This introduces support for the new limit options which were added to
heat during 2024.1 cycle.
Depends-on: https://review.opendev.org/c/openstack/heat/+/906272
Change-Id: I622328a61ea24682dbe65dc4f4b3a90df5c7208f
This ensures the parameters used by if-else logic accept only boolean
values because non-boolean can result in unexpected behavior.
Change-Id: Ia67f4aba2c3064f9b0ba93430b9c0f7a14800ced
... instead of left unmanaged. The parameter was deprecated a while ago
but is still valid in Heat.
Change-Id: I13c7c869855c60c9db1ca57772a2c0989b511e94
The DEFAULT/trusts_delegated_roles parameter is a ListOpt, which
accepts a list value in a comma-separated list format. This change
allows usage of array to define the list value in a native manner.
Change-Id: I9d74fac8cdc4cfe7c7c6f366dba712b8c331b269
... because the max_stacks_per_tenant parameter is used by heat-engine,
and the very similar max_resources_per_stack parameter is implemented
in heat::engine.
Change-Id: I57a8e8b9643d999c8ed379895f998ee1d09fb1a8
... because its actual parameter in heat was already deprecated[1].
[1] 9723b0dab707bcedc846415b932b2ade5b7c1317
Change-Id: I782d6b3833f450178ccd34736de4c9f861937399
This adds a new parameter to configure client_retry_limit config
to a value higher than the default.
Change-Id: Ibd3999a394c8827efa7a6034e69e55858d2e44ed
This changes all the puppet 3 validate_* functions
to use the validate_legacy function.
The validate_legacy function has been available since
about three years but require Puppet >= 4.4.0 and since
there is Puppet 4.10.12 as latest we should assume people
are running a fairly new Puppet 4 version.
This is the first step to then remove all validate function
calls and use proper types for parameter as described in spec [1].
[1] https://review.openstack.org/#/c/568929/
Change-Id: I422be4bfb6fd6f73f0b24ae9464c5c85689594e1
When support for heat-api-cloudwatch was removed in
I155c92edd5d6959ac23d99804fd95dfb99c7042e the parameter,
heat_watch_server_url, was forgotten. This change marks the
forgotten parameter as deprecated and removes it from the
spec tests and heat config.
Change-Id: Icb9fa01cb37dd15b66fc6f1de183149ff884363d
Depends-On: https://review.openstack.org/581629
Previously the default value for the heat-engine workers setting was set
to $::os_service_default. We usually use our specific facts for the
worker settings so this change switches it to use the
$::os_worker_heat_engine fact.
Change-Id: I6a8d745b76afca1b1958816fa10a3f1dd30face6
Related-Bug: #1763671
Heat has an additional configuration for plugin_dirs
parameter. This parameter provides a list of directories
to search for plug-ins. This change allows configuration
of plugin_dirs parameter in heat.conf file. This change
will allow a user to set this value, if required. Else
$::os_service_default will be used and the parameter will
not be added to the config file, as it is done today.
Change-Id: I636d52f867ee447eaf0e1e80bf9fdc30c91f4ec1
This adds support for setting reauthentication_auth_method
flag in heat.conf.
Change-Id: I247b02a50bb46ce16ca120961dd9c3df3e6026fd
Partial-Bug: #1683983
These settings are all legacy, as for some time heat has instead supported
deriving the URLs internally using the endpoints from the keystone catalog.
Defaulting these to localhost seems like a bad default, as in
most cases heat will caclulate a more reasonable default (e.g something
derived from the actual heat public endpoint in keystone), and it's somewhat
surprising when you don't pass a value and get localhost instead of the heat
defaults.
They can still be used to override the keystone endpoint, which is sometimes
useful, but in most cases these should no longer be set IMO.
Note the relevant heat commits which make these settings optional are
Id402664e38e3da071ad634233b3a1f8e13af152d and
If8a2d3f37d87c26228e709c20f61969b397f2da0 (present in all Heat releases
since Mitaka)
Closes-Bug: #1641873
Change-Id: I90ccdd881a41d803e28064f44b821ab48a6fa8ea
This is a boolean which enables the "new" heat convergence architecture.
Heat plans to make this enabled by default soon (currently disabled), so
adding this will provide an easy way for deployers to maintain the old
architecture if they wish.
Change-Id: I4e879751a30c961e851ab9da80612d3f2fb2395a
This option exists for heat::api but is missing for heat::engine.
This commit adds the missing num_engine_workers parameter.
