1 heat_template_version: 2016-10-14
4 Deploy an OpenStack environment, consisting of several node types (roles),
5 Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage
6 roles enable independent scaling of the storage components, but the minimal
7 deployment is one Controller and one Compute node.
10 # TODO(shadower): we should probably use the parameter groups to put
14 # Common parameters (not specific to a role)
16 default: overcloud.localdomain
17 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
20 default: overcloud.internalapi.localdomain
22 The DNS name of this cloud's internal API endpoint. E.g.
23 'ci-overcloud.internalapi.tripleo.org'.
26 default: overcloud.storage.localdomain
28 The DNS name of this cloud's storage endpoint. E.g.
29 'ci-overcloud.storage.tripleo.org'.
31 CloudNameStorageManagement:
32 default: overcloud.storagemgmt.localdomain
34 The DNS name of this cloud's storage management endpoint. E.g.
35 'ci-overcloud.storagemgmt.tripleo.org'.
38 default: overcloud.ctlplane.localdomain
40 The DNS name of this cloud's storage management endpoint. E.g.
41 'ci-overcloud.management.tripleo.org'.
45 description: Should be used for arbitrary ips.
47 InternalApiVirtualFixedIPs:
50 Control the IP allocation for the InternalApiVirtualInterface port. E.g.
51 [{'ip_address':'1.2.3.4'}]
53 NeutronControlPlaneID:
56 description: Neutron ID or name for ctlplane network.
57 NeutronPublicInterface:
59 description: What interface to bridge onto br-ex for network nodes.
61 PublicVirtualFixedIPs:
64 Control the IP allocation for the PublicVirtualInterface port. E.g.
65 [{'ip_address':'1.2.3.4'}]
70 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
71 StorageVirtualFixedIPs:
74 Control the IP allocation for the StorageVirtualInterface port. E.g.
75 [{'ip_address':'1.2.3.4'}]
77 StorageMgmtVirtualFixedIPs:
80 Control the IP allocation for the StorageMgmgVirtualInterface port. E.g.
81 [{'ip_address':'1.2.3.4'}]
86 Control the IP allocation for the virtual IP used by Redis. E.g.
87 [{'ip_address':'1.2.3.4'}]
90 default: 'localdomain'
93 The DNS domain used for the hosts. This should match the dhcp_domain
94 configured in the Undercloud neutron. Defaults to localdomain.
98 Extra properties or metadata passed to Nova for the created nodes in
99 the overcloud. It's accessible via the Nova metadata API.
102 # Compute-specific params
103 # FIXME(shardy) handle these deprecated names as they don't match compute.yaml
104 HypervisorNeutronPhysicalBridge:
107 An OVS bridge to create on each hypervisor. This defaults to br-ex the
108 same as the control plane nodes, as we have a uniform configuration of
109 the openvswitch agent. Typically should not need to be changed.
111 HypervisorNeutronPublicInterface:
113 description: What interface to add to the HypervisorNeutronPhysicalBridge.
116 # Jinja loop for Role in role_data.yaml
117 {% for role in roles %}
118 # Parameters generated for {{role.name}} Role
119 {{role.name}}Services:
120 description: A list of service resources (configured in the Heat
121 resource_registry) which represent nested stacks
122 for each service that should get installed on the {{role.name}} role.
123 type: comma_delimited_list
124 {% if role.ServicesDefault %}
125 default: {{role.ServicesDefault}}
129 description: Number of {{role.name}} nodes to deploy
131 {% if role.CountDefault %}
132 default: {{role.CountDefault}}
135 {{role.name}}HostnameFormat:
138 Format for {{role.name}} node hostnames
139 Note %index% is translated into the index of the node, e.g 0/1/2 etc
140 and %stackname% is replaced with the stack name e.g overcloud
141 {% if role.HostnameFormatDefault %}
142 default: "{{role.HostnameFormatDefault}}"
145 {{role.name}}RemovalPolicies:
149 List of resources to be removed from {{role.name}} ResourceGroup when
150 doing an update which requires removal of specific resources.
