1 heat_template_version: pike
2 description: 'OpenStack {{role}} node configured by Puppet'
4 Overcloud{{role}}Flavor:
5 description: Flavor for the {{role}} node.
8 {% if disable_constraints is not defined %}
10 - custom_constraint: nova.flavor
14 default: overcloud-full
15 {% if disable_constraints is not defined %}
17 - custom_constraint: glance.image
20 default: 'REBUILD_PRESERVE_EPHEMERAL'
21 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
24 description: Name of an existing Nova key pair to enable SSH access to the instances
27 {% if disable_constraints is not defined %}
29 - custom_constraint: nova.keypair
31 NeutronPhysicalBridge:
33 description: An OVS bridge to create for accessing tenant networks.
35 NeutronPublicInterface:
37 description: Which interface to add to the NeutronPhysicalBridge.
41 description: Mapping of service_name -> network name. Typically set
42 via parameter_defaults in the resource registry.
46 description: Mapping of service endpoint -> protocol. Typically set
47 via parameter_defaults in the resource registry.
53 Setting to a previously unused value during stack-update will trigger
54 package update on all nodes
57 default: '' # Defaults to Heat created hostname
61 description: Optional mapping to override hostnames
65 Additional hiera configuration to inject into the cluster. Note
66 that {{role}}ExtraConfig takes precedence over ExtraConfig.
71 Role specific additional hiera configuration to inject into the cluster.
76 NetworkDeploymentActions:
77 type: comma_delimited_list
79 Heat action when to apply network configuration changes
81 SoftwareConfigTransport:
82 default: POLL_SERVER_CFN
84 How the server should receive the metadata required for software configuration.
87 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
89 default: 'localdomain'
92 The DNS domain used for the hosts. This must match the
93 overcloud_domain_name configured on the undercloud.
94 {{role}}ServerMetadata:
97 Extra properties or metadata passed to Nova for the created nodes in
98 the overcloud. It's accessible via the Nova metadata API. This option is
99 role-specific and is merged with the values given to the ServerMetadata
105 Extra properties or metadata passed to Nova for the created nodes in
106 the overcloud. It's accessible via the Nova metadata API. This applies to
107 all roles and is merged with a role-specific metadata parameter.
109 {{role}}SchedulerHints:
111 description: Optional scheduler hints to pass to nova
116 ServiceConfigSettings:
120 type: comma_delimited_list
122 MonitoringSubscriptions:
123 type: comma_delimited_list
125 ServiceMetadataSettings:
130 description: Command which will be run whenever configuration data changes
131 default: os-refresh-config --timeout 14400
136 Maximum amount of time to possibly to delay configuation collection
137 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
138 the configuration collection to occur as soon as the collection process
139 starts. This setting is used to prevent the configuration collection
140 processes from polling all at the exact same time.
145 type: comma_delimited_list
150 Command or script snippet to run on all overcloud nodes to
151 initialize the upgrade process. E.g. a repository switch.
153 UpgradeInitCommonCommand:
156 Common commands required by the upgrades process. This should not
157 normally be modified by the operator and is set and unset in the
158 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
161 DeploymentServerBlacklistDict:
165 Map of server hostnames to blacklist from any triggered
166 deployments. If the value is 1, the server will be blacklisted. This
167 parameter is generated from the parent template.
170 description: Role Specific Parameters
171 DeploymentSwiftDataMap:
174 Map of servers to Swift container and object for storing deployment data.
175 The keys are the Heat assigned hostnames, and the value is a map of the
176 container/object name in Swift. Example value:
177 overcloud-controller-0:
178 container: overcloud-controller
180 overcloud-controller-1:
181 container: overcloud-controller
183 overcloud-controller-2:
184 container: overcloud-controller
186 overcloud-novacompute-0:
187 container: overcloud-compute
192 server_not_blacklisted:
195 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
197 deployment_swift_data_map_unset:
200 - DeploymentSwiftDataMap
201 - {get_param: Hostname}
206 type: OS::TripleO::{{role}}Server
209 command: {get_param: ConfigCommand}
210 splay: {get_param: ConfigCollectSplay}
212 image: {get_param: {{role}}Image}
213 image_update_policy: {get_param: ImageUpdatePolicy}
214 flavor: {get_param: Overcloud{{role}}Flavor}
215 key_name: {get_param: KeyName}
218 user_data_format: SOFTWARE_CONFIG
219 user_data: {get_resource: UserData}
222 template: {get_param: Hostname}
223 params: {get_param: HostnameMap}
224 software_config_transport: {get_param: SoftwareConfigTransport}
227 - {get_param: ServerMetadata}
228 - {get_param: {{role}}ServerMetadata}
229 - {get_param: ServiceMetadataSettings}
230 scheduler_hints: {get_param: {{role}}SchedulerHints}
231 deployment_swift_data:
233 - deployment_swift_data_map_unset
235 - {get_param: [DeploymentSwiftDataMap,
236 {get_param: Hostname}]}
238 # Combine the NodeAdminUserData and NodeUserData mime archives
240 type: OS::Heat::MultipartMime
243 - config: {get_resource: NodeAdminUserData}
245 - config: {get_resource: NodeUserData}
247 - config: {get_resource: RoleUserData}
250 # Creates the "heat-admin" user if configured via the environment
251 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
253 type: OS::TripleO::NodeAdminUserData
255 # For optional operator additional userdata
256 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
258 type: OS::TripleO::NodeUserData
260 # For optional operator role-specific userdata
261 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
263 type: OS::TripleO::{{role}}::NodeUserData
