1 heat_template_version: pike
4 OpenStack controller node configured by Puppet.
10 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
12 ControllerExtraConfig:
15 Controller specific hiera configuration data to inject into the cluster.
20 A network mapped list of IPs to assign to Controllers in the following form:
22 "internal_api": ["a.b.c.d", "e.f.g.h"],
28 description: Set to True to enable debugging on all services.
32 description: Whether to deploy a LoadBalancer on the Controller
37 Additional hieradata to inject into the cluster, note that
38 ControllerExtraConfig takes precedence over ExtraConfig.
40 OvercloudControlFlavor:
41 description: Flavor for control nodes to request when deploying.
45 - custom_constraint: nova.flavor
48 default: overcloud-full
50 - custom_constraint: glance.image
52 default: 'REBUILD_PRESERVE_EPHEMERAL'
53 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
57 description: Name of an existing Nova key pair to enable SSH access to the instances
60 - custom_constraint: nova.keypair
61 NeutronPublicInterface:
63 description: What interface to bridge onto br-ex for network nodes.
67 description: Mapping of service_name -> network name. Typically set
68 via parameter_defaults in the resource registry.
72 description: Mapping of service endpoint -> protocol. Typically set
73 via parameter_defaults in the resource registry.
79 Setting to a previously unused value during stack-update will trigger
80 package update on all nodes
83 default: '' # Defaults to Heat created hostname
87 description: Optional mapping to override hostnames
88 NetworkDeploymentActions:
89 type: comma_delimited_list
91 Heat action when to apply network configuration changes
96 SoftwareConfigTransport:
97 default: POLL_SERVER_CFN
99 How the server should receive the metadata required for software configuration.
102 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
104 default: 'localdomain'
107 The DNS domain used for the hosts. This should match the dhcp_domain
108 configured in the Undercloud neutron. Defaults to localdomain.
109 ControllerServerMetadata:
112 Extra properties or metadata passed to Nova for the created nodes in
113 the overcloud. It's accessible via the Nova metadata API. This option is
114 role-specific and is merged with the values given to the ServerMetadata
120 Extra properties or metadata passed to Nova for the created nodes in
121 the overcloud. It's accessible via the Nova metadata API. This applies to
122 all roles and is merged with a role-specific metadata parameter.
124 ControllerSchedulerHints:
126 description: Optional scheduler hints to pass to nova
128 ServiceConfigSettings:
132 type: comma_delimited_list
134 MonitoringSubscriptions:
135 type: comma_delimited_list
137 ServiceMetadataSettings:
142 description: Command which will be run whenever configuration data changes
143 default: os-refresh-config --timeout 14400
148 Maximum amount of time to possibly to delay configuation collection
149 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
150 the configuration collection to occur as soon as the collection process
151 starts. This setting is used to prevent the configuration collection
152 processes from polling all at the exact same time.
156 Command or script snippet to run on all overcloud nodes to
157 initialize the upgrade process. E.g. a repository switch.
159 UpgradeInitCommonCommand:
162 Common commands required by the upgrades process. This should not
163 normally be modified by the operator and is set and unset in the
164 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
167 DeploymentServerBlacklistDict:
171 Map of server hostnames to blacklist from any triggered
172 deployments. If the value is 1, the server will be blacklisted. This
173 parameter is generated from the parent template.
177 description: Do not use deprecated params, they will be removed.
179 - controllerExtraConfig
182 server_not_blacklisted:
185 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
192 type: OS::TripleO::ControllerServer
195 command: {get_param: ConfigCommand}
196 splay: {get_param: ConfigCollectSplay}
198 image: {get_param: controllerImage}
199 image_update_policy: {get_param: ImageUpdatePolicy}
200 flavor: {get_param: OvercloudControlFlavor}
201 key_name: {get_param: KeyName}
204 user_data_format: SOFTWARE_CONFIG
205 user_data: {get_resource: UserData}
208 template: {get_param: Hostname}
209 params: {get_param: HostnameMap}
210 software_config_transport: {get_param: SoftwareConfigTransport}
213 - {get_param: ServerMetadata}
214 - {get_param: ControllerServerMetadata}
215 - {get_param: ServiceMetadataSettings}
216 scheduler_hints: {get_param: ControllerSchedulerHints}
218 # Combine the NodeAdminUserData and NodeUserData mime archives
220 type: OS::Heat::MultipartMime
223 - config: {get_resource: NodeAdminUserData}
225 - config: {get_resource: NodeUserData}
227 - config: {get_resource: RoleUserData}
230 # Creates the "heat-admin" user if configured via the environment
231 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
233 type: OS::TripleO::NodeAdminUserData
235 # For optional operator additional userdata
236 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
238 type: OS::TripleO::NodeUserData
240 # For optional operator role-specific userdata
241 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
243 type: OS::TripleO::Controller::NodeUserData
246 type: OS::TripleO::Controller::Ports::ExternalPort
248 IPPool: {get_param: ControllerIPs}
249 NodeIndex: {get_param: NodeIndex}
250 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
253 type: OS::TripleO::Controller::Ports::InternalApiPort
255 IPPool: {get_param: ControllerIPs}
256 NodeIndex: {get_param: NodeIndex}
257 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
260 type: OS::TripleO::Controller::Ports::StoragePort
262 IPPool: {get_param: ControllerIPs}
263 NodeIndex: {get_param: NodeIndex}
264 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
267 type: OS::TripleO::Controller::Ports::StorageMgmtPort
269 IPPool: {get_param: ControllerIPs}
270 NodeIndex: {get_param: NodeIndex}
271 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
274 type: OS::TripleO::Controller::Ports::TenantPort
276 IPPool: {get_param: ControllerIPs}
277 NodeIndex: {get_param: NodeIndex}
278 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
281 type: OS::TripleO::Controller::Ports::ManagementPort
283 IPPool: {get_param: ControllerIPs}
284 NodeIndex: {get_param: NodeIndex}
285 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
288 type: OS::TripleO::Network::Ports::NetIpMap
290 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
291 ExternalIp: {get_attr: [ExternalPort, ip_address]}
292 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
293 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
294 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
295 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
296 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
297 StorageIp: {get_attr: [StoragePort, ip_address]}
298 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
299 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
300 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
301 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
302 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
303 TenantIp: {get_attr: [TenantPort, ip_address]}
304 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
305 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
306 ManagementIp: {get_attr: [ManagementPort, ip_address]}
307 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
308 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
311 type: OS::Heat::Value
319 - - {get_attr: [Controller, name]}
321 - {get_param: CloudDomain}
325 - - {get_attr: [Controller, name]}
331 - - {get_attr: [Controller, name]}
333 - {get_param: CloudDomain}
337 - - {get_attr: [Controller, name]}
343 - - {get_attr: [Controller, name]}
345 - {get_param: CloudDomain}
349 - - {get_attr: [Controller, name]}
355 - - {get_attr: [Controller, name]}
357 - {get_param: CloudDomain}
361 - - {get_attr: [Controller, name]}
367 - - {get_attr: [Controller, name]}
369 - {get_param: CloudDomain}
373 - - {get_attr: [Controller, name]}
379 - - {get_attr: [Controller, name]}
381 - {get_param: CloudDomain}
385 - - {get_attr: [Controller, name]}
391 - - {get_attr: [Controller, name]}
393 - {get_param: CloudDomain}
397 - - {get_attr: [Controller, name]}
401 type: OS::TripleO::Controller::PreNetworkConfig
403 server: {get_resource: Controller}
406 type: OS::TripleO::Controller::Net::SoftwareConfig
408 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
409 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
410 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
411 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
412 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
413 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
414 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
417 type: OS::TripleO::SoftwareDeployment
418 depends_on: PreNetworkConfig
420 name: NetworkDeployment
421 config: {get_resource: NetworkConfig}
422 server: {get_resource: Controller}
425 - server_not_blacklisted
426 - {get_param: NetworkDeploymentActions}
430 interface_name: {get_param: NeutronPublicInterface}
432 # Resource for site-specific injection of root certificate
434 depends_on: NetworkDeployment
435 type: OS::TripleO::NodeTLSCAData
437 server: {get_resource: Controller}
439 # Resource for site-specific passing of private keys/certificates
441 depends_on: NodeTLSCAData
442 type: OS::TripleO::NodeTLSData
444 server: {get_resource: Controller}
445 NodeIndex: {get_param: NodeIndex}
447 ControllerUpgradeInitConfig:
448 type: OS::Heat::SoftwareConfig
454 - - "#!/bin/bash\n\n"
455 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
456 - get_param: UpgradeInitCommand
457 - get_param: UpgradeInitCommonCommand
459 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
460 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
461 ControllerUpgradeInitDeployment:
462 type: OS::Heat::SoftwareDeployment
463 depends_on: NetworkDeployment
465 name: ControllerUpgradeInitDeployment
468 - server_not_blacklisted
469 - ['CREATE', 'UPDATE']
471 server: {get_resource: Controller}
472 config: {get_resource: ControllerUpgradeInitConfig}
474 ControllerDeployment:
475 type: OS::TripleO::SoftwareDeployment
476 depends_on: ControllerUpgradeInitDeployment
478 name: ControllerDeployment
481 - server_not_blacklisted
482 - ['CREATE', 'UPDATE']
484 config: {get_resource: ControllerConfig}
485 server: {get_resource: Controller}
487 bootstack_nodeid: {get_attr: [Controller, name]}
488 enable_load_balancer: {get_param: EnableLoadBalancer}
489 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
491 # Map heat metadata into hiera datafiles
493 type: OS::Heat::StructuredConfig
499 - heat_config_%{::deploy_config_name}
501 - controller_extraconfig
506 - bootstrap_node # provided by BootstrapNodeConfig
507 - all_nodes # provided by allNodesConfig
508 - vip_data # provided by allNodesConfig
510 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
511 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
512 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
513 - midonet_data #Optionally provided by AllNodesExtraConfig
514 - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
515 merge_behavior: deeper
518 service_names: {get_param: ServiceNames}
519 sensu::subscriptions: {get_param: MonitoringSubscriptions}
522 - {get_param: ServiceConfigSettings}
523 - values: {get_attr: [NetIpMap, net_ip_map]}
524 controller_extraconfig:
526 - {get_param: controllerExtraConfig}
527 - {get_param: ControllerExtraConfig}
528 extraconfig: {get_param: ExtraConfig}
530 # data supplied directly to this deployment configuration, etc
531 bootstack_nodeid: {get_input: bootstack_nodeid}
533 enable_load_balancer: {get_input: enable_load_balancer}
536 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
537 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
538 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
