1 heat_template_version: pike
2 description: 'OpenStack {{role.name}} node configured by Puppet'
4 Overcloud{{role.name}}Flavor:
5 description: Flavor for the {{role.name}} node.
8 {% if role.disable_constraints is not defined %}
10 - custom_constraint: nova.flavor
14 default: overcloud-full
15 {% if role.disable_constraints is not defined %}
17 - custom_constraint: glance.image
20 default: 'REBUILD_PRESERVE_EPHEMERAL'
21 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
24 description: Name of an existing Nova key pair to enable SSH access to the instances
27 {% if role.disable_constraints is not defined %}
29 - custom_constraint: nova.keypair
31 NeutronPhysicalBridge:
33 description: An OVS bridge to create for accessing tenant networks.
35 NeutronPublicInterface:
37 description: Which interface to add to the NeutronPhysicalBridge.
41 description: Mapping of service_name -> network name. Typically set
42 via parameter_defaults in the resource registry.
46 description: Mapping of service endpoint -> protocol. Typically set
47 via parameter_defaults in the resource registry.
53 Setting to a previously unused value during stack-update will trigger
54 package update on all nodes
57 default: '' # Defaults to Heat created hostname
61 description: Optional mapping to override hostnames
65 Additional hiera configuration to inject into the cluster. Note
66 that {{role.name}}ExtraConfig takes precedence over ExtraConfig.
68 {{role.name}}ExtraConfig:
71 Role specific additional hiera configuration to inject into the cluster.
76 NetworkDeploymentActions:
77 type: comma_delimited_list
79 Heat action when to apply network configuration changes
81 SoftwareConfigTransport:
82 default: POLL_SERVER_CFN
84 How the server should receive the metadata required for software configuration.
87 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
89 default: 'localdomain'
92 The DNS domain used for the hosts. This must match the
93 overcloud_domain_name configured on the undercloud.
94 {{role.name}}ServerMetadata:
97 Extra properties or metadata passed to Nova for the created nodes in
98 the overcloud. It's accessible via the Nova metadata API. This option is
99 role-specific and is merged with the values given to the ServerMetadata
105 Extra properties or metadata passed to Nova for the created nodes in
106 the overcloud. It's accessible via the Nova metadata API. This applies to
107 all roles and is merged with a role-specific metadata parameter.
109 {{role.name}}SchedulerHints:
111 description: Optional scheduler hints to pass to nova
116 ServiceConfigSettings:
120 type: comma_delimited_list
122 MonitoringSubscriptions:
123 type: comma_delimited_list
125 ServiceMetadataSettings:
130 description: Command which will be run whenever configuration data changes
131 default: os-refresh-config --timeout 14400
136 Maximum amount of time to possibly to delay configuation collection
137 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
138 the configuration collection to occur as soon as the collection process
139 starts. This setting is used to prevent the configuration collection
140 processes from polling all at the exact same time.
145 type: comma_delimited_list
150 Command or script snippet to run on all overcloud nodes to
151 initialize the upgrade process. E.g. a repository switch.
153 UpgradeInitCommonCommand:
156 Common commands required by the upgrades process. This should not
157 normally be modified by the operator and is set and unset in the
158 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
161 DeploymentServerBlacklistDict:
165 Map of server hostnames to blacklist from any triggered
166 deployments. If the value is 1, the server will be blacklisted. This
167 parameter is generated from the parent template.
