Code Review / apex-tripleo-heat-templates.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "Don't attempt to configure live migration"
[apex-tripleo-heat-templates.git] / puppet / services / zaqar.yaml
1 heat_template_version: ocata
2
3 description: >
4   Openstack Zaqar service. Shared for all Heat services.
5
6 parameters:
7   ServiceNetMap:
8     default: {}
9     description: Mapping of service_name -> network name. Typically set
10                  via parameter_defaults in the resource registry.  This
11                  mapping overrides those in ServiceNetMapDefaults.
12     type: json
13   EndpointMap:
14     default: {}
15     description: Mapping of service endpoint -> protocol. Typically set
16                  via parameter_defaults in the resource registry.
17     type: json
18   DefaultPasswords:
19     default: {}
20     type: json
21   Debug:
22     default: ''
23     description: Set to True to enable debugging on all services.
24     type: string
25   ZaqarPassword:
26     description: The password for Zaqar
27     type: string
28     hidden: true
29   KeystoneRegion:
30     type: string
31     default: 'regionOne'
32     description: Keystone region for endpoint
33   ZaqarPolicies:
34     description: |
35       A hash of policies to configure for Zaqar.
36       e.g. { zaqar-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
37     default: {}
38     type: json
39   ZaqarWorkers:
40     type: string
41     description: Set the number of workers for zaqar::wsgi::apache
42     default: '%{::os_workers}'
43   EnableInternalTLS:
44     type: boolean
45     default: false
46
47 conditions:
48   zaqar_workers_zero: {equals : [{get_param: ZaqarWorkers}, 0]}
49
50 resources:
51
52   ApacheServiceBase:
53     type: ./apache.yaml
54     properties:
55       ServiceNetMap: {get_param: ServiceNetMap}
56       DefaultPasswords: {get_param: DefaultPasswords}
57       EndpointMap: {get_param: EndpointMap}
58       EnableInternalTLS: {get_param: EnableInternalTLS}
59
60 outputs:
61   role_data:
62     description: Shared role data for the Heat services.
63     value:
64       service_name: zaqar
65       config_settings:
66         map_merge:
67           - get_attr: [ApacheServiceBase, role_data, config_settings]
68           - zaqar::policy::policies: {get_param: ZaqarPolicies}
69             zaqar::keystone::authtoken::password: {get_param: ZaqarPassword}
70             zaqar::keystone::authtoken::project_name: 'service'
71             zaqar::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
72             zaqar::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
73             zaqar::debug: {get_param: Debug}
74             zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]}
75             zaqar::wsgi::apache::ssl: false
76             zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
77             zaqar::message_pipeline: 'zaqar.notification.notifier'
78             zaqar::unreliable: true
79             zaqar::wsgi::apache::servername:
80               str_replace:
81                 template:
82                   "%{hiera('fqdn_$NETWORK')}"
83                 params:
84                   $NETWORK: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
85           -
86             if:
87             - zaqar_workers_zero
88             - {}
89             - zaqar::wsgi::apache::workers: {get_param: ZaqarWorkers}
90       service_config_settings:
91         keystone:
92           zaqar::keystone::auth::password: {get_param: ZaqarPassword}
93           zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]}
94           zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]}
95           zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]}
96           zaqar::keystone::auth::region: {get_param: KeystoneRegion}
97           zaqar::keystone::auth::tenant: 'service'
98           zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword}
99           zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]}
100           zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]}
101           zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]}
102           zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion}
103           zaqar::keystone::auth_websocket::tenant: 'service'
104
105       step_config: |
106         include ::tripleo::profile::base::zaqar
107       upgrade_tasks:
108         - name: Check if zaqar is deployed
109           command: systemctl is-enabled openstack-zaqar
110           tags: common
111           ignore_errors: True
112           register: zaqar_enabled
113         - name: "PreUpgrade step0,validation: Check if openstack-zaqar is running"
114           shell: >
115             /usr/bin/systemctl show 'openstack-zaqar' --property ActiveState |
116             grep '\bactive\b'
117           when: zaqar_enabled.rc == 0
118           tags: step0,validation
119         - name: Check for zaqar running under apache (post upgrade)
120           tags: step1
121           shell: "httpd -t -D DUMP_VHOSTS | grep -q zaqar_wsgi"
122           register: zaqar_apache
123           ignore_errors: true
124         - name: Stop zaqar service (running under httpd)
125           tags: step1
126           service: name=httpd state=stopped
127           when: zaqar_apache.rc == 0
128         - name: Stop and disable zaqar service (pre-upgrade not under httpd)
129           tags: step1
130           when: zaqar_enabled.rc == 0
131           service: name=openstack-zaqar state=stopped enabled=no
132         - name: Install openstack-zaqar package if it was disabled
133           tags: step3
134           yum: name=openstack-zaqar state=latest
135           when: zaqar_enabled.rc != 0