204 lines
6.4 KiB
YAML
204 lines
6.4 KiB
YAML
- id: openrc-delete
|
|
type: puppet
|
|
version: 2.2.0
|
|
tags: [primary-controller, controller,
|
|
primary-keystone, keystone, primary-neutron, neutron]
|
|
requires: [deploy_start, openstack-haproxy]
|
|
required_for: [primary-keystone, keystone]
|
|
cross-depends:
|
|
- name: deploy_start
|
|
role: self
|
|
- name: openstack-haproxy
|
|
cross-depended-by:
|
|
- name: /^(primary-)?keystone$/
|
|
role: self
|
|
condition:
|
|
yaql_exp: &keystone_changed >
|
|
changedAny($.configuration, $.network_scheme, $.network_metadata,
|
|
$.keystone, $.debug, $.quantum, $.get('use_syslog'),
|
|
$.get('use_stderr'), $.access, $.get('database_vip'), $.glance, $.nova,
|
|
$.cinder, $.ceilometer, $.get('syslog_log_facility_keystone'), $.rabbit,
|
|
$.quantum_settings.keystone, $.get('default_log_levels'),
|
|
('primary-controller' in $.roles), $.get('kombu_compression'),
|
|
$.get('region'), $.public_ssl, $.get('use_ssl'),
|
|
$.get('memcached_servers'),
|
|
$.network_metadata.nodes.values().where(
|
|
('controller' in $.node_roles) or
|
|
('primary-controller' in $.node_roles)),
|
|
$.get('token_provider'), $.get('max_pool_size'), $.get('max_overflow'),
|
|
$.murano_settings, $.murano, $.get('external_lb'), $.operator_user,
|
|
$.service_user, $.get('apache_ports'), $.get('user_admin_role'), $.get('user_admin_domain'))
|
|
refresh_on: [keystone_config]
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/openrc_delete.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 90
|
|
|
|
- id: keystone-openrc-generate
|
|
type: puppet
|
|
version: 2.2.0
|
|
tags: [primary-controller, controller, primary-neutron, neutron, ironic]
|
|
requires: [openrc-delete, primary-keystone, keystone]
|
|
cross-depends:
|
|
- name: openrc-delete
|
|
role: self
|
|
- name: /^(primary-)?keystone$/
|
|
condition:
|
|
yaql_exp: *keystone_changed
|
|
refresh_on: [keystone_config]
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/openrc_generate.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 3600
|
|
|
|
- id: primary-keystone
|
|
type: puppet
|
|
version: 2.2.0
|
|
tags: [primary-keystone]
|
|
required_for: [primary-openstack-controller, openstack-controller]
|
|
requires: [openstack-haproxy, database, primary-database]
|
|
condition:
|
|
yaql_exp: *keystone_changed
|
|
refresh_on: [keystone_config]
|
|
cross-depends:
|
|
- name: /^(primary-)?rabbitmq$/
|
|
- name: /^(primary-)?database$/
|
|
- name: keystone-db
|
|
- name: openstack-haproxy
|
|
- name: memcached
|
|
cross-depended-by:
|
|
- name: /^(primary-)?openstack-controller$/
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/keystone.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 3600
|
|
test_pre:
|
|
cmd: ruby /etc/puppet/modules/openstack_tasks/examples/keystone/keystone_pre.rb
|
|
test_post:
|
|
cmd: ruby /etc/puppet/modules/openstack_tasks/examples/keystone/keystone_post.rb
|
|
|
|
- id: keystone
|
|
type: puppet
|
|
tags: [keystone]
|
|
version: 2.2.0
|
|
required_for: [primary-openstack-controller, openstack-controller]
|
|
requires: [openstack-haproxy, database, primary-database]
|
|
condition:
|
|
yaql_exp: *keystone_changed
|
|
refresh_on: [keystone_config]
|
|
cross-depends:
|
|
- name: /^(primary-)?rabbitmq$/
