Heat: remove oslo-genconfig

This PS removes the modified oslo-genconfig from heat.

Partially implements: blueprint remove-pregenerated-config-templates

Change-Id: Ib4a5e1c41874e3a2eb15b5002538a2193f07ab04
This commit is contained in:
Pete Birley 2017-09-20 01:14:38 -05:00
parent 9e117ce95b
commit 6df59fc3d9
11 changed files with 155 additions and 3220 deletions

View File

@ -17,99 +17,96 @@ limitations under the License.
{{- if .Values.manifests.configmap_etc }}
{{- $envAll := . }}
{{- include "heat.conf.heat_values_skeleton" .Values.conf.heat | trunc 0 -}}
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "auth_uri" | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.keystone_authtoken.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken "auth_uri" | quote | trunc 0 -}}
{{- end -}}
# FIXME(alanmeadows) fix for broken keystonemiddleware oslo config gen in newton - will remove in future
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.keystone_authtoken.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken "auth_url" | quote | trunc 0 -}}
{{- end -}}
# Set a random string as secret key.
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.memcache_secret_key -}}
{{- randAlphaNum 64 | set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "memcache_secret_key" | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.keystone_authtoken.memcache_secret_key -}}
{{- randAlphaNum 64 | set .Values.conf.heat.keystone_authtoken "memcache_secret_key" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.region_name -}}
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.keystone_authtoken.region_name -}}
{{- set .Values.conf.heat.keystone_authtoken "region_name" .Values.endpoints.identity.auth.user.region_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.project_name -}}
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.keystone_authtoken.project_name -}}
{{- set .Values.conf.heat.keystone_authtoken "project_name" .Values.endpoints.identity.auth.user.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.project_domain_name -}}
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.heat.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.user.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.user_domain_name -}}
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.heat.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.user.user_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.username -}}
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.keystone_authtoken.username -}}
{{- set .Values.conf.heat.keystone_authtoken "username" .Values.endpoints.identity.auth.user.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.password -}}
{{- set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.keystone_authtoken.password -}}
{{- set .Values.conf.heat.keystone_authtoken "password" .Values.endpoints.identity.auth.user.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.trustee.heat.common.context.region_name -}}
{{- set .Values.conf.heat.trustee.heat.common.context "region_name" .Values.endpoints.identity.auth.trustee.region_name | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.trustee.region_name -}}
{{- set .Values.conf.heat.trustee "region_name" .Values.endpoints.identity.auth.trustee.region_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.trustee.heat.common.context.project_name -}}
{{- set .Values.conf.heat.trustee.heat.common.context "project_name" .Values.endpoints.identity.auth.trustee.project_name | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.trustee.project_name -}}
{{- set .Values.conf.heat.trustee "project_name" .Values.endpoints.identity.auth.trustee.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.trustee.heat.common.context.project_domain_name -}}
{{- set .Values.conf.heat.trustee.heat.common.context "project_domain_name" .Values.endpoints.identity.auth.trustee.project_domain_name | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.trustee.project_domain_name -}}
{{- set .Values.conf.heat.trustee "project_domain_name" .Values.endpoints.identity.auth.trustee.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.trustee.heat.common.context.user_domain_name -}}
{{- set .Values.conf.heat.trustee.heat.common.context "user_domain_name" .Values.endpoints.identity.auth.trustee.user_domain_name | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.trustee.user_domain_name -}}
{{- set .Values.conf.heat.trustee "user_domain_name" .Values.endpoints.identity.auth.trustee.user_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.trustee.heat.common.context.username -}}
{{- set .Values.conf.heat.trustee.heat.common.context "username" .Values.endpoints.identity.auth.trustee.username | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.trustee.username -}}
