1 heat_template_version: 2016-10-14
4 OpenStack controller node configured by Puppet.
10 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
12 ControllerExtraConfig:
15 Controller specific hiera configuration data to inject into the cluster.
20 A network mapped list of IPs to assign to Controllers in the following form:
22 "internal_api": ["a.b.c.d", "e.f.g.h"],
28 description: Enable IPv6 in Corosync
32 description: Set to True to enable debugging on all services.
36 description: Whether to enable fencing in Pacemaker or not.
40 description: Whether to deploy a LoadBalancer on the Controller
45 Additional hieradata to inject into the cluster, note that
46 ControllerExtraConfig takes precedence over ExtraConfig.
51 Pacemaker fencing configuration. The JSON should have
52 the following structure:
56 "agent": "AGENT_NAME",
57 "host_mac": "HOST_MAC_ADDRESS",
58 "params": {"PARAM_NAME": "PARAM_VALUE"}
67 "host_mac": "52:54:00:aa:bb:cc",
69 "multicast_address": "225.0.0.12",
70 "port": "baremetal_0",
72 "manage_key_file": true,
73 "key_file": "/etc/fence_xvm.key",
74 "key_file_password": "abcdef"
80 OvercloudControlFlavor:
81 description: Flavor for control nodes to request when deploying.
85 - custom_constraint: nova.flavor
88 default: overcloud-full
90 - custom_constraint: glance.image
92 default: 'REBUILD_PRESERVE_EPHEMERAL'
93 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
97 description: Name of an existing Nova key pair to enable SSH access to the instances
100 - custom_constraint: nova.keypair
103 description: Whether to manage IPtables rules.
107 description: Whether IPtables rules should be purged before setting up the new ones.
109 NeutronPublicInterface:
111 description: What interface to bridge onto br-ex for network nodes.
115 description: The password for the 'pcsd' user.
118 description: The password for Redis
123 default: '' # Has to be here because of the ignored empty value bug
126 default: '' # Has to be here because of the ignored empty value bug
127 description: An IP address which is wrapped in brackets in case of IPv6
130 description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})'
134 description: Mapping of service_name -> network name. Typically set
135 via parameter_defaults in the resource registry.
139 description: Mapping of service endpoint -> protocol. Typically set
140 via parameter_defaults in the resource registry.
146 Setting to a previously unused value during stack-update will trigger
147 package update on all nodes
150 default: '' # Defaults to Heat created hostname
154 description: Optional mapping to override hostnames
155 NetworkDeploymentActions:
156 type: comma_delimited_list
158 Heat action when to apply network configuration changes
163 SoftwareConfigTransport:
164 default: POLL_SERVER_CFN
166 How the server should receive the metadata required for software configuration.
169 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
173 The DNS domain used for the hosts. This should match the dhcp_domain
174 configured in the Undercloud neutron. Defaults to localdomain.
178 Extra properties or metadata passed to Nova for the created nodes in
179 the overcloud. It's accessible via the Nova metadata API.
181 ControllerSchedulerHints:
183 description: Optional scheduler hints to pass to nova
185 ServiceConfigSettings:
189 type: comma_delimited_list
191 MonitoringSubscriptions:
192 type: comma_delimited_list
196 description: Command which will be run whenever configuration data changes
197 default: os-refresh-config --timeout 14400
201 description: Do not use deprecated params, they will be removed.
