1 heat_template_version: pike
4 OpenStack controller node configured by Puppet.
10 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
12 ControllerExtraConfig:
15 Controller specific hiera configuration data to inject into the cluster.
20 A network mapped list of IPs to assign to Controllers in the following form:
22 "internal_api": ["a.b.c.d", "e.f.g.h"],
28 description: Set to True to enable debugging on all services.
33 Additional hieradata to inject into the cluster, note that
34 ControllerExtraConfig takes precedence over ExtraConfig.
36 OvercloudControlFlavor:
37 description: Flavor for control nodes to request when deploying.
41 - custom_constraint: nova.flavor
44 default: overcloud-full
46 - custom_constraint: glance.image
48 default: 'REBUILD_PRESERVE_EPHEMERAL'
49 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
53 description: Name of an existing Nova key pair to enable SSH access to the instances
56 - custom_constraint: nova.keypair
57 NeutronPhysicalBridge:
59 description: An OVS bridge to create for accessing external networks.
61 NeutronPublicInterface:
63 description: Which interface to add to the NeutronPhysicalBridge.
67 description: Mapping of service_name -> network name. Typically set
68 via parameter_defaults in the resource registry.
72 description: Mapping of service endpoint -> protocol. Typically set
73 via parameter_defaults in the resource registry.
79 Setting to a previously unused value during stack-update will trigger
80 package update on all nodes
83 default: '' # Defaults to Heat created hostname
87 description: Optional mapping to override hostnames
88 NetworkDeploymentActions:
89 type: comma_delimited_list
91 Heat action when to apply network configuration changes
96 SoftwareConfigTransport:
97 default: POLL_SERVER_CFN
99 How the server should receive the metadata required for software configuration.
102 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
104 default: 'localdomain'
107 The DNS domain used for the hosts. This must match the
108 overcloud_domain_name configured on the undercloud.
109 ControllerServerMetadata:
112 Extra properties or metadata passed to Nova for the created nodes in
113 the overcloud. It's accessible via the Nova metadata API. This option is
114 role-specific and is merged with the values given to the ServerMetadata
120 Extra properties or metadata passed to Nova for the created nodes in
121 the overcloud. It's accessible via the Nova metadata API. This applies to
122 all roles and is merged with a role-specific metadata parameter.
124 ControllerSchedulerHints:
126 description: Optional scheduler hints to pass to nova
128 ServiceConfigSettings:
132 type: comma_delimited_list
134 MonitoringSubscriptions:
135 type: comma_delimited_list
137 ServiceMetadataSettings:
142 description: Command which will be run whenever configuration data changes
143 default: os-refresh-config --timeout 14400
148 Maximum amount of time to possibly to delay configuation collection
149 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
150 the configuration collection to occur as soon as the collection process
151 starts. This setting is used to prevent the configuration collection
152 processes from polling all at the exact same time.
156 Command or script snippet to run on all overcloud nodes to
157 initialize the upgrade process. E.g. a repository switch.
159 UpgradeInitCommonCommand:
162 Common commands required by the upgrades process. This should not
163 normally be modified by the operator and is set and unset in the
164 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
167 DeploymentServerBlacklistDict:
171 Map of server hostnames to blacklist from any triggered
172 deployments. If the value is 1, the server will be blacklisted. This
173 parameter is generated from the parent template.
176 description: Parameters specific to the role
178 DeploymentSwiftDataMap:
181 Map of servers to Swift container and object for storing deployment data.
182 The keys are the Heat assigned hostnames, and the value is a map of the
183 container/object name in Swift. Example value:
184 overcloud-controller-0:
185 container: overcloud-controller
187 overcloud-controller-1:
188 container: overcloud-controller
190 overcloud-controller-2:
191 container: overcloud-controller
193 overcloud-novacompute-0:
194 container: overcloud-compute
200 description: Do not use deprecated params, they will be removed.
