heat_template_version: 2014-10-16 description: > This is a nested stack that defines software configs for Mesos slave. parameters: executor_registration_timeout: type: string description: > Amount of time to wait for an executor to register with the slave before considering it hung and shutting it down http_proxy: type: string description: http proxy address for docker https_proxy: type: string description: https proxy address for docker no_proxy: type: string description: no proxies for docker auth_url: type: string description: > url for mesos to authenticate before sending request username: type: string description: user name password: type: string description: > user password, not set in current implementation, only used to fill in for Kubernetes config file hidden: true tenant_name: type: string description: > tenant_name is used to isolate access to Compute resources volume_driver: type: string description: volume driver to use for container storage region_name: type: string description: A logically separate section of the cluster domain_name: type: string description: > domain is to define the administrative boundaries for management of Keystone entities rexray_preempt: type: string description: > enables any host to take control of a volume irrespective of whether other hosts are using the volume verify_ca: type: boolean description: whether or not to validate certificate authority mesos_slave_isolation: type: string description: > Isolation mechanisms to use, e.g., `posix/cpu,posix/mem`, or `cgroups/cpu,cgroups/mem`, or network/port_mapping (configure with flag: `--with-network-isolator` to enable), or `cgroups/devices/gpus/nvidia` for nvidia specific gpu isolation (configure with flag: `--enable-nvidia -gpu-support` to enable), or `external`, or load an alternate isolator module using the `--modules` flag. Note that this flag is only relevant for the Mesos Containerizer. mesos_slave_work_dir: type: string description: directory path to place framework work directories mesos_slave_image_providers: type: string description: > Comma separated list of supported image providers e.g., APPC,DOCKER mesos_slave_executor_env_variables: type: string description: > JSON object representing the environment variables that should be passed to the executor, and thus subsequently task(s). By default the executor, executor will inherit the slave's environment variables. mesos_masters_ips: type: string description: IP addresses of the Mesos master servers. mesos_slave_wc_curl_cli: type: string description: Wait condition notify command for slave. openstack_ca: type: string description: The OpenStack CA certificate to install on the node. resources: ###################################################################### # # software configs. these are components that are combined into # a multipart MIME user-data archive. # write_heat_params: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: str_replace: template: {get_file: fragments/write-heat-params.yaml} params: "$MESOS_MASTERS_IPS": {get_param: mesos_masters_ips} "$EXECUTOR_REGISTRATION_TIMEOUT": {get_param: executor_registration_timeout} "$HTTP_PROXY": {get_param: http_proxy} "$HTTPS_PROXY": {get_param: https_proxy} "$NO_PROXY": {get_param: no_proxy} "$AUTH_URL": {get_param: auth_url} "$USERNAME": {get_param: username} "$PASSWORD": {get_param: password} "$TENANT_NAME": {get_param: tenant_name} "$VOLUME_DRIVER": {get_param: volume_driver} "$REGION_NAME": {get_param: region_name} "$DOMAIN_NAME": {get_param: domain_name} "$REXRAY_PREEMPT": {get_param: rexray_preempt} "$ISOLATION": {get_param: mesos_slave_isolation} "$WORK_DIR": {get_param: mesos_slave_work_dir} "$IMAGE_PROVIDERS": {get_param: mesos_slave_image_providers} "$EXECUTOR_ENVIRONMENT_VARIABLES": {get_param: mesos_slave_executor_env_variables} add_ext_ca_certs: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: str_replace: template: {get_file: fragments/add-ext-ca-certs.sh} params: "@@CACERTS_CONTENT@@": {get_param: openstack_ca} configure_mesos_slave: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: {get_file: fragments/configure-mesos-slave.sh} start_services: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: {get_file: fragments/start-services-slave.sh} slave_wc_notify: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: str_replace: template: | #!/bin/bash -v wc_notify $VERIFY_CA --data-binary '{"status": "SUCCESS"}' params: wc_notify: {get_param: mesos_slave_wc_curl_cli} "$VERIFY_CA": {get_param: verify_ca} add_proxy: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: {get_file: fragments/add-proxy.sh} volume_service: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: {get_file: fragments/volume-service.sh} mesos_slave_init: type: OS::Heat::MultipartMime properties: parts: - config: {get_resource: add_ext_ca_certs} - config: {get_resource: write_heat_params} - config: {get_resource: configure_mesos_slave} - config: {get_resource: add_proxy} - config: {get_resource: volume_service} - config: {get_resource: start_services} - config: {get_resource: slave_wc_notify} outputs: mesos_init: value: {get_resource: mesos_slave_init} description: ID of the multipart mime.