1 heat_template_version: pike
2 description: 'OpenStack {{role}} node configured by Puppet'
4 Overcloud{{role}}Flavor:
5 description: Flavor for the {{role}} node.
8 {% if disable_constraints is not defined %}
10 - custom_constraint: nova.flavor
14 default: overcloud-full
15 {% if disable_constraints is not defined %}
17 - custom_constraint: glance.image
20 default: 'REBUILD_PRESERVE_EPHEMERAL'
21 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
24 description: Name of an existing Nova key pair to enable SSH access to the instances
27 {% if disable_constraints is not defined %}
29 - custom_constraint: nova.keypair
31 NeutronPublicInterface:
33 description: What interface to bridge onto br-ex for network nodes.
37 description: Mapping of service_name -> network name. Typically set
38 via parameter_defaults in the resource registry.
42 description: Mapping of service endpoint -> protocol. Typically set
43 via parameter_defaults in the resource registry.
49 Setting to a previously unused value during stack-update will trigger
50 package update on all nodes
53 default: '' # Defaults to Heat created hostname
57 description: Optional mapping to override hostnames
61 Additional hiera configuration to inject into the cluster. Note
62 that {{role}}ExtraConfig takes precedence over ExtraConfig.
67 Role specific additional hiera configuration to inject into the cluster.
72 NetworkDeploymentActions:
73 type: comma_delimited_list
75 Heat action when to apply network configuration changes
77 SoftwareConfigTransport:
78 default: POLL_SERVER_CFN
80 How the server should receive the metadata required for software configuration.
83 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
85 default: 'localdomain'
88 The DNS domain used for the hosts. This must match the
89 overcloud_domain_name configured on the undercloud.
90 {{role}}ServerMetadata:
93 Extra properties or metadata passed to Nova for the created nodes in
94 the overcloud. It's accessible via the Nova metadata API. This option is
95 role-specific and is merged with the values given to the ServerMetadata
101 Extra properties or metadata passed to Nova for the created nodes in
102 the overcloud. It's accessible via the Nova metadata API. This applies to
103 all roles and is merged with a role-specific metadata parameter.
105 {{role}}SchedulerHints:
107 description: Optional scheduler hints to pass to nova
112 ServiceConfigSettings:
116 type: comma_delimited_list
118 MonitoringSubscriptions:
119 type: comma_delimited_list
121 ServiceMetadataSettings:
126 description: Command which will be run whenever configuration data changes
127 default: os-refresh-config --timeout 14400
132 Maximum amount of time to possibly to delay configuation collection
133 polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
134 the configuration collection to occur as soon as the collection process
135 starts. This setting is used to prevent the configuration collection
136 processes from polling all at the exact same time.
141 type: comma_delimited_list
146 Command or script snippet to run on all overcloud nodes to
147 initialize the upgrade process. E.g. a repository switch.
149 UpgradeInitCommonCommand:
152 Common commands required by the upgrades process. This should not
153 normally be modified by the operator and is set and unset in the
154 major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
157 DeploymentServerBlacklistDict:
161 Map of server hostnames to blacklist from any triggered
162 deployments. If the value is 1, the server will be blacklisted. This
163 parameter is generated from the parent template.
166 description: Role Specific Parameters
170 server_not_blacklisted:
173 - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
178 type: OS::TripleO::{{role}}Server
181 command: {get_param: ConfigCommand}
182 splay: {get_param: ConfigCollectSplay}
184 image: {get_param: {{role}}Image}
185 image_update_policy: {get_param: ImageUpdatePolicy}
186 flavor: {get_param: Overcloud{{role}}Flavor}
187 key_name: {get_param: KeyName}
190 user_data_format: SOFTWARE_CONFIG
191 user_data: {get_resource: UserData}
194 template: {get_param: Hostname}
195 params: {get_param: HostnameMap}
196 software_config_transport: {get_param: SoftwareConfigTransport}
199 - {get_param: ServerMetadata}
200 - {get_param: {{role}}ServerMetadata}
201 - {get_param: ServiceMetadataSettings}
202 scheduler_hints: {get_param: {{role}}SchedulerHints}
204 # Combine the NodeAdminUserData and NodeUserData mime archives
206 type: OS::Heat::MultipartMime
209 - config: {get_resource: NodeAdminUserData}
211 - config: {get_resource: NodeUserData}
213 - config: {get_resource: RoleUserData}
216 # Creates the "heat-admin" user if configured via the environment
217 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
219 type: OS::TripleO::NodeAdminUserData
221 # For optional operator additional userdata
222 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
224 type: OS::TripleO::NodeUserData
226 # For optional operator role-specific userdata
227 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
229 type: OS::TripleO::{{role}}::NodeUserData
232 type: OS::TripleO::{{role}}::Ports::ExternalPort
234 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
235 IPPool: {get_param: {{role}}IPs}
236 NodeIndex: {get_param: NodeIndex}
239 type: OS::TripleO::{{role}}::Ports::InternalApiPort
241 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
242 IPPool: {get_param: {{role}}IPs}
243 NodeIndex: {get_param: NodeIndex}
246 type: OS::TripleO::{{role}}::Ports::StoragePort
248 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
249 IPPool: {get_param: {{role}}IPs}
