1 heat_template_version: pike
4 OpenStack controller node configured by Puppet.
10 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
12 ControllerExtraConfig:
15 Controller specific hiera configuration data to inject into the cluster.
20 A network mapped list of IPs to assign to Controllers in the following form:
22 "internal_api": ["a.b.c.d", "e.f.g.h"],
28 description: Set to True to enable debugging on all services.
32 description: Whether to deploy a LoadBalancer on the Controller
37 Additional hieradata to inject into the cluster, note that
38 ControllerExtraConfig takes precedence over ExtraConfig.
40 OvercloudControlFlavor:
41 description: Flavor for control nodes to request when deploying.
45 - custom_constraint: nova.flavor
48 default: overcloud-full
50 - custom_constraint: glance.image
52 default: 'REBUILD_PRESERVE_EPHEMERAL'
53 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
57 description: Name of an existing Nova key pair to enable SSH access to the instances
60 - custom_constraint: nova.keypair
61 NeutronPhysicalBridge:
63 description: An OVS bridge to create for accessing external networks.
65 NeutronPublicInterface:
67 description: Which interface to add to the NeutronPhysicalBridge.
71 description: Mapping of service_name -> network name. Typically set
72 via parameter_defaults in the resource registry.
76 description: Mapping of service endpoint -> protocol. Typically set
77 via parameter_defaults in the resource registry.
83 Setting to a previously unused value during stack-update will trigger
84 package update on all nodes
87 default: '' # Defaults to Heat created hostname
91 description: Optional mapping to override hostnames
92 NetworkDeploymentActions:
93 type: comma_delimited_list
95 Heat action when to apply network configuration changes
100 SoftwareConfigTransport:
101 default: POLL_SERVER_CFN
103 How the server should receive the metadata required for software configuration.
106 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
108 default: 'localdomain'
111 The DNS domain used for the hosts. This must match the
112 overcloud_domain_name configured on the undercloud.
113 ControllerServerMetadata:
116 Extra properties or metadata passed to Nova for the created nodes in
117 the overcloud. It's accessible via the Nova metadata API. This option is
118 role-specific and is merged with the values given to the ServerMetadata
124 Extra properties or metadata passed to Nova for the created nodes in
125 the overcloud. It's accessible via the Nova metadata API. This applies to
126 all roles and is merged with a role-specific metadata parameter.
128 ControllerSchedulerHints:
130 description: Optional scheduler hints to pass to nova
132 ServiceConfigSettings:
136 type: comma_delimited_list
138 MonitoringSubscriptions:
139 type: comma_delimited_list
141 ServiceMetadataSettings:
146 description: Command which will be run whenever configuration data changes
147 default: os-refresh-config --timeout 14400
152 Maximum amount of time to possibly to delay configuation collection
153 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
154 the configuration collection to occur as soon as the collection process
155 starts. This setting is used to prevent the configuration collection
156 processes from polling all at the exact same time.
160 Command or script snippet to run on all overcloud nodes to
161 initialize the upgrade process. E.g. a repository switch.
163 UpgradeInitCommonCommand:
166 Common commands required by the upgrades process. This should not
167 normally be modified by the operator and is set and unset in the
168 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
171 DeploymentServerBlacklistDict:
175 Map of server hostnames to blacklist from any triggered
176 deployments. If the value is 1, the server will be blacklisted. This
177 parameter is generated from the parent template.
180 description: Role Specific Parameters
182 DeploymentSwiftDataMap:
185 Map of servers to Swift container and object for storing deployment data.
186 The keys are the Heat assigned hostnames, and the value is a map of the
187 container/object name in Swift. Example value:
188 overcloud-controller-0:
189 container: overcloud-controller
191 overcloud-controller-1:
192 container: overcloud-controller
194 overcloud-controller-2:
195 container: overcloud-controller
197 overcloud-novacompute-0:
198 container: overcloud-compute
204 description: Do not use deprecated params, they will be removed.
