1 heat_template_version: pike
4 OpenStack controller node configured by Puppet.
10 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
12 ControllerExtraConfig:
15 Controller specific hiera configuration data to inject into the cluster.
20 A network mapped list of IPs to assign to Controllers in the following form:
22 "internal_api": ["a.b.c.d", "e.f.g.h"],
28 description: Set to True to enable debugging on all services.
32 description: Whether to deploy a LoadBalancer on the Controller
37 Additional hieradata to inject into the cluster, note that
38 ControllerExtraConfig takes precedence over ExtraConfig.
40 OvercloudControlFlavor:
41 description: Flavor for control nodes to request when deploying.
45 - custom_constraint: nova.flavor
48 default: overcloud-full
50 - custom_constraint: glance.image
52 default: 'REBUILD_PRESERVE_EPHEMERAL'
53 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
57 description: Name of an existing Nova key pair to enable SSH access to the instances
60 - custom_constraint: nova.keypair
61 NeutronPublicInterface:
63 description: What interface to bridge onto br-ex for network nodes.
67 description: Mapping of service_name -> network name. Typically set
68 via parameter_defaults in the resource registry.
72 description: Mapping of service endpoint -> protocol. Typically set
73 via parameter_defaults in the resource registry.
79 Setting to a previously unused value during stack-update will trigger
80 package update on all nodes
83 default: '' # Defaults to Heat created hostname
87 description: Optional mapping to override hostnames
88 NetworkDeploymentActions:
89 type: comma_delimited_list
91 Heat action when to apply network configuration changes
96 SoftwareConfigTransport:
97 default: POLL_SERVER_CFN
99 How the server should receive the metadata required for software configuration.
102 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
104 default: 'localdomain'
107 The DNS domain used for the hosts. This must match the
108 overcloud_domain_name configured on the undercloud.
109 ControllerServerMetadata:
112 Extra properties or metadata passed to Nova for the created nodes in
113 the overcloud. It's accessible via the Nova metadata API. This option is
114 role-specific and is merged with the values given to the ServerMetadata
120 Extra properties or metadata passed to Nova for the created nodes in
121 the overcloud. It's accessible via the Nova metadata API. This applies to
122 all roles and is merged with a role-specific metadata parameter.
124 ControllerSchedulerHints:
126 description: Optional scheduler hints to pass to nova
128 ServiceConfigSettings:
132 type: comma_delimited_list
134 MonitoringSubscriptions:
135 type: comma_delimited_list
137 ServiceMetadataSettings:
142 description: Command which will be run whenever configuration data changes
143 default: os-refresh-config --timeout 14400
148 Maximum amount of time to possibly to delay configuation collection
149 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
150 the configuration collection to occur as soon as the collection process
151 starts. This setting is used to prevent the configuration collection
152 processes from polling all at the exact same time.
156 Command or script snippet to run on all overcloud nodes to
157 initialize the upgrade process. E.g. a repository switch.
159 UpgradeInitCommonCommand:
162 Common commands required by the upgrades process. This should not
163 normally be modified by the operator and is set and unset in the
164 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
167 DeploymentServerBlacklistDict:
171 Map of server hostnames to blacklist from any triggered
172 deployments. If the value is 1, the server will be blacklisted. This
173 parameter is generated from the parent template.
176 description: Role Specific Parameters
181 description: Do not use deprecated params, they will be removed.
183 - controllerExtraConfig
186 server_not_blacklisted:
189 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
196 type: OS::TripleO::ControllerServer
199 command: {get_param: ConfigCommand}
200 splay: {get_param: ConfigCollectSplay}
202 image: {get_param: controllerImage}
203 image_update_policy: {get_param: ImageUpdatePolicy}
204 flavor: {get_param: OvercloudControlFlavor}
205 key_name: {get_param: KeyName}
208 user_data_format: SOFTWARE_CONFIG
209 user_data: {get_resource: UserData}
212 template: {get_param: Hostname}
213 params: {get_param: HostnameMap}
214 software_config_transport: {get_param: SoftwareConfigTransport}
217 - {get_param: ServerMetadata}
218 - {get_param: ControllerServerMetadata}
219 - {get_param: ServiceMetadataSettings}
220 scheduler_hints: {get_param: ControllerSchedulerHints}
222 # Combine the NodeAdminUserData and NodeUserData mime archives
224 type: OS::Heat::MultipartMime
227 - config: {get_resource: NodeAdminUserData}
229 - config: {get_resource: NodeUserData}
231 - config: {get_resource: RoleUserData}
234 # Creates the "heat-admin" user if configured via the environment
235 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
237 type: OS::TripleO::NodeAdminUserData
239 # For optional operator additional userdata
240 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
242 type: OS::TripleO::NodeUserData
244 # For optional operator role-specific userdata
245 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
247 type: OS::TripleO::Controller::NodeUserData
250 type: OS::TripleO::Controller::Ports::ExternalPort
252 IPPool: {get_param: ControllerIPs}
253 NodeIndex: {get_param: NodeIndex}
254 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
257 type: OS::TripleO::Controller::Ports::InternalApiPort
259 IPPool: {get_param: ControllerIPs}
260 NodeIndex: {get_param: NodeIndex}
261 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
264 type: OS::TripleO::Controller::Ports::StoragePort
266 IPPool: {get_param: ControllerIPs}
267 NodeIndex: {get_param: NodeIndex}
268 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
271 type: OS::TripleO::Controller::Ports::StorageMgmtPort
273 IPPool: {get_param: ControllerIPs}
274 NodeIndex: {get_param: NodeIndex}
