Heat Configuration overrides

This commit moves Heat to use the configuration methods from Nova,
Neutron and Keystone.

To make reviewing easier, volume configuration will be summited in
a seperate PS.

Change-Id: I3714f885cf4a6a9a34ba13fc9ea4a37e5bcef638
This commit is contained in:
Pete Birley 2017-04-07 13:45:39 -05:00
parent 9979444a6a
commit e3ef3bf888
14 changed files with 3130 additions and 153 deletions

View File

@ -12,14 +12,77 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
{{- include "heat.conf.heat_values_skeleton" .Values.conf.heat | trunc 0 -}}
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "auth_uri" | quote | trunc 0 -}}
{{- end -}}
# FIXME(alanmeadows) fix for broken keystonemiddleware oslo config gen in newton - will remove in future
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup"| set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.hostname_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.database.oslo.db.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database.oslo.db "connection" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.default.oslo.messaging.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" | set .Values.conf.heat.default.oslo.messaging "transport_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.heat_metadata_server_url -}}
{{- tuple "cloudformation" "public" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.cloudformation.path | set .Values.conf.heat.default.heat.common.config "heat_metadata_server_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.heat_waitcondition_server_url -}}
{{- cat (tuple "cloudformation" "public" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup") "waitcondition" | replace " " "/" | set .Values.conf.heat.default.heat.common.config "heat_waitcondition_server_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.heat_watch_server_url -}}
{{- tuple "cloudwatch" "public" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | trimSuffix "/" | set .Values.conf.heat.default.heat.common.config "heat_watch_server_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.clients_keystone.heat.common.config.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path | set .Values.conf.heat.clients_keystone.heat.common.config "auth_uri" | quote | trunc 0 -}}
{{- end -}}
apiVersion: v1 apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
name: heat-etc name: heat-etc
data: data:
heat.conf: |+ heat.conf: |+
{{ if .Values.conf.heat.override -}}
{{ .Values.conf.heat.override | indent 4 }}
{{- else -}}
{{- if .Values.conf.heat.prefix -}}
{{ .Values.conf.heat.prefix | indent 4 }}
{{- end }}
{{ tuple "etc/_heat.conf.tpl" . | include "helm-toolkit.template" | indent 4 }} {{ tuple "etc/_heat.conf.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end }}
{{- if .Values.conf.heat.append -}}
{{ .Values.conf.heat.append | indent 4 }}
{{- end }}
api-paste.ini: |+ api-paste.ini: |+
{{ tuple "etc/_heat-api-paste.ini.tpl" . | include "helm-toolkit.template" | indent 4 }} {{ if .Values.conf.paste.override -}}
{{ .Values.conf.paste.override | indent 4 }}
{{- else -}}
{{- if .Values.conf.paste.prefix -}}
{{ .Values.conf.paste.prefix | indent 4 }}
{{- end }}
{{ tuple "etc/_api-paste.ini.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end }}
{{- if .Values.conf.paste.append -}}
{{ .Values.conf.paste.append | indent 4 }}
{{- end }}
policy.json: |+ policy.json: |+
{{ tuple "etc/_heat-policy.json.tpl" . | include "helm-toolkit.template" | indent 4 }} {{ if .Values.conf.policy.override -}}
{{ .Values.conf.policy.override | indent 4 }}
{{- else -}}
{{ tuple "etc/_policy.json.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end }}

View File

@ -49,10 +49,10 @@ spec:
- --config-dir - --config-dir
- /etc/heat/conf - /etc/heat/conf
ports: ports:
- containerPort: {{ .Values.network.api.port }} - containerPort: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
readinessProbe: readinessProbe:
tcpSocket: tcpSocket:
port: {{ .Values.network.api.port }} port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
volumeMounts: volumeMounts:
- name: pod-etc-heat - name: pod-etc-heat
mountPath: /etc/heat mountPath: /etc/heat

