Add role specific information to the service template
[apex-tripleo-heat-templates.git] / puppet / services / heat-api-cloudwatch.yaml
1 heat_template_version: ocata
2
3 description: >
4   Openstack Heat CloudWatch API service configured with Puppet
5
6 parameters:
7   ServiceNetMap:
8     default: {}
9     description: Mapping of service_name -> network name. Typically set
10                  via parameter_defaults in the resource registry.  This
11                  mapping overrides those in ServiceNetMapDefaults.
12     type: json
13   DefaultPasswords:
14     default: {}
15     type: json
16   RoleName:
17     default: ''
18     description: Role name on which the service is applied
19     type: string
20   RoleParameters:
21     default: {}
22     description: Parameters specific to the role
23     type: json
24   EndpointMap:
25     default: {}
26     description: Mapping of service endpoint -> protocol. Typically set
27                  via parameter_defaults in the resource registry.
28     type: json
29   HeatWorkers:
30     default: 0
31     description: Number of workers for Heat service.
32     type: number
33   MonitoringSubscriptionHeatApiCloudwatch:
34     default: 'overcloud-heat-api-cloudwatch'
35     type: string
36   HeatApiCloudwatchLoggingSource:
37     type: json
38     default:
39       tag: openstack.heat.api.cloudwatch
40       path: /var/log/heat/heat-api-cloudwatch.log
41   EnableInternalTLS:
42     type: boolean
43     default: false
44
45 conditions:
46   heat_workers_zero: {equals : [{get_param: HeatWorkers}, 0]}
47
48 resources:
49
50   ApacheServiceBase:
51     type: ./apache.yaml
52     properties:
53       ServiceNetMap: {get_param: ServiceNetMap}
54       DefaultPasswords: {get_param: DefaultPasswords}
55       EndpointMap: {get_param: EndpointMap}
56       RoleName: {get_param: RoleName}
57       RoleParameters: {get_param: RoleParameters}
58       EnableInternalTLS: {get_param: EnableInternalTLS}
59
60   HeatBase:
61     type: ./heat-base.yaml
62     properties:
63       ServiceNetMap: {get_param: ServiceNetMap}
64       DefaultPasswords: {get_param: DefaultPasswords}
65       EndpointMap: {get_param: EndpointMap}
66       RoleName: {get_param: RoleName}
67       RoleParameters: {get_param: RoleParameters}
68
69 outputs:
70   role_data:
71     description: Role data for the Heat Cloudwatch API role.
72     value:
73       service_name: heat_api_cloudwatch
74       monitoring_subscription: {get_param: MonitoringSubscriptionHeatApiCloudwatch}
75       logging_source: {get_param: HeatApiCloudwatchLoggingSource}
76       logging_groups:
77         - heat
78       config_settings:
79         map_merge:
80           - get_attr: [HeatBase, role_data, config_settings]
81           - get_attr: [ApacheServiceBase, role_data, config_settings]
82           - tripleo.heat_api_cloudwatch.firewall_rules:
83               '125 heat_cloudwatch':
84                 dport:
85                   - 8003
86                   - 13003
87             heat::api_cloudwatch::bind_host:
88               get_param: [ServiceNetMap, HeatApiCloudwatchNetwork]
89             heat::wsgi::apache_api_cloudwatch::ssl: {get_param: EnableInternalTLS}
90             heat::api_cloudwatch::service_name: 'httpd'
91             # NOTE: bind IP is found in Heat replacing the network name with the local node IP
92             # for the given network; replacement examples (eg. for internal_api):
93             # internal_api -> IP
94             # internal_api_uri -> [IP]
95             # internal_api_subnet - > IP/CIDR
96             heat::wsgi::apache_api_cloudwatch::bind_host:
97               get_param: [ServiceNetMap, HeatApiCloudwatchNetwork]
98             heat::wsgi::apache_api_cloudwatch::servername:
99               str_replace:
100                 template:
101                   "%{hiera('fqdn_$NETWORK')}"
102                 params:
103                   $NETWORK: {get_param: [ServiceNetMap, HeatApiCloudwatchNetwork]}
104           -
105             if:
106             - heat_workers_zero
107             - {}
108             - heat::wsgi::apache_api_cloudwatch::workers: {get_param: HeatWorkers}
109       step_config: |
110         include ::tripleo::profile::base::heat::api_cloudwatch
111       upgrade_tasks:
112         - name: Check if heat_api_cloudwatch is deployed
113           command: systemctl is-enabled openstack-heat-api-cloudwatch
114           tags: common
115           ignore_errors: True
116           register: heat_api_cloudwatch_enabled
117         - name: "PreUpgrade step0,validation: Check service openstack-heat-api-cloudwatch is running"
118           shell: /usr/bin/systemctl show 'openstack-heat-api-cloudwatch' --property ActiveState | grep '\bactive\b'
119           when: heat_api_cloudwatch_enabled.rc == 0
120           tags: step0,validation
121         - name: check for heat_api_cloudwatch running under apache (post upgrade)
122           tags: step1
123           shell: "httpd -t -D DUMP_VHOSTS | grep -q heat_api_cloudwatch_wsgi"
124           register: heat_api_cloudwatch_apache
125           ignore_errors: true
126         - name: Stop heat_api_cloudwatch service (running under httpd)
127           tags: step1
128           service: name=httpd state=stopped
129           when: heat_api_cloudwatch_apache.rc == 0
130         - name: Stop and disable heat_api_cloudwatch service (pre-upgrade not under httpd)
131           tags: step1
132           when: heat_api_cloudwatch_enabled.rc == 0
133           service: name=openstack-heat-api-cloudwatch state=stopped enabled=no