Drop openstack::heat

This uplifts the openstack::heat directly into the calling task. Closes-bug: #1544179 Change-Id: Id3a39e0c75832e64c2f60664c0ffc0acfa7c0ec3 Blueprint: fuel-remove-conflict-openstack
2016-02-26 16:53:45 -08:00 · 2016-02-26 16:53:45 -08:00 · eb22a92462
parent 0a7b366c92
commit eb22a92462
5 changed files with 118 additions and 324 deletions
--- a/deployment/puppet/cluster/manifests/heat_engine.pp
+++ b/deployment/puppet/cluster/manifests/heat_engine.pp
@ -11,7 +11,6 @@
 # the inclusion of this class.
 #
 class cluster::heat_engine {
-  include ::heat::engine
  include ::heat::params

  $primitive_type  = 'heat-engine'
--- a/deployment/puppet/openstack/manifests/heat.pp
+++ b/deployment/puppet/openstack/manifests/heat.pp
@ -1,206 +0,0 @@
-#
-# == Class: openstack::heat
-#
-# Installs and configures Heat
-#
-# === Parameters
-#
-# [heat_protocol]
-#   Protocol to use for reach Heat-related services.
-#   Optional. Defaults to 'http'.
-#
-#
-#TODO(bogdando) sync extended qpid rpc backend configuration here as well
-# [use_stderr] Rather or not service should send output to stderr. Optional. Defaults to true.
-#
-# [*auth_uri*]
-#  (optional) The public auth identity uri for the heat service
-#  Should be used instead of keystone_{host,port,protocol}
-#  Defaults to false
-#
-# [*identity_uri*]
-#  (optional) The admin identity url for the heat service
-#  Should be used instead of keystone_{host,port,protocol}
-#  Defaults to false
-#
-# [*db_connection*]
-#  (optional) Connection string for database backend.
-#  Defaults to 'mysql://heat:heat@localhost/heat'
-#
-# === Deprecated
-#
-# [*keystone_host*]
-#  DEPRECATED. (optional) Old keystone host used to construct urls. Use auth_uri and
-#  identity_uri instead.
-#  Defaults to false
-#
-class openstack::heat (
-  $external_ip                   = '127.0.0.1',
-  $enabled                       = true,
-
-  $keystone_auth                 = true,
-  $keystone_host                 = false,
-  $keystone_port                 = '35357',
-  $keystone_service_port         = '5000',
-  $keystone_protocol             = 'http',
-  $keystone_user                 = 'heat',
-  $keystone_tenant               = 'services',
-  $keystone_password             = false,
-  $keystone_ec2_uri              = false,
-  $region                        = 'RegionOne',
-  $auth_uri                      = false,
-  $identity_uri                  = false,
-  $heat_protocol                 = 'http',
-  $trusts_delegated_roles        = [],
-
-  $primary_controller            = false,
-  $verbose                       = false,
-  $debug                         = false,
-  $default_log_levels            = undef,
-  $use_syslog                    = false,
-  $use_stderr                    = true,
-  $syslog_log_facility           = 'LOG_LOCAL0',
-  $log_dir                       = '/var/log/heat',
-
-  $rpc_backend                   = 'rabbit',
-  $amqp_hosts                    = ['127.0.0.1:5672'],
-  $amqp_user                     = 'heat',
-  $amqp_password                 = false,
-  $rabbit_virtualhost            = '/',
-
-  $heat_stack_user_role          = 'heat_stack_user',
-  $heat_metadata_server_url      = false,
-  $heat_waitcondition_server_url = false,
-  $heat_watch_server_url         = false,
-  $auth_encryption_key           = '%ENCRYPTION_KEY%',
-
-  $db_connection                = 'mysql://heat:heat@localhost/heat',
-  $db_allowed_hosts              = ['localhost','%'],
-  $idle_timeout                  = '3600',
-  $max_pool_size                 = '10',
-  $max_overflow                  = '30',
-  $max_retries                   = '-1',
-
-  $ic_https_validate_certs       = '1',
-  $ic_is_secure                  = '0',
-
-  $api_bind_host                 = '0.0.0.0',
-  $api_bind_port                 = '8004',
-  $api_cfn_bind_host             = '0.0.0.0',
-  $api_cfn_bind_port             = '8000',
-  $api_cloudwatch_bind_host      = '0.0.0.0',
-  $api_cloudwatch_bind_port      = '8003',
-){
-
-  # No empty passwords allowed
-  validate_string($amqp_password)
-
-  # Generate values logic
-  if $keystone_ec2_uri {
-    $keystone_ec2_uri_real    = $keystone_ec2_uri
-  } else {
-    $keystone_ec2_uri_real    = "${keystone_protocol}://${keystone_host}:${keystone_port}/v2.0/ec2tokens"
-  }
-  if $heat_metadata_server_url {
-    $metadata_server_url      = $heat_metadata_server_url
-  } else {
-    $metadata_server_url      = "${heat_protocol}://${external_ip}:${api_cfn_bind_port}"
-  }
-  if $heat_waitcondition_server_url {
-    $waitcondition_server_url = $heat_waitcondition_server_url
-  } else {
-    $waitcondition_server_url = "${heat_protocol}://${external_ip}:${api_cfn_bind_port}/v1/waitcondition"
-  }
-  if $heat_watch_server_url {
-    $watch_server_url         = $heat_watch_server_url
-  } else {
