1 heat_template_version: pike
4 OpenStack controller node configured by Puppet.
10 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
12 ControllerExtraConfig:
15 Controller specific hiera configuration data to inject into the cluster.
20 A network mapped list of IPs to assign to Controllers in the following form:
22 "internal_api": ["a.b.c.d", "e.f.g.h"],
28 description: Set to True to enable debugging on all services.
32 description: Whether to deploy a LoadBalancer on the Controller
37 Additional hieradata to inject into the cluster, note that
38 ControllerExtraConfig takes precedence over ExtraConfig.
40 OvercloudControlFlavor:
41 description: Flavor for control nodes to request when deploying.
45 - custom_constraint: nova.flavor
48 default: overcloud-full
50 - custom_constraint: glance.image
52 default: 'REBUILD_PRESERVE_EPHEMERAL'
53 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
57 description: Name of an existing Nova key pair to enable SSH access to the instances
60 - custom_constraint: nova.keypair
61 NeutronPublicInterface:
63 description: What interface to bridge onto br-ex for network nodes.
67 description: Mapping of service_name -> network name. Typically set
68 via parameter_defaults in the resource registry.
72 description: Mapping of service endpoint -> protocol. Typically set
73 via parameter_defaults in the resource registry.
79 Setting to a previously unused value during stack-update will trigger
80 package update on all nodes
83 default: '' # Defaults to Heat created hostname
87 description: Optional mapping to override hostnames
88 NetworkDeploymentActions:
89 type: comma_delimited_list
91 Heat action when to apply network configuration changes
96 SoftwareConfigTransport:
97 default: POLL_SERVER_CFN
99 How the server should receive the metadata required for software configuration.
102 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
104 default: 'localdomain'
107 The DNS domain used for the hosts. This should match the dhcp_domain
108 configured in the Undercloud neutron. Defaults to localdomain.
109 ControllerServerMetadata:
112 Extra properties or metadata passed to Nova for the created nodes in
113 the overcloud. It's accessible via the Nova metadata API. This option is
114 role-specific and is merged with the values given to the ServerMetadata
120 Extra properties or metadata passed to Nova for the created nodes in
121 the overcloud. It's accessible via the Nova metadata API. This applies to
122 all roles and is merged with a role-specific metadata parameter.
124 ControllerSchedulerHints:
126 description: Optional scheduler hints to pass to nova
128 ServiceConfigSettings:
132 type: comma_delimited_list
134 MonitoringSubscriptions:
135 type: comma_delimited_list
137 ServiceMetadataSettings:
142 description: Command which will be run whenever configuration data changes
143 default: os-refresh-config --timeout 14400
148 Maximum amount of time to possibly to delay configuation collection
149 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
150 the configuration collection to occur as soon as the collection process
151 starts. This setting is used to prevent the configuration collection
152 processes from polling all at the exact same time.
156 Command or script snippet to run on all overcloud nodes to
157 initialize the upgrade process. E.g. a repository switch.
159 UpgradeInitCommonCommand:
162 Common commands required by the upgrades process. This should not
163 normally be modified by the operator and is set and unset in the
164 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
170 description: Do not use deprecated params, they will be removed.
172 - controllerExtraConfig
177 type: OS::TripleO::ControllerServer
180 command: {get_param: ConfigCommand}
181 splay: {get_param: ConfigCollectSplay}
183 image: {get_param: controllerImage}
184 image_update_policy: {get_param: ImageUpdatePolicy}
185 flavor: {get_param: OvercloudControlFlavor}
186 key_name: {get_param: KeyName}
189 user_data_format: SOFTWARE_CONFIG
190 user_data: {get_resource: UserData}
193 template: {get_param: Hostname}
194 params: {get_param: HostnameMap}
195 software_config_transport: {get_param: SoftwareConfigTransport}
198 - {get_param: ServerMetadata}
199 - {get_param: ControllerServerMetadata}
200 - {get_param: ServiceMetadataSettings}
201 scheduler_hints: {get_param: ControllerSchedulerHints}
203 # Combine the NodeAdminUserData and NodeUserData mime archives
205 type: OS::Heat::MultipartMime
208 - config: {get_resource: NodeAdminUserData}
210 - config: {get_resource: NodeUserData}
212 - config: {get_resource: RoleUserData}
215 # Creates the "heat-admin" user if configured via the environment
216 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
218 type: OS::TripleO::NodeAdminUserData
220 # For optional operator additional userdata
221 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
223 type: OS::TripleO::NodeUserData
225 # For optional operator role-specific userdata
226 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
228 type: OS::TripleO::Controller::NodeUserData
231 type: OS::TripleO::Controller::Ports::ExternalPort
233 IPPool: {get_param: ControllerIPs}
234 NodeIndex: {get_param: NodeIndex}
235 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
238 type: OS::TripleO::Controller::Ports::InternalApiPort
240 IPPool: {get_param: ControllerIPs}
241 NodeIndex: {get_param: NodeIndex}
242 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
245 type: OS::TripleO::Controller::Ports::StoragePort
247 IPPool: {get_param: ControllerIPs}
248 NodeIndex: {get_param: NodeIndex}
249 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
252 type: OS::TripleO::Controller::Ports::StorageMgmtPort
254 IPPool: {get_param: ControllerIPs}
255 NodeIndex: {get_param: NodeIndex}
256 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
