Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / heat / 0d8de681d26b46fd5d13273fc640c7728701a211 / . / heat / server.sls
blob: 2868af61715e32a89582231049da420b86f13d70 [file] [log] [blame]
Kirill Bespalov27d20ca2017-08-06 15:43:28 +0300[diff] [blame]1{%- from "heat/map.jinja" import server, system_cacerts_file with context %}
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]2{%- if server.enabled %}
3
4heat_server_packages:
5 pkg.installed:
6 - names: {{ server.pkgs }}
7
8/etc/heat/heat.conf:
9 file.managed:
10 - source: salt://heat/files/{{ server.version }}/heat.conf.{{ grains.os_family }}
11 - template: jinja
12 - require:
13 - pkg: heat_server_packages
14
15/etc/heat/api-paste.ini:
16 file.managed:
17 - source: salt://heat/files/{{ server.version }}/api-paste.ini
18 - template: jinja
19 - require:
20 - pkg: heat_server_packages
21
Dmitry Ukovf3f33a82017-05-05 11:56:46 +0400[diff] [blame]22{%- for name, rule in server.get('policy', {}).iteritems() %}
23
24{%- if rule != None %}
25rule_{{ name }}_present:
26 keystone_policy.rule_present:
27 - path: /etc/heat/policy.json
28 - name: {{ name }}
29 - rule: {{ rule }}
30 - require:
31 - pkg: heat_server_packages
32
33{%- else %}
34
35rule_{{ name }}_absent:
36 keystone_policy.rule_absent:
37 - path: /etc/heat/policy.json
38 - name: {{ name }}
39 - require:
40 - pkg: heat_server_packages
41
42{%- endif %}
43
44{%- endfor %}
45
marco89a5d942016-06-25 17:07:50 +0200[diff] [blame]46{%- if grains.get('virtual_subtype', None) == "Docker" %}
47
48heat_entrypoint:
49 file.managed:
50 - name: /entrypoint.sh
51 - template: jinja
52 - source: salt://heat/files/entrypoint.sh
53 - mode: 755
54
55keystonercv3:
56 file.managed:
57 - name: /root/keystonercv3
58 - template: jinja
59 - source: salt://heat/files/keystonercv3
60 - mode: 755
61
62{%- endif %}
63
64{%- if not grains.get('virtual_subtype', None) == "Docker" %}
65
Ondrej Smolaa23753c2016-11-04 14:39:51 +0100[diff] [blame]66{%- if not salt['pillar.get']('linux:system:repo:mirantis_openstack', False) %}
67
Lachlan Evensonffe25852015-12-23 14:31:25 -0800[diff] [blame]68heat_client_roles:
69 keystone.role_present:
70 - names:
71 - heat_stack_owner
72 - heat_stack_user
Andres Montalbana0ff5a02016-09-23 16:25:08 -0300[diff] [blame]73 - connection_user: {{ server.identity.user }}
74 - connection_password: {{ server.identity.password }}
75 - connection_tenant: {{ server.identity.tenant }}
76 - connection_auth_url: 'http://{{ server.identity.host }}:{{ server.identity.port }}/v2.0/'
Lachlan Evensonffe25852015-12-23 14:31:25 -0800[diff] [blame]77 - require:
78 - pkg: heat_server_packages
79
Ondrej Smolaa23753c2016-11-04 14:39:51 +0100[diff] [blame]80{%- endif %}
81
Jakub Pavlik79c420e2015-10-19 18:49:16 +0200[diff] [blame]82{%- if server.version != 'juno' %}
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]83
84heat_keystone_setup:
85 cmd.run:
86 - name: 'source /root/keystonercv3; heat-keystone-setup-domain --stack-user-domain-name heat_user_domain --stack-domain-admin heat_domain_admin --stack-domain-admin-password {{ server.stack_domain_admin.password }}'
87 - shell: /bin/bash
88 - require:
89 - file: /etc/heat/heat.conf
90 - pkg: heat_server_packages
