-heat_template_version: 2016-10-14
+heat_template_version: ocata
description: >
Apache service TLS configurations.
via parameter_defaults in the resource registry.
type: json
+resources:
+
+ ApacheNetworks:
+ type: OS::Heat::Value
+ properties:
+ value:
+ # NOTE(jaosorior) Get unique network names to create
+ # certificates for those. We skip the tenant network since
+ # we don't need a certificate for that, and the external
+ # network will be handled in another template.
+ yaql:
+ expression: list($.data.map.items().map($1[1])).distinct().where($ != external and $ != tenant)
+ data:
+ map:
+ get_param: ServiceNetMap
+
outputs:
role_data:
description: Role data for the Apache role.
httpd-NETWORK:
service_certificate: '/etc/pki/tls/certs/httpd-NETWORK.crt'
service_key: '/etc/pki/tls/private/httpd-NETWORK.key'
- hostname: "%{::fqdn_NETWORK}"
- principal: "HTTP/%{::fqdn_NETWORK}"
+ hostname: "%{hiera('fqdn_NETWORK')}"
+ principal: "HTTP/%{hiera('fqdn_NETWORK')}"
for_each:
- NETWORK:
- # NOTE(jaosorior) Get unique network names to create
- # certificates for those. We skip the tenant network since
- # we don't need a certificate for that, and the external
- # network will be handled in another template.
- yaql:
- expression: list($.data.map.items().map($1[1])).distinct().where($ != external and $ != tenant)
- data:
- map:
- get_param: ServiceNetMap
+ NETWORK: {get_attr: [ApacheNetworks, value]}
+ metadata_settings:
+ repeat:
+ template:
+ - service: HTTP
+ network: $NETWORK
+ type: node
+ for_each:
+ $NETWORK: {get_attr: [ApacheNetworks, value]}
+ upgrade_tasks:
+ - name: "PreUpgrade step0,validation: Check service httpd is running"
+ shell: /usr/bin/systemctl show 'httpd' --property ActiveState | grep '\bactive\b'
+ tags: step0,validation
Code Review / apex-tripleo-heat-templates.git / blobdiff