259 type: OS::TripleO::Controller::Ports::TenantPort
261 IPPool: {get_param: ControllerIPs}
262 NodeIndex: {get_param: NodeIndex}
263 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
266 type: OS::TripleO::Controller::Ports::ManagementPort
268 IPPool: {get_param: ControllerIPs}
269 NodeIndex: {get_param: NodeIndex}
270 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
273 type: OS::TripleO::Network::Ports::NetIpMap
275 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
276 ExternalIp: {get_attr: [ExternalPort, ip_address]}
277 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
278 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
279 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
280 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
281 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
282 StorageIp: {get_attr: [StoragePort, ip_address]}
283 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
284 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
285 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
286 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
287 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
288 TenantIp: {get_attr: [TenantPort, ip_address]}
289 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
290 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
291 ManagementIp: {get_attr: [ManagementPort, ip_address]}
292 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
293 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
296 type: OS::Heat::Value
304 - - {get_attr: [Controller, name]}
306 - {get_param: CloudDomain}
310 - - {get_attr: [Controller, name]}
316 - - {get_attr: [Controller, name]}
318 - {get_param: CloudDomain}
322 - - {get_attr: [Controller, name]}
328 - - {get_attr: [Controller, name]}
330 - {get_param: CloudDomain}
334 - - {get_attr: [Controller, name]}
340 - - {get_attr: [Controller, name]}
342 - {get_param: CloudDomain}
346 - - {get_attr: [Controller, name]}
352 - - {get_attr: [Controller, name]}
354 - {get_param: CloudDomain}
358 - - {get_attr: [Controller, name]}
364 - - {get_attr: [Controller, name]}
366 - {get_param: CloudDomain}
370 - - {get_attr: [Controller, name]}
376 - - {get_attr: [Controller, name]}
378 - {get_param: CloudDomain}
382 - - {get_attr: [Controller, name]}
386 type: OS::TripleO::Controller::PreNetworkConfig
388 server: {get_resource: Controller}
391 type: OS::TripleO::Controller::Net::SoftwareConfig
393 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
394 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
395 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
396 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
397 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
398 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
399 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
402 type: OS::TripleO::SoftwareDeployment
403 depends_on: PreNetworkConfig
405 name: NetworkDeployment
406 config: {get_resource: NetworkConfig}
407 server: {get_resource: Controller}
408 actions: {get_param: NetworkDeploymentActions}
411 interface_name: {get_param: NeutronPublicInterface}
413 # Resource for site-specific injection of root certificate
415 depends_on: NetworkDeployment
416 type: OS::TripleO::NodeTLSCAData
418 server: {get_resource: Controller}
420 # Resource for site-specific passing of private keys/certificates
422 depends_on: NodeTLSCAData
423 type: OS::TripleO::NodeTLSData
425 server: {get_resource: Controller}
426 NodeIndex: {get_param: NodeIndex}
428 ControllerUpgradeInitConfig:
429 type: OS::Heat::SoftwareConfig
435 - - "#!/bin/bash\n\n"
436 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
437 - get_param: UpgradeInitCommand
438 - get_param: UpgradeInitCommonCommand
440 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
441 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
442 ControllerUpgradeInitDeployment:
443 type: OS::Heat::SoftwareDeployment
444 depends_on: NetworkDeployment
446 name: ControllerUpgradeInitDeployment
447 server: {get_resource: Controller}
448 config: {get_resource: ControllerUpgradeInitConfig}
450 ControllerDeployment:
451 type: OS::TripleO::SoftwareDeployment
452 depends_on: ControllerUpgradeInitDeployment
454 name: ControllerDeployment
455 config: {get_resource: ControllerConfig}
456 server: {get_resource: Controller}
458 bootstack_nodeid: {get_attr: [Controller, name]}
459 enable_load_balancer: {get_param: EnableLoadBalancer}
460 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
462 # Map heat metadata into hiera datafiles
464 type: OS::Heat::StructuredConfig
470 - heat_config_%{::deploy_config_name}
471 - controller_extraconfig
476 - bootstrap_node # provided by BootstrapNodeConfig
477 - all_nodes # provided by allNodesConfig
478 - vip_data # provided by allNodesConfig
480 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
481 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
482 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
483 - midonet_data #Optionally provided by AllNodesExtraConfig
484 - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
485 merge_behavior: deeper
488 service_names: {get_param: ServiceNames}
489 sensu::subscriptions: {get_param: MonitoringSubscriptions}
492 - {get_param: ServiceConfigSettings}
493 - values: {get_attr: [NetIpMap, net_ip_map]}
494 controller_extraconfig:
496 - {get_param: controllerExtraConfig}
497 - {get_param: ControllerExtraConfig}
498 extraconfig: {get_param: ExtraConfig}
500 # data supplied directly to this deployment configuration, etc
501 bootstack_nodeid: {get_input: bootstack_nodeid}
503 enable_load_balancer: {get_input: enable_load_balancer}
506 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
507 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
508 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
509 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
