3002edc90a
It is quite common in large entreprises that direct HTTP/HTTPS to the outside world is denied from nodes/systems but reaching out through a proxy is allowed. This change adds support for an HTTP proxy when RHEL overcloud nodes reach out to either the RHSM portal or to a satellite server. This allows the overcloud nodes to download updates even in locked-down environments. The following variables are settable through templates: rhel_reg_http_proxy_host: rhel_reg_http_proxy_port: rhel_reg_http_proxy_username: rhel_reg_http_proxy_password: Note the following restrictions: - If setting rhel_reg_http_proxy_host, then rhel_reg_http_proxy_port cannot be empty. - If setting rhel_reg_http_proxy_port, then rhel_reg_http_proxy_host cannot be empty. - If setting rhel_reg_http_proxy_username, then rhel_reg_http_proxy_password cannot be empty. - If setting rhel_reg_http_proxy_password, then rhel_reg_http_proxy_username cannot be empty. - If setting either rhel_reg_http_proxy_username or rhel_reg_http_proxy_password, then rhel_reg_http_proxy_host AND rhel_reg_http_proxy_port cannot be empty Change-Id: I003ad5449bd99c01376781ec0ce9074eca3e2704
142 lines
4.2 KiB
YAML
142 lines
4.2 KiB
YAML
heat_template_version: ocata
|
|
|
|
description: >
|
|
RHEL Registration and unregistration software deployments.
|
|
|
|
# Note extra parameters can be defined, then passed data via the
|
|
# environment parameter_defaults, without modifying the parent template
|
|
parameters:
|
|
server:
|
|
type: string
|
|
# To be defined via a local or global environment in parameter_defaults
|
|
rhel_reg_activation_key:
|
|
type: string
|
|
rhel_reg_auto_attach:
|
|
type: string
|
|
rhel_reg_base_url:
|
|
type: string
|
|
rhel_reg_environment:
|
|
type: string
|
|
rhel_reg_force:
|
|
type: string
|
|
rhel_reg_machine_name:
|
|
type: string
|
|
rhel_reg_org:
|
|
type: string
|
|
rhel_reg_password:
|
|
type: string
|
|
rhel_reg_pool_id:
|
|
type: string
|
|
rhel_reg_release:
|
|
type: string
|
|
rhel_reg_repos:
|
|
type: string
|
|
rhel_reg_sat_url:
|
|
type: string
|
|
rhel_reg_server_url:
|
|
type: string
|
|
rhel_reg_service_level:
|
|
type: string
|
|
rhel_reg_user:
|
|
type: string
|
|
rhel_reg_type:
|
|
type: string
|
|
rhel_reg_method:
|
|
type: string
|
|
rhel_reg_sat_repo:
|
|
type: string
|
|
rhel_reg_http_proxy_host:
|
|
type: string
|
|
rhel_reg_http_proxy_port:
|
|
type: string
|
|
rhel_reg_http_proxy_username:
|
|
type: string
|
|
rhel_reg_http_proxy_password:
|
|
type: string
|
|
|
|
resources:
|
|
|
|
RHELRegistration:
|
|
type: OS::Heat::SoftwareConfig
|
|
properties:
|
|
group: script
|
|
inputs:
|
|
- name: REG_ACTIVATION_KEY
|
|
- name: REG_AUTO_ATTACH
|
|
- name: REG_BASE_URL
|
|
- name: REG_ENVIRONMENT
|
|
- name: REG_FORCE
|
|
- name: REG_MACHINE_NAME
|
|
- name: REG_ORG
|
|
- name: REG_PASSWORD
|
|
- name: REG_POOL_ID
|
|
- name: REG_RELEASE
|
|
- name: REG_REPOS
|
|
- name: REG_SAT_URL
|
|
- name: REG_SERVER_URL
|
|
- name: REG_SERVICE_LEVEL
|
|
- name: REG_USER
|
|
- name: REG_TYPE
|
|
- name: REG_METHOD
|
|
- name: REG_SAT_REPO
|
|
- name: REG_HTTP_PROXY_HOST
|
|
- name: REG_HTTP_PROXY_PORT
|
|
- name: REG_HTTP_PROXY_USERNAME
|
|
- name: REG_HTTP_PROXY_PASSWORD
|
|
config: {get_file: scripts/rhel-registration}
|
|
|
|
RHELRegistrationDeployment:
|
|
type: OS::Heat::SoftwareDeployment
|
|
properties:
|
|
name: RHELRegistrationDeployment
|
|
server: {get_param: server}
|
|
config: {get_resource: RHELRegistration}
|
|
actions: ['CREATE'] # Only do this on CREATE
|
|
input_values:
|
|
REG_ACTIVATION_KEY: {get_param: rhel_reg_activation_key}
|
|
REG_AUTO_ATTACH: {get_param: rhel_reg_auto_attach}
|
|
REG_BASE_URL: {get_param: rhel_reg_base_url}
|
|
REG_ENVIRONMENT: {get_param: rhel_reg_environment}
|
|
REG_FORCE: {get_param: rhel_reg_force}
|
|
REG_MACHINE_NAME: {get_param: rhel_reg_machine_name}
|
|
REG_ORG: {get_param: rhel_reg_org}
|
|
REG_PASSWORD: {get_param: rhel_reg_password}
|
|
REG_POOL_ID: {get_param: rhel_reg_pool_id}
|
|
REG_RELEASE: {get_param: rhel_reg_release}
|
|
REG_REPOS: {get_param: rhel_reg_repos}
|
|
REG_SAT_URL: {get_param: rhel_reg_sat_url}
|
|
REG_SERVER_URL: {get_param: rhel_reg_server_url}
|
|
REG_SERVICE_LEVEL: {get_param: rhel_reg_service_level}
|
|
REG_USER: {get_param: rhel_reg_user}
|
|
REG_TYPE: {get_param: rhel_reg_type}
|
|
REG_METHOD: {get_param: rhel_reg_method}
|
|
REG_SAT_REPO: {get_param: rhel_reg_sat_repo}
|
|
REG_HTTP_PROXY_HOST: {get_param: rhel_reg_http_proxy_host}
|
|
REG_HTTP_PROXY_PORT: {get_param: rhel_reg_http_proxy_port}
|
|
REG_HTTP_PROXY_USERNAME: {get_param: rhel_reg_http_proxy_username}
|
|
REG_HTTP_PROXY_PASSWORD: {get_param: rhel_reg_http_proxy_password}
|
|
|
|
RHELUnregistration:
|
|
type: OS::Heat::SoftwareConfig
|
|
properties:
|
|
group: script
|
|
config: {get_file: scripts/rhel-unregistration}
|
|
inputs:
|
|
- name: REG_METHOD
|
|
|
|
RHELUnregistrationDeployment:
|
|
type: OS::Heat::SoftwareDeployment
|
|
properties:
|
|
name: RHELUnregistrationDeployment
|
|
server: {get_param: server}
|
|
config: {get_resource: RHELUnregistration}
|
|
actions: ['DELETE'] # Only do this on DELETE
|
|
input_values:
|
|
REG_METHOD: {get_param: rhel_reg_method}
|
|
|
|
outputs:
|
|
deploy_stdout:
|
|
description: Deployment reference, used to trigger puppet apply on changes
|
|
value: {get_attr: [RHELRegistrationDeployment, deploy_stdout]}
|
|
|