View File

@ -49,10 +49,10 @@ spec:
- --config-dir - --config-dir
- /etc/heat/conf - /etc/heat/conf
ports: ports:
- containerPort: {{ .Values.network.cfn.port }} - containerPort: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
readinessProbe: readinessProbe:
tcpSocket: tcpSocket:
port: {{ .Values.network.cfn.port }} port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
volumeMounts: volumeMounts:
- name: pod-etc-heat - name: pod-etc-heat
mountPath: /etc/heat mountPath: /etc/heat

View File

@ -49,10 +49,10 @@ spec:
- --config-dir - --config-dir
- /etc/heat/conf - /etc/heat/conf
ports: ports:
- containerPort: {{ .Values.network.cloudwatch.port }} - containerPort: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
readinessProbe: readinessProbe:
tcpSocket: tcpSocket:
port: {{ .Values.network.cloudwatch.port }} port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
volumeMounts: volumeMounts:
- name: pod-etc-heat - name: pod-etc-heat
mountPath: /etc/heat mountPath: /etc/heat

View File

@ -1,16 +1,3 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# heat-api pipeline # heat-api pipeline
[pipeline:heat-api] [pipeline:heat-api]
@ -37,12 +24,12 @@ pipeline = cors request_id faultwrap versionnegotiation context custombackendaut
# heat-api-cfn pipeline # heat-api-cfn pipeline
[pipeline:heat-api-cfn] [pipeline:heat-api-cfn]
pipeline = cors cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app pipeline = cors http_proxy_to_wsgi cfnversionnegotiation osprofiler ec2authtoken authtoken context apicfnv1app
# heat-api-cfn pipeline for standalone heat # heat-api-cfn pipeline for standalone heat
# relies exclusively on authenticating with ec2 signed requests # relies exclusively on authenticating with ec2 signed requests
[pipeline:heat-api-cfn-standalone] [pipeline:heat-api-cfn-standalone]
pipeline = cors cfnversionnegotiation ec2authtoken context apicfnv1app pipeline = cors http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app
# heat-api-cloudwatch pipeline # heat-api-cloudwatch pipeline
[pipeline:heat-api-cloudwatch] [pipeline:heat-api-cloudwatch]

File diff suppressed because it is too large Load Diff

View File

@ -23,8 +23,8 @@ data:
OS_REGION_NAME: | OS_REGION_NAME: |
{{ .Values.keystone.heat_stack_region_name | b64enc | indent 4 }} {{ .Values.keystone.heat_stack_region_name | b64enc | indent 4 }}
OS_DOMAIN_NAME: | OS_DOMAIN_NAME: |
{{ .Values.keystone.heat_stack_domain | b64enc | indent 4 }} {{ .Values.conf.heat.default.heat.common.config.stack_user_domain_name | b64enc | indent 4 }}
OS_USERNAME: | OS_USERNAME: |
{{ .Values.keystone.heat_stack_user | b64enc | indent 4 }} {{ .Values.conf.heat.default.heat.common.config.stack_domain_admin | b64enc | indent 4 }}
OS_PASSWORD: | OS_PASSWORD: |
{{ .Values.keystone.heat_stack_password | b64enc | indent 4 }} {{ .Values.conf.heat.default.heat.common.config.stack_domain_admin_password | b64enc | indent 4 }}

View File

@ -23,12 +23,12 @@ data:
OS_REGION_NAME: | OS_REGION_NAME: |
{{ .Values.keystone.heat_trustee_region_name | b64enc | indent 4 }} {{ .Values.keystone.heat_trustee_region_name | b64enc | indent 4 }}
OS_PROJECT_DOMAIN_NAME: | OS_PROJECT_DOMAIN_NAME: |
{{ .Values.keystone.heat_trustee_project_domain | b64enc | indent 4 }} {{ .Values.conf.heat.trustee.heat.common.context.project_domain_name | b64enc | indent 4 }}
OS_PROJECT_NAME: | OS_PROJECT_NAME: |
{{ .Values.keystone.heat_trustee_project_name | b64enc | indent 4 }} {{ .Values.conf.heat.trustee.heat.common.context.project_name | b64enc | indent 4 }}
OS_USER_DOMAIN_NAME: | OS_USER_DOMAIN_NAME: |
{{ .Values.keystone.heat_trustee_user_domain | b64enc | indent 4 }} {{ .Values.conf.heat.trustee.heat.common.context.user_domain_name | b64enc | indent 4 }}
OS_USERNAME: | OS_USERNAME: |
{{ .Values.keystone.heat_trustee_user | b64enc | indent 4 }} {{ .Values.conf.heat.trustee.heat.common.context.username | b64enc | indent 4 }}
OS_PASSWORD: | OS_PASSWORD: |
{{ .Values.keystone.heat_trustee_password | b64enc | indent 4 }} {{ .Values.conf.heat.trustee.heat.common.context.password | b64enc | indent 4 }}

