1 {#- ## Some variables are set to enable rendering backwards compatible templates #}
2 {#- ## where a few parameter/resource names don't match the expected pattern #}
3 {#- ## FIXME: we need some way to deprecate the old inconsistent parameters #}
4 {%- set server_resource_name = role.deprecated_server_resource_name|default(role.name) -%}
5 heat_template_version: pike
6 description: 'OpenStack {{role.name}} node configured by Puppet'
8 {%- set default_flavor_name = 'baremetal' %}
9 {%- if role.deprecated_param_flavor is defined %}
10 {{role.deprecated_param_flavor}}:
11 description: DEPRECATED Use Overcloud{{role.name}}Flavor instead.
12 default: {{default_flavor_name}}
15 Overcloud{{role.name}}Flavor:
16 description: Flavor for the {{role.name}} node.
17 default: {{default_flavor_name}}
19 {%- if role.disable_constraints is not defined %}
21 - custom_constraint: nova.flavor
23 {%- set default_image_name = 'overcloud-full' %}
24 {%- if role.deprecated_param_image is defined %}
25 {{role.deprecated_param_image}}:
27 default: {{default_image_name}}
28 description: DEPRECATED Use {{role.name}}Image instead
32 default: {{default_image_name}}
33 description: The disk image file to use for the role.
34 {%- if role.disable_constraints is not defined %}
36 - custom_constraint: glance.image
39 default: 'REBUILD_PRESERVE_EPHEMERAL'
40 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
43 description: Name of an existing Nova key pair to enable SSH access to the instances
46 {%- if role.disable_constraints is not defined %}
48 - custom_constraint: nova.keypair
50 NeutronPhysicalBridge:
52 description: An OVS bridge to create for accessing external networks.
54 NeutronPublicInterface:
56 description: Which interface to add to the NeutronPhysicalBridge.
60 description: Mapping of service_name -> network name. Typically set
61 via parameter_defaults in the resource registry.
65 description: Mapping of service endpoint -> protocol. Typically set
66 via parameter_defaults in the resource registry.
72 Setting to a previously unused value during stack-update will trigger
73 package update on all nodes
76 default: '' # Defaults to Heat created hostname
80 description: Optional mapping to override hostnames
84 Additional hiera configuration to inject into the cluster. Note
85 that {{role.name}}ExtraConfig takes precedence over ExtraConfig.
87 {{role.name}}ExtraConfig:
90 Role specific additional hiera configuration to inject into the cluster.
92 {%- if role.deprecated_param_extraconfig is defined %}
93 {{role.deprecated_param_extraconfig}}:
96 DEPRECATED use {{role.name}}ExtraConfig instead
102 {%- if role.deprecated_param_ips is defined %}
103 {{role.deprecated_param_ips}}:
105 description: DEPRECATED - use {{role.name}}IPs instead
108 NetworkDeploymentActions:
109 type: comma_delimited_list
111 Heat action when to apply network configuration changes
113 SoftwareConfigTransport:
114 default: POLL_SERVER_CFN
116 How the server should receive the metadata required for software configuration.
119 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
121 default: 'localdomain'
124 The DNS domain used for the hosts. This must match the
125 overcloud_domain_name configured on the undercloud.
126 {{role.name}}ServerMetadata:
129 Extra properties or metadata passed to Nova for the created nodes in
130 the overcloud. It's accessible via the Nova metadata API. This option is
131 role-specific and is merged with the values given to the ServerMetadata
137 Extra properties or metadata passed to Nova for the created nodes in
138 the overcloud. It's accessible via the Nova metadata API. This applies to
139 all roles and is merged with a role-specific metadata parameter.
141 {{role.name}}SchedulerHints:
143 description: Optional scheduler hints to pass to nova
148 ServiceConfigSettings:
152 type: comma_delimited_list
154 MonitoringSubscriptions:
155 type: comma_delimited_list
157 ServiceMetadataSettings:
162 description: Command which will be run whenever configuration data changes
163 default: os-refresh-config --timeout 14400
168 Maximum amount of time to possibly to delay configuation collection
169 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
170 the configuration collection to occur as soon as the collection process
171 starts. This setting is used to prevent the configuration collection
172 processes from polling all at the exact same time.
177 type: comma_delimited_list
182 Command or script snippet to run on all overcloud nodes to
183 initialize the upgrade process. E.g. a repository switch.
185 UpgradeInitCommonCommand:
188 Common commands required by the upgrades process. This should not
189 normally be modified by the operator and is set and unset in the
190 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
193 DeploymentServerBlacklistDict:
197 Map of server hostnames to blacklist from any triggered
198 deployments. If the value is 1, the server will be blacklisted. This
199 parameter is generated from the parent template.
