1 heat_template_version: pike
2 description: 'OpenStack {{role}} node configured by Puppet'
4 Overcloud{{role}}Flavor:
5 description: Flavor for the {{role}} node.
8 {% if disable_constraints is not defined %}
10 - custom_constraint: nova.flavor
14 default: overcloud-full
15 {% if disable_constraints is not defined %}
17 - custom_constraint: glance.image
20 default: 'REBUILD_PRESERVE_EPHEMERAL'
21 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
24 description: Name of an existing Nova key pair to enable SSH access to the instances
27 {% if disable_constraints is not defined %}
29 - custom_constraint: nova.keypair
31 NeutronPublicInterface:
33 description: What interface to bridge onto br-ex for network nodes.
37 description: Mapping of service_name -> network name. Typically set
38 via parameter_defaults in the resource registry.
42 description: Mapping of service endpoint -> protocol. Typically set
43 via parameter_defaults in the resource registry.
49 Setting to a previously unused value during stack-update will trigger
50 package update on all nodes
53 default: '' # Defaults to Heat created hostname
57 description: Optional mapping to override hostnames
61 Additional hiera configuration to inject into the cluster. Note
62 that {{role}}ExtraConfig takes precedence over ExtraConfig.
67 Role specific additional hiera configuration to inject into the cluster.
72 NetworkDeploymentActions:
73 type: comma_delimited_list
75 Heat action when to apply network configuration changes
77 SoftwareConfigTransport:
78 default: POLL_SERVER_CFN
80 How the server should receive the metadata required for software configuration.
83 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
85 default: 'localdomain'
88 The DNS domain used for the hosts. This should match the dhcp_domain
89 configured in the Undercloud neutron. Defaults to localdomain.
90 {{role}}ServerMetadata:
93 Extra properties or metadata passed to Nova for the created nodes in
94 the overcloud. It's accessible via the Nova metadata API. This option is
95 role-specific and is merged with the values given to the ServerMetadata
101 Extra properties or metadata passed to Nova for the created nodes in
102 the overcloud. It's accessible via the Nova metadata API. This applies to
103 all roles and is merged with a role-specific metadata parameter.
105 {{role}}SchedulerHints:
107 description: Optional scheduler hints to pass to nova
112 ServiceConfigSettings:
116 type: comma_delimited_list
118 MonitoringSubscriptions:
119 type: comma_delimited_list
121 ServiceMetadataSettings:
126 description: Command which will be run whenever configuration data changes
127 default: os-refresh-config --timeout 14400
132 Maximum amount of time to possibly to delay configuation collection
133 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
134 the configuration collection to occur as soon as the collection process
135 starts. This setting is used to prevent the configuration collection
136 processes from polling all at the exact same time.
141 type: comma_delimited_list
146 Command or script snippet to run on all overcloud nodes to
147 initialize the upgrade process. E.g. a repository switch.
149 UpgradeInitCommonCommand:
152 Common commands required by the upgrades process. This should not
153 normally be modified by the operator and is set and unset in the
154 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
157 DeploymentServerBlacklistDict:
161 Map of server hostnames to blacklist from any triggered
162 deployments. If the value is 1, the server will be blacklisted. This
163 parameter is generated from the parent template.