|
|
- name: /^(primary-)?database$/
|
|
- name: keystone-db
|
|
- name: openstack-haproxy
|
|
- name: primary-keystone
|
|
cross-depended-by:
|
|
- name: /^(primary-)?openstack-controller$/
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/keystone.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 3600
|
|
test_pre:
|
|
cmd: ruby /etc/puppet/modules/openstack_tasks/examples/keystone/keystone_pre.rb
|
|
test_post:
|
|
cmd: ruby /etc/puppet/modules/openstack_tasks/examples/keystone/keystone_post.rb
|
|
|
|
- id: keystone-db
|
|
type: puppet
|
|
version: 2.2.0
|
|
tags: [primary-database]
|
|
required_for: [keystone, primary-keystone]
|
|
requires: [primary-database, database]
|
|
cross-depends:
|
|
- name: /^(primary-)?database$/
|
|
cross-depended-by:
|
|
- name: /^(primary-)?keystone$/
|
|
condition:
|
|
yaql_exp: >
|
|
changedAny($.network_metadata, $.keystone, $.mysql,
|
|
$.get('database_vip'))
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/db.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 1800
|
|
|
|
- id: workloads_collector_add
|
|
type: puppet
|
|
version: 2.2.0
|
|
tags: [primary-keystone]
|
|
required_for: [deploy_end]
|
|
requires: [keystone, primary-keystone]
|
|
cross-depends:
|
|
- name: /^(primary-)?keystone$/
|
|
role: self
|
|
cross-depended-by:
|
|
- name: deploy_end
|
|
role: self
|
|
condition:
|
|
yaql_exp: >
|
|
changedAny($.workloads_collector, $.get('external_lb'),
|
|
$.get('use_ssl'), $.network_metadata.get('vips',{}).get('management'))
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/workloads_collector_add.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 1800
|
|
|
|
- id: generate_changed_admin_user
|
|
version: 2.1.0
|
|
type: upload_file
|
|
role: master
|
|
condition:
|
|
yaql_exp: &changed_username >
|
|
changed($.access.user)
|
|
requires: [copy_cluster_configuration]
|
|
required_for: [pre_deployment_end]
|
|
parameters:
|
|
path: /etc/fuel/cluster/{CLUSTER_ID}/old_admin_user.yaml
|
|
permissions: '0640'
|
|
dir_permissions: '0750'
|
|
data:
|
|
yaql_exp: '{"old_access" => old($).get("access", {})}.toYaml()'
|
|
|
|
- id: copy_changed_admin_user
|
|
type: copy_files
|
|
version: 2.1.0
|
|
role: ['/.*/']
|
|
condition:
|
|
yaql_exp: *changed_username
|
|
required_for: [pre_deployment_end]
|
|
requires: [generate_changed_admin_user]
|
|
cross-depends:
|
|
- name: generate_changed_admin_user
|
|
role: master
|
|
cross-depended-by:
|
|
- name: pre_deployment_end
|
|
role: self
|
|
parameters:
|
|
files:
|
|
- src: /etc/fuel/cluster/{CLUSTER_ID}/old_admin_user.yaml
|
|
dst: /etc/hiera/old_admin_user.yaml
|
|
permissions: '0640'
|
|
dir_permissions: '0750'
|
|
|
|
- id: delete_old_admin_user
|
|
version: 2.2.0
|
|
type: puppet
|
|
tags: [primary-keystone]
|
|
condition:
|
|
yaql_exp: *changed_username
|
|
requires: [post_deployment_start, primary-keystone]
|
|
required_for: [post_deployment_end]
|
|
cross-depends:
|
|
- name: post_deployment_start
|
|
role: self
|
|
- name: primary-keystone
|
|
role: self
|
|
cross-depended-by:
|
|
- name: post_deployment_end
|
|
role: self
|
|
parameters:
|
|
puppet_manifest: /etc/puppet/modules/openstack_tasks/examples/keystone/purge_old_admin.pp
|
|
puppet_modules: /etc/puppet/modules
|
|
timeout: 180
|
|
cwd: /
|