89fde273ea
This change introduces a single parameter, MemcacheUseAdvancedPool, to enable usage of advanced connection pool in keystone middleware. This is useful to avoid bursting connection to memcached. Note that the default value of memcached_use_advanced_pool was changed from false to true during Xena cycle[1], so this parameter is no longer required in master. However the change in keystonemiddleware will never be backported. This change is created so that we can switch to advanced pool even in older releases. [1] https://review.opendev.org/c/openstack/keystonemiddleware/+/773939 (To Victoria) Conflicts: deployment/aodh/aodh-api-container-puppet.yaml deployment/glance/glance-api-container-puppet.yaml deployment/gnocchi/gnocchi-api-container-puppet.yaml deployment/manila/manila-api-container-puppet.yaml deployment/nova/nova-api-container-puppet.yaml Closes-Bug: #1931047 Change-Id: I2887249af44ccfdae1592dd9120d3366fa059876 (cherry picked from commit09bcacd25a
) (cherry picked from commit9a89b9add6
)
218 lines
8.5 KiB
YAML
218 lines
8.5 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
Openstack Heat base service. Shared for all Heat services.
|
|
|
|
parameters:
|
|
Debug:
|
|
default: false
|
|
description: Set to True to enable debugging on all services.
|
|
type: boolean
|
|
HeatDebug:
|
|
default: ''
|
|
description: Set to True to enable debugging Heat services.
|
|
type: string
|
|
constraints:
|
|
- allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE']
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
HeatPassword:
|
|
description: The password for the Heat service and db account, used by the Heat services.
|
|
type: string
|
|
hidden: true
|
|
KeystoneRegion:
|
|
type: string
|
|
default: 'regionOne'
|
|
description: Keystone region for endpoint
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
EnableCache:
|
|
description: Enable caching with memcached
|
|
type: boolean
|
|
default: true
|
|
HeatCronPurgeDeletedEnsure:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Ensure
|
|
default: 'present'
|
|
HeatCronPurgeDeletedMinute:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Minute
|
|
default: '1'
|
|
HeatCronPurgeDeletedHour:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Hour
|
|
default: '0'
|
|
HeatCronPurgeDeletedMonthday:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Month Day
|
|
default: '*'
|
|
HeatCronPurgeDeletedMonth:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Month
|
|
default: '*'
|
|
HeatCronPurgeDeletedWeekday:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Week Day
|
|
default: '*'
|
|
HeatCronPurgeDeletedMaxDelay:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Max Delay
|
|
default: '3600'
|
|
HeatCronPurgeDeletedUser:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - User
|
|
default: 'heat'
|
|
HeatCronPurgeDeletedAge:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Age
|
|
default: '30'
|
|
HeatCronPurgeDeletedAgeType:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Age type
|
|
default: 'days'
|
|
HeatCronPurgeDeletedDestination:
|
|
type: string
|
|
description: >
|
|
Cron to purge db entries marked as deleted and older than $age - Log destination
|
|
default: '/dev/null'
|
|
HeatYaqlLimitIterators:
|
|
type: number
|
|
description: >
|
|
The maximum number of elements in collection yaql expressions can take
|
|
for its evaluation.
|
|
default: 1000
|
|
HeatYaqlMemoryQuota:
|
|
type: number
|
|
description: >
|
|
The maximum size of memory in bytes that yaql exrpessions can take for
|
|
its evaluation.
|
|
default: 100000
|
|
HeatMaxJsonBodySize:
|
|
default: 4194304
|
|
description: Maximum raw byte size of the Heat API JSON request body.
|
|
type: number
|
|
NotificationDriver:
|
|
type: string
|
|
default: 'noop'
|
|
description: Driver or drivers to handle sending notifications.
|
|
HeatCorsAllowedOrigin:
|
|
type: string
|
|
default: ''
|
|
description: Indicate whether this resource may be shared with the domain received in the request
|
|
"origin" header.
|
|
MemcachedTLS:
|
|
default: false
|
|
description: Set to True to enable TLS on Memcached service.
|
|
Because not all services support Memcached TLS, during the
|
|
migration period, Memcached will listen on 2 ports - on the
|
|
port set with MemcachedPort parameter (above) and on 11211,
|
|
without TLS.