202 - controllerExtraConfig
205 server_not_blacklisted:
208 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
210 deployment_swift_data_map_unset:
213 - DeploymentSwiftDataMap
214 - {get_param: Hostname}
220 type: OS::TripleO::ControllerServer
223 command: {get_param: ConfigCommand}
224 splay: {get_param: ConfigCollectSplay}
226 image: {get_param: controllerImage}
227 image_update_policy: {get_param: ImageUpdatePolicy}
228 flavor: {get_param: OvercloudControlFlavor}
229 key_name: {get_param: KeyName}
232 user_data_format: SOFTWARE_CONFIG
233 user_data: {get_resource: UserData}
236 template: {get_param: Hostname}
237 params: {get_param: HostnameMap}
238 software_config_transport: {get_param: SoftwareConfigTransport}
241 - {get_param: ServerMetadata}
242 - {get_param: ControllerServerMetadata}
243 - {get_param: ServiceMetadataSettings}
244 scheduler_hints: {get_param: ControllerSchedulerHints}
245 deployment_swift_data:
247 - deployment_swift_data_map_unset
249 - {get_param: [DeploymentSwiftDataMap,
250 {get_param: Hostname}]}
252 # Combine the NodeAdminUserData and NodeUserData mime archives
254 type: OS::Heat::MultipartMime
257 - config: {get_resource: NodeAdminUserData}
259 - config: {get_resource: NodeUserData}
261 - config: {get_resource: RoleUserData}
264 # Creates the "heat-admin" user if configured via the environment
265 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
267 type: OS::TripleO::NodeAdminUserData
269 # For optional operator additional userdata
270 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
272 type: OS::TripleO::NodeUserData
274 # For optional operator role-specific userdata
275 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
277 type: OS::TripleO::Controller::NodeUserData
280 type: OS::TripleO::Controller::Ports::ExternalPort
282 IPPool: {get_param: ControllerIPs}
283 NodeIndex: {get_param: NodeIndex}
284 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
287 type: OS::TripleO::Controller::Ports::InternalApiPort
289 IPPool: {get_param: ControllerIPs}
290 NodeIndex: {get_param: NodeIndex}
291 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
294 type: OS::TripleO::Controller::Ports::StoragePort
296 IPPool: {get_param: ControllerIPs}
297 NodeIndex: {get_param: NodeIndex}
298 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
301 type: OS::TripleO::Controller::Ports::StorageMgmtPort
303 IPPool: {get_param: ControllerIPs}
304 NodeIndex: {get_param: NodeIndex}
305 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
308 type: OS::TripleO::Controller::Ports::TenantPort
310 IPPool: {get_param: ControllerIPs}
311 NodeIndex: {get_param: NodeIndex}
312 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
315 type: OS::TripleO::Controller::Ports::ManagementPort
317 IPPool: {get_param: ControllerIPs}
318 NodeIndex: {get_param: NodeIndex}
319 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
322 type: OS::TripleO::Network::Ports::NetIpMap
324 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
325 ExternalIp: {get_attr: [ExternalPort, ip_address]}
326 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
327 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
328 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
329 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
330 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
331 StorageIp: {get_attr: [StoragePort, ip_address]}
332 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
333 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
334 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
335 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
336 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
337 TenantIp: {get_attr: [TenantPort, ip_address]}
338 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
339 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
340 ManagementIp: {get_attr: [ManagementPort, ip_address]}
341 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
342 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
345 type: OS::Heat::Value
353 - - {get_attr: [Controller, name]}
355 - {get_param: CloudDomain}
359 - - {get_attr: [Controller, name]}
365 - - {get_attr: [Controller, name]}
367 - {get_param: CloudDomain}
371 - - {get_attr: [Controller, name]}
377 - - {get_attr: [Controller, name]}
379 - {get_param: CloudDomain}
383 - - {get_attr: [Controller, name]}
389 - - {get_attr: [Controller, name]}
391 - {get_param: CloudDomain}
395 - - {get_attr: [Controller, name]}
401 - - {get_attr: [Controller, name]}
403 - {get_param: CloudDomain}
407 - - {get_attr: [Controller, name]}
413 - - {get_attr: [Controller, name]}
415 - {get_param: CloudDomain}
419 - - {get_attr: [Controller, name]}
425 - - {get_attr: [Controller, name]}
427 - {get_param: CloudDomain}
431 - - {get_attr: [Controller, name]}
435 type: OS::TripleO::Controller::PreNetworkConfig
437 server: {get_resource: Controller}
438 RoleParameters: {get_param: RoleParameters}
439 ServiceNames: {get_param: ServiceNames}
440 deployment_actions: {get_attr: [DeploymentActions, value]}
443 type: OS::TripleO::Controller::Net::SoftwareConfig
445 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
446 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
447 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