539 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
540 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
541 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
542 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
543 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
544 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
546 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
547 ControllerExtraConfigPre:
548 depends_on: ControllerDeployment
549 type: OS::TripleO::ControllerExtraConfigPre
551 server: {get_resource: Controller}
553 # Hook for site-specific additional pre-deployment config,
554 # applying to all nodes, e.g node registration/unregistration
556 depends_on: [ControllerExtraConfigPre, NodeTLSData]
557 type: OS::TripleO::NodeExtraConfig
559 server: {get_resource: Controller}
562 type: OS::TripleO::Tasks::PackageUpdate
565 type: OS::Heat::SoftwareDeployment
566 depends_on: NetworkDeployment
568 name: UpdateDeployment
571 - server_not_blacklisted
572 - ['CREATE', 'UPDATE']
574 config: {get_resource: UpdateConfig}
575 server: {get_resource: Controller}
578 get_param: UpdateIdentifier
581 type: OS::TripleO::Ssh::HostPubKey
582 depends_on: ControllerDeployment
584 server: {get_resource: Controller}
588 description: IP address of the server in the ctlplane network
589 value: {get_attr: [Controller, networks, ctlplane, 0]}
591 description: IP address of the server in the external network
592 value: {get_attr: [ExternalPort, ip_address]}
593 internal_api_ip_address:
594 description: IP address of the server in the internal_api network
595 value: {get_attr: [InternalApiPort, ip_address]}
597 description: IP address of the server in the storage network
598 value: {get_attr: [StoragePort, ip_address]}
599 storage_mgmt_ip_address:
600 description: IP address of the server in the storage_mgmt network
601 value: {get_attr: [StorageMgmtPort, ip_address]}
603 description: IP address of the server in the tenant network
604 value: {get_attr: [TenantPort, ip_address]}
605 management_ip_address:
606 description: IP address of the server in the management network
607 value: {get_attr: [ManagementPort, ip_address]}
609 description: Hostname of the server
610 value: {get_attr: [Controller, name]}
612 description: Mapping of network names to hostnames
614 external: {get_attr: [NetHostMap, value, external, fqdn]}
615 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
616 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
617 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
618 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
619 management: {get_attr: [NetHostMap, value, management, fqdn]}
620 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
623 Server's IP address and hostname in the /etc/hosts format
627 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
628 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
629 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
630 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
631 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
632 TENANTIP TENANTHOST.DOMAIN TENANTHOST
633 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
634 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
636 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
637 DOMAIN: {get_param: CloudDomain}
638 PRIMARYHOST: {get_attr: [Controller, name]}
639 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
640 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
641 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
642 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
643 STORAGEIP: {get_attr: [StoragePort, ip_address]}
644 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
645 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
646 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
647 TENANTIP: {get_attr: [TenantPort, ip_address]}
648 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
649 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
650 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
651 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
652 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
654 description: Entry for ssh known hosts
657 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
658 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
659 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
660 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
661 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
662 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
663 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
664 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
666 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
667 DOMAIN: {get_param: CloudDomain}
668 PRIMARYHOST: {get_attr: [Controller, name]}
669 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
670 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
671 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
672 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
673 STORAGEIP: {get_attr: [StoragePort, ip_address]}
674 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
675 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
676 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
677 TENANTIP: {get_attr: [TenantPort, ip_address]}
678 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
679 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
680 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
681 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
682 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
683 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
684 nova_server_resource:
685 description: Heat resource handle for the Nova compute server
687 {get_resource: Controller}
688 condition: server_not_blacklisted
690 description: MD5 checksum of the TLS Key Modulus
691 value: {get_attr: [NodeTLSData, key_modulus_md5]}
692 tls_cert_modulus_md5:
693 description: MD5 checksum of the TLS Certificate Modulus
694 value: {get_attr: [NodeTLSData, cert_modulus_md5]}