250 NodeIndex: {get_param: NodeIndex}
253 type: OS::TripleO::{{role}}::Ports::StorageMgmtPort
255 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
256 IPPool: {get_param: {{role}}IPs}
257 NodeIndex: {get_param: NodeIndex}
260 type: OS::TripleO::{{role}}::Ports::TenantPort
262 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
263 IPPool: {get_param: {{role}}IPs}
264 NodeIndex: {get_param: NodeIndex}
267 type: OS::TripleO::{{role}}::Ports::ManagementPort
269 ControlPlaneIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
270 IPPool: {get_param: {{role}}IPs}
271 NodeIndex: {get_param: NodeIndex}
274 type: OS::TripleO::{{role}}::Net::SoftwareConfig
276 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
277 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
278 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
279 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
280 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
281 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
282 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
285 type: OS::TripleO::Network::Ports::NetIpMap
287 ControlPlaneIp: {get_attr: [{{role}}, networks, ctlplane, 0]}
288 ExternalIp: {get_attr: [ExternalPort, ip_address]}
289 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
290 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
291 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
292 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
293 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
294 StorageIp: {get_attr: [StoragePort, ip_address]}
295 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
296 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
297 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
298 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
299 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
300 TenantIp: {get_attr: [TenantPort, ip_address]}
301 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
302 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
303 ManagementIp: {get_attr: [ManagementPort, ip_address]}
304 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
305 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
308 type: OS::Heat::Value
316 - - {get_attr: [{{role}}, name]}
318 - {get_param: CloudDomain}
322 - - {get_attr: [{{role}}, name]}
328 - - {get_attr: [{{role}}, name]}
330 - {get_param: CloudDomain}
334 - - {get_attr: [{{role}}, name]}
340 - - {get_attr: [{{role}}, name]}
342 - {get_param: CloudDomain}
346 - - {get_attr: [{{role}}, name]}
352 - - {get_attr: [{{role}}, name]}
354 - {get_param: CloudDomain}
358 - - {get_attr: [{{role}}, name]}
364 - - {get_attr: [{{role}}, name]}
366 - {get_param: CloudDomain}
370 - - {get_attr: [{{role}}, name]}
376 - - {get_attr: [{{role}}, name]}
378 - {get_param: CloudDomain}
382 - - {get_attr: [{{role}}, name]}
388 - - {get_attr: [{{role}}, name]}
390 - {get_param: CloudDomain}
394 - - {get_attr: [{{role}}, name]}
398 type: OS::TripleO::{{role}}::PreNetworkConfig
400 server: {get_resource: {{role}}}
401 RoleParameters: {get_param: RoleParameters}
404 type: OS::TripleO::SoftwareDeployment
405 depends_on: PreNetworkConfig
407 name: NetworkDeployment
408 config: {get_resource: NetworkConfig}
409 server: {get_resource: {{role}}}
410 actions: {get_param: NetworkDeploymentActions}
413 interface_name: {get_param: NeutronPublicInterface}
416 - server_not_blacklisted
417 - {get_param: NetworkDeploymentActions}
420 {{role}}UpgradeInitConfig:
421 type: OS::Heat::SoftwareConfig
427 - - "#!/bin/bash\n\n"
428 - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
429 - get_param: UpgradeInitCommand
430 - get_param: UpgradeInitCommonCommand
432 # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
433 # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
434 {{role}}UpgradeInitDeployment:
435 type: OS::Heat::SoftwareDeployment
436 depends_on: NetworkDeployment
438 name: {{role}}UpgradeInitDeployment
439 server: {get_resource: {{role}}}
440 config: {get_resource: {{role}}UpgradeInitConfig}
443 - server_not_blacklisted
444 - ['CREATE', 'UPDATE']
448 type: OS::Heat::StructuredDeployment
449 depends_on: {{role}}UpgradeInitDeployment
451 name: {{role}}Deployment
452 config: {get_resource: {{role}}Config}
453 server: {get_resource: {{role}}}
455 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
458 - server_not_blacklisted
459 - ['CREATE', 'UPDATE']
463 type: OS::Heat::StructuredConfig
469 - heat_config_%{::deploy_config_name}
471 - {{role.lower()}}_extraconfig
476 - bootstrap_node # provided by allNodesConfig
477 - all_nodes # provided by allNodesConfig
478 - vip_data # provided by allNodesConfig
480 merge_behavior: deeper
483 service_names: {get_param: ServiceNames}
484 sensu::subscriptions: {get_param: MonitoringSubscriptions}
487 - {get_param: ServiceConfigSettings}
488 - values: {get_attr: [NetIpMap, net_ip_map]}
489 {{role.lower()}}_extraconfig: {get_param: {{role}}ExtraConfig}
490 extraconfig: {get_param: ExtraConfig}
492 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
493 tripleo::profile::base::logging::fluentd::fluentd_sources: {get_param: LoggingSources}
494 tripleo::profile::base::logging::fluentd::fluentd_groups: {get_param: LoggingGroups}
495 fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
496 fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
497 fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
498 fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
499 fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
500 fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
