1 heat_template_version: pike
4 OpenStack controller node configured by Puppet.
10 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
12 ControllerExtraConfig:
15 Controller specific hiera configuration data to inject into the cluster.
20 A network mapped list of IPs to assign to Controllers in the following form:
22 "internal_api": ["a.b.c.d", "e.f.g.h"],
28 description: Set to True to enable debugging on all services.
32 description: Whether to deploy a LoadBalancer on the Controller
37 Additional hieradata to inject into the cluster, note that
38 ControllerExtraConfig takes precedence over ExtraConfig.
40 OvercloudControlFlavor:
41 description: Flavor for control nodes to request when deploying.
45 - custom_constraint: nova.flavor
48 default: overcloud-full
50 - custom_constraint: glance.image
52 default: 'REBUILD_PRESERVE_EPHEMERAL'
53 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
57 description: Name of an existing Nova key pair to enable SSH access to the instances
60 - custom_constraint: nova.keypair
61 NeutronPhysicalBridge:
63 description: An OVS bridge to create for accessing external networks.
65 NeutronPublicInterface:
67 description: Which interface to add to the NeutronPhysicalBridge.
71 description: Mapping of service_name -> network name. Typically set
72 via parameter_defaults in the resource registry.
76 description: Mapping of service endpoint -> protocol. Typically set
77 via parameter_defaults in the resource registry.
83 Setting to a previously unused value during stack-update will trigger
84 package update on all nodes
87 default: '' # Defaults to Heat created hostname
91 description: Optional mapping to override hostnames
92 NetworkDeploymentActions:
93 type: comma_delimited_list
95 Heat action when to apply network configuration changes
100 SoftwareConfigTransport:
101 default: POLL_SERVER_CFN
103 How the server should receive the metadata required for software configuration.
106 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
108 default: 'localdomain'
111 The DNS domain used for the hosts. This must match the
112 overcloud_domain_name configured on the undercloud.
113 ControllerServerMetadata:
116 Extra properties or metadata passed to Nova for the created nodes in
117 the overcloud. It's accessible via the Nova metadata API. This option is
118 role-specific and is merged with the values given to the ServerMetadata
124 Extra properties or metadata passed to Nova for the created nodes in
125 the overcloud. It's accessible via the Nova metadata API. This applies to
126 all roles and is merged with a role-specific metadata parameter.
128 ControllerSchedulerHints:
130 description: Optional scheduler hints to pass to nova
132 ServiceConfigSettings:
136 type: comma_delimited_list
138 MonitoringSubscriptions:
139 type: comma_delimited_list
141 ServiceMetadataSettings:
146 description: Command which will be run whenever configuration data changes
147 default: os-refresh-config --timeout 14400
152 Maximum amount of time to possibly to delay configuation collection
153 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
154 the configuration collection to occur as soon as the collection process
155 starts. This setting is used to prevent the configuration collection
156 processes from polling all at the exact same time.
160 Command or script snippet to run on all overcloud nodes to
161 initialize the upgrade process. E.g. a repository switch.
163 UpgradeInitCommonCommand:
166 Common commands required by the upgrades process. This should not
167 normally be modified by the operator and is set and unset in the
168 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
171 DeploymentServerBlacklistDict:
175 Map of server hostnames to blacklist from any triggered
176 deployments. If the value is 1, the server will be blacklisted. This
177 parameter is generated from the parent template.
180 description: Role Specific Parameters
185 description: Do not use deprecated params, they will be removed.
187 - controllerExtraConfig
190 server_not_blacklisted:
193 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
200 type: OS::TripleO::ControllerServer
203 command: {get_param: ConfigCommand}
204 splay: {get_param: ConfigCollectSplay}
206 image: {get_param: controllerImage}
207 image_update_policy: {get_param: ImageUpdatePolicy}
208 flavor: {get_param: OvercloudControlFlavor}
209 key_name: {get_param: KeyName}
212 user_data_format: SOFTWARE_CONFIG
213 user_data: {get_resource: UserData}
216 template: {get_param: Hostname}
217 params: {get_param: HostnameMap}
218 software_config_transport: {get_param: SoftwareConfigTransport}
221 - {get_param: ServerMetadata}
222 - {get_param: ControllerServerMetadata}
223 - {get_param: ServiceMetadataSettings}
224 scheduler_hints: {get_param: ControllerSchedulerHints}
226 # Combine the NodeAdminUserData and NodeUserData mime archives
228 type: OS::Heat::MultipartMime
231 - config: {get_resource: NodeAdminUserData}
233 - config: {get_resource: NodeUserData}
235 - config: {get_resource: RoleUserData}
238 # Creates the "heat-admin" user if configured via the environment
239 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
241 type: OS::TripleO::NodeAdminUserData
243 # For optional operator additional userdata
244 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
246 type: OS::TripleO::NodeUserData
248 # For optional operator role-specific userdata
249 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
251 type: OS::TripleO::Controller::NodeUserData
254 type: OS::TripleO::Controller::Ports::ExternalPort
256 IPPool: {get_param: ControllerIPs}
257 NodeIndex: {get_param: NodeIndex}
258 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
261 type: OS::TripleO::Controller::Ports::InternalApiPort
263 IPPool: {get_param: ControllerIPs}
264 NodeIndex: {get_param: NodeIndex}
265 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
268 type: OS::TripleO::Controller::Ports::StoragePort
270 IPPool: {get_param: ControllerIPs}
271 NodeIndex: {get_param: NodeIndex}
272 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
275 type: OS::TripleO::Controller::Ports::StorageMgmtPort
277 IPPool: {get_param: ControllerIPs}
