1 heat_template_version: pike
4 OpenStack controller node configured by Puppet.
10 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
12 ControllerExtraConfig:
15 Controller specific hiera configuration data to inject into the cluster.
20 A network mapped list of IPs to assign to Controllers in the following form:
22 "internal_api": ["a.b.c.d", "e.f.g.h"],
28 description: Set to True to enable debugging on all services.
32 description: Whether to deploy a LoadBalancer on the Controller
37 Additional hieradata to inject into the cluster, note that
38 ControllerExtraConfig takes precedence over ExtraConfig.
40 OvercloudControlFlavor:
41 description: Flavor for control nodes to request when deploying.
45 - custom_constraint: nova.flavor
48 default: overcloud-full
50 - custom_constraint: glance.image
52 default: 'REBUILD_PRESERVE_EPHEMERAL'
53 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
57 description: Name of an existing Nova key pair to enable SSH access to the instances
60 - custom_constraint: nova.keypair
61 NeutronPhysicalBridge:
63 description: An OVS bridge to create for accessing external networks.
65 NeutronPublicInterface:
67 description: Which interface to add to the NeutronPhysicalBridge.
71 description: Mapping of service_name -> network name. Typically set
72 via parameter_defaults in the resource registry.
76 description: Mapping of service endpoint -> protocol. Typically set
77 via parameter_defaults in the resource registry.
83 Setting to a previously unused value during stack-update will trigger
84 package update on all nodes
87 default: '' # Defaults to Heat created hostname
91 description: Optional mapping to override hostnames
92 NetworkDeploymentActions:
93 type: comma_delimited_list
95 Heat action when to apply network configuration changes
100 SoftwareConfigTransport:
101 default: POLL_SERVER_CFN
103 How the server should receive the metadata required for software configuration.
106 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
108 default: 'localdomain'
111 The DNS domain used for the hosts. This must match the
112 overcloud_domain_name configured on the undercloud.
113 ControllerServerMetadata:
116 Extra properties or metadata passed to Nova for the created nodes in
117 the overcloud. It's accessible via the Nova metadata API. This option is
118 role-specific and is merged with the values given to the ServerMetadata
124 Extra properties or metadata passed to Nova for the created nodes in
125 the overcloud. It's accessible via the Nova metadata API. This applies to
126 all roles and is merged with a role-specific metadata parameter.
128 ControllerSchedulerHints:
130 description: Optional scheduler hints to pass to nova
132 ServiceConfigSettings:
136 type: comma_delimited_list
138 MonitoringSubscriptions:
139 type: comma_delimited_list
141 ServiceMetadataSettings:
146 description: Command which will be run whenever configuration data changes
147 default: os-refresh-config --timeout 14400
152 Maximum amount of time to possibly to delay configuation collection
153 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
154 the configuration collection to occur as soon as the collection process
155 starts. This setting is used to prevent the configuration collection
156 processes from polling all at the exact same time.
160 Command or script snippet to run on all overcloud nodes to
161 initialize the upgrade process. E.g. a repository switch.
163 UpgradeInitCommonCommand:
166 Common commands required by the upgrades process. This should not
167 normally be modified by the operator and is set and unset in the
168 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
171 DeploymentServerBlacklistDict:
175 Map of server hostnames to blacklist from any triggered
176 deployments. If the value is 1, the server will be blacklisted. This
177 parameter is generated from the parent template.
180 description: Role Specific Parameters
181 DeploymentSwiftDataMap:
184 Map of servers to Swift container and object for storing deployment data.
185 The keys are the Heat assigned hostnames, and the value is a map of the
186 container/object name in Swift. Example value:
187 overcloud-controller-0:
188 container: overcloud-controller
190 overcloud-controller-1:
191 container: overcloud-controller
193 overcloud-controller-2:
194 container: overcloud-controller
196 overcloud-novacompute-0:
197 container: overcloud-compute
203 description: Do not use deprecated params, they will be removed.
