1 heat_template_version: pike
2 description: 'OpenStack {{role}} node configured by Puppet'
4 Overcloud{{role}}Flavor:
5 description: Flavor for the {{role}} node.
8 {% if disable_constraints is not defined %}
10 - custom_constraint: nova.flavor
14 default: overcloud-full
15 {% if disable_constraints is not defined %}
17 - custom_constraint: glance.image
20 default: 'REBUILD_PRESERVE_EPHEMERAL'
21 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
24 description: Name of an existing Nova key pair to enable SSH access to the instances
27 {% if disable_constraints is not defined %}
29 - custom_constraint: nova.keypair
31 NeutronPublicInterface:
33 description: What interface to bridge onto br-ex for network nodes.
37 description: Mapping of service_name -> network name. Typically set
38 via parameter_defaults in the resource registry.
42 description: Mapping of service endpoint -> protocol. Typically set
43 via parameter_defaults in the resource registry.
49 Setting to a previously unused value during stack-update will trigger
50 package update on all nodes
53 default: '' # Defaults to Heat created hostname
57 description: Optional mapping to override hostnames
61 Additional hiera configuration to inject into the cluster. Note
62 that {{role}}ExtraConfig takes precedence over ExtraConfig.
67 Role specific additional hiera configuration to inject into the cluster.
72 NetworkDeploymentActions:
73 type: comma_delimited_list
75 Heat action when to apply network configuration changes
77 SoftwareConfigTransport:
78 default: POLL_SERVER_CFN
80 How the server should receive the metadata required for software configuration.
83 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
85 default: 'localdomain'
88 The DNS domain used for the hosts. This should match the dhcp_domain
89 configured in the Undercloud neutron. Defaults to localdomain.
90 {{role}}ServerMetadata:
93 Extra properties or metadata passed to Nova for the created nodes in
94 the overcloud. It's accessible via the Nova metadata API. This option is
95 role-specific and is merged with the values given to the ServerMetadata
101 Extra properties or metadata passed to Nova for the created nodes in
102 the overcloud. It's accessible via the Nova metadata API. This applies to
103 all roles and is merged with a role-specific metadata parameter.
105 {{role}}SchedulerHints:
107 description: Optional scheduler hints to pass to nova
112 ServiceConfigSettings:
116 type: comma_delimited_list
118 MonitoringSubscriptions:
119 type: comma_delimited_list
121 ServiceMetadataSettings:
126 description: Command which will be run whenever configuration data changes
127 default: os-refresh-config --timeout 14400
132 Maximum amount of time to possibly to delay configuation collection
133 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
134 the configuration collection to occur as soon as the collection process
135 starts. This setting is used to prevent the configuration collection
136 processes from polling all at the exact same time.
141 type: comma_delimited_list
146 Command or script snippet to run on all overcloud nodes to
147 initialize the upgrade process. E.g. a repository switch.
149 UpgradeInitCommonCommand:
152 Common commands required by the upgrades process. This should not
153 normally be modified by the operator and is set and unset in the
154 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
157 DeploymentServerBlacklistDict:
161 Map of server hostnames to blacklist from any triggered
162 deployments. If the value is 1, the server will be blacklisted. This
163 parameter is generated from the parent template.
