puppet/all-nodes-config.j2.yaml

   1 heat_template_version: pike
   2 description: 'All Nodes Config for Puppet'
   3
   4 parameters:
   5 {%- for network in networks if network.vip|default(false) %}
   6   cloud_name_{{network.name_lower}}:
   7     type: string
   8 {%- endfor %}
   9   cloud_name_ctlplane:
  10     type: string
  11   enabled_services:
  12     type: comma_delimited_list
  13   controller_ips:
  14     type: comma_delimited_list
  15   service_ips:
  16     type: json
  17   service_node_names:
  18     type: json
  19   short_service_node_names:
  20     type: json
  21   short_service_bootstrap_node:
  22     type: json
  23   controller_names:
  24     type: comma_delimited_list
  25   NetVipMap:
  26     type: json
  27   RedisVirtualIP:
  28     type: string
  29     default: ''
  30   ServiceNetMap:
  31     type: json
  32   DeployIdentifier:
  33     type: string
  34     default: ''
  35     description: >
  36       Setting this to a unique value will re-run any deployment tasks which
  37       perform configuration on a Heat stack-update.
  38   UpdateIdentifier:
  39     type: string
  40     default: ''
  41     description: >
  42       Setting to a previously unused value during stack-update will trigger
  43       package update on all nodes
  44   StackAction:
  45     type: string
  46     description: >
  47       Heat action on performed top-level stack.  Note StackUpdateType is
  48       set to UPGRADE when a major-version upgrade is in progress.
  49     constraints:
  50     - allowed_values: ['CREATE', 'UPDATE']
  51   StackUpdateType:
  52     type: string
  53     description: >
  54       Type of update, to differentiate between UPGRADE and UPDATE cases
  55       when StackAction is UPDATE (both are the same stack action).
  56     constraints:
  57     - allowed_values: ['', 'UPGRADE']
  58     default: ''
  59   # NOTE(jaosorior): This is being set as IPA as it's the first
  60   # CA we'll actually be testing out. But we can change this if
  61   # people request it.
  62   CertmongerCA:
  63     type: string
  64     default: 'IPA'
  65   EnableInternalTLS:
  66     type: boolean
  67     default: false
  68
  69 {%- for network in networks %}
  70   {{network.name}}NetName:
  71     default: {{network.name_lower}}
  72     description: The name of the {{network.name_lower}} network.
  73     type: string
  74 {%- endfor %}
  75
  76
  77 resources:
  78
  79   allNodesConfigImpl:
  80     type: OS::Heat::StructuredConfig
  81     properties:
  82       group: hiera
  83       config:
  84         datafiles:
  85           bootstrap_node:
  86             bootstrap_nodeid: {get_input: bootstrap_nodeid}
  87             bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
  88           all_nodes:
  89            map_merge:
  90               - enabled_services:
  91                   yaql:
  92                     expression: $.data.distinct()
  93                     data: {get_param: enabled_services}
  94               # This writes out a mapping of service_name_enabled: 'true'
  95               # For any services not enabled, hiera foo_enabled will
  96               # return nil, as it's undefined
  97               - map_merge:
  98                   repeat:
  99                     template:
 100                       # Note this must be string 'true' due to
 101                       # https://bugs.launchpad.net/heat/+bug/1617203
 102                       SERVICE_enabled: 'true'
 103                     for_each:
 104                       SERVICE: {get_param: enabled_services}
 105               # Dynamically generate per-service network data
 106               # This works as follows (outer->inner functions)
 107               # yaql - filters services where no mapping exists in ServiceNetMap
 108               #   map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
 109               #     map_merge/repeat: generate a per-service mapping
 110               - yaql:
 111                   # This filters any entries where the value hasn't been substituted for
 112                   # a list, e.g it's still $service_network.  This happens when there is
 113                   # no network defined for the service in the ServiceNetMap, which is OK
 114                   # as not all services have to be bound to a network, so we filter them
 115                   expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
 116                   data:
 117                     map:
 118                       map_replace:
 119                         - map_merge:
 120                             repeat:
 121                               template:
 122                                 SERVICE_network: SERVICE_network
 123                               for_each:
 124                                 SERVICE: {get_param: enabled_services}
 125                         - values: {get_param: ServiceNetMap}
 126               # Keystone doesn't provide separate entries for the public
 127               # and admin endpoints, so we need to add them here manually
