heat_template_version: queens description: > Etcd service configured with Puppet parameters: ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json EtcdInitialClusterToken: description: Initial cluster token for the etcd cluster during bootstrap. type: string hidden: true MonitoringSubscriptionEtcd: default: 'overcloud-etcd' type: string EnableInternalTLS: type: boolean default: false conditions: internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]} outputs: role_data: description: Role data for the Etcd role. value: service_name: etcd monitoring_subscription: {get_param: MonitoringSubscriptionEtcd} config_settings: map_merge: - etcd::etcd_name: str_replace: template: "%{hiera('fqdn_$NETWORK')}" params: $NETWORK: {get_param: [ServiceNetMap, EtcdNetwork]} # NOTE: bind IP is found in Heat replacing the network name with the local node IP # for the given network; replacement examples (eg. for internal_api): # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR tripleo::profile::base::etcd::bind_ip: {get_param: [ServiceNetMap, EtcdNetwork]} tripleo::profile::base::etcd::client_port: '2379' tripleo::profile::base::etcd::peer_port: '2380' etcd::initial_cluster_token: {get_param: EtcdInitialClusterToken} etcd::manage_package: false tripleo.etcd.firewall_rules: '141 etcd': dport: - 2379 - 2380 - if: - internal_tls_enabled - generate_service_certificates: true tripleo::profile::base::etcd::certificate_specs: service_certificate: '/etc/pki/tls/certs/etcd.crt' service_key: '/etc/pki/tls/private/etcd.key' hostname: str_replace: template: "%{hiera('fqdn_NETWORK')}" params: NETWORK: {get_param: [ServiceNetMap, EtcdNetwork]} principal: str_replace: template: "etcd/%{hiera('fqdn_NETWORK')}" params: NETWORK: {get_param: [ServiceNetMap, EtcdNetwork]} - {} step_config: | include ::tripleo::profile::base::etcd upgrade_tasks: - name: Check if etcd is deployed command: systemctl is-enabled etcd when: step|int == 0 tags: validation ignore_errors: True register: etcd_enabled - name: "PreUpgrade step0,validation: Check if etcd is running" shell: > /usr/bin/systemctl show 'etcd' --property ActiveState | grep '\bactive\b' when: (etcd_enabled.rc == 0) and (step|int == 0) tags: validation - name: Stop etcd service when: step|int == 2 service: name=etcd state=stopped metadata_settings: if: - internal_tls_enabled - - service: etcd network: {get_param: [ServiceNetMap, EtcdNetwork]} type: node - null