Code Review / apex-tripleo-heat-templates.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "Remove root_template and root_environment from capabilities-map.yaml"
[apex-tripleo-heat-templates.git] / puppet / services / sahara-api.yaml
diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml
index 8085d54..d9f2115 100644 (file)
--- a/puppet/services/sahara-api.yaml
+++ b/puppet/services/sahara-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
 
 description: >
   OpenStack Sahara API service configured with Puppet
@@ -38,6 +38,12 @@ parameters:
     default:
       tag: openstack.sahara.api
       path: /var/log/sahara/sahara-api.log
+  SaharaApiPolicies:
+    description: |
+      A hash of policies to configure for Sahara API.
+      e.g. { sahara-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
+    default: {}
+    type: json
 
 resources:
   SaharaBase:
@@ -60,12 +66,8 @@ outputs:
         map_merge:
           - get_attr: [SaharaBase, role_data, config_settings]
           - sahara::port: {get_param: [EndpointMap, SaharaInternal, port]}
+            sahara::policy::policies: {get_param: SaharaApiPolicies}
             sahara::service::api::api_workers: {get_param: SaharaWorkers}
-            sahara::keystone::auth::public_url: {get_param: [EndpointMap, SaharaPublic, uri]}
-            sahara::keystone::auth::internal_url: {get_param: [EndpointMap, SaharaInternal, uri]}
-            sahara::keystone::auth::admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]}
-            sahara::keystone::auth::password: {get_param: SaharaPassword }
-            sahara::keystone::auth::region: {get_param: KeystoneRegion}
             # NOTE: bind IP is found in Heat replacing the network name with the local node IP
             # for the given network; replacement examples (eg. for internal_api):
             # internal_api -> IP
@@ -79,3 +81,23 @@ outputs:
                   - 13386
       step_config: |
         include ::tripleo::profile::base::sahara::api
+      service_config_settings:
+        keystone:
+          sahara::keystone::auth::tenant: 'service'
+          sahara::keystone::auth::public_url: {get_param: [EndpointMap, SaharaPublic, uri]}
+          sahara::keystone::auth::internal_url: {get_param: [EndpointMap, SaharaInternal, uri]}
+          sahara::keystone::auth::admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]}
+          sahara::keystone::auth::password: {get_param: SaharaPassword }
+          sahara::keystone::auth::region: {get_param: KeystoneRegion}
+        mysql:
+          sahara::db::mysql::password: {get_param: SaharaPassword}
+          sahara::db::mysql::user: sahara
+          sahara::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+          sahara::db::mysql::dbname: sahara
+          sahara::db::mysql::allowed_hosts:
+            - '%'
+            - "%{hiera('mysql_bind_host')}"
+      upgrade_tasks:
+        - name: Stop sahara_api service
+          tags: step1
+          service: name=openstack-sahara-api state=stopped