heat_template_version: pike

description: >
  OpenStack Neutron DHCP agent configured with Puppet

parameters:
  ServiceData:
    default: {}
    description: Dictionary packing service data
    type: json
  ServiceNetMap:
    default: {}
    description: Mapping of service_name -> network name. Typically set
                 via parameter_defaults in the resource registry.  This
                 mapping overrides those in ServiceNetMapDefaults.
    type: json
  DefaultPasswords:
    default: {}
    type: json
  RoleName:
    default: ''
    description: Role name on which the service is applied
    type: string
  RoleParameters:
    default: {}
    description: Parameters specific to the role
    type: json
  EndpointMap:
    default: {}
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
  NeutronEnableMetadataNetwork:
    default: false
    description: If True, DHCP provide metadata network. Requires either
                 IsolatedMetadata or ForceMetadata parameters to also be True.
    type: boolean
  NeutronEnableIsolatedMetadata:
    default: false
    description: If True, DHCP provide metadata route to VM.
    type: boolean
  NeutronEnableForceMetadata:
    default: false
    description: If True, DHCP always provides metadata route to VM.
    type: boolean
  MonitoringSubscriptionNeutronDhcp:
    default: 'overcloud-neutron-dhcp'
    type: string
  NeutronDhcpAgentLoggingSource:
    type: json
    default:
      tag: openstack.neutron.agent.dhcp
      path: /var/log/neutron/dhcp-agent.log
  NeutronDhcpAgentDnsmasqDnsServers:
    default: []
    description: List of servers to use as dnsmasq forwarders
    type: comma_delimited_list

resources:

  NeutronBase:
    type: ./neutron-base.yaml
    properties:
      ServiceData: {get_param: ServiceData}
      ServiceNetMap: {get_param: ServiceNetMap}
      DefaultPasswords: {get_param: DefaultPasswords}
      EndpointMap: {get_param: EndpointMap}
      RoleName: {get_param: RoleName}
      RoleParameters: {get_param: RoleParameters}

outputs:
  role_data:
    description: Role data for the Neutron DHCP agent service.
    value:
      service_name: neutron_dhcp
      monitoring_subscription: {get_param: MonitoringSubscriptionNeutronDhcp}
      logging_source: {get_param: NeutronDhcpAgentLoggingSource}
      logging_groups:
        - neutron
      config_settings:
        map_merge:
          - get_attr: [NeutronBase, role_data, config_settings]
          - neutron::agents::dhcp::enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
            neutron::agents::dhcp::enable_force_metadata: {get_param: NeutronEnableForceMetadata}
            neutron::agents::dhcp::enable_metadata_network: {get_param: NeutronEnableMetadataNetwork}
            neutron::agents::dhcp::dnsmasq_dns_servers: {get_param: NeutronDhcpAgentDnsmasqDnsServers}
            tripleo.neutron_dhcp.firewall_rules:
              '115 neutron dhcp input':
                proto: 'udp'
                dport: 67
              '116 neutron dhcp output':
                proto: 'udp'
                chain: 'OUTPUT'
                dport: 68
      step_config: |
        include tripleo::profile::base::neutron::dhcp
      upgrade_tasks:
        - name: Check if neutron_dhcp_agent is deployed
          command: systemctl is-enabled neutron-dhcp-agent
          tags: common
          ignore_errors: True
          register: neutron_dhcp_agent_enabled
        - name: "PreUpgrade step0,validation: Check service neutron-dhcp-agent is running"
          shell: /usr/bin/systemctl show 'neutron-dhcp-agent' --property ActiveState | grep '\bactive\b'
          when: neutron_dhcp_agent_enabled.rc == 0
          tags: step0,validation
        - name: Stop neutron_dhcp service
          tags: step1
          when: neutron_dhcp_agent_enabled.rc == 0
          service: name=neutron-dhcp-agent state=stopped