X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fheat-engine.yaml;h=1e7bec23c1c350d3a83dba3c937421daef9567f5;hb=9d67d7b3b11b688be0b40fc2fcfb1daf5b5157df;hp=2fd018853a815701546dc8d19450ea7535054d18;hpb=cb9fafe37c6c8134207a46707566d5c2d57109d9;p=apex-tripleo-heat-templates.git diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml index 2fd01885..1e7bec23 100644 --- a/puppet/services/heat-engine.yaml +++ b/puppet/services/heat-engine.yaml @@ -1,9 +1,18 @@ -heat_template_version: 2016-04-08 +heat_template_version: 2016-10-14 description: > Openstack Heat Engine service configured with Puppet parameters: + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -26,20 +35,43 @@ parameters: description: Password for heat_stack_domain_admin user. type: string hidden: true + HeatAuthEncryptionKey: + description: Auth encryption key for heat-engine + type: string + hidden: true + default: '' + MonitoringSubscriptionHeatEngine: + default: 'overcloud-heat-engine' + type: string + HeatEngineLoggingSource: + type: json + default: + tag: openstack.heat.engine + path: /var/log/heat/heat-engine.log resources: HeatBase: type: ./heat-base.yaml + properties: + ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} + EndpointMap: {get_param: EndpointMap} outputs: role_data: description: Role data for the Heat Engine role. value: - service_name: heat-engine + service_name: heat_engine + monitoring_subscription: {get_param: MonitoringSubscriptionHeatEngine} + logging_source: {get_param: HeatEngineLoggingSource} + logging_groups: + - heat config_settings: map_merge: - get_attr: [HeatBase, role_data, config_settings] - heat::engine::num_engine_workers: {get_param: HeatWorkers} + heat::engine::configure_delegated_roles: false + heat::engine::trusts_delegated_roles: [] tripleo::profile::base::heat::manage_db_purge: {get_param: HeatEnableDBPurge} heat::database_connection: list_join: @@ -51,15 +83,20 @@ outputs: - {get_param: [EndpointMap, MysqlInternal, host]} - '/heat' heat::keystone_ec2_uri: {get_param: [EndpointMap, KeystoneEC2, uri]} - heat::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} - heat::keystone_password: {get_param: HeatPassword} heat::db::mysql::password: {get_param: HeatPassword} heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword} heat::db::mysql::user: heat - heat::db::mysql::host: {get_param: [EndpointMap, MysqlNoBracketsInternal, host]} + heat::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} heat::db::mysql::dbname: heat heat::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" + heat::engine::auth_encryption_key: + yaql: + expression: $.data.passwords.where($ != '').first() + data: + passwords: + - {get_param: HeatAuthEncryptionKey} + - {get_param: [DefaultPasswords, heat_auth_encryption_key]} step_config: | include ::tripleo::profile::base::heat::engine