Allow disabling puppet tasks to configure apache/vhost
The new parameter allows to toggle the apache configuration management. This will be useful once we get [1] so that we can migrate services to the new configuration management one by one. [1] https://review.opendev.org/c/openstack/tripleo-ansible/+/853481 Change-Id: Id1ddbae4946e5c428d0f21ef89e20a11665a370e
This commit is contained in:
parent
fa9c791fb7
commit
0592be3ad6
|
@ -52,6 +52,10 @@
|
|||
# (Optional) Whether aodh expirer should be configured
|
||||
# Defaults to lookup('enable_aodh_expirer', undef, undef, true)
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::aodh::api (
|
||||
$aodh_network = lookup('aodh_api_network', undef, undef, undef),
|
||||
$bootstrap_node = lookup('aodh_api_bootstrap_node_name', undef, undef, undef),
|
||||
|
@ -59,6 +63,7 @@ class tripleo::profile::base::aodh::api (
|
|||
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
|
||||
$step = Integer(lookup('step')),
|
||||
$enable_aodh_expirer = true,
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
$is_bootstrap = true
|
||||
|
@ -83,10 +88,12 @@ class tripleo::profile::base::aodh::api (
|
|||
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
|
||||
include aodh::api
|
||||
include aodh::healthcheck
|
||||
include tripleo::profile::base::apache
|
||||
class { 'aodh::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'aodh::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -95,7 +95,11 @@
|
|||
# [*oslomsg_notify_use_ssl*]
|
||||
# Enable ssl oslo messaging services
|
||||
# Defaults to lookup('oslo_messaging_notify_use_ssl', undef, undef, '0')
|
||||
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::barbican::api (
|
||||
$barbican_network = lookup('barbican_api_network', undef, undef, undef),
|
||||
$bootstrap_node = lookup('barbican_api_bootstrap_node_name', undef, undef, undef),
|
||||
|
@ -114,6 +118,7 @@ class tripleo::profile::base::barbican::api (
|
|||
$oslomsg_notify_port = lookup('oslo_messaging_notify_port', undef, undef, '5672'),
|
||||
$oslomsg_notify_username = lookup('oslo_messaging_notify_user_name', undef, undef, 'guest'),
|
||||
$oslomsg_notify_use_ssl = lookup('oslo_messaging_notify_use_ssl', undef, undef, '0'),
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
$sync_db = true
|
||||
|
@ -165,10 +170,12 @@ class tripleo::profile::base::barbican::api (
|
|||
include barbican::healthcheck
|
||||
include barbican::keystone::notification
|
||||
include barbican::quota
|
||||
include tripleo::profile::base::apache
|
||||
class { 'barbican::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'barbican::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -48,12 +48,17 @@
|
|||
# for more details.
|
||||
# Defaults to Integer(lookup('step'))
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::cinder::api (
|
||||
$bootstrap_node = lookup('cinder_api_short_bootstrap_node_name', undef, undef, undef),
|
||||
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
|
||||
$cinder_api_network = lookup('cinder_api_network', undef, undef, undef),
|
||||
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
|
||||
$step = Integer(lookup('step')),
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
|
@ -81,10 +86,12 @@ class tripleo::profile::base::cinder::api (
|
|||
sync_db => $sync_db,
|
||||
}
|
||||
include cinder::healthcheck
|
||||
include tripleo::profile::base::apache
|
||||
class { 'cinder::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'cinder::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -56,13 +56,18 @@
|
|||
# listen port gets default value from designate::wsgi::apache)
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::designate::api (
|
||||
$step = Integer(lookup('step')),
|
||||
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
|
||||
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
|
||||
$designate_network = lookup('designate_api_network', undef, undef, undef),
|
||||
$listen_ip = undef,
|
||||
$listen_port = undef
|
||||
$listen_port = undef,
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
