X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=puppet%2Fservices%2Fsahara-api.yaml;h=d9f2115a7c7e234dc947c277bf0a6c6152eb1def;hb=8eaecb64893ff7ebeaca14eb5172e3320202343b;hp=7f0bd950acc17e52d4a36c9304ecae005c030991;hpb=885b37c80ecdae308289cc2e5c2a29dc66710487;p=apex-tripleo-heat-templates.git diff --git a/puppet/services/sahara-api.yaml b/puppet/services/sahara-api.yaml index 7f0bd950..d9f2115a 100644 --- a/puppet/services/sahara-api.yaml +++ b/puppet/services/sahara-api.yaml @@ -1,4 +1,4 @@ -heat_template_version: 2016-04-08 +heat_template_version: ocata description: > OpenStack Sahara API service configured with Puppet @@ -10,6 +10,9 @@ parameters: via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json + DefaultPasswords: + default: {} + type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set @@ -27,12 +30,27 @@ parameters: type: string default: 'regionOne' description: Keystone region for endpoint + MonitoringSubscriptionSaharaApi: + default: 'overcloud-sahara-api' + type: string + SaharaApiLoggingSource: + type: json + default: + tag: openstack.sahara.api + path: /var/log/sahara/sahara-api.log + SaharaApiPolicies: + description: | + A hash of policies to configure for Sahara API. + e.g. { sahara-context_is_admin: { key: context_is_admin, value: 'role:admin' } } + default: {} + type: json resources: SaharaBase: type: ./sahara-base.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} + DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: @@ -40,16 +58,22 @@ outputs: description: Role data for the Sahara API role. value: service_name: sahara_api + monitoring_subscription: {get_param: MonitoringSubscriptionSaharaApi} + logging_source: {get_param: SaharaApiLoggingSource} + logging_groups: + - sahara config_settings: map_merge: - get_attr: [SaharaBase, role_data, config_settings] - sahara::port: {get_param: [EndpointMap, SaharaInternal, port]} + sahara::policy::policies: {get_param: SaharaApiPolicies} sahara::service::api::api_workers: {get_param: SaharaWorkers} - sahara::keystone::auth::public_url: {get_param: [EndpointMap, SaharaPublic, uri]} - sahara::keystone::auth::internal_url: {get_param: [EndpointMap, SaharaInternal, uri]} - sahara::keystone::auth::admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]} - sahara::keystone::auth::password: {get_param: SaharaPassword } - sahara::keystone::auth::region: {get_param: KeystoneRegion} + # NOTE: bind IP is found in Heat replacing the network name with the local node IP + # for the given network; replacement examples (eg. for internal_api): + # internal_api -> IP + # internal_api_uri -> [IP] + # internal_api_subnet - > IP/CIDR + sahara::host: {get_param: [ServiceNetMap, SaharaApiNetwork]} tripleo.sahara_api.firewall_rules: '132 sahara': dport: @@ -57,3 +81,23 @@ outputs: - 13386 step_config: | include ::tripleo::profile::base::sahara::api + service_config_settings: + keystone: + sahara::keystone::auth::tenant: 'service' + sahara::keystone::auth::public_url: {get_param: [EndpointMap, SaharaPublic, uri]} + sahara::keystone::auth::internal_url: {get_param: [EndpointMap, SaharaInternal, uri]} + sahara::keystone::auth::admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]} + sahara::keystone::auth::password: {get_param: SaharaPassword } + sahara::keystone::auth::region: {get_param: KeystoneRegion} + mysql: + sahara::db::mysql::password: {get_param: SaharaPassword} + sahara::db::mysql::user: sahara + sahara::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} + sahara::db::mysql::dbname: sahara + sahara::db::mysql::allowed_hosts: + - '%' + - "%{hiera('mysql_bind_host')}" + upgrade_tasks: + - name: Stop sahara_api service + tags: step1 + service: name=openstack-sahara-api state=stopped