docker/services/heat-api.yaml

   1 heat_template_version: pike
   2
   3 description: >
   4   OpenStack containerized Heat API service
   5
   6 parameters:
   7   DockerHeatApiImage:
   8     description: image
   9     type: string
  10   # puppet needs the heat-wsgi-api binary from centos-binary-heat-api
  11   DockerHeatApiConfigImage:
  12     description: The container image to use for the heat_api config_volume
  13     type: string
  14   EndpointMap:
  15     default: {}
  16     description: Mapping of service endpoint -> protocol. Typically set
  17                  via parameter_defaults in the resource registry.
  18     type: json
  19   ServiceData:
  20     default: {}
  21     description: Dictionary packing service data
  22     type: json
  23   ServiceNetMap:
  24     default: {}
  25     description: Mapping of service_name -> network name. Typically set
  26                  via parameter_defaults in the resource registry.  This
  27                  mapping overrides those in ServiceNetMapDefaults.
  28     type: json
  29   DefaultPasswords:
  30     default: {}
  31     type: json
  32   RoleName:
  33     default: ''
  34     description: Role name on which the service is applied
  35     type: string
  36   RoleParameters:
  37     default: {}
  38     description: Parameters specific to the role
  39     type: json
  40   EnableInternalTLS:
  41     type: boolean
  42     default: false
  43
  44 conditions:
  45
  46   internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
  47
  48 resources:
  49
  50   ContainersCommon:
  51     type: ./containers-common.yaml
  52
  53   HeatBase:
  54     type: ../../puppet/services/heat-api.yaml
  55     properties:
  56       EndpointMap: {get_param: EndpointMap}
  57       ServiceData: {get_param: ServiceData}
  58       ServiceNetMap: {get_param: ServiceNetMap}
  59       DefaultPasswords: {get_param: DefaultPasswords}
  60       RoleName: {get_param: RoleName}
  61       RoleParameters: {get_param: RoleParameters}
  62
  63 outputs:
  64   role_data:
  65     description: Role data for the Heat API role.
  66     value:
  67       service_name: {get_attr: [HeatBase, role_data, service_name]}
  68       config_settings:
  69         map_merge:
  70           - get_attr: [HeatBase, role_data, config_settings]
  71           - apache::default_vhost: false
  72       step_config: &step_config
  73         get_attr: [HeatBase, role_data, step_config]
  74       service_config_settings: {get_attr: [HeatBase, role_data, service_config_settings]}
  75       # BEGIN DOCKER SETTINGS
  76       puppet_config:
  77         config_volume: heat_api
  78         puppet_tags: heat_config,file,concat,file_line
  79         step_config: *step_config
  80         config_image: {get_param: DockerHeatApiConfigImage}
  81       kolla_config:
  82         /var/lib/kolla/config_files/heat_api.json:
  83           command: /usr/sbin/httpd -DFOREGROUND
  84           config_files:
  85             - source: "/var/lib/kolla/config_files/src/*"
  86               dest: "/"
  87               merge: true
  88               preserve_properties: true
  89           permissions:
  90             - path: /var/log/heat
  91               owner: heat:heat
  92               recurse: true
  93         /var/lib/kolla/config_files/heat_api_cron.json:
  94           command: /usr/sbin/crond -n
  95           config_files:
  96             - source: "/var/lib/kolla/config_files/src/*"
  97               dest: "/"
  98               merge: true
  99               preserve_properties: true
 100           permissions:
 101             - path: /var/log/heat
 102               owner: heat:heat
 103               recurse: true
 104       docker_config:
 105         step_4:
 106           heat_api:
 107             image: {get_param: DockerHeatApiImage}
 108             net: host
 109             privileged: false
 110             restart: always
 111             # NOTE(mandre) kolla image changes the user to 'heat', we need it
 112             # to be root to run httpd
 113             user: root
 114             volumes:
 115               list_concat:
 116                 - {get_attr: [ContainersCommon, volumes]}
 117                 -
 118                   - /var/lib/kolla/config_files/heat_api.json:/var/lib/kolla/config_files/config.json:ro
 119                   - /var/lib/config-data/puppet-generated/heat_api/:/var/lib/kolla/config_files/src:ro
 120                   - /var/log/containers/heat:/var/log/heat
 121                   -
 122                     if:
 123                       - internal_tls_enabled
 124                       - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
 125                       - ''
 126                   -
 127                     if:
 128                       - internal_tls_enabled
 129                       - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
 130                       - ''
 131             environment:
 132               - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
 133           heat_api_cron:
 134             image: {get_param: DockerHeatApiImage}
 135             net: host
 136             privileged: false
 137             restart: always
 138             volumes:
 139               list_concat:
 140                 - {get_attr: [ContainersCommon, volumes]}
 141                 -
 142                   - /var/lib/kolla/config_files/heat_api_cron.json:/var/lib/kolla/config_files/config.json:ro
 143                   - /var/lib/config-data/puppet-generated/heat_api/:/var/lib/kolla/config_files/src:ro
 144                   - /var/log/containers/heat:/var/log/heat
 145             environment:
 146               - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
 147       host_prep_tasks:
 148         - name: create persistent logs directory
 149           file:
 150             path: /var/log/containers/heat
 151             state: directory
 152       upgrade_tasks:
 153         - name: Check is heat_api is deployed
 154           command: systemctl is-enabled openstack-heat-api
 155           tags: common
 156           ignore_errors: True
 157           register: heat_api_enabled
 158         - name: check for heat_api running under apache (post upgrade)
 159           tags: step2
 160           shell: "httpd -t -D DUMP_VHOSTS | grep -q heat_api_wsgi"
 161           register: heat_api_apache
 162           ignore_errors: true
 163           changed_when: false
 164           check_mode: no
 165         - name: Stop heat_api service (running under httpd)
 166           tags: step2
 167           service: name=httpd state=stopped
 168           when: heat_api_apache.rc == 0
 169         - name: Stop and disable heat_api service (pre-upgrade not under httpd)
 170           tags: step2
 171           service: name=openstack-heat-api state=stopped enabled=no
 172           when: heat_api_enabled.rc == 0
 173       metadata_settings:
 174         get_attr: [HeatBase, role_data, metadata_settings]