{{- set .Values.conf.heat.trustee "username" .Values.endpoints.identity.auth.trustee.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.trustee.heat.common.context.password -}}
{{- set .Values.conf.heat.trustee.heat.common.context "password" .Values.endpoints.identity.auth.trustee.password | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.trustee.password -}}
{{- set .Values.conf.heat.trustee "password" .Values.endpoints.identity.auth.trustee.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.stack_user_domain_name -}}
{{- set .Values.conf.heat.default.heat.common.config "stack_user_domain_name" .Values.endpoints.identity.auth.stack_user.region_name | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.DEFAULT.stack_user_domain_name -}}
{{- set .Values.conf.heat.DEFAULT "stack_user_domain_name" .Values.endpoints.identity.auth.stack_user.region_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.stack_domain_admin -}}
{{- set .Values.conf.heat.default.heat.common.config "stack_domain_admin" .Values.endpoints.identity.auth.stack_user.username | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.DEFAULT.stack_domain_admin -}}
{{- set .Values.conf.heat.DEFAULT "stack_domain_admin" .Values.endpoints.identity.auth.stack_user.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.stack_domain_admin_password -}}
{{- set .Values.conf.heat.default.heat.common.config "stack_domain_admin_password" .Values.endpoints.identity.auth.stack_user.password | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.DEFAULT.stack_domain_admin_password -}}
{{- set .Values.conf.heat.DEFAULT "stack_domain_admin_password" .Values.endpoints.identity.auth.stack_user.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.keystone_authtoken.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.database.oslo.db.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database.oslo.db "connection" | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.database.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database "connection" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.default.oslo.messaging.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.heat.default.oslo.messaging "transport_url" | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.heat.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.heat_metadata_server_url -}}
{{- tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.cloudformation.path.default | set .Values.conf.heat.default.heat.common.config "heat_metadata_server_url" | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.DEFAULT.heat_metadata_server_url -}}
{{- tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.cloudformation.path.default | set .Values.conf.heat.DEFAULT "heat_metadata_server_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.heat_waitcondition_server_url -}}
{{- cat (tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup") "waitcondition" | replace " " "/" | set .Values.conf.heat.default.heat.common.config "heat_waitcondition_server_url" | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.DEFAULT.heat_waitcondition_server_url -}}
{{- cat (tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup") "waitcondition" | replace " " "/" | set .Values.conf.heat.DEFAULT "heat_waitcondition_server_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.heat_watch_server_url -}}
{{- tuple "cloudwatch" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix "/" | set .Values.conf.heat.default.heat.common.config "heat_watch_server_url" | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.DEFAULT.heat_watch_server_url -}}
{{- tuple "cloudwatch" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix "/" | set .Values.conf.heat.DEFAULT "heat_watch_server_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.clients_keystone.heat.common.config.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.clients_keystone.heat.common.config "auth_uri" | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.clients_keystone.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.clients_keystone "auth_uri" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.trustee.heat.common.context.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.trustee.heat.common.context "auth_url" | quote | trunc 0 -}}
{{- if empty .Values.conf.heat.trustee.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.trustee "auth_url" | quote | trunc 0 -}}
{{- end -}}
---
@ -119,9 +116,9 @@ metadata:
name: heat-etc
data:
heat.conf: |+
{{- tuple .Values.conf.heat "etc/_heat.conf.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.heat | indent 4 }}
api-paste.ini: |+
{{- tuple .Values.conf.paste "etc/_api-paste.ini.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }}
policy.json: |+
{{ toJson .Values.conf.policy | indent 4 }}
{{- end }}

