1 heat_template_version: pike
2 description: 'OpenStack {{role.name}} node configured by Puppet'
4 Overcloud{{role.name}}Flavor:
5 description: Flavor for the {{role.name}} node.
8 {% if role.disable_constraints is not defined %}
10 - custom_constraint: nova.flavor
14 default: overcloud-full
15 {% if role.disable_constraints is not defined %}
17 - custom_constraint: glance.image
20 default: 'REBUILD_PRESERVE_EPHEMERAL'
21 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
24 description: Name of an existing Nova key pair to enable SSH access to the instances
27 {% if role.disable_constraints is not defined %}
29 - custom_constraint: nova.keypair
31 NeutronPhysicalBridge:
33 description: An OVS bridge to create for accessing tenant networks.
35 NeutronPublicInterface:
37 description: Which interface to add to the NeutronPhysicalBridge.
41 description: Mapping of service_name -> network name. Typically set
42 via parameter_defaults in the resource registry.
46 description: Mapping of service endpoint -> protocol. Typically set
47 via parameter_defaults in the resource registry.
53 Setting to a previously unused value during stack-update will trigger
54 package update on all nodes
57 default: '' # Defaults to Heat created hostname
61 description: Optional mapping to override hostnames
65 Additional hiera configuration to inject into the cluster. Note
66 that {{role.name}}ExtraConfig takes precedence over ExtraConfig.
68 {{role.name}}ExtraConfig:
71 Role specific additional hiera configuration to inject into the cluster.
76 NetworkDeploymentActions:
77 type: comma_delimited_list
79 Heat action when to apply network configuration changes
81 SoftwareConfigTransport:
82 default: POLL_SERVER_CFN
84 How the server should receive the metadata required for software configuration.
87 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
89 default: 'localdomain'
92 The DNS domain used for the hosts. This must match the
93 overcloud_domain_name configured on the undercloud.
94 {{role.name}}ServerMetadata:
97 Extra properties or metadata passed to Nova for the created nodes in
98 the overcloud. It's accessible via the Nova metadata API. This option is
99 role-specific and is merged with the values given to the ServerMetadata
105 Extra properties or metadata passed to Nova for the created nodes in
106 the overcloud. It's accessible via the Nova metadata API. This applies to
107 all roles and is merged with a role-specific metadata parameter.
109 {{role.name}}SchedulerHints:
111 description: Optional scheduler hints to pass to nova
116 ServiceConfigSettings:
120 type: comma_delimited_list
122 MonitoringSubscriptions:
123 type: comma_delimited_list
125 ServiceMetadataSettings:
130 description: Command which will be run whenever configuration data changes
131 default: os-refresh-config --timeout 14400
136 Maximum amount of time to possibly to delay configuation collection
137 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
138 the configuration collection to occur as soon as the collection process
139 starts. This setting is used to prevent the configuration collection
140 processes from polling all at the exact same time.
145 type: comma_delimited_list
150 Command or script snippet to run on all overcloud nodes to
151 initialize the upgrade process. E.g. a repository switch.
153 UpgradeInitCommonCommand:
156 Common commands required by the upgrades process. This should not
157 normally be modified by the operator and is set and unset in the
158 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
161 DeploymentServerBlacklistDict:
165 Map of server hostnames to blacklist from any triggered
166 deployments. If the value is 1, the server will be blacklisted. This
167 parameter is generated from the parent template.
170 description: Role Specific Parameters
172 DeploymentSwiftDataMap:
175 Map of servers to Swift container and object for storing deployment data.
176 The keys are the Heat assigned hostnames, and the value is a map of the
177 container/object name in Swift. Example value:
178 overcloud-controller-0:
179 container: overcloud-controller
181 overcloud-controller-1:
182 container: overcloud-controller
184 overcloud-controller-2:
185 container: overcloud-controller
187 overcloud-novacompute-0:
188 container: overcloud-compute
193 server_not_blacklisted:
196 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
198 deployment_swift_data_map_unset:
201 - DeploymentSwiftDataMap
202 - {get_param: Hostname}
207 type: OS::TripleO::{{role.name}}Server
210 command: {get_param: ConfigCommand}
211 splay: {get_param: ConfigCollectSplay}
213 image: {get_param: {{role.name}}Image}
214 image_update_policy: {get_param: ImageUpdatePolicy}
215 flavor: {get_param: Overcloud{{role.name}}Flavor}
216 key_name: {get_param: KeyName}
219 user_data_format: SOFTWARE_CONFIG
220 user_data: {get_resource: UserData}
223 template: {get_param: Hostname}
224 params: {get_param: HostnameMap}
225 software_config_transport: {get_param: SoftwareConfigTransport}
228 - {get_param: ServerMetadata}
229 - {get_param: {{role.name}}ServerMetadata}
230 - {get_param: ServiceMetadataSettings}
231 scheduler_hints: {get_param: {{role.name}}SchedulerHints}
232 deployment_swift_data:
234 - deployment_swift_data_map_unset
236 - {get_param: [DeploymentSwiftDataMap,
237 {get_param: Hostname}]}
239 # Combine the NodeAdminUserData and NodeUserData mime archives
241 type: OS::Heat::MultipartMime
244 - config: {get_resource: NodeAdminUserData}
246 - config: {get_resource: NodeUserData}
248 - config: {get_resource: RoleUserData}
251 # Creates the "heat-admin" user if configured via the environment
252 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
254 type: OS::TripleO::NodeAdminUserData
256 # For optional operator additional userdata
257 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
259 type: OS::TripleO::NodeUserData
261 # For optional operator role-specific userdata
262 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
264 type: OS::TripleO::{{role.name}}::NodeUserData
267 type: OS::TripleO::{{role.name}}::Ports::ExternalPort
