tripleo-heat-templates/puppet/services/octavia-worker.yaml
Brent Eagles bb9e7a4382 Disable SSH key access to amphora
We are not configuring SSH access for amphora yet so we disable it.

Depends-On: Ic6cf523809e390df0263e26d5879c06986688cfa
Change-Id: I7ec1ef980026f498a6b7adb5267ce5b7fe6cc8d1
2017-12-12 16:01:53 -03:30

126 lines
4.1 KiB
YAML

heat_template_version: queens
description: >
OpenStack Octavia Worker service.
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MonitoringSubscriptionOctaviaWorker:
default: 'overcloud-octavia-worker'
type: string
OctaviaWorkerLoggingSource:
type: json
default:
tag: openstack.octavia.worker
path: /var/log/octavia/worker.log
OctaviaAmphoraImageTag:
default: 'amphora-image'
description: Glance image tag for identifying the amphora image.
type: string
OctaviaAmphoraNetworkList:
default: []
description: List of networks to attach to amphorae.
type: comma_delimited_list
OctaviaLoadBalancerTopology:
default: ''
description: Load balancer topology configuration.
type: string
OctaviaFlavorId:
default: 65
description: Nova flavor ID to be used when creating the nova flavor for
amphora.
type: number
OctaviaFlavorProperties:
default: {}
description: Dictionary describing the nova flavor for amphora.
type: json
OctaviaManageNovaFlavor:
default: false
description: Configure the nova flavor for the amphora.
type: boolean
OctaviaClientCertFile:
default: '/etc/octavia/certs/client.pem'
description: client certificate for amphoras
type: string
OctaviaClientCert:
default: ''
description: Client certificate data. If provided, this will create or update
a file on the host with the path provided in OctaviaClientCertFile
with the certificate data.
type: string
conditions:
octavia_topology_unset: {equals : [{get_param: OctaviaLoadBalancerTopology}, ""]}
octavia_client_cert_unset: {equals: [{get_param: OctaviaClientCert}, ""]}
resources:
OctaviaBase:
type: ./octavia-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
outputs:
role_data:
description: Role data for the Octavia WoWorker service.
value:
service_name: octavia_worker
monitoring_subscription: {get_param: MonitoringSubscriptionOctaviaWorker}
logging_source: {get_param: OctaviaWorkerLoggingSource}
logging_groups:
-octavia
config_settings:
map_merge:
- get_attr: [OctaviaBase, role_data, config_settings]
- octavia::worker::amp_boot_network_list: {get_param: OctaviaAmphoraNetworkList}
octavia::worker::amp_flavor_id: {get_param: OctaviaFlavorId}
octavia::worker::nova_flavor_config: {get_param: OctaviaFlavorProperties}
octavia::worker::manage_nova_flavor: {get_param: OctaviaManageNovaFlavor}
octavia::certificates::client_cert: {get_param: OctaviaClientCertFile}
octavia::worker::amp_image_tag: {get_param: OctaviaAmphoraImageTag}
octavia::worker::enable_ssh_access: false
-
if:
- octavia_topology_unset
- {}
- octavia::worker::loadbalancer_topology: {get_param: OctaviaLoadBalancerTopology}
-
if:
- octavia_client_cert_unset
- {}
- octavia::certificates::client_cert_data: {get_param: OctaviaClientCert}
step_config: |
include tripleo::profile::base::octavia::worker