1 heat_template_version: 2016-10-14
4 OpenStack controller node configured by Puppet.
10 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
12 ControllerExtraConfig:
15 Controller specific hiera configuration data to inject into the cluster.
20 A network mapped list of IPs to assign to Controllers in the following form:
22 "internal_api": ["a.b.c.d", "e.f.g.h"],
28 description: Enable IPv6 in Corosync
32 description: Set to True to enable debugging on all services.
36 description: Whether to enable fencing in Pacemaker or not.
40 description: Whether to deploy a LoadBalancer on the Controller
45 Additional hieradata to inject into the cluster, note that
46 ControllerExtraConfig takes precedence over ExtraConfig.
51 Pacemaker fencing configuration. The JSON should have
52 the following structure:
56 "agent": "AGENT_NAME",
57 "host_mac": "HOST_MAC_ADDRESS",
58 "params": {"PARAM_NAME": "PARAM_VALUE"}
67 "host_mac": "52:54:00:aa:bb:cc",
69 "multicast_address": "225.0.0.12",
70 "port": "baremetal_0",
72 "manage_key_file": true,
73 "key_file": "/etc/fence_xvm.key",
74 "key_file_password": "abcdef"
80 OvercloudControlFlavor:
81 description: Flavor for control nodes to request when deploying.
85 - custom_constraint: nova.flavor
88 default: overcloud-full
90 - custom_constraint: glance.image
92 default: 'REBUILD_PRESERVE_EPHEMERAL'
93 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
97 description: Name of an existing Nova key pair to enable SSH access to the instances
100 - custom_constraint: nova.keypair
103 description: Whether to manage IPtables rules.
107 description: Whether IPtables rules should be purged before setting up the new ones.
109 NeutronPublicInterface:
111 description: What interface to bridge onto br-ex for network nodes.
115 description: The password for the 'pcsd' user.
118 description: The password for Redis
123 default: '' # Has to be here because of the ignored empty value bug
126 default: '' # Has to be here because of the ignored empty value bug
127 description: An IP address which is wrapped in brackets in case of IPv6
130 description: 'A hash of additional raw devices to use as Swift backend (eg. {sdb: {}})'
134 description: Mapping of service_name -> network name. Typically set
135 via parameter_defaults in the resource registry.
139 description: Mapping of service endpoint -> protocol. Typically set
140 via parameter_defaults in the resource registry.
146 Setting to a previously unused value during stack-update will trigger
147 package update on all nodes
150 default: '' # Defaults to Heat created hostname
154 description: Optional mapping to override hostnames
155 NetworkDeploymentActions:
156 type: comma_delimited_list
158 Heat action when to apply network configuration changes
163 SoftwareConfigTransport:
164 default: POLL_SERVER_CFN
166 How the server should receive the metadata required for software configuration.
169 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
173 The DNS domain used for the hosts. This should match the dhcp_domain
174 configured in the Undercloud neutron. Defaults to localdomain.
178 Extra properties or metadata passed to Nova for the created nodes in
179 the overcloud. It's accessible via the Nova metadata API.
181 ControllerSchedulerHints:
183 description: Optional scheduler hints to pass to nova
185 ServiceConfigSettings:
189 type: comma_delimited_list
193 description: Command which will be run whenever configuration data changes
194 default: os-refresh-config --timeout 14400
198 description: Do not use deprecated params, they will be removed.