-    $watch_server_url         = "${heat_protocol}://${external_ip}:${api_cloudwatch_bind_port}"
-  }
-
-  Package<| title == 'heat-api-cfn' or title == 'heat-api-cloudwatch' |>
-  Heat_config <|
-    title == 'DEFAULT/instance_connection_https_validate_certificates' or
-    title == 'DEFAULT/instance_connection_is_secure'
-  |> ->
-  Service<| title == 'heat-api-cfn' or title == 'heat-api-cloudwatch' |>
-
-  # Syslog configuration
-  if $use_syslog {
-    heat_config {
-      'DEFAULT/use_syslog_rfc_format': value => true;
-    }
-  }
-
-  # Common configuration, logging and RPC
-  class { '::heat':
-    auth_uri              => $auth_uri,
-    identity_uri          => $identity_uri,
-    keystone_ec2_uri      => $keystone_ec2_uri_real,
-    keystone_host         => $keystone_host,
-    keystone_port         => $keystone_port,
-    keystone_protocol     => $keystone_protocol,
-    keystone_user         => $keystone_user,
-    keystone_tenant       => $keystone_tenant,
-    keystone_password     => $keystone_password,
-    region_name           => $region,
-
-    database_connection   => $db_connection,
-    database_idle_timeout => $idle_timeout,
-    sync_db               => $primary_controller,
-
-    rpc_backend           => $rpc_backend,
-    rpc_response_timeout  => '600',
-    rabbit_hosts          => $amqp_hosts,
-    rabbit_userid         => $amqp_user,
-    rabbit_password       => $amqp_password,
-    rabbit_virtual_host   => $rabbit_virtualhost,
-
-    log_dir               => $log_dir,
-    verbose               => $verbose,
-    debug                 => $debug,
-    use_syslog            => $use_syslog,
-    use_stderr            => $use_stderr,
-    log_facility          => $syslog_log_facility,
-
-    max_template_size     => '5440000',
-    max_json_body_size    => '10880000',
-    notification_driver   => 'heat.openstack.common.notifier.rpc_notifier',
-
-    database_max_pool_size => $max_pool_size,
-    database_max_overflow  => $max_overflow,
-    database_max_retries   => $max_retries,
-  }
-
-  # Engine
-  class { 'heat::engine' :
-    auth_encryption_key           => $auth_encryption_key,
-    heat_stack_user_role          => $heat_stack_user_role,
-    heat_metadata_server_url      => $metadata_server_url,
-    heat_waitcondition_server_url => $waitcondition_server_url,
-    heat_watch_server_url         => $watch_server_url,
-    trusts_delegated_roles        => $trusts_delegated_roles,
-    max_resources_per_stack       => '20000',
-    instance_connection_https_validate_certificates => $ic_https_validate_certs,
-    instance_connection_is_secure => $ic_is_secure,
-  }
-
-  # Install the heat APIs
-  class { 'heat::api':
-    bind_host => $api_bind_host,
-    bind_port => $api_bind_port,
-    enabled   => $enabled,
-  }
-  class { 'heat::api_cfn' :
-    bind_host => $api_cfn_bind_host,
-    bind_port => $api_cfn_bind_port,
-    enabled   => $enabled,
-  }
-  class { 'heat::api_cloudwatch' :
-    bind_host => $api_cloudwatch_bind_host,
-    bind_port => $api_cloudwatch_bind_port,
-    enabled   => $enabled,
-  }
-
-  # Client
-  class { 'heat::client' :  }
-}
--- a/deployment/puppet/openstack/spec/classes/openstack_heat_spec.rb
+++ b/deployment/puppet/openstack/spec/classes/openstack_heat_spec.rb
@ -1,57 +0,0 @@
-require 'spec_helper'
-
-describe 'openstack::heat' do
-
-  let :params do
-    {
-        :amqp_password => "rabbit_password",
-    }
-  end
-
-  shared_examples_for 'heat configuration' do
-
-    it 'contains openstack::heat' do
-      should contain_class('openstack::heat')
-    end
-
-    it 'configures with the default params' do
-      should contain_class('heat').with(
-        :database_connection => 'mysql://heat:heat@localhost/heat'
-      )
-    end
-
-  end
-
-  context 'on Debian platforms' do
-    let :facts do
-      { :osfamily => 'Debian',
-        :operatingsystem => 'Debian',
-        :hostname => 'hostname.example.com',
-        :physicalprocessorcount => 2,
-        :memorysize_mb => 1024,
-        :openstack_version => {'nova' => 'present' },
-        :os_service_default => '<SERVICE DEFAULT>',
-      }
-    end
-
-    it_configures 'heat configuration'
-  end
-
-  context 'on RedHat platforms' do
-    let :facts do
-      { :osfamily => 'RedHat',
-        :operatingsystem => 'RedHat',
-        :operatingsystemrelease => '7.1',
-        :operatingsystemmajrelease => '7',
-        :hostname => 'hostname.example.com',
-        :physicalprocessorcount => 2,
-        :memorysize_mb => 1024,
-        :openstack_version => {'nova' => 'present' },
-        :os_service_default => '<SERVICE DEFAULT>',
-      }
-    end
-
-    it_configures 'heat configuration'
-  end
-
-end
--- a/deployment/puppet/osnailyfacter/modular/heat/heat.pp
+++ b/deployment/puppet/osnailyfacter/modular/heat/heat.pp
@ -1,7 +1,6 @@
 notice('MODULAR: heat.pp')

