Move glance/heat hiera settings to services
This patch removes the remaining bind IP, and password settings for Heat and Glance into the composable services. Change-Id: I17abcb2a08a1972cbcf8163f6608ac22ddfc15f7 Related-bug: #1604414
This commit is contained in:
parent
319c42475c
commit
43476e235c
|
@ -403,7 +403,6 @@ resources:
|
||||||
properties:
|
properties:
|
||||||
CloudDomain: {get_param: CloudDomain}
|
CloudDomain: {get_param: CloudDomain}
|
||||||
controllerExtraConfig: {get_param: controllerExtraConfig}
|
controllerExtraConfig: {get_param: controllerExtraConfig}
|
||||||
HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey}
|
|
||||||
HorizonSecret: {get_resource: HorizonSecret}
|
HorizonSecret: {get_resource: HorizonSecret}
|
||||||
PcsdPassword: {get_resource: PcsdPassword}
|
PcsdPassword: {get_resource: PcsdPassword}
|
||||||
RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
|
RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
|
||||||
|
|
|
@ -87,10 +87,6 @@ parameters:
|
||||||
type: string
|
type: string
|
||||||
constraints:
|
constraints:
|
||||||
- custom_constraint: nova.flavor
|
- custom_constraint: nova.flavor
|
||||||
HeatAuthEncryptionKey:
|
|
||||||
description: Auth encryption key for heat-engine
|
|
||||||
type: string
|
|
||||||
hidden: true
|
|
||||||
HorizonSecret:
|
HorizonSecret:
|
||||||
description: Secret key for Django
|
description: Secret key for Django
|
||||||
type: string
|
type: string
|
||||||
|
@ -405,7 +401,6 @@ resources:
|
||||||
server: {get_resource: Controller}
|
server: {get_resource: Controller}
|
||||||
input_values:
|
input_values:
|
||||||
bootstack_nodeid: {get_attr: [Controller, name]}
|
bootstack_nodeid: {get_attr: [Controller, name]}
|
||||||
heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
|
|
||||||
horizon_secret: {get_param: HorizonSecret}
|
horizon_secret: {get_param: HorizonSecret}
|
||||||
debug: {get_param: Debug}
|
debug: {get_param: Debug}
|
||||||
keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
|
keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
|
||||||
|
@ -440,10 +435,7 @@ resources:
|
||||||
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
|
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
|
||||||
swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
|
swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
|
||||||
swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
|
swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
|
||||||
glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
|
|
||||||
glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
|
|
||||||
glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
|
glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
|
||||||
heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
|
|
||||||
keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
|
keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
|
||||||
keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
|
keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
|
||||||
manila_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ManilaApiNetwork]}]}
|
manila_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ManilaApiNetwork]}]}
|
||||||
|
@ -559,16 +551,6 @@ resources:
|
||||||
swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
|
swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
|
||||||
swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
|
swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
|
||||||
|
|
||||||
# Glance
|
|
||||||
glance::api::bind_host: {get_input: glance_api_network}
|
|
||||||
glance::registry::bind_host: {get_input: glance_registry_network}
|
|
||||||
|
|
||||||
# Heat
|
|
||||||
heat::api::bind_host: {get_input: heat_api_network}
|
|
||||||
heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
|
|
||||||
heat::api_cfn::bind_host: {get_input: heat_api_network}
|
|
||||||
heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
|
|
||||||
|
|
||||||
# Keystone
|
# Keystone
|
||||||
keystone::admin_bind_host: {get_input: keystone_admin_api_network}
|
keystone::admin_bind_host: {get_input: keystone_admin_api_network}
|
||||||
keystone::public_bind_host: {get_input: keystone_public_api_network}
|
keystone::public_bind_host: {get_input: keystone_public_api_network}
|
||||||
|
|
|
@ -131,6 +131,12 @@ outputs:
|
||||||
glance::api::keystone_tenant: 'service'
|
glance::api::keystone_tenant: 'service'
|
||||||
glance::api::pipeline: 'keystone'
|
glance::api::pipeline: 'keystone'
|
||||||
glance::api::show_image_direct_url: true
|
glance::api::show_image_direct_url: true
|
||||||
