1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
heat_template_version: pike
description: >
OpenStack Octavia API service.
parameters:
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
OctaviaPassword:
description: The password for the Octavia's database account.
type: string
hidden: true
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
MonitoringSubscriptionOctaviaApi:
default: 'overcloud-octavia-api'
type: string
OctaviaApiLoggingSource:
type: json
default:
tag: openstack.octavia.api
path: /var/log/octavia/api.log
OctaviaApiPolicies:
description: |
A hash of policies to configure for Octavia API.
e.g. { octavia-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
resources:
OctaviaBase:
type: ./octavia-base.yaml
properties:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Octavia API service.
value:
service_name: octavia_api
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaApi}
logging_source: {get_param: OctaviaApiLoggingSource}
logging_groups:
- octavia
config_settings:
map_merge:
- get_attr: [OctaviaBase, role_data, config_settings]
- octavia::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
octavia::policy::policies: {get_param: OctaviaApiPolicies}
octavia::db::database_connection:
make_url:
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
username: octavia
password: {get_param: OctaviaPassword}
host: {get_param: [EndpointMap, MysqlInternal, host]}
path: /octavia
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
octavia::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
octavia::keystone::authtoken::project_name: 'service'
octavia::keystone::authtoken::password: {get_param: OctaviaPassword}
octavia::api::sync_db: true
tripleo.octavia_api.firewall_rules:
'120 octavia api':
dport:
- 9876
- 13876
octavia::api::host: {get_param: [ServiceNetMap, OctaviaApiNetwork]}
step_config: |
include tripleo::profile::base::octavia::api
service_config_settings:
keystone:
octavia::keystone::auth::tenant: 'service'
octavia::keystone::auth::public_url: {get_param: [EndpointMap, OctaviaPublic, uri]}
octavia::keystone::auth::internal_url: { get_param: [ EndpointMap, OctaviaInternal, uri ] }
octavia::keystone::auth::admin_url: { get_param: [ EndpointMap, OctaviaAdmin, uri ] }
octavia::keystone::auth::password: {get_param: OctaviaPassword}
octavia::keystone::auth::region: {get_param: KeystoneRegion}
mysql:
octavia::db::mysql::password: {get_param: OctaviaPassword}
octavia::db::mysql::user: octavia
octavia::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
octavia::db::mysql::dbname: octavia
octavia::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
neutron_api:
neutron::server::service_providers: ['LOADBALANCERV2:Octavia:neutron_lbaas.drivers.octavia.driver.OctaviaDriver:default']
|