Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / heat / c960a1ade7723c073f7439c466e2ba864a3c4c9c / . / heat / server.sls
blob: c06ac26e58d51d933bb41e24b29177c1faa259c8 [file] [log] [blame]
Vasyl Saienkob1353ee2017-12-12 14:35:31 +0200[diff] [blame]1{%- from "heat/map.jinja" import server with context %}
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]2{%- if server.enabled %}
3
4heat_server_packages:
5 pkg.installed:
6 - names: {{ server.pkgs }}
7
8/etc/heat/heat.conf:
9 file.managed:
10 - source: salt://heat/files/{{ server.version }}/heat.conf.{{ grains.os_family }}
11 - template: jinja
12 - require:
13 - pkg: heat_server_packages
14
15/etc/heat/api-paste.ini:
16 file.managed:
17 - source: salt://heat/files/{{ server.version }}/api-paste.ini
18 - template: jinja
19 - require:
20 - pkg: heat_server_packages
21
Dmitry Kalashnik1c26ac02017-12-06 13:37:19 +0400[diff] [blame]22{%- for service_name in server.services %}
23{{ service_name }}_default:
24 file.managed:
25 - name: /etc/default/{{ service_name }}
26 - source: salt://heat/files/default
27 - template: jinja
28 - defaults:
29 service_name: {{ service_name }}
30 values: {{ server }}
31 - require:
32 - pkg: heat_server_packages
33 - watch_in:
34 - service: heat_server_services
35{%- endfor %}
36
37
38{%- if server.logging.log_appender %}
39
40{%- if server.logging.log_handlers.get('fluentd', {}).get('enabled', False) %}
41heat_fluentd_logger_package:
42 pkg.installed:
43 - name: python-fluent-logger
44{%- endif %}
45
46heat_general_logging_conf:
47 file.managed:
48 - name: /etc/heat/logging.conf
sgarbuzc960a1a2018-07-16 15:45:51 +0300[diff] [blame^]49 - source: salt://oslo_templates/files/logging/_logging.conf
Dmitry Kalashnik1c26ac02017-12-06 13:37:19 +0400[diff] [blame]50 - template: jinja
51 - user: heat
52 - group: heat
53 - defaults:
54 service_name: heat
sgarbuzc960a1a2018-07-16 15:45:51 +0300[diff] [blame^]55 _data: {{ server.logging }}
Dmitry Kalashnik1c26ac02017-12-06 13:37:19 +0400[diff] [blame]56 - require:
57 - pkg: heat_server_packages
58{%- if server.logging.log_handlers.get('fluentd', {}).get('enabled', False) %}
59 - pkg: heat_fluentd_logger_package
60{%- endif %}
61 - watch_in:
62 - service: heat_server_services
63
64/var/log/heat/heat.log:
65 file.managed:
66 - user: heat
67 - group: heat
68 - watch_in:
69 - service: heat_server_services
70
71{% for service_name in server.get('services', []) %}
72{{ service_name }}_logging_conf:
73 file.managed:
74 - name: /etc/heat/logging/logging-{{ service_name }}.conf
sgarbuzc960a1a2018-07-16 15:45:51 +0300[diff] [blame^]75 - source: salt://oslo_templates/files/logging/_logging.conf
Dmitry Kalashnik1c26ac02017-12-06 13:37:19 +0400[diff] [blame]76 - template: jinja
77 - makedirs: True
78 - user: heat
79 - group: heat
80 - defaults:
81 service_name: {{ service_name }}
sgarbuzc960a1a2018-07-16 15:45:51 +0300[diff] [blame^]82 _data: {{ server.logging }}
Dmitry Kalashnik1c26ac02017-12-06 13:37:19 +0400[diff] [blame]83 - require:
84 - pkg: heat_server_packages
85{%- if server.logging.log_handlers.get('fluentd', {}).get('enabled', False) %}
86 - pkg: heat_fluentd_logger_package
87{%- endif %}
88 - watch_in:
89 - service: heat_server_services
90{% endfor %}
91
92{% endif %}
93
Dmitry Ukovf3f33a82017-05-05 11:56:46 +0400[diff] [blame]94{%- for name, rule in server.get('policy', {}).iteritems() %}
95
96{%- if rule != None %}
Martin Polreicha4475a22018-06-19 11:19:49 +0200[diff] [blame]97heat_keystone_rule_{{ name }}_present:
Dmitry Ukovf3f33a82017-05-05 11:56:46 +0400[diff] [blame]98 keystone_policy.rule_present:
99 - path: /etc/heat/policy.json
100 - name: {{ name }}
101 - rule: {{ rule }}
102 - require:
103 - pkg: heat_server_packages
104
105{%- else %}
106
Martin Polreicha4475a22018-06-19 11:19:49 +0200[diff] [blame]107heat_keystone_rule_{{ name }}_absent:
Dmitry Ukovf3f33a82017-05-05 11:56:46 +0400[diff] [blame]108 keystone_policy.rule_absent:
109 - path: /etc/heat/policy.json
110 - name: {{ name }}
111 - require:
112 - pkg: heat_server_packages
113
114{%- endif %}
115
116{%- endfor %}
117
marco89a5d942016-06-25 17:07:50 +0200[diff] [blame]118{%- if grains.get('virtual_subtype', None) == "Docker" %}
119
120heat_entrypoint:
121 file.managed:
122 - name: /entrypoint.sh