151 Example format ComputeRemovalPolicies: [{'resource_list': ['0']}]
154 # Identifiers to trigger tasks on nodes
159 Setting to a previously unused value during stack-update will trigger
160 package update on all nodes
165 Setting this to a unique value will re-run any deployment tasks which
166 perform configuration on a Heat stack-update.
170 HeatAuthEncryptionKey:
171 type: OS::Heat::RandomString
174 type: OS::Heat::RandomString
179 type: OS::Heat::RandomString
184 type: OS::TripleO::ServiceNetMap
187 type: OS::TripleO::EndpointMap
190 external: {get_param: CloudName}
191 internal_api: {get_param: CloudNameInternal}
192 storage: {get_param: CloudNameStorage}
193 storage_mgmt: {get_param: CloudNameStorageManagement}
194 ctlplane: {get_param: CloudNameCtlplane}
195 NetIpMap: {get_attr: [VipMap, net_ip_map]}
196 ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
198 # Jinja loop for Role in roles_data.yaml
199 {% for role in roles %}
200 # Resources generated for {{role.name}} Role
201 {{role.name}}ServiceChain:
202 type: OS::TripleO::Services
205 get_param: {{role.name}}Services
206 ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
207 EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
208 DefaultPasswords: {get_attr: [DefaultPasswords, passwords]}
210 {{role.name}}AllNodesDeployment:
211 type: OS::Heat::StructuredDeployments
213 name: {{role.name}}AllNodesDeployment
214 config: {get_attr: [allNodesConfig, config_id]}
215 servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
217 bootstrap_nodeid: {get_attr: [{{role.name}}, resource.0.hostname]}
218 bootstrap_nodeid_ip: {get_attr: [{{role.name}}, resource.0.ip_address]}
220 {{role.name}}AllNodesValidationDeployment:
221 type: OS::Heat::StructuredDeployments
222 depends_on: {{role.name}}AllNodesDeployment
224 name: {{role.name}}AllNodesValidationDeployment
225 config: {get_resource: AllNodesValidationConfig}
226 servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
228 {{role.name}}IpListMap:
229 type: OS::TripleO::Network::Ports::NetIpListMap
231 ControlPlaneIpList: {get_attr: [{{role.name}}, ip_address]}
232 ExternalIpList: {get_attr: [{{role.name}}, external_ip_address]}
233 InternalApiIpList: {get_attr: [{{role.name}}, internal_api_ip_address]}
234 StorageIpList: {get_attr: [{{role.name}}, storage_ip_address]}
235 StorageMgmtIpList: {get_attr: [{{role.name}}, storage_mgmt_ip_address]}
236 TenantIpList: {get_attr: [{{role.name}}, tenant_ip_address]}
237 ManagementIpList: {get_attr: [{{role.name}}, management_ip_address]}
238 EnabledServices: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]}
239 ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
240 ServiceHostnameList: {get_attr: [{{role.name}}, hostname]}
243 type: OS::Heat::ResourceGroup
246 count: {get_param: {{role.name}}Count}
247 removal_policies: {get_param: {{role.name}}RemovalPolicies}
249 type: OS::TripleO::{{role.name}}
251 CloudDomain: {get_param: CloudDomain}
252 ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
253 EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
256 template: {get_param: {{role.name}}HostnameFormat}
258 '%stackname%': {get_param: 'OS::stack_name'}
260 ServiceConfigSettings:
262 - get_attr: [{{role.name}}ServiceChain, role_data, config_settings]
264 - get_attr: [{{r.name}}ServiceChain, role_data, global_config_settings]
266 ServiceNames: {get_attr: [{{role.name}}ServiceChain, role_data, service_names]}
267 MonitoringSubscriptions: {get_attr: [{{role.name}}ServiceChain, role_data, monitoring_subscriptions]}
268 LoggingSources: {get_attr: [{{role.name}}ServiceChain, role_data, logging_sources]}
269 LoggingGroups: {get_attr: [{{role.name}}ServiceChain, role_data, logging_groups]}
273 type: OS::TripleO::AllNodes::SoftwareConfig
275 cloud_name_external: {get_param: CloudName}
276 cloud_name_internal_api: {get_param: CloudNameInternal}
277 cloud_name_storage: {get_param: CloudNameStorage}
278 cloud_name_storage_mgmt: {get_param: CloudNameStorageManagement}
279 cloud_name_ctlplane: {get_param: CloudNameCtlplane}
281 {% for role in roles %}
284 - {get_attr: [{{role.name}}, hosts_entry]}
289 {% for role in roles %}
290 - {get_attr: [{{role.name}}ServiceChain, role_data, service_names]}
292 controller_ips: {get_attr: [Controller, ip_address]}