202 description: Parameters specific to the role
204 DeploymentSwiftDataMap:
207 Map of servers to Swift container and object for storing deployment data.
208 The keys are the Heat assigned hostnames, and the value is a map of the
209 container/object name in Swift. Example value:
210 overcloud-controller-0:
211 container: overcloud-controller
213 overcloud-controller-1:
214 container: overcloud-controller
216 overcloud-controller-2:
217 container: overcloud-controller
219 overcloud-novacompute-0:
220 container: overcloud-compute
224 {% if role.uses_deprecated_params is defined %}
227 description: Do not use deprecated params, they will be removed.
229 {%- for property in role %}
230 {%- if property.startswith('deprecated_param_') %}
237 server_not_blacklisted:
240 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
242 deployment_swift_data_map_unset:
245 - DeploymentSwiftDataMap
246 - {get_param: Hostname}
249 {%- if role.deprecated_param_image is defined %}
250 deprecated_param_image_set:
253 - {get_param: {{role.deprecated_param_image}}}
254 - {{default_image_name}}
256 {%- if role.deprecated_param_flavor is defined %}
257 deprecated_param_flavor_set:
260 - {get_param: {{role.deprecated_param_flavor}}}
261 - {{default_flavor_name}}
265 {{server_resource_name}}:
266 type: OS::TripleO::{{role.name}}Server
269 command: {get_param: ConfigCommand}
270 splay: {get_param: ConfigCollectSplay}
273 {%- if role.deprecated_param_image is defined %}
275 - deprecated_param_image_set
276 - {get_param: {{role.deprecated_param_image}}}
277 - {get_param: {{role.name}}Image}
279 get_param: {{role.name}}Image
281 image_update_policy: {get_param: ImageUpdatePolicy}
283 {%- if role.deprecated_param_flavor is defined %}
285 - deprecated_param_flavor_set
286 - {get_param: {{role.deprecated_param_flavor}}}
287 - {get_param: Overcloud{{role.name}}Flavor}
289 get_param: Overcloud{{role.name}}Flavor
291 key_name: {get_param: KeyName}
294 user_data_format: SOFTWARE_CONFIG
295 user_data: {get_resource: UserData}
298 template: {get_param: Hostname}
299 params: {get_param: HostnameMap}
300 software_config_transport: {get_param: SoftwareConfigTransport}
303 - {get_param: ServerMetadata}
304 - {get_param: {{role.name}}ServerMetadata}
305 - {get_param: ServiceMetadataSettings}
306 scheduler_hints: {get_param: {{role.name}}SchedulerHints}
307 deployment_swift_data:
309 - deployment_swift_data_map_unset
311 - {get_param: [DeploymentSwiftDataMap,
312 {get_param: Hostname}]}
314 # Combine the NodeAdminUserData and NodeUserData mime archives
316 type: OS::Heat::MultipartMime
319 - config: {get_resource: NodeAdminUserData}
321 - config: {get_resource: NodeUserData}
323 - config: {get_resource: RoleUserData}
326 # Creates the "heat-admin" user if configured via the environment
327 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
329 type: OS::TripleO::NodeAdminUserData
331 # For optional operator additional userdata
332 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
334 type: OS::TripleO::NodeUserData
336 # For optional operator role-specific userdata
337 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
339 type: OS::TripleO::{{role.name}}::NodeUserData
341 {%- for network in networks %}
342 {{network.name}}Port:
343 type: OS::TripleO::{{role.name}}::Ports::{{network.name}}Port
345 ControlPlaneIP: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
346 IPPool: {get_param: {{server_resource_name}}IPs}
347 NodeIndex: {get_param: NodeIndex}
351 type: OS::TripleO::{{role.name}}::Net::SoftwareConfig
353 ControlPlaneIp: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
354 {%- for network in networks %}
355 {{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]}
359 type: OS::TripleO::Network::Ports::NetIpMap
361 ControlPlaneIp: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
362 {%- for network in networks %}
363 {{network.name}}Ip: {get_attr: [{{network.name}}Port, ip_address]}
364 {{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]}
365 {{network.name}}IpUri: {get_attr: [{{network.name}}Port, ip_address_uri]}
369 type: OS::Heat::Value
377 - - {get_attr: [{{server_resource_name}}, name]}
379 - {get_param: CloudDomain}
383 - - {get_attr: [{{server_resource_name}}, name]}
389 - - {get_attr: [{{server_resource_name}}, name]}
391 - {get_param: CloudDomain}
395 - - {get_attr: [{{server_resource_name}}, name]}
401 - - {get_attr: [{{server_resource_name}}, name]}
403 - {get_param: CloudDomain}
407 - - {get_attr: [{{server_resource_name}}, name]}
413 - - {get_attr: [{{server_resource_name}}, name]}
415 - {get_param: CloudDomain}
419 - - {get_attr: [{{server_resource_name}}, name]}
425 - - {get_attr: [{{server_resource_name}}, name]}
427 - {get_param: CloudDomain}
431 - - {get_attr: [{{server_resource_name}}, name]}
437 - - {get_attr: [{{server_resource_name}}, name]}
