Code Review / apex-tripleo-heat-templates.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "Added release note for NeutronExternalNetworkBridge deprecation"
[apex-tripleo-heat-templates.git] / puppet / services / heat-api-cloudwatch.yaml
1 heat_template_version: ocata
2
3 description: >
4   Openstack Heat CloudWatch API service configured with Puppet
5
6 parameters:
7   ServiceNetMap:
8     default: {}
9     description: Mapping of service_name -> network name. Typically set
10                  via parameter_defaults in the resource registry.  This
11                  mapping overrides those in ServiceNetMapDefaults.
12     type: json
13   DefaultPasswords:
14     default: {}
15     type: json
16   EndpointMap:
17     default: {}
18     description: Mapping of service endpoint -> protocol. Typically set
19                  via parameter_defaults in the resource registry.
20     type: json
21   HeatWorkers:
22     default: 0
23     description: Number of workers for Heat service.
24     type: number
25   MonitoringSubscriptionHeatApiCloudwatch:
26     default: 'overcloud-heat-api-cloudwatch'
27     type: string
28   HeatApiCloudwatchLoggingSource:
29     type: json
30     default:
31       tag: openstack.heat.api.cloudwatch
32       path: /var/log/heat/heat-api-cloudwatch.log
33   EnableInternalTLS:
34     type: boolean
35     default: false
36
37 conditions:
38   heat_workers_zero: {equals : [{get_param: HeatWorkers}, 0]}
39
40 resources:
41
42   ApacheServiceBase:
43     type: ./apache.yaml
44     properties:
45       ServiceNetMap: {get_param: ServiceNetMap}
46       DefaultPasswords: {get_param: DefaultPasswords}
47       EndpointMap: {get_param: EndpointMap}
48       EnableInternalTLS: {get_param: EnableInternalTLS}
49
50   HeatBase:
51     type: ./heat-base.yaml
52     properties:
53       ServiceNetMap: {get_param: ServiceNetMap}
54       DefaultPasswords: {get_param: DefaultPasswords}
55       EndpointMap: {get_param: EndpointMap}
56
57 outputs:
58   role_data:
59     description: Role data for the Heat Cloudwatch API role.
60     value:
61       service_name: heat_api_cloudwatch
62       monitoring_subscription: {get_param: MonitoringSubscriptionHeatApiCloudwatch}
63       logging_source: {get_param: HeatApiCloudwatchLoggingSource}
64       logging_groups:
65         - heat
66       config_settings:
67         map_merge:
68           - get_attr: [HeatBase, role_data, config_settings]
69           - get_attr: [ApacheServiceBase, role_data, config_settings]
70           - tripleo.heat_api_cloudwatch.firewall_rules:
71               '125 heat_cloudwatch':
72                 dport:
73                   - 8003
74                   - 13003
75             heat::api_cloudwatch::bind_host:
76               get_param: [ServiceNetMap, HeatApiCloudwatchNetwork]
77             heat::wsgi::apache_api_cloudwatch::ssl: {get_param: EnableInternalTLS}
78             heat::api_cloudwatch::service_name: 'httpd'
79             # NOTE: bind IP is found in Heat replacing the network name with the local node IP
80             # for the given network; replacement examples (eg. for internal_api):
81             # internal_api -> IP
82             # internal_api_uri -> [IP]
83             # internal_api_subnet - > IP/CIDR
84             heat::wsgi::apache_api_cloudwatch::bind_host:
85               get_param: [ServiceNetMap, HeatApiCloudwatchNetwork]
86             heat::wsgi::apache_api_cloudwatch::servername:
87               str_replace:
88                 template:
89                   "%{hiera('fqdn_$NETWORK')}"
90                 params:
91                   $NETWORK: {get_param: [ServiceNetMap, HeatApiCloudwatchNetwork]}
92           -
93             if:
94             - heat_workers_zero
95             - {}
96             - heat::wsgi::apache_api_cloudwatch::workers: {get_param: HeatWorkers}
97       step_config: |
98         include ::tripleo::profile::base::heat::api_cloudwatch
99       upgrade_tasks:
100         - name: Check if heat_api_cloudwatch is deployed
101           command: systemctl is-enabled openstack-heat-api-cloudwatch
102           tags: common
103           ignore_errors: True
104           register: heat_api_cloudwatch_enabled
105         - name: "PreUpgrade step0,validation: Check service openstack-heat-api-cloudwatch is running"
106           shell: /usr/bin/systemctl show 'openstack-heat-api-cloudwatch' --property ActiveState | grep '\bactive\b'
107           when: heat_api_cloudwatch_enabled.rc == 0
108           tags: step0,validation
109         - name: check for heat_api_cloudwatch running under apache (post upgrade)
110           tags: step1
111           shell: "httpd -t -D DUMP_VHOSTS | grep -q heat_api_cloudwatch_wsgi"
112           register: heat_api_cloudwatch_apache
113           ignore_errors: true
114         - name: Stop heat_api_cloudwatch service (running under httpd)
115           tags: step1
116           service: name=httpd state=stopped
117           when: heat_api_cloudwatch_apache.rc == 0
118         - name: Stop and disable heat_api_cloudwatch service (pre-upgrade not under httpd)
119           tags: step1
120           when: heat_api_cloudwatch_enabled.rc == 0
121           service: name=openstack-heat-api-cloudwatch state=stopped enabled=no