description: >
Set to true to append per network Vips to /etc/hosts on each node.
+ DeploymentServerBlacklist:
+ default: []
+ type: comma_delimited_list
+ description: >
+ List of server hostnames to blacklist from any triggered deployments.
+
conditions:
add_vips_to_etc_hosts: {equals : [{get_param: AddVipsToEtcHosts}, True]}
properties:
name: {{role.name}}HostsDeployment
config: {get_attr: [hostsConfig, config_id]}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ servers: {get_attr: [{{role.name}}Servers, value]}
{{role.name}}SshKnownHostsDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: {{role.name}}SshKnownHostsDeployment
config: {get_resource: SshKnownHostsConfig}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ servers: {get_attr: [{{role.name}}Servers, value]}
{{role.name}}AllNodesDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: {{role.name}}AllNodesDeployment
config: {get_attr: [allNodesConfig, config_id]}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ servers: {get_attr: [{{role.name}}Servers, value]}
input_values:
# Note we have to use yaql to look up the first hostname/ip in the
# list because heat path based attributes operate on the attribute
properties:
name: {{role.name}}AllNodesValidationDeployment
config: {get_resource: AllNodesValidationConfig}
- servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ servers: {get_attr: [{{role.name}}Servers, value]}
{{role.name}}IpListMap:
type: OS::TripleO::Network::Ports::NetIpListMap
ServiceNames: {get_attr: [{{role.name}}ServiceNames, value]}
MonitoringSubscriptions: {get_attr: [{{role.name}}ServiceChainRoleData, value, monitoring_subscriptions]}
ServiceMetadataSettings: {get_attr: [{{role.name}}ServiceChainRoleData, value, service_metadata_settings]}
+ DeploymentServerBlacklistDict: {get_attr: [DeploymentServerBlacklistDict, value]}
+{% endfor %}
+
+{% for role in roles %}
+ {{role.name}}Servers:
+ type: OS::Heat::Value
+ depends_on: {{role.name}}
+ properties:
+ type: json
+ value:
+ yaql:
+ expression: let(servers=>switch(isDict($.data.servers) => $.data.servers, true => {})) -> $servers.deleteAll($servers.keys().where($servers[$] = null))
+ data:
+ servers: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
{% endfor %}
+ # This resource just creates a dict out of the DeploymentServerBlacklist,
+ # which is a list. The dict is used in the role templates to set a condition
+ # on whether to create the deployment resources. We can't use the list
+ # directly because there is no way to ask Heat if a list contains a specific
+ # value.
+ DeploymentServerBlacklistDict:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ map_merge:
+ repeat:
+ template:
+ hostname: 1
+ for_each:
+ hostname: {get_param: DeploymentServerBlacklist}
+
hostsConfig:
type: OS::TripleO::Hosts::SoftwareConfig
properties:
properties:
servers:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ {{role.name}}: {get_attr: [{{role.name}}Servers, value]}
{% endfor %}
input_values:
deploy_identifier: {get_param: DeployIdentifier}
properties:
servers:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ {{role.name}}: {get_attr: [{{role.name}}Servers, value]}
{% endfor %}
# Post deployment steps for all roles
properties:
servers:
{% for role in roles %}
- {{role.name}}: {get_attr: [{{role.name}}, attributes, nova_server_resource]}
+ {{role.name}}: {get_attr: [{{role.name}}Servers, value]}
{% endfor %}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
role_data:
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
BlockStorage:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
BlockStorageUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: BlockStorageUpgradeInitDeployment
server: {get_resource: BlockStorage}
BlockStorageDeployment:
type: OS::Heat::StructuredDeployment
depends_on: BlockStorageUpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: BlockStorageDeployment
server: {get_resource: BlockStorage}
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
description: Heat resource handle for the block storage server
value:
{get_resource: BlockStorage}
+ condition: server_not_blacklisted
external_ip_address:
description: IP address of the server in the external network
value: {get_attr: [ExternalPort, ip_address]}
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
CephStorage:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
CephStorageUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: CephStorageUpgradeInitDeployment
server: {get_resource: CephStorage}
CephStorageDeployment:
type: OS::Heat::StructuredDeployment
depends_on: CephStorageUpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: CephStorageDeployment
config: {get_resource: CephStorageConfig}
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
