puppet/services/heat-engine.yaml

   1 heat_template_version: pike
   2
   3 description: >
   4   Openstack Heat Engine service configured with Puppet
   5
   6 parameters:
   7   ServiceData:
   8     default: {}
   9     description: Dictionary packing service data
  10     type: json
  11   ServiceNetMap:
  12     default: {}
  13     description: Mapping of service_name -> network name. Typically set
  14                  via parameter_defaults in the resource registry.  This
  15                  mapping overrides those in ServiceNetMapDefaults.
  16     type: json
  17   DefaultPasswords:
  18     default: {}
  19     type: json
  20   RoleName:
  21     default: ''
  22     description: Role name on which the service is applied
  23     type: string
  24   RoleParameters:
  25     default: {}
  26     description: Parameters specific to the role
  27     type: json
  28   EndpointMap:
  29     default: {}
  30     description: Mapping of service endpoint -> protocol. Typically set
  31                  via parameter_defaults in the resource registry.
  32     type: json
  33   HeatEnableDBPurge:
  34     type: boolean
  35     default: true
  36     description: |
  37         Whether to create cron job for purging soft deleted rows in the Heat database.
  38   HeatWorkers:
  39     default: 0
  40     description: Number of workers for Heat service.
  41     type: number
  42   HeatPassword:
  43     description: The password for the Heat service and db account, used by the Heat services.
  44     type: string
  45     hidden: true
  46   HeatStackDomainAdminPassword:
  47     description: Password for heat_stack_domain_admin user.
  48     type: string
  49     hidden: true
  50   HeatAuthEncryptionKey:
  51     description: Auth encryption key for heat-engine
  52     type: string
  53     hidden: true
  54     default: ''
  55   MonitoringSubscriptionHeatEngine:
  56     default: 'overcloud-heat-engine'
  57     type: string
  58   HeatEngineLoggingSource:
  59     type: json
  60     default:
  61       tag: openstack.heat.engine
  62       path: /var/log/heat/heat-engine.log
  63   HeatConvergenceEngine:
  64     type: boolean
  65     default: true
  66     description: Enables the heat engine with the convergence architecture.
  67   HeatMaxResourcesPerStack:
  68     type: number
  69     default: 1000
  70     description: Maximum resources allowed per top-level stack. -1 stands for unlimited.
  71
  72
  73 resources:
  74   HeatBase:
  75     type: ./heat-base.yaml
  76     properties:
  77       ServiceData: {get_param: ServiceData}
  78       ServiceNetMap: {get_param: ServiceNetMap}
  79       DefaultPasswords: {get_param: DefaultPasswords}
  80       EndpointMap: {get_param: EndpointMap}
  81       RoleName: {get_param: RoleName}
  82       RoleParameters: {get_param: RoleParameters}
  83
  84 outputs:
  85   role_data:
  86     description: Role data for the Heat Engine role.
  87     value:
  88       service_name: heat_engine
  89       monitoring_subscription: {get_param: MonitoringSubscriptionHeatEngine}
  90       logging_source: {get_param: HeatEngineLoggingSource}
  91       logging_groups:
  92         - heat
  93       config_settings:
  94         map_merge:
  95           - get_attr: [HeatBase, role_data, config_settings]
  96           - heat::engine::num_engine_workers: {get_param: HeatWorkers}
  97             heat::engine::configure_delegated_roles: false
  98             heat::engine::trusts_delegated_roles: []
  99             heat::engine::max_nested_stack_depth: 6
 100             heat::engine::max_resources_per_stack: {get_param: HeatMaxResourcesPerStack}
 101             heat::engine::heat_metadata_server_url:
 102               make_url:
 103                 scheme: {get_param: [EndpointMap, HeatCfnPublic, protocol]}
 104                 host: {get_param: [EndpointMap, HeatCfnPublic, host]}
 105                 port: {get_param: [EndpointMap, HeatCfnPublic, port]}
 106             heat::engine::heat_waitcondition_server_url:
 107               make_url:
 108                 scheme: {get_param: [EndpointMap, HeatCfnPublic, protocol]}
 109                 host: {get_param: [EndpointMap, HeatCfnPublic, host]}
 110                 port: {get_param: [EndpointMap, HeatCfnPublic, port]}
 111                 path: /v1/waitcondition
 112             heat::engine::convergence_engine: {get_param: HeatConvergenceEngine}
 113             tripleo::profile::base::heat::manage_db_purge: {get_param: HeatEnableDBPurge}
 114             heat::database_connection:
 115               make_url:
 116                 scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
 117                 username: heat
 118                 password: {get_param: HeatPassword}
 119                 host: {get_param: [EndpointMap, MysqlInternal, host]}
 120                 path: /heat
 121                 query:
 122                   read_default_file: /etc/my.cnf.d/tripleo.cnf
 123                   read_default_group: tripleo
 124             heat::keystone_ec2_uri:
 125               list_join:
 126               - ''
 127               - - {get_param: [EndpointMap, KeystoneV3Internal, uri]}
 128                 - '/ec2tokens'
 129             heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword}
 130             heat::engine::auth_encryption_key:
 131               yaql:
 132                 expression: $.data.passwords.where($ != '').first()
 133                 data:
 134                   passwords:
 135                     - {get_param: HeatAuthEncryptionKey}
 136                     - {get_param: [DefaultPasswords, heat_auth_encryption_key]}
 137       step_config: |
 138         include ::tripleo::profile::base::heat::engine
 139
 140       service_config_settings:
 141         mysql:
 142           heat::db::mysql::password: {get_param: HeatPassword}
 143           heat::db::mysql::user: heat
 144           heat::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
 145           heat::db::mysql::dbname: heat
 146           heat::db::mysql::allowed_hosts:
 147             - '%'
 148             - "%{hiera('mysql_bind_host')}"
 149         keystone:
 150             # This is needed because the keystone profile handles creating the domain
 151             tripleo::profile::base::keystone::heat_admin_password: {get_param: HeatStackDomainAdminPassword}
 152       upgrade_tasks:
 153         - name: Check if heat_engine is deployed
 154           command: systemctl is-enabled openstack-heat-engine
 155           tags: common
 156           ignore_errors: True
 157           register: heat_engine_enabled
 158         - name: "PreUpgrade step0,validation: Check service openstack-heat-engine is running"
 159           shell: /usr/bin/systemctl show 'openstack-heat-engine' --property ActiveState | grep '\bactive\b'
 160           when: heat_engine_enabled.rc == 0
 161           tags: step0,validation
 162         - name: Stop heat_engine service
 163           tags: step1
 164           when: heat_engine_enabled.rc == 0
 165           service: name=openstack-heat-engine state=stopped