aboutsummaryrefslogtreecommitdiffstats
path: root/network/networks.yaml
blob: d3ae482b94598645d4b2631c9706db323f50a37f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
heat_template_version: 2015-04-30

description: Create networks to split out Overcloud traffic

resources:

  ExternalNetwork:
    type: OS::TripleO::Network::External

  InternalNetwork:
    type: OS::TripleO::Network::InternalApi

  StorageMgmtNetwork:
    type: OS::TripleO::Network::StorageMgmt

  StorageNetwork:
    type: OS::TripleO::Network::Storage

  TenantNetwork:
    type: OS::TripleO::Network::Tenant

  ManagementNetwork:
    type: OS::TripleO::Network::Management

  NetworkExtraConfig:
    type: OS::TripleO::Network::ExtraConfig
c"># # Heat CloudWatch API profile for tripleo # # === Parameters # # [*certificates_specs*] # (Optional) The specifications to give to certmonger for the certificate(s) # it will create. # Example with hiera: # apache_certificates_specs: # httpd-internal_api: # hostname: <overcloud controller fqdn> # service_certificate: <service certificate path> # service_key: <service key path> # principal: "haproxy/<overcloud controller fqdn>" # Defaults to hiera('apache_certificate_specs', {}). # # [*enable_internal_tls*] # (Optional) Whether TLS in the internal network is enabled or not. # Defaults to hiera('enable_internal_tls', false) # # [*heat_api_cloudwatch_network*] # (Optional) The network name where the heat cloudwatch endpoint is listening # on. This is set by t-h-t. # Defaults to hiera('heat_api_cloudwatch_network', undef) # # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. # Defaults to hiera('step') # class tripleo::profile::base::heat::api_cloudwatch ( $certificates_specs = hiera('apache_certificates_specs', {}), $enable_internal_tls = hiera('enable_internal_tls', false), $heat_api_cloudwatch_network = hiera('heat_api_cloudwatch_network', undef), $step = Integer(hiera('step')), ) { include ::tripleo::profile::base::heat if $enable_internal_tls { if !$heat_api_cloudwatch_network { fail('heat_api_cloudwatch_network is not set in the hieradata.') } $tls_certfile = $certificates_specs["httpd-${heat_api_cloudwatch_network}"]['service_certificate'] $tls_keyfile = $certificates_specs["httpd-${heat_api_cloudwatch_network}"]['service_key'] } else { $tls_certfile = undef $tls_keyfile = undef } if $step >= 3 { include ::heat::api_cloudwatch include ::apache::mod::ssl class { '::heat::wsgi::apache_api_cloudwatch': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, } } }