166 description: Role Specific Parameters
170 server_not_blacklisted:
173 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
178 type: OS::TripleO::{{role.name}}Server
181 command: {get_param: ConfigCommand}
182 splay: {get_param: ConfigCollectSplay}
184 image: {get_param: {{role}}Image}
185 image_update_policy: {get_param: ImageUpdatePolicy}
186 flavor: {get_param: Overcloud{{role}}Flavor}
187 key_name: {get_param: KeyName}
190 user_data_format: SOFTWARE_CONFIG
191 user_data: {get_resource: UserData}
194 template: {get_param: Hostname}
195 params: {get_param: HostnameMap}
196 software_config_transport: {get_param: SoftwareConfigTransport}
199 - {get_param: ServerMetadata}
200 - {get_param: {{role}}ServerMetadata}
201 - {get_param: ServiceMetadataSettings}
202 scheduler_hints: {get_param: {{role}}SchedulerHints}
204 # Combine the NodeAdminUserData and NodeUserData mime archives
206 type: OS::Heat::MultipartMime
209 - config: {get_resource: NodeAdminUserData}
211 - config: {get_resource: NodeUserData}
213 - config: {get_resource: RoleUserData}
216 # Creates the "heat-admin" user if configured via the environment
217 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
219 type: OS::TripleO::NodeAdminUserData
221 # For optional operator additional userdata
222 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
224 type: OS::TripleO::NodeUserData
226 # For optional operator role-specific userdata
227 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
229 type: OS::TripleO::{{role}}::NodeUserData
232 type: OS::TripleO::{{role}}::Ports::ExternalPort
234 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
235 IPPool: {get_param: {{role}}IPs}
236 NodeIndex: {get_param: NodeIndex}
239 type: OS::TripleO::{{role}}::Ports::InternalApiPort
241 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
242 IPPool: {get_param: {{role}}IPs}
243 NodeIndex: {get_param: NodeIndex}
246 type: OS::TripleO::{{role}}::Ports::StoragePort
248 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
249 IPPool: {get_param: {{role}}IPs}
250 NodeIndex: {get_param: NodeIndex}
253 type: OS::TripleO::{{role}}::Ports::StorageMgmtPort
255 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
256 IPPool: {get_param: {{role}}IPs}
257 NodeIndex: {get_param: NodeIndex}
260 type: OS::TripleO::{{role}}::Ports::TenantPort
262 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
263 IPPool: {get_param: {{role}}IPs}
264 NodeIndex: {get_param: NodeIndex}
267 type: OS::TripleO::{{role}}::Ports::ManagementPort
269 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
270 IPPool: {get_param: {{role}}IPs}
271 NodeIndex: {get_param: NodeIndex}
274 type: OS::TripleO::{{role}}::Net::SoftwareConfig
276 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
277 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
278 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
279 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
280 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
281 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
282 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
285 type: OS::TripleO::Network::Ports::NetIpMap
287 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
288 ExternalIp: {get_attr: [ExternalPort, ip_address]}
289 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
290 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
291 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
292 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
293 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
294 StorageIp: {get_attr: [StoragePort, ip_address]}
295 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
296 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
297 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
298 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
299 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
300 TenantIp: {get_attr: [TenantPort, ip_address]}
301 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
302 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
303 ManagementIp: {get_attr: [ManagementPort, ip_address]}
304 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
305 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
308 type: OS::Heat::Value
316 - - {get_attr: [{{role}}, name]}
318 - {get_param: CloudDomain}
322 - - {get_attr: [{{role}}, name]}
328 - - {get_attr: [{{role}}, name]}
330 - {get_param: CloudDomain}
334 - - {get_attr: [{{role}}, name]}
340 - - {get_attr: [{{role}}, name]}
342 - {get_param: CloudDomain}
346 - - {get_attr: [{{role}}, name]}
352 - - {get_attr: [{{role}}, name]}
354 - {get_param: CloudDomain}
358 - - {get_attr: [{{role}}, name]}
364 - - {get_attr: [{{role}}, name]}
366 - {get_param: CloudDomain}
370 - - {get_attr: [{{role}}, name]}
376 - - {get_attr: [{{role}}, name]}
378 - {get_param: CloudDomain}
382 - - {get_attr: [{{role}}, name]}
388 - - {get_attr: [{{role}}, name]}
390 - {get_param: CloudDomain}
394 - - {get_attr: [{{role}}, name]}
398 type: OS::TripleO::{{role}}::PreNetworkConfig
400 server: {get_resource: {{role}}}
401 RoleParameters: {get_param: RoleParameters}
404 type: OS::TripleO::SoftwareDeployment
405 depends_on: PreNetworkConfig
407 name: NetworkDeployment
408 config: {get_resource: NetworkConfig}
409 server: {get_resource: {{role}}}
410 actions: {get_param: NetworkDeploymentActions}
413 interface_name: {get_param: NeutronPublicInterface}
416 - server_not_blacklisted
417 - {get_param: NetworkDeploymentActions}
420 {{role}}UpgradeInitConfig:
421 type: OS::Heat::SoftwareConfig
427 - - "#!/bin/bash\n\n"
428 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
429 - get_param: UpgradeInitCommand
430 - get_param: UpgradeInitCommonCommand
432 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
433 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
434 {{role}}UpgradeInitDeployment:
435 type: OS::Heat::SoftwareDeployment
436 depends_on: NetworkDeployment
438 name: {{role}}UpgradeInitDeployment
439 server: {get_resource: {{role}}}
440 config: {get_resource: {{role}}UpgradeInitConfig}
443 - server_not_blacklisted
444 - ['CREATE', 'UPDATE']
448 type: OS::Heat::StructuredDeployment
449 depends_on: {{role}}UpgradeInitDeployment
451 name: {{role}}Deployment
452 config: {get_resource: {{role}}Config}
453 server: {get_resource: {{role}}}
455 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
458 - server_not_blacklisted
459 - ['CREATE', 'UPDATE']
463 type: OS::Heat::StructuredConfig
469 - heat_config_%{::deploy_config_name}
471 - {{role.lower()}}_extraconfig
