1 heat_template_version: 2016-10-14
2 description: 'All Nodes Config for Puppet'
7 cloud_name_internal_api:
11 cloud_name_storage_mgmt:
16 type: comma_delimited_list
17 # FIXME(shardy) this can be comma_delimited_list when
18 # https://bugs.launchpad.net/heat/+bug/1617019 is fixed
22 type: comma_delimited_list
28 type: comma_delimited_list
30 type: comma_delimited_list
31 keystone_public_api_node_ips:
32 type: comma_delimited_list
33 keystone_admin_api_node_ips:
34 type: comma_delimited_list
46 Setting this to a unique value will re-run any deployment tasks which
47 perform configuration on a Heat stack-update.
51 Setting to a previously unused value during stack-update will trigger
52 package update on all nodes
56 Heat action on performed top-level stack.
58 - allowed_values: ['CREATE', 'UPDATE']
59 # NOTE(jaosorior): This is being set as IPA as it's the first
60 # CA we'll actually be testing out. But we can change this if
72 type: OS::Heat::StructuredConfig
74 group: os-apply-config
84 bootstrap_nodeid: {get_input: bootstrap_nodeid}
85 bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
89 - enabled_services: {get_param: enabled_services}
90 # This writes out a mapping of service_name_enabled: 'true'
91 # For any services not enabled, hiera foo_enabled will
92 # return nil, as it's undefined
96 # Note this must be string 'true' due to
97 # https://bugs.launchpad.net/heat/+bug/1617203
98 SERVICE_enabled: 'true'
101 str_split: [',', {get_param: enabled_services}]
102 # Dynamically generate per-service network data
103 # This works as follows (outer->inner functions)
104 # yaql - filters services where no mapping exists in ServiceNetMap
105 # map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
106 # map_merge/repeat: generate a per-service mapping
108 # This filters any entries where the value hasn't been substituted for
109 # a list, e.g it's still $service_network. This happens when there is
110 # no network defined for the service in the ServiceNetMap, which is OK
111 # as not all services have to be bound to a network, so we filter them
112 expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
119 SERVICE_network: SERVICE_network
122 str_split: [',', {get_param: enabled_services}]
123 - values: {get_param: ServiceNetMap}
124 # Keystone doesn't provide separate entries for the public
125 # and admin endpoints, so we need to add them here manually
126 # like we do in the vip-config below
127 - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
128 keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
129 # provides a mapping of service_name_ips to a list of IPs
130 - {get_param: service_ips}
131 - {get_param: service_node_names}
132 - controller_node_ips:
135 - {get_param: controller_ips}
136 controller_node_names:
139 - {get_param: controller_names}
140 memcached_node_ips_v6:
142 template: "['inet6:[SERVERS_LIST]']"
147 - {get_param: memcache_node_ips}
148 keystone_public_api_node_ips:
150 template: "['SERVERS_LIST']"
155 - {get_param: keystone_public_api_node_ips}
156 keystone_admin_api_node_ips:
158 template: "['SERVERS_LIST']"
163 - {get_param: keystone_admin_api_node_ips}
165 deploy_identifier: {get_param: DeployIdentifier}
166 update_identifier: {get_param: UpdateIdentifier}
167 stack_action: {get_param: StackAction}
171 # Dynamically generate per-service VIP data based on enabled_services
172 # This works as follows (outer->inner functions)
173 # yaql - filters services where no mapping exists in ServiceNetMap
174 # map_replace: substitute e.g internal_api with the IP from NetVipMap
175 # map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
176 # map_merge/repeat: generate a per-service mapping
178 # This filters any entries where the value hasn't been substituted for
179 # a list, e.g it's still $service_network. This happens when there is
180 # no network defined for the service in the ServiceNetMap, which is OK
181 # as not all services have to be bound to a network, so we filter them
182 expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
190 SERVICE_vip: SERVICE_network
193 str_split: [',', {get_param: enabled_services}]
194 - values: {get_param: ServiceNetMap}
195 - values: {get_param: NetVipMap}
196 - keystone_admin_api_vip:
197 get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
198 keystone_public_api_vip:
199 get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
200 public_virtual_ip: {get_param: [NetVipMap, external]}
201 controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
202 internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
203 storage_virtual_ip: {get_param: [NetVipMap, storage]}
204 storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
205 redis_vip: {get_param: RedisVirtualIP}
206 # public_virtual_ip and controller_virtual_ip are needed in
207 # both HAproxy & keepalived.
208 tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, external]}
209 tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
210 tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, external]}
211 tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
212 tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, internal_api]}
213 tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, storage]}
214 tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, storage_mgmt]}
215 tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
216 tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
217 cloud_name_external: {get_param: cloud_name_external}
218 cloud_name_internal_api: {get_param: cloud_name_internal_api}
219 cloud_name_storage: {get_param: cloud_name_storage}
220 cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
221 cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
223 certmonger_ca: {get_param: CertmongerCA}
224 enable_internal_tls: {get_param: EnableInternalTLS}
228 description: The ID of the allNodesConfigImpl resource.
230 {get_resource: allNodesConfigImpl}
233 The content that should be appended to your /etc/hosts if you want to get
234 hostname-based access to the deployed nodes (useful for testing without
236 value: {get_attr: [allNodesConfigImpl, config, hosts]}