206 - controllerExtraConfig
209 server_not_blacklisted:
212 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
214 deployment_swift_data_map_unset:
217 - DeploymentSwiftDataMap
218 - {get_param: Hostname}
224 type: OS::TripleO::ControllerServer
227 command: {get_param: ConfigCommand}
228 splay: {get_param: ConfigCollectSplay}
230 image: {get_param: controllerImage}
231 image_update_policy: {get_param: ImageUpdatePolicy}
232 flavor: {get_param: OvercloudControlFlavor}
233 key_name: {get_param: KeyName}
236 user_data_format: SOFTWARE_CONFIG
237 user_data: {get_resource: UserData}
240 template: {get_param: Hostname}
241 params: {get_param: HostnameMap}
242 software_config_transport: {get_param: SoftwareConfigTransport}
245 - {get_param: ServerMetadata}
246 - {get_param: ControllerServerMetadata}
247 - {get_param: ServiceMetadataSettings}
248 scheduler_hints: {get_param: ControllerSchedulerHints}
249 deployment_swift_data:
251 - deployment_swift_data_map_unset
253 - {get_param: [DeploymentSwiftDataMap,
254 {get_param: Hostname}]}
256 # Combine the NodeAdminUserData and NodeUserData mime archives
258 type: OS::Heat::MultipartMime
261 - config: {get_resource: NodeAdminUserData}
263 - config: {get_resource: NodeUserData}
265 - config: {get_resource: RoleUserData}
268 # Creates the "heat-admin" user if configured via the environment
269 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
271 type: OS::TripleO::NodeAdminUserData
273 # For optional operator additional userdata
274 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
276 type: OS::TripleO::NodeUserData
278 # For optional operator role-specific userdata
279 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
281 type: OS::TripleO::Controller::NodeUserData
284 type: OS::TripleO::Controller::Ports::ExternalPort
286 IPPool: {get_param: ControllerIPs}
287 NodeIndex: {get_param: NodeIndex}
288 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
291 type: OS::TripleO::Controller::Ports::InternalApiPort
293 IPPool: {get_param: ControllerIPs}
294 NodeIndex: {get_param: NodeIndex}
295 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
298 type: OS::TripleO::Controller::Ports::StoragePort
300 IPPool: {get_param: ControllerIPs}
301 NodeIndex: {get_param: NodeIndex}
302 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
305 type: OS::TripleO::Controller::Ports::StorageMgmtPort
307 IPPool: {get_param: ControllerIPs}
308 NodeIndex: {get_param: NodeIndex}
309 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
312 type: OS::TripleO::Controller::Ports::TenantPort
314 IPPool: {get_param: ControllerIPs}
315 NodeIndex: {get_param: NodeIndex}
316 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
319 type: OS::TripleO::Controller::Ports::ManagementPort
321 IPPool: {get_param: ControllerIPs}
322 NodeIndex: {get_param: NodeIndex}
323 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
326 type: OS::TripleO::Network::Ports::NetIpMap
328 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
329 ExternalIp: {get_attr: [ExternalPort, ip_address]}
330 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
331 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
332 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
333 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
334 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
335 StorageIp: {get_attr: [StoragePort, ip_address]}
336 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
337 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
338 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
339 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
340 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
341 TenantIp: {get_attr: [TenantPort, ip_address]}
342 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
343 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
344 ManagementIp: {get_attr: [ManagementPort, ip_address]}
345 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
346 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
349 type: OS::Heat::Value
357 - - {get_attr: [Controller, name]}
359 - {get_param: CloudDomain}
363 - - {get_attr: [Controller, name]}
369 - - {get_attr: [Controller, name]}
371 - {get_param: CloudDomain}
375 - - {get_attr: [Controller, name]}
381 - - {get_attr: [Controller, name]}
383 - {get_param: CloudDomain}
387 - - {get_attr: [Controller, name]}
393 - - {get_attr: [Controller, name]}
395 - {get_param: CloudDomain}
399 - - {get_attr: [Controller, name]}
405 - - {get_attr: [Controller, name]}
407 - {get_param: CloudDomain}
411 - - {get_attr: [Controller, name]}
417 - - {get_attr: [Controller, name]}
419 - {get_param: CloudDomain}
423 - - {get_attr: [Controller, name]}
429 - - {get_attr: [Controller, name]}
431 - {get_param: CloudDomain}
435 - - {get_attr: [Controller, name]}
439 type: OS::TripleO::Controller::PreNetworkConfig
441 server: {get_resource: Controller}
442 RoleParameters: {get_param: RoleParameters}
443 ServiceNames: {get_param: ServiceNames}
446 type: OS::TripleO::Controller::Net::SoftwareConfig
448 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
449 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
450 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