439 - {get_param: CloudDomain}
443 - - {get_attr: [{{server_resource_name}}, name]}
449 - - {get_attr: [{{server_resource_name}}, name]}
451 - {get_param: CloudDomain}
455 - - {get_attr: [{{server_resource_name}}, name]}
459 type: OS::TripleO::{{role.name}}::PreNetworkConfig
461 server: {get_resource: {{server_resource_name}}}
462 RoleParameters: {get_param: RoleParameters}
463 ServiceNames: {get_param: ServiceNames}
464 deployment_actions: {get_attr: [DeploymentActions, value]}
467 type: OS::TripleO::SoftwareDeployment
468 depends_on: PreNetworkConfig
470 name: NetworkDeployment
471 config: {get_resource: NetworkConfig}
472 server: {get_resource: {{server_resource_name}}}
473 actions: {get_param: NetworkDeploymentActions}
475 bridge_name: {get_param: NeutronPhysicalBridge}
476 interface_name: {get_param: NeutronPublicInterface}
479 - server_not_blacklisted
480 - {get_param: NetworkDeploymentActions}
483 {{server_resource_name}}UpgradeInitConfig:
484 type: OS::Heat::SoftwareConfig
490 - - "#!/bin/bash\n\n"
491 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
492 - get_param: UpgradeInitCommand
493 - get_param: UpgradeInitCommonCommand
495 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
496 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
497 {{server_resource_name}}UpgradeInitDeployment:
498 type: OS::Heat::SoftwareDeployment
499 depends_on: NetworkDeployment
501 name: {{server_resource_name}}UpgradeInitDeployment
502 server: {get_resource: {{server_resource_name}}}
503 config: {get_resource: {{server_resource_name}}UpgradeInitConfig}
506 - server_not_blacklisted
507 - ['CREATE', 'UPDATE']
510 {{server_resource_name}}Deployment:
511 type: OS::Heat::StructuredDeployment
512 depends_on: {{server_resource_name}}UpgradeInitDeployment
514 name: {{server_resource_name}}Deployment
515 config: {get_resource: {{server_resource_name}}Config}
516 server: {get_resource: {{server_resource_name}}}
518 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
521 - server_not_blacklisted
522 - ['CREATE', 'UPDATE']
525 {{server_resource_name}}Config:
526 type: OS::Heat::StructuredConfig
532 - heat_config_%{::deploy_config_name}
534 - {{role.name.lower()}}_extraconfig
538 - {{role.name.lower()}}
539 - bootstrap_node # provided by allNodesConfig
540 - all_nodes # provided by allNodesConfig
541 - vip_data # provided by allNodesConfig
543 # The following are required for compatibility with the Controller role
544 # where some vendor integrations added hieradata via ExtraConfigPre
545 - neutron_bigswitch_data # Optionally provided by Controller/ComputeExtraConfigPre
546 - neutron_cisco_data # Optionally provided by Controller/ComputeExtraConfigPre
547 - cisco_n1kv_data # Optionally provided by Controller/ComputeExtraConfigPre
548 - midonet_data #Optionally provided by AllNodesExtraConfig
549 - cisco_aci_data # Optionally provided by Controller/ComputeExtraConfigPre
550 merge_behavior: deeper
553 service_names: {get_param: ServiceNames}
554 sensu::subscriptions: {get_param: MonitoringSubscriptions}
557 - {get_param: ServiceConfigSettings}
558 - values: {get_attr: [NetIpMap, net_ip_map]}
559 {{role.name.lower()}}_extraconfig:
561 {%- if role.deprecated_param_extraconfig is defined %}
562 - {get_param: {{role.deprecated_param_extraconfig}}}
564 - {get_param: {{server_resource_name}}ExtraConfig}
565 extraconfig: {get_param: ExtraConfig}
566 {{role.name.lower()}}:
567 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
568 tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
569 tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
570 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
571 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
572 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
573 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
574 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
575 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
576 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
578 # Resource for site-specific injection of root certificate
580 depends_on: NetworkDeployment
581 type: OS::TripleO::NodeTLSCAData
583 server: {get_resource: {{server_resource_name}}}
585 {%- if 'primary' in role.tags and 'controller' in role.tags %}
586 # Resource for site-specific passing of private keys/certificates
588 depends_on: NodeTLSCAData
589 type: OS::TripleO::NodeTLSData
591 server: {get_resource: {{server_resource_name}}}
592 NodeIndex: {get_param: NodeIndex}
595 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
596 {{role.name}}ExtraConfigPre:
597 depends_on: {{server_resource_name}}Deployment
598 type: OS::TripleO::{{role.name}}ExtraConfigPre
599 # We have to use conditions here so that we don't break backwards
600 # compatibility with templates everywhere