View File

@ -59,10 +59,10 @@ spec:
- /tmp/heat-api.sh
- stop
ports:
- containerPort: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
- containerPort: {{ .Values.conf.heat.heat_api.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
port: {{ .Values.conf.heat.heat_api.bind_port }}
volumeMounts:
- name: pod-etc-heat
mountPath: /etc/heat

View File

@ -59,10 +59,10 @@ spec:
- /tmp/heat-cfn.sh
- stop
ports:
- containerPort: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
- containerPort: {{ .Values.conf.heat.heat_api_cfn.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
port: {{ .Values.conf.heat.heat_api_cfn.bind_port }}
volumeMounts:
- name: pod-etc-heat
mountPath: /etc/heat

View File

@ -59,10 +59,10 @@ spec:
- /tmp/heat-cloudwatch.sh
- stop
ports:
- containerPort: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
- containerPort: {{ .Values.conf.heat.heat_api_cloudwatch.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
port: {{ .Values.conf.heat.heat_api_cloudwatch.bind_port }}
volumeMounts:
- name: pod-etc-heat
mountPath: /etc/heat

View File

@ -1,105 +0,0 @@
# heat-api pipeline
[pipeline:heat-api]
pipeline = cors request_id faultwrap http_proxy_to_wsgi versionnegotiation osprofiler authurl authtoken context apiv1app
# heat-api pipeline for standalone heat
# ie. uses alternative auth backend that authenticates users against keystone
# using username and password instead of validating token (which requires
# an admin/service token).
# To enable, in heat.conf:
# [paste_deploy]
# flavor = standalone
#
[pipeline:heat-api-standalone]
pipeline = cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authpassword context apiv1app
# heat-api pipeline for custom cloud backends
# i.e. in heat.conf:
# [paste_deploy]
# flavor = custombackend
#
[pipeline:heat-api-custombackend]
pipeline = cors request_id faultwrap versionnegotiation context custombackendauth apiv1app
# heat-api-cfn pipeline
[pipeline:heat-api-cfn]
pipeline = cors http_proxy_to_wsgi cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app
# heat-api-cfn pipeline for standalone heat
# relies exclusively on authenticating with ec2 signed requests
[pipeline:heat-api-cfn-standalone]
pipeline = cors http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app
# heat-api-cloudwatch pipeline
[pipeline:heat-api-cloudwatch]
pipeline = cors versionnegotiation osprofiler ec2authtoken authtoken context apicwapp
# heat-api-cloudwatch pipeline for standalone heat
# relies exclusively on authenticating with ec2 signed requests
[pipeline:heat-api-cloudwatch-standalone]
pipeline = cors versionnegotiation ec2authtoken context apicwapp
[app:apiv1app]
paste.app_factory = heat.common.wsgi:app_factory
heat.app_factory = heat.api.openstack.v1:API
[app:apicfnv1app]
paste.app_factory = heat.common.wsgi:app_factory
heat.app_factory = heat.api.cfn.v1:API
[app:apicwapp]
paste.app_factory = heat.common.wsgi:app_factory
heat.app_factory = heat.api.cloudwatch:API
[filter:versionnegotiation]
paste.filter_factory = heat.common.wsgi:filter_factory
heat.filter_factory = heat.api.openstack:version_negotiation_filter
[filter:cors]
paste.filter_factory = oslo_middleware.cors:filter_factory
oslo_config_project = heat
[filter:faultwrap]
paste.filter_factory = heat.common.wsgi:filter_factory
heat.filter_factory = heat.api.openstack:faultwrap_filter
[filter:cfnversionnegotiation]
paste.filter_factory = heat.common.wsgi:filter_factory
heat.filter_factory = heat.api.cfn:version_negotiation_filter
[filter:cwversionnegotiation]
paste.filter_factory = heat.common.wsgi:filter_factory
heat.filter_factory = heat.api.cloudwatch:version_negotiation_filter
[filter:context]
paste.filter_factory = heat.common.context:ContextMiddleware_filter_factory
[filter:ec2authtoken]
paste.filter_factory = heat.api.aws.ec2token:EC2Token_filter_factory
[filter:http_proxy_to_wsgi]
paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory
# Middleware to set auth_url header appropriately
[filter:authurl]
paste.filter_factory = heat.common.auth_url:filter_factory
# Auth middleware that validates token against keystone
[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
# Auth middleware that validates username/password against keystone
[filter:authpassword]
paste.filter_factory = heat.common.auth_password:filter_factory
# Auth middleware that validates against custom backend
[filter:custombackendauth]
paste.filter_factory = heat.common.custom_backend_auth:filter_factory
# Middleware to set x-openstack-request-id in http response header
[filter:request_id]
paste.filter_factory = oslo_middleware.request_id:RequestId.factory
[filter:osprofiler]
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory

File diff suppressed because it is too large Load Diff

View File

@ -1,16 +1,18 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.trusts }}
@ -52,7 +54,7 @@ spec:
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
- name: SERVICE_OS_ROLES
value: {{ .Values.conf.heat.default.heat.common.config.trusts_delegated_roles }}
value: {{ .Values.conf.heat.DEFAULT.trusts_delegated_roles }}
- name: SERVICE_OS_TRUSTEE
value: {{ .Values.endpoints.identity.auth.trustee.username }}
volumes:

View File

@ -24,7 +24,7 @@ metadata:
spec:
ports:
- name: h-api
port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
port: {{ .Values.conf.heat.heat_api.bind_port }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}

View File

@ -24,7 +24,7 @@ metadata:
spec:
ports:
- name: h-cfn
port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
port: {{ .Values.conf.heat.heat_api_cfn.bind_port }}
{{ if .Values.network.cfn.node_port.enabled }}
nodePort: {{ .Values.network.cfn.node_port.port }}
{{ end }}

View File

@ -24,7 +24,7 @@ metadata:
spec:
ports:
- name: h-cwh
port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
port: {{ .Values.conf.heat.heat_api_cloudwatch.bind_port }}
{{ if .Values.network.cloudwatch.node_port.enabled }}
nodePort: {{ .Values.network.cloudwatch.node_port.port }}
{{ end }}