|
# NOTE: bind IP is found in Heat replacing the network name with the
|
||||||
|
# local node IP for the given network; replacement examples
|
||||||
|
# (eg. for internal_api):
|
||||||
|
# internal_api -> IP
|
||||||
|
# internal_api_uri -> [IP]
|
||||||
|
# internal_api_subnet - > IP/CIDR
|
||||||
|
glance::api::bind_host: {get_param: [ServiceNetMap, GlanceApiNetwork]}
|
||||||
step_config: |
|
step_config: |
|
||||||
include ::tripleo::profile::base::glance::api
|
include ::tripleo::profile::base::glance::api
|
||||||
|
|
|
@ -66,5 +66,12 @@ outputs:
|
||||||
'112 glance_registry':
|
'112 glance_registry':
|
||||||
dport:
|
dport:
|
||||||
- 9191
|
- 9191
|
||||||
|
# NOTE: bind IP is found in Heat replacing the network name with the
|
||||||
|
# local node IP for the given network; replacement examples
|
||||||
|
# (eg. for internal_api):
|
||||||
|
# internal_api -> IP
|
||||||
|
# internal_api_uri -> [IP]
|
||||||
|
# internal_api_subnet - > IP/CIDR
|
||||||
|
glance::registry::bind_host: {get_param: [ServiceNetMap, GlanceRegistryNetwork]}
|
||||||
step_config: |
|
step_config: |
|
||||||
include ::tripleo::profile::base::glance::registry
|
include ::tripleo::profile::base::glance::registry
|
||||||
|
|
|
@ -59,5 +59,12 @@ outputs:
|
||||||
dport:
|
dport:
|
||||||
- 8000
|
- 8000
|
||||||
- 13800
|
- 13800
|
||||||
|
# NOTE: bind IP is found in Heat replacing the network name with the
|
||||||
|
# local node IP for the given network; replacement examples
|
||||||
|
# (eg. for internal_api):
|
||||||
|
# internal_api -> IP
|
||||||
|
# internal_api_uri -> [IP]
|
||||||
|
# internal_api_subnet - > IP/CIDR
|
||||||
|
heat::api_cfn::bind_host: {get_param: [ServiceNetMap, HeatApiNetwork]}
|
||||||
step_config: |
|
step_config: |
|
||||||
include ::tripleo::profile::base::heat::api_cfn
|
include ::tripleo::profile::base::heat::api_cfn
|
||||||
|
|
|
@ -45,5 +45,12 @@ outputs:
|
||||||
dport:
|
dport:
|
||||||
- 8003
|
- 8003
|
||||||
- 13003
|
- 13003
|
||||||
|
# NOTE: bind IP is found in Heat replacing the network name with the
|
||||||
|
# local node IP for the given network; replacement examples
|
||||||
|
# (eg. for internal_api):
|
||||||
|
# internal_api -> IP
|
||||||
|
# internal_api_uri -> [IP]
|
||||||
|
# internal_api_subnet - > IP/CIDR
|
||||||
|
heat::api_cloudwatch::bind_host: {get_param: [ServiceNetMap, HeatApiNetwork]}
|
||||||
step_config: |
|
step_config: |
|
||||||
include ::tripleo::profile::base::heat::api_cloudwatch
|
include ::tripleo::profile::base::heat::api_cloudwatch
|
||||||
|
|
|
@ -59,5 +59,12 @@ outputs:
|
||||||
dport:
|
dport:
|
||||||
- 8004
|
- 8004
|
||||||
- 13004
|
- 13004
|
||||||
|
# NOTE: bind IP is found in Heat replacing the network name with the
|
||||||
|
# local node IP for the given network; replacement examples
|
||||||
|
# (eg. for internal_api):
|
||||||
|
# internal_api -> IP
|
||||||
|
# internal_api_uri -> [IP]
|
||||||
|
# internal_api_subnet - > IP/CIDR
|
||||||
|
heat::api::bind_host: {get_param: [ServiceNetMap, HeatApiNetwork]}
|
||||||
step_config: |
|
step_config: |
|
||||||
include ::tripleo::profile::base::heat::api
|
include ::tripleo::profile::base::heat::api
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
heat_template_version: 2016-04-08
|
heat_template_version: 2016-10-14
|
||||||
|
|
||||||
description: >
|
description: >
|
||||||
Openstack Heat Engine service configured with Puppet
|
Openstack Heat Engine service configured with Puppet
|
||||||
|
@ -35,6 +35,11 @@ parameters:
|
||||||
description: Password for heat_stack_domain_admin user.
|
description: Password for heat_stack_domain_admin user.
|
||||||
type: string
|
type: string
|
||||||
hidden: true
|
hidden: true
|
||||||
|
HeatAuthEncryptionKey:
|
||||||
|
description: Auth encryption key for heat-engine
|
||||||
|
type: string
|
||||||
|
hidden: true
|
||||||
|
default: ''
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
HeatBase:
|
HeatBase:
|
||||||
|
@ -76,5 +81,12 @@ outputs:
|
||||||
heat::db::mysql::allowed_hosts:
|
heat::db::mysql::allowed_hosts:
|
||||||
- '%'
|
- '%'
|
||||||
- "%{hiera('mysql_bind_host')}"
|
- "%{hiera('mysql_bind_host')}"
|
||||||
|
heat::engine::auth_encryption_key:
|
||||||
|
yaql:
|
||||||
|
expression: $.data.passwords.where($ != '').first()
|
||||||
|
data:
|
||||||
|
passwords:
|
||||||
|
- {get_param: HeatAuthEncryptionKey}
|
||||||
|
- {get_param: [DefaultPasswords, heat_auth_encryption_key]}
|
||||||
step_config: |
|
step_config: |
|
||||||
include ::tripleo::profile::base::heat::engine
|
include ::tripleo::profile::base::heat::engine
|
||||||
|
|
Loading…
Reference in New Issue