1 heat_template_version: pike
2 description: 'OpenStack {{role}} node configured by Puppet'
4 Overcloud{{role}}Flavor:
5 description: Flavor for the {{role}} node.
8 {% if disable_constraints is not defined %}
10 - custom_constraint: nova.flavor
14 default: overcloud-full
15 {% if disable_constraints is not defined %}
17 - custom_constraint: glance.image
20 default: 'REBUILD_PRESERVE_EPHEMERAL'
21 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
24 description: Name of an existing Nova key pair to enable SSH access to the instances
27 {% if disable_constraints is not defined %}
29 - custom_constraint: nova.keypair
31 NeutronPublicInterface:
33 description: What interface to bridge onto br-ex for network nodes.
37 description: Mapping of service_name -> network name. Typically set
38 via parameter_defaults in the resource registry.
42 description: Mapping of service endpoint -> protocol. Typically set
43 via parameter_defaults in the resource registry.
49 Setting to a previously unused value during stack-update will trigger
50 package update on all nodes
53 default: '' # Defaults to Heat created hostname
57 description: Optional mapping to override hostnames
61 Additional hiera configuration to inject into the cluster. Note
62 that {{role}}ExtraConfig takes precedence over ExtraConfig.
67 Role specific additional hiera configuration to inject into the cluster.
72 NetworkDeploymentActions:
73 type: comma_delimited_list
75 Heat action when to apply network configuration changes
77 SoftwareConfigTransport:
78 default: POLL_SERVER_CFN
80 How the server should receive the metadata required for software configuration.
83 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
85 default: 'localdomain'
88 The DNS domain used for the hosts. This must match the
89 overcloud_domain_name configured on the undercloud.
90 {{role}}ServerMetadata:
93 Extra properties or metadata passed to Nova for the created nodes in
94 the overcloud. It's accessible via the Nova metadata API. This option is
95 role-specific and is merged with the values given to the ServerMetadata
101 Extra properties or metadata passed to Nova for the created nodes in
102 the overcloud. It's accessible via the Nova metadata API. This applies to
103 all roles and is merged with a role-specific metadata parameter.
105 {{role}}SchedulerHints:
107 description: Optional scheduler hints to pass to nova
112 ServiceConfigSettings:
116 type: comma_delimited_list
118 MonitoringSubscriptions:
119 type: comma_delimited_list
121 ServiceMetadataSettings:
126 description: Command which will be run whenever configuration data changes
127 default: os-refresh-config --timeout 14400
132 Maximum amount of time to possibly to delay configuation collection
133 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
134 the configuration collection to occur as soon as the collection process
135 starts. This setting is used to prevent the configuration collection
136 processes from polling all at the exact same time.
141 type: comma_delimited_list
146 Command or script snippet to run on all overcloud nodes to
147 initialize the upgrade process. E.g. a repository switch.
149 UpgradeInitCommonCommand:
152 Common commands required by the upgrades process. This should not
153 normally be modified by the operator and is set and unset in the
154 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
157 DeploymentServerBlacklistDict:
161 Map of server hostnames to blacklist from any triggered
162 deployments. If the value is 1, the server will be blacklisted. This
163 parameter is generated from the parent template.
166 description: Role Specific Parameters
170 server_not_blacklisted:
173 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
178 type: OS::TripleO::{{role.name}}Server
181 command: {get_param: ConfigCommand}
182 splay: {get_param: ConfigCollectSplay}
184 image: {get_param: {{role}}Image}
185 image_update_policy: {get_param: ImageUpdatePolicy}
186 flavor: {get_param: Overcloud{{role}}Flavor}
187 key_name: {get_param: KeyName}
190 user_data_format: SOFTWARE_CONFIG
191 user_data: {get_resource: UserData}
194 template: {get_param: Hostname}
195 params: {get_param: HostnameMap}
196 software_config_transport: {get_param: SoftwareConfigTransport}
199 - {get_param: ServerMetadata}
200 - {get_param: {{role}}ServerMetadata}
201 - {get_param: ServiceMetadataSettings}
202 scheduler_hints: {get_param: {{role}}SchedulerHints}
204 # Combine the NodeAdminUserData and NodeUserData mime archives
206 type: OS::Heat::MultipartMime
209 - config: {get_resource: NodeAdminUserData}
211 - config: {get_resource: NodeUserData}
213 - config: {get_resource: RoleUserData}
216 # Creates the "heat-admin" user if configured via the environment
217 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
219 type: OS::TripleO::NodeAdminUserData
221 # For optional operator additional userdata
222 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
224 type: OS::TripleO::NodeUserData
226 # For optional operator role-specific userdata
227 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
229 type: OS::TripleO::{{role}}::NodeUserData
232 type: OS::TripleO::{{role}}::Ports::ExternalPort
234 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
235 IPPool: {get_param: {{role}}IPs}
236 NodeIndex: {get_param: NodeIndex}
239 type: OS::TripleO::{{role}}::Ports::InternalApiPort
241 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
242 IPPool: {get_param: {{role}}IPs}
243 NodeIndex: {get_param: NodeIndex}
246 type: OS::TripleO::{{role}}::Ports::StoragePort
248 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
249 IPPool: {get_param: {{role}}IPs}
250 NodeIndex: {get_param: NodeIndex}
253 type: OS::TripleO::{{role}}::Ports::StorageMgmtPort
