type: string
Description:
“openstack-control-plane”
labels.job.node_selector_value
Type: string
Description:
“enabled”
labels.test.node_selector_key
Type: string
Description:
“openstack-control-plane”
labels.test.node_selector_value
Type: string
Description:
“enabled”
manifests.certificates
Type: bool
Description:
false
manifests.configmap_bin
Type: bool
Description:
true
manifests.configmap_etc
Type: bool
Description:
true
manifests.cron_credential_rotate
Type: bool
Description:
true
manifests.cron_fernet_rotate
Type: bool
Description:
true
manifests.deployment_api
Type: bool
Description:
true
manifests.ingress_api
Type: bool
Description:
true
manifests.job_bootstrap
Type: bool
Description:
true
manifests.job_credential_cleanup
Type: bool
Description:
true
manifests.job_credential_setup
Type: bool
Description:
true
manifests.job_db_drop
Type: bool
Description:
false
manifests.job_db_init
Type: bool
Description:
true
manifests.job_db_sync
Type: bool
Description:
true
manifests.job_domain_manage
Type: bool
Description:
true
manifests.job_fernet_setup
Type: bool
Description:
true
manifests.job_image_repo_sync
Type: bool
Description:
true
manifests.job_rabbit_init
Type: bool
Description:
true
manifests.network_policy
Type: bool
Description:
false
manifests.pdb_api
Type: bool
Description:
true
manifests.pod_rally_test
Type: bool
Description:
true
manifests.secret_credential_keys
Type: bool
Description:
true
manifests.secret_db
Type: bool
Description:
true
manifests.secret_fernet_keys
Type: bool
Description:
true
manifests.secret_ingress_tls
Type: bool
Description:
true
manifests.secret_keystone
Type: bool
Description:
true
manifests.secret_rabbitmq
Type: bool
Description:
true
manifests.secret_registry
Type: bool
Description:
true
manifests.service_api
Type: bool
Description:
true
manifests.service_ingress_api
Type: bool
Description:
true
network.admin.node_port.enabled
Type: bool
Description:
false
network.admin.node_port.port
Type: int
Description:
30357
network.api.external_policy_local
Type: bool
Description:
false
network.api.ingress.annotations.”nginx.ingress.kubernetes.io/rewrite-target”
Type: string
Description:
“/”
network.api.ingress.classes.cluster
Type: string
Description:
“nginx-cluster”
network.api.ingress.classes.namespace
Type: string
Description:
“nginx”
network.api.ingress.public
Type: bool
Description:
true
network.api.node_port.enabled
Type: bool
Description:
false
network.api.node_port.port
Type: int
Description:
30500
network_policy.keystone.egress[0]
Type: object
Description:
{}
network_policy.keystone.ingress[0]
Type: object
Description:
{}
pod.affinity.anti.topologyKey.default
Type: string
Description:
“kubernetes.io/hostname”
pod.affinity.anti.type.default
Type: string
Description:
“preferredDuringSchedulingIgnoredDuringExecution”
pod.affinity.anti.weight.default
Type: int
Description:
10
pod.lifecycle.disruption_budget.api.min_available
Type: int
Description:
0
pod.lifecycle.termination_grace_period.api.timeout
Type: int
Description:
30
pod.lifecycle.upgrades.deployments.pod_replacement_strategy
Type: string
Description:
“RollingUpdate”
pod.lifecycle.upgrades.deployments.revision_history
Type: int
Description:
3
pod.lifecycle.upgrades.deployments.rolling_update.max_surge
Type: int
Description:
3
pod.lifecycle.upgrades.deployments.rolling_update.max_unavailable
Type: int
Description:
1
pod.mounts.keystone_api.init_container
Type: string
Description:
nil
pod.mounts.keystone_api.keystone_api.volumeMounts
Type: string
Description:
nil
pod.mounts.keystone_api.keystone_api.volumes
Type: string
Description:
nil
pod.mounts.keystone_bootstrap.init_container
Type: string
Description:
nil
pod.mounts.keystone_bootstrap.keystone_bootstrap.volumeMounts
Type: string
Description:
nil
pod.mounts.keystone_bootstrap.keystone_bootstrap.volumes
Type: string
Description:
nil
pod.mounts.keystone_credential_cleanup.init_container
Type: string
Description:
nil
pod.mounts.keystone_credential_cleanup.keystone_credential_cleanup.volumeMounts
Type: string
Description:
nil
pod.mounts.keystone_credential_cleanup.keystone_credential_cleanup.volumes
Type: string
Description:
nil
pod.mounts.keystone_credential_rotate.init_container
Type: string
Description:
nil
pod.mounts.keystone_credential_rotate.keystone_credential_rotate.volumeMounts
Type: string
Description:
nil
pod.mounts.keystone_credential_rotate.keystone_credential_rotate.volumes
Type: string
Description:
nil
pod.mounts.keystone_credential_setup.init_container
Type: string
Description:
nil
pod.mounts.keystone_credential_setup.keystone_credential_setup.volumeMounts
Type: string
Description:
nil
pod.mounts.keystone_credential_setup.keystone_credential_setup.volumes
Type: string
Description:
nil
pod.mounts.keystone_db_init.init_container
Type: string
Description:
nil
pod.mounts.keystone_db_init.keystone_db_init.volumeMounts
Type: string
Description:
nil
