From d18f21853e2f3be7382a20d0f42232ff3a78b348 Mon Sep 17 00:00:00 2001 From: "Brad P. Crochet" Date: Thu, 5 May 2016 07:55:09 -0400 Subject: composable heat services Adds new puppet and puppet pacemaker specific services for Heat API, Heat API CFN, Heat API Cloudwatch, and Heat Engine. The Pacemaker templates extend the default heat services and swap in the pacemaker specific puppet-tripleo profile instead. Change-Id: I387b6bfd763d2d86cad68a3119b0edd0caa237b0 Partially-implements: blueprint composable-services-within-roles Depends-On: I194cbb6aa307c2331597147545cf10299cab132f Depends-On: I14dc923ac8ee8d5d538e7f4cf8138ccee8805b53 --- environments/puppet-pacemaker.yaml | 4 + overcloud-resource-registry-puppet.yaml | 4 + overcloud.yaml | 14 +-- puppet/controller.yaml | 78 +--------------- puppet/manifests/overcloud_controller.pp | 31 ------- puppet/manifests/overcloud_controller_pacemaker.pp | 102 --------------------- puppet/services/heat-api-cfn.yaml | 46 ++++++++++ puppet/services/heat-api-cloudwatch.yaml | 33 +++++++ puppet/services/heat-api.yaml | 46 ++++++++++ puppet/services/heat-base.yaml | 39 ++++++++ puppet/services/heat-engine.yaml | 62 +++++++++++++ puppet/services/pacemaker/heat-api-cfn.yaml | 35 +++++++ puppet/services/pacemaker/heat-api-cloudwatch.yaml | 35 +++++++ puppet/services/pacemaker/heat-api.yaml | 33 +++++++ puppet/services/pacemaker/heat-engine.yaml | 36 ++++++++ 15 files changed, 378 insertions(+), 220 deletions(-) create mode 100644 puppet/services/heat-api-cfn.yaml create mode 100644 puppet/services/heat-api-cloudwatch.yaml create mode 100644 puppet/services/heat-api.yaml create mode 100644 puppet/services/heat-base.yaml create mode 100644 puppet/services/heat-engine.yaml create mode 100644 puppet/services/pacemaker/heat-api-cfn.yaml create mode 100644 puppet/services/pacemaker/heat-api-cloudwatch.yaml create mode 100644 puppet/services/pacemaker/heat-api.yaml create mode 100644 puppet/services/pacemaker/heat-engine.yaml diff --git a/environments/puppet-pacemaker.yaml b/environments/puppet-pacemaker.yaml index 48e93a0c..fe450e84 100644 --- a/environments/puppet-pacemaker.yaml +++ b/environments/puppet-pacemaker.yaml @@ -12,4 +12,8 @@ resource_registry: OS::TripleO::Services::Keystone: ../puppet/services/pacemaker/keystone.yaml OS::TripleO::Services::GlanceApi: ../puppet/services/pacemaker/glance-api.yaml OS::TripleO::Services::GlanceRegistry: ../puppet/services/pacemaker/glance-registry.yaml + OS::TripleO::Services::HeatApi: ../puppet/services/pacemaker/heat-api.yaml + OS::TripleO::Services::HeatApiCfn: ../puppet/services/pacemaker/heat-api-cfn.yaml + OS::TripleO::Services::HeatApiCloudwatch: ../puppet/services/pacemaker/heat-api-cloudwatch.yaml + OS::TripleO::Services::HeatEngine: ../puppet/services/pacemaker/heat-engine.yaml OS::TripleO::Services::NeutronDhcpAgent: ../puppet/services/pacemaker/neutron-dhcp.yaml diff --git a/overcloud-resource-registry-puppet.yaml b/overcloud-resource-registry-puppet.yaml index eb967f1b..c7d178c8 100644 --- a/overcloud-resource-registry-puppet.yaml +++ b/overcloud-resource-registry-puppet.yaml @@ -126,6 +126,10 @@ resource_registry: OS::TripleO::Services::Keystone: puppet/services/keystone.yaml OS::TripleO::Services::GlanceApi: puppet/services/glance-api.yaml OS::TripleO::Services::GlanceRegistry: puppet/services/glance-registry.yaml + OS::TripleO::Services::HeatApi: puppet/services/heat-api.yaml + OS::TripleO::Services::HeatApiCfn: puppet/services/heat-api-cfn.yaml + OS::TripleO::Services::HeatApiCloudwatch: puppet/services/heat-api-cloudwatch.yaml + OS::TripleO::Services::HeatEngine: puppet/services/heat-engine.yaml OS::TripleO::Services::NeutronDhcpAgent: puppet/services/neutron-dhcp.yaml parameter_defaults: diff --git a/overcloud.yaml b/overcloud.yaml index cf20b512..a8798305 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -476,14 +476,6 @@ parameters: description: The password for the gnocchi service account. type: string hidden: true - HeatPassword: - description: The password for the Heat service account, used by the