266 type: OS::TripleO::{{role}}::Ports::ExternalPort
268 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
269 IPPool: {get_param: {{role}}IPs}
270 NodeIndex: {get_param: NodeIndex}
273 type: OS::TripleO::{{role}}::Ports::InternalApiPort
275 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
276 IPPool: {get_param: {{role}}IPs}
277 NodeIndex: {get_param: NodeIndex}
280 type: OS::TripleO::{{role}}::Ports::StoragePort
282 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
283 IPPool: {get_param: {{role}}IPs}
284 NodeIndex: {get_param: NodeIndex}
287 type: OS::TripleO::{{role}}::Ports::StorageMgmtPort
289 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
290 IPPool: {get_param: {{role}}IPs}
291 NodeIndex: {get_param: NodeIndex}
294 type: OS::TripleO::{{role}}::Ports::TenantPort
296 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
297 IPPool: {get_param: {{role}}IPs}
298 NodeIndex: {get_param: NodeIndex}
301 type: OS::TripleO::{{role}}::Ports::ManagementPort
303 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
304 IPPool: {get_param: {{role}}IPs}
305 NodeIndex: {get_param: NodeIndex}
308 type: OS::TripleO::{{role}}::Net::SoftwareConfig
310 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
311 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
312 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
313 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
314 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
315 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
316 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
319 type: OS::TripleO::Network::Ports::NetIpMap
321 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
322 ExternalIp: {get_attr: [ExternalPort, ip_address]}
323 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
324 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
325 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
326 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
327 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
328 StorageIp: {get_attr: [StoragePort, ip_address]}
329 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
330 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
331 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
332 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
333 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
334 TenantIp: {get_attr: [TenantPort, ip_address]}
335 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
336 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
337 ManagementIp: {get_attr: [ManagementPort, ip_address]}
338 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
339 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
342 type: OS::Heat::Value
350 - - {get_attr: [{{role}}, name]}
352 - {get_param: CloudDomain}
356 - - {get_attr: [{{role}}, name]}
362 - - {get_attr: [{{role}}, name]}
364 - {get_param: CloudDomain}
368 - - {get_attr: [{{role}}, name]}
374 - - {get_attr: [{{role}}, name]}
376 - {get_param: CloudDomain}
380 - - {get_attr: [{{role}}, name]}
386 - - {get_attr: [{{role}}, name]}
388 - {get_param: CloudDomain}
392 - - {get_attr: [{{role}}, name]}
398 - - {get_attr: [{{role}}, name]}
400 - {get_param: CloudDomain}
404 - - {get_attr: [{{role}}, name]}
410 - - {get_attr: [{{role}}, name]}
412 - {get_param: CloudDomain}
416 - - {get_attr: [{{role}}, name]}
422 - - {get_attr: [{{role}}, name]}
424 - {get_param: CloudDomain}
428 - - {get_attr: [{{role}}, name]}
432 type: OS::TripleO::{{role}}::PreNetworkConfig
434 server: {get_resource: {{role}}}
435 RoleParameters: {get_param: RoleParameters}
436 ServiceNames: {get_param: ServiceNames}
439 type: OS::TripleO::SoftwareDeployment
440 depends_on: PreNetworkConfig
442 name: NetworkDeployment
443 config: {get_resource: NetworkConfig}
444 server: {get_resource: {{role}}}
445 actions: {get_param: NetworkDeploymentActions}
447 bridge_name: {get_param: NeutronPhysicalBridge}
448 interface_name: {get_param: NeutronPublicInterface}
451 - server_not_blacklisted
452 - {get_param: NetworkDeploymentActions}
455 {{role}}UpgradeInitConfig:
456 type: OS::Heat::SoftwareConfig
462 - - "#!/bin/bash\n\n"
463 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
464 - get_param: UpgradeInitCommand
465 - get_param: UpgradeInitCommonCommand
467 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
468 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
469 {{role}}UpgradeInitDeployment:
470 type: OS::Heat::SoftwareDeployment
471 depends_on: NetworkDeployment
473 name: {{role}}UpgradeInitDeployment
474 server: {get_resource: {{role}}}
475 config: {get_resource: {{role}}UpgradeInitConfig}
478 - server_not_blacklisted
479 - ['CREATE', 'UPDATE']
483 type: OS::Heat::StructuredDeployment
484 depends_on: {{role}}UpgradeInitDeployment
486 name: {{role}}Deployment
487 config: {get_resource: {{role}}Config}
488 server: {get_resource: {{role}}}
490 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
493 - server_not_blacklisted
494 - ['CREATE', 'UPDATE']
498 type: OS::Heat::StructuredConfig
504 - heat_config_%{::deploy_config_name}
506 - {{role.lower()}}_extraconfig
511 - bootstrap_node # provided by allNodesConfig
512 - all_nodes # provided by allNodesConfig
513 - vip_data # provided by allNodesConfig
515 merge_behavior: deeper
518 service_names: {get_param: ServiceNames}
519 sensu::subscriptions: {get_param: MonitoringSubscriptions}
522 - {get_param: ServiceConfigSettings}
523 - values: {get_attr: [NetIpMap, net_ip_map]}
524 {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
525 extraconfig: {get_param: ExtraConfig}
527 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
528 tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
529 tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
530 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
531 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
532 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
