EnableInternalTLS:
type: boolean
default: false
+ HeatApiPolicies:
+ description: |
+ A hash of policies to configure for Heat API.
+ e.g. { heat-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
+ default: {}
+ type: json
conditions:
heat_workers_zero: {equals : [{get_param: HeatWorkers}, 0]}
- 13004
heat::api::bind_host: {get_param: [ServiceNetMap, HeatApiNetwork]}
heat::wsgi::apache_api::ssl: {get_param: EnableInternalTLS}
+ heat::policy::policies: {get_param: HeatApiPolicies}
heat::api::service_name: 'httpd'
# NOTE: bind IP is found in Heat replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):
- name: Stop heat_api service (running under httpd)
tags: step1
service: name=httpd state=stopped
- when: "heat_api_apache.rc == 0"
+ when: heat_api_apache.rc == 0
- name: Stop and disable heat_api service (pre-upgrade not under httpd)
tags: step1
when: heat_api_enabled.rc == 0