275 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
278 type: OS::TripleO::Controller::Ports::TenantPort
280 IPPool: {get_param: ControllerIPs}
281 NodeIndex: {get_param: NodeIndex}
282 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
285 type: OS::TripleO::Controller::Ports::ManagementPort
287 IPPool: {get_param: ControllerIPs}
288 NodeIndex: {get_param: NodeIndex}
289 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
292 type: OS::TripleO::Network::Ports::NetIpMap
294 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
295 ExternalIp: {get_attr: [ExternalPort, ip_address]}
296 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
297 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
298 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
299 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
300 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
301 StorageIp: {get_attr: [StoragePort, ip_address]}
302 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
303 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
304 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
305 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
306 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
307 TenantIp: {get_attr: [TenantPort, ip_address]}
308 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
309 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
310 ManagementIp: {get_attr: [ManagementPort, ip_address]}
311 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
312 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
315 type: OS::Heat::Value
323 - - {get_attr: [Controller, name]}
325 - {get_param: CloudDomain}
329 - - {get_attr: [Controller, name]}
335 - - {get_attr: [Controller, name]}
337 - {get_param: CloudDomain}
341 - - {get_attr: [Controller, name]}
347 - - {get_attr: [Controller, name]}
349 - {get_param: CloudDomain}
353 - - {get_attr: [Controller, name]}
359 - - {get_attr: [Controller, name]}
361 - {get_param: CloudDomain}
365 - - {get_attr: [Controller, name]}
371 - - {get_attr: [Controller, name]}
373 - {get_param: CloudDomain}
377 - - {get_attr: [Controller, name]}
383 - - {get_attr: [Controller, name]}
385 - {get_param: CloudDomain}
389 - - {get_attr: [Controller, name]}
395 - - {get_attr: [Controller, name]}
397 - {get_param: CloudDomain}
401 - - {get_attr: [Controller, name]}
405 type: OS::TripleO::Controller::PreNetworkConfig
407 server: {get_resource: Controller}
408 RoleParameters: {get_param: RoleParameters}
409 ServiceNames: {get_param: ServiceNames}
412 type: OS::TripleO::Controller::Net::SoftwareConfig
414 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
415 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
416 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
417 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
418 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
419 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
420 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
423 type: OS::TripleO::SoftwareDeployment
424 depends_on: PreNetworkConfig
426 name: NetworkDeployment
427 config: {get_resource: NetworkConfig}
428 server: {get_resource: Controller}
431 - server_not_blacklisted
432 - {get_param: NetworkDeploymentActions}
436 interface_name: {get_param: NeutronPublicInterface}
438 # Resource for site-specific injection of root certificate
440 depends_on: NetworkDeployment
441 type: OS::TripleO::NodeTLSCAData
443 server: {get_resource: Controller}
445 # Resource for site-specific passing of private keys/certificates
447 depends_on: NodeTLSCAData
448 type: OS::TripleO::NodeTLSData
450 server: {get_resource: Controller}
451 NodeIndex: {get_param: NodeIndex}
453 ControllerUpgradeInitConfig:
454 type: OS::Heat::SoftwareConfig
460 - - "#!/bin/bash\n\n"
461 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
462 - get_param: UpgradeInitCommand
463 - get_param: UpgradeInitCommonCommand
465 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
466 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
467 ControllerUpgradeInitDeployment:
468 type: OS::Heat::SoftwareDeployment
469 depends_on: NetworkDeployment
471 name: ControllerUpgradeInitDeployment
474 - server_not_blacklisted
475 - ['CREATE', 'UPDATE']
477 server: {get_resource: Controller}
478 config: {get_resource: ControllerUpgradeInitConfig}
480 ControllerDeployment:
481 type: OS::TripleO::SoftwareDeployment
482 depends_on: ControllerUpgradeInitDeployment
484 name: ControllerDeployment
487 - server_not_blacklisted
488 - ['CREATE', 'UPDATE']
490 config: {get_resource: ControllerConfig}
491 server: {get_resource: Controller}
493 bootstack_nodeid: {get_attr: [Controller, name]}
494 enable_load_balancer: {get_param: EnableLoadBalancer}
495 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
497 # Map heat metadata into hiera datafiles
499 type: OS::Heat::StructuredConfig
505 - heat_config_%{::deploy_config_name}
507 - controller_extraconfig
512 - bootstrap_node # provided by BootstrapNodeConfig
513 - all_nodes # provided by allNodesConfig
514 - vip_data # provided by allNodesConfig
516 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
517 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
518 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
519 - midonet_data #Optionally provided by AllNodesExtraConfig
520 - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
521 merge_behavior: deeper
524 service_names: {get_param: ServiceNames}
525 sensu::subscriptions: {get_param: MonitoringSubscriptions}
528 - {get_param: ServiceConfigSettings}
529 - values: {get_attr: [NetIpMap, net_ip_map]}
530 controller_extraconfig:
532 - {get_param: controllerExtraConfig}
533 - {get_param: ControllerExtraConfig}
534 extraconfig: {get_param: ExtraConfig}
536 # data supplied directly to this deployment configuration, etc
537 bootstack_nodeid: {get_input: bootstack_nodeid}
539 enable_load_balancer: {get_input: enable_load_balancer}
542 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
543 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
544 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
