tripleo-heat-templates/deployment/octavia/octavia-base.yaml
Carlos Goncalves 361a47d2a7 Fix Octavia to use correct Puppet class
Addition of octavia::controller::enable_anti_affinity was reverted in
[1] as code to handle that config option already exists in octavia::nova
class. This patch follows that revert and sets THT to use octavia::nova.

[1] https://review.opendev.org/#/c/699067/

Depends-On: https://review.opendev.org/#/c/699074/
Change-Id: I2204b72e40a86892f7312b9af77754d9c11a6c63
(cherry picked from commit e47e7db8a2)
(cherry picked from commit 8184b94972)
2020-01-02 15:56:39 +00:00

257 lines
9.6 KiB
YAML

heat_template_version: rocky
description: >
OpenStack Octavia base service. Shared for all Octavia services
parameters:
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
Debug:
type: boolean
default: false
description: Set to True to enable debugging on all services.
OctaviaDebug:
default: ''
description: Set to True to enable debugging Octavia services.
type: string
constraints:
- allowed_values: [ '', 'true', 'True', 'TRUE', 'false', 'False', 'FALSE']
EnableConfigPurge:
type: boolean
default: false
description: >
Remove configuration that is not generated by TripleO. Used to avoid
configuration remnants after upgrades.
RpcPort:
default: 5672
description: The network port for messaging backend
type: number
RpcUserName:
default: guest
description: The username for messaging backend
type: string
RpcPassword:
description: The password for messaging backend
type: string
hidden: true
RpcUseSSL:
default: false
description: >
Messaging client subscriber parameter to specify
an SSL connection to the messaging host.
type: string
NotificationDriver:
type: string
default: 'messagingv2'
description: Driver or drivers to handle sending notifications.
OctaviaUserName:
description: The username for the Octavia database and keystone accounts.
type: string
default: 'octavia'
OctaviaPassword:
description: The password for the Octavia database and keystone accounts.
type: string
hidden: true
OctaviaProjectName:
description: The project name for the keystone Octavia account.
type: string
default: 'service'
OctaviaCaCertFile:
type: string
default: '/etc/octavia/certs/ca_01.pem'
description: Octavia CA certificate file path.
OctaviaCaCert:
type: string
default: ''
description: Octavia CA certificate data. If provided, this will create
or update a file on the host with the path provided in
OctaviaCaCertFile with the certificate data.
OctaviaCaKeyFile:
type: string
default: '/etc/octavia/certs/private/cakey.pem'
description: Octavia CA private key file path.
OctaviaCaKey:
type: string
default: ''
description: The private key for the certificate provided in OctaviaCaCert.
If provided, this will create or update a file on the host
with the path provided in OctaviaCaKeyFile with the key
data.
OctaviaServerCertsKeyPassphrase:
constraints:
- length: { min: 32, max: 32}
description: Passphrase for encrypting Amphora Certificates and
Private Keys. Must be exactly 32 characters.
type: string
hidden: true
OctaviaCaKeyPassphrase:
description: CA private key passphrase.
type: string
hidden: true
OctaviaAmphoraImageTag:
default: 'amphora-image'
description: Glance image tag for identifying the amphora image.
type: string
OctaviaAmphoraNetworkList:
default: []
description: List of networks to attach to amphorae.
type: comma_delimited_list
OctaviaAmphoraSshKeyName:
type: string
default: 'octavia-ssh-key'
description: SSH key name.
OctaviaLoadBalancerTopology:
default: ''
description: Load balancer topology configuration.
type: string
OctaviaFlavorId:
default: '65'
description: Nova flavor ID to be used when creating the nova flavor for
amphora.
type: string
OctaviaTimeoutClientData:
default: 50000
description: Frontend client inactivity timeout.
type: number
OctaviaTimeoutMemberConnect:
default: 5000
description: Backend member connection timeout.
type: number
OctaviaTimeoutMemberData:
default: 50000
description: Backend member inactivity timeout.
type: number
OctaviaTimeoutTcpInspect:
default: 0
description: Time to wait for TCP packets for content inspection.
type: number