203 - controllerExtraConfig
208 type: OS::TripleO::Server
211 command: {get_param: ConfigCommand}
213 image: {get_param: controllerImage}
214 image_update_policy: {get_param: ImageUpdatePolicy}
215 flavor: {get_param: OvercloudControlFlavor}
216 key_name: {get_param: KeyName}
219 user_data_format: SOFTWARE_CONFIG
220 user_data: {get_resource: UserData}
223 template: {get_param: Hostname}
224 params: {get_param: HostnameMap}
225 software_config_transport: {get_param: SoftwareConfigTransport}
226 metadata: {get_param: ServerMetadata}
227 scheduler_hints: {get_param: ControllerSchedulerHints}
229 # Combine the NodeAdminUserData and NodeUserData mime archives
231 type: OS::Heat::MultipartMime
234 - config: {get_resource: NodeAdminUserData}
236 - config: {get_resource: NodeUserData}
239 # Creates the "heat-admin" user if configured via the environment
240 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
242 type: OS::TripleO::NodeAdminUserData
244 # For optional operator additional userdata
245 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
247 type: OS::TripleO::NodeUserData
250 type: OS::TripleO::Controller::Ports::ExternalPort
252 IPPool: {get_param: ControllerIPs}
253 NodeIndex: {get_param: NodeIndex}
254 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
257 type: OS::TripleO::Controller::Ports::InternalApiPort
259 IPPool: {get_param: ControllerIPs}
260 NodeIndex: {get_param: NodeIndex}
261 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
264 type: OS::TripleO::Controller::Ports::StoragePort
266 IPPool: {get_param: ControllerIPs}
267 NodeIndex: {get_param: NodeIndex}
268 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
271 type: OS::TripleO::Controller::Ports::StorageMgmtPort
273 IPPool: {get_param: ControllerIPs}
274 NodeIndex: {get_param: NodeIndex}
275 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
278 type: OS::TripleO::Controller::Ports::TenantPort
280 IPPool: {get_param: ControllerIPs}
281 NodeIndex: {get_param: NodeIndex}
282 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
285 type: OS::TripleO::Controller::Ports::ManagementPort
287 IPPool: {get_param: ControllerIPs}
288 NodeIndex: {get_param: NodeIndex}
289 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
292 type: OS::TripleO::Network::Ports::NetIpMap
294 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
295 ExternalIp: {get_attr: [ExternalPort, ip_address]}
296 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
297 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
298 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
299 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
300 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
301 StorageIp: {get_attr: [StoragePort, ip_address]}
302 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
303 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
304 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
305 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
306 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
307 TenantIp: {get_attr: [TenantPort, ip_address]}
308 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
309 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
310 ManagementIp: {get_attr: [ManagementPort, ip_address]}
311 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
312 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
315 type: OS::TripleO::Controller::Net::SoftwareConfig
317 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
318 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
319 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
320 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
321 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
322 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
323 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
326 type: OS::TripleO::SoftwareDeployment
328 name: NetworkDeployment
329 config: {get_resource: NetworkConfig}
330 server: {get_resource: Controller}
331 actions: {get_param: NetworkDeploymentActions}
334 interface_name: {get_param: NeutronPublicInterface}
336 # Resource for site-specific injection of root certificate
338 depends_on: NetworkDeployment
339 type: OS::TripleO::NodeTLSCAData
341 server: {get_resource: Controller}
343 # Resource for site-specific passing of private keys/certificates
345 depends_on: NodeTLSCAData
346 type: OS::TripleO::NodeTLSData
348 server: {get_resource: Controller}
349 NodeIndex: {get_param: NodeIndex}
352 ControllerDeployment:
353 type: OS::TripleO::SoftwareDeployment
354 depends_on: NetworkDeployment
356 name: ControllerDeployment
357 config: {get_resource: ControllerConfig}
358 server: {get_resource: Controller}
360 bootstack_nodeid: {get_attr: [Controller, name]}
361 debug: {get_param: Debug}
362 enable_fencing: {get_param: EnableFencing}
363 enable_load_balancer: {get_param: EnableLoadBalancer}
364 manage_firewall: {get_param: ManageFirewall}
365 purge_firewall_rules: {get_param: PurgeFirewallRules}
366 corosync_ipv6: {get_param: CorosyncIPv6}
367 fencing_config: {get_param: FencingConfig}
368 pcsd_password: {get_param: PcsdPassword}
369 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
370 redis_vip: {get_param: RedisVirtualIP}
371 ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
373 # Map heat metadata into hiera datafiles
375 type: OS::Heat::StructuredConfig
377 group: os-apply-config
382 - heat_config_%{::deploy_config_name}
383 - controller_extraconfig
