Code Review / apex-tripleo-heat-templates.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "N->O upgrade, blanks ipv6 rules before activating it."
[apex-tripleo-heat-templates.git] / puppet / services / neutron-api.yaml
diff --git a/puppet/services/neutron-api.yaml b/puppet/services/neutron-api.yaml
index b3a07fb..7a24ffd 100644 (file)
--- a/puppet/services/neutron-api.yaml
+++ b/puppet/services/neutron-api.yaml
@@ -57,6 +57,9 @@ parameters:
     default:
       tag: openstack.neutron.api
       path: /var/log/neutron/server.log
+  EnableInternalTLS:
+    type: boolean
+    default: false
 
   # DEPRECATED: the following options are deprecated and are currently maintained
   # for backwards compatibility. They will be removed in the Ocata cycle.
@@ -71,10 +74,6 @@ parameters:
       removed in Ocata.  Future releases will enable L3 HA by default if it is
       appropriate for the deployment type. Alternate mechanisms will be
       available to override.
-  EnableInternalTLS:
-    type: boolean
-    default: false
-
 parameter_groups:
 - label: deprecated
   description: |
@@ -127,20 +126,21 @@ outputs:
                   - '@'
                   - {get_param: [EndpointMap, MysqlInternal, host]}
                   - '/ovs_neutron'
-                  - '?bind_address='
-                  - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
-            neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
+                  - '?read_default_file=/etc/my.cnf.d/tripleo.cnf&read_default_group=tripleo'
+            neutron::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
             neutron::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
             neutron::server::api_workers: {get_param: NeutronWorkers}
             neutron::server::rpc_workers: {get_param: NeutronWorkers}
             neutron::server::allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
             neutron::server::enable_proxy_headers_parsing: true
             neutron::keystone::authtoken::password: {get_param: NeutronPassword}
-            neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
+            neutron::server::notifications::auth_url: { get_param: [ EndpointMap, KeystoneInternal, uri_no_suffix ] }
             neutron::server::notifications::tenant_name: 'service'
             neutron::server::notifications::project_name: 'service'
             neutron::server::notifications::password: {get_param: NovaPassword}
             neutron::keystone::authtoken::project_name: 'service'
+            neutron::keystone::authtoken::user_domain_name: 'Default'
+            neutron::keystone::authtoken::project_domain_name: 'Default'
             neutron::server::sync_db: true
             tripleo.neutron_api.firewall_rules:
               '114 neutron api':
@@ -190,9 +190,18 @@ outputs:
             - '%'
             - "%{hiera('mysql_bind_host')}"
       upgrade_tasks:
+        - name: Check if neutron_server is deployed
+          command: systemctl is-enabled neutron-server
+          tags: common
+          ignore_errors: True
+          register: neutron_server_enabled
         - name: "PreUpgrade step0,validation: Check service neutron-server is running"
           shell: /usr/bin/systemctl show 'neutron-server' --property ActiveState | grep '\bactive\b'
+          when: neutron_server_enabled.rc == 0
           tags: step0,validation
         - name: Stop neutron_api service
-          tags: step2
+          tags: step1
+          when: neutron_server_enabled.rc == 0
           service: name=neutron-server state=stopped
+      metadata_settings:
+        get_attr: [TLSProxyBase, role_data, metadata_settings]