aboutsummaryrefslogtreecommitdiffstats
path: root/puppet/services/tacker.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/services/tacker.yaml')
-rw-r--r--puppet/services/tacker.yaml37
1 files changed, 33 insertions, 4 deletions
diff --git a/puppet/services/tacker.yaml b/puppet/services/tacker.yaml
index 6ceb9f19..c14e061b 100644
--- a/puppet/services/tacker.yaml
+++ b/puppet/services/tacker.yaml
@@ -47,6 +47,12 @@ parameters:
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
+ TackerPolicies:
+ description: |
+ A hash of policies to configure for Tacker.
+ e.g. { tacker-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
+ default: {}
+ type: json
outputs:
role_data:
@@ -66,9 +72,6 @@ outputs:
- '/tacker'
- '?read_default_file=/etc/my.cnf.d/tripleo.cnf&read_default_group=tripleo'
- tacker::keystone::auth::tenant: 'service'
- tacker::keystone::auth::password: {get_param: TackerPassword}
- tacker::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
tacker::debug: {get_param: Debug}
tacker::rpc_backend: rabbit
tacker::rabbit_userid: {get_param: RabbitUserName}
@@ -77,6 +80,12 @@ outputs:
tacker::rabbit_port: {get_param: RabbitClientPort}
tacker::server::bind_host: {get_param: [ServiceNetMap, TackerApiNetwork]}
+ tacker::keystone::authtoken::project_name: 'service'
+ tacker::keystone::authtoken::user_domain_name: 'Default'
+ tacker::keystone::authtoken::project_domain_name: 'Default'
+ tacker::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
+ tacker::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
+
tacker::db::mysql::password: {get_param: TackerPassword}
tacker::db::mysql::user: tacker
tacker::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
@@ -84,14 +93,34 @@ outputs:
tacker::db::mysql::allowed_hosts:
- '%'
- {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
+ tacker::policy::policies: {get_param: TackerPolicies}
+ service_config_settings:
+ keystone:
+ tacker::keystone::auth::tenant: 'service'
+ tacker::keystone::auth::region: {get_param: KeystoneRegion}
+ tacker::keystone::auth::password: {get_param: TackerPassword}
+ tacker::keystone::auth::public_url: {get_param: [EndpointMap, TackerPublic, uri]}
+ tacker::keystone::auth::internal_url: {get_param: [EndpointMap, TackerInternal, uri]}
+ tacker::keystone::auth::admin_url: {get_param: [EndpointMap, TackerAdmin, uri]}
step_config: |
include ::tripleo::profile::base::tacker
upgrade_tasks:
+ - name: Check if tacker is deployed
+ command: systemctl is-enabled openstack-tacker-server
+ tags: common
+ ignore_errors: True
+ register: tacker_enabled
- name: "PreUpgrade step0,validation: Check service openstack-tacker-server is running"
shell: /usr/bin/systemctl show 'openstack-tacker-server' --property ActiveState | grep '\bactive\b'
+ when: tacker_enabled.rc == 0
tags: step0,validation
- name: Stop tacker service
- tags: step2
+ tags: step1
+ when: tacker_enabled.rc == 0
service: name=openstack-tacker-server state=stopped
+ - name: Install openstack-tacker package if it was disabled
+ tags: step3
+ yum: name=openstack-tacker state=latest
+ when: tacker_enabled.rc != 0