Code Review / apex-tripleo-heat-templates.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "Add endpoint map matching validation to validate-yaml.py"
[apex-tripleo-heat-templates.git] / puppet / services / nova-placement.yaml
1 heat_template_version: ocata
2
3 description: >
4   OpenStack Nova Placement API service configured with Puppet
5
6 parameters:
7   ServiceNetMap:
8     default: {}
9     description: Mapping of service_name -> network name. Typically set
10                  via parameter_defaults in the resource registry.  This
11                  mapping overrides those in ServiceNetMapDefaults.
12     type: json
13   DefaultPasswords:
14     default: {}
15     type: json
16   EndpointMap:
17     default: {}
18     description: Mapping of service endpoint -> protocol. Typically set
19                  via parameter_defaults in the resource registry.
20     type: json
21   NovaWorkers:
22     default: 0
23     description: Number of workers for Nova Placement API service.
24     type: number
25   NovaPassword:
26     description: The password for the nova service and db account, used by nova-placement.
27     type: string
28     hidden: true
29   KeystoneRegion:
30     type: string
31     default: 'regionOne'
32     description: Keystone region for endpoint
33   MonitoringSubscriptionNovaPlacement:
34     default: 'overcloud-nova-placement'
35     type: string
36   NovaPlacementLoggingSource:
37     type: json
38     default:
39       tag: openstack.nova.placement
40       path: /var/log/httpd/nova_placement_wsgi_error_ssl.log
41   EnableInternalTLS:
42     type: boolean
43     default: false
44
45 conditions:
46   nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]}
47
48 resources:
49   ApacheServiceBase:
50     type: ./apache.yaml
51     properties:
52       ServiceNetMap: {get_param: ServiceNetMap}
53       DefaultPasswords: {get_param: DefaultPasswords}
54       EndpointMap: {get_param: EndpointMap}
55       EnableInternalTLS: {get_param: EnableInternalTLS}
56
57   NovaBase:
58     type: ./nova-base.yaml
59     properties:
60       ServiceNetMap: {get_param: ServiceNetMap}
61       DefaultPasswords: {get_param: DefaultPasswords}
62       EndpointMap: {get_param: EndpointMap}
63
64 outputs:
65   role_data:
66     description: Role data for the Nova Placement API service.
67     value:
68       service_name: nova_placement
69       monitoring_subscription: {get_param: MonitoringSubscriptionNovaPlacement}
70       logging_source: {get_param: NovaPlacementLoggingSource}
71       logging_groups:
72         - nova
73       config_settings:
74         map_merge:
75         - get_attr: [NovaBase, role_data, config_settings]
76         - get_attr: [ApacheServiceBase, role_data, config_settings]
77         - tripleo.nova_placement.firewall_rules:
78             '138 nova_placement':
79               dport:
80                 - 8778
81                 - 13778
82           nova::placement::project_name: 'service'
83           nova::placement::password: {get_param: NovaPassword}
84           nova::placement::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
85           nova::placement::os_region_name: {get_param: KeystoneRegion}
86           nova::wsgi::apache_placement::api_port: '8778'
87           nova::wsgi::apache_placement::ssl: {get_param: EnableInternalTLS}
88           # NOTE: bind IP is found in Heat replacing the network name with the local node IP
89           # for the given network; replacement examples (eg. for internal_api):
90           # internal_api -> IP
91           # internal_api_uri -> [IP]
92           # internal_api_subnet - > IP/CIDR
93           nova::wsgi::apache_placement::bind_host: {get_param: [ServiceNetMap, NovaApiNetwork]}
94           nova::wsgi::apache_placement::servername:
95             str_replace:
96               template:
97                 "%{hiera('fqdn_$NETWORK')}"
98               params:
99                 $NETWORK: {get_param: [ServiceNetMap, NovaApiNetwork]}
100         -
101           if:
102           - nova_workers_zero
103           - {}
104           - nova::wsgi::apache_placement::workers: {get_param: NovaWorkers}
105       step_config: |
106         include tripleo::profile::base::nova::placement
107       service_config_settings:
108         keystone:
109           nova::keystone::auth_placement::tenant: 'service'
110           nova::keystone::auth_placement::public_url: {get_param: [EndpointMap, NovaPlacementPublic, uri]}
111           nova::keystone::auth_placement::internal_url: {get_param: [EndpointMap, NovaPlacementInternal, uri]}
112           nova::keystone::auth_placement::admin_url: {get_param: [EndpointMap, NovaPlacementAdmin, uri]}
113           nova::keystone::auth_placement::password: {get_param: NovaPassword}
114           nova::keystone::auth_placement::region: {get_param: KeystoneRegion}
115         mysql:
116           map_merge:
117           - {get_attr: [NovaBase, role_data, service_config_settings, mysql]}
118           - nova::db::mysql_placement::password: {get_param: NovaPassword}
119             nova::db::mysql_placement::user: nova_placement
120             nova::db::mysql_placement::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
121             nova::db::mysql_placement::dbname: nova_placement
122             nova::db::mysql_placement::allowed_hosts:
123               - '%'
124               - "%{hiera('mysql_bind_host')}"