1 heat_template_version: pike
4 OpenStack controller node configured by Puppet.
10 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
12 ControllerExtraConfig:
15 Controller specific hiera configuration data to inject into the cluster.
20 A network mapped list of IPs to assign to Controllers in the following form:
22 "internal_api": ["a.b.c.d", "e.f.g.h"],
28 description: Set to True to enable debugging on all services.
32 description: Whether to deploy a LoadBalancer on the Controller
37 Additional hieradata to inject into the cluster, note that
38 ControllerExtraConfig takes precedence over ExtraConfig.
40 OvercloudControlFlavor:
41 description: Flavor for control nodes to request when deploying.
45 - custom_constraint: nova.flavor
48 default: overcloud-full
50 - custom_constraint: glance.image
52 default: 'REBUILD_PRESERVE_EPHEMERAL'
53 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
57 description: Name of an existing Nova key pair to enable SSH access to the instances
60 - custom_constraint: nova.keypair
61 NeutronPhysicalBridge:
63 description: An OVS bridge to create for accessing external networks.
65 NeutronPublicInterface:
67 description: Which interface to add to the NeutronPhysicalBridge.
71 description: Mapping of service_name -> network name. Typically set
72 via parameter_defaults in the resource registry.
76 description: Mapping of service endpoint -> protocol. Typically set
77 via parameter_defaults in the resource registry.
83 Setting to a previously unused value during stack-update will trigger
84 package update on all nodes
87 default: '' # Defaults to Heat created hostname
91 description: Optional mapping to override hostnames
92 NetworkDeploymentActions:
93 type: comma_delimited_list
95 Heat action when to apply network configuration changes
100 SoftwareConfigTransport:
101 default: POLL_SERVER_CFN
103 How the server should receive the metadata required for software configuration.
106 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
108 default: 'localdomain'
111 The DNS domain used for the hosts. This must match the
112 overcloud_domain_name configured on the undercloud.
113 ControllerServerMetadata:
116 Extra properties or metadata passed to Nova for the created nodes in
117 the overcloud. It's accessible via the Nova metadata API. This option is
118 role-specific and is merged with the values given to the ServerMetadata
124 Extra properties or metadata passed to Nova for the created nodes in
125 the overcloud. It's accessible via the Nova metadata API. This applies to
126 all roles and is merged with a role-specific metadata parameter.
128 ControllerSchedulerHints:
130 description: Optional scheduler hints to pass to nova
132 ServiceConfigSettings:
136 type: comma_delimited_list
138 MonitoringSubscriptions:
139 type: comma_delimited_list
141 ServiceMetadataSettings:
146 description: Command which will be run whenever configuration data changes
147 default: os-refresh-config --timeout 14400
152 Maximum amount of time to possibly to delay configuation collection
153 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
154 the configuration collection to occur as soon as the collection process
155 starts. This setting is used to prevent the configuration collection
156 processes from polling all at the exact same time.
160 Command or script snippet to run on all overcloud nodes to
161 initialize the upgrade process. E.g. a repository switch.
163 UpgradeInitCommonCommand:
166 Common commands required by the upgrades process. This should not
167 normally be modified by the operator and is set and unset in the
168 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
171 DeploymentServerBlacklistDict:
175 Map of server hostnames to blacklist from any triggered
176 deployments. If the value is 1, the server will be blacklisted. This
177 parameter is generated from the parent template.
180 description: Role Specific Parameters
181 DeploymentSwiftDataMap:
184 Map of servers to Swift container and object for storing deployment data.
185 The keys are the Heat assigned hostnames, and the value is a map of the
186 container/object name in Swift. Example value:
187 overcloud-controller-0:
188 container: overcloud-controller
190 overcloud-controller-1:
191 container: overcloud-controller
193 overcloud-controller-2:
194 container: overcloud-controller
196 overcloud-novacompute-0:
197 container: overcloud-compute
203 description: Do not use deprecated params, they will be removed.
