dsl_version: 0.1.0 service: name: heat-api ports: - {{ heat.api_port }} containers: - name: heat-api image: heat-api # TODO(drusskikh): add probes probes: readiness: "true" liveness: command: "true" type: "exec" pre: - name: heat-db-create dependencies: - {{ service.database }} type: single command: mysql -u root -p{{ db.root_password }} -h {{ address(service.database) }} -e "create database {{ heat.db.name }}; grant all privileges on {{ heat.db.name }}.* to '{{ heat.db.username }}'@'%' identified by '{{ heat.db.password }}';" - name: heat-db-sync files: - heat-conf dependencies: - heat-db-create type: single command: heat-manage db_sync - name: heat-user-create dependencies: - keystone-create-project type: single command: openstack user create --domain default --password {{ heat.password }} {{ heat.user }} - name: heat-admin-role-add dependencies: - heat-user-create type: single command: openstack role add --project service --user {{ heat.user }} admin - name: heat-service-create dependencies: - keystone-create-project type: single command: openstack service create --name heat --description "OpenStack orchestration service" orchestration - name: heat-public-endpoint-create dependencies: - heat-service-create type: single command: openstack endpoint create --region RegionOne orchestration public {{ address('heat-api', heat.api_port, external=True, with_scheme=True) }}/v1/%\(tenant_id\)s - name: heat-internal-endpoint-create dependencies: - heat-service-create type: single command: openstack endpoint create --region RegionOne orchestration internal {{ address('heat-api', heat.api_port, with_scheme=True) }}/v1/%\(tenant_id\)s - name: heat-admin-endpoint-create dependencies: - heat-service-create type: single command: openstack endpoint create --region RegionOne orchestration admin {{ address('heat-api', heat.api_port, with_scheme=True) }}/v1/%\(tenant_id\)s # Orchestration requires additional information in the Identity service to manage stacks. # For detailed explanation see: http://docs.openstack.org/project-install-guide/orchestration/newton/install-ubuntu.html - name: heat-create-domain type: single command: openstack domain create --description "Owns users and projects created by heat" {{ heat.domain.name }} - name: heat-domain-admin-user-create type: single command: openstack user create --domain {{ heat.domain.name }} --password {{ heat.domain.password }} {{ heat.domain.user }} dependencies: - heat-create-domain - name: grant-doman-user-admin-privileges type: single command: openstack role add --domain {{ heat.domain.name }} --user-domain {{ heat.domain.name }} --user {{ heat.domain.user }} admin dependencies: - heat-domain-admin-user-create # You must add the heat_stack_owner role to each user that manages stacks after addinf new users. - name: heat-stack-owner-role-create type: single command: openstack role create heat_stack_owner dependencies: - grant-doman-user-admin-privileges # The Orchestration service automatically assigns the heat_stack_user role to users that it creates during stack deployment. - name: heat-stack-user-role-create type: single command: openstack role create heat_stack_user dependencies: - grant-doman-user-admin-privileges daemon: dependencies: - rabbitmq files: - heat-conf command: heat-api --config-file /etc/heat/heat.conf files: heat-conf: path: /etc/heat/heat.conf content: heat.conf.j2