1 heat_template_version: pike
2 description: 'OpenStack {{role}} node configured by Puppet'
4 Overcloud{{role}}Flavor:
5 description: Flavor for the {{role}} node.
8 {% if disable_constraints is not defined %}
10 - custom_constraint: nova.flavor
14 default: overcloud-full
15 {% if disable_constraints is not defined %}
17 - custom_constraint: glance.image
20 default: 'REBUILD_PRESERVE_EPHEMERAL'
21 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
24 description: Name of an existing Nova key pair to enable SSH access to the instances
27 {% if disable_constraints is not defined %}
29 - custom_constraint: nova.keypair
31 NeutronPublicInterface:
33 description: What interface to bridge onto br-ex for network nodes.
37 description: Mapping of service_name -> network name. Typically set
38 via parameter_defaults in the resource registry.
42 description: Mapping of service endpoint -> protocol. Typically set
43 via parameter_defaults in the resource registry.
49 Setting to a previously unused value during stack-update will trigger
50 package update on all nodes
53 default: '' # Defaults to Heat created hostname
57 description: Optional mapping to override hostnames
61 Additional hiera configuration to inject into the cluster. Note
62 that {{role}}ExtraConfig takes precedence over ExtraConfig.
67 Role specific additional hiera configuration to inject into the cluster.
72 NetworkDeploymentActions:
73 type: comma_delimited_list
75 Heat action when to apply network configuration changes
77 SoftwareConfigTransport:
78 default: POLL_SERVER_CFN
80 How the server should receive the metadata required for software configuration.
83 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
85 default: 'localdomain'
88 The DNS domain used for the hosts. This should match the dhcp_domain
89 configured in the Undercloud neutron. Defaults to localdomain.
90 {{role}}ServerMetadata:
93 Extra properties or metadata passed to Nova for the created nodes in
94 the overcloud. It's accessible via the Nova metadata API. This option is
95 role-specific and is merged with the values given to the ServerMetadata
101 Extra properties or metadata passed to Nova for the created nodes in
102 the overcloud. It's accessible via the Nova metadata API. This applies to
103 all roles and is merged with a role-specific metadata parameter.
105 {{role}}SchedulerHints:
107 description: Optional scheduler hints to pass to nova
112 ServiceConfigSettings:
116 type: comma_delimited_list
118 MonitoringSubscriptions:
119 type: comma_delimited_list
121 ServiceMetadataSettings:
126 description: Command which will be run whenever configuration data changes
127 default: os-refresh-config --timeout 14400
132 Maximum amount of time to possibly to delay configuation collection
133 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
134 the configuration collection to occur as soon as the collection process
135 starts. This setting is used to prevent the configuration collection
136 processes from polling all at the exact same time.
141 type: comma_delimited_list
146 Command or script snippet to run on all overcloud nodes to
147 initialize the upgrade process. E.g. a repository switch.
149 UpgradeInitCommonCommand:
152 Common commands required by the upgrades process. This should not
153 normally be modified by the operator and is set and unset in the
154 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
157 DeploymentServerBlacklistDict:
161 Map of server hostnames to blacklist from any triggered
162 deployments. If the value is 1, the server will be blacklisted. This
163 parameter is generated from the parent template.