255 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
256 IPPool: {get_param: {{role}}IPs}
257 NodeIndex: {get_param: NodeIndex}
260 type: OS::TripleO::{{role}}::Ports::TenantPort
262 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
263 IPPool: {get_param: {{role}}IPs}
264 NodeIndex: {get_param: NodeIndex}
267 type: OS::TripleO::{{role}}::Ports::ManagementPort
269 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
270 IPPool: {get_param: {{role}}IPs}
271 NodeIndex: {get_param: NodeIndex}
274 type: OS::TripleO::{{role}}::Net::SoftwareConfig
276 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
277 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
278 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
279 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
280 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
281 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
282 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
285 type: OS::TripleO::Network::Ports::NetIpMap
287 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
288 ExternalIp: {get_attr: [ExternalPort, ip_address]}
289 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
290 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
291 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
292 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
293 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
294 StorageIp: {get_attr: [StoragePort, ip_address]}
295 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
296 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
297 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
298 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
299 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
300 TenantIp: {get_attr: [TenantPort, ip_address]}
301 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
302 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
303 ManagementIp: {get_attr: [ManagementPort, ip_address]}
304 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
305 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
308 type: OS::Heat::Value
316 - - {get_attr: [{{role}}, name]}
318 - {get_param: CloudDomain}
322 - - {get_attr: [{{role}}, name]}
328 - - {get_attr: [{{role}}, name]}
330 - {get_param: CloudDomain}
334 - - {get_attr: [{{role}}, name]}
340 - - {get_attr: [{{role}}, name]}
342 - {get_param: CloudDomain}
346 - - {get_attr: [{{role}}, name]}
352 - - {get_attr: [{{role}}, name]}
354 - {get_param: CloudDomain}
358 - - {get_attr: [{{role}}, name]}
364 - - {get_attr: [{{role}}, name]}
366 - {get_param: CloudDomain}
370 - - {get_attr: [{{role}}, name]}
376 - - {get_attr: [{{role}}, name]}
378 - {get_param: CloudDomain}
382 - - {get_attr: [{{role}}, name]}
388 - - {get_attr: [{{role}}, name]}
390 - {get_param: CloudDomain}
394 - - {get_attr: [{{role}}, name]}
398 type: OS::TripleO::{{role}}::PreNetworkConfig
400 server: {get_resource: {{role}}}
401 RoleParameters: {get_param: RoleParameters}
402 deployment_actions: {get_attr: [DeploymentActions, value]}
405 type: OS::TripleO::SoftwareDeployment
406 depends_on: PreNetworkConfig
408 name: NetworkDeployment
409 config: {get_resource: NetworkConfig}
410 server: {get_resource: {{role}}}
411 actions: {get_param: NetworkDeploymentActions}
414 interface_name: {get_param: NeutronPublicInterface}
417 - server_not_blacklisted
418 - {get_param: NetworkDeploymentActions}
421 {{role}}UpgradeInitConfig:
422 type: OS::Heat::SoftwareConfig
428 - - "#!/bin/bash\n\n"
429 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
430 - get_param: UpgradeInitCommand
431 - get_param: UpgradeInitCommonCommand
433 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
434 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
435 {{role}}UpgradeInitDeployment:
436 type: OS::Heat::SoftwareDeployment
437 depends_on: NetworkDeployment
439 name: {{role}}UpgradeInitDeployment
440 server: {get_resource: {{role}}}
441 config: {get_resource: {{role}}UpgradeInitConfig}
444 - server_not_blacklisted
445 - ['CREATE', 'UPDATE']
449 type: OS::Heat::StructuredDeployment
450 depends_on: {{role}}UpgradeInitDeployment
452 name: {{role}}Deployment
453 config: {get_resource: {{role}}Config}
454 server: {get_resource: {{role}}}
456 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
459 - server_not_blacklisted
460 - ['CREATE', 'UPDATE']
464 type: OS::Heat::StructuredConfig
470 - heat_config_%{::deploy_config_name}
472 - {{role.lower()}}_extraconfig
477 - bootstrap_node # provided by allNodesConfig
478 - all_nodes # provided by allNodesConfig
479 - vip_data # provided by allNodesConfig
481 merge_behavior: deeper
484 service_names: {get_param: ServiceNames}
485 sensu::subscriptions: {get_param: MonitoringSubscriptions}
488 - {get_param: ServiceConfigSettings}
489 - values: {get_attr: [NetIpMap, net_ip_map]}
490 {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
491 extraconfig: {get_param: ExtraConfig}
493 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
494 tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
495 tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
496 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
497 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
498 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
499 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
500 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
501 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
502 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
504 # Resource for site-specific injection of root certificate
506 depends_on: {{role}}Deployment
507 type: OS::TripleO::NodeTLSCAData
509 server: {get_resource: {{role}}}
511 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
512 {{role}}ExtraConfigPre:
513 depends_on: {{role}}Deployment
514 type: OS::TripleO::{{role}}ExtraConfigPre
515 # We have to use conditions here so that we don't break backwards
516 # compatibility with templates everywhere
517 condition: server_not_blacklisted
519 server: {get_resource: {{role}}}
521 # Hook for site-specific additional pre-deployment config,
522 # applying to all nodes, e.g node registration/unregistration
524 depends_on: [{{role}}ExtraConfigPre, NodeTLSCAData]
525 type: OS::TripleO::NodeExtraConfig
526 # We have to use conditions here so that we don't break backwards
527 # compatibility with templates everywhere
528 condition: server_not_blacklisted
530 server: {get_resource: {{role}}}
533 type: OS::TripleO::Tasks::PackageUpdate
536 type: OS::Heat::SoftwareDeployment
537 depends_on: NetworkDeployment
539 name: UpdateDeployment
540 config: {get_resource: UpdateConfig}
541 server: {get_resource: {{role}}}
544 get_param: UpdateIdentifier
547 - server_not_blacklisted
548 - ['CREATE', 'UPDATE']
552 type: OS::Heat::Value
556 - server_not_blacklisted
557 - ['CREATE', 'UPDATE']
561 type: OS::TripleO::Ssh::HostPubKey
562 depends_on: {{role}}Deployment
564 server: {get_resource: {{role}}}
565 deployment_actions: {get_attr: [DeploymentActions, value]}
569 description: IP address of the server in the ctlplane network
570 value: {get_attr: [{{role}}, networks, ctlplane, 0]}
572 description: Hostname of the server
573 value: {get_attr: [{{role}}, name]}
575 description: Mapping of network names to hostnames
577 external: {get_attr: [NetHostMap, value, external, fqdn]}
578 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
579 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
580 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
581 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
582 management: {get_attr: [NetHostMap, value, management, fqdn]}
583 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
588 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
589 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
590 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
591 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
592 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
593 TENANTIP TENANTHOST.DOMAIN TENANTHOST
594 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
595 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
597 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
598 DOMAIN: {get_param: CloudDomain}
599 PRIMARYHOST: {get_attr: [{{role}}, name]}
600 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
601 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
602 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
603 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
604 STORAGEIP: {get_attr: [StoragePort, ip_address]}
605 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
606 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
607 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
608 TENANTIP: {get_attr: [TenantPort, ip_address]}
609 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
610 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
611 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
612 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
613 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
615 description: Entry for ssh known hosts
618 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
619 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
620 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
621 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
622 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
623 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
624 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
625 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
627 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
628 DOMAIN: {get_param: CloudDomain}
629 PRIMARYHOST: {get_attr: [{{role}}, name]}
630 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
631 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
632 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
633 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
634 STORAGEIP: {get_attr: [StoragePort, ip_address]}
635 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
636 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
637 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
638 TENANTIP: {get_attr: [TenantPort, ip_address]}
639 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
640 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
641 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
642 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
643 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
644 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
645 nova_server_resource:
646 description: Heat resource handle for {{role}} server
648 {get_resource: {{role}}}
649 condition: server_not_blacklisted
651 description: IP address of the server in the external network
652 value: {get_attr: [ExternalPort, ip_address]}
653 internal_api_ip_address:
654 description: IP address of the server in the internal_api network
655 value: {get_attr: [InternalApiPort, ip_address]}
657 description: IP address of the server in the storage network
658 value: {get_attr: [StoragePort, ip_address]}
659 storage_mgmt_ip_address:
660 description: IP address of the server in the storage_mgmt network
661 value: {get_attr: [StorageMgmtPort, ip_address]}
663 description: IP address of the server in the tenant network
664 value: {get_attr: [TenantPort, ip_address]}
665 management_ip_address:
666 description: IP address of the server in the management network
667 value: {get_attr: [ManagementPort, ip_address]}