Drop openstack::heat
This uplifts the openstack::heat directly into the calling task. Closes-bug: #1544179 Change-Id: Id3a39e0c75832e64c2f60664c0ffc0acfa7c0ec3 Blueprint: fuel-remove-conflict-openstack
This commit is contained in:
parent
0a7b366c92
commit
eb22a92462
|
@ -11,7 +11,6 @@
|
|||
# the inclusion of this class.
|
||||
#
|
||||
class cluster::heat_engine {
|
||||
include ::heat::engine
|
||||
include ::heat::params
|
||||
|
||||
$primitive_type = 'heat-engine'
|
||||
|
|
|
@ -1,206 +0,0 @@
|
|||
#
|
||||
# == Class: openstack::heat
|
||||
#
|
||||
# Installs and configures Heat
|
||||
#
|
||||
# === Parameters
|
||||
#
|
||||
# [heat_protocol]
|
||||
# Protocol to use for reach Heat-related services.
|
||||
# Optional. Defaults to 'http'.
|
||||
#
|
||||
#
|
||||
#TODO(bogdando) sync extended qpid rpc backend configuration here as well
|
||||
# [use_stderr] Rather or not service should send output to stderr. Optional. Defaults to true.
|
||||
#
|
||||
# [*auth_uri*]
|
||||
# (optional) The public auth identity uri for the heat service
|
||||
# Should be used instead of keystone_{host,port,protocol}
|
||||
# Defaults to false
|
||||
#
|
||||
# [*identity_uri*]
|
||||
# (optional) The admin identity url for the heat service
|
||||
# Should be used instead of keystone_{host,port,protocol}
|
||||
# Defaults to false
|
||||
#
|
||||
# [*db_connection*]
|
||||
# (optional) Connection string for database backend.
|
||||
# Defaults to 'mysql://heat:heat@localhost/heat'
|
||||
#
|
||||
# === Deprecated
|
||||
#
|
||||
# [*keystone_host*]
|
||||
# DEPRECATED. (optional) Old keystone host used to construct urls. Use auth_uri and
|
||||
# identity_uri instead.
|
||||
# Defaults to false
|
||||
#
|
||||
class openstack::heat (
|
||||
$external_ip = '127.0.0.1',
|
||||
$enabled = true,
|
||||
|
||||
$keystone_auth = true,
|
||||
$keystone_host = false,
|
||||
$keystone_port = '35357',
|
||||
$keystone_service_port = '5000',
|
||||
$keystone_protocol = 'http',
|
||||
$keystone_user = 'heat',
|
||||
$keystone_tenant = 'services',
|
||||
$keystone_password = false,
|
||||
$keystone_ec2_uri = false,
|
||||
$region = 'RegionOne',
|
||||
$auth_uri = false,
|
||||
$identity_uri = false,
|
||||
$heat_protocol = 'http',
|
||||
$trusts_delegated_roles = [],
|
||||
|
||||
$primary_controller = false,
|
||||
$verbose = false,
|
||||
$debug = false,
|
||||
$default_log_levels = undef,
|
||||
$use_syslog = false,
|
||||
$use_stderr = true,
|
||||
$syslog_log_facility = 'LOG_LOCAL0',
|
||||
$log_dir = '/var/log/heat',
|
||||
|
||||
$rpc_backend = 'rabbit',
|
||||
$amqp_hosts = ['127.0.0.1:5672'],
|
||||
$amqp_user = 'heat',
|
||||
$amqp_password = false,
|
||||
$rabbit_virtualhost = '/',
|
||||
|
||||
$heat_stack_user_role = 'heat_stack_user',
|
||||
$heat_metadata_server_url = false,
|
||||
$heat_waitcondition_server_url = false,
|
||||
$heat_watch_server_url = false,
|
||||
$auth_encryption_key = '%ENCRYPTION_KEY%',
|
||||
|
||||
$db_connection = 'mysql://heat:heat@localhost/heat',
|
||||
$db_allowed_hosts = ['localhost','%'],
|
||||
$idle_timeout = '3600',
|
||||
$max_pool_size = '10',
|
||||
$max_overflow = '30',
|
||||
$max_retries = '-1',
|
||||
|
||||
$ic_https_validate_certs = '1',
|
||||
$ic_is_secure = '0',