545 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
546 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
547 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
548 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
549 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
550 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
552 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
553 ControllerExtraConfigPre:
554 depends_on: ControllerDeployment
555 type: OS::TripleO::ControllerExtraConfigPre
557 server: {get_resource: Controller}
559 # Hook for site-specific additional pre-deployment config,
560 # applying to all nodes, e.g node registration/unregistration
562 depends_on: [ControllerExtraConfigPre, NodeTLSData]
563 type: OS::TripleO::NodeExtraConfig
565 server: {get_resource: Controller}
568 type: OS::TripleO::Tasks::PackageUpdate
571 type: OS::Heat::SoftwareDeployment
572 depends_on: NetworkDeployment
574 name: UpdateDeployment
577 - server_not_blacklisted
578 - ['CREATE', 'UPDATE']
580 config: {get_resource: UpdateConfig}
581 server: {get_resource: Controller}
584 get_param: UpdateIdentifier
587 type: OS::TripleO::Ssh::HostPubKey
588 depends_on: ControllerDeployment
590 server: {get_resource: Controller}
594 description: IP address of the server in the ctlplane network
595 value: {get_attr: [Controller, networks, ctlplane, 0]}
597 description: IP address of the server in the external network
598 value: {get_attr: [ExternalPort, ip_address]}
599 internal_api_ip_address:
600 description: IP address of the server in the internal_api network
601 value: {get_attr: [InternalApiPort, ip_address]}
603 description: IP address of the server in the storage network
604 value: {get_attr: [StoragePort, ip_address]}
605 storage_mgmt_ip_address:
606 description: IP address of the server in the storage_mgmt network
607 value: {get_attr: [StorageMgmtPort, ip_address]}
609 description: IP address of the server in the tenant network
610 value: {get_attr: [TenantPort, ip_address]}
611 management_ip_address:
612 description: IP address of the server in the management network
613 value: {get_attr: [ManagementPort, ip_address]}
615 description: Hostname of the server
616 value: {get_attr: [Controller, name]}
618 description: Mapping of network names to hostnames
620 external: {get_attr: [NetHostMap, value, external, fqdn]}
621 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
622 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
623 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
624 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
625 management: {get_attr: [NetHostMap, value, management, fqdn]}
626 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
629 Server's IP address and hostname in the /etc/hosts format
633 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
634 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
635 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
636 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
637 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
638 TENANTIP TENANTHOST.DOMAIN TENANTHOST
639 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
640 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
642 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
643 DOMAIN: {get_param: CloudDomain}
644 PRIMARYHOST: {get_attr: [Controller, name]}
645 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
646 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
647 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
648 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
649 STORAGEIP: {get_attr: [StoragePort, ip_address]}
650 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
651 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
652 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
653 TENANTIP: {get_attr: [TenantPort, ip_address]}
654 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
655 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
656 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
657 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
658 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
660 description: Entry for ssh known hosts
663 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
664 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
665 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
666 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
667 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
668 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
669 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
670 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
672 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
673 DOMAIN: {get_param: CloudDomain}
674 PRIMARYHOST: {get_attr: [Controller, name]}
675 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
676 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
677 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
678 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
679 STORAGEIP: {get_attr: [StoragePort, ip_address]}
680 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
681 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
682 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
683 TENANTIP: {get_attr: [TenantPort, ip_address]}
684 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
685 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
686 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
687 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
688 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
689 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
690 nova_server_resource:
691 description: Heat resource handle for the Nova compute server
693 {get_resource: Controller}
694 condition: server_not_blacklisted
696 description: MD5 checksum of the TLS Key Modulus
697 value: {get_attr: [NodeTLSData, key_modulus_md5]}
698 tls_cert_modulus_md5:
699 description: MD5 checksum of the TLS Certificate Modulus
700 value: {get_attr: [NodeTLSData, cert_modulus_md5]}