1 {# ## Some variables are set to enable rendering backwards compatible templates #}
2 {# ## where a few parameter/resource names don't match the expected pattern #}
3 {# ## FIXME: we need some way to deprecate the old inconsistent parameters #}
4 {%- if role.name == 'Controller' -%}
5 {%- set deprecated_extraconfig_param = 'controllerExtraConfig' -%}
7 heat_template_version: pike
8 description: 'OpenStack {{role.name}} node configured by Puppet'
10 Overcloud{{role.name}}Flavor:
11 description: Flavor for the {{role.name}} node.
14 {% if role.disable_constraints is not defined %}
16 - custom_constraint: nova.flavor
20 default: overcloud-full
21 {% if role.disable_constraints is not defined %}
23 - custom_constraint: glance.image
26 default: 'REBUILD_PRESERVE_EPHEMERAL'
27 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
30 description: Name of an existing Nova key pair to enable SSH access to the instances
33 {% if role.disable_constraints is not defined %}
35 - custom_constraint: nova.keypair
37 NeutronPhysicalBridge:
39 description: An OVS bridge to create for accessing tenant networks.
41 NeutronPublicInterface:
43 description: Which interface to add to the NeutronPhysicalBridge.
47 description: Mapping of service_name -> network name. Typically set
48 via parameter_defaults in the resource registry.
52 description: Mapping of service endpoint -> protocol. Typically set
53 via parameter_defaults in the resource registry.
59 Setting to a previously unused value during stack-update will trigger
60 package update on all nodes
63 default: '' # Defaults to Heat created hostname
67 description: Optional mapping to override hostnames
71 Additional hiera configuration to inject into the cluster. Note
72 that {{role.name}}ExtraConfig takes precedence over ExtraConfig.
74 {{role.name}}ExtraConfig:
77 Role specific additional hiera configuration to inject into the cluster.
79 {%- if deprecated_extraconfig_param is defined %}
80 {{deprecated_extraconfig_param}}:
83 DEPRECATED use {{role.name}}ExtraConfig instead
89 NetworkDeploymentActions:
90 type: comma_delimited_list
92 Heat action when to apply network configuration changes
94 SoftwareConfigTransport:
95 default: POLL_SERVER_CFN
97 How the server should receive the metadata required for software configuration.
100 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
102 default: 'localdomain'
105 The DNS domain used for the hosts. This must match the
106 overcloud_domain_name configured on the undercloud.
107 {{role.name}}ServerMetadata:
110 Extra properties or metadata passed to Nova for the created nodes in
111 the overcloud. It's accessible via the Nova metadata API. This option is
112 role-specific and is merged with the values given to the ServerMetadata
118 Extra properties or metadata passed to Nova for the created nodes in
119 the overcloud. It's accessible via the Nova metadata API. This applies to
120 all roles and is merged with a role-specific metadata parameter.
122 {{role.name}}SchedulerHints:
124 description: Optional scheduler hints to pass to nova
129 ServiceConfigSettings:
133 type: comma_delimited_list
135 MonitoringSubscriptions:
136 type: comma_delimited_list
138 ServiceMetadataSettings:
143 description: Command which will be run whenever configuration data changes
144 default: os-refresh-config --timeout 14400
149 Maximum amount of time to possibly to delay configuation collection
150 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
151 the configuration collection to occur as soon as the collection process
152 starts. This setting is used to prevent the configuration collection
153 processes from polling all at the exact same time.
158 type: comma_delimited_list
163 Command or script snippet to run on all overcloud nodes to
164 initialize the upgrade process. E.g. a repository switch.
166 UpgradeInitCommonCommand:
169 Common commands required by the upgrades process. This should not
170 normally be modified by the operator and is set and unset in the
171 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
174 DeploymentServerBlacklistDict:
178 Map of server hostnames to blacklist from any triggered
179 deployments. If the value is 1, the server will be blacklisted. This
180 parameter is generated from the parent template.
183 description: Role Specific Parameters
185 DeploymentSwiftDataMap:
188 Map of servers to Swift container and object for storing deployment data.
189 The keys are the Heat assigned hostnames, and the value is a map of the
190 container/object name in Swift. Example value:
191 overcloud-controller-0:
192 container: overcloud-controller
194 overcloud-controller-1:
195 container: overcloud-controller
197 overcloud-controller-2:
198 container: overcloud-controller
200 overcloud-novacompute-0:
201 container: overcloud-compute
205 {% if deprecated_extraconfig_param is defined %}
208 description: Do not use deprecated params, they will be removed.
