From 1e2a7a158154a18b779933523d090c2cf6ac58d2 Mon Sep 17 00:00:00 2001 From: Dan Prince Date: Fri, 23 Jan 2015 15:52:52 -0500 Subject: Puppet: Heat API and Engine This patch adds the ability to configure the Heat API and Heat engine on controller nodes via puppet. Change-Id: Ie81090bceed3e18199a36ebb11d1cbcaea83c410 --- controller-puppet.yaml | 22 +++++++++++++++++----- puppet/hieradata/controller.yaml | 6 ++++++ puppet/overcloud_controller.pp | 13 ++++++++++++- 3 files changed, 35 insertions(+), 6 deletions(-) diff --git a/controller-puppet.yaml b/controller-puppet.yaml index 62fe2f1f..90fe6a75 100644 --- a/controller-puppet.yaml +++ b/controller-puppet.yaml @@ -611,12 +611,21 @@ resources: glance::backend::swift::swift_store_user: service:glance glance::backend::swift::swift_store_key: {get_input: glance_password} # Heat - heat_password: {get_input: heat_password} heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password} - heat_dsn: {get_input: heat_dsn} - heat.watch_server_url: {get_input: heat.watch_server_url} - heat.metadata_server_url: {get_input: heat.metadata_server_url} - heat.waitcondition_server_url: {get_input: heat.waitcondition_server_url} + heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url} + heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url} + heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url} + heat::engine::auth_encryption_key: unset___________ + heat::rabbit_userid: {get_input: rabbit_username} + heat::rabbit_password: {get_input: rabbit_password} + heat::rabbit_host: {get_input: controller_virtual_ip} + heat::keystone_host: {get_input: controller_virtual_ip} + heat::keystone_password: {get_input: heat_password} + heat::api::bind_host: {get_input: controller_host} + heat::api_cloudwatch::bind_host: {get_input: controller_host} + heat::api_cfn::bind_host: {get_input: controller_host} + heat::database_connection: {get_input: heat_dsn} + # Keystone keystone::admin_token: {get_input: admin_token} keystone_ca_certificate: {get_input: keystone_ca_certificate} @@ -709,6 +718,9 @@ resources: tripleo::loadbalancer::rabbitmq: true tripleo::loadbalancer::swift_proxy_server: true tripleo::loadbalancer::ceilometer: true + tripleo::loadbalancer::heat_api: true + tripleo::loadbalancer::heat_cloudwatch: true + tripleo::loadbalancer::heat_cfn: true # NOTE(dprince): this example uses a composition class # on the puppet side (loadbalancer.pp). This seemed like the diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 5f326ef4..e59211d4 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -20,6 +20,7 @@ neutron::agents::metadata::auth_tenant: 'service' cinder::api::keystone_tenant: 'service' swift::proxy::authtoken::admin_tenant_name: 'service' ceilometer::api::keystone_tenant: 'service' +heat::keystone_tenant: 'service' #swift swift::proxy::pipeline: @@ -63,4 +64,9 @@ nova::api::osapi_v3: true # cinder cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler +# heat +heat::engine::heat_stack_user_role: '' +heat::engine::configure_delegated_roles: false +heat::engine::trusts_delegated_roles: [] + mysql::server::manage_config_file: true diff --git a/puppet/overcloud_controller.pp b/puppet/overcloud_controller.pp index 6535afe1..c217c5e9 100644 --- a/puppet/overcloud_controller.pp +++ b/puppet/overcloud_controller.pp @@ -70,7 +70,7 @@ if hiera('step') >= 1 { dbname => $cinder_dsn[6], allowed_hosts => $allowed_hosts, } - $heat_dsn = split(hiera('heat_dsn'), '[@:/?]') + $heat_dsn = split(hiera('heat::database_connection'), '[@:/?]') class { 'heat::db::mysql': user => $heat_dsn[3], password => $heat_dsn[4], @@ -269,4 +269,15 @@ if hiera('step') >= 2 { Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } + # Heat + include ::heat + include ::heat::api + include ::heat::api_cfn + include ::heat::api_cloudwatch + include ::heat::engine + + heat_config { + 'DEFAULT/instance_user': value => 'heat-admin'; + } + } #END STEP 2 -- cgit 1.2.3-korg