9104980524
This is required for a containerized undercloud to perform workflow driven container image prepare during overcloud deployment. This moves the MistralDockerGroup parameter out of mistral-base since this is only required for the executor. Further changes will be needed to puppet-tripleo to use 'group' and 'user' instead of ensure_resource, and also to ensure that the created docker group inside the executor container has the same gid as the docker group on the host, but these can depend on this change for testing. Change-Id: I429c72c0334a177d1ec37c3d9c13b7ba983de734 Blueprint: container-prepare-workflow
136 lines
4.9 KiB
YAML
136 lines
4.9 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
Openstack Mistral base service. Shared for all Mistral services.
|
|
|
|
parameters:
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
|
|
Debug:
|
|
default: false
|
|
description: Set to True to enable debugging on all services.
|
|
type: boolean
|
|
MistralDebug:
|
|
default: ''
|
|
description: Set to True to enable debugging Mistral services.
|
|
type: string
|
|
constraints:
|
|
- allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE']
|
|
MistralPassword:
|
|
description: The password for the Mistral service and db account, used by the Mistral services.
|
|
type: string
|
|
hidden: true
|
|
KeystoneRegion:
|
|
type: string
|
|
default: 'regionOne'
|
|
description: Keystone region for endpoint
|
|
NotificationDriver:
|
|
type: string
|
|
default: 'messagingv2'
|
|
description: Driver or drivers to handle sending notifications.
|
|
constraints:
|
|
- allowed_values: [ 'messagingv2', 'noop' ]
|
|
RpcPort:
|
|
default: 5672
|
|
description: The network port for messaging backend
|
|
type: number
|
|
RpcUserName:
|
|
default: guest
|
|
description: The username for messaging backend
|
|
type: string
|
|
RpcPassword:
|
|
description: The password for messaging backend
|
|
type: string
|
|
hidden: true
|
|
RpcUseSSL:
|
|
default: false
|
|
description: >
|
|
Messaging client subscriber parameter to specify
|
|
an SSL connection to the messaging host.
|
|
type: string
|
|
|
|
conditions:
|
|
service_debug_unset: {equals : [{get_param: MistralDebug}, '']}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Shared role data for the Mistral services.
|
|
value:
|
|
service_name: mistral_base
|
|
config_settings:
|
|
mistral::database_connection:
|
|
make_url:
|
|
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
|
|
username: mistral
|
|
password: {get_param: MistralPassword}
|
|
host: {get_param: [EndpointMap, MysqlInternal, host]}
|
|
path: /mistral
|
|
query:
|
|
read_default_file: /etc/my.cnf.d/tripleo.cnf
|
|
read_default_group: tripleo
|
|
mistral::notification_driver: {get_param: NotificationDriver}
|
|
# TODO(ansmith): remove once p-t-o switches to oslo params
|
|
mistral::rabbit_userid: {get_param: RpcUserName}
|
|
mistral::rabbit_password: {get_param: RpcPassword}
|
|
mistral::rabbit_use_ssl: {get_param: RpcUseSSL}
|
|
mistral::rabbit_port: {get_param: RpcPort}
|
|
mistral::debug:
|
|
if:
|
|
- service_debug_unset
|
|
- {get_param: Debug }
|
|
- {get_param: MistralDebug }
|
|
mistral::rpc_response_timeout: 120
|
|
mistral::keystone::authtoken::project_name: 'service'
|
|
mistral::keystone::authtoken::user_domain_name: 'Default'
|
|
mistral::keystone::authtoken::project_domain_name: 'Default'
|
|
mistral::keystone::authtoken::password: {get_param: MistralPassword}
|
|
mistral::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneV3Internal, uri]}
|
|
mistral::keystone::authtoken::auth_uri: {get_param: [EndpointMap, KeystoneV3Internal, uri]}
|
|
mistral::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
|
mistral::keystone_ec2_uri:
|
|
list_join:
|
|
- ''
|
|
- - {get_param: [EndpointMap, KeystoneV3Internal, uri]}
|
|
- '/ec2tokens'
|
|
service_config_settings:
|
|
keystone:
|
|
mistral::keystone::auth::tenant: 'service'
|
|
mistral::keystone::auth::public_url: {get_param: [EndpointMap, MistralPublic, uri]}
|
|
mistral::keystone::auth::internal_url: {get_param: [EndpointMap, MistralInternal, uri]}
|
|
mistral::keystone::auth::admin_url: {get_param: [EndpointMap, MistralAdmin, uri]}
|
|
mistral::keystone::auth::password: {get_param: MistralPassword}
|
|
mistral::keystone::auth::region: {get_param: KeystoneRegion}
|
|
mysql:
|
|
mistral::db::mysql::user: mistral
|
|
mistral::db::mysql::host: {get_param: [EndpointMap, MysqlInternal, host_nobrackets]}
|
|
mistral::db::mysql::dbname: mistral
|
|
mistral::db::mysql::password: {get_param: MistralPassword}
|
|
mistral::db::mysql::allowed_hosts:
|
|
- '%'
|
|
- "%{hiera('mysql_bind_host')}"
|