448 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
449 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
450 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
451 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
454 type: OS::TripleO::SoftwareDeployment
455 depends_on: PreNetworkConfig
457 name: NetworkDeployment
458 config: {get_resource: NetworkConfig}
459 server: {get_resource: Controller}
462 - server_not_blacklisted
463 - {get_param: NetworkDeploymentActions}
466 bridge_name: {get_param: NeutronPhysicalBridge}
467 interface_name: {get_param: NeutronPublicInterface}
469 # Resource for site-specific injection of root certificate
471 depends_on: NetworkDeployment
472 type: OS::TripleO::NodeTLSCAData
474 server: {get_resource: Controller}
476 # Resource for site-specific passing of private keys/certificates
478 depends_on: NodeTLSCAData
479 type: OS::TripleO::NodeTLSData
481 server: {get_resource: Controller}
482 NodeIndex: {get_param: NodeIndex}
484 ControllerUpgradeInitConfig:
485 type: OS::Heat::SoftwareConfig
491 - - "#!/bin/bash\n\n"
492 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
493 - get_param: UpgradeInitCommand
494 - get_param: UpgradeInitCommonCommand
496 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
497 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
498 ControllerUpgradeInitDeployment:
499 type: OS::Heat::SoftwareDeployment
500 depends_on: NetworkDeployment
502 name: ControllerUpgradeInitDeployment
505 - server_not_blacklisted
506 - ['CREATE', 'UPDATE']
508 server: {get_resource: Controller}
509 config: {get_resource: ControllerUpgradeInitConfig}
511 ControllerDeployment:
512 type: OS::TripleO::SoftwareDeployment
513 depends_on: ControllerUpgradeInitDeployment
515 name: ControllerDeployment
518 - server_not_blacklisted
519 - ['CREATE', 'UPDATE']
521 config: {get_resource: ControllerConfig}
522 server: {get_resource: Controller}
524 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
526 # Map heat metadata into hiera datafiles
528 type: OS::Heat::StructuredConfig
534 - heat_config_%{::deploy_config_name}
536 - controller_extraconfig
541 - bootstrap_node # provided by BootstrapNodeConfig
542 - all_nodes # provided by allNodesConfig
543 - vip_data # provided by allNodesConfig
545 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
546 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
547 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
548 - midonet_data #Optionally provided by AllNodesExtraConfig
549 - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
550 merge_behavior: deeper
553 service_names: {get_param: ServiceNames}
554 sensu::subscriptions: {get_param: MonitoringSubscriptions}
557 - {get_param: ServiceConfigSettings}
558 - values: {get_attr: [NetIpMap, net_ip_map]}
559 controller_extraconfig:
561 - {get_param: controllerExtraConfig}
562 - {get_param: ControllerExtraConfig}
563 extraconfig: {get_param: ExtraConfig}
566 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
567 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
568 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
569 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
570 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
571 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
572 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
573 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
574 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
576 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
577 ControllerExtraConfigPre:
578 depends_on: ControllerDeployment
579 type: OS::TripleO::ControllerExtraConfigPre
580 # We have to use conditions here so that we don't break backwards
581 # compatibility with templates everywhere
582 condition: server_not_blacklisted
584 server: {get_resource: Controller}
586 # Hook for site-specific additional pre-deployment config,
587 # applying to all nodes, e.g node registration/unregistration
589 depends_on: [ControllerExtraConfigPre, NodeTLSData]
590 type: OS::TripleO::NodeExtraConfig
591 # We have to use conditions here so that we don't break backwards
592 # compatibility with templates everywhere
593 condition: server_not_blacklisted
595 server: {get_resource: Controller}
598 type: OS::TripleO::Tasks::PackageUpdate
601 type: OS::Heat::SoftwareDeployment
602 depends_on: NetworkDeployment
604 name: UpdateDeployment
607 - server_not_blacklisted
608 - ['CREATE', 'UPDATE']
610 config: {get_resource: UpdateConfig}
611 server: {get_resource: Controller}
614 get_param: UpdateIdentifier
617 type: OS::Heat::Value
621 - server_not_blacklisted
622 - ['CREATE', 'UPDATE']
626 type: OS::TripleO::Ssh::HostPubKey
627 depends_on: ControllerDeployment
629 server: {get_resource: Controller}
630 deployment_actions: {get_attr: [DeploymentActions, value]}
634 description: IP address of the server in the ctlplane network
635 value: {get_attr: [Controller, networks, ctlplane, 0]}
637 description: IP address of the server in the external network
638 value: {get_attr: [ExternalPort, ip_address]}
639 internal_api_ip_address:
640 description: IP address of the server in the internal_api network
641 value: {get_attr: [InternalApiPort, ip_address]}
643 description: IP address of the server in the storage network
644 value: {get_attr: [StoragePort, ip_address]}
