1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
heat_template_version: ocata
description: >
OpenStack Glance API service configured with Puppet
parameters:
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
Debug:
default: ''
description: Set to True to enable debugging on all services.
type: string
GlancePassword:
description: The password for the glance service and db account, used by the glance services.
type: string
hidden: true
GlanceWorkers:
default: ''
description: |
Number of API worker processes for Glance. If left unset (empty string), the
default value will result in the configuration being left unset and a
system-dependent default value will be chosen (e.g.: number of
processors). Please note that this will create a large number of
processes on systems with a large number of CPUs resulting in excess
memory consumption. It is recommended that a suitable non-default value
be selected on such systems.
type: string
MonitoringSubscriptionGlanceApi:
default: 'overcloud-glance-api'
type: string
GlanceApiLoggingSource:
type: json
default:
tag: openstack.glance.api
path: /var/log/glance/api.log
resources:
GlanceBase:
type: ./glance-base.yaml
properties:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
outputs:
role_data:
description: Role data for the Glance API role.
value:
service_name: glance_api
monitoring_subscription: {get_param: MonitoringSubscriptionGlanceApi}
logging_source: {get_param: GlanceApiLoggingSource}
logging_groups:
- glance
config_settings:
map_merge:
- get_attr: [GlanceBase, role_data, config_settings]
- glance::api::database_connection:
list_join:
- ''
- - {get_param: [EndpointMap, MysqlInternal, protocol]}
- '://glance:'
- {get_param: GlancePassword}
- '@'
- {get_param: [EndpointMap, MysqlInternal, host]}
- '/glance'
- '?bind_address='
- "%{hiera('tripleo::profile::base::database::mysql::client_bind_address')}"
glance::api::bind_port: {get_param: [EndpointMap, GlanceInternal, port]}
glance::api::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
glance::api::authtoken::auth_url: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
glance::api::registry_host:
str_replace:
template: "'REGISTRY_HOST'"
params:
REGISTRY_HOST: {get_param: [EndpointMap, GlanceRegistryInternal, host]}
glance::api::registry_client_protocol: {get_param: [EndpointMap, GlanceRegistryInternal, protocol] }
glance::api::authtoken::password: {get_param: GlancePassword}
glance::api::enable_proxy_headers_parsing: true
glance::api::debug: {get_param: Debug}
glance::api::workers: {get_param: GlanceWorkers}
tripleo.glance_api.firewall_rules:
'112 glance_api':
dport:
- 9292
- 13292
glance::api::authtoken::project_name: 'service'
glance::api::pipeline: 'keystone'
glance::api::show_image_direct_url: true
# NOTE: bind IP is found in Heat replacing the network name with the
# local node IP for the given network; replacement examples
# (eg. for internal_api):
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
glance::api::bind_host: {get_param: [ServiceNetMap, GlanceApiNetwork]}
step_config: |
include ::tripleo::profile::base::glance::api
service_config_settings:
get_attr: [GlanceBase, role_data, service_config_settings]
|