Heat services. - type: string - hidden: true - HeatStackDomainAdminPassword: - description: Password for heat_stack_domain_admin user. - type: string - hidden: true InstanceNameTemplate: default: 'instance-%08x' description: Template string to be used to generate instance names @@ -667,6 +659,10 @@ parameters: - OS::TripleO::Services::Keystone - OS::TripleO::Services::GlanceApi - OS::TripleO::Services::GlanceRegistry + - OS::TripleO::Services::HeatApi + - OS::TripleO::Services::HeatApiCfn + - OS::TripleO::Services::HeatApiCloudwatch + - OS::TripleO::Services::HeatEngine - OS::TripleO::Services::NeutronDhcpAgent description: A list of service resources (configured in the Heat resource_registry) which represent nested stacks @@ -910,8 +906,6 @@ resources: GnocchiBackend: {get_param: GnocchiBackend} GnocchiIndexerBackend: {get_param: GnocchiIndexerBackend} HAProxySyslogAddress: {get_param: HAProxySyslogAddress} - HeatPassword: {get_param: HeatPassword} - HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword} HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey} HorizonAllowedHosts: {get_param: HorizonAllowedHosts} HorizonSecret: {get_resource: HorizonSecret} diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 7334d4a1..1a2580a9 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -220,14 +220,6 @@ parameters: default: /dev/log description: Syslog address where HAproxy will send its log type: string - HeatPassword: - description: The password for the Heat service and db account, used by the Heat services. - type: string - hidden: true - HeatStackDomainAdminPassword: - description: Password for heat_stack_domain_admin user. - type: string - hidden: true HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string @@ -236,15 +228,6 @@ parameters: default: '*' description: A list of IP/Hostname allowed to connect to horizon type: comma_delimited_list - HeatWorkers: - default: 0 - description: Number of workers for Heat service. - type: number - HeatEnableDBPurge: - type: boolean - default: true - description: | - Whether to create cron job for purging soft deleted rows in the Heat database. HorizonSecret: description: Secret key for Django type: string @@ -864,7 +847,6 @@ resources: bootstack_nodeid: {get_attr: [Controller, name]} ceilometer_workers: {get_param: CeilometerWorkers} cinder_workers: {get_param: CinderWorkers} - heat_workers: {get_param: HeatWorkers} nova_workers: {get_param: NovaWorkers} neutron_workers: {get_param: NeutronWorkers} swift_workers: {get_param: SwiftWorkers} @@ -873,29 +855,7 @@ resources: haproxy_log_address: {get_param: HAProxySyslogAddress} haproxy_stats_password: {get_param: HAProxyStatsPassword} haproxy_stats_user: {get_param: HAProxyStatsUser} - heat.watch_server_url: - list_join: - - '' - - - 'http://' - - {get_param: HeatApiVirtualIPUri} - - ':8003' - heat.metadata_server_url: - list_join: - - '' - - - 'http://' - - {get_param: HeatApiVirtualIPUri} - - ':8000' - heat.waitcondition_server_url: - list_join: - - '' - - - 'http://' - - {get_param: HeatApiVirtualIPUri} - - ':8000/v1/waitcondition' - heat_public_url: {get_param: [EndpointMap, HeatPublic, uri]} - heat_internal_url: {get_param: [EndpointMap, HeatInternal, uri]} - heat_admin_url: {get_param: [EndpointMap, HeatAdmin, uri]} heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} - heat_enable_db_purge: {get_param: HeatEnableDBPurge} horizon_allowed_hosts: {get_param: HorizonAllowedHosts} horizon_secret: {get_param: HorizonSecret} admin_password: {get_param: AdminPassword} @@ -929,16 +889,6 @@ resources: cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]} cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]} cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]} - heat_password: {get_param: HeatPassword} - heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword} - heat_dsn: - list_join: - - '' - - - 'mysql+pymysql://heat:' - - {get_param: HeatPassword} - - '@' - - {get_param: MysqlVirtualIPUri} - - '/heat' keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] } keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] } @@ -1331,36 +1281,10 @@ resources: glance::keystone::auth::region: {get_input: keystone_region} # Heat - heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password} - heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url} - heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url} - heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url} - heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key} - heat::rabbit_userid: {get_input: rabbit_username} - heat::rabbit_password: {get_input: rabbit_password} - heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl} - heat::rabbit_port: {get_input: rabbit_client_port} - heat::auth_uri: {get_input: keystone_auth_uri} - heat::keystone_ec2_uri: {get_input: keystone_ec2_uri} - heat::identity_uri: {get_input: keystone_identity_uri} - heat::keystone_password: {get_input: heat_password} heat::api::bind_host: {get_input: heat_api_network} - heat::api::workers: {get_input: heat_workers} heat::api_cloudwatch::bind_host: {get_input: heat_api_network} - heat::api_cloudwatch::workers: {get_input: heat_workers} heat::api_cfn::bind_host: {get_input: heat_api_network} - heat::api_cfn::workers: {get_input: heat_workers} - heat::engine::num_engine_workers: {get_input: heat_workers} - heat::database_connection: {get_input: heat_dsn} - heat::debug: {get_input: debug} - heat::db::mysql::password: {get_input: heat_password} - heat_enable_db_purge: {get_input: heat_enable_db_purge} - heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password} - heat::keystone::auth::public_url: {get_input: heat_public_url } - heat::keystone::auth::internal_url: {get_input: heat_internal_url } - heat::keystone::auth::admin_url: {get_input: heat_admin_url } - heat::keystone::auth::password: {get_input: heat_password } - heat::keystone::auth::region: {get_input: keystone_region} + heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key} # Keystone keystone::admin_bind_host: {get_input: keystone_admin_api_network} diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 34ca845c..98fc8198 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -117,7 +117,6 @@ if hiera('step') >= 2 { include ::nova::db::mysql_api include ::neutron::db::mysql include ::cinder::db::mysql - include ::heat::db::mysql include ::sahara::db::mysql if downcase(hiera('gnocchi_indexer_backend')) == 'mysql' { include ::gnocchi::db::mysql @@ -568,16 +567,6 @@ if hiera('step') >= 4 { include ::aodh::listener include ::aodh::client - # Heat - class { '::heat' : - notification_driver => 'messaging', - } - include ::heat::config - include ::heat::api - include ::heat::api_cfn - include ::heat::api_cloudwatch - include ::heat::engine - # Sahara include ::sahara include ::sahara::service::api @@ -641,7 +630,6 @@ if hiera('step') >= 4 { if hiera('step') >= 5 { $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) - $heat_enable_db_purge = hiera('heat_enable_db_purge', true) if $nova_enable_db_purge { include ::nova::cron::archive_deleted_rows @@ -649,25 +637,6 @@ if hiera('step') >= 5 { if $cinder_enable_db_purge { include ::cinder::cron::db_purge } - if $heat_enable_db_purge { - include ::heat::cron::purge_deleted - } - - if downcase(hiera('bootstrap_nodeid')) == $::hostname { - # Class ::heat::keystone::domain has to run on bootstrap node - # because it creates DB entities via API calls. - include ::heat::keystone::domain - - Class['::keystone::roles::admin'] -> Class['::heat::keystone::domain'] - } else { - # On non-bootstrap node we don't need to create Keystone resources again - class { '::heat::keystone::domain': - manage_domain => false, - manage_user => false, - manage_role => false, - } - } - } #END STEP 5 $package_manifest_name = join(['/var/lib/tripleo/installed-packages/overcloud_controller', hiera('step')]) diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 1890918e..67f834b4 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -24,7 +24,6 @@ Service <| tag == 'cinder-service' or tag == 'ceilometer-service' or tag == 'gnocchi-service' or - tag == 'heat-service' or tag == 'neutron-service' or tag == 'nova-service' or tag == 'sahara-service' @@ -393,9 +392,6 @@ MYSQL_HOST=localhost\n", class { '::cinder::db::mysql': require => Exec['galera-ready'], } - class { '::heat::db::mysql': - require => Exec['galera-ready'], - } if downcase(hiera('ceilometer_backend')) == 'mysql' { class { '::ceilometer::db::mysql': @@ -882,29 +878,6 @@ if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) { Cron <| title == 'ceilometer-expirer' |> { command => "sleep $((\$(od -A n -t d -N 3 /dev/urandom) % 86400)) && ${::ceilometer::params::expirer_command}" } - # Heat - include ::heat::config - class { '::heat' : - sync_db => $sync_db, - notification_driver => 'messaging', - } - class { '::heat::api' : - manage_service => false, - enabled => false, - } - class { '::heat::api_cfn' : - manage_service => false, - enabled => false, - } - class { '::heat::api_cloudwatch' : - manage_service => false, - enabled => false, - } - class { '::heat::engine' : - manage_service => false, - enabled => false, - } - # httpd/apache and horizon # NOTE(gfidente): server-status can be consumed by the pacemaker resource agent class { '::apache' : @@ -1009,7 +982,6 @@ if hiera('step') >= 4 or ( hiera('step') >= 3 and $sync_db ) { if hiera('step') >= 5 { $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) - $heat_enable_db_purge = hiera('heat_enable_db_purge', true) if $nova_enable_db_purge { include ::nova::cron::archive_deleted_rows @@ -1017,9 +989,6 @@ if hiera('step') >= 5 { if $cinder_enable_db_purge { include ::cinder::cron::db_purge } - if $heat_enable_db_purge { - include ::heat::cron::purge_deleted - } if $pacemaker_master { @@ -1536,77 +1505,6 @@ if hiera('step') >= 5 { Pacemaker::Resource::Service[$::gnocchi::params::statsd_service_name]], } - # Heat - pacemaker::resource::service { $::heat::params::api_service_name : - clone_params => 'interleave=true', - } - pacemaker::resource::service { $::heat::params::api_cloudwatch_service_name : - clone_params => 'interleave=true', - } - pacemaker::resource::service { $::heat::params::api_cfn_service_name : - clone_params => 'interleave=true', - } - pacemaker::resource::service { $::heat::params::engine_service_name : - clone_params => 'interleave=true', - } - pacemaker::constraint::base { 'heat-api-then-heat-api-cfn-constraint': - constraint_type => 'order', - first_resource => "${::heat::params::api_service_name}-clone", - second_resource => "${::heat::params::api_cfn_service_name}-clone", - first_action => 'start', - second_action => 'start', - require => [Pacemaker::Resource::Service[$::heat::params::api_service_name], - Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]], - } - pacemaker::constraint::colocation { 'heat-api-cfn-with-heat-api-colocation': - source => "${::heat::params::api_cfn_service_name}-clone", - target => "${::heat::params::api_service_name}-clone", - score => 'INFINITY', - require => [Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name], - Pacemaker::Resource::Service[$::heat::params::api_service_name]], - } - pacemaker::constraint::base { 'heat-api-cfn-then-heat-api-cloudwatch-constraint': - constraint_type => 'order', - first_resource => "${::heat::params::api_cfn_service_name}-clone", - second_resource => "${::heat::params::api_cloudwatch_service_name}-clone", - first_action => 'start', - second_action => 'start', - require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name], - Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name]], - } - pacemaker::constraint::colocation { 'heat-api-cloudwatch-with-heat-api-cfn-colocation': - source => "${::heat::params::api_cloudwatch_service_name}-clone", - target => "${::heat::params::api_cfn_service_name}-clone", - score => 'INFINITY', - require => [Pacemaker::Resource::Service[$::heat::params::api_cfn_service_name], - Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name]], - } - pacemaker::constraint::base { 'heat-api-cloudwatch-then-heat-engine-constraint': - constraint_type => 'order', - first_resource => "${::heat::params::api_cloudwatch_service_name}-clone", - second_resource => "${::heat::params::engine_service_name}-clone", - first_action => 'start', - second_action => 'start', - require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name], - Pacemaker::Resource::Service[$::heat::params::engine_service_name]], - } - pacemaker::constraint::colocation { 'heat-engine-with-heat-api-cloudwatch-colocation': - source => "${::heat::params::engine_service_name}-clone", - target => "${::heat::params::api_cloudwatch_service_name}-clone", - score => 'INFINITY', - require => [Pacemaker::Resource::Service[$::heat::params::api_cloudwatch_service_name], - Pacemaker::Resource::Service[$::heat::params::engine_service_name]], - } - pacemaker::constraint::base { 'ceilometer-notification-then-heat-api-constraint': - constraint_type => 'order', - first_resource => "${::ceilometer::params::agent_notification_service_name}-clone", - second_resource => "${::heat::params::api_service_name}-clone", - first_action => 'start', - second_action => 'start', - require => [Pacemaker::Resource::Service[$::heat::params::api_service_name], - Pacemaker::Resource::Service[$::ceilometer::params::agent_notification_service_name]], - } - # Horizon and Keystone pacemaker::resource::service { $::apache::params::service_name: clone_params => 'interleave=true', diff --git a/puppet/services/heat-api-cfn.yaml b/puppet/services/heat-api-cfn.yaml new file mode 100644 index 00000000..99eb1074 --- /dev/null +++ b/puppet/services/heat-api-cfn.yaml @@ -0,0 +1,46 @@ +heat_template_version: 2016-04-08 + +description: > + Openstack Heat CloudFormation API service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + MysqlVirtualIPUri: + type: string + default: '' + HeatWorkers: + default: 0 + description: Number of workers for Heat service. + type: number + HeatPassword: + description: The password for the Heat service and db account, used by the Heat services. + type: string + hidden: true + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint + +resources: + HeatBase: + type: ./heat-base.yaml + +outputs: + role_data: + description: Role data for the Heat CloudFormation API role. + value: + config_settings: + map_merge: + - get_attr: [HeatBase, role_data, config_settings] + - heat::api_cfn::workers: {get_param: HeatWorkers} + heat::keystone::auth_cfn::public_url: {get_param: [EndpointMap, HeatCfnPublic, uri]} + heat::keystone::auth_cfn::internal_url: {get_param: [EndpointMap, HeatCfnInternal, uri]} + heat::keystone::auth_cfn::admin_url: {get_param: [EndpointMap, HeatCfnAdmin, uri]} + heat::keystone::auth_cfn::password: {get_param: HeatPassword} + heat::keystone::auth::region: {get_param: KeystoneRegion} + step_config: | + include ::tripleo::profile::base::heat::api_cfn diff --git a/puppet/services/heat-api-cloudwatch.yaml b/puppet/services/heat-api-cloudwatch.yaml new file mode 100644 index 00000000..f3d68042 --- /dev/null +++ b/puppet/services/heat-api-cloudwatch.yaml @@ -0,0 +1,33 @@ +heat_template_version: 2016-04-08 + +description: > + Openstack Heat CloudWatch API service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + MysqlVirtualIPUri: + type: string + default: '' + HeatWorkers: + default: 0 + description: Number of workers for Heat service. + type: number + +resources: + HeatBase: + type: ./heat-base.yaml + +outputs: + role_data: + description: Role data for the Heat Cloudwatch API role. + value: + config_settings: + map_merge: + - get_attr: [HeatBase, role_data, config_settings] + - heat::api_cloudwatch::workers: {get_param: HeatWorkers} + step_config: | + include ::tripleo::profile::base::heat::api_cloudwatch diff --git a/puppet/services/heat-api.yaml b/puppet/services/heat-api.yaml new file mode 100644 index 00000000..4fc259ac --- /dev/null +++ b/puppet/services/heat-api.yaml @@ -0,0 +1,46 @@ +heat_template_version: 2016-04-08 + +description: > + Openstack Heat API service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + MysqlVirtualIPUri: + type: string + default: '' + HeatWorkers: + default: 0 + description: Number of workers for