1 heat_template_version: pike
2 description: 'OpenStack {{role}} node configured by Puppet'
4 Overcloud{{role}}Flavor:
5 description: Flavor for the {{role}} node.
8 {% if disable_constraints is not defined %}
10 - custom_constraint: nova.flavor
14 default: overcloud-full
15 {% if disable_constraints is not defined %}
17 - custom_constraint: glance.image
20 default: 'REBUILD_PRESERVE_EPHEMERAL'
21 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
24 description: Name of an existing Nova key pair to enable SSH access to the instances
27 {% if disable_constraints is not defined %}
29 - custom_constraint: nova.keypair
31 NeutronPhysicalBridge:
33 description: An OVS bridge to create for accessing tenant networks.
35 NeutronPublicInterface:
37 description: Which interface to add to the NeutronPhysicalBridge.
41 description: Mapping of service_name -> network name. Typically set
42 via parameter_defaults in the resource registry.
46 description: Mapping of service endpoint -> protocol. Typically set
47 via parameter_defaults in the resource registry.
53 Setting to a previously unused value during stack-update will trigger
54 package update on all nodes
57 default: '' # Defaults to Heat created hostname
61 description: Optional mapping to override hostnames
65 Additional hiera configuration to inject into the cluster. Note
66 that {{role}}ExtraConfig takes precedence over ExtraConfig.
71 Role specific additional hiera configuration to inject into the cluster.
76 NetworkDeploymentActions:
77 type: comma_delimited_list
79 Heat action when to apply network configuration changes
81 SoftwareConfigTransport:
82 default: POLL_SERVER_CFN
84 How the server should receive the metadata required for software configuration.
87 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
89 default: 'localdomain'
92 The DNS domain used for the hosts. This must match the
93 overcloud_domain_name configured on the undercloud.
94 {{role}}ServerMetadata:
97 Extra properties or metadata passed to Nova for the created nodes in
98 the overcloud. It's accessible via the Nova metadata API. This option is
99 role-specific and is merged with the values given to the ServerMetadata
105 Extra properties or metadata passed to Nova for the created nodes in
106 the overcloud. It's accessible via the Nova metadata API. This applies to
107 all roles and is merged with a role-specific metadata parameter.
109 {{role}}SchedulerHints:
111 description: Optional scheduler hints to pass to nova
116 ServiceConfigSettings:
120 type: comma_delimited_list
122 MonitoringSubscriptions:
123 type: comma_delimited_list
125 ServiceMetadataSettings:
130 description: Command which will be run whenever configuration data changes
131 default: os-refresh-config --timeout 14400
136 Maximum amount of time to possibly to delay configuation collection
137 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
138 the configuration collection to occur as soon as the collection process
139 starts. This setting is used to prevent the configuration collection
140 processes from polling all at the exact same time.
145 type: comma_delimited_list
150 Command or script snippet to run on all overcloud nodes to
151 initialize the upgrade process. E.g. a repository switch.
153 UpgradeInitCommonCommand:
156 Common commands required by the upgrades process. This should not
157 normally be modified by the operator and is set and unset in the
158 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
161 DeploymentServerBlacklistDict:
165 Map of server hostnames to blacklist from any triggered
166 deployments. If the value is 1, the server will be blacklisted. This
167 parameter is generated from the parent template.
