heat_template_version: queens description: > OpenStack Octavia API service. parameters: ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json OctaviaPassword: description: The password for the Octavia's database account. type: string hidden: true KeystoneRegion: type: string default: 'regionOne' description: Keystone region for endpoint MonitoringSubscriptionOctaviaApi: default: 'overcloud-octavia-api' type: string OctaviaApiLoggingSource: type: json default: tag: openstack.octavia.api path: /var/log/octavia/api.log OctaviaApiPolicies: description: | A hash of policies to configure for Octavia API. e.g. { octavia-context_is_admin: { key: context_is_admin, value: 'role:admin' } } default: {} type: json resources: OctaviaBase: type: ./octavia-base.yaml properties: ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} RoleName: {get_param: RoleName} RoleParameters: {get_param: RoleParameters} outputs: role_data: description: Role data for the Octavia API service. value: service_name: octavia_api monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaApi} config_settings: map_merge: - get_attr: [OctaviaBase, role_data, config_settings] - octavia::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] } octavia::policy::policies: {get_param: OctaviaApiPolicies} octavia::db::database_connection: make_url: scheme: {get_param: [EndpointMap, MysqlInternal, protocol]} username: octavia password: {get_param: OctaviaPassword} host: {get_param: [EndpointMap, MysqlInternal, host]} path: /octavia query: read_default_file: /etc/my.cnf.d/tripleo.cnf read_default_group: tripleo octavia::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]} octavia::keystone::authtoken::project_name: 'service' octavia::keystone::authtoken::password: {get_param: OctaviaPassword} octavia::api::sync_db: true tripleo.octavia_api.firewall_rules: '120 octavia api': dport: - 9876 - 13876 octavia::api::host: str_replace: template: "%{hiera('$NETWORK')}" params: $NETWORK: {get_param: [ServiceNetMap, OctaviaApiNetwork]} step_config: | include tripleo::profile::base::octavia::api service_config_settings: fluentd: tripleo_fluentd_groups_octavia_api: - octavia tripleo_fluentd_sources_octavia_api: - {get_param: OctaviaApiLoggingSource} keystone: octavia::keystone::auth::tenant: 'service' octavia::keystone::auth::public_url: {get_param: [EndpointMap, OctaviaPublic, uri]} octavia::keystone::auth::internal_url: { get_param: [ EndpointMap, OctaviaInternal, uri ] } octavia::keystone::auth::admin_url: { get_param: [ EndpointMap, OctaviaAdmin, uri ] } octavia::keystone::auth::password: {get_param: OctaviaPassword} octavia::keystone::auth::region: {get_param: KeystoneRegion} mysql: octavia::db::mysql::password: {get_param: OctaviaPassword} octavia::db::mysql::user: octavia octavia::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]} octavia::db::mysql::dbname: octavia octavia::db::mysql::allowed_hosts: - '%' - "%{hiera('mysql_bind_host')}"