123 - template: jinja
124 - source: salt://heat/files/entrypoint.sh
125 - mode: 755
126
127keystonercv3:
128 file.managed:
129 - name: /root/keystonercv3
130 - template: jinja
131 - source: salt://heat/files/keystonercv3
132 - mode: 755
133
134{%- endif %}
135
136{%- if not grains.get('virtual_subtype', None) == "Docker" %}
Jakub Pavlik79c420e2015-10-19 18:49:16 +0200[diff] [blame]137{%- if server.version != 'juno' %}
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]138
139heat_keystone_setup:
140 cmd.run:
141 - name: 'source /root/keystonercv3; heat-keystone-setup-domain --stack-user-domain-name heat_user_domain --stack-domain-admin heat_domain_admin --stack-domain-admin-password {{ server.stack_domain_admin.password }}'
142 - shell: /bin/bash
143 - require:
144 - file: /etc/heat/heat.conf
145 - pkg: heat_server_packages
146 - require_in:
147 - cmd: heat_syncdb
148
149{%- endif %}
150
marco89a5d942016-06-25 17:07:50 +0200[diff] [blame]151{%- endif %}
152
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]153heat_syncdb:
154 cmd.run:
155 - name: heat-manage db_sync
Martin Polreichc0628ca2017-06-08 14:53:27 +0200[diff] [blame]156 {%- if grains.get('noservices') %}
157 - onlyif: /bin/false
158 {%- endif %}
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]159 - require:
160 - file: /etc/heat/heat.conf
161 - pkg: heat_server_packages
162
163heat_log_access:
164 cmd.run:
165 - name: chown heat:heat /var/log/heat/ -R
Martin Polreichc0628ca2017-06-08 14:53:27 +0200[diff] [blame]166 {%- if grains.get('noservices') %}
167 - onlyif: /bin/false
168 {%- endif %}
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]169 - require:
170 - file: /etc/heat/heat.conf
171 - pkg: heat_server_packages
172 - require_in:
173 - service: heat_server_services
174
175heat_server_services:
176 service.running:
177 - names: {{ server.services }}
178 - enable: true
Martin Polreichc0628ca2017-06-08 14:53:27 +0200[diff] [blame]179 {%- if grains.get('noservices') %}
180 - onlyif: /bin/false
181 {%- endif %}
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]182 - require:
183 - cmd: heat_syncdb
184 - watch:
185 - file: /etc/heat/heat.conf
186 - file: /etc/heat/api-paste.ini
Kirill Bespalov27d20ca2017-08-06 15:43:28 +0300[diff] [blame]187 {%- if server.message_queue.get('ssl',{}).get('enabled', False) %}
Kirill Bespalov0d8de682017-11-14 16:16:43 +0300[diff] [blame]188 - file: rabbitmq_ca_heat_server
Kirill Bespalov27d20ca2017-08-06 15:43:28 +0300[diff] [blame]189 {%- endif %}
Kirill Bespalovfbe468b2017-09-19 16:35:05 +0300[diff] [blame]190 {%- if server.database.get('ssl',{}).get('enabled', False) %}
191 - file: mysql_ca_heat_server
192 {%- endif %}
Kirill Bespalov27d20ca2017-08-06 15:43:28 +0300[diff] [blame]193
194{%- if server.message_queue.get('ssl',{}).get('enabled', False) %}
Kirill Bespalov0d8de682017-11-14 16:16:43 +0300[diff] [blame]195rabbitmq_ca_heat_server:
Kirill Bespalov27d20ca2017-08-06 15:43:28 +0300[diff] [blame]196{%- if server.message_queue.ssl.cacert is defined %}
197 file.managed:
198 - name: {{ server.message_queue.ssl.cacert_file }}
199 - contents_pillar: heat:server:message_queue:ssl:cacert
200 - mode: 0444
201 - makedirs: true
202{%- else %}
203 file.exists:
Vasyl Saienkob1353ee2017-12-12 14:35:31 +0200[diff] [blame]204 - name: {{ server.message_queue.ssl.get('cacert_file', server.cacert_file) }}
Kirill Bespalov27d20ca2017-08-06 15:43:28 +0300[diff] [blame]205{%- endif %}
206{%- endif %}
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]207
Kirill Bespalovfbe468b2017-09-19 16:35:05 +0300[diff] [blame]208{%- if server.database.get('ssl',{}).get('enabled', False) %}
209mysql_ca_heat_server:
210{%- if server.database.ssl.cacert is defined %}
211 file.managed:
212 - name: {{ server.database.ssl.cacert_file }}
213 - contents_pillar: heat:server:database:ssl:cacert
214 - mode: 0444
215 - makedirs: true
216{%- else %}
217 file.exists:
Vasyl Saienkob1353ee2017-12-12 14:35:31 +0200[diff] [blame]218 - name: {{ server.database.ssl.get('cacert_file', server.cacert_file) }}
Kirill Bespalovfbe468b2017-09-19 16:35:05 +0300[diff] [blame]219{%- endif %}
220 - require_in:
221 - file: /etc/heat/heat.conf
222{%- endif %}
223
Filip Pytloun923d8692015-10-06 16:28:32 +0200[diff] [blame]224{%- endif %}