166 server_not_blacklisted:
169 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
174 type: OS::TripleO::{{role.name}}Server
177 command: {get_param: ConfigCommand}
178 splay: {get_param: ConfigCollectSplay}
180 image: {get_param: {{role}}Image}
181 image_update_policy: {get_param: ImageUpdatePolicy}
182 flavor: {get_param: Overcloud{{role}}Flavor}
183 key_name: {get_param: KeyName}
186 user_data_format: SOFTWARE_CONFIG
187 user_data: {get_resource: UserData}
190 template: {get_param: Hostname}
191 params: {get_param: HostnameMap}
192 software_config_transport: {get_param: SoftwareConfigTransport}
195 - {get_param: ServerMetadata}
196 - {get_param: {{role}}ServerMetadata}
197 - {get_param: ServiceMetadataSettings}
198 scheduler_hints: {get_param: {{role}}SchedulerHints}
200 # Combine the NodeAdminUserData and NodeUserData mime archives
202 type: OS::Heat::MultipartMime
205 - config: {get_resource: NodeAdminUserData}
207 - config: {get_resource: NodeUserData}
209 - config: {get_resource: RoleUserData}
212 # Creates the "heat-admin" user if configured via the environment
213 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
215 type: OS::TripleO::NodeAdminUserData
217 # For optional operator additional userdata
218 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
220 type: OS::TripleO::NodeUserData
222 # For optional operator role-specific userdata
223 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
225 type: OS::TripleO::{{role}}::NodeUserData
228 type: OS::TripleO::{{role}}::Ports::ExternalPort
230 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
231 IPPool: {get_param: {{role}}IPs}
232 NodeIndex: {get_param: NodeIndex}
235 type: OS::TripleO::{{role}}::Ports::InternalApiPort
237 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
238 IPPool: {get_param: {{role}}IPs}
239 NodeIndex: {get_param: NodeIndex}
242 type: OS::TripleO::{{role}}::Ports::StoragePort
244 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
245 IPPool: {get_param: {{role}}IPs}
246 NodeIndex: {get_param: NodeIndex}
249 type: OS::TripleO::{{role}}::Ports::StorageMgmtPort
251 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
252 IPPool: {get_param: {{role}}IPs}
253 NodeIndex: {get_param: NodeIndex}
256 type: OS::TripleO::{{role}}::Ports::TenantPort
258 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
259 IPPool: {get_param: {{role}}IPs}
260 NodeIndex: {get_param: NodeIndex}
263 type: OS::TripleO::{{role}}::Ports::ManagementPort
265 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
266 IPPool: {get_param: {{role}}IPs}
267 NodeIndex: {get_param: NodeIndex}
270 type: OS::TripleO::{{role}}::Net::SoftwareConfig
272 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
273 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
274 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
275 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
276 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
277 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
278 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
281 type: OS::TripleO::Network::Ports::NetIpMap
283 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
284 ExternalIp: {get_attr: [ExternalPort, ip_address]}
285 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
286 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
287 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
288 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
289 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
290 StorageIp: {get_attr: [StoragePort, ip_address]}
291 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
292 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
293 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
294 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
295 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
296 TenantIp: {get_attr: [TenantPort, ip_address]}
297 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
298 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
299 ManagementIp: {get_attr: [ManagementPort, ip_address]}
300 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
301 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
304 type: OS::Heat::Value
312 - - {get_attr: [{{role}}, name]}
314 - {get_param: CloudDomain}
318 - - {get_attr: [{{role}}, name]}
324 - - {get_attr: [{{role}}, name]}
326 - {get_param: CloudDomain}
330 - - {get_attr: [{{role}}, name]}
336 - - {get_attr: [{{role}}, name]}
338 - {get_param: CloudDomain}
342 - - {get_attr: [{{role}}, name]}
348 - - {get_attr: [{{role}}, name]}
350 - {get_param: CloudDomain}
354 - - {get_attr: [{{role}}, name]}
360 - - {get_attr: [{{role}}, name]}
362 - {get_param: CloudDomain}
366 - - {get_attr: [{{role}}, name]}
372 - - {get_attr: [{{role}}, name]}
374 - {get_param: CloudDomain}
378 - - {get_attr: [{{role}}, name]}
384 - - {get_attr: [{{role}}, name]}
386 - {get_param: CloudDomain}
390 - - {get_attr: [{{role}}, name]}
394 type: OS::TripleO::{{role}}::PreNetworkConfig
396 server: {get_resource: {{role}}}
399 type: OS::TripleO::SoftwareDeployment
400 depends_on: PreNetworkConfig
402 name: NetworkDeployment
403 config: {get_resource: NetworkConfig}
404 server: {get_resource: {{role}}}
405 actions: {get_param: NetworkDeploymentActions}
408 interface_name: {get_param: NeutronPublicInterface}
411 - server_not_blacklisted
412 - {get_param: NetworkDeploymentActions}
415 {{role}}UpgradeInitConfig:
416 type: OS::Heat::SoftwareConfig
422 - - "#!/bin/bash\n\n"
423 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
424 - get_param: UpgradeInitCommand
425 - get_param: UpgradeInitCommonCommand
427 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
428 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
429 {{role}}UpgradeInitDeployment:
430 type: OS::Heat::SoftwareDeployment
431 depends_on: NetworkDeployment
433 name: {{role}}UpgradeInitDeployment
434 server: {get_resource: {{role}}}
435 config: {get_resource: {{role}}UpgradeInitConfig}
438 - server_not_blacklisted
439 - ['CREATE', 'UPDATE']
443 type: OS::Heat::StructuredDeployment
444 depends_on: {{role}}UpgradeInitDeployment
446 name: {{role}}Deployment
447 config: {get_resource: {{role}}Config}
448 server: {get_resource: {{role}}}
450 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
453 - server_not_blacklisted
454 - ['CREATE', 'UPDATE']
458 type: OS::Heat::StructuredConfig
464 - heat_config_%{::deploy_config_name}
466 - {{role.lower()}}_extraconfig
471 - bootstrap_node # provided by allNodesConfig
