puppet/services/zaqar-api.yaml

   1 heat_template_version: pike
   2
   3 description: >
   4   Openstack Zaqar service. Shared for all Heat services.
   5
   6 parameters:
   7   ServiceData:
   8     default: {}
   9     description: Dictionary packing service data
  10     type: json
  11   ServiceNetMap:
  12     default: {}
  13     description: Mapping of service_name -> network name. Typically set
  14                  via parameter_defaults in the resource registry.  This
  15                  mapping overrides those in ServiceNetMapDefaults.
  16     type: json
  17   EndpointMap:
  18     default: {}
  19     description: Mapping of service endpoint -> protocol. Typically set
  20                  via parameter_defaults in the resource registry.
  21     type: json
  22   DefaultPasswords:
  23     default: {}
  24     type: json
  25   RoleName:
  26     default: ''
  27     description: Role name on which the service is applied
  28     type: string
  29   RoleParameters:
  30     default: {}
  31     description: Parameters specific to the role
  32     type: json
  33   Debug:
  34     default: ''
  35     description: Set to True to enable debugging on all services.
  36     type: string
  37   ZaqarDebug:
  38     default: ''
  39     description: Set to True to enable debugging Zaqar service.
  40     type: string
  41   ZaqarPassword:
  42     description: The password for Zaqar
  43     type: string
  44     hidden: true
  45   KeystoneRegion:
  46     type: string
  47     default: 'regionOne'
  48     description: Keystone region for endpoint
  49   ZaqarPolicies:
  50     description: |
  51       A hash of policies to configure for Zaqar.
  52       e.g. { zaqar-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
  53     default: {}
  54     type: json
  55   ZaqarWorkers:
  56     type: string
  57     description: Set the number of workers for zaqar::wsgi::apache
  58     default: '%{::os_workers}'
  59   ZaqarMessageStore:
  60     type: string
  61     description: The messaging store for Zaqar
  62     default: mongodb
  63   ZaqarManagementStore:
  64     type: string
  65     description: The management store for Zaqar
  66     default: mongodb
  67   EnableInternalTLS:
  68     type: boolean
  69     default: false
  70
  71 conditions:
  72   zaqar_workers_zero: {equals : [{get_param: ZaqarWorkers}, 0]}
  73   service_debug_unset: {equals : [{get_param: ZaqarDebug}, '']}
  74   zaqar_messaging_store_swift: {equals : [{get_param: ZaqarMessageStore}, 'swift']}
  75   zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']}
  76
  77 resources:
  78
  79   ApacheServiceBase:
  80     type: ./apache.yaml
  81     properties:
  82       ServiceData: {get_param: ServiceData}
  83       ServiceNetMap: {get_param: ServiceNetMap}
  84       DefaultPasswords: {get_param: DefaultPasswords}
  85       EndpointMap: {get_param: EndpointMap}
  86       EnableInternalTLS: {get_param: EnableInternalTLS}
  87
  88 outputs:
  89   role_data:
  90     description: Shared role data for the Zaqar services.
