OS::TripleO::Services::RabbitMQ: puppet/services/rabbitmq.yaml
OS::TripleO::Services::Loadbalancer: puppet/services/loadbalancer.yaml
OS::TripleO::Services::Memcached: puppet/services/memcached.yaml
+ OS::TripleO::Services::SwiftProxy: puppet/services/swift-proxy.yaml
parameter_defaults:
EnablePackageInstall: false
description: A random string to be used as a salt when hashing to determine mappings in the ring.
type: string
hidden: true
- SwiftPassword:
- description: The password for the swift service account, used by the swift proxy services.
- type: string
- hidden: true
SwiftMountCheck:
default: 'false'
description: Value of mount_check in Swift account/container/object -server.conf
- OS::TripleO::Services::RabbitMQ
- OS::TripleO::Services::Loadbalancer
- OS::TripleO::Services::Memcached
+ - OS::TripleO::Services::SwiftProxy
description: A list of service resources (configured in the Heat
resource_registry) which represent nested stacks
for each service that should get installed on the Controllers.
SwiftMountCheck: {get_param: SwiftMountCheck}
SwiftMinPartHours: {get_param: SwiftMinPartHours}
SwiftPartPower: {get_param: SwiftPartPower}
- SwiftPassword: {get_param: SwiftPassword}
SwiftReplicas: { get_param: SwiftReplicas}
TimeZone: {get_param: TimeZone}
VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} # deprecated. Use per service VIP settings instead now.
default: true
description: Whether to manage Swift rings or not
type: boolean
- SwiftPassword:
- description: The password for the swift service account, used by the swift proxy
- services.
- hidden: true
- type: string
SwiftProxyVirtualIP:
type: string
default: ''
type: number
default: 3
description: How many replicas to use in the swift rings.
- SwiftWorkers:
- default: 0
- description: Number of workers for Swift service.
- type: number
TimeZone:
default: 'UTC'
description: The timezone to be set on controller nodes.
cinder_workers: {get_param: CinderWorkers}
nova_workers: {get_param: NovaWorkers}
neutron_workers: {get_param: NeutronWorkers}
- swift_workers: {get_param: SwiftWorkers}
neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
haproxy_log_address: {get_param: HAProxySyslogAddress}
control_virtual_interface: {get_param: ControlVirtualInterface}
public_virtual_interface: {get_param: PublicVirtualInterface}
swift_hash_suffix: {get_param: SwiftHashSuffix}
- swift_password: {get_param: SwiftPassword}
swift_part_power: {get_param: SwiftPartPower}
swift_ring_build: {get_param: SwiftRingBuild}
swift_replicas: {get_param: SwiftReplicas}
swift_min_part_hours: {get_param: SwiftMinPartHours}
swift_mount_check: {get_param: SwiftMountCheck}
- swift_public_url: {get_param: [EndpointMap, SwiftPublic, uri]}
- swift_internal_url: {get_param: [EndpointMap, SwiftInternal, uri]}
- swift_admin_url: {get_param: [EndpointMap, SwiftAdmin, uri]}
- swift_public_url_s3: {get_param: [EndpointMap, SwiftS3Public, uri]}
- swift_internal_url_s3: {get_param: [EndpointMap, SwiftS3Internal, uri]}
- swift_admin_url_s3: {get_param: [EndpointMap, SwiftS3Admin, uri]}
enable_package_install: {get_param: EnablePackageInstall}
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
sahara_password: {get_param: SaharaPassword}
tripleo::fencing::config: {get_input: fencing_config}
# Swift
+ # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
- swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
- swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
swift::swift_hash_suffix: {get_input: swift_hash_suffix}
- swift::proxy::authtoken::admin_password: {get_input: swift_password}
- swift::proxy::workers: {get_input: swift_workers}
tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
tripleo::ringbuilder::part_power: {get_input: swift_part_power}