210 - {{deprecated_extraconfig_param}}
214 server_not_blacklisted:
217 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
219 deployment_swift_data_map_unset:
222 - DeploymentSwiftDataMap
223 - {get_param: Hostname}
228 type: OS::TripleO::{{role.name}}Server
231 command: {get_param: ConfigCommand}
232 splay: {get_param: ConfigCollectSplay}
234 image: {get_param: {{role.name}}Image}
235 image_update_policy: {get_param: ImageUpdatePolicy}
236 flavor: {get_param: Overcloud{{role.name}}Flavor}
237 key_name: {get_param: KeyName}
240 user_data_format: SOFTWARE_CONFIG
241 user_data: {get_resource: UserData}
244 template: {get_param: Hostname}
245 params: {get_param: HostnameMap}
246 software_config_transport: {get_param: SoftwareConfigTransport}
249 - {get_param: ServerMetadata}
250 - {get_param: {{role.name}}ServerMetadata}
251 - {get_param: ServiceMetadataSettings}
252 scheduler_hints: {get_param: {{role.name}}SchedulerHints}
253 deployment_swift_data:
255 - deployment_swift_data_map_unset
257 - {get_param: [DeploymentSwiftDataMap,
258 {get_param: Hostname}]}
260 # Combine the NodeAdminUserData and NodeUserData mime archives
262 type: OS::Heat::MultipartMime
265 - config: {get_resource: NodeAdminUserData}
267 - config: {get_resource: NodeUserData}
269 - config: {get_resource: RoleUserData}
272 # Creates the "heat-admin" user if configured via the environment
273 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
275 type: OS::TripleO::NodeAdminUserData
277 # For optional operator additional userdata
278 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
280 type: OS::TripleO::NodeUserData
282 # For optional operator role-specific userdata
283 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
285 type: OS::TripleO::{{role.name}}::NodeUserData
287 {%- for network in networks %}
288 {{network.name}}Port:
289 type: OS::TripleO::{{role.name}}::Ports::{{network.name}}Port
291 ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
292 IPPool: {get_param: {{role.name}}IPs}
293 NodeIndex: {get_param: NodeIndex}
297 type: OS::TripleO::{{role.name}}::Net::SoftwareConfig
299 ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
300 {%- for network in networks %}
301 {{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]}
305 type: OS::TripleO::Network::Ports::NetIpMap
307 ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
308 {%- for network in networks %}
309 {{network.name}}Ip: {get_attr: [{{network.name}}Port, ip_address]}
310 {{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]}
311 {{network.name}}IpUri: {get_attr: [{{network.name}}Port, ip_address_uri]}
315 type: OS::Heat::Value
323 - - {get_attr: [{{role.name}}, name]}
325 - {get_param: CloudDomain}
329 - - {get_attr: [{{role.name}}, name]}
335 - - {get_attr: [{{role.name}}, name]}
337 - {get_param: CloudDomain}
341 - - {get_attr: [{{role.name}}, name]}
347 - - {get_attr: [{{role.name}}, name]}
349 - {get_param: CloudDomain}
353 - - {get_attr: [{{role.name}}, name]}
359 - - {get_attr: [{{role.name}}, name]}
361 - {get_param: CloudDomain}
365 - - {get_attr: [{{role.name}}, name]}
371 - - {get_attr: [{{role.name}}, name]}
373 - {get_param: CloudDomain}
377 - - {get_attr: [{{role.name}}, name]}
383 - - {get_attr: [{{role.name}}, name]}
385 - {get_param: CloudDomain}
389 - - {get_attr: [{{role.name}}, name]}
395 - - {get_attr: [{{role.name}}, name]}
397 - {get_param: CloudDomain}
401 - - {get_attr: [{{role.name}}, name]}
405 type: OS::TripleO::{{role.name}}::PreNetworkConfig
407 server: {get_resource: {{role.name}}}
408 RoleParameters: {get_param: RoleParameters}
409 ServiceNames: {get_param: ServiceNames}
410 deployment_actions: {get_attr: [DeploymentActions, value]}
413 type: OS::TripleO::SoftwareDeployment
414 depends_on: PreNetworkConfig
416 name: NetworkDeployment
417 config: {get_resource: NetworkConfig}
418 server: {get_resource: {{role.name}}}
419 actions: {get_param: NetworkDeploymentActions}
421 bridge_name: {get_param: NeutronPhysicalBridge}
422 interface_name: {get_param: NeutronPublicInterface}
425 - server_not_blacklisted
426 - {get_param: NetworkDeploymentActions}
429 {{role.name}}UpgradeInitConfig:
430 type: OS::Heat::SoftwareConfig
436 - - "#!/bin/bash\n\n"
437 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
438 - get_param: UpgradeInitCommand
439 - get_param: UpgradeInitCommonCommand
441 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
442 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
443 {{role.name}}UpgradeInitDeployment:
444 type: OS::Heat::SoftwareDeployment
445 depends_on: NetworkDeployment
447 name: {{role.name}}UpgradeInitDeployment
448 server: {get_resource: {{role.name}}}
449 config: {get_resource: {{role.name}}UpgradeInitConfig}
452 - server_not_blacklisted
453 - ['CREATE', 'UPDATE']
456 {{role.name}}Deployment:
457 type: OS::Heat::StructuredDeployment
458 depends_on: {{role.name}}UpgradeInitDeployment
460 name: {{role.name}}Deployment
461 config: {get_resource: {{role.name}}Config}
462 server: {get_resource: {{role.name}}}
464 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
467 - server_not_blacklisted
468 - ['CREATE', 'UPDATE']
472 type: OS::Heat::StructuredConfig
478 - heat_config_%{::deploy_config_name}
480 - {{role.name.lower()}}_extraconfig
484 - {{role.name.lower()}}
485 - bootstrap_node # provided by allNodesConfig
486 - all_nodes # provided by allNodesConfig
487 - vip_data # provided by allNodesConfig
489 merge_behavior: deeper
492 service_names: {get_param: ServiceNames}
493 sensu::subscriptions: {get_param: MonitoringSubscriptions}
496 - {get_param: ServiceConfigSettings}
497 - values: {get_attr: [NetIpMap, net_ip_map]}