include tripleo::profile::base::designate
|
||||
include tripleo::profile::base::designate::authtoken
|
||||
|
@ -86,10 +91,12 @@ class tripleo::profile::base::designate::api (
|
|||
listen => "${listen_uri}:${listen_port}"
|
||||
}
|
||||
} else {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'designate::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'designate::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile
|
||||
}
|
||||
}
|
||||
include designate::api
|
||||
}
|
||||
|
|
|
@ -131,6 +131,10 @@
|
|||
# (optional) Whether to enable caching
|
||||
# defaults to false
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
# DEPRECATED PARAMETERS
|
||||
#
|
||||
# [*glance_rbd_client_name*]
|
||||
|
@ -163,6 +167,7 @@ class tripleo::profile::base::glance::api (
|
|||
$tls_proxy_port = 9292,
|
||||
$glance_enable_db_purge = true,
|
||||
$glance_enable_cache = false,
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
# DEPRECATED PARAMETERS
|
||||
$glance_rbd_client_name = undef,
|
||||
) {
|
||||
|
@ -188,15 +193,17 @@ class tripleo::profile::base::glance::api (
|
|||
$tls_certfile = $certificates_specs["httpd-${glance_network}"]['service_certificate']
|
||||
$tls_keyfile = $certificates_specs["httpd-${glance_network}"]['service_key']
|
||||
|
||||
tripleo::tls_proxy { 'glance-api':
|
||||
servername => $tls_proxy_fqdn,
|
||||
ip => $tls_proxy_bind_ip,
|
||||
port => $tls_proxy_port,
|
||||
tls_cert => $tls_certfile,
|
||||
tls_key => $tls_keyfile,
|
||||
notify => Class['glance::api'],
|
||||
if $configure_apache {
|
||||
tripleo::tls_proxy { 'glance-api':
|
||||
servername => $tls_proxy_fqdn,
|
||||
ip => $tls_proxy_bind_ip,
|
||||
port => $tls_proxy_port,
|
||||
tls_cert => $tls_certfile,
|
||||
tls_key => $tls_keyfile,
|
||||
notify => Class['glance::api'],
|
||||
}
|
||||
include tripleo::profile::base::apache
|
||||
}
|
||||
include tripleo::profile::base::apache
|
||||
}
|
||||
|
||||
$multistore_backends = $multistore_config.map |$backend_config| {
|
||||
|
|
|
@ -64,6 +64,10 @@
|
|||
# (Optional) Storage driver to use for incoming metric data
|
||||
# Defaults to lookup('incoming_storage_driver', undef, undef, undef)
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::gnocchi::api (
|
||||
$bootstrap_node = lookup('gnocchi_api_short_bootstrap_node_name', undef, undef, undef),
|
||||
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
|
||||
|
@ -74,6 +78,7 @@ class tripleo::profile::base::gnocchi::api (
|
|||
$redis_vip = lookup('redis_vip'),
|
||||
$step = Integer(lookup('step')),
|
||||
$incoming_storage_driver = lookup('incoming_storage_driver', undef, undef, undef),
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
$sync_db = true
|
||||
|
@ -113,10 +118,12 @@ class tripleo::profile::base::gnocchi::api (
|
|||
}
|
||||
|
||||
include gnocchi::api
|
||||
include tripleo::profile::base::apache
|
||||
class { 'gnocchi::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'gnocchi::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
|
||||
if $incoming_storage_driver == 'redis' {
|
||||
|
|
|
@ -48,12 +48,17 @@
|
|||
# for more details.
|
||||
# Defaults to Integer(lookup('step'))
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::heat::api (
|
||||
$bootstrap_node = lookup('heat_api_short_bootstrap_node_name', undef, undef, undef),
|
||||
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
|
||||
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
|
||||
$heat_api_network = lookup('heat_api_network', undef, undef, undef),
|
||||
$step = Integer(lookup('step')),
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
$is_bootstrap = true
|
||||
|
@ -77,10 +82,12 @@ class tripleo::profile::base::heat::api (
|
|||
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
|
||||
include heat::api
|
||||
include heat::healthcheck
|
||||
include tripleo::profile::base::apache
|
||||
class { 'heat::wsgi::apache_api':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'heat::wsgi::apache_api':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -48,12 +48,17 @@