205 - controllerExtraConfig
208 server_not_blacklisted:
211 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
213 deployment_swift_data_map_unset:
216 - DeploymentSwiftDataMap
217 - {get_param: Hostname}
223 type: OS::TripleO::ControllerServer
226 command: {get_param: ConfigCommand}
227 splay: {get_param: ConfigCollectSplay}
229 image: {get_param: controllerImage}
230 image_update_policy: {get_param: ImageUpdatePolicy}
231 flavor: {get_param: OvercloudControlFlavor}
232 key_name: {get_param: KeyName}
235 user_data_format: SOFTWARE_CONFIG
236 user_data: {get_resource: UserData}
239 template: {get_param: Hostname}
240 params: {get_param: HostnameMap}
241 software_config_transport: {get_param: SoftwareConfigTransport}
244 - {get_param: ServerMetadata}
245 - {get_param: ControllerServerMetadata}
246 - {get_param: ServiceMetadataSettings}
247 scheduler_hints: {get_param: ControllerSchedulerHints}
248 deployment_swift_data:
250 - deployment_swift_data_map_unset
252 - {get_param: [DeploymentSwiftDataMap,
253 {get_param: Hostname}]}
255 # Combine the NodeAdminUserData and NodeUserData mime archives
257 type: OS::Heat::MultipartMime
260 - config: {get_resource: NodeAdminUserData}
262 - config: {get_resource: NodeUserData}
264 - config: {get_resource: RoleUserData}
267 # Creates the "heat-admin" user if configured via the environment
268 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
270 type: OS::TripleO::NodeAdminUserData
272 # For optional operator additional userdata
273 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
275 type: OS::TripleO::NodeUserData
277 # For optional operator role-specific userdata
278 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
280 type: OS::TripleO::Controller::NodeUserData
283 type: OS::TripleO::Controller::Ports::ExternalPort
285 IPPool: {get_param: ControllerIPs}
286 NodeIndex: {get_param: NodeIndex}
287 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
290 type: OS::TripleO::Controller::Ports::InternalApiPort
292 IPPool: {get_param: ControllerIPs}
293 NodeIndex: {get_param: NodeIndex}
294 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
297 type: OS::TripleO::Controller::Ports::StoragePort
299 IPPool: {get_param: ControllerIPs}
300 NodeIndex: {get_param: NodeIndex}
301 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
304 type: OS::TripleO::Controller::Ports::StorageMgmtPort
306 IPPool: {get_param: ControllerIPs}
307 NodeIndex: {get_param: NodeIndex}
308 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
311 type: OS::TripleO::Controller::Ports::TenantPort
313 IPPool: {get_param: ControllerIPs}
314 NodeIndex: {get_param: NodeIndex}
315 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
318 type: OS::TripleO::Controller::Ports::ManagementPort
320 IPPool: {get_param: ControllerIPs}
321 NodeIndex: {get_param: NodeIndex}
322 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
325 type: OS::TripleO::Network::Ports::NetIpMap
327 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
328 ExternalIp: {get_attr: [ExternalPort, ip_address]}
329 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
330 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
331 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
332 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
333 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
334 StorageIp: {get_attr: [StoragePort, ip_address]}
335 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
336 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
337 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
338 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
339 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
340 TenantIp: {get_attr: [TenantPort, ip_address]}
341 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
342 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
343 ManagementIp: {get_attr: [ManagementPort, ip_address]}
344 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
345 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
348 type: OS::Heat::Value
356 - - {get_attr: [Controller, name]}
358 - {get_param: CloudDomain}
362 - - {get_attr: [Controller, name]}
368 - - {get_attr: [Controller, name]}
370 - {get_param: CloudDomain}
374 - - {get_attr: [Controller, name]}
380 - - {get_attr: [Controller, name]}
382 - {get_param: CloudDomain}
386 - - {get_attr: [Controller, name]}
392 - - {get_attr: [Controller, name]}
394 - {get_param: CloudDomain}
398 - - {get_attr: [Controller, name]}
404 - - {get_attr: [Controller, name]}
406 - {get_param: CloudDomain}
410 - - {get_attr: [Controller, name]}
416 - - {get_attr: [Controller, name]}
418 - {get_param: CloudDomain}
422 - - {get_attr: [Controller, name]}
428 - - {get_attr: [Controller, name]}
430 - {get_param: CloudDomain}
434 - - {get_attr: [Controller, name]}
438 type: OS::TripleO::Controller::PreNetworkConfig
440 server: {get_resource: Controller}
441 RoleParameters: {get_param: RoleParameters}