200 - controllerExtraConfig
205 type: OS::TripleO::Server
208 command: {get_param: ConfigCommand}
210 image: {get_param: controllerImage}
211 image_update_policy: {get_param: ImageUpdatePolicy}
212 flavor: {get_param: OvercloudControlFlavor}
213 key_name: {get_param: KeyName}
216 user_data_format: SOFTWARE_CONFIG
217 user_data: {get_resource: UserData}
220 template: {get_param: Hostname}
221 params: {get_param: HostnameMap}
222 software_config_transport: {get_param: SoftwareConfigTransport}
223 metadata: {get_param: ServerMetadata}
224 scheduler_hints: {get_param: ControllerSchedulerHints}
226 # Combine the NodeAdminUserData and NodeUserData mime archives
228 type: OS::Heat::MultipartMime
231 - config: {get_resource: NodeAdminUserData}
233 - config: {get_resource: NodeUserData}
236 # Creates the "heat-admin" user if configured via the environment
237 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
239 type: OS::TripleO::NodeAdminUserData
241 # For optional operator additional userdata
242 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
244 type: OS::TripleO::NodeUserData
247 type: OS::TripleO::Controller::Ports::ExternalPort
249 IPPool: {get_param: ControllerIPs}
250 NodeIndex: {get_param: NodeIndex}
251 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
254 type: OS::TripleO::Controller::Ports::InternalApiPort
256 IPPool: {get_param: ControllerIPs}
257 NodeIndex: {get_param: NodeIndex}
258 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
261 type: OS::TripleO::Controller::Ports::StoragePort
263 IPPool: {get_param: ControllerIPs}
264 NodeIndex: {get_param: NodeIndex}
265 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
268 type: OS::TripleO::Controller::Ports::StorageMgmtPort
270 IPPool: {get_param: ControllerIPs}
271 NodeIndex: {get_param: NodeIndex}
272 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
275 type: OS::TripleO::Controller::Ports::TenantPort
277 IPPool: {get_param: ControllerIPs}
278 NodeIndex: {get_param: NodeIndex}
279 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
282 type: OS::TripleO::Controller::Ports::ManagementPort
284 IPPool: {get_param: ControllerIPs}
285 NodeIndex: {get_param: NodeIndex}
286 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
289 type: OS::TripleO::Network::Ports::NetIpMap
291 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
292 ExternalIp: {get_attr: [ExternalPort, ip_address]}
293 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
294 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
295 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
296 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
297 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
298 StorageIp: {get_attr: [StoragePort, ip_address]}
299 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
300 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
301 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
302 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
303 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
304 TenantIp: {get_attr: [TenantPort, ip_address]}
305 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
306 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
307 ManagementIp: {get_attr: [ManagementPort, ip_address]}
308 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
309 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
312 type: OS::TripleO::Controller::Net::SoftwareConfig
314 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
315 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
316 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
317 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
318 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
319 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
320 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
323 type: OS::TripleO::SoftwareDeployment
325 name: NetworkDeployment
326 config: {get_resource: NetworkConfig}
327 server: {get_resource: Controller}
328 actions: {get_param: NetworkDeploymentActions}
331 interface_name: {get_param: NeutronPublicInterface}
333 # Resource for site-specific injection of root certificate
335 depends_on: NetworkDeployment
336 type: OS::TripleO::NodeTLSCAData
338 server: {get_resource: Controller}
340 # Resource for site-specific passing of private keys/certificates
342 depends_on: NodeTLSCAData
343 type: OS::TripleO::NodeTLSData
345 server: {get_resource: Controller}
346 NodeIndex: {get_param: NodeIndex}
349 ControllerDeployment:
350 type: OS::TripleO::SoftwareDeployment
351 depends_on: NetworkDeployment
353 name: ControllerDeployment
354 config: {get_resource: ControllerConfig}
355 server: {get_resource: Controller}
357 bootstack_nodeid: {get_attr: [Controller, name]}
358 debug: {get_param: Debug}
359 enable_fencing: {get_param: EnableFencing}
360 enable_load_balancer: {get_param: EnableLoadBalancer}
361 manage_firewall: {get_param: ManageFirewall}
362 purge_firewall_rules: {get_param: PurgeFirewallRules}
363 corosync_ipv6: {get_param: CorosyncIPv6}
364 fencing_config: {get_param: FencingConfig}
365 pcsd_password: {get_param: PcsdPassword}
366 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
367 redis_vip: {get_param: RedisVirtualIP}
368 ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
370 # Map heat metadata into hiera datafiles
372 type: OS::Heat::StructuredConfig
374 group: os-apply-config
379 - heat_config_%{::deploy_config_name}