tripleo::ringbuilder::replicas: {get_input: swift_replicas}
tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
swift_mount_check: {get_input: swift_mount_check}
- swift::keystone::auth::public_url: {get_input: swift_public_url }
- swift::keystone::auth::internal_url: {get_input: swift_internal_url }
- swift::keystone::auth::admin_url: {get_input: swift_admin_url }
- swift::keystone::auth::public_url_s3: {get_input: swift_public_url_v3 }
- swift::keystone::auth::internal_url_s3: {get_input: swift_internal_url_v3 }
- swift::keystone::auth::admin_url_s3: {get_input: swift_admin_url_v3 }
- swift::keystone::auth::password: {get_input: swift_password }
- swift::keystone::auth::region: {get_input: keystone_region}
# Cinder
cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
enabled_backends => union($cinder_enabled_backends, hiera('cinder_user_enabled_backends')),
}
- # swift proxy
- include ::swift::proxy
- include ::swift::proxy::proxy_logging
- include ::swift::proxy::healthcheck
- include ::swift::proxy::cache
- include ::swift::proxy::keystone
- include ::swift::proxy::authtoken
- include ::swift::proxy::staticweb
- include ::swift::proxy::ratelimit
- include ::swift::proxy::catch_errors
- include ::swift::proxy::tempurl
- include ::swift::proxy::formpost
-
# swift storage
if str2bool(hiera('enable_swift_storage', true)) {
class { '::swift::storage::all':
enabled => false,
}
- # swift proxy
- class { '::swift::proxy' :
- manage_service => $non_pcmk_start,
- enabled => $non_pcmk_start,
- }
- include ::swift::proxy::proxy_logging
- include ::swift::proxy::healthcheck
- include ::swift::proxy::cache
- include ::swift::proxy::keystone
- include ::swift::proxy::authtoken
- include ::swift::proxy::staticweb
- include ::swift::proxy::ratelimit
- include ::swift::proxy::catch_errors
- include ::swift::proxy::tempurl
- include ::swift::proxy::formpost
-
# swift storage
if str2bool(hiera('enable_swift_storage', true)) {
class {'::swift::storage::all':
--- /dev/null
+heat_template_version: 2016-04-08
+
+description: >
+ OpenStack Swift Proxy service configured with Puppet
+
+parameters:
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ Debug:
+ default: ''
+ description: Set to True to enable debugging on all services.
+ type: string
+ SwiftPassword:
+ description: The password for the swift service account, used by the swift proxy services.
+ type: string
+ hidden: true
+ SwiftWorkers:
+ default: 0
+ description: Number of workers for Swift service.
+ type: number
+ KeystoneRegion:
+ type: string
+ default: 'regionOne'
+ description: Keystone region for endpoint
+
+
+outputs:
+ role_data:
+ description: Role data for the Swift proxy service.
+ value:
+ config_settings:
+ # Swift
+ swift::proxy::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
+ swift::proxy::authtoken::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
+ swift::proxy::authtoken::admin_password: {get_param: SwiftPassword}
+ swift::proxy::workers: {get_param: SwiftWorkers}
+ swift::keystone::auth::public_url: {get_param: [EndpointMap, SwiftPublic, uri]}
+ swift::keystone::auth::internal_url: {get_param: [EndpointMap, SwiftInternal, uri]}
+ swift::keystone::auth::admin_url: {get_param: [EndpointMap, SwiftAdmin, uri]}
+ swift::keystone::auth::public_url_s3: {get_param: [EndpointMap, SwiftS3Public, uri]}
+ swift::keystone::auth::internal_url_s3: {get_param: [EndpointMap, SwiftS3Internal, uri]}
+ swift::keystone::auth::admin_url_s3: {get_param: [EndpointMap, SwiftS3Admin, uri]}
+ swift::keystone::auth::password: {get_param: SwiftPassword}
+ swift::keystone::auth::region: {get_param: KeystoneRegion}
+ step_config: |
+ include ::tripleo::profile::base::swift::proxy
Code Review / apex-tripleo-heat-templates.git / commitdiff