heat_template_version: ocata description: > Openstack Heat Engine service configured with Puppet parameters: ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json HeatEnableDBPurge: type: boolean default: true description: | Whether to create cron job for purging soft deleted rows in the Heat database. HeatWorkers: default: 0 description: Number of workers for Heat service. type: number HeatPassword: description: The password for the Heat service and db account, used by the Heat services. type: string hidden: true HeatStackDomainAdminPassword: description: Password for heat_stack_domain_admin user. type: string hidden: true HeatAuthEncryptionKey: description: Auth encryption key for heat-engine type: string hidden: true default: '' MonitoringSubscriptionHeatEngine: default: 'overcloud-heat-engine' type: string HeatEngineLoggingSource: type: json default: tag: openstack.heat.engine path: /var/log/heat/heat-engine.log HeatConvergenceEngine: type: boolean default: true description: Enables the heat engine with the convergence architecture. HeatMaxResourcesPerStack: type: number default: 1000 description: Maximum resources allowed per top-level stack. -1 stands for unlimited. resources: HeatBase: type: ./heat-base.yaml properties: ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} outputs: role_data: description: Role data for the Heat Engine role. value: service_name: heat_engine monitoring_subscription: {get_param: MonitoringSubscriptionHeatEngine} logging_source: {get_param: HeatEngineLoggingSource} logging_groups: - heat config_settings: map_merge: - get_attr: [HeatBase, role_data, config_settings] - heat::engine::num_engine_workers: {get_param: HeatWorkers} heat::engine::configure_delegated_roles: false heat::engine::trusts_delegated_roles: [] heat::engine::max_nested_stack_depth: 6 heat::engine::max_resources_per_stack: {get_param: HeatMaxResourcesPerStack} heat::engine::heat_metadata_server_url: list_join: - '' - - {get_param: [EndpointMap, HeatCfnPublic, protocol]} - '://' - {get_param: [EndpointMap, HeatCfnPublic, host]} - ':' - {get_param: [EndpointMap, HeatCfnPublic, port]} heat::engine::heat_waitcondition_server_url: list_join: - '' - - {get_param: [EndpointMap, HeatCfnPublic, protocol]} - '://' - {get_param: [EndpointMap, HeatCfnPublic, host]} - ':' - {get_param: [EndpointMap, HeatCfnPublic, port]} - '/v1/waitcondition' heat::engine::convergence_engine: {get_param: HeatConvergenceEngine} tripleo::profile::base::heat::manage_db_purge: {get_param: HeatEnableDBPurge} heat::database_connection: list_join: - '' - - {get_param: [EndpointMap, MysqlInternal, protocol]} - '://heat:' - {get_param: HeatPassword} - '@' - {get_param: [EndpointMap, MysqlInternal, host]} - '/heat' - '?bind_address=' - "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}" heat::keystone_ec2_uri: {get_param: [EndpointMap, KeystoneEC2, uri]} heat::keystone::domain::domain_password: {get_param: HeatStackDomainAdminPassword} heat::engine::auth_encryption_key: yaql: expression: $.data.passwords.where($ != '').first() data: passwords: - {get_param: HeatAuthEncryptionKey} - {get_param: [DefaultPasswords, heat_auth_encryption_key]} step_config: | include ::tripleo::profile::base::heat::engine service_config_settings: mysql: heat::db::mysql::password: {get_param: HeatPassword} heat::db::mysql::user: heat heat::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} heat::db::mysql::dbname: heat heat::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" keystone: # This is needed because the keystone profile handles creating the domain tripleo::profile::base::keystone::heat_admin_password: {get_param: HeatStackDomainAdminPassword} upgrade_tasks: - name: "PreUpgrade step0,validation: Check service openstack-heat-engine is running" shell: echo o/ #TODO uncomment when /#/c/423302/ : /usr/bin/systemctl show 'openstack-heat-engine' --property ActiveState | grep '\bactive\b' tags: step0,validation - name: Stop heat_engine service tags: step2 service: name=openstack-heat-engine state=stopped