278 NodeIndex: {get_param: NodeIndex}
279 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
282 type: OS::TripleO::Controller::Ports::TenantPort
284 IPPool: {get_param: ControllerIPs}
285 NodeIndex: {get_param: NodeIndex}
286 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
289 type: OS::TripleO::Controller::Ports::ManagementPort
291 IPPool: {get_param: ControllerIPs}
292 NodeIndex: {get_param: NodeIndex}
293 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
296 type: OS::TripleO::Network::Ports::NetIpMap
298 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
299 ExternalIp: {get_attr: [ExternalPort, ip_address]}
300 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
301 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
302 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
303 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
304 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
305 StorageIp: {get_attr: [StoragePort, ip_address]}
306 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
307 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
308 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
309 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
310 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
311 TenantIp: {get_attr: [TenantPort, ip_address]}
312 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
313 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
314 ManagementIp: {get_attr: [ManagementPort, ip_address]}
315 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
316 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
319 type: OS::Heat::Value
327 - - {get_attr: [Controller, name]}
329 - {get_param: CloudDomain}
333 - - {get_attr: [Controller, name]}
339 - - {get_attr: [Controller, name]}
341 - {get_param: CloudDomain}
345 - - {get_attr: [Controller, name]}
351 - - {get_attr: [Controller, name]}
353 - {get_param: CloudDomain}
357 - - {get_attr: [Controller, name]}
363 - - {get_attr: [Controller, name]}
365 - {get_param: CloudDomain}
369 - - {get_attr: [Controller, name]}
375 - - {get_attr: [Controller, name]}
377 - {get_param: CloudDomain}
381 - - {get_attr: [Controller, name]}
387 - - {get_attr: [Controller, name]}
389 - {get_param: CloudDomain}
393 - - {get_attr: [Controller, name]}
399 - - {get_attr: [Controller, name]}
401 - {get_param: CloudDomain}
405 - - {get_attr: [Controller, name]}
409 type: OS::TripleO::Controller::PreNetworkConfig
411 server: {get_resource: Controller}
412 RoleParameters: {get_param: RoleParameters}
415 type: OS::TripleO::Controller::Net::SoftwareConfig
417 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
418 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
419 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
420 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
421 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
422 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
423 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
426 type: OS::TripleO::SoftwareDeployment
427 depends_on: PreNetworkConfig
429 name: NetworkDeployment
430 config: {get_resource: NetworkConfig}
431 server: {get_resource: Controller}
434 - server_not_blacklisted
435 - {get_param: NetworkDeploymentActions}
438 bridge_name: {get_param: NeutronPhysicalBridge}
439 interface_name: {get_param: NeutronPublicInterface}
441 # Resource for site-specific injection of root certificate
443 depends_on: NetworkDeployment
444 type: OS::TripleO::NodeTLSCAData
446 server: {get_resource: Controller}
448 # Resource for site-specific passing of private keys/certificates
450 depends_on: NodeTLSCAData
451 type: OS::TripleO::NodeTLSData
453 server: {get_resource: Controller}
454 NodeIndex: {get_param: NodeIndex}
456 ControllerUpgradeInitConfig:
457 type: OS::Heat::SoftwareConfig
463 - - "#!/bin/bash\n\n"
464 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
465 - get_param: UpgradeInitCommand
466 - get_param: UpgradeInitCommonCommand
468 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
469 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
470 ControllerUpgradeInitDeployment:
471 type: OS::Heat::SoftwareDeployment
472 depends_on: NetworkDeployment
474 name: ControllerUpgradeInitDeployment
477 - server_not_blacklisted
478 - ['CREATE', 'UPDATE']
480 server: {get_resource: Controller}
481 config: {get_resource: ControllerUpgradeInitConfig}
483 ControllerDeployment:
484 type: OS::TripleO::SoftwareDeployment
485 depends_on: ControllerUpgradeInitDeployment
487 name: ControllerDeployment
490 - server_not_blacklisted
491 - ['CREATE', 'UPDATE']
493 config: {get_resource: ControllerConfig}
494 server: {get_resource: Controller}
496 bootstack_nodeid: {get_attr: [Controller, name]}
497 enable_load_balancer: {get_param: EnableLoadBalancer}
498 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
500 # Map heat metadata into hiera datafiles
502 type: OS::Heat::StructuredConfig
508 - heat_config_%{::deploy_config_name}
510 - controller_extraconfig
515 - bootstrap_node # provided by BootstrapNodeConfig
516 - all_nodes # provided by allNodesConfig
517 - vip_data # provided by allNodesConfig
519 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
520 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
521 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
522 - midonet_data #Optionally provided by AllNodesExtraConfig
523 - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
524 merge_behavior: deeper
527 service_names: {get_param: ServiceNames}
528 sensu::subscriptions: {get_param: MonitoringSubscriptions}
531 - {get_param: ServiceConfigSettings}
532 - values: {get_attr: [NetIpMap, net_ip_map]}
533 controller_extraconfig:
535 - {get_param: controllerExtraConfig}
536 - {get_param: ControllerExtraConfig}
537 extraconfig: {get_param: ExtraConfig}
539 # data supplied directly to this deployment configuration, etc
540 bootstack_nodeid: {get_input: bootstack_nodeid}
542 enable_load_balancer: {get_input: enable_load_balancer}
545 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
546 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
547 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
548 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
