68d56c4ef0
Swift heat configuration to use the new authtoken manifest. Change-Id: I332b8412cce2079652b4c2a47157a382f86b90e0
94 lines
3.5 KiB
Puppet
94 lines
3.5 KiB
Puppet
class openstack_integration::heat {
|
|
|
|
include ::openstack_integration::config
|
|
include ::openstack_integration::params
|
|
|
|
rabbitmq_user { 'heat':
|
|
admin => true,
|
|
password => 'an_even_bigger_secret',
|
|
provider => 'rabbitmqctl',
|
|
require => Class['::rabbitmq'],
|
|
}
|
|
rabbitmq_user_permissions { 'heat@/':
|
|
configure_permission => '.*',
|
|
write_permission => '.*',
|
|
read_permission => '.*',
|
|
provider => 'rabbitmqctl',
|
|
require => Class['::rabbitmq'],
|
|
}
|
|
|
|
if $::openstack_integration::config::ssl {
|
|
openstack_integration::ssl_key { 'heat':
|
|
require => Package['heat-common'],
|
|
}
|
|
$key_file = "/etc/heat/ssl/private/${::fqdn}.pem"
|
|
$crt_file = $::openstack_integration::params::cert_path
|
|
File[$key_file] ~> Service<| tag == 'heat-service' |>
|
|
Exec['update-ca-certificates'] ~> Service<| tag == 'heat-service' |>
|
|
} else {
|
|
$key_file = undef
|
|
$crt_file = undef
|
|
}
|
|
|
|
class { '::heat::keystone::authtoken':
|
|
password => 'a_big_secret',
|
|
user_domain_name => 'Default',
|
|
project_domain_name => 'Default',
|
|
auth_url => $::openstack_integration::config::keystone_admin_uri,
|
|
auth_uri => $::openstack_integration::config::keystone_auth_uri,
|
|
memcached_servers => $::openstack_integration::config::memcached_servers,
|
|
}
|
|
class { '::heat':
|
|
rabbit_userid => 'heat',
|
|
rabbit_password => 'an_even_bigger_secret',
|
|
rabbit_host => $::openstack_integration::config::ip_for_url,
|
|
rabbit_use_ssl => $::openstack_integration::config::ssl,
|
|
rabbit_port => $::openstack_integration::config::rabbit_port,
|
|
database_connection => 'mysql+pymysql://heat:heat@127.0.0.1/heat?charset=utf8',
|
|
debug => true,
|
|
}
|
|
class { '::heat::db::mysql':
|
|
password => 'heat',
|
|
}
|
|
class { '::heat::keystone::auth':
|
|
password => 'a_big_secret',
|
|
configure_delegated_roles => true,
|
|
public_url => "${::openstack_integration::config::base_url}:8004/v1/%(tenant_id)s",
|
|
internal_url => "${::openstack_integration::config::base_url}:8004/v1/%(tenant_id)s",
|
|
admin_url => "${::openstack_integration::config::base_url}:8004/v1/%(tenant_id)s",
|
|
}
|
|
class { '::heat::keystone::domain':
|
|
domain_password => 'oh_my_no_secret',
|
|
}
|
|
Keystone_user_role['heat_admin::heat@::heat'] -> File['/root/openrc']
|
|
class { '::heat::client': }
|
|
class { '::heat::api':
|
|
bind_host => $::openstack_integration::config::host,
|
|
workers => '2',
|
|
use_ssl => $::openstack_integration::config::ssl,
|
|
cert_file => $crt_file,
|
|
key_file => $key_file,
|
|
}
|
|
class { '::heat::engine':
|
|
auth_encryption_key => '1234567890AZERTYUIOPMLKJHGFDSQ12',
|
|
heat_metadata_server_url => "${::openstack_integration::config::base_url}:8000",
|
|
heat_waitcondition_server_url => "${::openstack_integration::config::base_url}:8000/v1/waitcondition",
|
|
heat_watch_server_url => "${::openstack_integration::config::base_url}:8003",
|
|
}
|
|
class { '::heat::api_cloudwatch':
|
|
bind_host => $::openstack_integration::config::host,
|
|
workers => '2',
|
|
use_ssl => $::openstack_integration::config::ssl,
|
|
cert_file => $crt_file,
|
|
key_file => $key_file,
|
|
}
|
|
class { '::heat::api_cfn':
|
|
bind_host => $::openstack_integration::config::host,
|
|
workers => '2',
|
|
use_ssl => $::openstack_integration::config::ssl,
|
|
cert_file => $crt_file,
|
|
key_file => $key_file,
|
|
}
|
|
|
|
}
|