  91     value:
  92       service_name: zaqar_api
  93       config_settings:
  94         map_merge:
  95           - get_attr: [ApacheServiceBase, role_data, config_settings]
  96           - zaqar::policy::policies: {get_param: ZaqarPolicies}
  97             zaqar::keystone::authtoken::password: {get_param: ZaqarPassword}
  98             zaqar::keystone::authtoken::project_name: 'service'
  99             zaqar::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
 100             zaqar::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
 101             zaqar::keystone::trust::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
 102             zaqar::debug:
 103               if:
 104               - service_debug_unset
 105               - {get_param: Debug }
 106               - {get_param: ZaqarDebug }
 107             zaqar::server::service_name: 'httpd'
 108             zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]}
 109             zaqar::wsgi::apache::ssl: {get_param: EnableInternalTLS}
 110             zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
 111             zaqar::message_pipeline: 'zaqar.notification.notifier'
 112             zaqar::unreliable: true
 113             zaqar::wsgi::apache::servername:
 114               str_replace:
 115                 template:
 116                   "%{hiera('fqdn_$NETWORK')}"
 117                 params:
 118                   $NETWORK: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
 119             zaqar::message_store: {get_param: ZaqarMessageStore}
 120             zaqar::management_store: {get_param: ZaqarManagementStore}
 121           -
 122             if:
 123             - zaqar_messaging_store_swift
 124             -
 125               zaqar::messaging::swift::uri:
 126                 list_join:
 127                   - ''
 128                   - ['swift://zaqar:', {get_param: ZaqarPassword}, '@/service']
 129               zaqar::messaging::swift::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
 130               tripleo::profile::base::zaqar::messaging_store: 'swift'
 131             - {}
 132           -
 133             if:
 134             - zaqar_management_store_sqlalchemy
 135             -
 136               tripleo::profile::base::zaqar::management_store: 'sqlalchemy'
 137               zaqar::management::sqlalchemy::uri:
 138                 make_url:
 139                   scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
 140                   username: zaqar
 141                   password: {get_param: ZaqarPassword}
 142                   host: {get_param: [EndpointMap, MysqlInternal, host]}
 143                   path: /zaqar
 144                   query:
 145                     read_default_file: /etc/my.cnf.d/tripleo.cnf
 146                     read_default_group: tripleo
 147             - {}
 148           -
 149             if:
 150             - zaqar_workers_zero
 151             - {}
 152             - zaqar::wsgi::apache::workers: {get_param: ZaqarWorkers}
 153       service_config_settings:
 154         map_merge:
 155           - keystone:
 156               zaqar::keystone::auth::password: {get_param: ZaqarPassword}
 157               zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]}
 158               zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]}
 159               zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]}
 160               zaqar::keystone::auth::region: {get_param: KeystoneRegion}
 161               zaqar::keystone::auth::tenant: 'service'
 162               zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword}
 163               zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]}
 164               zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]}
 165               zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]}
 166               zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion}
 167               zaqar::keystone::auth_websocket::tenant: 'service'
 168               zaqar::keystone::trust::password: {get_param: ZaqarPassword}
 169               zaqar::keystone::trust::user_domain_name: 'Default'
 170           -
 171             if:
 172             - zaqar_management_store_sqlalchemy
 173             - mysql:
 174                 zaqar::db::mysql::user: zaqar
 175                 zaqar::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
 176                 zaqar::db::mysql::dbname: zaqar
 177                 zaqar::db::mysql::password: {get_param: ZaqarPassword}
 178                 zaqar::db::mysql::allowed_hosts:
 179                   - '%'
 180                   - "%{hiera('mysql_bind_host')}"
 181             - {}
 182       step_config: |
 183         include ::tripleo::profile::base::zaqar
 184       metadata_settings:
 185         get_attr: [ApacheServiceBase, role_data, metadata_settings]
 186       upgrade_tasks:
 187         list_concat:
 188           - get_attr: [ApacheServiceBase, role_data, upgrade_tasks]
 189           -
 190             - name: Check if zaqar is deployed
 191               command: systemctl is-enabled openstack-zaqar
 192               tags: common
 193               ignore_errors: True
 194               register: zaqar_enabled
 195             - name: "PreUpgrade step0,validation: Check if openstack-zaqar is running"
 196               shell: >
 197                 /usr/bin/systemctl show 'openstack-zaqar' --property ActiveState |
 198                 grep '\bactive\b'
 199               when: zaqar_enabled.rc == 0
 200               tags: step0,validation
 201             - name: Check for zaqar running under apache (post upgrade)
 202               tags: step1
 203               shell: "httpd -t -D DUMP_VHOSTS | grep -q zaqar_wsgi"
 204               register: zaqar_apache
 205               ignore_errors: true
 206             - name: Stop zaqar service (running under httpd)
 207               tags: step1
 208               service: name=httpd state=stopped
 209               when: zaqar_apache.rc == 0
 210             - name: Stop and disable zaqar service (pre-upgrade not under httpd)
 211               tags: step1
 212               when: zaqar_enabled.rc == 0
 213               service: name=openstack-zaqar state=stopped enabled=no
 214             - name: Install openstack-zaqar package if it was disabled
 215               tags: step3
 216               yum: name=openstack-zaqar state=latest
 217               when: zaqar_enabled.rc != 0