openstack/tripleo-heat-templates
Code Issues Proposed changes
44d1e2ddd6
tripleo-heat-templates/deployment/cephadm/ceph-grafana.yaml
Francesco Pantano 4b01172be2 Add cephadm deployment and environments branch 
During the overcloud deployment phase, some operations should still be
performed on the provisioned Ceph cluster.
When Ceph is TripleO deployed, cephadm doesn't provide any firewall
configuration (–-skip-firewalld is provided), as well as any HA
configuration for the Ceph Dashboard.
This change introduces a new cephadm/ branch containing all the services
that should be configured in the TripleO context.

Co-Authored-By: Giulio Fidente <gfidente@redhat.com>
Co-Authored-By: John Fulton <fulton@redhat.com>

Depends-On: I35e57abddc64310a6422174fe191bd328588d7cd
Change-Id: Ie9537471924d1d60f7642699e58e734511b91a2b
2021-03-13 07:41:31 +00:00

196 lines
6.6 KiB
YAML
Raw Blame History

heat_template_version: rocky
description: >
Ceph Grafana service.
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
CephGrafanaAdminUser:
default: 'admin'
description: Admin user for grafana component
type: string
CephGrafanaAdminPassword:
description: Admin password for grafana component
type: string
hidden: true
GrafanaPlugins:
default: ['vonage-status-panel', 'grafana-piechart-panel']
type: comma_delimited_list
description: >
List of plugins to enable on the grafana container
GrafanaContainerImage:
description: Grafana container image
type: string
GrafanaDashboardsPath:
default: ''
description: ceph dashboards templates built for grafana
type: string
GrafanaDashboardPort:
type: number
default: 3100
description: Parameter that defines the ceph grafana port.
GrafanaDataSource:
default: 'Dashboard'
description: Grafana datasource
type: string
PrometheusContainerImage:
description: Ceph Prometheus container image
type: string
AlertManagerContainerImage:
description: Ceph AlertManager container image
type: string
NodeExporterContainerImage:
description: Ceph NodeExporter container image
default: ''
type: string
EnableInternalTLS:
type: boolean
default: false
CertificateKeySize:
type: string
default: '2048'
description: Specifies the private key size used when creating the
certificate.
GrafanaCertificateKeySize:
type: string
default: ''
description: Override the private key size used when creating the
certificate for this service
conditions:
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
key_size_override_unset: {equals: [{get_param: GrafanaCertificateKeySize}, '']}
resources:
CephBase:
type: ./ceph-base.yaml
properties:
ServiceData: {get_param: ServiceData}
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
RoleName: {get_param: RoleName}
RoleParameters: {get_param: RoleParameters}
CephGrafanaAnsibleVars:
type: OS::Heat::Value
properties:
type: json
value:
vars:
tripleo_cephadm_grafana_admin_user: {get_param: CephGrafanaAdminUser}
tripleo_cephadm_grafana_admin_password: {get_param: CephGrafanaAdminPassword}
tripleo_cephadm_grafana_container_image: {get_param: GrafanaContainerImage}
tripleo_cephadm_grafana_dashboards_path: {get_param: GrafanaDashboardsPath}
tripleo_cephadm_grafana_datasource: {get_param: GrafanaDataSource}
tripleo_cephadm_grafana_plugins: {get_param: GrafanaPlugins}
tripleo_cephadm_grafana_port: {get_param: GrafanaDashboardPort}
tripleo_cephadm_prometheus_container_image: {get_param: PrometheusContainerImage}
tripleo_cephadm_node_exporter_container_image: {get_param: NodeExporterContainerImage}
tripleo_cephadm_prometheus_port: 9092
tripleo_cephadm_alertmanager_container_image: {get_param: AlertManagerContainerImage}
outputs:
role_data:
description: Role data for the Ceph Dashboard service.
value:
service_name: ceph_grafana
firewall_rules:
'123 ceph_dashboard':
dport:
- {get_param: GrafanaDashboardPort}
- 9090
- 9092
- 9093
- 9094
- 9100
- 9283
upgrade_tasks: []
puppet_config:
config_image: ''
config_volume: ''
step_config: ''
docker_config: {}
external_deploy_tasks:
list_concat:
- {get_attr: [CephBase, role_data, external_deploy_tasks]}
- - name: ceph_dashboard_external_deploy_init
when: step == '1'
tags:
- ceph
block:
- name: set tripleo-ansible group vars
set_fact:
ceph_monitoring_stack:
if:
- internal_tls_enabled
- yaql:
data:
default:
map_merge:
- {get_attr: [CephGrafanaAnsibleVars, value, vars]}
certmap:
tripleo_cephadm_grafana_crt: '/etc/pki/tls/certs/ceph_grafana.crt'
tripleo_cephadm_grafana_key: '/etc/pki/tls/private/ceph_grafana.key'
expression: $.data.default.mergeWith($.data.certmap)
- {get_attr: [CephGrafanaAnsibleVars, value, vars]}
config_settings:
map_merge:
- if:
- internal_tls_enabled
-
generate_service_certificates: true
ceph_grafana_certificate_specs:
service_certificate: '/etc/pki/tls/certs/ceph_grafana.crt'
service_key: '/etc/pki/tls/private/ceph_grafana.key'
hostname:
str_replace:
template: "%{hiera('fqdn_NETWORK')}"
params:
NETWORK: {get_param: [ServiceNetMap, CephGrafanaNetwork]}
principal:
str_replace:
template: "ceph_grafana/%{hiera('fqdn_NETWORK')}"
params:
NETWORK: {get_param: [ServiceNetMap, CephGrafanaNetwork]}
postsave_cmd: "/usr/bin/certmonger-grafana-refresh.sh"
key_size:
if:
- key_size_override_unset
- {get_param: CertificateKeySize}
- {get_param: GrafanaCertificateKeySize}
- {}
metadata_settings:
if:
- internal_tls_enabled
-
- service: ceph_grafana
network: {get_param: [ServiceNetMap, CephGrafanaNetwork]}
type: node
- null
View Git Blame Copy Permalink