|
||||
|
||||
$api_bind_host = '0.0.0.0',
|
||||
$api_bind_port = '8004',
|
||||
$api_cfn_bind_host = '0.0.0.0',
|
||||
$api_cfn_bind_port = '8000',
|
||||
$api_cloudwatch_bind_host = '0.0.0.0',
|
||||
$api_cloudwatch_bind_port = '8003',
|
||||
){
|
||||
|
||||
# No empty passwords allowed
|
||||
validate_string($amqp_password)
|
||||
|
||||
# Generate values logic
|
||||
if $keystone_ec2_uri {
|
||||
$keystone_ec2_uri_real = $keystone_ec2_uri
|
||||
} else {
|
||||
$keystone_ec2_uri_real = "${keystone_protocol}://${keystone_host}:${keystone_port}/v2.0/ec2tokens"
|
||||
}
|
||||
if $heat_metadata_server_url {
|
||||
$metadata_server_url = $heat_metadata_server_url
|
||||
} else {
|
||||
$metadata_server_url = "${heat_protocol}://${external_ip}:${api_cfn_bind_port}"
|
||||
}
|
||||
if $heat_waitcondition_server_url {
|
||||
$waitcondition_server_url = $heat_waitcondition_server_url
|
||||
} else {
|
||||
$waitcondition_server_url = "${heat_protocol}://${external_ip}:${api_cfn_bind_port}/v1/waitcondition"
|
||||
}
|
||||
if $heat_watch_server_url {
|
||||
$watch_server_url = $heat_watch_server_url
|
||||
} else {
|
||||
$watch_server_url = "${heat_protocol}://${external_ip}:${api_cloudwatch_bind_port}"
|
||||
}
|
||||
|
||||
Package<| title == 'heat-api-cfn' or title == 'heat-api-cloudwatch' |>
|
||||
Heat_config <|
|
||||
title == 'DEFAULT/instance_connection_https_validate_certificates' or
|
||||
title == 'DEFAULT/instance_connection_is_secure'
|
||||
|> ->
|
||||
Service<| title == 'heat-api-cfn' or title == 'heat-api-cloudwatch' |>
|
||||
|
||||
# Syslog configuration
|
||||
if $use_syslog {
|
||||
heat_config {
|
||||
'DEFAULT/use_syslog_rfc_format': value => true;
|
||||
}
|
||||
}
|
||||
|
||||
# Common configuration, logging and RPC
|
||||
class { '::heat':
|
||||
auth_uri => $auth_uri,
|
||||
identity_uri => $identity_uri,
|
||||
keystone_ec2_uri => $keystone_ec2_uri_real,
|
||||
keystone_host => $keystone_host,
|
||||
keystone_port => $keystone_port,
|
||||
keystone_protocol => $keystone_protocol,
|
||||
keystone_user => $keystone_user,
|
||||
keystone_tenant => $keystone_tenant,
|
||||
keystone_password => $keystone_password,
|
||||
region_name => $region,
|
||||
|
||||
database_connection => $db_connection,
|
||||
database_idle_timeout => $idle_timeout,
|
||||
sync_db => $primary_controller,
|
||||
|
||||
rpc_backend => $rpc_backend,
|
||||
rpc_response_timeout => '600',
|
||||
rabbit_hosts => $amqp_hosts,
|
||||
rabbit_userid => $amqp_user,
|
||||
rabbit_password => $amqp_password,
|
||||
rabbit_virtual_host => $rabbit_virtualhost,
|
||||
|
||||
log_dir => $log_dir,
|
||||
verbose => $verbose,
|
||||
debug => $debug,
|
||||
use_syslog => $use_syslog,
|
||||
use_stderr => $use_stderr,
|
||||
log_facility => $syslog_log_facility,
|
||||
|
||||
max_template_size => '5440000',
|
||||
max_json_body_size => '10880000',
|
||||
notification_driver => 'heat.openstack.common.notifier.rpc_notifier',
|
||||
|
||||
database_max_pool_size => $max_pool_size,
|
||||
database_max_overflow => $max_overflow,
|
||||
database_max_retries => $max_retries,
|
||||
}
|
||||
|
||||
# Engine
|
||||
class { 'heat::engine' :
|
||||
auth_encryption_key => $auth_encryption_key,
|
||||