config: {get_resource: UpdateConfig}
server: {get_resource: CephStorage}
description: Heat resource handle for the ceph storage server
value:
{get_resource: CephStorage}
+ condition: server_not_blacklisted
external_ip_address:
description: IP address of the server in the external network
value: {get_attr: [ExternalPort, ip_address]}
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
NovaComputeUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: NovaComputeUpgradeInitDeployment
server: {get_resource: NovaCompute}
NovaComputeDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: NovaComputeUpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: NovaComputeDeployment
config: {get_resource: NovaComputeConfig}
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
nova_server_resource:
description: Heat resource handle for the Nova compute server
value:
- {get_resource: NovaCompute}
\ No newline at end of file
+ {get_resource: NovaCompute}
+ condition: server_not_blacklisted
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
parameter_groups:
- label: deprecated
parameters:
- controllerExtraConfig
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
+
+
resources:
Controller:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
+ condition: server_not_blacklisted
depends_on: PreNetworkConfig
properties:
name: NetworkDeployment
# but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
ControllerUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
+ condition: server_not_blacklisted
depends_on: NetworkDeployment
properties:
name: ControllerUpgradeInitDeployment
ControllerDeployment:
type: OS::TripleO::SoftwareDeployment
+ condition: server_not_blacklisted
depends_on: ControllerUpgradeInitDeployment
properties:
name: ControllerDeployment
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
+ condition: server_not_blacklisted
depends_on: NetworkDeployment
properties:
name: UpdateDeployment
description: Heat resource handle for the Nova compute server
value:
{get_resource: Controller}
+ condition: server_not_blacklisted
tls_key_modulus_md5:
description: MD5 checksum of the TLS Key Modulus
value: {get_attr: [NodeTLSData, key_modulus_md5]}
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
SwiftStorageUpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: SwiftStorageUpgradeInitDeployment
server: {get_resource: SwiftStorage}
SwiftStorageHieraDeploy:
type: OS::Heat::StructuredDeployment
depends_on: SwiftStorageUpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: SwiftStorageHieraDeploy
server: {get_resource: SwiftStorage}
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
config: {get_resource: UpdateConfig}
server: {get_resource: SwiftStorage}
description: Heat resource handle for the swift storage server
value:
{get_resource: SwiftStorage}
+ condition: server_not_blacklisted
external_ip_address:
description: IP address of the server in the external network
value: {get_attr: [ExternalPort, ip_address]}
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
environment files.
default: ''
+ DeploymentServerBlacklistDict:
+ default: {}
+ type: json
+ description: >
+ Map of server hostnames to blacklist from any triggered
+ deployments. If the value is 1, the server will be blacklisted. This
+ parameter is generated from the parent template.
+
+conditions:
+ server_not_blacklisted:
+ not:
+ equals:
+ - {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
+ - 1
resources:
{{role}}:
NetworkDeployment:
type: OS::TripleO::SoftwareDeployment
depends_on: PreNetworkConfig
+ condition: server_not_blacklisted
properties:
name: NetworkDeployment
config: {get_resource: NetworkConfig}
{{role}}UpgradeInitDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: {{role}}UpgradeInitDeployment
server: {get_resource: {{role}}}
{{role}}Deployment:
type: OS::Heat::StructuredDeployment
depends_on: {{role}}UpgradeInitDeployment
+ condition: server_not_blacklisted
properties:
name: {{role}}Deployment
config: {get_resource: {{role}}Config}
UpdateDeployment:
type: OS::Heat::SoftwareDeployment
depends_on: NetworkDeployment
+ condition: server_not_blacklisted
properties:
name: UpdateDeployment
config: {get_resource: UpdateConfig}
description: Heat resource handle for {{role}} server
value:
{get_resource: {{role}}}
+ condition: server_not_blacklisted
external_ip_address:
description: IP address of the server in the external network
value: {get_attr: [ExternalPort, ip_address]}
--- /dev/null
+---
+features:
+ - Added the ability to blacklist servers by name from being
+ associated with any Heat triggered SoftwareDeployment
+ resources. The servers are specified in the new
+ DeploymentServerBlacklist parameter.
Code Review / apex-tripleo-heat-templates.git / commitdiff