501 fqdn_external: {get_attr: [NetHostMap, value, external, fqdn]}
503 # Resource for site-specific injection of root certificate
505 depends_on: {{role}}Deployment
506 type: OS::TripleO::NodeTLSCAData
508 server: {get_resource: {{role}}}
510 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
511 {{role}}ExtraConfigPre:
512 depends_on: {{role}}Deployment
513 type: OS::TripleO::{{role}}ExtraConfigPre
515 server: {get_resource: {{role}}}
517 # Hook for site-specific additional pre-deployment config,
518 # applying to all nodes, e.g node registration/unregistration
520 depends_on: [{{role}}ExtraConfigPre, NodeTLSCAData]
521 type: OS::TripleO::NodeExtraConfig
523 server: {get_resource: {{role}}}
526 type: OS::TripleO::Tasks::PackageUpdate
529 type: OS::Heat::SoftwareDeployment
530 depends_on: NetworkDeployment
532 name: UpdateDeployment
533 config: {get_resource: UpdateConfig}
534 server: {get_resource: {{role}}}
537 get_param: UpdateIdentifier
540 - server_not_blacklisted
541 - ['CREATE', 'UPDATE']
545 type: OS::TripleO::Ssh::HostPubKey
546 depends_on: {{role}}Deployment
548 server: {get_resource: {{role}}}
552 description: IP address of the server in the ctlplane network
553 value: {get_attr: [{{role}}, networks, ctlplane, 0]}
555 description: Hostname of the server
556 value: {get_attr: [{{role}}, name]}
558 description: Mapping of network names to hostnames
560 external: {get_attr: [NetHostMap, value, external, fqdn]}
561 internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
562 storage: {get_attr: [NetHostMap, value, storage, fqdn]}
563 storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
564 tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
565 management: {get_attr: [NetHostMap, value, management, fqdn]}
566 ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
571 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
572 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
573 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
574 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
575 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
576 TENANTIP TENANTHOST.DOMAIN TENANTHOST
577 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
578 CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
580 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
581 DOMAIN: {get_param: CloudDomain}
582 PRIMARYHOST: {get_attr: [{{role}}, name]}
583 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
584 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
585 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
586 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
587 STORAGEIP: {get_attr: [StoragePort, ip_address]}
588 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
589 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
590 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
591 TENANTIP: {get_attr: [TenantPort, ip_address]}
592 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
593 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
594 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
595 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
596 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
598 description: Entry for ssh known hosts
601 template: "PRIMARYIP,PRIMARYHOST.DOMAIN,PRIMARYHOST,\
602 EXTERNALIP,EXTERNALHOST.DOMAIN,EXTERNALHOST,\
603 INTERNAL_APIIP,INTERNAL_APIHOST.DOMAIN,INTERNAL_APIHOST,\
604 STORAGEIP,STORAGEHOST.DOMAIN,STORAGEHOST,\
605 STORAGE_MGMTIP,STORAGE_MGMTHOST.DOMAIN,STORAGE_MGMTHOST,\
606 TENANTIP,TENANTHOST.DOMAIN,TENANTHOST,\
607 MANAGEMENTIP,MANAGEMENTHOST.DOMAIN,MANAGEMENTHOST,\
608 CTLPLANEIP,CTLPLANEHOST.DOMAIN,CTLPLANEHOST HOSTSSHPUBKEY"
610 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role}}HostnameResolveNetwork]}]}
611 DOMAIN: {get_param: CloudDomain}
612 PRIMARYHOST: {get_attr: [{{role}}, name]}
613 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
614 EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
615 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
616 INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
617 STORAGEIP: {get_attr: [StoragePort, ip_address]}
618 STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
619 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
620 STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
621 TENANTIP: {get_attr: [TenantPort, ip_address]}
622 TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
623 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
624 MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
625 CTLPLANEIP: {get_attr: [{{role}}, networks, ctlplane, 0]}
626 CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
627 HOSTSSHPUBKEY: {get_attr: [SshHostPubKey, ecdsa]}
628 nova_server_resource:
629 description: Heat resource handle for {{role}} server
631 {get_resource: {{role}}}
632 condition: server_not_blacklisted
634 description: IP address of the server in the external network
635 value: {get_attr: [ExternalPort, ip_address]}
636 internal_api_ip_address:
637 description: IP address of the server in the internal_api network
638 value: {get_attr: [InternalApiPort, ip_address]}
640 description: IP address of the server in the storage network
641 value: {get_attr: [StoragePort, ip_address]}
642 storage_mgmt_ip_address:
643 description: IP address of the server in the storage_mgmt network
644 value: {get_attr: [StorageMgmtPort, ip_address]}
646 description: IP address of the server in the tenant network
647 value: {get_attr: [TenantPort, ip_address]}
648 management_ip_address:
649 description: IP address of the server in the management network
650 value: {get_attr: [ManagementPort, ip_address]}