heat_stack_user_role => $heat_stack_user_role,
|
||||
heat_metadata_server_url => $metadata_server_url,
|
||||
heat_waitcondition_server_url => $waitcondition_server_url,
|
||||
heat_watch_server_url => $watch_server_url,
|
||||
trusts_delegated_roles => $trusts_delegated_roles,
|
||||
max_resources_per_stack => '20000',
|
||||
instance_connection_https_validate_certificates => $ic_https_validate_certs,
|
||||
instance_connection_is_secure => $ic_is_secure,
|
||||
}
|
||||
|
||||
# Install the heat APIs
|
||||
class { 'heat::api':
|
||||
bind_host => $api_bind_host,
|
||||
bind_port => $api_bind_port,
|
||||
enabled => $enabled,
|
||||
}
|
||||
class { 'heat::api_cfn' :
|
||||
bind_host => $api_cfn_bind_host,
|
||||
bind_port => $api_cfn_bind_port,
|
||||
enabled => $enabled,
|
||||
}
|
||||
class { 'heat::api_cloudwatch' :
|
||||
bind_host => $api_cloudwatch_bind_host,
|
||||
bind_port => $api_cloudwatch_bind_port,
|
||||
enabled => $enabled,
|
||||
}
|
||||
|
||||
# Client
|
||||
class { 'heat::client' : }
|
||||
}
|
|
@ -1,57 +0,0 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'openstack::heat' do
|
||||
|
||||
let :params do
|
||||
{
|
||||
:amqp_password => "rabbit_password",
|
||||
}
|
||||
end
|
||||
|
||||
shared_examples_for 'heat configuration' do
|
||||
|
||||
it 'contains openstack::heat' do
|
||||
should contain_class('openstack::heat')
|
||||
end
|
||||
|
||||
it 'configures with the default params' do
|
||||
should contain_class('heat').with(
|
||||
:database_connection => 'mysql://heat:heat@localhost/heat'
|
||||
)
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
context 'on Debian platforms' do
|
||||
let :facts do
|
||||
{ :osfamily => 'Debian',
|
||||
:operatingsystem => 'Debian',
|
||||
:hostname => 'hostname.example.com',
|
||||
:physicalprocessorcount => 2,
|
||||
:memorysize_mb => 1024,
|
||||
:openstack_version => {'nova' => 'present' },
|
||||
:os_service_default => '<SERVICE DEFAULT>',
|
||||
}
|
||||
end
|
||||
|
||||
it_configures 'heat configuration'
|
||||
end
|
||||
|
||||
context 'on RedHat platforms' do
|
||||
let :facts do
|
||||
{ :osfamily => 'RedHat',
|
||||
:operatingsystem => 'RedHat',
|
||||
:operatingsystemrelease => '7.1',
|
||||
:operatingsystemmajrelease => '7',
|
||||
:hostname => 'hostname.example.com',
|
||||
:physicalprocessorcount => 2,
|
||||
:memorysize_mb => 1024,
|
||||
:openstack_version => {'nova' => 'present' },
|
||||
:os_service_default => '<SERVICE DEFAULT>',
|
||||
}
|
||||
end
|
||||
|
||||
it_configures 'heat configuration'
|
||||
end
|
||||
|
||||
end
|
|
@ -1,7 +1,6 @@
|
|||
notice('MODULAR: heat.pp')
|
||||
|
||||
prepare_network_config(hiera_hash('network_scheme', {}))
|
||||
$management_vip = hiera('management_vip')
|
||||
$heat_hash = hiera_hash('heat', {})
|
||||
$sahara_hash = hiera_hash('sahara', {})
|
||||
$rabbit_hash = hiera_hash('rabbit', {})
|
||||
|
@ -9,36 +8,43 @@ $max_retries = hiera('max_retries')
|
|||
$max_pool_size = hiera('max_pool_size')
|
||||
$max_overflow = hiera('max_overflow')
|
||||
$idle_timeout = hiera('idle_timeout')
|
||||
$service_endpoint = hiera('service_endpoint')
|
||||
$keystone_host = hiera('service_endpoint')
|
||||
$public_ssl_hash = hiera_hash('public_ssl')
|
||||
$ssl_hash = hiera_hash('use_ssl', {})
