puppet/all-nodes-config.yaml

   1 heat_template_version: 2016-10-14
   2 description: 'All Nodes Config for Puppet'
   3
   4 parameters:
   5   cloud_name_external:
   6     type: string
   7   cloud_name_internal_api:
   8     type: string
   9   cloud_name_storage:
  10     type: string
  11   cloud_name_storage_mgmt:
  12     type: string
  13   cloud_name_ctlplane:
  14     type: string
  15   hosts:
  16     type: comma_delimited_list
  17   # FIXME(shardy) this can be comma_delimited_list when
  18   # https://bugs.launchpad.net/heat/+bug/1617019 is fixed
  19   enabled_services:
  20     type: string
  21   controller_ips:
  22     type: comma_delimited_list
  23   service_ips:
  24     type: json
  25   service_node_names:
  26     type: json
  27   controller_names:
  28     type: comma_delimited_list
  29   memcache_node_ips:
  30     type: comma_delimited_list
  31   NetVipMap:
  32     type: json
  33   RedisVirtualIP:
  34     type: string
  35     default: ''
  36   ServiceNetMap:
  37     type: json
  38   DeployIdentifier:
  39     type: string
  40     default: ''
  41     description: >
  42       Setting this to a unique value will re-run any deployment tasks which
  43       perform configuration on a Heat stack-update.
  44   UpdateIdentifier:
  45     type: string
  46     description: >
  47       Setting to a previously unused value during stack-update will trigger
  48       package update on all nodes
  49   StackAction:
  50     type: string
  51     description: >
  52       Heat action on performed top-level stack.
  53     constraints:
  54     - allowed_values: ['CREATE', 'UPDATE']
  55   # NOTE(jaosorior): This is being set as IPA as it's the first
  56   # CA we'll actually be testing out. But we can change this if
  57   # people request it.
  58   CertmongerCA:
  59     type: string
  60     default: 'IPA'
  61
  62 resources:
  63
  64   allNodesConfigImpl:
  65     type: OS::Heat::StructuredConfig
  66     properties:
  67       group: os-apply-config
  68       config:
  69         hosts:
  70           list_join:
  71           - "\n"
  72           - {get_param: hosts}
  73         hiera:
  74           datafiles:
  75             bootstrap_node:
  76               mapped_data:
  77                 bootstrap_nodeid: {get_input: bootstrap_nodeid}
  78                 bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
  79             all_nodes:
  80               mapped_data:
  81                 map_merge:
  82                   - enabled_services: {get_param: enabled_services}
  83                   # This writes out a mapping of service_name_enabled: 'true'
  84                   # For any services not enabled, hiera foo_enabled will
  85                   # return nil, as it's undefined
  86                   - map_merge:
  87                       repeat:
  88                         template:
  89                           # Note this must be string 'true' due to
  90                           # https://bugs.launchpad.net/heat/+bug/1617203
  91                           SERVICE_enabled: 'true'
  92                         for_each:
  93                           SERVICE:
  94                             str_split: [',', {get_param: enabled_services}]
  95                   # Dynamically generate per-service network data
  96                   # This works as follows (outer->inner functions)
  97                   # yaql - filters services where no mapping exists in ServiceNetMap
  98                   #   map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
  99                   #     map_merge/repeat: generate a per-service mapping
 100                   - yaql:
 101                       # This filters any entries where the value hasn't been substituted for
 102                       # a list, e.g it's still $service_network.  This happens when there is
 103                       # no network defined for the service in the ServiceNetMap, which is OK
 104                       # as not all services have to be bound to a network, so we filter them
 105                       expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
 106                       data:
 107                         map:
 108                           map_replace:
 109                             - map_merge:
 110                                 repeat:
 111                                   template:
 112                                     SERVICE_network: SERVICE_network
 113                                   for_each:
 114                                     SERVICE:
 115                                       str_split: [',', {get_param: enabled_services}]
 116                             - values: {get_param: ServiceNetMap}
 117                   # Keystone doesn't provide separate entries for the public
 118                   # and admin endpoints, so we need to add them here manually
 119                   # like we do in the vip-config below
 120                   - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
 121                     keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
 122                   # provides a mapping of service_name_ips to a list of IPs
 123                   - {get_param: service_ips}
 124                   - {get_param: service_node_names}
 125                   - controller_node_ips:
 126                       list_join:
 127                       - ','
 128                       - {get_param: controller_ips}
 129                     controller_node_names:
 130                       list_join:
 131                       - ','
 132                       - {get_param: controller_names}
 133                     memcached_node_ips_v6:
 134                       str_replace:
 135                         template: "['inet6:[SERVERS_LIST]']"
 136                         params:
 137                           SERVERS_LIST:
 138                             list_join:
 139                             - "]','inet6:["
 140                             - {get_param: memcache_node_ips}
 141
 142                     deploy_identifier: {get_param: DeployIdentifier}
 143                     update_identifier: {get_param: UpdateIdentifier}
 144                     stack_action: {get_param: StackAction}
 145             vip_data:
 146               mapped_data:
 147                 map_merge:
 148                   # Dynamically generate per-service VIP data based on enabled_services
 149                   # This works as follows (outer->inner functions)
 150                   # yaql - filters services where no mapping exists in ServiceNetMap
 151                   #   map_replace: substitute e.g internal_api with the IP from NetVipMap
 152                   #     map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
 153                   #       map_merge/repeat: generate a per-service mapping
 154                   - yaql:
 155                       # This filters any entries where the value hasn't been substituted for
 156                       # a list, e.g it's still $service_network.  This happens when there is
 157                       # no network defined for the service in the ServiceNetMap, which is OK
 158                       # as not all services have to be bound to a network, so we filter them
 159                       expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
 160                       data:
 161                         map:
 162                           map_replace:
 163                             - map_replace:
 164                                 - map_merge:
 165                                     repeat:
 166                                       template:
 167                                         SERVICE_vip: SERVICE_network
 168                                       for_each:
 169                                         SERVICE:
 170                                           str_split: [',', {get_param: enabled_services}]
 171                                 - values: {get_param: ServiceNetMap}
 172                             - values: {get_param: NetVipMap}
 173                   - keystone_admin_api_vip:
 174                       get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
 175                     keystone_public_api_vip:
 176                       get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
 177                     public_virtual_ip: {get_param: [NetVipMap, external]}
 178                     controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
 179                     internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
 180                     storage_virtual_ip: {get_param: [NetVipMap, storage]}
 181                     storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
 182                     redis_vip: {get_param: RedisVirtualIP}
 183                     # public_virtual_ip and controller_virtual_ip are needed in
 184                     # both HAproxy & keepalived.
 185                     tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
 186                     tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
 187                     tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
 188                     tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
 189                     tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
 190                     tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
 191                     tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
 192                     tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
 193                     tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
 194                     cloud_name_external: {get_param: cloud_name_external}
 195                     cloud_name_internal_api: {get_param: cloud_name_internal_api}
 196                     cloud_name_storage: {get_param: cloud_name_storage}
 197                     cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
 198                     cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
 199                     # TLS parameters
 200                     certmonger_ca: {get_param: CertmongerCA}
 201
 202 outputs:
 203   config_id:
 204     description: The ID of the allNodesConfigImpl resource.
 205     value:
 206       {get_resource: allNodesConfigImpl}
 207   hosts_entries:
 208     description: |
 209       The content that should be appended to your /etc/hosts if you want to get
 210       hostname-based access to the deployed nodes (useful for testing without
 211       setting up a DNS).
 212     value: {get_attr: [allNodesConfigImpl, config, hosts]}