parameter is generated from the parent template.
RoleParameters:
type: json
- description: Role Specific Parameters
+ description: Parameters specific to the role
default: {}
DeploymentSwiftDataMap:
type: json
# Resource for site-specific injection of root certificate
NodeTLSCAData:
- depends_on: {{role.name}}Deployment
+ depends_on: NetworkDeployment
type: OS::TripleO::NodeTLSCAData
properties:
server: {get_resource: {{role.name}}}
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ # Resource for site-specific passing of private keys/certificates
+ NodeTLSData:
+ depends_on: NodeTLSCAData
+ type: OS::TripleO::NodeTLSData
+ properties:
+ server: {get_resource: {{role.name}}}
+ NodeIndex: {get_param: NodeIndex}
+ {%- endif -%}
+
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
{{role.name}}ExtraConfigPre:
depends_on: {{role.name}}Deployment
# Hook for site-specific additional pre-deployment config,
# applying to all nodes, e.g node registration/unregistration
NodeExtraConfig:
- depends_on: [{{role.name}}ExtraConfigPre, NodeTLSCAData]
+ depends_on:
+ - {{role.name}}ExtraConfigPre
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ - NodeTLSData
+ {%- else %}
+ - NodeTLSCAData
+ {%- endif %}
type: OS::TripleO::NodeExtraConfig
# We have to use conditions here so that we don't break backwards
# compatibility with templates everywhere
- 6
- 0
- keys: {hostname: {get_param: Hostname}}
+ {%- if 'primary' in role.tags and 'controller' in role.tags %}
+ tls_key_modulus_md5:
+ description: MD5 checksum of the TLS Key Modulus
+ value: {get_attr: [NodeTLSData, key_modulus_md5]}
+ tls_cert_modulus_md5:
+ description: MD5 checksum of the TLS Certificate Modulus
+ value: {get_attr: [NodeTLSData, cert_modulus_md5]}
+ {%- endif %}
os_collect_config:
description: The os-collect-config configuration associated with this server resource
value: {get_attr: [{{role.name}}, os_collect_config]}