X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fironic-api.yaml;h=945033a19497a0aa37d1324c91350f53c851e2cd;hb=acaa47accdb724fff9e0c01e0b1bf63ccbc2d839;hp=e24d0de6ed37ff1c8f0fd0254bde4dd7d79e9952;hpb=f4d76943c4926b03eb0fff04629745b85dcdbd97;p=apex-tripleo-heat-templates.git diff --git a/puppet/services/ironic-api.yaml b/puppet/services/ironic-api.yaml index e24d0de6..945033a1 100644 --- a/puppet/services/ironic-api.yaml +++ b/puppet/services/ironic-api.yaml @@ -1,4 +1,4 @@ -heat_template_version: ocata +heat_template_version: pike description: > OpenStack Ironic API configured with Puppet @@ -13,6 +13,14 @@ parameters: DefaultPasswords: default: {} type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -29,6 +37,12 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + IronicApiPolicies: + description: | + A hash of policies to configure for Ironic API. + e.g. { ironic-context_is_admin: { key: context_is_admin, value: 'role:admin' } } + default: {} + type: json resources: IronicBase: @@ -37,6 +51,8 @@ resources: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} + RoleName: {get_param: RoleName} + RoleParameters: {get_param: RoleParameters} outputs: role_data: @@ -64,6 +80,7 @@ outputs: ironic::api::port: {get_param: [EndpointMap, IronicInternal, port]} # This is used to build links in responses ironic::api::public_endpoint: {get_param: [EndpointMap, IronicPublic, uri_no_suffix]} + ironic::policy::policies: {get_param: IronicApiPolicies} tripleo.ironic_api.firewall_rules: '133 ironic api': dport: