Reinstates the heat-admin user via template user-data, which
replaces the previous boothook injected user provided by the
(deprecated now removed) heat instance_user option.
This has some advantages over the heat.conf option, e.g it allows
for much easier customzation of the user configuration (additional
SSH keys, adding groups etc), and also in future if we support
deploying more than one overcloud you could specify a different
user per deployment.
Co-Authored-By: Dan Prince <dprince@redhat.com>
Change-Id: I2235b9690c01542d8a28ec1c1a4607de751aea29
Closes-Bug: #
1229849
--- /dev/null
+heat_template_version: 2014-10-16
+
+parameters:
+ # Can be overriden via parameter_defaults in the environment
+ node_admin_username:
+ type: string
+ default: heat-admin
+
+description: >
+ Uses cloud-init to create an additional user with a known name, in addition
+ to the distro-default user created by the cloud-init default.
+
+resources:
+ userdata:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: user_config}
+
+ # Note this requires cloud-init >= 0.7.2 ref bug #1100920
+ user_config:
+ type: OS::Heat::CloudConfig
+ properties:
+ cloud_config:
+ user: {get_param: node_admin_username}
+
+outputs:
+ OS::stack_id:
+ value: {get_resource: userdata}
OS::TripleO::BootstrapNode::SoftwareConfig: puppet/bootstrap-config.yaml
OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml
+ # This creates the "heat-admin" user for all OS images by default
+ # To disable, replace with firstboot/userdata_default.yaml
+ OS::TripleO::NodeAdminUserData: firstboot/userdata_heat_admin.yaml
+
# Hooks for operator extra config
# NodeUserData == Cloud-init additional user-data, e.g cloud-config
# ControllerExtraConfigPre == Controller configuration pre service deployment
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: NodeUserData}
+ user_data: {get_resource: UserData}
name: {get_param: Hostname}
+ # Combine the NodeAdminUserData and NodeUserData mime archives
+ UserData:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: NodeAdminUserData}
+ type: multipart
+ - config: {get_resource: NodeUserData}
+ type: multipart
+
+ # Creates the "heat-admin" user if configured via the environment
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ NodeAdminUserData:
+ type: OS::TripleO::NodeAdminUserData
+
+ # For optional operator additional userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeUserData:
type: OS::TripleO::NodeUserData
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: NodeUserData}
+ user_data: {get_resource: UserData}
name: {get_param: Hostname}
+ # Combine the NodeAdminUserData and NodeUserData mime archives
+ UserData:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: NodeAdminUserData}
+ type: multipart
+ - config: {get_resource: NodeUserData}
+ type: multipart
+
+ # Creates the "heat-admin" user if configured via the environment
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ NodeAdminUserData:
+ type: OS::TripleO::NodeAdminUserData
+
+ # For optional operator additional userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeUserData:
type: OS::TripleO::NodeUserData
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: NodeUserData}
+ user_data: {get_resource: UserData}
name: {get_param: Hostname}
+ # Combine the NodeAdminUserData and NodeUserData mime archives
+ UserData:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: NodeAdminUserData}
+ type: multipart
+ - config: {get_resource: NodeUserData}
+ type: multipart
+
+ # Creates the "heat-admin" user if configured via the environment
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ NodeAdminUserData:
+ type: OS::TripleO::NodeAdminUserData
+
+ # For optional operator additional userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeUserData:
type: OS::TripleO::NodeUserData
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: NodeUserData}
+ user_data: {get_resource: UserData}
name: {get_param: Hostname}
+ # Combine the NodeAdminUserData and NodeUserData mime archives
+ UserData:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: NodeAdminUserData}
+ type: multipart
+ - config: {get_resource: NodeUserData}
+ type: multipart
+
+ # Creates the "heat-admin" user if configured via the environment
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ NodeAdminUserData:
+ type: OS::TripleO::NodeAdminUserData
+
+ # For optional operator additional userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeUserData:
type: OS::TripleO::NodeUserData
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: NodeUserData}
+ user_data: {get_resource: UserData}
name: {get_param: Hostname}
+ # Combine the NodeAdminUserData and NodeUserData mime archives
+ UserData:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: NodeAdminUserData}
+ type: multipart
+ - config: {get_resource: NodeUserData}
+ type: multipart
+
+ # Creates the "heat-admin" user if configured via the environment
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ NodeAdminUserData:
+ type: OS::TripleO::NodeAdminUserData
+
+ # For optional operator additional userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeUserData:
type: OS::TripleO::NodeUserData
Code Review / apex-tripleo-heat-templates.git / commitdiff