Heat service. + type: number + HeatPassword: + description: The password for the Heat service and db account, used by the Heat services. + type: string + hidden: true + KeystoneRegion: + type: string + default: 'regionOne' + description: Keystone region for endpoint + +resources: + HeatBase: + type: ./heat-base.yaml + +outputs: + role_data: + description: Role data for the Heat API role. + value: + config_settings: + map_merge: + - get_attr: [HeatBase, role_data, config_settings] + - heat::api::workers: {get_param: HeatWorkers} + heat::keystone::auth::public_url: {get_param: [EndpointMap, HeatPublic, uri]} + heat::keystone::auth::internal_url: {get_param: [EndpointMap, HeatInternal, uri]} + heat::keystone::auth::admin_url: {get_param: [EndpointMap, HeatAdmin, uri]} + heat::keystone::auth::password: {get_param: HeatPassword} + heat::keystone::auth::region: {get_param: KeystoneRegion} + step_config: | + include ::tripleo::profile::base::heat::api diff --git a/puppet/services/heat-base.yaml b/puppet/services/heat-base.yaml new file mode 100644 index 00000000..50fcbf59 --- /dev/null +++ b/puppet/services/heat-base.yaml @@ -0,0 +1,39 @@ +heat_template_version: 2016-04-08 + +description: > + Openstack Heat base service. Shared for all Heat services. + +parameters: + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string + RabbitPassword: + description: The password for RabbitMQ + type: string + hidden: true + RabbitUserName: + default: guest + description: The username for RabbitMQ + type: string + RabbitClientUseSSL: + default: false + description: > + Rabbit client subscriber parameter to specify + an SSL connection to the RabbitMQ host. + type: string + RabbitClientPort: + default: 5672 + description: Set rabbit subscriber port, change this if using SSL + type: number + +outputs: + role_data: + description: Shared role data for the Heat services. + value: + config_settings: + heat::rabbit_userid: {get_param: RabbitUserName} + heat::rabbit_password: {get_param: RabbitPassword} + heat::rabbit_use_ssl: {get_param: RabbitClientUseSSL} + heat::rabbit_port: {get_param: RabbitClientPort} + heat::debug: {get_param: Debug} diff --git a/puppet/services/heat-engine.yaml b/puppet/services/heat-engine.yaml new file mode 100644 index 00000000..143d24bb --- /dev/null +++ b/puppet/services/heat-engine.yaml @@ -0,0 +1,62 @@ +heat_template_version: 2016-04-08 + +description: > + Openstack Heat Engine service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + MysqlVirtualIPUri: + type: string + default: '' + HeatEnableDBPurge: + type: boolean + default: true + description: | + Whether to create cron job for purging soft deleted rows in the Heat database. + HeatWorkers: + default: 0 + description: Number of workers for Heat service. + type: number + HeatPassword: + description: The password for the Heat service and db account, used by the Heat services. + type: string + hidden: true + HeatStackDomainAdminPassword: + description: Password for heat_stack_domain_admin user. + type: string + hidden: true + +resources: + HeatBase: + type: ./heat-base.yaml + +outputs: + role_data: + description: Role data for the Heat Engine role. + value: + config_settings: + map_merge: + - get_attr: [HeatBase, role_data, config_settings] + - heat::engine::num_engine_workers: {get_param: HeatWorkers} + tripleo::profile::base::heat::manage_db_purge: {get_param: HeatEnableDBPurge} + heat_dsn: &heat_dsn + list_join: + - '' + - - 'mysql+pymysql://heat:' + - {get_param: HeatPassword} + - '@' + - {get_param: MysqlVirtualIPUri} + - '/heat' + heat::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]} + heat::keystone_ec2_uri: {get_param: [EndpointMap, KeystoneEC2, uri]} + heat::identity_uri: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]} + heat::keystone_password: {get_param: HeatPassword} + heat::database_connection: *heat_dsn + heat::db::mysql::password: {get_param: HeatPassword} + heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword} + step_config: | + include ::tripleo::profile::base::heat::engine diff --git a/puppet/services/pacemaker/heat-api-cfn.yaml b/puppet/services/pacemaker/heat-api-cfn.yaml new file mode 100644 index 00000000..ba620f89 --- /dev/null +++ b/puppet/services/pacemaker/heat-api-cfn.yaml @@ -0,0 +1,35 @@ +heat_template_version: 2016-04-08 + +description: > + Openstack Heat CloudFormation API service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + MysqlVirtualIPUri: + type: string + default: '' + +resources: + HeatApiCfnBase: + type: ../heat-api-cfn.yaml + properties: + EndpointMap: {get_param: EndpointMap} + MysqlVirtualIPUri: {get_param: MysqlVirtualIPUri} + +outputs: + role_data: + description: Role data for the Heat CloudFormation API role. + value: + config_settings: + map_merge: + - get_attr: [HeatApiCfnBase, role_data, config_settings] + - heat::api_cfn::manage_service: false + heat::api_cfn::enabled: false + step_config: + # No puppet manifests since heat-api-cfn is included in + # ::tripleo::profile::pacemaker::heat which is maintained alongside of + # pacemaker/heat-api.yaml. diff --git a/puppet/services/pacemaker/heat-api-cloudwatch.yaml b/puppet/services/pacemaker/heat-api-cloudwatch.yaml new file mode 100644 index 00000000..db71891c --- /dev/null +++ b/puppet/services/pacemaker/heat-api-cloudwatch.yaml @@ -0,0 +1,35 @@ +heat_template_version: 2016-04-08 + +description: > + Openstack Heat CloudWatch API service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + MysqlVirtualIPUri: + type: string + default: '' + +resources: + HeatApiCloudwatchBase: + type: ../heat-api-cloudwatch.yaml + properties: + EndpointMap: {get_param: EndpointMap} + MysqlVirtualIPUri: {get_param: MysqlVirtualIPUri} + +outputs: + role_data: + description: Role data for the Heat Cloudwatch API role. + value: + config_settings: + map_merge: + - get_attr: [HeatApiCloudwatchBase, role_data, config_settings] + - heat::api_cloudwatch::manage_service: false + heat::api_cloudwatch::enabled: false + step_config: + # No puppet manifests since heat-api-cloudwatch is included in + # ::tripleo::profile::pacemaker::heat which is maintained alongside of + # pacemaker/heat-api.yaml. diff --git a/puppet/services/pacemaker/heat-api.yaml b/puppet/services/pacemaker/heat-api.yaml new file mode 100644 index 00000000..b1c37d41 --- /dev/null +++ b/puppet/services/pacemaker/heat-api.yaml @@ -0,0 +1,33 @@ +heat_template_version: 2016-04-08 + +description: > + Openstack Heat API service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + MysqlVirtualIPUri: + type: string + default: '' + +resources: + HeatApiBase: + type: ../heat-api.yaml + properties: + EndpointMap: {get_param: EndpointMap} + MysqlVirtualIPUri: {get_param: MysqlVirtualIPUri} + +outputs: + role_data: + description: Role data for the Heat API role. + value: + config_settings: + map_merge: + - get_attr: [HeatApiBase, role_data, config_settings] + - heat::api::manage_service: false + heat::api::enabled: false + step_config: | + include ::tripleo::profile::pacemaker::heat diff --git a/puppet/services/pacemaker/heat-engine.yaml b/puppet/services/pacemaker/heat-engine.yaml new file mode 100644 index 00000000..1e39b363 --- /dev/null +++ b/puppet/services/pacemaker/heat-engine.yaml @@ -0,0 +1,36 @@ +heat_template_version: 2016-04-08 + +description: > + Openstack Heat Engine service configured with Puppet + +parameters: + EndpointMap: + default: {} + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + type: json + MysqlVirtualIPUri: + type: string + default: '' + +resources: + HeatEngineBase: + type: ../heat-engine.yaml + properties: + EndpointMap: {get_param: EndpointMap} + MysqlVirtualIPUri: {get_param: MysqlVirtualIPUri} + + +outputs: + role_data: + description: Role data for the Heat engine role. + value: + config_settings: + map_merge: + - get_attr: [HeatEngineBase, role_data, config_settings] + - heat::engine::manage_service: false + heat::engine::enabled: false + step_config: + # No puppet manifests since heat-engine is included in + # ::tripleo::profile::pacemaker::heat which is maintained alongside of + # pacemaker/heat-api.yaml. -- cgit 1.2.3-korg