c9991c2e31
With I57047682cfa82ba6ca4affff54fab5216e9ba51c Heat has added a new template version for wallaby. This would allow us to use 2-argument variant of the ``if`` function that would allow for e.g. conditional definition of resource properties and help cleanup templates. If only two arguments are passed to ``if`` function, the entire enclosing item is removed when the condition is false. Change-Id: I25f981b60c6a66b39919adc38c02a051b6c51269
103 lines
3.4 KiB
YAML
103 lines
3.4 KiB
YAML
heat_template_version: wallaby
|
|
|
|
description: >
|
|
SNMP client configured with Puppet, to facilitate Ceilometer Hardware
|
|
monitoring in the undercloud. This service is required to enable hardware
|
|
monitoring.
|
|
|
|
parameters:
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
SnmpdReadonlyUserName:
|
|
default: ro_snmp_user
|
|
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
|
|
type: string
|
|
SnmpdReadonlyUserPassword:
|
|
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
|
|
type: string
|
|
hidden: true
|
|
SnmpdBindHost:
|
|
description: An array of bind host addresses on which SNMP daemon will listen.
|
|
type: comma_delimited_list
|
|
default: ['udp:161','udp6:[::1]:161']
|
|
SnmpdOptions:
|
|
description: A string containing the commandline options passed to snmpd
|
|
type: string
|
|
default: '-LS0-5d'
|
|
SnmpdIpSubnet:
|
|
default: ''
|
|
description: IP address/subnet on the snmpd network. If empty (default), SnmpdNetwork
|
|
will be taken.
|
|
type: string
|
|
conditions:
|
|
snmpd_network_unset: {equals : [{get_param: SnmpdIpSubnet}, '']}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the SNMP services
|
|
value:
|
|
service_name: snmp
|
|
firewall_rules:
|
|
if:
|
|
- snmpd_network_unset
|
|
- map_merge:
|
|
repeat:
|
|
for_each:
|
|
<%net_cidr%>:
|
|
get_param:
|
|
- ServiceData
|
|
- net_cidr_map
|
|
- {get_param: [ServiceNetMap, SnmpdNetwork]}
|
|
template:
|
|
'124 snmp <%net_cidr%>':
|
|
dport: 161
|
|
proto: 'udp'
|
|
source: <%net_cidr%>
|
|
- '124 snmp':
|
|
dport: 161
|
|
proto: 'udp'
|
|
source: {get_param: SnmpdIpSubnet}
|
|
config_settings:
|
|
tripleo::profile::base::snmp::snmpd_user: {get_param: SnmpdReadonlyUserName}
|
|
tripleo::profile::base::snmp::snmpd_password: {get_param: SnmpdReadonlyUserPassword}
|
|
snmp::agentaddress: {get_param: SnmpdBindHost}
|
|
snmp::snmpd_options: {get_param: SnmpdOptions}
|
|
step_config: |
|
|
include tripleo::profile::base::snmp
|
|
upgrade_tasks:
|
|
- when: step|int == 0
|
|
block:
|
|
- name: Check if snmpd is enabled
|
|
command: systemctl is-enabled --quiet snmpd
|
|
failed_when: false
|
|
register: snmpd_enabled_result
|
|
- name: Set fact snmpd_enabled
|
|
set_fact:
|
|
snmpd_enabled: "{{ snmpd_enabled_result.rc == 0 }}"
|
|
- name: Stop snmp service
|
|
when:
|
|
- step|int == 1
|
|
- snmpd_enabled|bool
|
|
service: name=snmpd state=stopped
|