puppet/services/heat-api-cloudwatch.yaml

   1 heat_template_version: ocata
   2
   3 description: >
   4   Openstack Heat CloudWatch API service configured with Puppet
   5
   6 parameters:
   7   ServiceNetMap:
   8     default: {}
   9     description: Mapping of service_name -> network name. Typically set
  10                  via parameter_defaults in the resource registry.  This
  11                  mapping overrides those in ServiceNetMapDefaults.
  12     type: json
  13   DefaultPasswords:
  14     default: {}
  15     type: json
  16   RoleName:
  17     default: ''
  18     description: Role name on which the service is applied
  19     type: string
  20   RoleParameters:
  21     default: {}
  22     description: Parameters specific to the role
  23     type: json
  24   EndpointMap:
  25     default: {}
  26     description: Mapping of service endpoint -> protocol. Typically set
  27                  via parameter_defaults in the resource registry.
  28     type: json
  29   HeatWorkers:
  30     default: 0
  31     description: Number of workers for Heat service.
  32     type: number
  33   MonitoringSubscriptionHeatApiCloudwatch:
  34     default: 'overcloud-heat-api-cloudwatch'
  35     type: string
  36   HeatApiCloudwatchLoggingSource:
  37     type: json
  38     default:
  39       tag: openstack.heat.api.cloudwatch
  40       path: /var/log/heat/heat-api-cloudwatch.log
  41   EnableInternalTLS:
  42     type: boolean
  43     default: false
  44
  45 conditions:
  46   heat_workers_zero: {equals : [{get_param: HeatWorkers}, 0]}
  47
  48 resources:
  49
  50   ApacheServiceBase:
  51     type: ./apache.yaml
  52     properties:
  53       ServiceNetMap: {get_param: ServiceNetMap}
  54       DefaultPasswords: {get_param: DefaultPasswords}
  55       EndpointMap: {get_param: EndpointMap}
  56       RoleName: {get_param: RoleName}
  57       RoleParameters: {get_param: RoleParameters}
  58       EnableInternalTLS: {get_param: EnableInternalTLS}
  59
  60   HeatBase:
  61     type: ./heat-base.yaml
  62     properties:
  63       ServiceNetMap: {get_param: ServiceNetMap}
  64       DefaultPasswords: {get_param: DefaultPasswords}
  65       EndpointMap: {get_param: EndpointMap}
  66       RoleName: {get_param: RoleName}
  67       RoleParameters: {get_param: RoleParameters}
  68
  69 outputs:
  70   role_data:
  71     description: Role data for the Heat Cloudwatch API role.
  72     value:
  73       service_name: heat_api_cloudwatch
  74       monitoring_subscription: {get_param: MonitoringSubscriptionHeatApiCloudwatch}
  75       logging_source: {get_param: HeatApiCloudwatchLoggingSource}
  76       logging_groups:
  77         - heat
  78       config_settings:
  79         map_merge:
  80           - get_attr: [HeatBase, role_data, config_settings]
  81           - get_attr: [ApacheServiceBase, role_data, config_settings]
  82           - tripleo.heat_api_cloudwatch.firewall_rules:
  83               '125 heat_cloudwatch':
  84                 dport:
  85                   - 8003
  86                   - 13003
  87             heat::api_cloudwatch::bind_host:
  88               get_param: [ServiceNetMap, HeatApiCloudwatchNetwork]
  89             heat::wsgi::apache_api_cloudwatch::ssl: {get_param: EnableInternalTLS}
  90             heat::api_cloudwatch::service_name: 'httpd'
  91             # NOTE: bind IP is found in Heat replacing the network name with the local node IP
  92             # for the given network; replacement examples (eg. for internal_api):
  93             # internal_api -> IP
  94             # internal_api_uri -> [IP]
  95             # internal_api_subnet - > IP/CIDR
  96             heat::wsgi::apache_api_cloudwatch::bind_host:
  97               get_param: [ServiceNetMap, HeatApiCloudwatchNetwork]
  98             heat::wsgi::apache_api_cloudwatch::servername:
  99               str_replace:
 100                 template:
 101                   "%{hiera('fqdn_$NETWORK')}"
 102                 params:
 103                   $NETWORK: {get_param: [ServiceNetMap, HeatApiCloudwatchNetwork]}
 104           -
 105             if:
 106             - heat_workers_zero
 107             - {}
 108             - heat::wsgi::apache_api_cloudwatch::workers: {get_param: HeatWorkers}
 109       step_config: |
 110         include ::tripleo::profile::base::heat::api_cloudwatch
 111       upgrade_tasks:
 112         - name: Check if heat_api_cloudwatch is deployed
 113           command: systemctl is-enabled openstack-heat-api-cloudwatch
 114           tags: common
 115           ignore_errors: True
 116           register: heat_api_cloudwatch_enabled
 117         - name: "PreUpgrade step0,validation: Check service openstack-heat-api-cloudwatch is running"
 118           shell: /usr/bin/systemctl show 'openstack-heat-api-cloudwatch' --property ActiveState | grep '\bactive\b'
 119           when: heat_api_cloudwatch_enabled.rc == 0
 120           tags: step0,validation
 121         - name: check for heat_api_cloudwatch running under apache (post upgrade)
 122           tags: step1
 123           shell: "httpd -t -D DUMP_VHOSTS | grep -q heat_api_cloudwatch_wsgi"
 124           register: heat_api_cloudwatch_apache
 125           ignore_errors: true
 126         - name: Stop heat_api_cloudwatch service (running under httpd)
 127           tags: step1
 128           service: name=httpd state=stopped
 129           when: heat_api_cloudwatch_apache.rc == 0
 130         - name: Stop and disable heat_api_cloudwatch service (pre-upgrade not under httpd)
 131           tags: step1
 132           when: heat_api_cloudwatch_enabled.rc == 0
 133           service: name=openstack-heat-api-cloudwatch state=stopped enabled=no