472 - all_nodes # provided by allNodesConfig
473 - vip_data # provided by allNodesConfig
475 merge_behavior: deeper
478 service_names: {get_param: ServiceNames}
479 sensu::subscriptions: {get_param: MonitoringSubscriptions}
482 - {get_param: ServiceConfigSettings}
483 - values: {get_attr: [NetIpMap, net_ip_map]}
484 {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
485 extraconfig: {get_param: ExtraConfig}
487 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
488 tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
489 tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
490 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
491 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
492 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
493 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
494 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
495 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
497 # Resource for site-specific injection of root certificate
499 depends_on: {{role}}Deployment
500 type: OS::TripleO::NodeTLSCAData
502 server: {get_resource: {{role}}}
504 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
505 {{role}}ExtraConfigPre:
506 depends_on: {{role}}Deployment
507 type: OS::TripleO::{{role}}ExtraConfigPre
509 server: {get_resource: {{role}}}
511 # Hook for site-specific additional pre-deployment config,
512 # applying to all nodes, e.g node registration/unregistration
514 depends_on: [{{role}}ExtraConfigPre, NodeTLSCAData]
515 type: OS::TripleO::NodeExtraConfig
517 server: {get_resource: {{role}}}
520 type: OS::TripleO::Tasks::PackageUpdate
523 type: OS::Heat::SoftwareDeployment
524 depends_on: NetworkDeployment
526 name: UpdateDeployment
527 config: {get_resource: UpdateConfig}
528 server: {get_resource: {{role}}}
531 get_param: UpdateIdentifier
534 - server_not_blacklisted
535 - ['CREATE', 'UPDATE']
539 type: OS::TripleO::Ssh::HostPubKey
540 depends_on: {{role}}Deployment
542 server: {get_resource: {{role}}}
546 description: IP address of the server in the ctlplane network
547 value: {get_attr: [{{role}}, networks, ctlplane, 0]}
549 description: Hostname of the server
550 value: {get_attr: [{{role}}, name]}
552 description: Mapping of network names to hostnames
554 external: {get_attr: [NetHostMap, value, external, fqdn]}
555 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
556 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
557 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
558 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
559 management: {get_attr: [NetHostMap, value, management, fqdn]}
560 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
565 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
566 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
567 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
568 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
569 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
570 TENANTIP TENANTHOST.DOMAIN TENANTHOST
571 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
572 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
574 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
575 DOMAIN: {get_param: CloudDomain}
576 PRIMARYHOST: {get_attr: [{{role}}, name]}
577 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
578 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
579 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
580 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
581 STORAGEIP: {get_attr: [StoragePort, ip_address]}
582 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
583 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
584 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
585 TENANTIP: {get_attr: [TenantPort, ip_address]}
586 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
587 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
588 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
589 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
590 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
592 description: Entry for ssh known hosts
595 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
596 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
597 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
598 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
599 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
600 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
601 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
602 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
604 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
605 DOMAIN: {get_param: CloudDomain}
606 PRIMARYHOST: {get_attr: [{{role}}, name]}
607 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
608 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
609 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
610 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
611 STORAGEIP: {get_attr: [StoragePort, ip_address]}
612 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
613 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
614 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
615 TENANTIP: {get_attr: [TenantPort, ip_address]}
616 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
617 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
618 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
619 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
620 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
621 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
622 nova_server_resource:
623 description: Heat resource handle for {{role}} server
625 {get_resource: {{role}}}
626 condition: server_not_blacklisted
628 description: IP address of the server in the external network
629 value: {get_attr: [ExternalPort, ip_address]}
630 internal_api_ip_address:
631 description: IP address of the server in the internal_api network
632 value: {get_attr: [InternalApiPort, ip_address]}
634 description: IP address of the server in the storage network
635 value: {get_attr: [StoragePort, ip_address]}
636 storage_mgmt_ip_address:
637 description: IP address of the server in the storage_mgmt network
638 value: {get_attr: [StorageMgmtPort, ip_address]}
640 description: IP address of the server in the tenant network
641 value: {get_attr: [TenantPort, ip_address]}
642 management_ip_address:
643 description: IP address of the server in the management network
644 value: {get_attr: [ManagementPort, ip_address]}