442 ServiceNames: {get_param: ServiceNames}
445 type: OS::TripleO::Controller::Net::SoftwareConfig
447 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
448 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
449 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
450 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
451 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
452 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
453 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
456 type: OS::TripleO::SoftwareDeployment
457 depends_on: PreNetworkConfig
459 name: NetworkDeployment
460 config: {get_resource: NetworkConfig}
461 server: {get_resource: Controller}
464 - server_not_blacklisted
465 - {get_param: NetworkDeploymentActions}
468 bridge_name: {get_param: NeutronPhysicalBridge}
469 interface_name: {get_param: NeutronPublicInterface}
471 # Resource for site-specific injection of root certificate
473 depends_on: NetworkDeployment
474 type: OS::TripleO::NodeTLSCAData
476 server: {get_resource: Controller}
478 # Resource for site-specific passing of private keys/certificates
480 depends_on: NodeTLSCAData
481 type: OS::TripleO::NodeTLSData
483 server: {get_resource: Controller}
484 NodeIndex: {get_param: NodeIndex}
486 ControllerUpgradeInitConfig:
487 type: OS::Heat::SoftwareConfig
493 - - "#!/bin/bash\n\n"
494 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
495 - get_param: UpgradeInitCommand
496 - get_param: UpgradeInitCommonCommand
498 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
499 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
500 ControllerUpgradeInitDeployment:
501 type: OS::Heat::SoftwareDeployment
502 depends_on: NetworkDeployment
504 name: ControllerUpgradeInitDeployment
507 - server_not_blacklisted
508 - ['CREATE', 'UPDATE']
510 server: {get_resource: Controller}
511 config: {get_resource: ControllerUpgradeInitConfig}
513 ControllerDeployment:
514 type: OS::TripleO::SoftwareDeployment
515 depends_on: ControllerUpgradeInitDeployment
517 name: ControllerDeployment
520 - server_not_blacklisted
521 - ['CREATE', 'UPDATE']
523 config: {get_resource: ControllerConfig}
524 server: {get_resource: Controller}
526 bootstack_nodeid: {get_attr: [Controller, name]}
527 enable_load_balancer: {get_param: EnableLoadBalancer}
528 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
530 # Map heat metadata into hiera datafiles
532 type: OS::Heat::StructuredConfig
538 - heat_config_%{::deploy_config_name}
540 - controller_extraconfig
545 - bootstrap_node # provided by BootstrapNodeConfig
546 - all_nodes # provided by allNodesConfig
547 - vip_data # provided by allNodesConfig
549 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
550 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
551 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
552 - midonet_data #Optionally provided by AllNodesExtraConfig
553 - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
554 merge_behavior: deeper
557 service_names: {get_param: ServiceNames}
558 sensu::subscriptions: {get_param: MonitoringSubscriptions}
561 - {get_param: ServiceConfigSettings}
562 - values: {get_attr: [NetIpMap, net_ip_map]}
563 controller_extraconfig:
565 - {get_param: controllerExtraConfig}
566 - {get_param: ControllerExtraConfig}
567 extraconfig: {get_param: ExtraConfig}
569 # data supplied directly to this deployment configuration, etc
570 bootstack_nodeid: {get_input: bootstack_nodeid}
572 enable_load_balancer: {get_input: enable_load_balancer}
575 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
576 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
577 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
578 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
579 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
580 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
581 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
582 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
583 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
585 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
586 ControllerExtraConfigPre:
587 depends_on: ControllerDeployment
588 type: OS::TripleO::ControllerExtraConfigPre
590 server: {get_resource: Controller}
592 # Hook for site-specific additional pre-deployment config,
593 # applying to all nodes, e.g node registration/unregistration
595 depends_on: [ControllerExtraConfigPre, NodeTLSData]
596 type: OS::TripleO::NodeExtraConfig
598 server: {get_resource: Controller}
601 type: OS::TripleO::Tasks::PackageUpdate
604 type: OS::Heat::SoftwareDeployment
605 depends_on: NetworkDeployment
607 name: UpdateDeployment
610 - server_not_blacklisted
611 - ['CREATE', 'UPDATE']
613 config: {get_resource: UpdateConfig}
614 server: {get_resource: Controller}
617 get_param: UpdateIdentifier
620 type: OS::TripleO::Ssh::HostPubKey
621 depends_on: ControllerDeployment
623 server: {get_resource: Controller}
