openstack/tripleo-heat-templates
Code Issues Proposed changes
6b8c34b27a
tripleo-heat-templates/puppet/services/cinder-api.yaml
Steven Hardy 3c6ec654b4 Bump template version for all templates to "ocata" 
Heat now supports release name aliases, so we can replace
the inconsistent mix of date related versions with one consistent
version that aligns with the supported version of heat for this
t-h-t branch.

This should also help new users who sometimes copy/paste old templates
and discover intrinsic functions in the t-h-t docs don't work because
their template version is too old.

Change-Id: Ib415e7290fea27447460baa280291492df197e54
2016-12-23 11:43:39 +00:00

150 lines
6.0 KiB
YAML
Raw Blame History

heat_template_version: ocata
description: >
OpenStack Cinder API service configured with Puppet
parameters:
CinderEnableDBPurge:
default: true
description: |
Whether to create cron job for purging soft deleted rows in Cinder database.
type: boolean
CinderPassword:
description: The password for the cinder service account, used by cinder-api.
type: string
hidden: true
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
MonitoringSubscriptionCinderApi:
default: 'overcloud-cinder-api'
type: string
CinderApiLoggingSource:
type: json
default:
tag: openstack.cinder.api
path: /var/log/cinder/cinder-api.log
CinderWorkers:
type: string
description: Set the number of workers for cinder::wsgi::apache
default: '%{::os_workers}'
EnableInternalTLS:
type: boolean
default: false
conditions:
cinder_workers_zero: {equals : [{get_param: CinderWorkers}, 0]}
resources:
ApacheServiceBase:
type: ./apache.yaml
properties:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
EnableInternalTLS: {get_param: EnableInternalTLS}
CinderBase:
type: ./cinder-base.yaml
properties:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
outputs:
role_data:
description: Role data for the Cinder API role.
value:
service_name: cinder_api
monitoring_subscription: {get_param: MonitoringSubscriptionCinderApi}
logging_source: {get_param: CinderApiLoggingSource}
logging_groups:
- cinder
config_settings:
map_merge:
- get_attr: [CinderBase, role_data, config_settings]
- get_attr: [ApacheServiceBase, role_data, config_settings]
- cinder::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
cinder::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
cinder::keystone::authtoken::password: {get_param: CinderPassword}
cinder::keystone::authtoken::project_name: 'service'
cinder::api::enable_proxy_headers_parsing: true
cinder::api::nova_catalog_info: 'compute:Compute Service:internalURL'
# TODO(emilien) move it to puppet-cinder
cinder::config:
DEFAULT/swift_catalog_info:
value: 'object-store:swift:internalURL'
cinder::glance::glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
tripleo::profile::base::cinder::cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
tripleo.cinder_api.firewall_rules:
'119 cinder':
dport:
- 8776
- 13776
cinder::api::bind_host:
str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
cinder::wsgi::apache::ssl: {get_param: EnableInternalTLS}
cinder::api::service_name: 'httpd'
# NOTE: bind IP is found in Heat replacing the network name with the local node IP
# for the given network; replacement examples (eg. for internal_api):
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
cinder::wsgi::apache::bind_host: {get_param: [ServiceNetMap, CinderApiNetwork]}
cinder::wsgi::apache::servername:
str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, CinderApiNetwork]}
-
if:
- cinder_workers_zero
- {}
- cinder::wsgi::apache::workers: {get_param: CinderWorkers}
step_config: |
include ::tripleo::profile::base::cinder::api
service_config_settings:
keystone:
cinder::keystone::auth::tenant: 'service'
cinder::keystone::auth::public_url: {get_param: [EndpointMap, CinderPublic, uri]}
cinder::keystone::auth::internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
cinder::keystone::auth::admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
cinder::keystone::auth::public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
cinder::keystone::auth::internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
cinder::keystone::auth::admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
cinder::keystone::auth::public_url_v3: {get_param: [EndpointMap, CinderV3Public, uri]}
cinder::keystone::auth::internal_url_v3: {get_param: [EndpointMap, CinderV3Internal, uri]}
cinder::keystone::auth::admin_url_v3: {get_param: [EndpointMap, CinderV3Admin, uri]}
cinder::keystone::auth::password: {get_param: CinderPassword}
cinder::keystone::auth::region: {get_param: KeystoneRegion}
mysql:
cinder::db::mysql::password: {get_param: CinderPassword}
cinder::db::mysql::user: cinder
cinder::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
cinder::db::mysql::dbname: cinder
cinder::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
View Git Blame Copy Permalink