|
||||
$public_vip = hiera('public_vip')
|
||||
$management_vip = hiera('management_vip')
|
||||
$primary_controller = hiera('primary_controller')
|
||||
|
||||
$public_auth_protocol = get_ssl_property($ssl_hash, $public_ssl_hash, 'keystone', 'public', 'protocol', 'http')
|
||||
$public_auth_address = get_ssl_property($ssl_hash, $public_ssl_hash, 'keystone', 'public', 'hostname', [$public_vip])
|
||||
$internal_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'protocol', 'http')
|
||||
$internal_auth_address = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [$service_endpoint, $management_vip])
|
||||
$internal_auth_address = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [$keystone_host, $management_vip])
|
||||
$admin_auth_protocol = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
|
||||
$admin_auth_address = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [$service_endpoint, $management_vip])
|
||||
|
||||
$heat_protocol = get_ssl_property($ssl_hash, {}, 'heat', 'internal', 'protocol', 'http')
|
||||
$heat_endpoint = get_ssl_property($ssl_hash, {}, 'heat', 'internal', 'hostname', [hiera('heat_endpoint', ''), $management_vip])
|
||||
$internal_ssl = get_ssl_property($ssl_hash, {}, 'heat', 'internal', 'usage', false)
|
||||
$admin_auth_address = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [$keystone_host, $management_vip])
|
||||
|
||||
$heat_protocol = get_ssl_property($ssl_hash, {}, 'heat', 'public', 'protocol', 'http')
|
||||
$heat_endpoint = get_ssl_property($ssl_hash, {}, 'heat', 'public', 'hostname', [hiera('heat_endpoint', ''), $public_vip])
|
||||
$public_ssl = get_ssl_property($ssl_hash, {}, 'heat', 'public', 'usage', false)
|
||||
|
||||
$auth_uri = "${public_auth_protocol}://${public_auth_address}:5000/v2.0/"
|
||||
$identity_uri = "${admin_auth_protocol}://${admin_auth_address}:35357/"
|
||||
$auth_uri = "${public_auth_protocol}://${public_auth_address}:5000/v2.0/"
|
||||
$identity_uri = "${admin_auth_protocol}://${admin_auth_address}:35357/"
|
||||
$keystone_ec2_uri = "${internal_auth_protocol}://${internal_auth_address}:5000/v2.0"
|
||||
|
||||
$api_bind_port = '8004'
|
||||
$api_cfn_bind_port = '8000'
|
||||
$api_cloudwatch_bind_port = '8003'
|
||||
$metadata_server_url = "${heat_protocol}://${heat_endpoint}:${api_cfn_bind_port}"
|
||||
$waitcondition_server_url = "${metadata_server_url}/v1/waitcondition"
|
||||
$watch_server_url = "${heat_protocol}://${heat_endpoint}:${api_cloudwatch_bind_port}"
|
||||
|
||||
|
||||
$debug = pick($heat_hash['debug'], hiera('debug', false))
|
||||
$verbose = pick($heat_hash['verbose'], hiera('verbose', true))
|
||||
$default_log_levels = hiera_hash('default_log_levels')
|
||||
$use_stderr = hiera('use_stderr', false)
|
||||
$use_syslog = hiera('use_syslog', true)
|
||||
$syslog_log_facility_heat = hiera('syslog_log_facility_heat')
|
||||
$syslog_log_facility = hiera('syslog_log_facility_heat')
|
||||
$deployment_mode = hiera('deployment_mode')
|
||||
$bind_address = get_network_role_property('heat/api', 'ipaddr')
|
||||
$bind_host = get_network_role_property('heat/api', 'ipaddr')
|
||||
$memcache_address = get_network_role_property('mgmt/memcache', 'ipaddr')
|
||||
$keystone_user = pick($heat_hash['user'], 'heat')