 prepare_network_config(hiera_hash('network_scheme', {}))
-$management_vip           = hiera('management_vip')
 $heat_hash                = hiera_hash('heat', {})
 $sahara_hash              = hiera_hash('sahara', {})
 $rabbit_hash              = hiera_hash('rabbit', {})
@ -9,36 +8,43 @@ $max_retries              = hiera('max_retries')
 $max_pool_size            = hiera('max_pool_size')
 $max_overflow             = hiera('max_overflow')
 $idle_timeout             = hiera('idle_timeout')
-$service_endpoint         = hiera('service_endpoint')
+$keystone_host            = hiera('service_endpoint')
 $public_ssl_hash          = hiera_hash('public_ssl')
 $ssl_hash                 = hiera_hash('use_ssl', {})
 $public_vip               = hiera('public_vip')
+$management_vip           = hiera('management_vip')
 $primary_controller       = hiera('primary_controller')

 $public_auth_protocol     = get_ssl_property($ssl_hash, $public_ssl_hash, 'keystone', 'public', 'protocol', 'http')
 $public_auth_address      = get_ssl_property($ssl_hash, $public_ssl_hash, 'keystone', 'public', 'hostname', [$public_vip])
 $internal_auth_protocol   = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'protocol', 'http')
-$internal_auth_address    = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [$service_endpoint, $management_vip])
+$internal_auth_address    = get_ssl_property($ssl_hash, {}, 'keystone', 'internal', 'hostname', [$keystone_host, $management_vip])
 $admin_auth_protocol      = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'protocol', 'http')
-$admin_auth_address       = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [$service_endpoint, $management_vip])
-
-$heat_protocol            = get_ssl_property($ssl_hash, {}, 'heat', 'internal', 'protocol', 'http')
-$heat_endpoint            = get_ssl_property($ssl_hash, {}, 'heat', 'internal', 'hostname', [hiera('heat_endpoint', ''), $management_vip])
-$internal_ssl             = get_ssl_property($ssl_hash, {}, 'heat', 'internal', 'usage', false)
+$admin_auth_address       = get_ssl_property($ssl_hash, {}, 'keystone', 'admin', 'hostname', [$keystone_host, $management_vip])

+$heat_protocol            = get_ssl_property($ssl_hash, {}, 'heat', 'public', 'protocol', 'http')
+$heat_endpoint            = get_ssl_property($ssl_hash, {}, 'heat', 'public', 'hostname', [hiera('heat_endpoint', ''), $public_vip])
 $public_ssl               = get_ssl_property($ssl_hash, {}, 'heat', 'public', 'usage', false)