380 - controller_extraconfig
385 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
386 - bootstrap_node # provided by BootstrapNodeConfig
387 - all_nodes # provided by allNodesConfig
388 - vip_data # provided by vip-config
390 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
391 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
392 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
393 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
394 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
395 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
396 - midonet_data #Optionally provided by AllNodesExtraConfig
397 - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
398 merge_behavior: deeper
402 service_names: {get_param: ServiceNames}
406 - {get_param: ServiceConfigSettings}
407 - values: {get_attr: [NetIpMap, net_ip_map]}
408 controller_extraconfig:
411 - {get_param: controllerExtraConfig}
412 - {get_param: ControllerExtraConfig}
414 mapped_data: {get_param: ExtraConfig}
416 mapped_data: # data supplied directly to this deployment configuration, etc
417 bootstack_nodeid: {get_input: bootstack_nodeid}
420 enable_fencing: {get_input: enable_fencing}
421 enable_load_balancer: {get_input: enable_load_balancer}
422 hacluster_pwd: {get_input: pcsd_password}
423 corosync_ipv6: {get_input: corosync_ipv6}
424 tripleo::fencing::config: {get_input: fencing_config}
427 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
428 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
430 redis_vip: {get_input: redis_vip}
432 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
433 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
435 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
436 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
438 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
439 ControllerExtraConfigPre:
440 depends_on: ControllerDeployment
441 type: OS::TripleO::ControllerExtraConfigPre
443 server: {get_resource: Controller}
445 # Hook for site-specific additional pre-deployment config,
446 # applying to all nodes, e.g node registration/unregistration
448 depends_on: [ControllerExtraConfigPre, NodeTLSData]
449 type: OS::TripleO::NodeExtraConfig
451 server: {get_resource: Controller}
454 type: OS::TripleO::Tasks::PackageUpdate
457 type: OS::Heat::SoftwareDeployment
459 name: UpdateDeployment
460 config: {get_resource: UpdateConfig}
461 server: {get_resource: Controller}
464 get_param: UpdateIdentifier
468 description: IP address of the server in the ctlplane network
469 value: {get_attr: [Controller, networks, ctlplane, 0]}
471 description: IP address of the server in the external network
472 value: {get_attr: [ExternalPort, ip_address]}
473 internal_api_ip_address:
474 description: IP address of the server in the internal_api network
475 value: {get_attr: [InternalApiPort, ip_address]}
477 description: IP address of the server in the storage network
478 value: {get_attr: [StoragePort, ip_address]}
479 storage_mgmt_ip_address:
480 description: IP address of the server in the storage_mgmt network
481 value: {get_attr: [StorageMgmtPort, ip_address]}
483 description: IP address of the server in the tenant network
484 value: {get_attr: [TenantPort, ip_address]}
485 management_ip_address:
486 description: IP address of the server in the management network
487 value: {get_attr: [ManagementPort, ip_address]}
489 description: Hostname of the server
490 value: {get_attr: [Controller, name]}
493 Server's IP address and hostname in the /etc/hosts format
497 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
498 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
499 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
500 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
501 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
502 TENANTIP TENANTHOST.DOMAIN TENANTHOST
503 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
505 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
506 DOMAIN: {get_param: CloudDomain}
507 PRIMARYHOST: {get_attr: [Controller, name]}
508 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
512 - - {get_attr: [Controller, name]}
514 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
518 - - {get_attr: [Controller, name]}
520 STORAGEIP: {get_attr: [StoragePort, ip_address]}
524 - - {get_attr: [Controller, name]}
526 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
530 - - {get_attr: [Controller, name]}
532 TENANTIP: {get_attr: [TenantPort, ip_address]}
536 - - {get_attr: [Controller, name]}
538 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
542 - - {get_attr: [Controller, name]}
544 nova_server_resource:
545 description: Heat resource handle for the Nova compute server
547 {get_resource: Controller}
549 description: Swift device formatted for swift-ring-builder
555 - ['r1z1-IP:%PORT%/d1']
557 template: 'r1z1-IP:%PORT%/DEVICE'
559 DEVICE: {get_param: SwiftRawDisks}
566 template: "NETWORK_uri"
568 NETWORK: {get_param: [ServiceNetMap, SwiftMgmtNetwork]}
569 swift_proxy_memcache:
570 description: Swift proxy-memcache value
580 template: "NETWORK_uri"
582 NETWORK: {get_param: [ServiceNetMap, MemcachedNetwork]}
584 description: MD5 checksum of the TLS Key Modulus
585 value: {get_attr: [NodeTLSData, key_modulus_md5]}
586 tls_cert_modulus_md5:
587 description: MD5 checksum of the TLS Certificate Modulus
588 value: {get_attr: [NodeTLSData, cert_modulus_md5]}