|
|||
# for more details.
|
||||
# Defaults to Integer(lookup('step'))
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::heat::api_cfn (
|
||||
$bootstrap_node = lookup('heat_api_cfn_short_bootstrap_node_name', undef, undef, undef),
|
||||
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
|
||||
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
|
||||
$heat_api_cfn_network = lookup('heat_api_cfn_network', undef, undef, undef),
|
||||
$step = Integer(lookup('step')),
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
$is_bootstrap = true
|
||||
|
@ -77,10 +82,12 @@ class tripleo::profile::base::heat::api_cfn (
|
|||
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
|
||||
include heat::api_cfn
|
||||
include heat::healthcheck
|
||||
include tripleo::profile::base::apache
|
||||
class { 'heat::wsgi::apache_api_cfn':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'heat::wsgi::apache_api_cfn':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -47,12 +47,17 @@
|
|||
# (Optional) The current step of the deployment
|
||||
# Defaults to Integer(lookup('step'))
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::ironic::api (
|
||||
$bootstrap_node = lookup('ironic_api_short_bootstrap_node_name', undef, undef, undef),
|
||||
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
|
||||
$ironic_api_network = lookup('ironic_api_network', undef, undef, undef),
|
||||
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
|
||||
$step = Integer(lookup('step')),
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
include tripleo::profile::base::ironic
|
||||
include tripleo::profile::base::ironic::authtoken
|
||||
|
@ -78,10 +83,12 @@ class tripleo::profile::base::ironic::api (
|
|||
include ironic::api
|
||||
include ironic::cors
|
||||
include ironic::healthcheck
|
||||
include tripleo::profile::base::apache
|
||||
class { 'ironic::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'ironic::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -150,6 +150,10 @@
|
|||
# (Optional) oslo.cache backend used for caching.
|
||||
# Defaults to lookup('keystone::cache::backend', undef, undef, false)
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
# DEPRECATED PARAMETERS
|
||||
#
|
||||
# [*memcached_ips*]
|
||||
|
@ -187,6 +191,7 @@ class tripleo::profile::base::keystone (
|
|||
$memcached_port = lookup('memcached_port', undef, undef, 11211),
|
||||
$memcached_ipv6 = lookup('memcached_ipv6', undef, undef, false),
|
||||
$cache_backend = lookup('keystone::cache::backend', undef, undef, false),
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
# DEPRECATED PARAMETERS
|
||||
$memcached_ips = undef
|
||||
) {
|
||||
|
@ -266,10 +271,12 @@ class tripleo::profile::base::keystone (
|
|||
include keystone::config
|
||||
include keystone::db
|
||||
include keystone::logging
|
||||
include tripleo::profile::base::apache
|
||||
class { 'keystone::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'keystone::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
include keystone::cors
|
||||
include keystone::security_compliance
|
||||
|
|
|
@ -92,6 +92,10 @@
|
|||
# (Optional) Whether to enable db purging
|
||||
# Defaults to true
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::manila::api (
|
||||
$enabled_share_protocols = lookup('manila_enabled_share_protocols', undef, undef, undef),
|
||||
$backend_generic_enabled = lookup('manila_backend_generic_enabled', undef, undef, false),
|
||||
|
@ -109,6 +113,7 @@ class tripleo::profile::base::manila::api (
|
|||
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
|
||||
$step = Integer(lookup('step')),
|
||||
$manila_enable_db_purge = true,
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
$sync_db = true
|
||||
|
@ -131,7 +136,9 @@ class tripleo::profile::base::manila::api (
|
|||
}
|
||||
|
||||
if $step >= 4 or ($step >= 3 and $sync_db) {
|
||||
include tripleo::profile::base::apache
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
}
|
||||
|
||||
unless empty($enabled_share_protocols) {
|
||||
$enabled_share_protocols_real = join(any2array($enabled_share_protocols), ',')
|
||||
|
@ -160,9 +167,11 @@ class tripleo::profile::base::manila::api (
|
|||
enabled_share_protocols => $enabled_share_protocols_real
|
||||
}
|
||||
include manila::healthcheck
|
||||
class { 'manila::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
class { 'manila::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -86,6 +86,10 @@