533 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
534 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
535 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
536 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
538 # Resource for site-specific injection of root certificate
540 depends_on: {{role}}Deployment
541 type: OS::TripleO::NodeTLSCAData
543 server: {get_resource: {{role}}}
545 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
546 {{role}}ExtraConfigPre:
547 depends_on: {{role}}Deployment
548 type: OS::TripleO::{{role}}ExtraConfigPre
550 server: {get_resource: {{role}}}
552 # Hook for site-specific additional pre-deployment config,
553 # applying to all nodes, e.g node registration/unregistration
555 depends_on: [{{role}}ExtraConfigPre, NodeTLSCAData]
556 type: OS::TripleO::NodeExtraConfig
558 server: {get_resource: {{role}}}
561 type: OS::TripleO::Tasks::PackageUpdate
564 type: OS::Heat::SoftwareDeployment
565 depends_on: NetworkDeployment
567 name: UpdateDeployment
568 config: {get_resource: UpdateConfig}
569 server: {get_resource: {{role}}}
572 get_param: UpdateIdentifier
575 - server_not_blacklisted
576 - ['CREATE', 'UPDATE']
580 type: OS::TripleO::Ssh::HostPubKey
581 depends_on: {{role}}Deployment
583 server: {get_resource: {{role}}}
587 description: IP address of the server in the ctlplane network
588 value: {get_attr: [{{role}}, networks, ctlplane, 0]}
590 description: Hostname of the server
591 value: {get_attr: [{{role}}, name]}
593 description: Mapping of network names to hostnames
595 external: {get_attr: [NetHostMap, value, external, fqdn]}
596 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
597 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
598 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
599 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
600 management: {get_attr: [NetHostMap, value, management, fqdn]}
601 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
606 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
607 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
608 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
609 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
610 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
611 TENANTIP TENANTHOST.DOMAIN TENANTHOST
612 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
613 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
615 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
616 DOMAIN: {get_param: CloudDomain}
617 PRIMARYHOST: {get_attr: [{{role}}, name]}
618 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
619 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
620 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
621 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
622 STORAGEIP: {get_attr: [StoragePort, ip_address]}
623 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
624 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
625 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
626 TENANTIP: {get_attr: [TenantPort, ip_address]}
627 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
628 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
629 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
630 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
631 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
633 description: Entry for ssh known hosts
636 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
637 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
638 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
639 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
640 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
641 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
642 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
643 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
645 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
646 DOMAIN: {get_param: CloudDomain}
647 PRIMARYHOST: {get_attr: [{{role}}, name]}
648 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
649 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
650 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
651 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
652 STORAGEIP: {get_attr: [StoragePort, ip_address]}
653 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
654 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
655 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
656 TENANTIP: {get_attr: [TenantPort, ip_address]}
657 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
658 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
659 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
660 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
661 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
662 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
663 nova_server_resource:
664 description: Heat resource handle for {{role}} server
666 {get_resource: {{role}}}
667 condition: server_not_blacklisted
669 description: IP address of the server in the external network
670 value: {get_attr: [ExternalPort, ip_address]}
671 internal_api_ip_address:
672 description: IP address of the server in the internal_api network
673 value: {get_attr: [InternalApiPort, ip_address]}
675 description: IP address of the server in the storage network
676 value: {get_attr: [StoragePort, ip_address]}
677 storage_mgmt_ip_address:
678 description: IP address of the server in the storage_mgmt network
679 value: {get_attr: [StorageMgmtPort, ip_address]}
681 description: IP address of the server in the tenant network
682 value: {get_attr: [TenantPort, ip_address]}
683 management_ip_address:
684 description: IP address of the server in the management network
685 value: {get_attr: [ManagementPort, ip_address]}
687 description: The os-collect-config configuration associated with this server resource
688 value: {get_attr: [{{role}}, os_collect_config]}