476 - bootstrap_node # provided by allNodesConfig
477 - all_nodes # provided by allNodesConfig
478 - vip_data # provided by allNodesConfig
480 merge_behavior: deeper
483 service_names: {get_param: ServiceNames}
484 sensu::subscriptions: {get_param: MonitoringSubscriptions}
487 - {get_param: ServiceConfigSettings}
488 - values: {get_attr: [NetIpMap, net_ip_map]}
489 {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
490 extraconfig: {get_param: ExtraConfig}
492 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
493 tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
494 tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
495 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
496 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
497 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
498 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
499 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
500 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
502 # Resource for site-specific injection of root certificate
504 depends_on: {{role}}Deployment
505 type: OS::TripleO::NodeTLSCAData
507 server: {get_resource: {{role}}}
509 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
510 {{role}}ExtraConfigPre:
511 depends_on: {{role}}Deployment
512 type: OS::TripleO::{{role}}ExtraConfigPre
514 server: {get_resource: {{role}}}
516 # Hook for site-specific additional pre-deployment config,
517 # applying to all nodes, e.g node registration/unregistration
519 depends_on: [{{role}}ExtraConfigPre, NodeTLSCAData]
520 type: OS::TripleO::NodeExtraConfig
522 server: {get_resource: {{role}}}
525 type: OS::TripleO::Tasks::PackageUpdate
528 type: OS::Heat::SoftwareDeployment
529 depends_on: NetworkDeployment
531 name: UpdateDeployment
532 config: {get_resource: UpdateConfig}
533 server: {get_resource: {{role}}}
536 get_param: UpdateIdentifier
539 - server_not_blacklisted
540 - ['CREATE', 'UPDATE']
544 type: OS::TripleO::Ssh::HostPubKey
545 depends_on: {{role}}Deployment
547 server: {get_resource: {{role}}}
551 description: IP address of the server in the ctlplane network
552 value: {get_attr: [{{role}}, networks, ctlplane, 0]}
554 description: Hostname of the server
555 value: {get_attr: [{{role}}, name]}
557 description: Mapping of network names to hostnames
559 external: {get_attr: [NetHostMap, value, external, fqdn]}
560 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
561 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
562 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
563 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
564 management: {get_attr: [NetHostMap, value, management, fqdn]}
565 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
570 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
571 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
572 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
573 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
574 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
575 TENANTIP TENANTHOST.DOMAIN TENANTHOST
576 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
577 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
579 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
580 DOMAIN: {get_param: CloudDomain}
581 PRIMARYHOST: {get_attr: [{{role}}, name]}
582 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
583 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
584 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
585 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
586 STORAGEIP: {get_attr: [StoragePort, ip_address]}
587 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
588 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
589 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
590 TENANTIP: {get_attr: [TenantPort, ip_address]}
591 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
592 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
593 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
594 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
595 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
597 description: Entry for ssh known hosts
600 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
601 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
602 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
603 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
604 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
605 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
606 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
607 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
609 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
610 DOMAIN: {get_param: CloudDomain}
611 PRIMARYHOST: {get_attr: [{{role}}, name]}
612 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
613 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
614 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
615 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
616 STORAGEIP: {get_attr: [StoragePort, ip_address]}
617 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
618 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
619 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
620 TENANTIP: {get_attr: [TenantPort, ip_address]}
621 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
622 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
623 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
624 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
625 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
626 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
627 nova_server_resource:
628 description: Heat resource handle for {{role}} server
630 {get_resource: {{role}}}
631 condition: server_not_blacklisted
633 description: IP address of the server in the external network
634 value: {get_attr: [ExternalPort, ip_address]}
635 internal_api_ip_address:
636 description: IP address of the server in the internal_api network
637 value: {get_attr: [InternalApiPort, ip_address]}
639 description: IP address of the server in the storage network
640 value: {get_attr: [StoragePort, ip_address]}
641 storage_mgmt_ip_address:
642 description: IP address of the server in the storage_mgmt network
643 value: {get_attr: [StorageMgmtPort, ip_address]}
645 description: IP address of the server in the tenant network
646 value: {get_attr: [TenantPort, ip_address]}
647 management_ip_address:
648 description: IP address of the server in the management network
649 value: {get_attr: [ManagementPort, ip_address]}