heat_template_version: wallaby description: > Ceph Grafana service. parameters: ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. Use parameter_merge_strategies to merge it with the defaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json CephGrafanaAdminUser: default: 'admin' description: Admin user for grafana component type: string CephGrafanaAdminPassword: description: Admin password for grafana component type: string hidden: true GrafanaPlugins: default: ['vonage-status-panel', 'grafana-piechart-panel'] type: comma_delimited_list description: > List of plugins to enable on the grafana container GrafanaContainerImage: description: Grafana container image type: string GrafanaDashboardsPath: default: '' description: ceph dashboards templates built for grafana type: string GrafanaDashboardPort: type: number default: 3100 description: Parameter that defines the ceph grafana port. GrafanaDataSource: default: 'Dashboard' description: Grafana datasource type: string PrometheusContainerImage: description: Ceph Prometheus container image type: string AlertManagerContainerImage: description: Ceph AlertManager container image type: string NodeExporterContainerImage: description: Ceph NodeExporter container image default: '' type: string EnableInternalTLS: type: boolean default: false CertificateKeySize: type: string default: '2048' description: Specifies the private key size used when creating the certificate. GrafanaCertificateKeySize: type: string default: '' description: Override the private key size used when creating the certificate for this service conditions: key_size_override_set: not: {equals: [{get_param: GrafanaCertificateKeySize}, '']} resources: CephBase: type: ./ceph-base.yaml properties: ServiceData: {get_param: ServiceData} ServiceNetMap: {get_param: ServiceNetMap} DefaultPasswords: {get_param: DefaultPasswords} EndpointMap: {get_param: EndpointMap} RoleName: {get_param: RoleName} RoleParameters: {get_param: RoleParameters} CephGrafanaAnsibleVars: type: OS::Heat::Value properties: type: json value: vars: tripleo_cephadm_grafana_admin_user: {get_param: CephGrafanaAdminUser} tripleo_cephadm_grafana_admin_password: {get_param: CephGrafanaAdminPassword} tripleo_cephadm_grafana_container_image: {get_param: GrafanaContainerImage} tripleo_cephadm_grafana_dashboards_path: {get_param: GrafanaDashboardsPath} tripleo_cephadm_grafana_datasource: {get_param: GrafanaDataSource} tripleo_cephadm_grafana_plugins: {get_param: GrafanaPlugins} tripleo_cephadm_grafana_port: {get_param: GrafanaDashboardPort} tripleo_cephadm_prometheus_container_image: {get_param: PrometheusContainerImage} tripleo_cephadm_node_exporter_container_image: {get_param: NodeExporterContainerImage} tripleo_cephadm_prometheus_port: 9092 tripleo_cephadm_alertmanager_port: 9093 tripleo_cephadm_alertmanager_container_image: {get_param: AlertManagerContainerImage} tripleo_cephadm_monitoring_address_block: list_join: - ',' - get_param: [ServiceData, net_cidr_map, {get_param: [ServiceNetMap, CephGrafanaNetwork]}] outputs: role_data: description: Role data for the Ceph Dashboard service. value: service_name: ceph_grafana firewall_rules: '123 ceph_dashboard': dport: - {get_param: GrafanaDashboardPort} - 9090 - 9092 - 9093 - 9094 - 9100 - 9283 firewall_frontend_rules: '100 ceph_graphana': dport: - {get_param: GrafanaDashboardPort} '100 ceph_prometheus': dport: - 9092 '100 ceph_alertmanager': dport: - 9093 upgrade_tasks: [] puppet_config: {} docker_config: {} external_deploy_tasks: list_concat: - {get_attr: [CephBase, role_data, external_deploy_tasks]} - - name: ceph_dashboard_external_deploy_init when: step == '1' block: - name: set tripleo-ansible group vars set_fact: ceph_monitoring_stack: if: - {get_param: EnableInternalTLS} - map_merge: - {get_attr: [CephGrafanaAnsibleVars, value, vars]} - tripleo_cephadm_grafana_crt: '/etc/pki/tls/certs/ceph_grafana.crt' tripleo_cephadm_grafana_key: '/etc/pki/tls/private/ceph_grafana.key' - {get_attr: [CephGrafanaAnsibleVars, value, vars]} metadata_settings: if: - {get_param: EnableInternalTLS} - - service: ceph_grafana network: {get_param: [ServiceNetMap, CephGrafanaNetwork]} type: node deploy_steps_tasks: - name: Certificate generation when: - step|int == 1 - enable_internal_tls block: - include_role: name: linux-system-roles.certificate vars: certificate_requests: - name: ceph_grafana dns: str_replace: template: "{{fqdn_$NETWORK}}" params: $NETWORK: {get_param: [ServiceNetMap, CephGrafanaNetwork]} principal: str_replace: template: "ceph_grafana/{{fqdn_$NETWORK}}@{{idm_realm}}" params: $NETWORK: {get_param: [ServiceNetMap, CephGrafanaNetwork]} run_after: | # Get grafana systemd unit grafana_unit=$(systemctl list-unit-files | awk '/grafana/ {print $1}') # Restart the grafana systemd unit if [ -z "$grafana_unit" ]; then systemctl restart "$grafana_unit" fi key_size: if: - key_size_override_set - {get_param: GrafanaCertificateKeySize} - {get_param: CertificateKeySize} ca: ipa