170 description: Role Specific Parameters
172 DeploymentSwiftDataMap:
175 Map of servers to Swift container and object for storing deployment data.
176 The keys are the Heat assigned hostnames, and the value is a map of the
177 container/object name in Swift. Example value:
178 overcloud-controller-0:
179 container: overcloud-controller
181 overcloud-controller-1:
182 container: overcloud-controller
184 overcloud-controller-2:
185 container: overcloud-controller
187 overcloud-novacompute-0:
188 container: overcloud-compute
193 server_not_blacklisted:
196 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
198 deployment_swift_data_map_unset:
201 - DeploymentSwiftDataMap
202 - {get_param: Hostname}
207 type: OS::TripleO::{{role.name}}Server
210 command: {get_param: ConfigCommand}
211 splay: {get_param: ConfigCollectSplay}
213 image: {get_param: {{role.name}}Image}
214 image_update_policy: {get_param: ImageUpdatePolicy}
215 flavor: {get_param: Overcloud{{role.name}}Flavor}
216 key_name: {get_param: KeyName}
219 user_data_format: SOFTWARE_CONFIG
220 user_data: {get_resource: UserData}
223 template: {get_param: Hostname}
224 params: {get_param: HostnameMap}
225 software_config_transport: {get_param: SoftwareConfigTransport}
228 - {get_param: ServerMetadata}
229 - {get_param: {{role.name}}ServerMetadata}
230 - {get_param: ServiceMetadataSettings}
231 scheduler_hints: {get_param: {{role.name}}SchedulerHints}
232 deployment_swift_data:
234 - deployment_swift_data_map_unset
236 - {get_param: [DeploymentSwiftDataMap,
237 {get_param: Hostname}]}
239 # Combine the NodeAdminUserData and NodeUserData mime archives
241 type: OS::Heat::MultipartMime
244 - config: {get_resource: NodeAdminUserData}
246 - config: {get_resource: NodeUserData}
248 - config: {get_resource: RoleUserData}
251 # Creates the "heat-admin" user if configured via the environment
252 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
254 type: OS::TripleO::NodeAdminUserData
256 # For optional operator additional userdata
257 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
259 type: OS::TripleO::NodeUserData
261 # For optional operator role-specific userdata
262 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
264 type: OS::TripleO::{{role.name}}::NodeUserData
266 {%- for network in networks %}
267 {{network.name}}Port:
268 type: OS::TripleO::{{role.name}}::Ports::{{network.name}}Port
270 ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
271 IPPool: {get_param: {{role.name}}IPs}
272 NodeIndex: {get_param: NodeIndex}
276 type: OS::TripleO::{{role.name}}::Net::SoftwareConfig
278 ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
279 {%- for network in networks %}
280 {{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]}
284 type: OS::TripleO::Network::Ports::NetIpMap
286 ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
287 {%- for network in networks %}
288 {{network.name}}Ip: {get_attr: [{{network.name}}Port, ip_address]}
289 {{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]}
290 {{network.name}}IpUri: {get_attr: [{{network.name}}Port, ip_address_uri]}
294 type: OS::Heat::Value
302 - - {get_attr: [{{role.name}}, name]}
304 - {get_param: CloudDomain}
308 - - {get_attr: [{{role.name}}, name]}
314 - - {get_attr: [{{role.name}}, name]}
316 - {get_param: CloudDomain}
320 - - {get_attr: [{{role.name}}, name]}
326 - - {get_attr: [{{role.name}}, name]}
328 - {get_param: CloudDomain}
332 - - {get_attr: [{{role.name}}, name]}
338 - - {get_attr: [{{role.name}}, name]}
340 - {get_param: CloudDomain}
344 - - {get_attr: [{{role.name}}, name]}
350 - - {get_attr: [{{role.name}}, name]}
352 - {get_param: CloudDomain}
356 - - {get_attr: [{{role.name}}, name]}
362 - - {get_attr: [{{role.name}}, name]}
364 - {get_param: CloudDomain}
368 - - {get_attr: [{{role.name}}, name]}
374 - - {get_attr: [{{role.name}}, name]}
376 - {get_param: CloudDomain}
380 - - {get_attr: [{{role.name}}, name]}
384 type: OS::TripleO::{{role.name}}::PreNetworkConfig
386 server: {get_resource: {{role.name}}}
387 RoleParameters: {get_param: RoleParameters}
388 ServiceNames: {get_param: ServiceNames}
391 type: OS::TripleO::SoftwareDeployment
392 depends_on: PreNetworkConfig
394 name: NetworkDeployment
395 config: {get_resource: NetworkConfig}
396 server: {get_resource: {{role.name}}}
397 actions: {get_param: NetworkDeploymentActions}
399 bridge_name: {get_param: NeutronPhysicalBridge}
400 interface_name: {get_param: NeutronPublicInterface}
403 - server_not_blacklisted
404 - {get_param: NetworkDeploymentActions}
407 {{role.name}}UpgradeInitConfig:
408 type: OS::Heat::SoftwareConfig
414 - - "#!/bin/bash\n\n"
415 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
416 - get_param: UpgradeInitCommand
417 - get_param: UpgradeInitCommonCommand
419 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
420 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
421 {{role.name}}UpgradeInitDeployment:
422 type: OS::Heat::SoftwareDeployment
423 depends_on: NetworkDeployment
425 name: {{role.name}}UpgradeInitDeployment
426 server: {get_resource: {{role.name}}}
427 config: {get_resource: {{role.name}}UpgradeInitConfig}
430 - server_not_blacklisted
431 - ['CREATE', 'UPDATE']
434 {{role.name}}Deployment:
435 type: OS::Heat::StructuredDeployment
436 depends_on: {{role.name}}UpgradeInitDeployment
438 name: {{role.name}}Deployment
439 config: {get_resource: {{role.name}}Config}
440 server: {get_resource: {{role.name}}}
442 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
445 - server_not_blacklisted
446 - ['CREATE', 'UPDATE']