205 - controllerExtraConfig
208 server_not_blacklisted:
211 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
213 deployment_swift_data_map_unset:
216 - DeploymentSwiftDataMap
217 - {get_param: Hostname}
223 type: OS::TripleO::ControllerServer
226 command: {get_param: ConfigCommand}
227 splay: {get_param: ConfigCollectSplay}
229 image: {get_param: controllerImage}
230 image_update_policy: {get_param: ImageUpdatePolicy}
231 flavor: {get_param: OvercloudControlFlavor}
232 key_name: {get_param: KeyName}
235 user_data_format: SOFTWARE_CONFIG
236 user_data: {get_resource: UserData}
239 template: {get_param: Hostname}
240 params: {get_param: HostnameMap}
241 software_config_transport: {get_param: SoftwareConfigTransport}
244 - {get_param: ServerMetadata}
245 - {get_param: ControllerServerMetadata}
246 - {get_param: ServiceMetadataSettings}
247 scheduler_hints: {get_param: ControllerSchedulerHints}
248 deployment_swift_data:
250 - deployment_swift_data_map_unset
252 - {get_param: [DeploymentSwiftDataMap,
253 {get_param: Hostname}]}
255 # Combine the NodeAdminUserData and NodeUserData mime archives
257 type: OS::Heat::MultipartMime
260 - config: {get_resource: NodeAdminUserData}
262 - config: {get_resource: NodeUserData}
264 - config: {get_resource: RoleUserData}
267 # Creates the "heat-admin" user if configured via the environment
268 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
270 type: OS::TripleO::NodeAdminUserData
272 # For optional operator additional userdata
273 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
275 type: OS::TripleO::NodeUserData
277 # For optional operator role-specific userdata
278 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
280 type: OS::TripleO::Controller::NodeUserData
283 type: OS::TripleO::Controller::Ports::ExternalPort
285 IPPool: {get_param: ControllerIPs}
286 NodeIndex: {get_param: NodeIndex}
287 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
290 type: OS::TripleO::Controller::Ports::InternalApiPort
292 IPPool: {get_param: ControllerIPs}
293 NodeIndex: {get_param: NodeIndex}
294 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
297 type: OS::TripleO::Controller::Ports::StoragePort
299 IPPool: {get_param: ControllerIPs}
300 NodeIndex: {get_param: NodeIndex}
301 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
304 type: OS::TripleO::Controller::Ports::StorageMgmtPort
306 IPPool: {get_param: ControllerIPs}
307 NodeIndex: {get_param: NodeIndex}
308 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
311 type: OS::TripleO::Controller::Ports::TenantPort
313 IPPool: {get_param: ControllerIPs}
314 NodeIndex: {get_param: NodeIndex}
315 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
318 type: OS::TripleO::Controller::Ports::ManagementPort
320 IPPool: {get_param: ControllerIPs}
321 NodeIndex: {get_param: NodeIndex}
322 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
325 type: OS::TripleO::Network::Ports::NetIpMap
327 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
328 ExternalIp: {get_attr: [ExternalPort, ip_address]}
329 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
330 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
331 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
332 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
333 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
334 StorageIp: {get_attr: [StoragePort, ip_address]}
335 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
336 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
337 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
338 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
339 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
340 TenantIp: {get_attr: [TenantPort, ip_address]}
341 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
342 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
343 ManagementIp: {get_attr: [ManagementPort, ip_address]}
344 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
345 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
348 type: OS::Heat::Value
356 - - {get_attr: [Controller, name]}
358 - {get_param: CloudDomain}
362 - - {get_attr: [Controller, name]}
368 - - {get_attr: [Controller, name]}
370 - {get_param: CloudDomain}
374 - - {get_attr: [Controller, name]}
380 - - {get_attr: [Controller, name]}
382 - {get_param: CloudDomain}
386 - - {get_attr: [Controller, name]}
392 - - {get_attr: [Controller, name]}
394 - {get_param: CloudDomain}
398 - - {get_attr: [Controller, name]}
404 - - {get_attr: [Controller, name]}
406 - {get_param: CloudDomain}
410 - - {get_attr: [Controller, name]}
416 - - {get_attr: [Controller, name]}
418 - {get_param: CloudDomain}
422 - - {get_attr: [Controller, name]}
428 - - {get_attr: [Controller, name]}
430 - {get_param: CloudDomain}
434 - - {get_attr: [Controller, name]}
438 type: OS::TripleO::Controller::PreNetworkConfig
440 server: {get_resource: Controller}
441 RoleParameters: {get_param: RoleParameters}
