heat_template_version: wallaby

description: >
  OpenStack Octavia health-manager service configured with Puppet

parameters:
  ContainerOctaviaHealthManagerImage:
    description: image
    type: string
  ContainerOctaviaConfigImage:
    description: The container image to use for the octavia config_volume
    type: string
  ContainerOctaviaRsyslogImage:
    description: The container image to use for the rsyslog-sidecar
    type: string
  OctaviaHealthManagerLoggingSource:
    type: json
    default:
      tag: openstack.octavia.health-manager
      file: /var/log/containers/octavia/health-manager.log
  EndpointMap:
    default: {}
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
  ServiceData:
    default: {}
    description: Dictionary packing service data
    type: json
  ServiceNetMap:
    default: {}
    description: Mapping of service_name -> network name. Typically set
                 via parameter_defaults in the resource registry.  This
                 mapping overrides those in ServiceNetMapDefaults.
    type: json
  RoleName:
    default: ''
    description: Role name on which the service is applied
    type: string
  RoleParameters:
    default: {}
    description: Parameters specific to the role
    type: json
  MonitoringSubscriptionOctaviaHealthManager:
    default: 'overcloud-octavia-health-manager'
    type: string
  OctaviaHeartbeatKey:
    type: string
    description: Key to identify heartbeat messages for amphorae.
    hidden: true
  OctaviaMgmtPortDevName:
    type: string
    default: "o-hm0"
    description: Name of the octavia management network interface using
                 for communication between octavia worker/health-manager
                 with the amphora machine.
  OctaviaLogOffload:
    default: false
    description: When true, log messages from the amphora will be forwarded
                 to the administrative log endponts and will be stored with
                 the controller logs.
    type: boolean

conditions:

  log_offload_enabled: {equals: [{get_param: OctaviaLogOffload}, true]}

resources:

  ContainersCommon:
    type: ../containers-common.yaml

  MySQLClient:
    type: ../database/mysql-client.yaml

  OctaviaBase:
    type: ./octavia-base.yaml
    properties:
      EndpointMap: {get_param: EndpointMap}
      ServiceData: {get_param: ServiceData}
      ServiceNetMap: {get_param: ServiceNetMap}
      RoleName: {get_param: RoleName}
      RoleParameters: {get_param: RoleParameters}

outputs:
  role_data:
    description: Role data for the Octavia health-manager role.
    value:
      service_name: octavia_health_manager
      firewall_rules:
        '200 octavia health manager interface':
          proto: udp
          dport: 5555
          iniface: {get_param: OctaviaMgmtPortDevName}
        '210 octavia lb-mgmt-net offload rsyslog':
          proto: udp
          dport: 514
          iniface: {get_param: OctaviaMgmtPortDevName}
      monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaHealthManager}
      config_settings:
        map_merge:
          - get_attr: [OctaviaBase, role_data, config_settings]
          - octavia::health_manager::heartbeat_key: {get_param: OctaviaHeartbeatKey}
      service_config_settings:
        rsyslog:
          tripleo_logging_sources_octavia_health_manager:
            - {get_param: OctaviaHealthManagerLoggingSource}
      # BEGIN DOCKER SETTINGS #
      puppet_config:
        config_volume: octavia
        puppet_tags: octavia_config
        step_config:
          list_join:
            - "\n"
            - - "include tripleo::profile::base::octavia::health_manager"
              - {get_attr: [MySQLClient, role_data, step_config]}
        config_image: {get_param: ContainerOctaviaConfigImage}
      kolla_config:
        /var/lib/kolla/config_files/octavia_health_manager.json:
          command: /usr/bin/octavia-health-manager --config-file /usr/share/octavia/octavia-dist.conf --config-file /etc/octavia/octavia.conf --config-file /etc/octavia/post-deploy.conf --log-file /var/log/octavia/health-manager.log --config-dir /etc/octavia/conf.d/octavia-health-manager
          config_files:
            - source: "/var/lib/kolla/config_files/src/*"
              dest: "/"
              merge: true
              preserve_properties: true
          permissions:
            - path: /var/log/octavia
              owner: octavia:octavia
              recurse: true
        /var/lib/kolla/config_files/octavia_rsyslog.json:
          command: /usr/sbin/rsyslogd -n
          config_files:
            - source: "/var/lib/kolla/config_files/src/*"
              dest: "/"
              merge: true
              preserve_properties: true
          permissions:
            - path: /var/log/octavia
              owner: root:root
              recurse: true
      docker_config:
        step_2:
          octavia_health_manager_init_dirs:
            start_order: 0
            image: &octavia_health_manager_image {get_param: ContainerOctaviaHealthManagerImage}
            user: root
            net: none
            volumes:
              # NOTE(mandre) we need extra dir for the service in /etc/octavia/conf.d
              # It is normally created as part of the RPM install, but it is
              # missing here because we use the same config_volume for all
              # octavia services, hence the same container image to generate
              # configuration.
              - /var/lib/config-data/puppet-generated/octavia/etc/octavia:/etc/octavia/:z
            command: ['/bin/bash', '-c', 'mkdir -p /etc/octavia/conf.d/octavia-health-manager; chown -R octavia:octavia /etc/octavia/conf.d/octavia-health-manager']
        step_5:
          map_merge:
            - octavia_health_manager:
                start_order: 2
                stop_grace_period: 300
                image: *octavia_health_manager_image
                net: host
                privileged: false
                restart: always
                healthcheck:
                  test: /openstack/healthcheck
                volumes:
                  list_concat:
                    - {get_attr: [ContainersCommon, volumes]}
                    -
                      - /var/lib/kolla/config_files/octavia_health_manager.json:/var/lib/kolla/config_files/config.json:ro
                      - /var/lib/config-data/puppet-generated/octavia:/var/lib/kolla/config_files/src:ro
                      - /var/log/containers/octavia:/var/log/octavia:z
                environment:
                  KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
            - if:
                - log_offload_enabled
                - octavia_rsyslog:
                    start_order: 2
                    image: {get_param: ContainerOctaviaRsyslogImage}
                    net: host
                    privileged: false
                    restart: always
                    volumes:
                      list_concat:
                        - {get_attr: [ContainersCommon, volumes]}
                        -
                          - /var/lib/kolla/config_files/octavia_rsyslog.json:/var/lib/kolla/config_files/config.json:ro
                          - /var/lib/config-data/puppet-generated/octavia:/var/lib/kolla/config_files/src:ro
                          - /var/log/containers/octavia-amphorae:/var/log/octavia:z
                    environment:
                      KOLLA_CONFIG_STRATEGY: COPY_ALWAYS
                - {}
      update_tasks: {get_attr: [OctaviaBase, role_data, update_tasks]}
      upgrade_tasks: {get_attr: [OctaviaBase, role_data, upgrade_tasks]}
      host_prep_tasks:
        - name: create persistent directories
          file:
            path: "{{ item.path }}"
            state: directory
            setype: "{{ item.setype }}"
            mode: "{{ item.mode }}"
          with_items:
            - { 'path': /var/log/containers/octavia, 'setype': container_file_t, 'mode': '0750' }
            - { 'path': /var/log/containers/octavia-amphorae, 'setype': container_file_t, 'mode': '0750' }
      external_upgrade_tasks:
        - when:
            - step|int == 1
          tags:
            - never
            - system_upgrade_transfer_data
            - system_upgrade_stop_services
          block:
            - name: Stop octavia health manager container
              import_role:
                name: tripleo_container_stop
              vars:
                tripleo_containers_to_stop:
                  - octavia_health_manager
                tripleo_delegate_to: "{{ groups['octavia_health_manager'] | default([]) }}"