Code Review / apex-tripleo-heat-templates.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "Configure the placement API's interface to use the internal endpoint"
[apex-tripleo-heat-templates.git] / puppet / services / nova-placement.yaml
1 heat_template_version: ocata
2
3 description: >
4   OpenStack Nova Placement API service configured with Puppet
5
6 parameters:
7   ServiceNetMap:
8     default: {}
9     description: Mapping of service_name -> network name. Typically set
10                  via parameter_defaults in the resource registry.  This
11                  mapping overrides those in ServiceNetMapDefaults.
12     type: json
13   DefaultPasswords:
14     default: {}
15     type: json
16   EndpointMap:
17     default: {}
18     description: Mapping of service endpoint -> protocol. Typically set
19                  via parameter_defaults in the resource registry.
20     type: json
21   NovaWorkers:
22     default: 0
23     description: Number of workers for Nova Placement API service.
24     type: number
25   NovaPassword:
26     description: The password for the nova service and db account, used by nova-placement.
27     type: string
28     hidden: true
29   KeystoneRegion:
30     type: string
31     default: 'regionOne'
32     description: Keystone region for endpoint
33   MonitoringSubscriptionNovaPlacement:
34     default: 'overcloud-nova-placement'
35     type: string
36   NovaPlacementLoggingSource:
37     type: json
38     default:
39       tag: openstack.nova.placement
40       path: /var/log/httpd/nova_placement_wsgi_error_ssl.log
41   EnableInternalTLS:
42     type: boolean
43     default: false
44
45 conditions:
46   nova_workers_zero: {equals : [{get_param: NovaWorkers}, 0]}
47
48 resources:
49   ApacheServiceBase:
50     type: ./apache.yaml
51     properties:
52       ServiceNetMap: {get_param: ServiceNetMap}
53       DefaultPasswords: {get_param: DefaultPasswords}
54       EndpointMap: {get_param: EndpointMap}
55       EnableInternalTLS: {get_param: EnableInternalTLS}
56
57   NovaBase:
58     type: ./nova-base.yaml
59     properties:
60       ServiceNetMap: {get_param: ServiceNetMap}
61       DefaultPasswords: {get_param: DefaultPasswords}
62       EndpointMap: {get_param: EndpointMap}
63
64 outputs:
65   role_data:
66     description: Role data for the Nova Placement API service.
67     value:
68       service_name: nova_placement
69       monitoring_subscription: {get_param: MonitoringSubscriptionNovaPlacement}
70       logging_source: {get_param: NovaPlacementLoggingSource}
71       logging_groups:
72         - nova
73       config_settings:
74         map_merge:
75         - get_attr: [NovaBase, role_data, config_settings]
76         - get_attr: [ApacheServiceBase, role_data, config_settings]
77         - tripleo.nova_placement.firewall_rules:
78             '138 nova_placement':
79               dport:
80                 - 8778
81                 - 13778
82           nova::wsgi::apache_placement::api_port: '8778'
83           nova::wsgi::apache_placement::ssl: {get_param: EnableInternalTLS}
84           # NOTE: bind IP is found in Heat replacing the network name with the local node IP
85           # for the given network; replacement examples (eg. for internal_api):
86           # internal_api -> IP
87           # internal_api_uri -> [IP]
88           # internal_api_subnet - > IP/CIDR
89           nova::wsgi::apache_placement::bind_host: {get_param: [ServiceNetMap, NovaPlacementNetwork]}
90           nova::wsgi::apache_placement::servername:
91             str_replace:
92               template:
93                 "%{hiera('fqdn_$NETWORK')}"
94               params:
95                 $NETWORK: {get_param: [ServiceNetMap, NovaPlacementNetwork]}
96         -
97           if:
98           - nova_workers_zero
99           - {}
100           - nova::wsgi::apache_placement::workers: {get_param: NovaWorkers}
101       step_config: |
102         include tripleo::profile::base::nova::placement
103       service_config_settings:
104         keystone:
105           nova::keystone::auth_placement::tenant: 'service'
106           nova::keystone::auth_placement::public_url: {get_param: [EndpointMap, NovaPlacementPublic, uri]}
107           nova::keystone::auth_placement::internal_url: {get_param: [EndpointMap, NovaPlacementInternal, uri]}
108           nova::keystone::auth_placement::admin_url: {get_param: [EndpointMap, NovaPlacementAdmin, uri]}
109           nova::keystone::auth_placement::password: {get_param: NovaPassword}
110           nova::keystone::auth_placement::region: {get_param: KeystoneRegion}
111         mysql:
112           map_merge:
113           - {get_attr: [NovaBase, role_data, service_config_settings, mysql]}
114           - nova::db::mysql_placement::password: {get_param: NovaPassword}
115             nova::db::mysql_placement::user: nova_placement
116             nova::db::mysql_placement::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
117             nova::db::mysql_placement::dbname: nova_placement
118             nova::db::mysql_placement::allowed_hosts:
119               - '%'
120               - "%{hiera('mysql_bind_host')}"
121       upgrade_tasks:
122         - name: Stop nova_placement service (running under httpd)
123           tags: step2
124           service: name=httpd state=stopped