fb0e8f62fc
With the upgrade to puppet 5, we can no longer use dots in the hieradata key lookups. This change updates the THT for firewall_rules, haproxy_endpoints and haproxy_userlists to use the colon notation. Change-Id: I6f67153e04aed191acb715fe8cfa976ee2e75878 Related-Bug: #1803024
89 lines
2.9 KiB
YAML
89 lines
2.9 KiB
YAML
heat_template_version: rocky
|
|
|
|
description: >
|
|
SNMP client configured with Puppet, to facilitate Ceilometer Hardware
|
|
monitoring in the undercloud. This service is required to enable hardware
|
|
monitoring.
|
|
|
|
parameters:
|
|
ServiceData:
|
|
default: {}
|
|
description: Dictionary packing service data
|
|
type: json
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry. This
|
|
mapping overrides those in ServiceNetMapDefaults.
|
|
type: json
|
|
DefaultPasswords:
|
|
default: {}
|
|
type: json
|
|
RoleName:
|
|
default: ''
|
|
description: Role name on which the service is applied
|
|
type: string
|
|
RoleParameters:
|
|
default: {}
|
|
description: Parameters specific to the role
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
SnmpdReadonlyUserName:
|
|
default: ro_snmp_user
|
|
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
|
|
type: string
|
|
SnmpdReadonlyUserPassword:
|
|
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
|
|
type: string
|
|
hidden: true
|
|
SnmpdBindHost:
|
|
description: An array of bind host addresses on which SNMP daemon will listen.
|
|
type: comma_delimited_list
|
|
default: ['udp:161','udp6:[::1]:161']
|
|
SnmpdOptions:
|
|
description: A string containing the commandline options passed to snmpd
|
|
type: string
|
|
default: '-LS0-5d'
|
|
SnmpdIpSubnet:
|
|
default: ''
|
|
description: IP address/subnet on the snmpd network. If empty (default), SnmpdNetwork
|
|
will be taken.
|
|
type: string
|
|
conditions:
|
|
snmpd_network_unset: {equals : [{get_param: SnmpdIpSubnet}, '']}
|
|
|
|
outputs:
|
|
role_data:
|
|
description: Role data for the SNMP services
|
|
value:
|
|
service_name: snmp
|
|
config_settings:
|
|
tripleo::profile::base::snmp::snmpd_user: {get_param: SnmpdReadonlyUserName}
|
|
tripleo::profile::base::snmp::snmpd_password: {get_param: SnmpdReadonlyUserPassword}
|
|
snmp::agentaddress: {get_param: SnmpdBindHost}
|
|
snmp::snmpd_options: {get_param: SnmpdOptions}
|
|
snmpd_network:
|
|
str_replace:
|
|
template: "%{hiera('$NETWORK_subnet')}"
|
|
params:
|
|
$NETWORK: {get_param: [ServiceNetMap, SnmpdNetwork]}
|
|
tripleo::snmp::firewall_rules:
|
|
'124 snmp':
|
|
dport: 161
|
|
proto: 'udp'
|
|
source:
|
|
if:
|
|
- snmpd_network_unset
|
|
- "%{hiera('snmpd_network')}"
|
|
- {get_param: SnmpdIpSubnet}
|
|
step_config: |
|
|
include ::tripleo::profile::base::snmp
|
|
upgrade_tasks:
|
|
- name: Stop snmp service
|
|
when: step|int == 1
|
|
service: name=snmpd state=stopped
|