-$auth_uri = "${public_auth_protocol}://${public_auth_address}:5000/v2.0/"
-$identity_uri = "${admin_auth_protocol}://${admin_auth_address}:35357/"
+$auth_uri                 = "${public_auth_protocol}://${public_auth_address}:5000/v2.0/"
+$identity_uri             = "${admin_auth_protocol}://${admin_auth_address}:35357/"
+$keystone_ec2_uri         = "${internal_auth_protocol}://${internal_auth_address}:5000/v2.0"
+
+$api_bind_port            = '8004'
+$api_cfn_bind_port        = '8000'
+$api_cloudwatch_bind_port = '8003'
+$metadata_server_url      = "${heat_protocol}://${heat_endpoint}:${api_cfn_bind_port}"
+$waitcondition_server_url = "${metadata_server_url}/v1/waitcondition"
+$watch_server_url         = "${heat_protocol}://${heat_endpoint}:${api_cloudwatch_bind_port}"
+

 $debug                    = pick($heat_hash['debug'], hiera('debug', false))
 $verbose                  = pick($heat_hash['verbose'], hiera('verbose', true))
-$default_log_levels       = hiera_hash('default_log_levels')
 $use_stderr               = hiera('use_stderr', false)
 $use_syslog               = hiera('use_syslog', true)
-$syslog_log_facility_heat = hiera('syslog_log_facility_heat')
+$syslog_log_facility      = hiera('syslog_log_facility_heat')
 $deployment_mode          = hiera('deployment_mode')
-$bind_address             = get_network_role_property('heat/api', 'ipaddr')
+$bind_host                = get_network_role_property('heat/api', 'ipaddr')
 $memcache_address         = get_network_role_property('mgmt/memcache', 'ipaddr')
 $keystone_user            = pick($heat_hash['user'], 'heat')
 $keystone_tenant          = pick($heat_hash['tenant'], 'services')
@ -86,47 +92,6 @@ if $::operatingsystem == 'Ubuntu' {
  Tweaks::Ubuntu_service_override['heat-engine']         -> Service['heat-engine']
 }

