X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=docker%2Fservices%2Fheat-api.yaml;h=834f2a0bb03ee9187446082d605d7f1128fc9dfc;hb=112236f8bb06c6267291d0d557c06b5f3ba483b2;hp=2efabb61c8a2c6763c943b65d7adf88aa6176f37;hpb=9bd95d9f0445af70d3d15c01730d73402baa4b09;p=apex-tripleo-heat-templates.git

diff --git a/docker/services/heat-api.yaml b/docker/services/heat-api.yaml
index 2efabb61..834f2a0b 100644
--- a/docker/services/heat-api.yaml
+++ b/docker/services/heat-api.yaml
@@ -1,4 +1,4 @@
-heat_template_version: ocata
+heat_template_version: pike
 
 description: >
   OpenStack containerized Heat API service
@@ -12,10 +12,10 @@ parameters:
     description: image
     default: 'centos-binary-heat-api:latest'
     type: string
-  # we configure all heat services in the same heat engine container
-  DockerHeatEngineImage:
+  # puppet needs the heat-wsgi-api binary from centos-binary-heat-api
+  DockerHeatConfigImage:
     description: image
-    default: 'centos-binary-heat-engine:latest'
+    default: 'centos-binary-heat-api:latest'
     type: string
   EndpointMap:
     default: {}
@@ -31,16 +31,35 @@ parameters:
   DefaultPasswords:
     default: {}
     type: json
+  RoleName:
+    default: ''
+    description: Role name on which the service is applied
+    type: string
+  RoleParameters:
+    default: {}
+    description: Parameters specific to the role
+    type: json
+  EnableInternalTLS:
+    type: boolean
+    default: false
+
+conditions:
 
+  internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
 
 resources:
 
+  ContainersCommon:
+    type: ./containers-common.yaml
+
   HeatBase:
     type: ../../puppet/services/heat-api.yaml
     properties:
       EndpointMap: {get_param: EndpointMap}
       ServiceNetMap: {get_param: ServiceNetMap}
       DefaultPasswords: {get_param: DefaultPasswords}
+      RoleName: {get_param: RoleName}
+      RoleParameters: {get_param: RoleParameters}
 
 outputs:
   role_data:
@@ -51,40 +70,69 @@ outputs:
         map_merge:
           - get_attr: [HeatBase, role_data, config_settings]
           - apache::default_vhost: false
-      step_config: {get_attr: [HeatBase, role_data, step_config]}
+      step_config: &step_config
+        get_attr: [HeatBase, role_data, step_config]
       service_config_settings: {get_attr: [HeatBase, role_data, service_config_settings]}
       # BEGIN DOCKER SETTINGS
-      docker_image: &heat_api_image
-        list_join:
-          - '/'
-          - [ {get_param: DockerNamespace}, {get_param: DockerHeatApiImage} ]
-      puppet_tags: heat_config,file,concat,file_line
-      config_volume: heat
-      config_image:
-        list_join:
-          - '/'
-          - [ {get_param: DockerNamespace}, {get_param: DockerHeatEngineImage} ]
+      puppet_config:
+        config_volume: heat_api
+        puppet_tags: heat_config,file,concat,file_line
+        step_config: *step_config
+        config_image:
+          list_join:
+            - '/'
+            - [ {get_param: DockerNamespace}, {get_param: DockerHeatConfigImage} ]
       kolla_config:
-         /var/lib/kolla/config_files/heat_api.json:
-           command: /usr/bin/heat-api --config-file /usr/share/heat/heat-dist.conf --config-file /etc/heat/heat.conf
-           config_files:
-           - dest: /etc/heat/heat.conf
-             owner: heat
-             perm: '0640'
-             source: /var/lib/kolla/config_files/src/etc/heat/heat.conf
+        /var/lib/kolla/config_files/heat_api.json:
+          command: /usr/sbin/httpd -DFOREGROUND
+          permissions:
+            - path: /var/log/heat
+              owner: heat:heat
+              recurse: true
       docker_config:
         step_4:
           heat_api:
-            image: *heat_api_image
+            image:
+              list_join:
+                - '/'
+                - [ {get_param: DockerNamespace}, {get_param: DockerHeatApiImage} ]
             net: host
             privileged: false
             restart: always
+            # NOTE(mandre) kolla image changes the user to 'heat', we need it
+            # to be root to run httpd
+            user: root
             volumes:
-              - /run:/run
-              - /var/lib/kolla/config_files/heat_api.json:/var/lib/kolla/config_files/config.json:ro
-              - /var/lib/config-data/heat/:/var/lib/kolla/config_files/src:ro
-              - /etc/hosts:/etc/hosts:ro
-              - /etc/localtime:/etc/localtime:ro
-              - /dev:/dev
+              list_concat:
+                - {get_attr: [ContainersCommon, volumes]}
+                -
+                  - /var/lib/kolla/config_files/heat_api.json:/var/lib/kolla/config_files/config.json:ro
+                  - /var/lib/config-data/heat_api/etc/heat/:/etc/heat/:ro
+                  - /var/lib/config-data/heat_api/etc/httpd/conf/:/etc/httpd/conf/:ro
+                  - /var/lib/config-data/heat_api/etc/httpd/conf.d/:/etc/httpd/conf.d/:ro
+                  - /var/lib/config-data/heat_api/etc/httpd/conf.modules.d/:/etc/httpd/conf.modules.d/:ro
+                  - /var/lib/config-data/heat_api/var/www/:/var/www/:ro
+                  - /var/log/containers/heat:/var/log/heat
+                  -
+                    if:
+                      - internal_tls_enabled
+                      - /etc/pki/tls/certs/httpd:/etc/pki/tls/certs/httpd:ro
+                      - ''
+                  -
+                    if:
+                      - internal_tls_enabled
+                      - /etc/pki/tls/private/httpd:/etc/pki/tls/private/httpd:ro
+                      - ''
             environment:
               - KOLLA_CONFIG_STRATEGY=COPY_ALWAYS
+      host_prep_tasks:
+        - name: create persistent logs directory
+          file:
+            path: /var/log/containers/heat
+            state: directory
+      upgrade_tasks:
+        - name: Stop and disable heat_api service
+          tags: step2
+          service: name=httpd state=stopped enabled=no
+      metadata_settings:
+        get_attr: [HeatBase, role_data, metadata_settings]