170 description: Role Specific Parameters
171 DeploymentSwiftDataMap:
174 Map of servers to Swift container and object for storing deployment data.
175 The keys are the Heat assigned hostnames, and the value is a map of the
176 container/object name in Swift. Example value:
177 overcloud-controller-0:
178 container: overcloud-controller
180 overcloud-controller-1:
181 container: overcloud-controller
183 overcloud-controller-2:
184 container: overcloud-controller
186 overcloud-novacompute-0:
187 container: overcloud-compute
192 server_not_blacklisted:
195 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
197 deployment_swift_data_map_unset:
200 - DeploymentSwiftDataMap
201 - {get_param: Hostname}
206 type: OS::TripleO::{{role}}Server
209 command: {get_param: ConfigCommand}
210 splay: {get_param: ConfigCollectSplay}
212 image: {get_param: {{role}}Image}
213 image_update_policy: {get_param: ImageUpdatePolicy}
214 flavor: {get_param: Overcloud{{role}}Flavor}
215 key_name: {get_param: KeyName}
218 user_data_format: SOFTWARE_CONFIG
219 user_data: {get_resource: UserData}
222 template: {get_param: Hostname}
223 params: {get_param: HostnameMap}
224 software_config_transport: {get_param: SoftwareConfigTransport}
227 - {get_param: ServerMetadata}
228 - {get_param: {{role}}ServerMetadata}
229 - {get_param: ServiceMetadataSettings}
230 scheduler_hints: {get_param: {{role}}SchedulerHints}
231 deployment_swift_data:
233 - deployment_swift_data_map_unset
235 - {get_param: [DeploymentSwiftDataMap,
236 {get_param: Hostname}]}
238 # Combine the NodeAdminUserData and NodeUserData mime archives
240 type: OS::Heat::MultipartMime
243 - config: {get_resource: NodeAdminUserData}
245 - config: {get_resource: NodeUserData}
247 - config: {get_resource: RoleUserData}
250 # Creates the "heat-admin" user if configured via the environment
251 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
253 type: OS::TripleO::NodeAdminUserData
255 # For optional operator additional userdata
256 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
258 type: OS::TripleO::NodeUserData
260 # For optional operator role-specific userdata
261 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
263 type: OS::TripleO::{{role}}::NodeUserData
266 type: OS::TripleO::{{role}}::Ports::ExternalPort
268 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
269 IPPool: {get_param: {{role}}IPs}
270 NodeIndex: {get_param: NodeIndex}
273 type: OS::TripleO::{{role}}::Ports::InternalApiPort
275 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
276 IPPool: {get_param: {{role}}IPs}
277 NodeIndex: {get_param: NodeIndex}
280 type: OS::TripleO::{{role}}::Ports::StoragePort
282 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
283 IPPool: {get_param: {{role}}IPs}
284 NodeIndex: {get_param: NodeIndex}
287 type: OS::TripleO::{{role}}::Ports::StorageMgmtPort
289 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
290 IPPool: {get_param: {{role}}IPs}
291 NodeIndex: {get_param: NodeIndex}
294 type: OS::TripleO::{{role}}::Ports::TenantPort
296 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
297 IPPool: {get_param: {{role}}IPs}
298 NodeIndex: {get_param: NodeIndex}
301 type: OS::TripleO::{{role}}::Ports::ManagementPort
303 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
304 IPPool: {get_param: {{role}}IPs}
305 NodeIndex: {get_param: NodeIndex}
308 type: OS::TripleO::{{role}}::Net::SoftwareConfig
310 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
311 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
312 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
313 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
314 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
315 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
316 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
319 type: OS::TripleO::Network::Ports::NetIpMap
321 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
322 ExternalIp: {get_attr: [ExternalPort, ip_address]}
323 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
324 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
325 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
326 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
327 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
328 StorageIp: {get_attr: [StoragePort, ip_address]}
329 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
330 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
331 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
332 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
333 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
334 TenantIp: {get_attr: [TenantPort, ip_address]}
335 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
336 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
337 ManagementIp: {get_attr: [ManagementPort, ip_address]}
338 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
339 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
342 type: OS::Heat::Value
350 - - {get_attr: [{{role}}, name]}
352 - {get_param: CloudDomain}
356 - - {get_attr: [{{role}}, name]}
362 - - {get_attr: [{{role}}, name]}
364 - {get_param: CloudDomain}
368 - - {get_attr: [{{role}}, name]}
374 - - {get_attr: [{{role}}, name]}
376 - {get_param: CloudDomain}
380 - - {get_attr: [{{role}}, name]}
386 - - {get_attr: [{{role}}, name]}
388 - {get_param: CloudDomain}
392 - - {get_attr: [{{role}}, name]}
398 - - {get_attr: [{{role}}, name]}
400 - {get_param: CloudDomain}
404 - - {get_attr: [{{role}}, name]}
410 - - {get_attr: [{{role}}, name]}
412 - {get_param: CloudDomain}
416 - - {get_attr: [{{role}}, name]}
422 - - {get_attr: [{{role}}, name]}
424 - {get_param: CloudDomain}
428 - - {get_attr: [{{role}}, name]}
432 type: OS::TripleO::{{role}}::PreNetworkConfig
434 server: {get_resource: {{role}}}
435 RoleParameters: {get_param: RoleParameters}
438 type: OS::TripleO::SoftwareDeployment
439 depends_on: PreNetworkConfig
441 name: NetworkDeployment
442 config: {get_resource: NetworkConfig}
443 server: {get_resource: {{role}}}
444 actions: {get_param: NetworkDeploymentActions}
446 bridge_name: {get_param: NeutronPhysicalBridge}
447 interface_name: {get_param: NeutronPublicInterface}
450 - server_not_blacklisted
451 - {get_param: NetworkDeploymentActions}
454 {{role}}UpgradeInitConfig:
455 type: OS::Heat::SoftwareConfig
461 - - "#!/bin/bash\n\n"
462 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
463 - get_param: UpgradeInitCommand
464 - get_param: UpgradeInitCommonCommand
466 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
467 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
468 {{role}}UpgradeInitDeployment:
469 type: OS::Heat::SoftwareDeployment
470 depends_on: NetworkDeployment
472 name: {{role}}UpgradeInitDeployment
473 server: {get_resource: {{role}}}
474 config: {get_resource: {{role}}UpgradeInitConfig}
477 - server_not_blacklisted
478 - ['CREATE', 'UPDATE']
482 type: OS::Heat::StructuredDeployment
483 depends_on: {{role}}UpgradeInitDeployment
485 name: {{role}}Deployment
486 config: {get_resource: {{role}}Config}