View File

@ -21,14 +21,14 @@ data:
OS_AUTH_URL: | OS_AUTH_URL: |
{{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | b64enc | indent 4 }} {{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | b64enc | indent 4 }}
OS_REGION_NAME: | OS_REGION_NAME: |
{{ .Values.keystone.heat_region_name | b64enc | indent 4 }} {{ .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.region_name | b64enc | indent 4 }}
OS_PROJECT_DOMAIN_NAME: | OS_PROJECT_DOMAIN_NAME: |
{{ .Values.keystone.heat_project_domain | b64enc | indent 4 }} {{ .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.project_domain_name | b64enc | indent 4 }}
OS_PROJECT_NAME: | OS_PROJECT_NAME: |
{{ .Values.keystone.heat_project_name | b64enc | indent 4 }} {{ .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.project_name | b64enc | indent 4 }}
OS_USER_DOMAIN_NAME: | OS_USER_DOMAIN_NAME: |
{{ .Values.keystone.heat_user_domain | b64enc | indent 4 }} {{ .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.user_domain_name | b64enc | indent 4 }}
OS_USERNAME: | OS_USERNAME: |
{{ .Values.keystone.heat_user | b64enc | indent 4 }} {{ .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.username | b64enc | indent 4 }}
OS_PASSWORD: | OS_PASSWORD: |
{{ .Values.keystone.heat_password | b64enc | indent 4 }} {{ .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.password | b64enc | indent 4 }}

View File

@ -18,7 +18,7 @@ metadata:
name: heat-api name: heat-api
spec: spec:
ports: ports:
- port: {{ .Values.network.api.port }} - port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
{{ if .Values.network.api.node_port.enabled }} {{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }} nodePort: {{ .Values.network.api.node_port.port }}
{{ end }} {{ end }}
@ -27,4 +27,3 @@ spec:
{{ if .Values.network.api.node_port.enabled }} {{ if .Values.network.api.node_port.enabled }}
type: NodePort type: NodePort
{{ end }} {{ end }}

View File

@ -18,7 +18,7 @@ metadata:
name: heat-cfn name: heat-cfn
spec: spec:
ports: ports:
- port: {{ .Values.network.cfn.port }} - port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
{{ if .Values.network.cfn.node_port.enabled }} {{ if .Values.network.cfn.node_port.enabled }}
nodePort: {{ .Values.network.cfn.node_port.port }} nodePort: {{ .Values.network.cfn.node_port.port }}
{{ end }} {{ end }}
@ -27,4 +27,3 @@ spec:
{{ if .Values.network.cfn.node_port.enabled }} {{ if .Values.network.cfn.node_port.enabled }}
type: NodePort type: NodePort
{{ end }} {{ end }}

View File

@ -18,7 +18,7 @@ metadata:
name: heat-cloudwatch name: heat-cloudwatch
spec: spec:
ports: ports:
- port: {{ .Values.network.cloudwatch.port }} - port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
{{ if .Values.network.cloudwatch.node_port.enabled }} {{ if .Values.network.cloudwatch.node_port.enabled }}
nodePort: {{ .Values.network.cloudwatch.node_port.port }} nodePort: {{ .Values.network.cloudwatch.node_port.port }}
{{ end }} {{ end }}
@ -27,4 +27,3 @@ spec:
{{ if .Values.network.cloudwatch.node_port.enabled }} {{ if .Values.network.cloudwatch.node_port.enabled }}
type: NodePort type: NodePort
{{ end }} {{ end }}