pod.mounts.keystone_db_init.keystone_db_init.volumes
Type: string
Description:
nil
pod.mounts.keystone_db_sync.init_container
Type: string
Description:
nil
pod.mounts.keystone_db_sync.keystone_db_sync.volumeMounts
Type: string
Description:
nil
pod.mounts.keystone_db_sync.keystone_db_sync.volumes
Type: string
Description:
nil
pod.mounts.keystone_domain_manage.init_container
Type: string
Description:
nil
pod.mounts.keystone_domain_manage.keystone_domain_manage.volumeMounts
Type: string
Description:
nil
pod.mounts.keystone_domain_manage.keystone_domain_manage.volumes
Type: string
Description:
nil
pod.mounts.keystone_fernet_rotate.init_container
Type: string
Description:
nil
pod.mounts.keystone_fernet_rotate.keystone_fernet_rotate.volumeMounts
Type: string
Description:
nil
pod.mounts.keystone_fernet_rotate.keystone_fernet_rotate.volumes
Type: string
Description:
nil
pod.mounts.keystone_fernet_setup.init_container
Type: string
Description:
nil
pod.mounts.keystone_fernet_setup.keystone_fernet_setup.volumeMounts
Type: string
Description:
nil
pod.mounts.keystone_fernet_setup.keystone_fernet_setup.volumes
Type: string
Description:
nil
pod.mounts.keystone_tests.init_container
Type: string
Description:
nil
pod.mounts.keystone_tests.keystone_tests.volumeMounts
Type: string
Description:
nil
pod.mounts.keystone_tests.keystone_tests.volumes
Type: string
Description:
nil
pod.probes.api.api.liveness.enabled
Type: bool
Description:
true
pod.probes.api.api.liveness.params.initialDelaySeconds
Type: int
Description:
50
pod.probes.api.api.liveness.params.periodSeconds
Type: int
Description:
60
pod.probes.api.api.liveness.params.timeoutSeconds
Type: int
Description:
15
pod.probes.api.api.readiness.enabled
Type: bool
Description:
true
pod.probes.api.api.readiness.params.initialDelaySeconds
Type: int
Description:
15
pod.probes.api.api.readiness.params.periodSeconds
Type: int
Description:
60
pod.probes.api.api.readiness.params.timeoutSeconds
Type: int
Description:
15
pod.replicas.api
Type: int
Description:
1
pod.resources.api.limits.cpu
Type: string
Description:
“2000m”
pod.resources.api.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.api.requests.cpu
Type: string
Description:
“100m”
pod.resources.api.requests.memory
Type: string
Description:
“128Mi”
pod.resources.enabled
Type: bool
Description:
false
pod.resources.jobs.bootstrap.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.bootstrap.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.bootstrap.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.bootstrap.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.credential_cleanup.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.credential_cleanup.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.credential_cleanup.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.credential_cleanup.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.credential_rotate.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.credential_rotate.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.credential_rotate.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.credential_rotate.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.credential_setup.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.credential_setup.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.credential_setup.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.credential_setup.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.db_drop.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.db_drop.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.db_drop.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.db_drop.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.db_init.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.db_init.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.db_init.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.db_init.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.db_sync.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.db_sync.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.db_sync.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.db_sync.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.domain_manage.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.domain_manage.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.domain_manage.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.domain_manage.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.fernet_rotate.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.fernet_rotate.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.fernet_rotate.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.fernet_rotate.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.fernet_setup.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.fernet_setup.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.fernet_setup.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.fernet_setup.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.image_repo_sync.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.image_repo_sync.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.image_repo_sync.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.image_repo_sync.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.rabbit_init.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.rabbit_init.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.rabbit_init.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.rabbit_init.requests.memory