645 storage_mgmt_ip_address:
646 description: IP address of the server in the storage_mgmt network
647 value: {get_attr: [StorageMgmtPort, ip_address]}
649 description: IP address of the server in the tenant network
650 value: {get_attr: [TenantPort, ip_address]}
651 management_ip_address:
652 description: IP address of the server in the management network
653 value: {get_attr: [ManagementPort, ip_address]}
654 deployed_server_port_map:
656 Map of Heat created hostname of the server to ip address. This is the
657 hostname before it has been mapped with the HostnameMap parameter, and
658 the IP address from the ctlplane network. This map can be used to construct
659 the DeployedServerPortMap parameter when using split-stack.
664 - ip_address: {get_attr: [Controller, networks, ctlplane, 0]}
669 - - {get_param: Hostname}
671 deployed_server_deployment_swift_data_map:
673 Map of Heat created hostname of the server to the Swift container and object
674 used to created the temporary url for metadata polling with
682 - {get_attr: [Controller, os_collect_config, request, metadata_url]}
689 - {get_attr: [Controller, os_collect_config, request, metadata_url]}
692 - keys: {hostname: {get_param: Hostname}}
694 description: Hostname of the server
695 value: {get_attr: [Controller, name]}
697 description: Mapping of network names to hostnames
699 external: {get_attr: [NetHostMap, value, external, fqdn]}
700 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
701 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
702 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
703 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
704 management: {get_attr: [NetHostMap, value, management, fqdn]}
705 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
708 Server's IP address and hostname in the /etc/hosts format
712 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
713 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
714 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
715 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
716 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
717 TENANTIP TENANTHOST.DOMAIN TENANTHOST
718 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
719 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
721 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
722 DOMAIN: {get_param: CloudDomain}
723 PRIMARYHOST: {get_attr: [Controller, name]}
724 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
725 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
726 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
727 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
728 STORAGEIP: {get_attr: [StoragePort, ip_address]}
729 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
730 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
731 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
732 TENANTIP: {get_attr: [TenantPort, ip_address]}
733 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
734 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
735 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
736 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
737 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
739 description: Entry for ssh known hosts
742 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
743 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
744 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
745 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
746 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
747 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
748 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
749 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
751 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
752 DOMAIN: {get_param: CloudDomain}
753 PRIMARYHOST: {get_attr: [Controller, name]}
754 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
755 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
756 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
757 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
758 STORAGEIP: {get_attr: [StoragePort, ip_address]}
759 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
760 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
761 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
762 TENANTIP: {get_attr: [TenantPort, ip_address]}
763 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
764 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
765 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
766 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
767 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
768 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
769 nova_server_resource:
770 description: Heat resource handle for the Nova compute server
772 {get_resource: Controller}
773 condition: server_not_blacklisted
775 description: MD5 checksum of the TLS Key Modulus
776 value: {get_attr: [NodeTLSData, key_modulus_md5]}
777 tls_cert_modulus_md5:
778 description: MD5 checksum of the TLS Certificate Modulus
779 value: {get_attr: [NodeTLSData, cert_modulus_md5]}
781 description: The os-collect-config configuration associated with this server resource
782 value: {get_attr: [Controller, os_collect_config]}