View File

@ -39,8 +39,62 @@ images:
conf:
paste:
override:
append:
pipeline:heat-api:
pipeline: cors request_id faultwrap http_proxy_to_wsgi versionnegotiation osprofiler authurl authtoken context apiv1app
pipeline:heat-api-standalone:
pipeline: cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authpassword context apiv1app
pipeline:heat-api-custombackend:
pipeline: cors request_id faultwrap versionnegotiation context custombackendauth apiv1app
pipeline:heat-api-cfn:
pipeline: cors http_proxy_to_wsgi cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app
pipeline:heat-api-cfn-standalone:
pipeline: cors http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app
pipeline:heat-api-cloudwatch:
pipeline: cors versionnegotiation osprofiler ec2authtoken authtoken context apicwapp
pipeline:heat-api-cloudwatch-standalone:
pipeline: cors versionnegotiation ec2authtoken context apicwapp
app:apiv1app:
paste.app_factory: heat.common.wsgi:app_factory
heat.app_factory: heat.api.openstack.v1:API
app:apicfnv1app:
paste.app_factory: heat.common.wsgi:app_factory
heat.app_factory: heat.api.cfn.v1:API
app:apicwapp:
paste.app_factory: heat.common.wsgi:app_factory
heat.app_factory: heat.api.cloudwatch:API
filter:versionnegotiation:
paste.filter_factory: heat.common.wsgi:filter_factory
heat.filter_factory: heat.api.openstack:version_negotiation_filter
filter:cors:
paste.filter_factory: oslo_middleware.cors:filter_factory
oslo_config_project: heat
filter:faultwrap:
paste.filter_factory: heat.common.wsgi:filter_factory
heat.filter_factory: heat.api.openstack:faultwrap_filter
filter:cfnversionnegotiation:
paste.filter_factory: heat.common.wsgi:filter_factory
heat.filter_factory: heat.api.cfn:version_negotiation_filter
filter:cwversionnegotiation:
paste.filter_factory: heat.common.wsgi:filter_factory
heat.filter_factory: heat.api.cloudwatch:version_negotiation_filter
filter:context:
paste.filter_factory: heat.common.context:ContextMiddleware_filter_factory
filter:ec2authtoken:
paste.filter_factory: heat.api.aws.ec2token:EC2Token_filter_factory
filter:http_proxy_to_wsgi:
paste.filter_factory: oslo_middleware:HTTPProxyToWSGI.factory
filter:authurl:
paste.filter_factory: heat.common.auth_url:filter_factory
filter:authtoken:
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
filter:authpassword:
paste.filter_factory: heat.common.auth_password:filter_factory
filter:custombackendauth:
paste.filter_factory: heat.common.custom_backend_auth:filter_factory
filter:request_id:
paste.filter_factory: oslo_middleware.request_id:RequestId.factory
filter:osprofiler:
paste.filter_factory: osprofiler.web:WsgiMiddleware.factory
policy:
context_is_admin: role:admin and is_admin_project:True
project_admin: role:admin
@ -131,58 +185,33 @@ conf:
resource_types:OS::Nova::HostAggregate: rule:project_admin
resource_types:OS::Cinder::QoSSpecs: rule:project_admin
heat:
override:
append:
default:
heat:
common:
config:
num_engine_workers: 4
trusts_delegated_roles: ""
DEFAULT:
num_engine_workers: 4
trusts_delegated_roles: ""
keystone_authtoken:
keystonemiddleware:
auth_token:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
database:
max_retries: -1
trustee:
heat:
common:
context:
auth_type: password
auth_version: v3
auth_type: password
auth_version: v3
heat_api:
heat:
common:
wsgi:
bind_port: 8004
workers: 4
bind_port: 8004
workers: 4
heat_api_cloudwatch:
heat:
common:
wsgi:
bind_port: 8003
workers: 4
bind_port: 8003
workers: 4
heat_api_cfn:
heat:
common:
wsgi:
bind_port: 8000
workers: 4
bind_port: 8000
workers: 4
paste_deploy:
heat.common:
config:
api_paste_config: /etc/heat/api-paste.ini
api_paste_config: /etc/heat/api-paste.ini
clients:
heat:
common:
config:
endpoint_type: internalURL
endpoint_type: internalURL
clients_keystone:
heat:
common:
config:
endpoint_type: internalURL
endpoint_type: internalURL
network:
api: