-heat_template_version: ocata
+heat_template_version: pike
description: >
OpenStack EC2-API service configured with Puppet
type: string
default: 'regionOne'
description: Keystone region for endpoint
+ Ec2ApiExternalNetwork:
+ type: string
+ default: ''
+ description: Name of the external network, which is used to connect VPCs to
+ Internet and to allocate Elastic IPs
+ NovaDefaultFloatingPool:
+ default: 'public'
+ description: Default pool for floating IP addresses
+ type: string
MonitoringSubscriptionEc2Api:
default: 'overcloud-ec2-api'
type: string
default: 'false'
description: Set to true to enable package installation via Puppet
type: boolean
+ Ec2ApiPolicies:
+ description: |
+ A hash of policies to configure for EC2-API.
+ e.g. { ec2api-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
+ default: {}
+ type: json
conditions:
nova_workers_zero: {equals : [{get_param: Ec2ApiWorkers}, 0]}
+ external_network_unset: {equals : [{get_param: Ec2ApiExternalNetwork}, '']}
outputs:
role_data:
ec2api::keystone::authtoken::password: {get_param: Ec2ApiPassword}
ec2api::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
ec2api::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
+ ec2api::policy::policies: {get_param: Ec2ApiPolicies}
ec2api::api::enabled: true
ec2api::package_manage: {get_param: EnablePackageInstall}
ec2api::api::ec2api_listen:
str_replace:
template:
- '"%{::fqdn_$NETWORK}"'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, Ec2ApiNetwork]}
ec2api::metadata::metadata_listen:
str_replace:
template:
- '"%{::fqdn_$NETWORK}"'
+ "%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, Ec2ApiMetadataNetwork]}
ec2api::db::database_connection:
+ make_url:
+ scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
+ username: ec2_api
+ password: {get_param: Ec2ApiPassword}
+ host: {get_param: [EndpointMap, MysqlInternal, host]}
+ path: /ec2_api
+ query:
+ read_default_file: /etc/my.cnf.d/tripleo.cnf
+ read_default_group: tripleo
+ ec2api::api::keystone_ec2_tokens_url:
list_join:
- ''
- - - {get_param: [EndpointMap, MysqlInternal, protocol]}
- - '://ec2_api:'
- - {get_param: Ec2ApiPassword}
- - '@'
- - {get_param: [EndpointMap, MysqlInternal, host]}
- - '/ec2_api'
- - '?read_default_file=/etc/my.cnf.d/tripleo.cnf&read_default_group=tripleo'
+ - - {get_param: [EndpointMap, KeystoneV3Internal, uri]}
+ - '/ec2tokens'
-
if:
- nova_workers_zero
- {}
- ec2api::api::ec2api_workers: {get_param: Ec2ApiWorkers}
ec2api::metadata::metadata_workers: {get_param: Ec2ApiWorkers}
+ -
+ if:
+ - external_network_unset
+ - ec2api::api::external_network: {get_param: NovaDefaultFloatingPool}
+ - ec2api::api::external_network: {get_param: Ec2ApiExternalNetwork}
step_config: |
include tripleo::profile::base::nova::ec2api
service_config_settings:
upgrade_tasks:
- name: Check if ec2-api is deployed
command: systemctl is-enabled openstack-ec2-api
- tags: step0,validation
+ tags: common
ignore_errors: True
register: ec2_api_enabled
- name: "PreUpgrade step0,validation: Check if openstack-ec2-api is running"
tags: step0,validation
- name: Stop openstack-ec2-api service
tags: step1
+ when: ec2_api_enabled.rc == 0
service: name=openstack-ec2-api state=stopped
+ - name: Install openstack-ec2-api package if it was disabled
+ tags: step3
+ yum: name=openstack-ec2-api state=latest
+ when: ec2_api_enabled.rc != 0
Code Review / apex-tripleo-heat-templates.git / blobdiff