166 server_not_blacklisted:
169 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
174 type: OS::TripleO::{{role.name}}Server
177 command: {get_param: ConfigCommand}
178 splay: {get_param: ConfigCollectSplay}
180 image: {get_param: {{role}}Image}
181 image_update_policy: {get_param: ImageUpdatePolicy}
182 flavor: {get_param: Overcloud{{role}}Flavor}
183 key_name: {get_param: KeyName}
186 user_data_format: SOFTWARE_CONFIG
187 user_data: {get_resource: UserData}
190 template: {get_param: Hostname}
191 params: {get_param: HostnameMap}
192 software_config_transport: {get_param: SoftwareConfigTransport}
195 - {get_param: ServerMetadata}
196 - {get_param: {{role}}ServerMetadata}
197 - {get_param: ServiceMetadataSettings}
198 scheduler_hints: {get_param: {{role}}SchedulerHints}
200 # Combine the NodeAdminUserData and NodeUserData mime archives
202 type: OS::Heat::MultipartMime
205 - config: {get_resource: NodeAdminUserData}
207 - config: {get_resource: NodeUserData}
209 - config: {get_resource: RoleUserData}
212 # Creates the "heat-admin" user if configured via the environment
213 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
215 type: OS::TripleO::NodeAdminUserData
217 # For optional operator additional userdata
218 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
220 type: OS::TripleO::NodeUserData
222 # For optional operator role-specific userdata
223 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
225 type: OS::TripleO::{{role}}::NodeUserData
228 type: OS::TripleO::{{role}}::Ports::ExternalPort
230 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
231 IPPool: {get_param: {{role}}IPs}
232 NodeIndex: {get_param: NodeIndex}
235 type: OS::TripleO::{{role}}::Ports::InternalApiPort
237 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
238 IPPool: {get_param: {{role}}IPs}
239 NodeIndex: {get_param: NodeIndex}
242 type: OS::TripleO::{{role}}::Ports::StoragePort
244 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
245 IPPool: {get_param: {{role}}IPs}
246 NodeIndex: {get_param: NodeIndex}
249 type: OS::TripleO::{{role}}::Ports::StorageMgmtPort
251 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
252 IPPool: {get_param: {{role}}IPs}
253 NodeIndex: {get_param: NodeIndex}
256 type: OS::TripleO::{{role}}::Ports::TenantPort
258 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
259 IPPool: {get_param: {{role}}IPs}
260 NodeIndex: {get_param: NodeIndex}
263 type: OS::TripleO::{{role}}::Ports::ManagementPort
265 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
266 IPPool: {get_param: {{role}}IPs}
267 NodeIndex: {get_param: NodeIndex}
270 type: OS::TripleO::{{role}}::Net::SoftwareConfig
272 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
273 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
274 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
275 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
276 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
277 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
278 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
281 type: OS::TripleO::Network::Ports::NetIpMap
283 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
284 ExternalIp: {get_attr: [ExternalPort, ip_address]}
285 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
286 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
287 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
288 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
289 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
290 StorageIp: {get_attr: [StoragePort, ip_address]}
291 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
292 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
293 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
294 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
295 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
296 TenantIp: {get_attr: [TenantPort, ip_address]}
297 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
298 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
299 ManagementIp: {get_attr: [ManagementPort, ip_address]}
300 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
301 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
304 type: OS::Heat::Value
312 - - {get_attr: [{{role}}, name]}
314 - {get_param: CloudDomain}
318 - - {get_attr: [{{role}}, name]}
324 - - {get_attr: [{{role}}, name]}
326 - {get_param: CloudDomain}
330 - - {get_attr: [{{role}}, name]}
336 - - {get_attr: [{{role}}, name]}
338 - {get_param: CloudDomain}
342 - - {get_attr: [{{role}}, name]}
348 - - {get_attr: [{{role}}, name]}
350 - {get_param: CloudDomain}
354 - - {get_attr: [{{role}}, name]}
360 - - {get_attr: [{{role}}, name]}
362 - {get_param: CloudDomain}
366 - - {get_attr: [{{role}}, name]}
372 - - {get_attr: [{{role}}, name]}
374 - {get_param: CloudDomain}
378 - - {get_attr: [{{role}}, name]}
384 - - {get_attr: [{{role}}, name]}
386 - {get_param: CloudDomain}
390 - - {get_attr: [{{role}}, name]}
394 type: OS::TripleO::{{role}}::PreNetworkConfig
396 server: {get_resource: {{role}}}
399 type: OS::TripleO::SoftwareDeployment
400 depends_on: PreNetworkConfig
402 name: NetworkDeployment
403 config: {get_resource: NetworkConfig}
404 server: {get_resource: {{role}}}
405 actions: {get_param: NetworkDeploymentActions}
408 interface_name: {get_param: NeutronPublicInterface}
411 - server_not_blacklisted
412 - {get_param: NetworkDeploymentActions}
415 {{role}}UpgradeInitConfig:
416 type: OS::Heat::SoftwareConfig
422 - - "#!/bin/bash\n\n"
423 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
424 - get_param: UpgradeInitCommand
425 - get_param: UpgradeInitCommonCommand
427 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
428 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
429 {{role}}UpgradeInitDeployment:
430 type: OS::Heat::SoftwareDeployment
431 depends_on: NetworkDeployment
433 name: {{role}}UpgradeInitDeployment
434 server: {get_resource: {{role}}}
435 config: {get_resource: {{role}}UpgradeInitConfig}
438 - server_not_blacklisted
439 - ['CREATE', 'UPDATE']
443 type: OS::Heat::StructuredDeployment
444 depends_on: {{role}}UpgradeInitDeployment
446 name: {{role}}Deployment
447 config: {get_resource: {{role}}Config}
448 server: {get_resource: {{role}}}
450 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
453 - server_not_blacklisted
454 - ['CREATE', 'UPDATE']
458 type: OS::Heat::StructuredConfig
464 - heat_config_%{::deploy_config_name}
466 - {{role.lower()}}_extraconfig
471 - bootstrap_node # provided by allNodesConfig
