heat_template_version: rocky description: > OpenStack Octavia base service. Shared for all Octavia services parameters: ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json Debug: type: boolean default: false description: Set to True to enable debugging on all services. OctaviaDebug: default: '' description: Set to True to enable debugging Octavia services. type: string constraints: - allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE'] EnableConfigPurge: type: boolean default: false description: > Remove configuration that is not generated by TripleO. Used to avoid configuration remnants after upgrades. RpcPort: default: 5672 description: The network port for messaging backend type: number RpcUserName: default: guest description: The username for messaging backend type: string RpcPassword: description: The password for messaging backend type: string hidden: true RpcUseSSL: default: false description: > Messaging client subscriber parameter to specify an SSL connection to the messaging host. type: string NotificationDriver: type: string default: 'messagingv2' description: Driver or drivers to handle sending notifications. OctaviaUserName: description: The username for the Octavia database and keystone accounts. type: string default: 'octavia' OctaviaPassword: description: The password for the Octavia database and keystone accounts. type: string hidden: true OctaviaProjectName: description: The project name for the keystone Octavia account. type: string default: 'service' OctaviaCaCertFile: type: string default: '/etc/octavia/certs/ca_01.pem' description: Octavia CA certificate file path. OctaviaCaCert: type: string default: '' description: Octavia CA certificate data. If provided, this will create or update a file on the host with the path provided in OctaviaCaCertFile with the certificate data. OctaviaCaKeyFile: type: string default: '/etc/octavia/certs/private/cakey.pem' description: Octavia CA private key file path. OctaviaCaKey: type: string default: '' description: The private key for the certificate provided in OctaviaCaCert. If provided, this will create or update a file on the host with the path provided in OctaviaCaKeyFile with the key data. OctaviaServerCertsKeyPassphrase: constraints: - length: { min: 32, max: 32} description: Passphrase for encrypting Amphora Certificates and Private Keys. Must be exactly 32 characters. type: string hidden: true OctaviaCaKeyPassphrase: description: CA private key passphrase. type: string hidden: true OctaviaAmphoraImageTag: default: 'amphora-image' description: Glance image tag for identifying the amphora image. type: string OctaviaAmphoraNetworkList: default: [] description: List of networks to attach to amphorae. type: comma_delimited_list OctaviaAmphoraSshKeyName: type: string default: 'octavia-ssh-key' description: SSH key name. OctaviaLoadBalancerTopology: default: '' description: Load balancer topology configuration. type: string OctaviaFlavorId: default: '65' description: Nova flavor ID to be used when creating the nova flavor for amphora. type: string OctaviaTimeoutClientData: default: 50000 description: Frontend client inactivity timeout. type: number OctaviaTimeoutMemberConnect: default: 5000 description: Backend member connection timeout. type: number OctaviaTimeoutMemberData: default: 50000 description: Backend member inactivity timeout. type: number OctaviaTimeoutTcpInspect: default: 0 description: Time to wait for TCP packets for content inspection. type: number parameter_groups: - label: deprecated description: | The following parameters are deprecated and will be removed. They should not be relied on for new deployments. If you have concerns regarding deprecated parameters, please contact the TripleO development team on IRC or the OpenStack mailing list. parameters: - RpcPort - RpcUserName - RpcPassword - RpcUseSSL conditions: service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']} octavia_ca_cert_unset: {equals: [{get_param: OctaviaCaCert}, '']} octavia_ca_key_unset: {equals: [{get_param: OctaviaCaKey}, '']} octavia_topology_unset: {equals : [{get_param: OctaviaLoadBalancerTopology}, ""]} outputs: role_data: description: Base role data for Octavia services value: service_name: octavia_base config_settings: map_merge: - octavia::logging::debug: if: - service_debug_unset - {get_param: Debug } - {get_param: OctaviaDebug } octavia::purge_config: {get_param: EnableConfigPurge} octavia::notification_driver: {get_param: NotificationDriver} octavia::db::database_connection: make_url: scheme: {get_param: [EndpointMap, MysqlInternal, protocol]} username: {get_param: OctaviaUserName} password: {get_param: OctaviaPassword} host: {get_param: [EndpointMap, MysqlInternal, host]} path: /octavia query: read_default_file: /etc/my.cnf.d/tripleo.cnf read_default_group: tripleo octavia::service_auth::auth_url: {get_param: [EndpointMap, KeystoneV3Internal, uri]} octavia::service_auth::auth_type: 'password' octavia::service_auth::username: {get_param: OctaviaUserName} octavia::service_auth::password: {get_param: OctaviaPassword} octavia::service_auth::project_name: {get_param: OctaviaProjectName} octavia::service_auth::project_domain_name: 'Default' octavia::service_auth::user_domain_name: 'Default' octavia::service_auth::auth_type: 'password' octavia::certificates::ca_certificate: {get_param: OctaviaCaCertFile} octavia::certificates::ca_private_key: {get_param: OctaviaCaKeyFile} octavia::certificates::server_certs_key_passphrase: {get_param: OctaviaServerCertsKeyPassphrase} octavia::certificates::ca_private_key_passphrase: {get_param: OctaviaCaKeyPassphrase} octavia::controller::amp_boot_network_list: {get_param: OctaviaAmphoraNetworkList} octavia::controller::amp_flavor_id: {get_param: OctaviaFlavorId} octavia::controller::amp_image_tag: {get_param: OctaviaAmphoraImageTag} octavia::controller::amp_ssh_key_name: {get_param: OctaviaAmphoraSshKeyName} octavia::controller::enable_ssh_access: true octavia::controller::timeout_client_data: {get_param: OctaviaTimeoutClientData} octavia::controller::timeout_member_connect: {get_param: OctaviaTimeoutMemberConnect} octavia::controller::timeout_member_data: {get_param: OctaviaTimeoutMemberData} octavia::controller::timeout_tcp_inspect: {get_param: OctaviaTimeoutTcpInspect} - if: - octavia_topology_unset - {} - octavia::controller::loadbalancer_topology: {get_param: OctaviaLoadBalancerTopology} - if: - octavia_ca_cert_unset - {} - octavia::certificates::ca_certificate_data: {get_param: OctaviaCaCert} - if: - octavia_ca_key_unset - {} - octavia::certificates::ca_private_key_data: {get_param: OctaviaCaKey}