View File

@ -55,66 +55,107 @@ keystone:
admin_project_domain: "default" admin_project_domain: "default"
admin_region_name: "RegionOne" admin_region_name: "RegionOne"
heat_user: "heat"
heat_user_domain: "default"
heat_user_role: "admin" heat_user_role: "admin"
heat_password: "password"
heat_project_name: "service"
heat_project_domain: "default"
heat_region_name: "RegionOne"
heat_trustee_user: "heat-trust"
heat_trustee_user_domain: "default"
heat_trustee_role: "admin" heat_trustee_role: "admin"
heat_trustee_password: "password"
heat_trustee_project_name: "service"
heat_trustee_project_domain: "default"
heat_trustee_region_name: "RegionOne" heat_trustee_region_name: "RegionOne"
heat_stack_user: "heat-domain"
heat_stack_domain: "heat"
heat_stack_user_role: "admin" heat_stack_user_role: "admin"
heat_stack_password: "password"
heat_stack_region_name: "RegionOne" heat_stack_region_name: "RegionOne"
conf:
paste:
override:
append:
policy:
override:
append:
heat:
override:
append:
default:
heat:
common:
config:
stack_user_domain_name: heat
stack_domain_admin: heat-domain
stack_domain_admin_password: password
num_engine_workers: 4
trusts_delegated_roles: Member
keystone_authtoken:
keystonemiddleware:
auth_token:
auth_type: password
auth_version: v3
region_name: RegionOne
project_domain_name: default
project_name: service
user_domain_name: default
username: heat
password: password
trustee:
heat:
common:
context:
password: password
user_domain_name: default
username: heat-trust
project_domain_name: default
project_name: service
heat_api:
heat:
common:
wsgi:
bind_port: 8004
workers: 4
heat_api_cloudwatch:
heat:
common:
wsgi:
bind_port: 8003
workers: 4
heat_api_cfn:
heat:
common:
wsgi:
bind_port: 8000
workers: 4
paste_deploy:
heat.common:
config:
api_paste_config: /etc/heat/api-paste.ini
clients:
heat:
common:
config:
endpoint_type: internalURL
clients_keystone:
heat:
common:
config:
endpoint_type: internalURL
network: network:
api: api:
name: "heat-api" name: "heat-api"
port: 8004
proto: "http" proto: "http"
node_port: node_port:
enabled: false enabled: false
port: 30004 port: 30004
cfn: cfn:
name: "heat-cfn" name: "heat-cfn"
port: 8000
proto: "http" proto: "http"
node_port: node_port:
enabled: false enabled: false
port: 30800 port: 30800
cloudwatch: cloudwatch:
name: "heat-cloudwatch" name: "heat-cloudwatch"
port: 8003
proto: "http" proto: "http"
node_port: node_port:
enabled: false enabled: false
port: 30003 port: 30003
messaging:
hosts: rabbitmq
user: rabbitmq
password: password
memcached:
host: memcached
port: 11211
misc:
debug: true
secrets:
keystone_admin:
dependencies: dependencies:
db_init: db_init:
jobs: jobs:
@ -223,6 +264,25 @@ endpoints:
scheme: mysql+pymysql scheme: mysql+pymysql
port: port:
mysql: 3306 mysql: 3306
oslo_cache:
hosts:
default: memcache
port:
memcache: 11211
oslo_messaging:
auth:
admin:
username: admin
password: password
user:
username: rabbitmq
password: password
hosts:
default: rabbitmq
path: /
scheme: rabbit
port:
amqp: 5672
resources: resources:
enabled: false enabled: false
@ -289,11 +349,3 @@ resources:
limits: limits:
memory: "1024Mi" memory: "1024Mi"
cpu: "2000m" cpu: "2000m"
api:
workers: 8
cfn:
workers: 8
cloudwatch:
workers: 8
engine:
workers: 8