heat_template_version: pike description: > OpenStack Sahara API service configured with Puppet parameters: ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json SaharaPassword: description: The password for the sahara service account, used by sahara-api. type: string hidden: true SaharaWorkers: default: 0 description: The number of workers for the sahara-api. type: number KeystoneRegion: type: string default: 'regionOne' description: Keystone region for endpoint MonitoringSubscriptionSaharaApi: default: 'overcloud-sahara-api' type: string SaharaApiLoggingSource: type: json default: tag: openstack.sahara.api path: /var/log/sahara/sahara-api.log SaharaApiPolicies: description: | A hash of policies to configure for Sahara API. e.g. { sahara-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json resources: SaharaBase: type: ./sahara-base.yaml properties: ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} RoleName: {get_param: RoleName} RoleParameters: {get_param: RoleParameters} outputs: role_data: description: Role data for the Sahara API role. value: service_name: sahara_api monitoring_subscription: {get_param: MonitoringSubscriptionSaharaApi} logging_source: {get_param: SaharaApiLoggingSource} logging_groups: - sahara config_settings: map_merge: - get_attr: [SaharaBase, role_data, config_settings] - sahara::port: {get_param: [EndpointMap, SaharaInternal, port]} sahara::policy::policies: {get_param: SaharaApiPolicies} sahara::service::api::api_workers: {get_param: SaharaWorkers} # NOTE: bind IP is found in Heat replacing the network name with the local node IP # for the given network; replacement examples (eg. for internal_api): # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR sahara::host: {get_param: [ServiceNetMap, SaharaApiNetwork]} tripleo.sahara_api.firewall_rules: '132 sahara': dport: - 8386 - 13386 step_config: | include ::tripleo::profile::base::sahara::api service_config_settings: keystone: sahara::keystone::auth::tenant: 'service' sahara::keystone::auth::public_url: {get_param: [EndpointMap, SaharaPublic, uri]} sahara::keystone::auth::internal_url: {get_param: [EndpointMap, SaharaInternal, uri]} sahara::keystone::auth::admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]} sahara::keystone::auth::password: {get_param: SaharaPassword } sahara::keystone::auth::region: {get_param: KeystoneRegion} mysql: sahara::db::mysql::password: {get_param: SaharaPassword} sahara::db::mysql::user: sahara sahara::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} sahara::db::mysql::dbname: sahara sahara::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}" upgrade_tasks: - name: Stop sahara_api service tags: step1 service: name=openstack-sahara-api state=stopped