269 ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
270 IPPool: {get_param: {{role.name}}IPs}
271 NodeIndex: {get_param: NodeIndex}
274 type: OS::TripleO::{{role.name}}::Ports::InternalApiPort
276 ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
277 IPPool: {get_param: {{role.name}}IPs}
278 NodeIndex: {get_param: NodeIndex}
281 type: OS::TripleO::{{role.name}}::Ports::StoragePort
283 ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
284 IPPool: {get_param: {{role.name}}IPs}
285 NodeIndex: {get_param: NodeIndex}
288 type: OS::TripleO::{{role.name}}::Ports::StorageMgmtPort
290 ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
291 IPPool: {get_param: {{role.name}}IPs}
292 NodeIndex: {get_param: NodeIndex}
295 type: OS::TripleO::{{role.name}}::Ports::TenantPort
297 ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
298 IPPool: {get_param: {{role.name}}IPs}
299 NodeIndex: {get_param: NodeIndex}
302 type: OS::TripleO::{{role.name}}::Ports::ManagementPort
304 ControlPlaneIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
305 IPPool: {get_param: {{role.name}}IPs}
306 NodeIndex: {get_param: NodeIndex}
309 type: OS::TripleO::{{role.name}}::Net::SoftwareConfig
311 ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
312 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
313 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
314 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
315 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
316 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
317 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
320 type: OS::TripleO::Network::Ports::NetIpMap
322 ControlPlaneIp: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
323 ExternalIp: {get_attr: [ExternalPort, ip_address]}
324 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
325 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
326 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
327 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
328 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
329 StorageIp: {get_attr: [StoragePort, ip_address]}
330 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
331 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
332 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
333 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
334 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
335 TenantIp: {get_attr: [TenantPort, ip_address]}
336 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
337 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
338 ManagementIp: {get_attr: [ManagementPort, ip_address]}
339 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
340 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
343 type: OS::Heat::Value
351 - - {get_attr: [{{role.name}}, name]}
353 - {get_param: CloudDomain}
357 - - {get_attr: [{{role.name}}, name]}
363 - - {get_attr: [{{role.name}}, name]}
365 - {get_param: CloudDomain}
369 - - {get_attr: [{{role.name}}, name]}
375 - - {get_attr: [{{role.name}}, name]}
377 - {get_param: CloudDomain}
381 - - {get_attr: [{{role.name}}, name]}
387 - - {get_attr: [{{role.name}}, name]}
389 - {get_param: CloudDomain}
393 - - {get_attr: [{{role.name}}, name]}
399 - - {get_attr: [{{role.name}}, name]}
401 - {get_param: CloudDomain}
405 - - {get_attr: [{{role.name}}, name]}
411 - - {get_attr: [{{role.name}}, name]}
413 - {get_param: CloudDomain}
417 - - {get_attr: [{{role.name}}, name]}
423 - - {get_attr: [{{role.name}}, name]}
425 - {get_param: CloudDomain}
429 - - {get_attr: [{{role.name}}, name]}
433 type: OS::TripleO::{{role.name}}::PreNetworkConfig
435 server: {get_resource: {{role.name}}}
436 RoleParameters: {get_param: RoleParameters}
437 ServiceNames: {get_param: ServiceNames}
440 type: OS::TripleO::SoftwareDeployment
441 depends_on: PreNetworkConfig
443 name: NetworkDeployment
444 config: {get_resource: NetworkConfig}
445 server: {get_resource: {{role.name}}}
446 actions: {get_param: NetworkDeploymentActions}
448 bridge_name: {get_param: NeutronPhysicalBridge}
449 interface_name: {get_param: NeutronPublicInterface}
452 - server_not_blacklisted
453 - {get_param: NetworkDeploymentActions}
456 {{role.name}}UpgradeInitConfig:
457 type: OS::Heat::SoftwareConfig
463 - - "#!/bin/bash\n\n"
464 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
465 - get_param: UpgradeInitCommand
466 - get_param: UpgradeInitCommonCommand
468 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
469 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
470 {{role.name}}UpgradeInitDeployment:
471 type: OS::Heat::SoftwareDeployment
472 depends_on: NetworkDeployment
474 name: {{role.name}}UpgradeInitDeployment
475 server: {get_resource: {{role.name}}}
476 config: {get_resource: {{role.name}}UpgradeInitConfig}
479 - server_not_blacklisted
480 - ['CREATE', 'UPDATE']
483 {{role.name}}Deployment:
484 type: OS::Heat::StructuredDeployment
485 depends_on: {{role.name}}UpgradeInitDeployment
487 name: {{role.name}}Deployment
488 config: {get_resource: {{role.name}}Config}
489 server: {get_resource: {{role.name}}}
491 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
494 - server_not_blacklisted
495 - ['CREATE', 'UPDATE']
499 type: OS::Heat::StructuredConfig
505 - heat_config_%{::deploy_config_name}
507 - {{role.name.lower()}}_extraconfig
511 - {{role.name.lower()}}
512 - bootstrap_node # provided by allNodesConfig
513 - all_nodes # provided by allNodesConfig
514 - vip_data # provided by allNodesConfig
516 merge_behavior: deeper
519 service_names: {get_param: ServiceNames}
520 sensu::subscriptions: {get_param: MonitoringSubscriptions}
523 - {get_param: ServiceConfigSettings}
524 - values: {get_attr: [NetIpMap, net_ip_map]}
525 {{role.name.lower()}}_extraconfig: {get_param: {{role.name}}ExtraConfig}
526 extraconfig: {get_param: ExtraConfig}
527 {{role.name.lower()}}:
528 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
529 tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
530 tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
531 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
532 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
