tripleo-heat-templates/puppet/services/zaqar-api.yaml
Lukas Bezdicka 0cb5c847f3 Always evaluate step first in conditional
If we use variables defined in later step in conditional before
checking which step are we on we will fail.

Resolves: rhbz#1535457
Closes-Bug: #1743764
Change-Id: Ic21f6eb5c4101f230fa894cd0829a11e2f0ef39b
2018-02-09 17:12:29 +01:00

238 lines
9.5 KiB
YAML

heat_template_version: queens
description: >
Openstack Zaqar service. Shared for all Heat services.
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
Debug:
default: false
description: Set to True to enable debugging on all services.
type: boolean
ZaqarDebug:
default: ''
description: Set to True to enable debugging Zaqar service.
type: string
constraints:
- allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE']
ZaqarPassword:
description: The password for Zaqar
type: string
hidden: true
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
ZaqarPolicies:
description: |
A hash of policies to configure for Zaqar.
e.g. { zaqar-context_is_admin: { key: context_is_admin, value: 'role:admin' } }
default: {}
type: json
ZaqarWorkers:
type: string
description: Set the number of workers for zaqar::wsgi::apache
default: '%{::os_workers}'
ZaqarMessageStore:
type: string
description: The messaging store for Zaqar
default: mongodb
ZaqarManagementStore:
type: string
description: The management store for Zaqar
default: mongodb
EnableInternalTLS:
type: boolean
default: false
RedisPassword:
description: The password for the redis service account.
type: string
hidden: true
conditions:
zaqar_workers_zero: {equals : [{get_param: ZaqarWorkers}, 0]}
service_debug_unset: {equals : [{get_param: ZaqarDebug}, '']}
zaqar_messaging_store_swift: {equals : [{get_param: ZaqarMessageStore}, 'swift']}
zaqar_messaging_store_redis: {equals : [{get_param: ZaqarMessageStore}, 'redis']}
zaqar_management_store_sqlalchemy: {equals : [{get_param: ZaqarManagementStore}, 'sqlalchemy']}
resources:
ApacheServiceBase:
type: ./apache.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
EnableInternalTLS: {get_param: EnableInternalTLS}
outputs:
role_data:
description: Shared role data for the Zaqar services.
value:
service_name: zaqar_api
config_settings:
map_merge:
- get_attr: [ApacheServiceBase, role_data, config_settings]
- zaqar::policy::policies: {get_param: ZaqarPolicies}
zaqar::keystone::authtoken::password: {get_param: ZaqarPassword}
zaqar::keystone::authtoken::project_name: 'service'
zaqar::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
zaqar::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
zaqar::keystone::trust::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
zaqar::debug:
if:
- service_debug_unset
- {get_param: Debug }
- {get_param: ZaqarDebug }
zaqar::server::service_name: 'httpd'
zaqar::transport::websocket::bind: {get_param: [EndpointMap, ZaqarInternal, host]}
zaqar::transport::websocket::notification_bind: {get_param: [EndpointMap, ZaqarInternal, host]}
zaqar::wsgi::apache::ssl: {get_param: EnableInternalTLS}
zaqar::wsgi::apache::bind_host: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
zaqar::message_pipeline: 'zaqar.notification.notifier'
zaqar::unreliable: true
zaqar::wsgi::apache::servername:
str_replace:
template:
"%{hiera('fqdn_$NETWORK')}"
params:
$NETWORK: {get_param: [ServiceNetMap, ZaqarApiNetwork]}
zaqar::message_store: {get_param: ZaqarMessageStore}
zaqar::management_store: {get_param: ZaqarManagementStore}
-
if:
- zaqar_messaging_store_swift
-
zaqar::messaging::swift::uri:
list_join:
- ''
- ['swift://zaqar:', {get_param: ZaqarPassword}, '@/service']
zaqar::messaging::swift::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
tripleo::profile::base::zaqar::messaging_store: 'swift'
- {}
-
if:
- zaqar_messaging_store_redis
-
zaqar_redis_password: {get_param: RedisPassword}
tripleo::profile::base::zaqar::messaging_store: 'redis'
- {}
-
if:
- zaqar_management_store_sqlalchemy
-
tripleo::profile::base::zaqar::management_store: 'sqlalchemy'
zaqar::management::sqlalchemy::uri:
make_url:
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
username: zaqar
password: {get_param: ZaqarPassword}
host: {get_param: [EndpointMap, MysqlInternal, host]}
path: /zaqar
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
- {}
-
if:
- zaqar_workers_zero
- {}
- zaqar::wsgi::apache::workers: {get_param: ZaqarWorkers}
service_config_settings:
map_merge:
- keystone:
zaqar::keystone::auth::password: {get_param: ZaqarPassword}
zaqar::keystone::auth::public_url: {get_param: [EndpointMap, ZaqarPublic, uri]}
zaqar::keystone::auth::admin_url: {get_param: [EndpointMap, ZaqarAdmin, uri]}
zaqar::keystone::auth::internal_url: {get_param: [EndpointMap, ZaqarInternal, uri]}
zaqar::keystone::auth::region: {get_param: KeystoneRegion}
zaqar::keystone::auth::tenant: 'service'
zaqar::keystone::auth_websocket::password: {get_param: ZaqarPassword}
zaqar::keystone::auth_websocket::public_url: {get_param: [EndpointMap, ZaqarWebSocketPublic, uri]}
zaqar::keystone::auth_websocket::admin_url: {get_param: [EndpointMap, ZaqarWebSocketAdmin, uri]}
zaqar::keystone::auth_websocket::internal_url: {get_param: [EndpointMap, ZaqarWebSocketInternal, uri]}
zaqar::keystone::auth_websocket::region: {get_param: KeystoneRegion}
zaqar::keystone::auth_websocket::tenant: 'service'
zaqar::keystone::trust::password: {get_param: ZaqarPassword}
zaqar::keystone::trust::user_domain_name: 'Default'
-
if:
- zaqar_management_store_sqlalchemy
- mysql:
zaqar::db::mysql::user: zaqar
zaqar::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
zaqar::db::mysql::dbname: zaqar
zaqar::db::mysql::password: {get_param: ZaqarPassword}
zaqar::db::mysql::allowed_hosts:
- '%'
- "%{hiera('mysql_bind_host')}"
- {}
step_config: |
include ::tripleo::profile::base::zaqar
metadata_settings:
get_attr: [ApacheServiceBase, role_data, metadata_settings]
upgrade_tasks:
list_concat:
- get_attr: [ApacheServiceBase, role_data, upgrade_tasks]
-
- name: Check if zaqar is deployed
command: systemctl is-enabled openstack-zaqar
tags: common
ignore_errors: True
register: zaqar_enabled
- name: "PreUpgrade step0,validation: Check if openstack-zaqar is running"
shell: >
/usr/bin/systemctl show 'openstack-zaqar' --property ActiveState |
grep '\bactive\b'
when:
- step|int == 0
- zaqar_enabled.rc == 0
tags: validation
- name: Check for zaqar running under apache (post upgrade)
when: step|int == 1
shell: "httpd -t -D DUMP_VHOSTS | grep -q zaqar_wsgi"
register: zaqar_apache
ignore_errors: true
- name: Stop zaqar service (running under httpd)
service: name=httpd state=stopped
when:
- step|int == 1
- zaqar_apache.rc == 0
- name: Stop and disable zaqar service (pre-upgrade not under httpd)
when:
- step|int == 1
- zaqar_enabled.rc == 0
service: name=openstack-zaqar state=stopped enabled=no
- name: Install openstack-zaqar package if it was disabled
yum: name=openstack-zaqar state=latest
when:
- step|int == 3
- zaqar_enabled.rc != 0