444 type: OS::TripleO::Controller::Net::SoftwareConfig
446 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
447 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
448 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
449 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
450 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
451 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
452 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
455 type: OS::TripleO::SoftwareDeployment
456 depends_on: PreNetworkConfig
458 name: NetworkDeployment
459 config: {get_resource: NetworkConfig}
460 server: {get_resource: Controller}
463 - server_not_blacklisted
464 - {get_param: NetworkDeploymentActions}
467 bridge_name: {get_param: NeutronPhysicalBridge}
468 interface_name: {get_param: NeutronPublicInterface}
470 # Resource for site-specific injection of root certificate
472 depends_on: NetworkDeployment
473 type: OS::TripleO::NodeTLSCAData
475 server: {get_resource: Controller}
477 # Resource for site-specific passing of private keys/certificates
479 depends_on: NodeTLSCAData
480 type: OS::TripleO::NodeTLSData
482 server: {get_resource: Controller}
483 NodeIndex: {get_param: NodeIndex}
485 ControllerUpgradeInitConfig:
486 type: OS::Heat::SoftwareConfig
492 - - "#!/bin/bash\n\n"
493 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
494 - get_param: UpgradeInitCommand
495 - get_param: UpgradeInitCommonCommand
497 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
498 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
499 ControllerUpgradeInitDeployment:
500 type: OS::Heat::SoftwareDeployment
501 depends_on: NetworkDeployment
503 name: ControllerUpgradeInitDeployment
506 - server_not_blacklisted
507 - ['CREATE', 'UPDATE']
509 server: {get_resource: Controller}
510 config: {get_resource: ControllerUpgradeInitConfig}
512 ControllerDeployment:
513 type: OS::TripleO::SoftwareDeployment
514 depends_on: ControllerUpgradeInitDeployment
516 name: ControllerDeployment
519 - server_not_blacklisted
520 - ['CREATE', 'UPDATE']
522 config: {get_resource: ControllerConfig}
523 server: {get_resource: Controller}
525 bootstack_nodeid: {get_attr: [Controller, name]}
526 enable_load_balancer: {get_param: EnableLoadBalancer}
527 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
529 # Map heat metadata into hiera datafiles
531 type: OS::Heat::StructuredConfig
537 - heat_config_%{::deploy_config_name}
539 - controller_extraconfig
544 - bootstrap_node # provided by BootstrapNodeConfig
545 - all_nodes # provided by allNodesConfig
546 - vip_data # provided by allNodesConfig
548 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
549 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
550 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
551 - midonet_data #Optionally provided by AllNodesExtraConfig
552 - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
553 merge_behavior: deeper
556 service_names: {get_param: ServiceNames}
557 sensu::subscriptions: {get_param: MonitoringSubscriptions}
560 - {get_param: ServiceConfigSettings}
561 - values: {get_attr: [NetIpMap, net_ip_map]}
562 controller_extraconfig:
564 - {get_param: controllerExtraConfig}
565 - {get_param: ControllerExtraConfig}
566 extraconfig: {get_param: ExtraConfig}
568 # data supplied directly to this deployment configuration, etc
569 bootstack_nodeid: {get_input: bootstack_nodeid}
571 enable_load_balancer: {get_input: enable_load_balancer}
574 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
575 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
576 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
577 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
578 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
579 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
580 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
581 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
582 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
584 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
585 ControllerExtraConfigPre:
586 depends_on: ControllerDeployment
587 type: OS::TripleO::ControllerExtraConfigPre
589 server: {get_resource: Controller}
591 # Hook for site-specific additional pre-deployment config,
592 # applying to all nodes, e.g node registration/unregistration
594 depends_on: [ControllerExtraConfigPre, NodeTLSData]
595 type: OS::TripleO::NodeExtraConfig
597 server: {get_resource: Controller}
600 type: OS::TripleO::Tasks::PackageUpdate
603 type: OS::Heat::SoftwareDeployment
604 depends_on: NetworkDeployment
606 name: UpdateDeployment
609 - server_not_blacklisted
610 - ['CREATE', 'UPDATE']
612 config: {get_resource: UpdateConfig}
613 server: {get_resource: Controller}
616 get_param: UpdateIdentifier
619 type: OS::TripleO::Ssh::HostPubKey
620 depends_on: ControllerDeployment
622 server: {get_resource: Controller}
626 description: IP address of the server in the ctlplane network