533 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
534 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
535 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
536 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
537 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
539 # Resource for site-specific injection of root certificate
541 depends_on: {{role.name}}Deployment
542 type: OS::TripleO::NodeTLSCAData
544 server: {get_resource: {{role.name}}}
546 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
547 {{role.name}}ExtraConfigPre:
548 depends_on: {{role.name}}Deployment
549 type: OS::TripleO::{{role.name}}ExtraConfigPre
551 server: {get_resource: {{role.name}}}
553 # Hook for site-specific additional pre-deployment config,
554 # applying to all nodes, e.g node registration/unregistration
556 depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData]
557 type: OS::TripleO::NodeExtraConfig
559 server: {get_resource: {{role.name}}}
562 type: OS::TripleO::Tasks::PackageUpdate
565 type: OS::Heat::SoftwareDeployment
566 depends_on: NetworkDeployment
568 name: UpdateDeployment
569 config: {get_resource: UpdateConfig}
570 server: {get_resource: {{role.name}}}
573 get_param: UpdateIdentifier
576 - server_not_blacklisted
577 - ['CREATE', 'UPDATE']
581 type: OS::TripleO::Ssh::HostPubKey
582 depends_on: {{role.name}}Deployment
584 server: {get_resource: {{role.name}}}
588 description: IP address of the server in the ctlplane network
589 value: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
591 description: Hostname of the server
592 value: {get_attr: [{{role.name}}, name]}
594 description: Mapping of network names to hostnames
596 external: {get_attr: [NetHostMap, value, external, fqdn]}
597 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
598 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
599 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
600 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
601 management: {get_attr: [NetHostMap, value, management, fqdn]}
602 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
607 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
608 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
609 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
610 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
611 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
612 TENANTIP TENANTHOST.DOMAIN TENANTHOST
613 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
614 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
616 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
617 DOMAIN: {get_param: CloudDomain}
618 PRIMARYHOST: {get_attr: [{{role.name}}, name]}
619 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
620 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
621 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
622 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
623 STORAGEIP: {get_attr: [StoragePort, ip_address]}
624 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
625 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
626 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
627 TENANTIP: {get_attr: [TenantPort, ip_address]}
628 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
629 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
630 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
631 CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
632 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
634 description: Entry for ssh known hosts
637 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
638 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
639 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
640 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
641 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
642 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
643 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
644 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
646 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
647 DOMAIN: {get_param: CloudDomain}
648 PRIMARYHOST: {get_attr: [{{role.name}}, name]}
649 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
650 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
651 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
652 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
653 STORAGEIP: {get_attr: [StoragePort, ip_address]}
654 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
655 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
656 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
657 TENANTIP: {get_attr: [TenantPort, ip_address]}
658 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
659 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
660 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
661 CTLPLANEIP: {get_attr: [{{role.name}}, networks, ctlplane, 0]}
662 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
663 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
664 nova_server_resource:
665 description: Heat resource handle for {{role.name}} server
667 {get_resource: {{role.name}}}
668 condition: server_not_blacklisted
670 description: IP address of the server in the external network
671 value: {get_attr: [ExternalPort, ip_address]}
672 internal_api_ip_address:
673 description: IP address of the server in the internal_api network
674 value: {get_attr: [InternalApiPort, ip_address]}
676 description: IP address of the server in the storage network
677 value: {get_attr: [StoragePort, ip_address]}
678 storage_mgmt_ip_address:
679 description: IP address of the server in the storage_mgmt network
680 value: {get_attr: [StorageMgmtPort, ip_address]}
682 description: IP address of the server in the tenant network
683 value: {get_attr: [TenantPort, ip_address]}
684 management_ip_address:
685 description: IP address of the server in the management network
686 value: {get_attr: [ManagementPort, ip_address]}
688 description: The os-collect-config configuration associated with this server resource
689 value: {get_attr: [{{role.name}}, os_collect_config]}