|
|||
# (Optional) Indicate whether Designate is available in the deployment.
|
||||
# Defaults to lookup('designate_api_enabled', undef, undef, false)
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::neutron::server (
|
||||
$bootstrap_node = lookup('neutron_api_short_bootstrap_node_name', undef, undef, undef),
|
||||
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
|
||||
|
@ -99,6 +103,7 @@ class tripleo::profile::base::neutron::server (
|
|||
$tls_proxy_fqdn = undef,
|
||||
$tls_proxy_port = 9696,
|
||||
$designate_api_enabled = lookup('designate_api_enabled', undef, undef, false),
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
$sync_db = true
|
||||
|
@ -131,20 +136,22 @@ class tripleo::profile::base::neutron::server (
|
|||
}
|
||||
|
||||
if $step >= 4 or ($step >= 3 and $sync_db) {
|
||||
include tripleo::profile::base::apache
|
||||
if $enable_internal_tls {
|
||||
::tripleo::tls_proxy { 'neutron-api':
|
||||
servername => $tls_proxy_fqdn,
|
||||
ip => $tls_proxy_bind_ip,
|
||||
port => $tls_proxy_port,
|
||||
tls_cert => $tls_certfile,
|
||||
tls_key => $tls_keyfile,
|
||||
}
|
||||
Tripleo::Tls_proxy['neutron-api'] ~> Anchor<| title == 'neutron::service::begin' |>
|
||||
} else {
|
||||
class { 'neutron::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
if $enable_internal_tls {
|
||||
::tripleo::tls_proxy { 'neutron-api':
|
||||
servername => $tls_proxy_fqdn,
|
||||
ip => $tls_proxy_bind_ip,
|
||||
port => $tls_proxy_port,
|
||||
tls_cert => $tls_certfile,
|
||||
tls_key => $tls_keyfile,
|
||||
}
|
||||
Tripleo::Tls_proxy['neutron-api'] ~> Anchor<| title == 'neutron::service::begin' |>
|
||||
} else {
|
||||
class { 'neutron::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
}
|
||||
if $designate_api_enabled {
|
||||
|
|
|
@ -54,6 +54,10 @@
|
|||
# (Optional) Wheter to enable db purging
|
||||
# Defaults to lookup('nova_enable_db_purge', undef, undef, true)
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
|
||||
class tripleo::profile::base::nova::api (
|
||||
$bootstrap_node = lookup('nova_api_short_bootstrap_node_name', undef, undef, undef),
|
||||
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
|
||||
|
@ -62,6 +66,7 @@ class tripleo::profile::base::nova::api (
|
|||
$step = Integer(lookup('step')),
|
||||
$nova_enable_db_archive = lookup('nova_enable_db_archive', undef, undef, true),
|
||||
$nova_enable_db_purge = lookup('nova_enable_db_purge', undef, undef, true),
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
$sync_db = true
|
||||
|
@ -98,10 +103,12 @@ class tripleo::profile::base::nova::api (
|
|||
}
|
||||
|
||||
if $step >= 4 or ($step >= 3 and $sync_db) {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'nova::wsgi::apache_api':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'nova::wsgi::apache_api':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -46,12 +46,17 @@
|
|||
# for more details.
|
||||
# Defaults to Integer(lookup('step'))
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
|
||||
class tripleo::profile::base::nova::metadata (
|
||||
$bootstrap_node = lookup('nova_metadata_short_bootstrap_node_name', undef, undef, undef),
|
||||
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
|
||||
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
|
||||
$nova_metadata_network = lookup('nova_metadata_network', undef, undef, undef),
|
||||
$step = Integer(lookup('step')),
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
$is_bootstrap = true
|
||||
|
@ -78,10 +83,12 @@ class tripleo::profile::base::nova::metadata (
|
|||
include nova::network::neutron
|
||||
include nova::metadata
|
||||
include nova::vendordata
|
||||
include tripleo::profile::base::apache
|
||||
class { 'nova::wsgi::apache_metadata':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'nova::wsgi::apache_metadata':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -63,6 +63,10 @@
|
|||
# Defaults to undef
|
||||
# Not used any more.
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::octavia::api (
|
||||
$bootstrap_node = lookup('octavia_api_short_bootstrap_node_name', undef, undef, undef),
|
||||
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
|
||||
|
@ -72,6 +76,7 @@ class tripleo::profile::base::octavia::api (
|
|||
$ovn_db_host = undef,
|
||||
$ovn_nb_port = undef,
|
||||
$neutron_driver = undef,
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
$sync_db = true
|
||||
|
@ -107,10 +112,12 @@ Use tripleo::profile::base::octavia::provider::ovn.')