487 server: {get_resource: {{role}}}
489 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
492 - server_not_blacklisted
493 - ['CREATE', 'UPDATE']
497 type: OS::Heat::StructuredConfig
503 - heat_config_%{::deploy_config_name}
505 - {{role.lower()}}_extraconfig
510 - bootstrap_node # provided by allNodesConfig
511 - all_nodes # provided by allNodesConfig
512 - vip_data # provided by allNodesConfig
514 merge_behavior: deeper
517 service_names: {get_param: ServiceNames}
518 sensu::subscriptions: {get_param: MonitoringSubscriptions}
521 - {get_param: ServiceConfigSettings}
522 - values: {get_attr: [NetIpMap, net_ip_map]}
523 {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
524 extraconfig: {get_param: ExtraConfig}
526 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
527 tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
528 tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
529 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
530 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
531 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
532 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
533 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
534 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
535 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
537 # Resource for site-specific injection of root certificate
539 depends_on: {{role}}Deployment
540 type: OS::TripleO::NodeTLSCAData
542 server: {get_resource: {{role}}}
544 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
545 {{role}}ExtraConfigPre:
546 depends_on: {{role}}Deployment
547 type: OS::TripleO::{{role}}ExtraConfigPre
549 server: {get_resource: {{role}}}
551 # Hook for site-specific additional pre-deployment config,
552 # applying to all nodes, e.g node registration/unregistration
554 depends_on: [{{role}}ExtraConfigPre, NodeTLSCAData]
555 type: OS::TripleO::NodeExtraConfig
557 server: {get_resource: {{role}}}
560 type: OS::TripleO::Tasks::PackageUpdate
563 type: OS::Heat::SoftwareDeployment
564 depends_on: NetworkDeployment
566 name: UpdateDeployment
567 config: {get_resource: UpdateConfig}
568 server: {get_resource: {{role}}}
571 get_param: UpdateIdentifier
574 - server_not_blacklisted
575 - ['CREATE', 'UPDATE']
579 type: OS::TripleO::Ssh::HostPubKey
580 depends_on: {{role}}Deployment
582 server: {get_resource: {{role}}}
586 description: IP address of the server in the ctlplane network
587 value: {get_attr: [{{role}}, networks, ctlplane, 0]}
589 description: Hostname of the server
590 value: {get_attr: [{{role}}, name]}
592 description: Mapping of network names to hostnames
594 external: {get_attr: [NetHostMap, value, external, fqdn]}
595 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
596 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
597 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
598 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
599 management: {get_attr: [NetHostMap, value, management, fqdn]}
600 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
605 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
606 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
607 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
608 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
609 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
610 TENANTIP TENANTHOST.DOMAIN TENANTHOST
611 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
612 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
614 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
615 DOMAIN: {get_param: CloudDomain}
616 PRIMARYHOST: {get_attr: [{{role}}, name]}
617 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
618 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
619 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
620 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
621 STORAGEIP: {get_attr: [StoragePort, ip_address]}
622 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
623 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
624 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
625 TENANTIP: {get_attr: [TenantPort, ip_address]}
626 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
627 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
628 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
629 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
630 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
632 description: Entry for ssh known hosts
635 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
636 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
637 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
638 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
639 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
640 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
641 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
642 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
644 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
645 DOMAIN: {get_param: CloudDomain}
646 PRIMARYHOST: {get_attr: [{{role}}, name]}
647 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
648 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
649 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
650 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
651 STORAGEIP: {get_attr: [StoragePort, ip_address]}
652 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
653 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
654 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
655 TENANTIP: {get_attr: [TenantPort, ip_address]}
656 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
657 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
658 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
659 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
660 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
661 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
662 nova_server_resource:
663 description: Heat resource handle for {{role}} server
665 {get_resource: {{role}}}
666 condition: server_not_blacklisted
668 description: IP address of the server in the external network
669 value: {get_attr: [ExternalPort, ip_address]}
670 internal_api_ip_address:
671 description: IP address of the server in the internal_api network
672 value: {get_attr: [InternalApiPort, ip_address]}
674 description: IP address of the server in the storage network
675 value: {get_attr: [StoragePort, ip_address]}
676 storage_mgmt_ip_address:
677 description: IP address of the server in the storage_mgmt network
678 value: {get_attr: [StorageMgmtPort, ip_address]}
680 description: IP address of the server in the tenant network
681 value: {get_attr: [TenantPort, ip_address]}
682 management_ip_address:
683 description: IP address of the server in the management network
684 value: {get_attr: [ManagementPort, ip_address]}
686 description: The os-collect-config configuration associated with this server resource
687 value: {get_attr: [{{role}}, os_collect_config]}