601 condition: server_not_blacklisted
603 server: {get_resource: {{server_resource_name}}}
605 # Hook for site-specific additional pre-deployment config,
606 # applying to all nodes, e.g node registration/unregistration
609 - {{role.name}}ExtraConfigPre
610 {%- if 'primary' in role.tags and 'controller' in role.tags %}
615 type: OS::TripleO::NodeExtraConfig
616 # We have to use conditions here so that we don't break backwards
617 # compatibility with templates everywhere
618 condition: server_not_blacklisted
620 server: {get_resource: {{server_resource_name}}}
623 type: OS::TripleO::Tasks::PackageUpdate
626 type: OS::Heat::SoftwareDeployment
627 depends_on: NetworkDeployment
629 name: UpdateDeployment
630 config: {get_resource: UpdateConfig}
631 server: {get_resource: {{server_resource_name}}}
634 get_param: UpdateIdentifier
637 - server_not_blacklisted
638 - ['CREATE', 'UPDATE']
642 type: OS::Heat::Value
646 - server_not_blacklisted
647 - ['CREATE', 'UPDATE']
651 type: OS::TripleO::Ssh::HostPubKey
652 depends_on: {{server_resource_name}}Deployment
654 server: {get_resource: {{server_resource_name}}}
655 deployment_actions: {get_attr: [DeploymentActions, value]}
659 description: IP address of the server in the ctlplane network
660 value: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
662 description: Hostname of the server
663 value: {get_attr: [{{server_resource_name}}, name]}
665 description: Mapping of network names to hostnames
667 {%- for network in networks %}
668 {{network.name_lower|default(network.name.lower())}}: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower()) }}, fqdn]}
670 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
675 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
676 {%- for network in networks %}
677 {{network.name}}IP {{network.name}}HOST.DOMAIN {{network.name}}HOST
679 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
681 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
682 DOMAIN: {get_param: CloudDomain}
683 PRIMARYHOST: {get_attr: [{{server_resource_name}}, name]}
684 {%- for network in networks %}
685 {{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]}
686 {{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]}
688 CTLPLANEIP: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
689 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
691 description: Entry for ssh known hosts
694 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
695 {%- for network in networks %}
696 {{network.name}}IP,{{network.name}}HOST.DOMAIN,{{network.name}}HOST,\
698 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
700 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
701 DOMAIN: {get_param: CloudDomain}
702 PRIMARYHOST: {get_attr: [{{server_resource_name}}, name]}
703 {%- for network in networks %}
704 {{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]}
705 {{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]}
707 CTLPLANEIP: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
708 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
709 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
710 nova_server_resource:
711 description: Heat resource handle for {{role.name}} server
713 {get_resource: {{server_resource_name}}}
714 condition: server_not_blacklisted
715 deployed_server_port_map:
717 Map of Heat created hostname of the server to ip address. This is the
718 hostname before it has been mapped with the HostnameMap parameter, and
719 the IP address from the ctlplane network. This map can be used to construct
720 the DeployedServerPortMap parameter when using split-stack.
725 - ip_address: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
730 - - {get_param: Hostname}
732 deployed_server_deployment_swift_data_map:
734 Map of Heat created hostname of the server to the Swift container and object
735 used to created the temporary url for metadata polling with
743 - {get_attr: [{{server_resource_name}}, os_collect_config, request, metadata_url]}
750 - {get_attr: [{{server_resource_name}}, os_collect_config, request, metadata_url]}
753 - keys: {hostname: {get_param: Hostname}}
754 {%- if 'primary' in role.tags and 'controller' in role.tags %}
756 description: MD5 checksum of the TLS Key Modulus
757 value: {get_attr: [NodeTLSData, key_modulus_md5]}
758 tls_cert_modulus_md5:
759 description: MD5 checksum of the TLS Certificate Modulus
760 value: {get_attr: [NodeTLSData, cert_modulus_md5]}
763 description: The os-collect-config configuration associated with this server resource
764 value: {get_attr: [{{server_resource_name}}, os_collect_config]}
765 {%- for network in networks %}
766 {{network.name_lower|default(network.name.lower())}}_ip_address:
767 description: IP address of the server in the {{network.name}} network
768 value: {get_attr: [{{network.name}}Port, ip_address]}