Change-Id: I69565c13b732ef74531a516aac8a368597411856
Previously the anchors and dependencies that allow external hooks were
all in the main ::heat class. However, if you wanted to include just
::heat::db::mysql, then it would fail, since it assumed the main heat
class was included. This moves all of those resources and relationships
into a new class, ::heat::deps. All of the classes will now include
this class so that the anchors and deps are always evaluated even if
only a portion of the classes are used, and even if ::heat isn't pulled
in.
Change-Id: I4297df160a7afae2b66c1ac76e37de313fa4fb09
Closes-Bug: #1507934
Before you could configure the role in the config file but not the
keystone role that was created. Now you can do both.
Change-Id: Iea6df1679d3ceef1f0876e65dac06628147c700b
In Kilo, we decided to use ::heat::keystone::auth to manage the
Keystone_role resource to help with Trusts configuration.
Though the configuration was and still remains part of ::heat::engine
class because we assume ::heat::keystone::auth can be run outside the
heat-engine node.
So this patch aims to drop the deprecated parameter, update the
documentation and unit tests.
Change-Id: I045a3a82095e23778c4e878b13f2fc7f561d680e
This adds defined anchor points for external modules to hook into the
software install, config and service dependency chain. This allows
external modules to manage software installation (virtualenv,
containers, etc) and service management (pacemaker) without needing rely
on resources that may change or be renamed.
Change-Id: I032ee01505e0cbc125b0e219c436b77c93f57720
Currently we specify the ordering of config resources wherever it is
necessary based on the presence of the file it will write to, or the
presence of the package in charge of providing the file it will write
to.
Those kind of ordering can be specified directly at the resource level
using the autorequire mechanism. With this patch, any config resource
will make sure the package in charge of providing the file will be
installed first.
Change-Id: I6476060c97d350640b5a254738a60e319ad522e9
In order to standardize the way dbsync are run across our modules,
we create a new class heat::db::sync.
This class will be included if sync_db is enabled.
By making this transition the heat::db::sync class
can be returned by the ENC.
A use case would be in an highly available environment, with 3 galera
nodes, include heat on every node with sync_db set to false
and have the ENC return heat::db::sync just for one node.
Change-Id: I2165dcce6ae9a47b8c9315411933de42516a18c9
In order to be able to take an action after all the packages of the
module have been installed/updated or all the services have been
started/restarted, we set a 'heat-package' and 'heat-service' tag
for each package and service of this module.
At the moment, there is a generic openstack tag that is not specific
enough if one wants to take action upon a single module change.
Use case :
If an action needs to be taken after all the packages have been
installed or updated : Package <| tag == 'heat-package' |> -> X
Change-Id: I38a6b422054dbf0fceacf6b7e329dbb3cb0fa9cb
This change allows the Kilo heat.conf options
default_software_config_transport and default_deployment_signal_transport to
be set. This is required for operators who would prefer a different default
transort, such as Swift TempURLs.
Change-Id: I66a20f2fd6370909165093b77ef04992fb735380
When using a string with a length != 16, 24, or 32 as value for the
auth_encryption_key parameter in the /etc/heat/heat.conf file it is not
possible to create new stacks. Creating a new stack (and probably
anything else) will fail with the following exception:
ValueError: AES key must be either 16, 24, or 32 bytes long.
Change-Id: I4e35cf0f782f22861319d05a3f028e5784ad26d5
Closes-bug: #1415887
This adds a package_ensure parameter to all classes that did not have it
and updated all package resources to use the package_ensure parameter.
Change-Id: I49c3e50153bc5eba323c5a766ed1f30c23653985
Other components offer the option to decide whether or not to run the
db sync command. Heat was missing this feature. This commit add this
feature for Heat.
Change-Id: I06b669123fe08e02c66ee34dab78a943ff5de90c
Some users wish to override the default package provider by their own.
Tag all packages with the 'openstack' to allow mass resource attributes
override using resource collectors.
Closes-bug: #1391209
Change-Id: I09e54700438894e22d29605fec51bb056baf4050
Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
This adds support for enable_stack_adopt and moves
enable_stack_abandon out of the engine manifest and into the main one.
Change-Id: I93629f2b2173a767669fec0b17107a69dbf759de
This changes the puppet-lint requirement to 1.1.x, so that we can use
puppet-lint plugins. Most of these plugins are for 4.x compat, but some
just catch common errors.
Change-Id: If5f03538be85cee4a1d3b4c9a87eae1230432114
Takashi Kajinami