puppet/services/zaqar.yaml

   1 heat_template_version: pike
   2
   3 description: >
   4   Openstack Zaqar service. Shared for all Heat services.
   5
   6 parameters:
   7   ServiceNetMap:
   8     default: {}
   9     description: Mapping of service_name -> network name. Typically set
  10                  via parameter_defaults in the resource registry.  This
  11                  mapping overrides those in ServiceNetMapDefaults.
  12     type: json
  13   EndpointMap:
  14     default: {}
  15     description: Mapping of service endpoint -> protocol. Typically set
  16                  via parameter_defaults in the resource registry.
  17     type: json
  18   DefaultPasswords:
  19     default: {}
  20     type: json
  21   RoleName:
  22     default: ''
  23     description: Role name on which the service is applied
  24     type: string
  25   RoleParameters:
  26     default: {}
  27     description: Parameters specific to the role
  28     type: json
  29   Debug:
  30     default: ''
  31     description: Set to True to enable debugging on all services.
  32     type: string
  33   ZaqarDebug:
  34     default: ''
  35     description: Set to True to enable debugging Zaqar service.
  36     type: string
  37   ZaqarPassword:
  38     description: The password for Zaqar
  39     type: string
  40     hidden: true
  41   KeystoneRegion:
  42     type: string
  43     default: 'regionOne'
  44     description: Keystone region for endpoint
  45   ZaqarPolicies:
  46     description: |
  47       A hash of policies to configure for Zaqar.
  48       e.g. { zaqar-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
  49     default: {}
  50     type: json
  51   ZaqarWorkers:
  52     type: string
  53     description: Set the number of workers for zaqar::wsgi::apache
  54     default: '%{::os_workers}'
  55   EnableInternalTLS:
  56     type: boolean
  57     default: false
  58
  59 conditions:
  60   zaqar_workers_zero: {equals : [{get_param: ZaqarWorkers}, 0]}
  61   service_debug_unset: {equals : [{get_param: ZaqarDebug}, '']}
  62
  63 resources:
  64
  65   ApacheServiceBase:
  66     type: ./apache.yaml
  67     properties:
  68       ServiceNetMap: {get_param: ServiceNetMap}
  69       DefaultPasswords: {get_param: DefaultPasswords}
  70       EndpointMap: {get_param: EndpointMap}
  71       EnableInternalTLS: {get_param: EnableInternalTLS}
  72
  73 outputs:
  74   role_data:
  75     description: Shared role data for the Heat services.
  76     value:
  77       service_name: zaqar
  78       config_settings:
  79         map_merge:
  80           - get_attr: [ApacheServiceBase, role_data, config_settings]
  81           - zaqar::policy::policies: {get_param: ZaqarPolicies}
  82             zaqar::keystone::authtoken::password: {get_param: ZaqarPassword}
  83             zaqar::keystone::authtoken::project_name: 'service'
  84             zaqar::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
  85             zaqar::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
  86             zaqar::debug:
  87               if:
  88               - service_debug_unset
  89               - {get_param: Debug }
  90               - {get_param: ZaqarDebug }
  91             zaqar::server::service_name: 'httpd'
  92             zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]}
  93             zaqar::wsgi::apache::ssl: false
  94             zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
  95             zaqar::message_pipeline: 'zaqar.notification.notifier'
  96             zaqar::unreliable: true
  97             zaqar::wsgi::apache::servername:
  98               str_replace:
  99                 template:
 100                   "%{hiera('fqdn_$NETWORK')}"
 101                 params:
 102                   $NETWORK: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
 103           -
 104             if:
 105             - zaqar_workers_zero
 106             - {}
 107             - zaqar::wsgi::apache::workers: {get_param: ZaqarWorkers}
 108       service_config_settings:
 109         keystone:
 110           zaqar::keystone::auth::password: {get_param: ZaqarPassword}
 111           zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]}
 112           zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]}
 113           zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]}
 114           zaqar::keystone::auth::region: {get_param: KeystoneRegion}
 115           zaqar::keystone::auth::tenant: 'service'
 116           zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword}
 117           zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]}
 118           zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]}
 119           zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]}
 120           zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion}
 121           zaqar::keystone::auth_websocket::tenant: 'service'
 122
 123       step_config: |
 124         include ::tripleo::profile::base::zaqar
 125       upgrade_tasks:
 126         yaql:
 127           expression: $.data.apache_upgrade + $.data.zaqar_upgrade
 128           data:
 129             apache_upgrade:
 130               get_attr: [ApacheServiceBase, role_data, upgrade_tasks]
 131             zaqar_upgrade:
 132               - name: Check if zaqar is deployed
 133                 command: systemctl is-enabled openstack-zaqar
 134                 tags: common
 135                 ignore_errors: True
 136                 register: zaqar_enabled
 137               - name: "PreUpgrade step0,validation: Check if openstack-zaqar is running"
 138                 shell: >
 139                   /usr/bin/systemctl show 'openstack-zaqar' --property ActiveState |
 140                   grep '\bactive\b'
 141                 when: zaqar_enabled.rc == 0
 142                 tags: step0,validation
 143               - name: Check for zaqar running under apache (post upgrade)
 144                 tags: step1
 145                 shell: "httpd -t -D DUMP_VHOSTS | grep -q zaqar_wsgi"
 146                 register: zaqar_apache
 147                 ignore_errors: true
 148               - name: Stop zaqar service (running under httpd)
 149                 tags: step1
 150                 service: name=httpd state=stopped
 151                 when: zaqar_apache.rc == 0
 152               - name: Stop and disable zaqar service (pre-upgrade not under httpd)
 153                 tags: step1
 154                 when: zaqar_enabled.rc == 0
 155                 service: name=openstack-zaqar state=stopped enabled=no
 156               - name: Install openstack-zaqar package if it was disabled
 157                 tags: step3
 158                 yum: name=openstack-zaqar state=latest
 159                 when: zaqar_enabled.rc != 0