Merge "Corrected wrong os_region_name in glance-api conf file"

[apex-tripleo-heat-templates.git] / puppet / services / rabbitmq.yaml

diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml
index 92a0015..66f5c4b 100644 (file)
--- a/puppet/services/rabbitmq.yaml
+++ b/puppet/services/rabbitmq.yaml
@@ -1,9 +1,13 @@
-heat_template_version: ocata
+heat_template_version: pike
 
 description: >
   RabbitMQ service configured with Puppet
 
 parameters:
+  ServiceData:
+    default: {}
+    description: Dictionary packing service data
+    type: json
   ServiceNetMap:
     default: {}
     description: Mapping of service_name -> network name. Typically set
@@ -13,6 +17,14 @@ parameters:
   DefaultPasswords:
     default: {}
     type: json
+  RoleName:
+    default: ''
+    description: Role name on which the service is applied
+    type: string
+  RoleParameters:
+    default: {}
+    description: Parameters specific to the role
+    type: json
   EndpointMap:
     default: {}
     description: Mapping of service endpoint -> protocol. Typically set
@@ -40,10 +52,10 @@ parameters:
     hidden: true
   RabbitHAQueues:
     description:
-      The number of HA queues to be configured in rabbit. The default is 0 which will
-      be automatically overridden to CEIL(N/2) where N is the number of nodes running
-      rabbitmq.
-    default: 0
+      The number of HA queues to be configured in rabbit. The default is -1 which
+      translates to "ha-mode all". The special value 0 will be automatically
+      overridden to CEIL(N/2) where N is the number of nodes running rabbitmq.
+    default: -1
     type: number
   MonitoringSubscriptionRabbitmq:
     default: 'overcloud-rabbitmq'
@@ -52,14 +64,8 @@ parameters:
     type: boolean
     default: false
 
-resources:
-
-  RabbitMQTLS:
-    type: OS::TripleO::Services::RabbitMQTLS
-    properties:
-      ServiceNetMap: {get_param: ServiceNetMap}
-      DefaultPasswords: {get_param: DefaultPasswords}
-      EndpointMap: {get_param: EndpointMap}
+conditions:
+  internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
 
 outputs:
   role_data:
@@ -69,7 +75,6 @@ outputs:
       monitoring_subscription: {get_param: MonitoringSubscriptionRabbitmq}
       config_settings:
         map_merge:
-          - get_attr: [RabbitMQTLS, role_data, config_settings]
           -
             rabbitmq::file_limit: {get_param: RabbitFDLimit}
             rabbitmq::default_user: {get_param: RabbitUserName}
@@ -124,6 +129,24 @@ outputs:
             # TODO(jaosorior): Remove this once we set a proper default in
             # puppet-tripleo
             tripleo::profile::base::rabbitmq::enable_internal_tls: {get_param: EnableInternalTLS}
+          -
+            if:
+            - internal_tls_enabled
+            - generate_service_certificates: true
+              tripleo::profile::base::rabbitmq::certificate_specs:
+                service_certificate: '/etc/pki/tls/certs/rabbitmq.crt'
+                service_key: '/etc/pki/tls/private/rabbitmq.key'
+                hostname:
+                  str_replace:
+                    template: "%{hiera('fqdn_NETWORK')}"
+                    params:
+                      NETWORK: {get_param: [ServiceNetMap, RabbitmqNetwork]}
+                principal:
+                  str_replace:
+                    template: "rabbitmq/%{hiera('fqdn_NETWORK')}"
+                    params:
+                      NETWORK: {get_param: [ServiceNetMap, RabbitmqNetwork]}
+            - {}
       step_config: |
         include ::tripleo::profile::base::rabbitmq
       upgrade_tasks:
@@ -134,4 +157,10 @@ outputs:
           tags: step4
           service: name=rabbitmq-server state=started
       metadata_settings:
-        get_attr: [RabbitMQTLS, role_data, metadata_settings]
+        if:
+          - internal_tls_enabled
+          -
+            - service: rabbitmq
+              network: {get_param: [ServiceNetMap, RabbitmqNetwork]}
+              type: node
+          - null