diff options
Diffstat (limited to 'puppet/services/tacker.yaml')
-rw-r--r-- | puppet/services/tacker.yaml | 37 |
1 files changed, 33 insertions, 4 deletions
diff --git a/puppet/services/tacker.yaml b/puppet/services/tacker.yaml index 6ceb9f19..c14e061b 100644 --- a/puppet/services/tacker.yaml +++ b/puppet/services/tacker.yaml @@ -47,6 +47,12 @@ parameters: default: 5672 description: Set rabbit subscriber port, change this if using SSL type: number + TackerPolicies: + description: | + A hash of policies to configure for Tacker. + e.g. { tacker-context_is_admin: { key: context_is_admin, value: 'role:admin' } } + default: {} + type: json outputs: role_data: @@ -66,9 +72,6 @@ outputs: - '/tacker' - '?read_default_file=/etc/my.cnf.d/tripleo.cnf&read_default_group=tripleo' - tacker::keystone::auth::tenant: 'service' - tacker::keystone::auth::password: {get_param: TackerPassword} - tacker::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} tacker::debug: {get_param: Debug} tacker::rpc_backend: rabbit tacker::rabbit_userid: {get_param: RabbitUserName} @@ -77,6 +80,12 @@ outputs: tacker::rabbit_port: {get_param: RabbitClientPort} tacker::server::bind_host: {get_param: [ServiceNetMap, TackerApiNetwork]} + tacker::keystone::authtoken::project_name: 'service' + tacker::keystone::authtoken::user_domain_name: 'Default' + tacker::keystone::authtoken::project_domain_name: 'Default' + tacker::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} + tacker::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} + tacker::db::mysql::password: {get_param: TackerPassword} tacker::db::mysql::user: tacker tacker::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} @@ -84,14 +93,34 @@ outputs: tacker::db::mysql::allowed_hosts: - '%' - {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} + tacker::policy::policies: {get_param: TackerPolicies} + service_config_settings: + keystone: + tacker::keystone::auth::tenant: 'service' + tacker::keystone::auth::region: {get_param: KeystoneRegion} + tacker::keystone::auth::password: {get_param: TackerPassword} + tacker::keystone::auth::public_url: {get_param: [EndpointMap, TackerPublic, uri]} + tacker::keystone::auth::internal_url: {get_param: [EndpointMap, TackerInternal, uri]} + tacker::keystone::auth::admin_url: {get_param: [EndpointMap, TackerAdmin, uri]} step_config: | include ::tripleo::profile::base::tacker upgrade_tasks: + - name: Check if tacker is deployed + command: systemctl is-enabled openstack-tacker-server + tags: common + ignore_errors: True + register: tacker_enabled - name: "PreUpgrade step0,validation: Check service openstack-tacker-server is running" shell: /usr/bin/systemctl show 'openstack-tacker-server' --property ActiveState | grep '\bactive\b' + when: tacker_enabled.rc == 0 tags: step0,validation - name: Stop tacker service - tags: step2 + tags: step1 + when: tacker_enabled.rc == 0 service: name=openstack-tacker-server state=stopped + - name: Install openstack-tacker package if it was disabled + tags: step3 + yum: name=openstack-tacker state=latest + when: tacker_enabled.rc != 0 |