451 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
452 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
453 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
454 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
457 type: OS::TripleO::SoftwareDeployment
458 depends_on: PreNetworkConfig
460 name: NetworkDeployment
461 config: {get_resource: NetworkConfig}
462 server: {get_resource: Controller}
465 - server_not_blacklisted
466 - {get_param: NetworkDeploymentActions}
469 bridge_name: {get_param: NeutronPhysicalBridge}
470 interface_name: {get_param: NeutronPublicInterface}
472 # Resource for site-specific injection of root certificate
474 depends_on: NetworkDeployment
475 type: OS::TripleO::NodeTLSCAData
477 server: {get_resource: Controller}
479 # Resource for site-specific passing of private keys/certificates
481 depends_on: NodeTLSCAData
482 type: OS::TripleO::NodeTLSData
484 server: {get_resource: Controller}
485 NodeIndex: {get_param: NodeIndex}
487 ControllerUpgradeInitConfig:
488 type: OS::Heat::SoftwareConfig
494 - - "#!/bin/bash\n\n"
495 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
496 - get_param: UpgradeInitCommand
497 - get_param: UpgradeInitCommonCommand
499 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
500 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
501 ControllerUpgradeInitDeployment:
502 type: OS::Heat::SoftwareDeployment
503 depends_on: NetworkDeployment
505 name: ControllerUpgradeInitDeployment
508 - server_not_blacklisted
509 - ['CREATE', 'UPDATE']
511 server: {get_resource: Controller}
512 config: {get_resource: ControllerUpgradeInitConfig}
514 ControllerDeployment:
515 type: OS::TripleO::SoftwareDeployment
516 depends_on: ControllerUpgradeInitDeployment
518 name: ControllerDeployment
521 - server_not_blacklisted
522 - ['CREATE', 'UPDATE']
524 config: {get_resource: ControllerConfig}
525 server: {get_resource: Controller}
527 bootstack_nodeid: {get_attr: [Controller, name]}
528 enable_load_balancer: {get_param: EnableLoadBalancer}
529 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
531 # Map heat metadata into hiera datafiles
533 type: OS::Heat::StructuredConfig
539 - heat_config_%{::deploy_config_name}
541 - controller_extraconfig
546 - bootstrap_node # provided by BootstrapNodeConfig
547 - all_nodes # provided by allNodesConfig
548 - vip_data # provided by allNodesConfig
550 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
551 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
552 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
553 - midonet_data #Optionally provided by AllNodesExtraConfig
554 - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
555 merge_behavior: deeper
558 service_names: {get_param: ServiceNames}
559 sensu::subscriptions: {get_param: MonitoringSubscriptions}
562 - {get_param: ServiceConfigSettings}
563 - values: {get_attr: [NetIpMap, net_ip_map]}
564 controller_extraconfig:
566 - {get_param: controllerExtraConfig}
567 - {get_param: ControllerExtraConfig}
568 extraconfig: {get_param: ExtraConfig}
570 # data supplied directly to this deployment configuration, etc
571 bootstack_nodeid: {get_input: bootstack_nodeid}
573 enable_load_balancer: {get_input: enable_load_balancer}
576 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
577 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
578 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
579 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
580 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
581 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
582 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
583 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
584 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
586 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
587 ControllerExtraConfigPre:
588 depends_on: ControllerDeployment
589 type: OS::TripleO::ControllerExtraConfigPre
591 server: {get_resource: Controller}
593 # Hook for site-specific additional pre-deployment config,
594 # applying to all nodes, e.g node registration/unregistration
596 depends_on: [ControllerExtraConfigPre, NodeTLSData]
597 type: OS::TripleO::NodeExtraConfig
599 server: {get_resource: Controller}
602 type: OS::TripleO::Tasks::PackageUpdate
605 type: OS::Heat::SoftwareDeployment
606 depends_on: NetworkDeployment
608 name: UpdateDeployment
611 - server_not_blacklisted
612 - ['CREATE', 'UPDATE']
614 config: {get_resource: UpdateConfig}
615 server: {get_resource: Controller}
618 get_param: UpdateIdentifier
621 type: OS::TripleO::Ssh::HostPubKey
622 depends_on: ControllerDeployment
624 server: {get_resource: Controller}
628 description: IP address of the server in the ctlplane network
629 value: {get_attr: [Controller, networks, ctlplane, 0]}
631 description: IP address of the server in the external network
632 value: {get_attr: [ExternalPort, ip_address]}
633 internal_api_ip_address:
634 description: IP address of the server in the internal_api network
635 value: {get_attr: [InternalApiPort, ip_address]}
637 description: IP address of the server in the storage network
638 value: {get_attr: [StoragePort, ip_address]}
639 storage_mgmt_ip_address:
640 description: IP address of the server in the storage_mgmt network
641 value: {get_attr: [StorageMgmtPort, ip_address]}
643 description: IP address of the server in the tenant network
644 value: {get_attr: [TenantPort, ip_address]}
645 management_ip_address:
646 description: IP address of the server in the management network
647 value: {get_attr: [ManagementPort, ip_address]}
648 deployed_server_port_map:
650 Map of Heat created hostname of the server to ip address. This is the
651 hostname before it has been mapped with the HostnameMap parameter, and
652 the IP address from the ctlplane network. This map can be used to construct
653 the DeployedServerPortMap parameter when using split-stack.
658 - ip_address: {get_attr: [Controller, networks, ctlplane, 0]}
663 - - {get_param: Hostname}
665 deployed_server_deployment_swift_data_map:
667 Map of Heat created hostname of the server to the Swift container and object
668 used to created the temporary url for metadata polling with
676 - {get_attr: [Controller, os_collect_config, request, metadata_url]}
683 - {get_attr: [Controller, os_collect_config, request, metadata_url]}
686 - keys: {hostname: {get_param: Hostname}}
688 description: Hostname of the server
689 value: {get_attr: [Controller, name]}
691 description: Mapping of network names to hostnames
693 external: {get_attr: [NetHostMap, value, external, fqdn]}
694 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
695 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
696 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
697 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
698 management: {get_attr: [NetHostMap, value, management, fqdn]}
699 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
702 Server's IP address and hostname in the /etc/hosts format
706 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
707 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
708 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
709 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
710 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
711 TENANTIP TENANTHOST.DOMAIN TENANTHOST
712 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
713 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
715 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
716 DOMAIN: {get_param: CloudDomain}
717 PRIMARYHOST: {get_attr: [Controller, name]}
718 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
719 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
720 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
721 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
722 STORAGEIP: {get_attr: [StoragePort, ip_address]}
723 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
724 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
725 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
726 TENANTIP: {get_attr: [TenantPort, ip_address]}
727 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
728 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
729 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
730 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
731 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
733 description: Entry for ssh known hosts
736 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
737 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
738 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
739 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
740 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
741 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
742 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
743 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
745 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
746 DOMAIN: {get_param: CloudDomain}
747 PRIMARYHOST: {get_attr: [Controller, name]}
748 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
749 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
750 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
751 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
752 STORAGEIP: {get_attr: [StoragePort, ip_address]}
753 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
754 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
755 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
756 TENANTIP: {get_attr: [TenantPort, ip_address]}
757 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
758 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
759 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
760 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
761 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
762 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
763 nova_server_resource:
764 description: Heat resource handle for the Nova compute server
766 {get_resource: Controller}
767 condition: server_not_blacklisted
769 description: MD5 checksum of the TLS Key Modulus
770 value: {get_attr: [NodeTLSData, key_modulus_md5]}
771 tls_cert_modulus_md5:
772 description: MD5 checksum of the TLS Certificate Modulus
773 value: {get_attr: [NodeTLSData, cert_modulus_md5]}
775 description: The os-collect-config configuration associated with this server resource
776 value: {get_attr: [Controller, os_collect_config]}