|
||||
$keystone_tenant = pick($heat_hash['tenant'], 'services')
|
||||
|
@ -86,47 +92,6 @@ if $::operatingsystem == 'Ubuntu' {
|
|||
Tweaks::Ubuntu_service_override['heat-engine'] -> Service['heat-engine']
|
||||
}
|
||||
|
||||
class { 'openstack::heat' :
|
||||
external_ip => $management_vip,
|
||||
keystone_auth => pick($heat_hash['keystone_auth'], true),
|
||||
api_bind_host => $bind_address,
|
||||
api_cfn_bind_host => $bind_address,
|
||||
api_cloudwatch_bind_host => $bind_address,
|
||||
auth_uri => $auth_uri,
|
||||
identity_uri => $identity_uri,
|
||||
keystone_protocol => $keystone_protocol,
|
||||
keystone_host => $service_endpoint,
|
||||
keystone_user => $keystone_user,
|
||||
keystone_password => $heat_hash['user_password'],
|
||||
keystone_tenant => $keystone_tenant,
|
||||
keystone_ec2_uri => "${internal_auth_protocol}://${internal_auth_address}:5000/v2.0",
|
||||
region => $region,
|
||||
rpc_backend => 'rabbit',
|
||||
amqp_hosts => split(hiera('amqp_hosts',''), ','),
|
||||
heat_protocol => $heat_protocol,
|
||||
amqp_user => $rabbit_hash['user'],
|
||||
amqp_password => $rabbit_hash['password'],
|
||||
db_connection => $db_connection,
|
||||
max_retries => $max_retries,
|
||||
max_pool_size => $max_pool_size,
|
||||
max_overflow => $max_overflow,
|
||||
idle_timeout => $idle_timeout,
|
||||
primary_controller => $primary_controller,
|
||||
debug => $debug,
|
||||
verbose => $verbose,
|
||||
default_log_levels => $default_log_levels,
|
||||
use_syslog => $use_syslog,
|
||||
use_stderr => $use_stderr,
|
||||
syslog_log_facility => $syslog_log_facility_heat,
|
||||
auth_encryption_key => $heat_hash['auth_encryption_key'],
|
||||
}
|
||||
|
||||
if hiera('heat_ha_engine', true){
|
||||
if ($deployment_mode == 'ha') or ($deployment_mode == 'ha_compact') {
|
||||
include ::cluster::heat_engine
|
||||
}
|
||||
}
|
||||
|
||||
if $sahara_hash['enabled'] {
|
||||
heat_config {
|
||||
'DEFAULT/reauthentication_auth_method': value => 'trusts';
|
||||
|
@ -209,3 +174,96 @@ class mysql::server {}
|
|||
class mysql::config {}
|
||||
include mysql::server
|
||||
include mysql::config
|
||||
|
||||
######################
|
||||
|
||||
# No empty passwords allowed
|
||||
validate_string($amqp_password)
|
||||
|
||||
Package<| title == 'heat-api-cfn' or title == 'heat-api-cloudwatch' |> ->
|
||||
Heat_config <|
|
||||
title == 'DEFAULT/instance_connection_https_validate_certificates' or
|
||||
title == 'DEFAULT/instance_connection_is_secure'
|
||||
|> ->
|
||||
Service<| title == 'heat-api-cfn' or title == 'heat-api-cloudwatch' |>
|
||||
|
||||
# Syslog configuration
|
||||
if $use_syslog {
|
||||
heat_config {
|
||||
'DEFAULT/use_syslog_rfc_format': value => true;
|
||||
}
|
||||
}
|
||||
|
||||
# Common configuration, logging and RPC
|
||||
class { '::heat':
|
||||
auth_uri => $auth_uri,
|
||||
identity_uri => $identity_uri,
|
||||
keystone_ec2_uri => $keystone_ec2_uri,
|
||||
keystone_user => $keystone_user,
|
||||
keystone_tenant => $keystone_tenant,
|
||||
keystone_password => $heat_hash['user_password'],
|
||||
region_name => $region,
|
||||
|
||||
database_connection => $db_connection,
|
||||
database_idle_timeout => $idle_timeout,
|
||||
sync_db => $primary_controller,
|