510 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
511 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
512 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
513 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
515 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
516 ControllerExtraConfigPre:
517 depends_on: ControllerDeployment
518 type: OS::TripleO::ControllerExtraConfigPre
520 server: {get_resource: Controller}
522 # Hook for site-specific additional pre-deployment config,
523 # applying to all nodes, e.g node registration/unregistration
525 depends_on: [ControllerExtraConfigPre, NodeTLSData]
526 type: OS::TripleO::NodeExtraConfig
528 server: {get_resource: Controller}
531 type: OS::TripleO::Tasks::PackageUpdate
534 type: OS::Heat::SoftwareDeployment
535 depends_on: NetworkDeployment
537 name: UpdateDeployment
538 config: {get_resource: UpdateConfig}
539 server: {get_resource: Controller}
542 get_param: UpdateIdentifier
545 type: OS::TripleO::Ssh::HostPubKey
546 depends_on: ControllerDeployment
548 server: {get_resource: Controller}
552 description: IP address of the server in the ctlplane network
553 value: {get_attr: [Controller, networks, ctlplane, 0]}
555 description: IP address of the server in the external network
556 value: {get_attr: [ExternalPort, ip_address]}
557 internal_api_ip_address:
558 description: IP address of the server in the internal_api network
559 value: {get_attr: [InternalApiPort, ip_address]}
561 description: IP address of the server in the storage network
562 value: {get_attr: [StoragePort, ip_address]}
563 storage_mgmt_ip_address:
564 description: IP address of the server in the storage_mgmt network
565 value: {get_attr: [StorageMgmtPort, ip_address]}
567 description: IP address of the server in the tenant network
568 value: {get_attr: [TenantPort, ip_address]}
569 management_ip_address:
570 description: IP address of the server in the management network
571 value: {get_attr: [ManagementPort, ip_address]}
573 description: Hostname of the server
574 value: {get_attr: [Controller, name]}
576 description: Mapping of network names to hostnames
578 external: {get_attr: [NetHostMap, value, external, fqdn]}
579 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
580 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
581 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
582 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
583 management: {get_attr: [NetHostMap, value, management, fqdn]}
584 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
587 Server's IP address and hostname in the /etc/hosts format
591 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
592 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
593 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
594 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
595 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
596 TENANTIP TENANTHOST.DOMAIN TENANTHOST
597 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
598 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
600 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
601 DOMAIN: {get_param: CloudDomain}
602 PRIMARYHOST: {get_attr: [Controller, name]}
603 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
604 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
605 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
606 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
607 STORAGEIP: {get_attr: [StoragePort, ip_address]}
608 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
609 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
610 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
611 TENANTIP: {get_attr: [TenantPort, ip_address]}
612 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
613 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
614 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
615 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
616 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
618 description: Entry for ssh known hosts
621 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
622 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
623 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
624 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
625 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
626 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
627 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
628 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
630 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
631 DOMAIN: {get_param: CloudDomain}
632 PRIMARYHOST: {get_attr: [Controller, name]}
633 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
634 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
635 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
636 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
637 STORAGEIP: {get_attr: [StoragePort, ip_address]}
638 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
639 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
640 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
641 TENANTIP: {get_attr: [TenantPort, ip_address]}
642 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
643 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
644 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
645 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
646 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
647 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
648 nova_server_resource:
649 description: Heat resource handle for the Nova compute server
651 {get_resource: Controller}
653 description: MD5 checksum of the TLS Key Modulus
654 value: {get_attr: [NodeTLSData, key_modulus_md5]}
655 tls_cert_modulus_md5:
656 description: MD5 checksum of the TLS Certificate Modulus
657 value: {get_attr: [NodeTLSData, cert_modulus_md5]}