 128               # like we do in the vip-config below
 129               - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
 130                 keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
 131               # provides a mapping of service_name_ips to a list of IPs
 132               - {get_param: service_ips}
 133               - {get_param: service_node_names}
 134               - {get_param: short_service_node_names}
 135               - {get_param: short_service_bootstrap_node}
 136               - controller_node_ips:
 137                   list_join:
 138                   - ','
 139                   - {get_param: controller_ips}
 140                 controller_node_names:
 141                   list_join:
 142                   - ','
 143                   - {get_param: controller_names}
 144                 deploy_identifier: {get_param: DeployIdentifier}
 145                 update_identifier: {get_param: UpdateIdentifier}
 146                 stack_action: {get_param: StackAction}
 147                 stack_update_type: {get_param: StackUpdateType}
 148           vip_data:
 149             map_merge:
 150               # Dynamically generate per-service VIP data based on enabled_services
 151               # This works as follows (outer->inner functions)
 152               # yaql - filters services where no mapping exists in ServiceNetMap
 153               #   map_replace: substitute e.g internal_api with the IP from NetVipMap
 154               #     map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
 155               #       map_merge/repeat: generate a per-service mapping
 156               - yaql:
 157                   # This filters any entries where the value hasn't been substituted for
 158                   # a list, e.g it's still $service_network.  This happens when there is
 159                   # no network defined for the service in the ServiceNetMap, which is OK
 160                   # as not all services have to be bound to a network, so we filter them
 161                   expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
 162                   data:
 163                     map:
 164                       map_replace:
 165                         - map_replace:
 166                             - map_merge:
 167                                 repeat:
 168                                   template:
 169                                     SERVICE_vip: SERVICE_network
 170                                   for_each:
 171                                     SERVICE: {get_param: enabled_services}
 172                             - values: {get_param: ServiceNetMap}
 173                         - values: {get_param: NetVipMap}
 174               - keystone_admin_api_vip:
 175                   get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
 176                 keystone_public_api_vip:
 177                   get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
 178                 public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]}
 179                 controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
 180                 internal_api_virtual_ip: {get_param: [NetVipMap, {get_param: InternalApiNetName}]}
 181                 storage_virtual_ip: {get_param: [NetVipMap, {get_param: StorageNetName}]}
 182                 storage_mgmt_virtual_ip: {get_param: [NetVipMap, {get_param: StorageMgmtNetName}]}
 183                 redis_vip: {get_param: RedisVirtualIP}
 184                 # public_virtual_ip and controller_virtual_ip are needed in
 185                 # both HAproxy & keepalived.
 186                 tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]}
 187                 tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
 188                 tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]}
 189                 tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
 190                 tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, {get_param: InternalApiNetName}]}
 191                 tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, {get_param: StorageNetName}]}
 192                 tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, {get_param: StorageMgmtNetName}]}
 193                 tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
 194                 tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
 195                 cloud_name_external: {get_param: cloud_name_external}
 196                 cloud_name_internal_api: {get_param: cloud_name_internal_api}
 197                 cloud_name_storage: {get_param: cloud_name_storage}
 198                 cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
 199                 cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
 200                 # TLS parameters
 201                 certmonger_ca: {get_param: CertmongerCA}
 202                 enable_internal_tls: {get_param: EnableInternalTLS}
 203
 204 outputs:
 205   config_id:
 206     description: The ID of the allNodesConfigImpl resource.
 207     value:
 208       {get_resource: allNodesConfigImpl}