||||
|
||||
rpc_backend => 'rabbit',
|
||||
rpc_response_timeout => '600',
|
||||
rabbit_hosts => split(hiera('amqp_hosts',''), ','),
|
||||
rabbit_userid => $rabbit_hash['user'],
|
||||
rabbit_password => $rabbit_hash['password'],
|
||||
|
||||
log_dir => '/var/log/heat',
|
||||
verbose => $verbose,
|
||||
debug => $debug,
|
||||
use_syslog => $use_syslog,
|
||||
use_stderr => $use_stderr,
|
||||
log_facility => $syslog_log_facility,
|
||||
|
||||
max_template_size => '5440000',
|
||||
max_json_body_size => '10880000',
|
||||
notification_driver => 'heat.openstack.common.notifier.rpc_notifier',
|
||||
|
||||
database_max_pool_size => $max_pool_size,
|
||||
database_max_overflow => $max_overflow,
|
||||
database_max_retries => $max_retries,
|
||||
}
|
||||
|
||||
# Engine
|
||||
class { 'heat::engine' :
|
||||
auth_encryption_key => $heat_hash['auth_encryption_key'],
|
||||
heat_metadata_server_url => $metadata_server_url,
|
||||
heat_waitcondition_server_url => $waitcondition_server_url,
|
||||
heat_watch_server_url => $watch_server_url,
|
||||
# TODO(iberezovskiy) Added in 99ad7e2d, but not inline with upstream,
|
||||
# please coment which to use
|
||||
# https://github.com/openstack/puppet-heat/blob/master/manifests/engine.pp#L105
|
||||
trusts_delegated_roles => [],
|
||||
max_resources_per_stack => '20000',
|
||||
instance_connection_https_validate_certificates => '1',
|
||||
instance_connection_is_secure => '0',
|
||||
}
|
||||
|
||||
if hiera('heat_ha_engine', true){
|
||||
if ($deployment_mode == 'ha') or ($deployment_mode == 'ha_compact') {
|
||||
include ::cluster::heat_engine
|
||||
}
|
||||
}
|
||||
|
||||
# Install the heat APIs
|
||||
class { 'heat::api':
|
||||
bind_host => $bind_host,
|
||||
bind_port => $api_bind_port,
|
||||
}
|
||||
class { 'heat::api_cfn' :
|
||||
bind_host => $bind_host,
|
||||
bind_port => $api_cfn_bind_port,
|
||||
}
|
||||
class { 'heat::api_cloudwatch' :
|
||||
bind_host => $bind_host,
|
||||
bind_port => $api_cloudwatch_bind_port,
|
||||
|
||||
}
|
||||
# Client
|
||||
class { 'heat::client' : }
|
||||
|
|
|
@ -80,8 +80,8 @@ describe manifest do
|
|||
else
|
||||
extra_params = '?charset=utf8'
|
||||
end
|
||||
should contain_class('openstack::heat').with(
|
||||
:db_connection => "mysql://#{heat_db_user}:#{heat_db_password}@#{database_vip}/#{heat_db_name}#{extra_params}"
|
||||
should contain_class('heat').with(
|
||||
:database_connection => "mysql://#{heat_db_user}:#{heat_db_password}@#{database_vip}/#{heat_db_name}#{extra_params}"
|
||||
)
|
||||
end
|
||||
|
||||
|
@ -98,10 +98,10 @@ describe manifest do
|
|||
end
|
||||
|
||||
it 'should use auth_uri and identity_uri' do
|
||||
should contain_class('openstack::heat').with(
|
||||
'auth_uri' => "#{public_auth_protocol}://#{public_auth_address}:5000/v2.0/",
|
||||
'identity_uri' => "#{admin_auth_protocol}://#{admin_auth_address}:35357/",
|
||||
'primary_controller' => primary_controller,
|
||||
should contain_class('heat').with(
|
||||
'auth_uri' => "#{public_auth_protocol}://#{public_auth_address}:5000/v2.0/",
|
||||
'identity_uri' => "#{admin_auth_protocol}://#{admin_auth_address}:35357/",
|
||||
'sync_db' => primary_controller,
|
||||
)
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue