puppet/services/zaqar.yaml

   1 heat_template_version: ocata
   2
   3 description: >
   4   Openstack Zaqar service. Shared for all Heat services.
   5
   6 parameters:
   7   ServiceNetMap:
   8     default: {}
   9     description: Mapping of service_name -> network name. Typically set
  10                  via parameter_defaults in the resource registry.  This
  11                  mapping overrides those in ServiceNetMapDefaults.
  12     type: json
  13   EndpointMap:
  14     default: {}
  15     description: Mapping of service endpoint -> protocol. Typically set
  16                  via parameter_defaults in the resource registry.
  17     type: json
  18   DefaultPasswords:
  19     default: {}
  20     type: json
  21   RoleName:
  22     default: ''
  23     description: Role name on which the service is applied
  24     type: string
  25   RoleParameters:
  26     default: {}
  27     description: Parameters specific to the role
  28     type: json
  29   Debug:
  30     default: ''
  31     description: Set to True to enable debugging on all services.
  32     type: string
  33   ZaqarPassword:
  34     description: The password for Zaqar
  35     type: string
  36     hidden: true
  37   KeystoneRegion:
  38     type: string
  39     default: 'regionOne'
  40     description: Keystone region for endpoint
  41   ZaqarPolicies:
  42     description: |
  43       A hash of policies to configure for Zaqar.
  44       e.g. { zaqar-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
  45     default: {}
  46     type: json
  47   ZaqarWorkers:
  48     type: string
  49     description: Set the number of workers for zaqar::wsgi::apache
  50     default: '%{::os_workers}'
  51   EnableInternalTLS:
  52     type: boolean
  53     default: false
  54
  55 conditions:
  56   zaqar_workers_zero: {equals : [{get_param: ZaqarWorkers}, 0]}
  57
  58 resources:
  59
  60   ApacheServiceBase:
  61     type: ./apache.yaml
  62     properties:
  63       ServiceNetMap: {get_param: ServiceNetMap}
  64       DefaultPasswords: {get_param: DefaultPasswords}
  65       EndpointMap: {get_param: EndpointMap}
  66       EnableInternalTLS: {get_param: EnableInternalTLS}
  67
  68 outputs:
  69   role_data:
  70     description: Shared role data for the Heat services.
  71     value:
  72       service_name: zaqar
  73       config_settings:
  74         map_merge:
  75           - get_attr: [ApacheServiceBase, role_data, config_settings]
  76           - zaqar::policy::policies: {get_param: ZaqarPolicies}
  77             zaqar::keystone::authtoken::password: {get_param: ZaqarPassword}
  78             zaqar::keystone::authtoken::project_name: 'service'
  79             zaqar::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
  80             zaqar::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
  81             zaqar::debug: {get_param: Debug}
  82             zaqar::server::service_name: 'httpd'
  83             zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]}
  84             zaqar::wsgi::apache::ssl: false
  85             zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
  86             zaqar::message_pipeline: 'zaqar.notification.notifier'
  87             zaqar::unreliable: true
  88             zaqar::wsgi::apache::servername:
  89               str_replace:
  90                 template:
  91                   "%{hiera('fqdn_$NETWORK')}"
  92                 params:
  93                   $NETWORK: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
  94           -
  95             if:
  96             - zaqar_workers_zero
  97             - {}
  98             - zaqar::wsgi::apache::workers: {get_param: ZaqarWorkers}
  99       service_config_settings:
 100         keystone:
 101           zaqar::keystone::auth::password: {get_param: ZaqarPassword}
 102           zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]}
 103           zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]}
 104           zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]}
 105           zaqar::keystone::auth::region: {get_param: KeystoneRegion}
 106           zaqar::keystone::auth::tenant: 'service'
 107           zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword}
 108           zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]}
 109           zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]}
 110           zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]}
 111           zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion}
 112           zaqar::keystone::auth_websocket::tenant: 'service'
 113
 114       step_config: |
 115         include ::tripleo::profile::base::zaqar
 116       upgrade_tasks:
 117         yaql:
 118           expression: $.data.apache_upgrade + $.data.zaqar_upgrade
 119           data:
 120             apache_upgrade:
 121               get_attr: [ApacheServiceBase, role_data, upgrade_tasks]
 122             zaqar_upgrade:
 123               - name: Check if zaqar is deployed
 124                 command: systemctl is-enabled openstack-zaqar
 125                 tags: common
 126                 ignore_errors: True
 127                 register: zaqar_enabled
 128               - name: "PreUpgrade step0,validation: Check if openstack-zaqar is running"
 129                 shell: >
 130                   /usr/bin/systemctl show 'openstack-zaqar' --property ActiveState |
 131                   grep '\bactive\b'
 132                 when: zaqar_enabled.rc == 0
 133                 tags: step0,validation
 134               - name: Check for zaqar running under apache (post upgrade)
 135                 tags: step1
 136                 shell: "httpd -t -D DUMP_VHOSTS | grep -q zaqar_wsgi"
 137                 register: zaqar_apache
 138                 ignore_errors: true
 139               - name: Stop zaqar service (running under httpd)
 140                 tags: step1
 141                 service: name=httpd state=stopped
 142                 when: zaqar_apache.rc == 0
 143               - name: Stop and disable zaqar service (pre-upgrade not under httpd)
 144                 tags: step1
 145                 when: zaqar_enabled.rc == 0
 146                 service: name=openstack-zaqar state=stopped enabled=no
 147               - name: Install openstack-zaqar package if it was disabled
 148                 tags: step3
 149                 yum: name=openstack-zaqar state=latest
 150                 when: zaqar_enabled.rc != 0