627 value: {get_attr: [Controller, networks, ctlplane, 0]}
629 description: IP address of the server in the external network
630 value: {get_attr: [ExternalPort, ip_address]}
631 internal_api_ip_address:
632 description: IP address of the server in the internal_api network
633 value: {get_attr: [InternalApiPort, ip_address]}
635 description: IP address of the server in the storage network
636 value: {get_attr: [StoragePort, ip_address]}
637 storage_mgmt_ip_address:
638 description: IP address of the server in the storage_mgmt network
639 value: {get_attr: [StorageMgmtPort, ip_address]}
641 description: IP address of the server in the tenant network
642 value: {get_attr: [TenantPort, ip_address]}
643 management_ip_address:
644 description: IP address of the server in the management network
645 value: {get_attr: [ManagementPort, ip_address]}
647 description: Hostname of the server
648 value: {get_attr: [Controller, name]}
650 description: Mapping of network names to hostnames
652 external: {get_attr: [NetHostMap, value, external, fqdn]}
653 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
654 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
655 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
656 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
657 management: {get_attr: [NetHostMap, value, management, fqdn]}
658 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
661 Server's IP address and hostname in the /etc/hosts format
665 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
666 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
667 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
668 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
669 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
670 TENANTIP TENANTHOST.DOMAIN TENANTHOST
671 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
672 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
674 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
675 DOMAIN: {get_param: CloudDomain}
676 PRIMARYHOST: {get_attr: [Controller, name]}
677 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
678 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
679 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
680 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
681 STORAGEIP: {get_attr: [StoragePort, ip_address]}
682 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
683 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
684 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
685 TENANTIP: {get_attr: [TenantPort, ip_address]}
686 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
687 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
688 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
689 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
690 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
692 description: Entry for ssh known hosts
695 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
696 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
697 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
698 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
699 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
700 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
701 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
702 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
704 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
705 DOMAIN: {get_param: CloudDomain}
706 PRIMARYHOST: {get_attr: [Controller, name]}
707 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
708 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
709 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
710 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
711 STORAGEIP: {get_attr: [StoragePort, ip_address]}
712 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
713 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
714 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
715 TENANTIP: {get_attr: [TenantPort, ip_address]}
716 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
717 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
718 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
719 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
720 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
721 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
722 nova_server_resource:
723 description: Heat resource handle for the Nova compute server
725 {get_resource: Controller}
726 condition: server_not_blacklisted
728 description: MD5 checksum of the TLS Key Modulus
729 value: {get_attr: [NodeTLSData, key_modulus_md5]}
730 tls_cert_modulus_md5:
731 description: MD5 checksum of the TLS Certificate Modulus
732 value: {get_attr: [NodeTLSData, cert_modulus_md5]}
734 description: The os-collect-config configuration associated with this server resource
735 value: {get_attr: [Controller, os_collect_config]}