293 controller_names: {get_attr: [Controller, hostname]}
295 # Note (shardy) this somewhat complex yaql may be replaced
296 # with a map_deep_merge function in ocata. It merges the
297 # list of maps, but appends to colliding lists when a service
298 # is deployed on more than one role
300 expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten()]))
303 {% for role in roles %}
304 - {get_attr: [{{role.name}}IpListMap, service_ips]}
308 expression: dict($.data.l.where($ != null).selectMany($.items()).groupBy($[0], $[1], [$[0], $[1].flatten()]))
311 {% for role in roles %}
312 - {get_attr: [{{role.name}}IpListMap, service_hostnames]}
314 # FIXME(shardy): These require further work to move into service_ips
315 memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MemcachedNetwork]}]}
316 keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]}
317 keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]}
318 NetVipMap: {get_attr: [VipMap, net_ip_map]}
319 RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
320 ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map_lower]}
321 DeployIdentifier: {get_param: DeployIdentifier}
322 UpdateIdentifier: {get_param: UpdateIdentifier}
325 type: OS::Heat::RandomString
330 type: OS::Heat::RandomString
333 salt: {get_param: RabbitCookieSalt}
336 type: OS::TripleO::DefaultPasswords
338 DefaultMysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
339 DefaultRabbitCookie: {get_attr: [RabbitCookie, value]}
340 DefaultHeatAuthEncryptionKey: {get_attr: [HeatAuthEncryptionKey, value]}
341 DefaultPcsdPassword: {get_attr: [PcsdPassword, value]}
342 DefaultHorizonSecret: {get_attr: [HorizonSecret, value]}
344 # creates the network architecture
346 type: OS::TripleO::Network
349 type: OS::Neutron::Port
352 name: control_virtual_ip
353 network: {get_param: NeutronControlPlaneID}
354 fixed_ips: {get_param: ControlFixedIPs}
355 replacement_policy: AUTO
359 type: OS::TripleO::Network::Ports::RedisVipPort
361 ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
362 ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
363 PortName: redis_virtual_ip
364 NetworkName: {get_attr: [ServiceNetMap, service_net_map, RedisNetwork]}
366 FixedIPs: {get_param: RedisVirtualFixedIPs}
368 # The public VIP is on the External net, falls back to ctlplane
371 type: OS::TripleO::Network::Ports::ExternalVipPort
373 ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
374 ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
375 PortName: public_virtual_ip
376 FixedIPs: {get_param: PublicVirtualFixedIPs}
378 InternalApiVirtualIP:
380 type: OS::TripleO::Network::Ports::InternalApiVipPort
382 ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
383 PortName: internal_api_virtual_ip
384 FixedIPs: {get_param: InternalApiVirtualFixedIPs}
388 type: OS::TripleO::Network::Ports::StorageVipPort
390 ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
391 PortName: storage_virtual_ip
392 FixedIPs: {get_param: StorageVirtualFixedIPs}
394 StorageMgmtVirtualIP:
396 type: OS::TripleO::Network::Ports::StorageMgmtVipPort
398 ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
399 PortName: storage_management_virtual_ip
400 FixedIPs: {get_param: StorageMgmtVirtualFixedIPs}
403 type: OS::TripleO::Network::Ports::NetVipMap
405 ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
406 ExternalIp: {get_attr: [PublicVirtualIP, ip_address]}
407 ExternalIpUri: {get_attr: [PublicVirtualIP, ip_address_uri]}
408 InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
409 InternalApiIpUri: {get_attr: [InternalApiVirtualIP, ip_address_uri]}
410 StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
411 StorageIpUri: {get_attr: [StorageVirtualIP, ip_address_uri]}
412 StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
413 StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]}
414 # No tenant or management VIP required
416 # All Nodes Validations
417 AllNodesValidationConfig:
418 type: OS::TripleO::AllNodes::Validation
423 - - {get_attr: [Controller, resource.0.external_ip_address]}
424 - {get_attr: [Controller, resource.0.internal_api_ip_address]}
425 - {get_attr: [Controller, resource.0.storage_ip_address]}
426 - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]}
427 - {get_attr: [Controller, resource.0.tenant_ip_address]}
