X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fhaproxy.yaml;h=0813cb7e01ca77606ed0b60d77e82eef92c98bd6;hb=1753b19a08efa5d6d859cf9096acd014cb6b91c9;hp=902a1c3f53bf3a89d47e76950f93b896f493cac1;hpb=9aec3de5b842967cfa104ec5aebd359b71379c64;p=apex-tripleo-heat-templates.git

diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml
index 902a1c3f..0813cb7e 100644
--- a/puppet/services/haproxy.yaml
+++ b/puppet/services/haproxy.yaml
@@ -1,44 +1,91 @@
-heat_template_version: 2016-04-08
+heat_template_version: 2016-10-14
 
 description: >
   HAproxy service configured with Puppet
 
 parameters:
+  ServiceNetMap:
+    default: {}
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.  This
+                 mapping overrides those in ServiceNetMapDefaults.
+    type: json
+  DefaultPasswords:
+    default: {}
+    type: json
   EndpointMap:
     default: {}
     description: Mapping of service endpoint -> protocol. Typically set
                  via parameter_defaults in the resource registry.
     type: json
+  HAProxyStatsPassword:
+    description: Password for HAProxy stats endpoint
+    hidden: true
+    type: string
+  HAProxyStatsUser:
+    description: User for HAProxy stats endpoint
+    default: admin
+    type: string
+  HAProxySyslogAddress:
+    default: /dev/log
+    description: Syslog address where HAproxy will send its log
+    type: string
+  RedisPassword:
+    description: The password for Redis
+    type: string
+    hidden: true
+  ControlVirtualInterface:
+    default: 'br-ex'
+    description: Interface where virtual ip will be assigned.
+    type: string
+  PublicVirtualInterface:
+    default: 'br-ex'
+    description: >
+        Specifies the interface where the public-facing virtual ip will be assigned.
+        This should be int_public when a VLAN is being used.
+    type: string
+  MonitoringSubscriptionHaproxy:
+    default: 'overcloud-haproxy'
+    type: string
+
+resources:
+
+  HAProxyPublicTLS:
+    type: OS::TripleO::Services::HAProxyPublicTLS
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
+  HAProxyInternalTLS:
+    type: OS::TripleO::Services::HAProxyInternalTLS
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
 
 outputs:
   role_data:
     description: Role data for the HAproxy role.
     value:
       service_name: haproxy
+      monitoring_subscription: {get_param: MonitoringSubscriptionHaproxy}
       config_settings:
-        tripleo.haproxy.firewall_rules:
-          '107 haproxy stats':
-            dport: 1993
-        # TODO(emilien) make it composable to find which services are actually running
-        tripleo::haproxy::keystone_admin: true
-        tripleo::haproxy::keystone_public: true
-        tripleo::haproxy::neutron: true
-        tripleo::haproxy::cinder: true
-        tripleo::haproxy::glance_api: true
-        tripleo::haproxy::glance_registry: true
-        tripleo::haproxy::nova_osapi: true
-        tripleo::haproxy::nova_metadata: true
-        tripleo::haproxy::nova_novncproxy: true
-        tripleo::haproxy::mysql: true
-        tripleo::haproxy::redis: true
-        tripleo::haproxy::sahara: true
-        tripleo::haproxy::swift_proxy_server: true
-        tripleo::haproxy::ceilometer: true
-        tripleo::haproxy::aodh: true
-        tripleo::haproxy::gnocchi: true
-        tripleo::haproxy::heat_api: true
-        tripleo::haproxy::heat_cloudwatch: true
-        tripleo::haproxy::heat_cfn: true
-        tripleo::haproxy::horizon: true
+        map_merge:
+          - get_attr: [HAProxyPublicTLS, role_data, config_settings]
+          - get_attr: [HAProxyInternalTLS, role_data, config_settings]
+          - tripleo.haproxy.firewall_rules:
+              '107 haproxy stats':
+                dport: 1993
+            tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress}
+            tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser}
+            tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword}
+            tripleo::haproxy::redis_password: {get_param: RedisPassword}
+            tripleo::haproxy::control_virtual_interface: {get_param: ControlVirtualInterface}
+            tripleo::haproxy::public_virtual_interface: {get_param: PublicVirtualInterface}
+            tripleo::profile::base::haproxy::certificates_specs:
+              map_merge:
+                - get_attr: [HAProxyPublicTLS, role_data, certificates_specs]
+                - get_attr: [HAProxyInternalTLS, role_data, certificates_specs]
       step_config: |
         include ::tripleo::profile::base::haproxy