549 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
550 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
551 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
552 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
553 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
555 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
556 ControllerExtraConfigPre:
557 depends_on: ControllerDeployment
558 type: OS::TripleO::ControllerExtraConfigPre
560 server: {get_resource: Controller}
562 # Hook for site-specific additional pre-deployment config,
563 # applying to all nodes, e.g node registration/unregistration
565 depends_on: [ControllerExtraConfigPre, NodeTLSData]
566 type: OS::TripleO::NodeExtraConfig
568 server: {get_resource: Controller}
571 type: OS::TripleO::Tasks::PackageUpdate
574 type: OS::Heat::SoftwareDeployment
575 depends_on: NetworkDeployment
577 name: UpdateDeployment
580 - server_not_blacklisted
581 - ['CREATE', 'UPDATE']
583 config: {get_resource: UpdateConfig}
584 server: {get_resource: Controller}
587 get_param: UpdateIdentifier
590 type: OS::TripleO::Ssh::HostPubKey
591 depends_on: ControllerDeployment
593 server: {get_resource: Controller}
597 description: IP address of the server in the ctlplane network
598 value: {get_attr: [Controller, networks, ctlplane, 0]}
600 description: IP address of the server in the external network
601 value: {get_attr: [ExternalPort, ip_address]}
602 internal_api_ip_address:
603 description: IP address of the server in the internal_api network
604 value: {get_attr: [InternalApiPort, ip_address]}
606 description: IP address of the server in the storage network
607 value: {get_attr: [StoragePort, ip_address]}
608 storage_mgmt_ip_address:
609 description: IP address of the server in the storage_mgmt network
610 value: {get_attr: [StorageMgmtPort, ip_address]}
612 description: IP address of the server in the tenant network
613 value: {get_attr: [TenantPort, ip_address]}
614 management_ip_address:
615 description: IP address of the server in the management network
616 value: {get_attr: [ManagementPort, ip_address]}
618 description: Hostname of the server
619 value: {get_attr: [Controller, name]}
621 description: Mapping of network names to hostnames
623 external: {get_attr: [NetHostMap, value, external, fqdn]}
624 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
625 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
626 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
627 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
628 management: {get_attr: [NetHostMap, value, management, fqdn]}
629 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
632 Server's IP address and hostname in the /etc/hosts format
636 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
637 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
638 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
639 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
640 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
641 TENANTIP TENANTHOST.DOMAIN TENANTHOST
642 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
643 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
645 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
646 DOMAIN: {get_param: CloudDomain}
647 PRIMARYHOST: {get_attr: [Controller, name]}
648 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
649 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
650 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
651 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
652 STORAGEIP: {get_attr: [StoragePort, ip_address]}
653 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
654 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
655 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
656 TENANTIP: {get_attr: [TenantPort, ip_address]}
657 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
658 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
659 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
660 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
661 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
663 description: Entry for ssh known hosts
666 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
667 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
668 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
669 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
670 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
671 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
672 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
673 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
675 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
676 DOMAIN: {get_param: CloudDomain}
677 PRIMARYHOST: {get_attr: [Controller, name]}
678 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
679 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
680 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
681 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
682 STORAGEIP: {get_attr: [StoragePort, ip_address]}
683 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
684 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
685 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
686 TENANTIP: {get_attr: [TenantPort, ip_address]}
687 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
688 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
689 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
690 CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
691 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
692 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
693 nova_server_resource:
694 description: Heat resource handle for the Nova compute server
696 {get_resource: Controller}
697 condition: server_not_blacklisted
699 description: MD5 checksum of the TLS Key Modulus
700 value: {get_attr: [NodeTLSData, key_modulus_md5]}
701 tls_cert_modulus_md5:
702 description: MD5 checksum of the TLS Certificate Modulus
703 value: {get_attr: [NodeTLSData, cert_modulus_md5]}
705 description: The os-collect-config configuration associated with this server resource
706 value: {get_attr: [Controller, os_collect_config]}