498 {{role.name.lower()}}_extraconfig:
500 {%- if deprecated_extraconfig_param is defined %}
501 - {get_param: {{deprecated_extraconfig_param}}}
503 - {get_param: {{role.name}}ExtraConfig}
504 extraconfig: {get_param: ExtraConfig}
505 {{role.name.lower()}}:
506 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
507 tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
508 tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
509 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
510 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
511 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
512 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
513 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
514 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
515 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
517 # Resource for site-specific injection of root certificate
519 depends_on: {{role.name}}Deployment
520 type: OS::TripleO::NodeTLSCAData
522 server: {get_resource: {{role.name}}}
524 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
525 {{role.name}}ExtraConfigPre:
526 depends_on: {{role.name}}Deployment
527 type: OS::TripleO::{{role.name}}ExtraConfigPre
528 # We have to use conditions here so that we don't break backwards
529 # compatibility with templates everywhere
530 condition: server_not_blacklisted
532 server: {get_resource: {{role.name}}}
534 # Hook for site-specific additional pre-deployment config,
535 # applying to all nodes, e.g node registration/unregistration
537 depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData]
538 type: OS::TripleO::NodeExtraConfig
539 # We have to use conditions here so that we don't break backwards
540 # compatibility with templates everywhere
541 condition: server_not_blacklisted
543 server: {get_resource: {{role.name}}}
546 type: OS::TripleO::Tasks::PackageUpdate
549 type: OS::Heat::SoftwareDeployment
550 depends_on: NetworkDeployment
552 name: UpdateDeployment
553 config: {get_resource: UpdateConfig}
554 server: {get_resource: {{role.name}}}
557 get_param: UpdateIdentifier
560 - server_not_blacklisted
561 - ['CREATE', 'UPDATE']
565 type: OS::Heat::Value
569 - server_not_blacklisted
570 - ['CREATE', 'UPDATE']
574 type: OS::TripleO::Ssh::HostPubKey
575 depends_on: {{role.name}}Deployment
577 server: {get_resource: {{role.name}}}
578 deployment_actions: {get_attr: [DeploymentActions, value]}
582 description: IP address of the server in the ctlplane network
583 value: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
585 description: Hostname of the server
586 value: {get_attr: [{{role.name}}, name]}
588 description: Mapping of network names to hostnames
590 {%- for network in networks %}
591 {{network.name_lower|default(network.name.lower())}}: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower()) }}, fqdn]}
593 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
598 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
599 {%- for network in networks %}
600 {{network.name}}IP {{network.name}}HOST.DOMAIN {{network.name}}HOST
602 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
604 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
605 DOMAIN: {get_param: CloudDomain}
606 PRIMARYHOST: {get_attr: [{{role.name}}, name]}
607 {%- for network in networks %}
608 {{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]}
609 {{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]}
611 CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
612 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
614 description: Entry for ssh known hosts
617 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
618 {%- for network in networks %}
619 {{network.name}}IP,{{network.name}}HOST.DOMAIN,{{network.name}}HOST,\
621 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
623 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
624 DOMAIN: {get_param: CloudDomain}
625 PRIMARYHOST: {get_attr: [{{role.name}}, name]}
626 {%- for network in networks %}
627 {{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]}
628 {{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]}
630 CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
631 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
632 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
633 nova_server_resource:
634 description: Heat resource handle for {{role.name}} server
636 {get_resource: {{role.name}}}
637 condition: server_not_blacklisted
638 deployed_server_port_map:
640 Map of Heat created hostname of the server to ip address. This is the
641 hostname before it has been mapped with the HostnameMap parameter, and
642 the IP address from the ctlplane network. This map can be used to construct
643 the DeployedServerPortMap parameter when using split-stack.
648 - ip_address: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
653 - - {get_param: Hostname}
655 deployed_server_deployment_swift_data_map:
657 Map of Heat created hostname of the server to the Swift container and object
658 used to created the temporary url for metadata polling with
666 - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]}
673 - {get_attr: [{{role.name}}, os_collect_config, request, metadata_url]}
676 - keys: {hostname: {get_param: Hostname}}
678 description: The os-collect-config configuration associated with this server resource
679 value: {get_attr: [{{role.name}}, os_collect_config]}
680 {%- for network in networks %}
681 {{network.name_lower|default(network.name.lower())}}_ip_address:
682 description: IP address of the server in the {{network.name}} network
683 value: {get_attr: [{{network.name}}Port, ip_address]}