428 - {get_attr: [Controller, resource.0.management_ip_address]}
431 type: OS::TripleO::Tasks::UpdateWorkflow
434 {% for role in roles %}
435 {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
438 deploy_identifier: {get_param: DeployIdentifier}
439 update_identifier: {get_param: UpdateIdentifier}
441 # Optional ExtraConfig for all nodes - all roles are passed in here, but
442 # the nested template may configure each role differently (or not at all)
444 type: OS::TripleO::AllNodesExtraConfig
447 {% for role in roles %}
448 - {{role.name}}AllNodesValidationDeployment
451 {% for role in roles %}
452 servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
455 # Post deployment steps for all roles
457 type: OS::TripleO::PostDeploySteps
460 {% for role in roles %}
461 {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
464 {% for role in roles %}
465 {{role.name}}: {get_attr: [{{role.name}}ServiceChain, role_data]}
470 description: Asserts that the keystone endpoints have been provisioned.
473 description: URL for the Overcloud Keystone service
474 value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]}
476 description: Keystone Admin VIP endpoint
477 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystoneAdminApiNetwork]}]}
479 description: Controller VIP for public API endpoints
480 value: {get_attr: [VipMap, net_ip_map, external]}
482 description: VIP for Aodh API internal endpoint
483 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, AodhApiNetwork]}]}
484 CeilometerInternalVip:
485 description: VIP for Ceilometer API internal endpoint
486 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CeilometerApiNetwork]}]}
488 description: VIP for Ceph RGW internal endpoint
489 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CephRgwNetwork]}]}
491 description: VIP for Cinder API internal endpoint
492 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, CinderApiNetwork]}]}
494 description: VIP for Glance API internal endpoint
495 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GlanceApiNetwork]}]}
497 description: VIP for Gnocchi API internal endpoint
498 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, GnocchiApiNetwork]}]}
500 description: VIP for Heat API internal endpoint
501 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, HeatApiNetwork]}]}
503 description: VIP for Ironic API internal endpoint
504 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, IronicApiNetwork]}]}
506 description: VIP for Keystone API internal endpoint
507 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, KeystonePublicApiNetwork]}]}
509 description: VIP for Manila API internal endpoint
510 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, ManilaApiNetwork]}]}
512 description: VIP for Neutron API internal endpoint
513 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NeutronApiNetwork]}]}
515 description: VIP for Nova API internal endpoint
516 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, NovaApiNetwork]}]}
517 OpenDaylightInternalVip:
518 description: VIP for OpenDaylight API internal endpoint
519 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, OpenDaylightApiNetwork]}]}
521 description: VIP for Sahara API internal endpoint
522 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SaharaApiNetwork]}]}
524 description: VIP for Swift Proxy internal endpoint
525 value: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, SwiftProxyNetwork]}]}
528 Mapping of the resources with the needed info for their endpoints.
529 This includes the protocol used, the IP, port and also a full
530 representation of the URI.
531 value: {get_attr: [EndpointMap, endpoint_map]}
534 The content that should be appended to your /etc/hosts if you want to get
535 hostname-based access to the deployed nodes (useful for testing without
537 value: {get_attr: [allNodesConfig, hosts_entries]}
539 description: The services enabled on each role
541 Controller: {get_attr: [ControllerServiceChain, role_data, service_names]}
542 Compute: {get_attr: [ComputeServiceChain, role_data, service_names]}
543 BlockStorage: {get_attr: [BlockStorageServiceChain, role_data, service_names]}
544 ObjectStorage: {get_attr: [ObjectStorageServiceChain, role_data, service_names]}
545 CephStorage: {get_attr: [CephStorageServiceChain, role_data, service_names]}