450 type: OS::Heat::StructuredConfig
456 - heat_config_%{::deploy_config_name}
458 - {{role.name.lower()}}_extraconfig
462 - {{role.name.lower()}}
463 - bootstrap_node # provided by allNodesConfig
464 - all_nodes # provided by allNodesConfig
465 - vip_data # provided by allNodesConfig
467 merge_behavior: deeper
470 service_names: {get_param: ServiceNames}
471 sensu::subscriptions: {get_param: MonitoringSubscriptions}
474 - {get_param: ServiceConfigSettings}
475 - values: {get_attr: [NetIpMap, net_ip_map]}
476 {{role.name.lower()}}_extraconfig: {get_param: {{role.name}}ExtraConfig}
477 extraconfig: {get_param: ExtraConfig}
478 {{role.name.lower()}}:
479 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
480 tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
481 tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
482 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
483 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
484 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
485 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
486 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
487 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
488 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
490 # Resource for site-specific injection of root certificate
492 depends_on: {{role.name}}Deployment
493 type: OS::TripleO::NodeTLSCAData
495 server: {get_resource: {{role.name}}}
497 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
498 {{role.name}}ExtraConfigPre:
499 depends_on: {{role.name}}Deployment
500 type: OS::TripleO::{{role.name}}ExtraConfigPre
502 server: {get_resource: {{role.name}}}
504 # Hook for site-specific additional pre-deployment config,
505 # applying to all nodes, e.g node registration/unregistration
507 depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData]
508 type: OS::TripleO::NodeExtraConfig
510 server: {get_resource: {{role.name}}}
513 type: OS::TripleO::Tasks::PackageUpdate
516 type: OS::Heat::SoftwareDeployment
517 depends_on: NetworkDeployment
519 name: UpdateDeployment
520 config: {get_resource: UpdateConfig}
521 server: {get_resource: {{role.name}}}
524 get_param: UpdateIdentifier
527 - server_not_blacklisted
528 - ['CREATE', 'UPDATE']
532 type: OS::TripleO::Ssh::HostPubKey
533 depends_on: {{role.name}}Deployment
535 server: {get_resource: {{role.name}}}
539 description: IP address of the server in the ctlplane network
540 value: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
542 description: Hostname of the server
543 value: {get_attr: [{{role.name}}, name]}
545 description: Mapping of network names to hostnames
547 {%- for network in networks %}
548 {{network.name_lower|default(network.name.lower())}}: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower()) }}, fqdn]}
550 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
555 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
556 {%- for network in networks %}
557 {{network.name}}IP {{network.name}}HOST.DOMAIN {{network.name}}HOST
559 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
561 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
562 DOMAIN: {get_param: CloudDomain}
563 PRIMARYHOST: {get_attr: [{{role.name}}, name]}
564 {%- for network in networks %}
565 {{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]}
566 {{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]}
568 CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
569 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
571 description: Entry for ssh known hosts
574 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
575 {%- for network in networks %}
576 {{network.name}}IP,{{network.name}}HOST.DOMAIN,{{network.name}}HOST,\
578 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
580 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
581 DOMAIN: {get_param: CloudDomain}
582 PRIMARYHOST: {get_attr: [{{role.name}}, name]}
583 {%- for network in networks %}
584 {{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]}
585 {{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]}
587 CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
588 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
589 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
590 nova_server_resource:
591 description: Heat resource handle for {{role.name}} server
593 {get_resource: {{role.name}}}
594 condition: server_not_blacklisted
595 deployed_server_port_map:
597 Map of Heat created hostname of the server to ip address. This is the
598 hostname before it has been mapped with the HostnameMap parameter, and
599 the IP address from the ctlplane network. This map can be used to construct
600 the DeployedServerPortMap parameter when using split-stack.
605 - ip_address: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
610 - - {get_param: Hostname}
612 deployed_server_deployment_swift_data_map:
614 Map of Heat created hostname of the server to the Swift container and object
615 used to created the temporary url for metadata polling with
623 - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]}
630 - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]}
633 - keys: {hostname: {get_param: Hostname}}
635 description: The os-collect-config configuration associated with this server resource
636 value: {get_attr: [{{role.name}}, os_collect_config]}
637 {%- for network in networks %}
638 {{network.name_lower|default(network.name.lower())}}_ip_address:
639 description: IP address of the server in the {{network.name}} network
640 value: {get_attr: [{{network.name}}Port, ip_address]}