388 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
389 - bootstrap_node # provided by BootstrapNodeConfig
390 - all_nodes # provided by allNodesConfig
391 - vip_data # provided by vip-config
393 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
394 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
395 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
396 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
397 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
398 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
399 - midonet_data #Optionally provided by AllNodesExtraConfig
400 - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
401 merge_behavior: deeper
405 service_names: {get_param: ServiceNames}
406 sensu::subscriptions: {get_param: MonitoringSubscriptions}
410 - {get_param: ServiceConfigSettings}
411 - values: {get_attr: [NetIpMap, net_ip_map]}
412 controller_extraconfig:
415 - {get_param: controllerExtraConfig}
416 - {get_param: ControllerExtraConfig}
418 mapped_data: {get_param: ExtraConfig}
420 mapped_data: # data supplied directly to this deployment configuration, etc
421 bootstack_nodeid: {get_input: bootstack_nodeid}
424 enable_fencing: {get_input: enable_fencing}
425 enable_load_balancer: {get_input: enable_load_balancer}
426 hacluster_pwd: {get_input: pcsd_password}
427 corosync_ipv6: {get_input: corosync_ipv6}
428 tripleo::fencing::config: {get_input: fencing_config}
431 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
432 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
434 redis_vip: {get_input: redis_vip}
436 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
437 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
439 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
440 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
442 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
443 ControllerExtraConfigPre:
444 depends_on: ControllerDeployment
445 type: OS::TripleO::ControllerExtraConfigPre
447 server: {get_resource: Controller}
449 # Hook for site-specific additional pre-deployment config,
450 # applying to all nodes, e.g node registration/unregistration
452 depends_on: [ControllerExtraConfigPre, NodeTLSData]
453 type: OS::TripleO::NodeExtraConfig
455 server: {get_resource: Controller}
458 type: OS::TripleO::Tasks::PackageUpdate
461 type: OS::Heat::SoftwareDeployment
463 name: UpdateDeployment
464 config: {get_resource: UpdateConfig}
465 server: {get_resource: Controller}
468 get_param: UpdateIdentifier
472 description: IP address of the server in the ctlplane network
473 value: {get_attr: [Controller, networks, ctlplane, 0]}
475 description: IP address of the server in the external network
476 value: {get_attr: [ExternalPort, ip_address]}
477 internal_api_ip_address:
478 description: IP address of the server in the internal_api network
479 value: {get_attr: [InternalApiPort, ip_address]}
481 description: IP address of the server in the storage network
482 value: {get_attr: [StoragePort, ip_address]}
483 storage_mgmt_ip_address:
484 description: IP address of the server in the storage_mgmt network
485 value: {get_attr: [StorageMgmtPort, ip_address]}
487 description: IP address of the server in the tenant network
488 value: {get_attr: [TenantPort, ip_address]}
489 management_ip_address:
490 description: IP address of the server in the management network
491 value: {get_attr: [ManagementPort, ip_address]}
493 description: Hostname of the server
494 value: {get_attr: [Controller, name]}
497 Server's IP address and hostname in the /etc/hosts format
501 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
502 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
503 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
504 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
505 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
506 TENANTIP TENANTHOST.DOMAIN TENANTHOST
507 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
509 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
510 DOMAIN: {get_param: CloudDomain}
511 PRIMARYHOST: {get_attr: [Controller, name]}
512 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
516 - - {get_attr: [Controller, name]}
518 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
522 - - {get_attr: [Controller, name]}
524 STORAGEIP: {get_attr: [StoragePort, ip_address]}
528 - - {get_attr: [Controller, name]}
530 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
534 - - {get_attr: [Controller, name]}
536 TENANTIP: {get_attr: [TenantPort, ip_address]}
540 - - {get_attr: [Controller, name]}
542 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
546 - - {get_attr: [Controller, name]}
548 nova_server_resource:
549 description: Heat resource handle for the Nova compute server
551 {get_resource: Controller}
553 description: Swift device formatted for swift-ring-builder
559 - ['r1z1-IP:%PORT%/d1']
561 template: 'r1z1-IP:%PORT%/DEVICE'
563 DEVICE: {get_param: SwiftRawDisks}
570 template: "NETWORK_uri"
572 NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]}
573 swift_proxy_memcache:
574 description: Swift proxy-memcache value
584 template: "NETWORK_uri"
586 NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]}
588 description: MD5 checksum of the TLS Key Modulus
589 value: {get_attr: [NodeTLSData, key_modulus_md5]}
590 tls_cert_modulus_md5:
591 description: MD5 checksum of the TLS Certificate Modulus
592 value: {get_attr: [NodeTLSData, cert_modulus_md5]}