puppet/services/heat-engine.yaml

   1 heat_template_version: ocata
   2
   3 description: >
   4   Openstack Heat Engine service configured with Puppet
   5
   6 parameters:
   7   ServiceNetMap:
   8     default: {}
   9     description: Mapping of service_name -> network name. Typically set
  10                  via parameter_defaults in the resource registry.  This
  11                  mapping overrides those in ServiceNetMapDefaults.
  12     type: json
  13   DefaultPasswords:
  14     default: {}
  15     type: json
  16   EndpointMap:
  17     default: {}
  18     description: Mapping of service endpoint -> protocol. Typically set
  19                  via parameter_defaults in the resource registry.
  20     type: json
  21   HeatEnableDBPurge:
  22     type: boolean
  23     default: true
  24     description: |
  25         Whether to create cron job for purging soft deleted rows in the Heat database.
  26   HeatWorkers:
  27     default: 0
  28     description: Number of workers for Heat service.
  29     type: number
  30   HeatPassword:
  31     description: The password for the Heat service and db account, used by the Heat services.
  32     type: string
  33     hidden: true
  34   HeatStackDomainAdminPassword:
  35     description: Password for heat_stack_domain_admin user.
  36     type: string
  37     hidden: true
  38   HeatAuthEncryptionKey:
  39     description: Auth encryption key for heat-engine
  40     type: string
  41     hidden: true
  42     default: ''
  43   MonitoringSubscriptionHeatEngine:
  44     default: 'overcloud-heat-engine'
  45     type: string
  46   HeatEngineLoggingSource:
  47     type: json
  48     default:
  49       tag: openstack.heat.engine
  50       path: /var/log/heat/heat-engine.log
  51
  52 resources:
  53   HeatBase:
  54     type: ./heat-base.yaml
  55     properties:
  56       ServiceNetMap: {get_param: ServiceNetMap}
  57       DefaultPasswords: {get_param: DefaultPasswords}
  58       EndpointMap: {get_param: EndpointMap}
  59
  60 outputs:
  61   role_data:
  62     description: Role data for the Heat Engine role.
  63     value:
  64       service_name: heat_engine
  65       monitoring_subscription: {get_param: MonitoringSubscriptionHeatEngine}
  66       logging_source: {get_param: HeatEngineLoggingSource}
  67       logging_groups:
  68         - heat
  69       config_settings:
  70         map_merge:
  71           - get_attr: [HeatBase, role_data, config_settings]
  72           - heat::engine::num_engine_workers: {get_param: HeatWorkers}
  73             heat::engine::configure_delegated_roles: false
  74             heat::engine::trusts_delegated_roles: []
  75             heat::engine::heat_metadata_server_url:
  76               list_join:
  77                 - ''
  78                 - - {get_param: [EndpointMap, HeatCfnPublic, protocol]}
  79                   - '://'
  80                   - {get_param: [EndpointMap, HeatCfnPublic, host]}
  81                   - ':'
  82                   - {get_param: [EndpointMap, HeatCfnPublic, port]}
  83             heat::engine::heat_waitcondition_server_url:
  84               list_join:
  85                 - ''
  86                 - - {get_param: [EndpointMap, HeatCfnPublic, protocol]}
  87                   - '://'
  88                   - {get_param: [EndpointMap, HeatCfnPublic, host]}
  89                   - ':'
  90                   - {get_param: [EndpointMap, HeatCfnPublic, port]}
  91                   - '/v1/waitcondition'
  92             tripleo::profile::base::heat::manage_db_purge: {get_param: HeatEnableDBPurge}
  93             heat::database_connection:
  94               list_join:
  95                 - ''
  96                 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
  97                   - '://heat:'
  98                   - {get_param: HeatPassword}
  99                   - '@'
 100                   - {get_param: [EndpointMap, MysqlInternal, host]}
 101                   - '/heat'
 102                   - '?bind_address='
 103                   - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
 104             heat::keystone_ec2_uri: {get_param: [EndpointMap, KeystoneEC2, uri]}
 105             heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword}
 106             heat::engine::auth_encryption_key:
 107               yaql:
 108                 expression: $.data.passwords.where($ != '').first()
 109                 data:
 110                   passwords:
 111                     - {get_param: HeatAuthEncryptionKey}
 112                     - {get_param: [DefaultPasswords, heat_auth_encryption_key]}
 113       step_config: |
 114         include ::tripleo::profile::base::heat::engine
 115
 116       service_config_settings:
 117         mysql:
 118           heat::db::mysql::password: {get_param: HeatPassword}
 119           heat::db::mysql::user: heat
 120           heat::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
 121           heat::db::mysql::dbname: heat
 122           heat::db::mysql::allowed_hosts:
 123             - '%'
 124             - "%{hiera('mysql_bind_host')}"
 125         keystone:
 126             # This is needed because the keystone profile handles creating the domain
 127             tripleo::profile::base::keystone::heat_admin_password: {get_param: HeatStackDomainAdminPassword}