472 - all_nodes # provided by allNodesConfig
473 - vip_data # provided by allNodesConfig
475 merge_behavior: deeper
478 service_names: {get_param: ServiceNames}
479 sensu::subscriptions: {get_param: MonitoringSubscriptions}
482 - {get_param: ServiceConfigSettings}
483 - values: {get_attr: [NetIpMap, net_ip_map]}
484 {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
485 extraconfig: {get_param: ExtraConfig}
487 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
488 tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
489 tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
490 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
491 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
492 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
493 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
494 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
495 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
496 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
498 # Resource for site-specific injection of root certificate
500 depends_on: {{role}}Deployment
501 type: OS::TripleO::NodeTLSCAData
503 server: {get_resource: {{role}}}
505 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
506 {{role}}ExtraConfigPre:
507 depends_on: {{role}}Deployment
508 type: OS::TripleO::{{role}}ExtraConfigPre
510 server: {get_resource: {{role}}}
512 # Hook for site-specific additional pre-deployment config,
513 # applying to all nodes, e.g node registration/unregistration
515 depends_on: [{{role}}ExtraConfigPre, NodeTLSCAData]
516 type: OS::TripleO::NodeExtraConfig
518 server: {get_resource: {{role}}}
521 type: OS::TripleO::Tasks::PackageUpdate
524 type: OS::Heat::SoftwareDeployment
525 depends_on: NetworkDeployment
527 name: UpdateDeployment
528 config: {get_resource: UpdateConfig}
529 server: {get_resource: {{role}}}
532 get_param: UpdateIdentifier
535 - server_not_blacklisted
536 - ['CREATE', 'UPDATE']
540 type: OS::TripleO::Ssh::HostPubKey
541 depends_on: {{role}}Deployment
543 server: {get_resource: {{role}}}
547 description: IP address of the server in the ctlplane network
548 value: {get_attr: [{{role}}, networks, ctlplane, 0]}
550 description: Hostname of the server
551 value: {get_attr: [{{role}}, name]}
553 description: Mapping of network names to hostnames
555 external: {get_attr: [NetHostMap, value, external, fqdn]}
556 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
557 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
558 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
559 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
560 management: {get_attr: [NetHostMap, value, management, fqdn]}
561 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
566 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
567 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
568 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
569 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
570 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
571 TENANTIP TENANTHOST.DOMAIN TENANTHOST
572 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
573 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
575 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
576 DOMAIN: {get_param: CloudDomain}
577 PRIMARYHOST: {get_attr: [{{role}}, name]}
578 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
579 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
580 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
581 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
582 STORAGEIP: {get_attr: [StoragePort, ip_address]}
583 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
584 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
585 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
586 TENANTIP: {get_attr: [TenantPort, ip_address]}
587 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
588 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
589 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
590 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
591 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
593 description: Entry for ssh known hosts
596 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
597 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
598 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
599 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
600 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
601 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
602 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
603 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
605 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
606 DOMAIN: {get_param: CloudDomain}
607 PRIMARYHOST: {get_attr: [{{role}}, name]}
608 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
609 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
610 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
611 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
612 STORAGEIP: {get_attr: [StoragePort, ip_address]}
613 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
614 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
615 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
616 TENANTIP: {get_attr: [TenantPort, ip_address]}
617 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
618 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
619 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
620 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
621 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
622 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
623 nova_server_resource:
624 description: Heat resource handle for {{role}} server
626 {get_resource: {{role}}}
627 condition: server_not_blacklisted
629 description: IP address of the server in the external network
630 value: {get_attr: [ExternalPort, ip_address]}
631 internal_api_ip_address:
632 description: IP address of the server in the internal_api network
633 value: {get_attr: [InternalApiPort, ip_address]}
635 description: IP address of the server in the storage network
636 value: {get_attr: [StoragePort, ip_address]}
637 storage_mgmt_ip_address:
638 description: IP address of the server in the storage_mgmt network
639 value: {get_attr: [StorageMgmtPort, ip_address]}
641 description: IP address of the server in the tenant network
642 value: {get_attr: [TenantPort, ip_address]}
643 management_ip_address:
644 description: IP address of the server in the management network
645 value: {get_attr: [ManagementPort, ip_address]}