Type: string
Description:
“128Mi”
pod.resources.jobs.tests.limits.cpu
Type: string
Description:
“2000m”
pod.resources.jobs.tests.limits.memory
Type: string
Description:
“1024Mi”
pod.resources.jobs.tests.requests.cpu
Type: string
Description:
“100m”
pod.resources.jobs.tests.requests.memory
Type: string
Description:
“128Mi”
pod.security_context.credential_setup.container.keystone_credential_setup.allowPrivilegeEscalation
Type: bool
Description:
false
pod.security_context.credential_setup.container.keystone_credential_setup.readOnlyRootFilesystem
Type: bool
Description:
true
pod.security_context.credential_setup.pod.runAsUser
Type: int
Description:
42424
pod.security_context.domain_manage.container.keystone_domain_manage.allowPrivilegeEscalation
Type: bool
Description:
false
pod.security_context.domain_manage.container.keystone_domain_manage.readOnlyRootFilesystem
Type: bool
Description:
true
pod.security_context.domain_manage.container.keystone_domain_manage_init.allowPrivilegeEscalation
Type: bool
Description:
false
pod.security_context.domain_manage.container.keystone_domain_manage_init.readOnlyRootFilesystem
Type: bool
Description:
true
pod.security_context.domain_manage.pod.runAsUser
Type: int
Description:
42424
pod.security_context.fernet_rotate.container.keystone_fernet_rotate.allowPrivilegeEscalation
Type: bool
Description:
false
pod.security_context.fernet_rotate.container.keystone_fernet_rotate.readOnlyRootFilesystem
Type: bool
Description:
true
pod.security_context.fernet_rotate.pod.runAsUser
Type: int
Description:
42424
pod.security_context.fernet_setup.container.keystone_fernet_setup.allowPrivilegeEscalation
Type: bool
Description:
false
pod.security_context.fernet_setup.container.keystone_fernet_setup.readOnlyRootFilesystem
Type: bool
Description:
true
pod.security_context.fernet_setup.pod.runAsUser
Type: int
Description:
42424
pod.security_context.keystone.container.keystone_api.allowPrivilegeEscalation
Type: bool
Description:
false
pod.security_context.keystone.container.keystone_api.readOnlyRootFilesystem
Type: bool
Description:
true
pod.security_context.keystone.pod.runAsUser
Type: int
Description:
42424
pod.security_context.test.container.keystone_test.allowPrivilegeEscalation
Type: bool
Description:
false
pod.security_context.test.container.keystone_test.readOnlyRootFilesystem
Type: bool
Description:
true
pod.security_context.test.container.keystone_test.runAsUser
Type: int
Description:
65500
pod.security_context.test.container.keystone_test_ks_user.allowPrivilegeEscalation
Type: bool
Description:
false
pod.security_context.test.container.keystone_test_ks_user.readOnlyRootFilesystem
Type: bool
Description:
true
pod.security_context.test.pod.runAsUser
Type: int
Description:
42424
pod.tolerations.keystone.enabled
Type: bool
Description:
false
pod.tolerations.keystone.tolerations[0].effect
Type: string
Description:
“NoSchedule”
pod.tolerations.keystone.tolerations[0].key
Type: string
Description:
“node-role.kubernetes.io/master”
pod.tolerations.keystone.tolerations[0].operator
Type: string
Description:
“Exists”
pod.tolerations.keystone.tolerations[1].effect
Type: string
Description:
“NoSchedule”
pod.tolerations.keystone.tolerations[1].key
Type: string
Description:
“node-role.kubernetes.io/control-plane”
pod.tolerations.keystone.tolerations[1].operator
Type: string
Description:
“Exists”
release_group
Type: string
Description:
nil
secrets.identity.admin
Type: string
Description:
“keystone-keystone-admin”
secrets.identity.test
Type: string
Description:
“keystone-keystone-test”
secrets.ldap.tls
Type: string
Description:
“keystone-ldap-tls”
secrets.oci_image_registry.keystone
Type: string
Description:
“keystone-oci-image-registry”
secrets.oslo_db.admin
Type: string
Description:
“keystone-db-admin”
secrets.oslo_db.keystone
Type: string
Description:
“keystone-db-user”
secrets.oslo_messaging.admin
Type: string
Description:
“keystone-rabbitmq-admin”
secrets.oslo_messaging.keystone
Type: string
Description:
“keystone-rabbitmq-user”
secrets.tls.identity.api.internal
Type: string
Description:
“keystone-tls-api”
secrets.tls.identity.api.public
Type: string
Description:
“keystone-tls-public”
tls.identity
Type: bool
Description:
false
tls.oslo_db
Type: bool
Description:
false
tls.oslo_messaging
Type: bool
Description:
false