OctaviaConnectionMaxRetries:
default: 120
description: Retry threshold for connecting to amphorae.
type: number
OctaviaConnectionLogging:
default: true
description: When false, tenant connection flows will not be logged.
type: boolean
OctaviaBuildActiveRetries:
default: 120
description: Retry threshold for waiting for a build slot for an amphorae.
type: number
OctaviaPortDetachTimeout:
default: 300
description: Seconds to wait for a port to detach from an amphora.
type: number
OctaviaAntiAffinity:
default: true
description: Flag to indicate if anti-affinity feature is turned on.
type: boolean
parameter_groups:
- label: deprecated
description: |
The following parameters are deprecated and will be removed. They should not
be relied on for new deployments. If you have concerns regarding deprecated
parameters, please contact the TripleO development team on IRC or the
OpenStack mailing list.
parameters:
- RpcPort
- RpcUserName
- RpcPassword
- RpcUseSSL
conditions:
service_debug_unset: {equals : [{get_param: OctaviaDebug}, '']}
octavia_ca_cert_unset: {equals: [{get_param: OctaviaCaCert}, '']}
octavia_ca_key_unset: {equals: [{get_param: OctaviaCaKey}, '']}
octavia_topology_unset: {equals : [{get_param: OctaviaLoadBalancerTopology}, ""]}
outputs:
role_data:
description: Base role data for Octavia services
value:
service_name: octavia_base
config_settings:
map_merge:
- octavia::logging::debug:
if:
- service_debug_unset
- {get_param: Debug }
- {get_param: OctaviaDebug }
octavia::purge_config: {get_param: EnableConfigPurge}
octavia::notification_driver: {get_param: NotificationDriver}
octavia::db::database_connection:
make_url:
scheme: {get_param: [EndpointMap, MysqlInternal, protocol]}
username: {get_param: OctaviaUserName}
password: {get_param: OctaviaPassword}
host: {get_param: [EndpointMap, MysqlInternal, host]}
path: /octavia
query:
read_default_file: /etc/my.cnf.d/tripleo.cnf
read_default_group: tripleo
octavia::service_auth::auth_url: {get_param: [EndpointMap, KeystoneV3Internal, uri]}
octavia::service_auth::auth_type: 'password'
octavia::service_auth::username: {get_param: OctaviaUserName}
octavia::service_auth::password: {get_param: OctaviaPassword}
octavia::service_auth::project_name: {get_param: OctaviaProjectName}
octavia::service_auth::project_domain_name: 'Default'
octavia::service_auth::user_domain_name: 'Default'
octavia::service_auth::auth_type: 'password'
octavia::certificates::ca_certificate: {get_param: OctaviaCaCertFile}
octavia::certificates::ca_private_key: {get_param: OctaviaCaKeyFile}
octavia::certificates::server_certs_key_passphrase: {get_param: OctaviaServerCertsKeyPassphrase}
octavia::certificates::ca_private_key_passphrase: {get_param: OctaviaCaKeyPassphrase}
octavia::controller::amp_boot_network_list: {get_param: OctaviaAmphoraNetworkList}
octavia::controller::amp_flavor_id: {get_param: OctaviaFlavorId}
octavia::controller::amp_image_tag: {get_param: OctaviaAmphoraImageTag}
octavia::controller::amp_ssh_key_name: {get_param: OctaviaAmphoraSshKeyName}
octavia::controller::enable_ssh_access: true
octavia::controller::timeout_client_data: {get_param: OctaviaTimeoutClientData}
octavia::controller::timeout_member_connect: {get_param: OctaviaTimeoutMemberConnect}
octavia::controller::timeout_member_data: {get_param: OctaviaTimeoutMemberData}
octavia::controller::timeout_tcp_inspect: {get_param: OctaviaTimeoutTcpInspect}
octavia::controller::connection_max_retries: {get_param: OctaviaConnectionMaxRetries}
octavia::controller::connection_logging: {get_param: OctaviaConnectionLogging}
octavia::controller::build_active_retries: {get_param: OctaviaBuildActiveRetries}
octavia::controller::port_detach_timeout: {get_param: OctaviaPortDetachTimeout}
octavia::nova::enable_anti_affinity: {get_param: OctaviaAntiAffinity}
-
if:
- octavia_topology_unset
- {}
- octavia::controller::loadbalancer_topology: {get_param: OctaviaLoadBalancerTopology}
-
if:
- octavia_ca_cert_unset
- {}
- octavia::certificates::ca_certificate_data: {get_param: OctaviaCaCert}
-
if:
- octavia_ca_key_unset
- {}
- octavia::certificates::ca_private_key_data: {get_param: OctaviaCaKey}