230 lines
8.4 KiB
YAML
230 lines
8.4 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
OpenStack Octavia base service. Shared for all Octavia services
|
|
|
|
parameters:
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
Debug:
|
|
type: boolean
|
|
default: false
|
|
description: Set to True to enable debugging on all services.
|
|
OctaviaDebug:
|
|
default: ''
|
|
description: Set to True to enable debugging Octavia services.
|
|
type: string
|
|
constraints:
|
|
- allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE']
|
|
EnableConfigPurge:
|
|
type: boolean
|
|
default: false
|
|
description: >
|
|
Remove configuration that is not generated by TripleO. Used to avoid
|
|
configuration remnants after upgrades.
|
|
RpcPort:
|
|
default: 5672
|
|
description: The network port for messaging backend
|
|
type: number
|
|
RpcUserName:
|
|
default: guest
|
|
description: The username for messaging backend
|
|
type: string
|
|
RpcPassword:
|
|
description: The password for messaging backend
|
|
type: string
|
|
hidden: true
|
|
RpcUseSSL:
|
|
default: false
|
|
description: >
|
|
Messaging client subscriber parameter to specify
|
|
an SSL connection to the messaging host.
|
|
type: string
|
|
NotificationDriver:
|
|
type: string
|
|
default: 'messagingv2'
|
|
description: Driver or drivers to handle sending notifications.
|
|
OctaviaUserName:
|
|
description: The username for the Octavia database and keystone accounts.
|
|
type: string
|
|
default: 'octavia'
|
|
OctaviaPassword:
|
|
description: The password for the Octavia database and keystone accounts.
|
|
type: string
|
|
hidden: true
|
|
OctaviaProjectName:
|
|
description: The project name for the keystone Octavia account.
|
|
type: string
|
|
default: 'service'
|
|
OctaviaCaCertFile:
|
|
type: string
|
|
default: '/etc/octavia/certs/ca_01.pem'
|
|
description: Octavia CA certificate file path.
|
|
OctaviaCaCert:
|
|
type: string
|
|
default: ''
|
|
description: Octavia CA certificate data. If provided, this will create
|
|
or update a file on the host with the path provided in
|
|
OctaviaCaCertFile with the certificate data.
|
|
OctaviaCaKeyFile:
|
|
type: string
|
|
default: '/etc/octavia/certs/private/cakey.pem'
|
|
description: Octavia CA private key file path.
|
|
OctaviaCaKey:
|
|
type: string
|
|
default: ''
|
|
description: The private key for the certificate provided in OctaviaCaCert.
|
|
If provided, this will create or update a file on the host
|
|
with the path provided in OctaviaCaKeyFile with the key
|
|
data.
|
|
OctaviaServerCertsKeyPassphrase:
|
|
description: Passphrase for encrypting Amphora Certificates and
|
|
Private Keys.
|
|
type: string
|
|
hidden: true
|
|
OctaviaCaKeyPassphrase:
|
|
description: CA private key passphrase.
|
|
type: string
|
|
hidden: true
|
|
OctaviaAmphoraImageTag:
|
|
default: 'amphora-image'
|
|
description: Glance image tag for identifying the amphora image.
|
|
type: string
|
|
OctaviaAmphoraNetworkList:
|
|
default: []
|
|
description: List of networks to attach to amphorae.
|
|
type: comma_delimited_list
|
|
OctaviaAmphoraSshKeyName:
|
|
type: string
|
|
default: 'octavia-ssh-key'
|
|
description: SSH key name.
|
|
OctaviaLoadBalancerTopology:
|
|
default: ''
|
|
description: Load balancer topology configuration.
|
|
type: string
|
|
OctaviaFlavorId:
|
|
default: '65'
|
|
description: Nova flavor ID to be used when creating the nova flavor for
|
|
amphora.
|
|
type: string
|
|
OctaviaTimeoutClientData:
|
|
default: 50000
|
|
description: Frontend client inactivity timeout.
|
|
type: number
|
|
OctaviaTimeoutMemberConnect:
|
|
default: 5000
|
|
description: Backend member connection timeout.
|
|
type: number
|
|
OctaviaTimeoutMemberData:
|
|
default: 50000
|
|
description: Backend member inactivity timeout.
|
|
type: number
|
|
OctaviaTimeoutTcpInspect:
|
|
default: 0
|
|
description: Time to wait for TCP packets for content inspection.
|
|
type: number
|
|
|
|
parameter_groups:
|
|
- label: deprecated
|
|
description: |
|
|
The following parameters are deprecated and will be removed. They should not
|
|
be relied on for new deployments. If you have concerns regarding deprecated
|
|
parameters, please contact the TripleO development team on IRC or the
|
|
OpenStack mailing list.
|
|
parameters:
|
|
- RpcPort
|
|
- RpcUserName
|
|
- RpcPassword
|
|
- RpcUseSSL
|
|
|
|
conditions:
|
|
service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']}
|
|
octavia_ca_cert_unset: {equals: [{get_param: OctaviaCaCert}, '']}
|
|
octavia_ca_key_unset: {equals: [{get_param: OctaviaCaKey}, '']}
|
|
octavia_topology_unset: {equals : [{get_param: OctaviaLoadBalancerTopology}, ""]}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Base role data for Octavia services
|
|
value:
|
|
service_name: octavia_base
|
|
config_settings:
|
|
map_merge:
|
|
- octavia::logging::debug:
|
|
if:
|
|
- service_debug_unset
|
|
- {get_param: Debug }
|
|
- {get_param: OctaviaDebug }
|
|
octavia::purge_config: {get_param: EnableConfigPurge}
|
|
octavia::notification_driver: {get_param: NotificationDriver}
|
|
octavia::db::database_connection:
|
|
make_url:
|
|
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
|
|
username: {get_param: OctaviaUserName}
|
|
password: {get_param: OctaviaPassword}
|
|
host: {get_param: [EndpointMap, MysqlInternal, host]}
|
|
path: /octavia
|
|
query:
|
|
read_default_file: /etc/my.cnf.d/tripleo.cnf
|
|
read_default_group: tripleo
|
|
octavia::service_auth::auth_url: {get_param: [EndpointMap, KeystonePublic, uri]}
|
|
octavia::service_auth::auth_type: 'password'
|
|
octavia::service_auth::username: {get_param: OctaviaUserName}
|
|
octavia::service_auth::password: {get_param: OctaviaPassword}
|
|
octavia::service_auth::project_name: {get_param: OctaviaProjectName}
|
|
octavia::service_auth::project_domain_name: 'Default'
|
|
octavia::service_auth::user_domain_name: 'Default'
|
|
octavia::service_auth::auth_type: 'password'
|
|
octavia::certificates::ca_certificate: {get_param: OctaviaCaCertFile}
|
|
octavia::certificates::ca_private_key: {get_param: OctaviaCaKeyFile}
|
|
octavia::certificates::server_certs_key_passphrase: {get_param: OctaviaServerCertsKeyPassphrase}
|
|
octavia::certificates::ca_private_key_passphrase: {get_param: OctaviaCaKeyPassphrase}
|
|
octavia::controller::amp_boot_network_list: {get_param: OctaviaAmphoraNetworkList}
|
|
octavia::controller::amp_flavor_id: {get_param: OctaviaFlavorId}
|
|
octavia::controller::amp_image_tag: {get_param: OctaviaAmphoraImageTag}
|
|
octavia::controller::amp_ssh_key_name: {get_param: OctaviaAmphoraSshKeyName}
|
|
octavia::controller::enable_ssh_access: true
|
|
octavia::controller::timeout_client_data: {get_param: OctaviaTimeoutClientData}
|
|
octavia::controller::timeout_member_connect: {get_param: OctaviaTimeoutMemberConnect}
|
|
octavia::controller::timeout_member_data: {get_param: OctaviaTimeoutMemberData}
|
|
octavia::controller::timeout_tcp_inspect: {get_param: OctaviaTimeoutTcpInspect}
|
|
-
|
|
if:
|
|
- octavia_topology_unset
|
|
- {}
|
|
- octavia::controller::loadbalancer_topology: {get_param: OctaviaLoadBalancerTopology}
|
|
-
|
|
if:
|
|
- octavia_ca_cert_unset
|
|
- {}
|
|
- octavia::certificates::ca_certificate_data: {get_param: OctaviaCaCert}
|
|
-
|
|
if:
|
|
- octavia_ca_key_unset
|
|
- {}
|
|
- octavia::certificates::ca_private_key_data: {get_param: OctaviaCaKey}
|