91 - require_in:
92 - cmd: heat_syncdb
93
94{%- endif %}
95
marco89a5d942016-06-25 17:07:50 +0200[diff] [blame]96{%- endif %}
97
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]98heat_syncdb:
99 cmd.run:
100 - name: heat-manage db_sync
Martin Polreichc0628ca2017-06-08 14:53:27 +0200[diff] [blame]101 {%- if grains.get('noservices') %}
102 - onlyif: /bin/false
103 {%- endif %}
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]104 - require:
105 - file: /etc/heat/heat.conf
106 - pkg: heat_server_packages
107
108heat_log_access:
109 cmd.run:
110 - name: chown heat:heat /var/log/heat/ -R
Martin Polreichc0628ca2017-06-08 14:53:27 +0200[diff] [blame]111 {%- if grains.get('noservices') %}
112 - onlyif: /bin/false
113 {%- endif %}
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]114 - require:
115 - file: /etc/heat/heat.conf
116 - pkg: heat_server_packages
117 - require_in:
118 - service: heat_server_services
119
120heat_server_services:
121 service.running:
122 - names: {{ server.services }}
123 - enable: true
Martin Polreichc0628ca2017-06-08 14:53:27 +0200[diff] [blame]124 {%- if grains.get('noservices') %}
125 - onlyif: /bin/false
126 {%- endif %}
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]127 - require:
128 - cmd: heat_syncdb
129 - watch:
130 - file: /etc/heat/heat.conf
131 - file: /etc/heat/api-paste.ini
Kirill Bespalov27d20ca2017-08-06 15:43:28 +0300[diff] [blame]132 {%- if server.message_queue.get('ssl',{}).get('enabled', False) %}
Kirill Bespalov0d8de682017-11-14 16:16:43 +0300[diff] [blame^]133 - file: rabbitmq_ca_heat_server
Kirill Bespalov27d20ca2017-08-06 15:43:28 +0300[diff] [blame]134 {%- endif %}
Kirill Bespalovfbe468b2017-09-19 16:35:05 +0300[diff] [blame]135 {%- if server.database.get('ssl',{}).get('enabled', False) %}
136 - file: mysql_ca_heat_server
137 {%- endif %}
Kirill Bespalov27d20ca2017-08-06 15:43:28 +0300[diff] [blame]138
139{%- if server.message_queue.get('ssl',{}).get('enabled', False) %}
Kirill Bespalov0d8de682017-11-14 16:16:43 +0300[diff] [blame^]140rabbitmq_ca_heat_server:
Kirill Bespalov27d20ca2017-08-06 15:43:28 +0300[diff] [blame]141{%- if server.message_queue.ssl.cacert is defined %}
142 file.managed:
143 - name: {{ server.message_queue.ssl.cacert_file }}
144 - contents_pillar: heat:server:message_queue:ssl:cacert
145 - mode: 0444
146 - makedirs: true
147{%- else %}
148 file.exists:
149 - name: {{ server.message_queue.ssl.get('cacert_file', system_cacerts_file) }}
150{%- endif %}
151{%- endif %}
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]152
Kirill Bespalovfbe468b2017-09-19 16:35:05 +0300[diff] [blame]153{%- if server.database.get('ssl',{}).get('enabled', False) %}
154mysql_ca_heat_server:
155{%- if server.database.ssl.cacert is defined %}
156 file.managed:
157 - name: {{ server.database.ssl.cacert_file }}
158 - contents_pillar: heat:server:database:ssl:cacert
159 - mode: 0444
160 - makedirs: true
161{%- else %}
162 file.exists:
163 - name: {{ server.database.ssl.get('cacert_file', system_cacerts_file) }}
164{%- endif %}
165 - require_in:
166 - file: /etc/heat/heat.conf
167{%- endif %}
168
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]169{%- endif %}