627 description: IP address of the server in the ctlplane network
628 value: {get_attr: [Controller, networks, ctlplane, 0]}
630 description: IP address of the server in the external network
631 value: {get_attr: [ExternalPort, ip_address]}
632 internal_api_ip_address:
633 description: IP address of the server in the internal_api network
634 value: {get_attr: [InternalApiPort, ip_address]}
636 description: IP address of the server in the storage network
637 value: {get_attr: [StoragePort, ip_address]}
638 storage_mgmt_ip_address:
639 description: IP address of the server in the storage_mgmt network
640 value: {get_attr: [StorageMgmtPort, ip_address]}
642 description: IP address of the server in the tenant network
643 value: {get_attr: [TenantPort, ip_address]}
644 management_ip_address:
645 description: IP address of the server in the management network
646 value: {get_attr: [ManagementPort, ip_address]}
648 description: Hostname of the server
649 value: {get_attr: [Controller, name]}
651 description: Mapping of network names to hostnames
653 external: {get_attr: [NetHostMap, value, external, fqdn]}
654 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
655 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
656 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
657 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
658 management: {get_attr: [NetHostMap, value, management, fqdn]}
659 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
662 Server's IP address and hostname in the /etc/hosts format
666 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
667 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
668 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
669 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
670 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
671 TENANTIP TENANTHOST.DOMAIN TENANTHOST
672 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
673 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
675 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
676 DOMAIN: {get_param: CloudDomain}
677 PRIMARYHOST: {get_attr: [Controller, name]}
678 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
679 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
680 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
681 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
682 STORAGEIP: {get_attr: [StoragePort, ip_address]}
683 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
684 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
685 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
686 TENANTIP: {get_attr: [TenantPort, ip_address]}
687 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
688 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
689 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
690 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
691 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
693 description: Entry for ssh known hosts
696 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
697 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
698 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
699 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
700 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
701 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
702 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
703 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
705 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
706 DOMAIN: {get_param: CloudDomain}
707 PRIMARYHOST: {get_attr: [Controller, name]}
708 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
709 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
710 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
711 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
712 STORAGEIP: {get_attr: [StoragePort, ip_address]}
713 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
714 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
715 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
716 TENANTIP: {get_attr: [TenantPort, ip_address]}
717 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
718 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
719 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
720 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
721 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
722 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
723 nova_server_resource:
724 description: Heat resource handle for the Nova compute server
726 {get_resource: Controller}
727 condition: server_not_blacklisted
729 description: MD5 checksum of the TLS Key Modulus
730 value: {get_attr: [NodeTLSData, key_modulus_md5]}
731 tls_cert_modulus_md5:
732 description: MD5 checksum of the TLS Certificate Modulus
733 value: {get_attr: [NodeTLSData, cert_modulus_md5]}
735 description: The os-collect-config configuration associated with this server resource
736 value: {get_attr: [Controller, os_collect_config]}