|
|||
sync_db => $sync_db,
|
||||
}
|
||||
include octavia::healthcheck
|
||||
include tripleo::profile::base::apache
|
||||
class { 'octavia::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
class { 'octavia::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -46,12 +46,17 @@
|
|||
# for more details.
|
||||
# Defaults to Integer(lookup('step'))
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::placement::api (
|
||||
$bootstrap_node = lookup('placement_short_bootstrap_node_name', undef, undef, undef),
|
||||
$certificates_specs = lookup('apache_certificates_specs', undef, undef, {}),
|
||||
$enable_internal_tls = lookup('enable_internal_tls', undef, undef, false),
|
||||
$placement_network = lookup('placement_network', undef, undef, undef),
|
||||
$step = Integer(lookup('step')),
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
$is_bootstrap = true
|
||||
|
@ -74,11 +79,13 @@ class tripleo::profile::base::placement::api (
|
|||
}
|
||||
|
||||
if $step >= 4 or ( $step >= 3 and $is_bootstrap ) {
|
||||
include tripleo::profile::base::apache
|
||||
include placement::api
|
||||
class { 'placement::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
include tripleo::profile::base::apache
|
||||
include placement::api
|
||||
class { 'placement::wsgi::apache':
|
||||
ssl_cert => $tls_certfile,
|
||||
ssl_key => $tls_keyfile,
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -103,6 +103,10 @@
|
|||
# Whether the pycadf audit middleware is is enabled.
|
||||
# Defaults to false
|
||||
#
|
||||
# [*configure_apache*]
|
||||
# (Optional) Whether apache is configured via puppet or not.
|
||||
# Defaults to lookup('configure_apache', undef, undef, true)
|
||||
#
|
||||
class tripleo::profile::base::swift::proxy (
|
||||
$bootstrap_node = lookup('swift_proxy_short_bootstrap_node_name', undef, undef, undef),
|
||||
$ceilometer_enabled = true,
|
||||
|
@ -122,6 +126,7 @@ class tripleo::profile::base::swift::proxy (
|
|||
$tls_proxy_fqdn = undef,
|
||||
$tls_proxy_port = 8080,
|
||||
$audit_enabled = false,
|
||||
$configure_apache = lookup('configure_apache', undef, undef, true),
|
||||
) {
|
||||
if $bootstrap_node and $::hostname == downcase($bootstrap_node) {
|
||||
$is_bootstrap = true
|
||||
|
@ -136,15 +141,17 @@ class tripleo::profile::base::swift::proxy (
|
|||
$tls_certfile = $certificates_specs["httpd-${swift_proxy_network}"]['service_certificate']
|
||||
$tls_keyfile = $certificates_specs["httpd-${swift_proxy_network}"]['service_key']
|
||||
|
||||
::tripleo::tls_proxy { 'swift-proxy-api':
|
||||
servername => $tls_proxy_fqdn,
|
||||
ip => $tls_proxy_bind_ip,
|
||||
port => $tls_proxy_port,
|
||||
tls_cert => $tls_certfile,
|
||||
tls_key => $tls_keyfile,
|
||||
if $configure_apache {
|
||||
::tripleo::tls_proxy { 'swift-proxy-api':
|
||||
servername => $tls_proxy_fqdn,
|
||||
ip => $tls_proxy_bind_ip,
|
||||
port => $tls_proxy_port,
|
||||
tls_cert => $tls_certfile,
|
||||
tls_key => $tls_keyfile,
|
||||
}
|
||||
Tripleo::Tls_proxy['swift-proxy-api'] ~> Anchor<| title == 'swift::service::begin' |>
|
||||
include tripleo::profile::base::apache
|
||||
}
|
||||
Tripleo::Tls_proxy['swift-proxy-api'] ~> Anchor<| title == 'swift::service::begin' |>
|
||||
include tripleo::profile::base::apache
|
||||
}
|
||||
}
|
||||
include tripleo::profile::base::swift
|
||||
|
|
Loading…
Reference in New Issue