|
|
type: boolean
|
|
MemcacheUseAdvancedPool:
|
|
type: boolean
|
|
description: |
|
|
Use the advanced (eventlet safe) memcached client pool.
|
|
default: true
|
|
|
|
conditions:
|
|
service_debug_unset: {equals : [{get_param: HeatDebug}, '']}
|
|
tls_cache_enabled:
|
|
and:
|
|
- {get_param: EnableCache}
|
|
- {get_param: MemcachedTLS}
|
|
cors_allowed_origin_unset: {equals : [{get_param: HeatCorsAllowedOrigin}, '']}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Shared role data for the Heat services.
|
|
value:
|
|
service_name: heat_base
|
|
config_settings:
|
|
map_merge:
|
|
-
|
|
if:
|
|
- cors_allowed_origin_unset
|
|
- {}
|
|
- heat::cors::allowed_origin: {get_param: HeatCorsAllowedOrigin}
|
|
- heat::notification_driver: {get_param: NotificationDriver}
|
|
heat::logging::debug:
|
|
if:
|
|
- service_debug_unset
|
|
- {get_param: Debug }
|
|
- {get_param: HeatDebug }
|
|
heat::enable_proxy_headers_parsing: true
|
|
heat::rpc_response_timeout: 600
|
|
heat::rabbit_heartbeat_timeout_threshold: 60
|
|
heat::region_name: {get_param: KeystoneRegion}
|
|
heat::keystone::authtoken::project_name: 'service'
|
|
heat::keystone::authtoken::user_domain_name: 'Default'
|
|
heat::keystone::authtoken::project_domain_name: 'Default'
|
|
heat::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
|
|
heat::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
|
|
heat::keystone::authtoken::password: {get_param: HeatPassword}
|
|
heat::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
|
heat::keystone::authtoken::interface: 'internal'
|
|
heat::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
|
heat::keystone::domain::domain_name: 'heat_stack'
|
|
heat::keystone::domain::domain_admin: 'heat_stack_domain_admin'
|
|
heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost'
|
|
heat::db::database_db_max_retries: -1
|
|
heat::db::database_max_retries: -1
|
|
heat::yaql_memory_quota: {get_param: HeatYaqlMemoryQuota}
|
|
heat::yaql_limit_iterators: {get_param: HeatYaqlLimitIterators}
|
|
heat::cors::max_age: 3600
|
|
heat::cors::allow_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma,X-Auth-Token'
|
|
heat::cors::expose_headers: 'Content-Type,Cache-Control,Content-Language,Expires,Last-Modified,Pragma'
|
|
heat::cron::purge_deleted::ensure: {get_param: HeatCronPurgeDeletedEnsure}
|
|
heat::cron::purge_deleted::minute: {get_param: HeatCronPurgeDeletedMinute}
|
|
heat::cron::purge_deleted::hour: {get_param: HeatCronPurgeDeletedHour}
|
|
heat::cron::purge_deleted::monthday: {get_param: HeatCronPurgeDeletedMonthday}
|
|
heat::cron::purge_deleted::month: {get_param: HeatCronPurgeDeletedMonth}
|
|
heat::cron::purge_deleted::weekday: {get_param: HeatCronPurgeDeletedWeekday}
|
|
heat::cron::purge_deleted::maxdelay: {get_param: HeatCronPurgeDeletedMaxDelay}
|
|
heat::cron::purge_deleted::user: {get_param: HeatCronPurgeDeletedUser}
|
|
heat::cron::purge_deleted::age: {get_param: HeatCronPurgeDeletedAge}
|
|
heat::cron::purge_deleted::age_type: {get_param: HeatCronPurgeDeletedAgeType}
|
|
heat::cron::purge_deleted::destination: {get_param: HeatCronPurgeDeletedDestination}
|
|
heat::max_json_body_size: {get_param: HeatMaxJsonBodySize}
|
|
-
|
|
heat::cache::enabled: {get_param: EnableCache}
|
|
heat::cache::tls_enabled: {get_param: MemcachedTLS}
|
|
heat::cache::resource_finder_caching: false
|
|
if:
|
|
- tls_cache_enabled
|
|
- heat::cache::backend: 'dogpile.cache.pymemcache'
|
|
- heat::cache::backend: 'dogpile.cache.memcached'
|