X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fhaproxy.yaml;h=981a08d2c20e58b0d77d4d1f1f07aee5dd6c054c;hb=74a97cb69a7822b620eb35527f5a1a48d94d7221;hp=6885449e83d559477a9229e7b043bbef51d35807;hpb=e774cb35d5a0658de7595839b0c54c4181181798;p=apex-tripleo-heat-templates.git

diff --git a/puppet/services/haproxy.yaml b/puppet/services/haproxy.yaml
index 6885449e..981a08d2 100644
--- a/puppet/services/haproxy.yaml
+++ b/puppet/services/haproxy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2016-04-08
+heat_template_version: ocata
 
 description: >
   HAproxy service configured with Puppet
@@ -34,53 +34,59 @@ parameters:
     description: The password for Redis
     type: string
     hidden: true
-  ControlVirtualInterface:
-    default: 'br-ex'
-    description: Interface where virtual ip will be assigned.
-    type: string
-  PublicVirtualInterface:
-    default: 'br-ex'
-    description: >
-        Specifies the interface where the public-facing virtual ip will be assigned.
-        This should be int_public when a VLAN is being used.
+  MonitoringSubscriptionHaproxy:
+    default: 'overcloud-haproxy'
     type: string
 
+resources:
+
+  HAProxyPublicTLS:
+    type: OS::TripleO::Services::HAProxyPublicTLS
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
+  HAProxyInternalTLS:
+    type: OS::TripleO::Services::HAProxyInternalTLS
+    properties:
+      ServiceNetMap: {get_param: ServiceNetMap}
+      DefaultPasswords: {get_param: DefaultPasswords}
+      EndpointMap: {get_param: EndpointMap}
+
 outputs:
   role_data:
     description: Role data for the HAproxy role.
     value:
       service_name: haproxy
+      monitoring_subscription: {get_param: MonitoringSubscriptionHaproxy}
       config_settings:
-        tripleo.haproxy.firewall_rules:
-          '107 haproxy stats':
-            dport: 1993
-        # TODO(emilien) make it composable to find which services are actually running
-        tripleo::haproxy::keystone_admin: '"%{hiera(\"keystone_enabled\")}"'
-        tripleo::haproxy::keystone_public: '"%{hiera(\"keystone_enabled\")}"'
-        tripleo::haproxy::neutron: '"%{hiera(\"neutron_api_enabled\")}"'
-        tripleo::haproxy::cinder: '"%{hiera(\"cinder_api_enabled\")}"'
-        tripleo::haproxy::glance_api: '"%{hiera(\"glance_api_enabled\")}"'
-        tripleo::haproxy::glance_registry: '"%{hiera(\"glance_registry_enabled\")}"'
-        tripleo::haproxy::nova_osapi: '"%{hiera(\"nova_api_enabled\")}"'
-        tripleo::haproxy::nova_metadata: '"%{hiera(\"nova_api_enabled\")}"'
-        tripleo::haproxy::nova_novncproxy: '"%{hiera(\"nova_vncproxy_enabled\")}"'
-        tripleo::haproxy::mysql: true
-        tripleo::haproxy::redis: '"%{hiera(\"redis_enabled\")}"'
-        tripleo::haproxy::sahara: '"%{hiera(\"sahara_api_enabled\")}"'
-        tripleo::haproxy::swift_proxy_server: '"%{hiera(\"swift_proxy_enabled\")}"'
-        tripleo::haproxy::ceilometer: '"%{hiera(\"ceilometer_api_enabled\")}"'
-        tripleo::haproxy::aodh: '"%{hiera(\"aodh_api_enabled\")}"'
-        tripleo::haproxy::gnocchi: '"%{hiera(\"gnocchi_api_enabled\")}"'
-        tripleo::haproxy::heat_api: '"%{hiera(\"heat_api_enabled\")}"'
-        tripleo::haproxy::heat_cloudwatch: '"%{hiera(\"heat_api_cloudwatch_enabled\")}"'
-        tripleo::haproxy::heat_cfn: '"%{hiera(\"heat_api_cfn_enabled\")}"'
-        tripleo::haproxy::horizon: '"%{hiera(\"horizon_enabled\")}"'
-        tripleo::haproxy::ironic: '"%{hiera(\"ironic_api_enabled\")}"'
-        tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress}
-        tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser}
-        tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword}
-        tripleo::haproxy::redis_password: {get_param: RedisPassword}
-        tripleo::haproxy::control_virtual_interface: {get_param: ControlVirtualInterface}
-        tripleo::haproxy::public_virtual_interface: {get_param: PublicVirtualInterface}
+        map_merge:
+          - get_attr: [HAProxyPublicTLS, role_data, config_settings]
+          - get_attr: [HAProxyInternalTLS, role_data, config_settings]
+          - tripleo.haproxy.firewall_rules:
+              '107 haproxy stats':
+                dport: 1993
+            tripleo::haproxy::haproxy_log_address: {get_param: HAProxySyslogAddress}
+            tripleo::haproxy::haproxy_stats_user: {get_param: HAProxyStatsUser}
+            tripleo::haproxy::haproxy_stats_password: {get_param: HAProxyStatsPassword}
+            tripleo::haproxy::redis_password: {get_param: RedisPassword}
+            tripleo::profile::base::haproxy::certificates_specs:
+              map_merge:
+                - get_attr: [HAProxyPublicTLS, role_data, certificates_specs]
+                - get_attr: [HAProxyInternalTLS, role_data, certificates_specs]
       step_config: |
         include ::tripleo::profile::base::haproxy
+      upgrade_tasks:
+        - name: Stop haproxy service
+          tags: step1
+          service: name=haproxy state=stopped
+        - name: Start haproxy service
+          tags: step4 # Needed at step 4 for mysql
+          service: name=haproxy state=started
+      metadata_settings:
+        yaql:
+          expression: '[].concat(coalesce($.data.internal, []), coalesce($.data.public, []))'
+          data:
+            public: {get_attr: [HAProxyPublicTLS, role_data, metadata_settings]}
+            internal: {get_attr: [HAProxyInternalTLS, role_data, metadata_settings]}