-class { 'openstack::heat' :
-  external_ip              => $management_vip,
-  keystone_auth            => pick($heat_hash['keystone_auth'], true),
-  api_bind_host            => $bind_address,
-  api_cfn_bind_host        => $bind_address,
-  api_cloudwatch_bind_host => $bind_address,
-  auth_uri                 => $auth_uri,
-  identity_uri             => $identity_uri,
-  keystone_protocol        => $keystone_protocol,
-  keystone_host            => $service_endpoint,
-  keystone_user            => $keystone_user,
-  keystone_password        => $heat_hash['user_password'],
-  keystone_tenant          => $keystone_tenant,
-  keystone_ec2_uri         => "${internal_auth_protocol}://${internal_auth_address}:5000/v2.0",
-  region                   => $region,
-  rpc_backend              => 'rabbit',
-  amqp_hosts               => split(hiera('amqp_hosts',''), ','),
-  heat_protocol            => $heat_protocol,
-  amqp_user                => $rabbit_hash['user'],
-  amqp_password            => $rabbit_hash['password'],
-  db_connection            => $db_connection,
-  max_retries              => $max_retries,
-  max_pool_size            => $max_pool_size,
-  max_overflow             => $max_overflow,
-  idle_timeout             => $idle_timeout,
-  primary_controller       => $primary_controller,
-  debug                    => $debug,
-  verbose                  => $verbose,
-  default_log_levels       => $default_log_levels,
-  use_syslog               => $use_syslog,
-  use_stderr               => $use_stderr,
-  syslog_log_facility      => $syslog_log_facility_heat,
-  auth_encryption_key      => $heat_hash['auth_encryption_key'],
-}
-
-if hiera('heat_ha_engine', true){
-  if ($deployment_mode == 'ha') or ($deployment_mode == 'ha_compact') {
-    include ::cluster::heat_engine
-  }
-}
-
 if $sahara_hash['enabled'] {
  heat_config {
    'DEFAULT/reauthentication_auth_method': value  => 'trusts';
@ -209,3 +174,96 @@ class mysql::server {}
 class mysql::config {}
 include mysql::server
 include mysql::config
+
+######################
+
+# No empty passwords allowed
+validate_string($amqp_password)
+
+Package<| title == 'heat-api-cfn' or title == 'heat-api-cloudwatch' |> ->
+Heat_config <|
+  title == 'DEFAULT/instance_connection_https_validate_certificates' or
+  title == 'DEFAULT/instance_connection_is_secure'
+|> ->
+Service<| title == 'heat-api-cfn' or title == 'heat-api-cloudwatch' |>
+
+# Syslog configuration
+if $use_syslog {
+  heat_config {
+    'DEFAULT/use_syslog_rfc_format': value => true;
+  }
+}
+
+# Common configuration, logging and RPC
+class { '::heat':
+  auth_uri              => $auth_uri,
+  identity_uri          => $identity_uri,
+  keystone_ec2_uri      => $keystone_ec2_uri,
+  keystone_user         => $keystone_user,
+  keystone_tenant       => $keystone_tenant,
+  keystone_password     => $heat_hash['user_password'],
+  region_name           => $region,
+
+  database_connection   => $db_connection,
+  database_idle_timeout => $idle_timeout,
+  sync_db               => $primary_controller,
+
+  rpc_backend           => 'rabbit',
+  rpc_response_timeout  => '600',
+  rabbit_hosts          => split(hiera('amqp_hosts',''), ','),
+  rabbit_userid         => $rabbit_hash['user'],
+  rabbit_password       => $rabbit_hash['password'],
+
+  log_dir               => '/var/log/heat',
+  verbose               => $verbose,
+  debug                 => $debug,
+  use_syslog            => $use_syslog,
+  use_stderr            => $use_stderr,
+  log_facility          => $syslog_log_facility,
+
+  max_template_size     => '5440000',
+  max_json_body_size    => '10880000',
+  notification_driver   => 'heat.openstack.common.notifier.rpc_notifier',
+
+  database_max_pool_size => $max_pool_size,
+  database_max_overflow  => $max_overflow,
+  database_max_retries   => $max_retries,
+}
+
+# Engine
+class { 'heat::engine' :
+  auth_encryption_key           => $heat_hash['auth_encryption_key'],
+  heat_metadata_server_url      => $metadata_server_url,
+  heat_waitcondition_server_url => $waitcondition_server_url,
+  heat_watch_server_url         => $watch_server_url,
+  # TODO(iberezovskiy) Added in 99ad7e2d, but not inline with upstream,
+  # please coment which to use
+  # https://github.com/openstack/puppet-heat/blob/master/manifests/engine.pp#L105
+  trusts_delegated_roles        => [],
+  max_resources_per_stack       => '20000',
+  instance_connection_https_validate_certificates => '1',
+  instance_connection_is_secure => '0',
+}
+
+if hiera('heat_ha_engine', true){
+  if ($deployment_mode == 'ha') or ($deployment_mode == 'ha_compact') {
+    include ::cluster::heat_engine
+  }
+}
+
+# Install the heat APIs
+class { 'heat::api':
+  bind_host => $bind_host,
+  bind_port => $api_bind_port,
+}
+class { 'heat::api_cfn' :
+  bind_host => $bind_host,
+  bind_port => $api_cfn_bind_port,
+}
+class { 'heat::api_cloudwatch' :
+  bind_host => $bind_host,
+  bind_port => $api_cloudwatch_bind_port,
+
+}
+# Client
+class { 'heat::client' :  }
--- a/tests/noop/spec/hosts/heat/heat_spec.rb
+++ b/tests/noop/spec/hosts/heat/heat_spec.rb
@ -80,8 +80,8 @@ describe manifest do
      else
        extra_params = '?charset=utf8'
      end
-      should contain_class('openstack::heat').with(
-        :db_connection => "mysql://#{heat_db_user}:#{heat_db_password}@#{database_vip}/#{heat_db_name}#{extra_params}"
+      should contain_class('heat').with(
+        :database_connection => "mysql://#{heat_db_user}:#{heat_db_password}@#{database_vip}/#{heat_db_name}#{extra_params}"
      )
    end

@ -98,10 +98,10 @@ describe manifest do
    end

    it 'should use auth_uri and identity_uri' do
-      should contain_class('openstack::heat').with(
-        'auth_uri'           => "#{public_auth_protocol}://#{public_auth_address}:5000/v2.0/",
-        'identity_uri'       => "#{admin_auth_protocol}://#{admin_auth_address}:35357/",
-        'primary_controller' => primary_controller,
+      should contain_class('heat').with(
+        'auth_uri'      => "#{public_auth_protocol}://#{public_auth_address}:5000/v2.0/",
+        'identity_uri'  => "#{admin_auth_protocol}://#{admin_auth_address}:35357/",
+        'sync_db'       => primary_controller,
      )
    end