heat_template_version: ocata description: > Openstack Heat CloudWatch API service configured with Puppet parameters: ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json HeatWorkers: default: 0 description: Number of workers for Heat service. type: number MonitoringSubscriptionHeatApiCloudwatch: default: 'overcloud-heat-api-cloudwatch' type: string HeatApiCloudwatchLoggingSource: type: json default: tag: openstack.heat.api.cloudwatch path: /var/log/heat/heat-api-cloudwatch.log EnableInternalTLS: type: boolean default: false conditions: heat_workers_zero: {equals : [{get_param: HeatWorkers}, 0]} resources: ApacheServiceBase: type: ./apache.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} EnableInternalTLS: {get_param: EnableInternalTLS} HeatBase: type: ./heat-base.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: role_data: description: Role data for the Heat Cloudwatch API role. value: service_name: heat_api_cloudwatch monitoring_subscription: {get_param: MonitoringSubscriptionHeatApiCloudwatch} logging_source: {get_param: HeatApiCloudwatchLoggingSource} logging_groups: - heat config_settings: map_merge: - get_attr: [HeatBase, role_data, config_settings] - get_attr: [ApacheServiceBase, role_data, config_settings] - tripleo.heat_api_cloudwatch.firewall_rules: '125 heat_cloudwatch': dport: - 8003 - 13003 heat::api_cloudwatch::bind_host: get_param: [ServiceNetMap, HeatApiCloudwatchNetwork] heat::wsgi::apache_api_cloudwatch::ssl: {get_param: EnableInternalTLS} heat::api_cloudwatch::service_name: 'httpd' # NOTE: bind IP is found in Heat replacing the network name with the local node IP # for the given network; replacement examples (eg. for internal_api): # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR heat::wsgi::apache_api_cloudwatch::bind_host: get_param: [ServiceNetMap, HeatApiCloudwatchNetwork] heat::wsgi::apache_api_cloudwatch::servername: str_replace: template: "%{hiera('fqdn_$NETWORK')}" params: $NETWORK: {get_param: [ServiceNetMap, HeatApiCloudwatchNetwork]} - if: - heat_workers_zero - {} - heat::wsgi::apache_api_cloudwatch::workers: {get_param: HeatWorkers} step_config: | include ::tripleo::profile::base::heat::api_cloudwatch upgrade_tasks: - name: Check if heat_api_cloudwatch is deployed command: systemctl is-enabled openstack-heat-api-cloudwatch tags: common ignore_errors: True register: heat_api_cloudwatch_enabled - name: "PreUpgrade step0,validation: Check service openstack-heat-api-cloudwatch is running" shell: /usr/bin/systemctl show 'openstack-heat-api-cloudwatch' --property ActiveState | grep '\bactive\b' when: heat_api_cloudwatch_enabled.rc == 0 tags: step0,validation - name: check for heat_api_cloudwatch running under apache (post upgrade) tags: step1 shell: "httpd -t -D DUMP_VHOSTS | grep -q heat_api_cloudwatch_wsgi" register: heat_api_cloudwatch_apache ignore_errors: true - name: Stop heat_api_cloudwatch service (running under httpd) tags: step1 service: name=httpd state=stopped when: "heat_api_cloudwatch_apache.rc == 0" - name: Stop and disable heat_api_cloudwatch service (pre-upgrade not under httpd) tags: step1 when: heat_api_cloudwatch_enabled.rc == 0 service: name=openstack-heat-api-cloudwatch state=stopped enabled=no