puppet/all-nodes-config.j2.yaml

   1 heat_template_version: pike
   2 description: 'All Nodes Config for Puppet'
   3
   4 parameters:
   5 {%- for network in networks if network.vip|default(false) %}
   6   cloud_name_{{network.name_lower}}:
   7     type: string
   8 {%- endfor %}
   9   cloud_name_ctlplane:
  10     type: string
  11   enabled_services:
  12     type: comma_delimited_list
  13   controller_ips:
  14     type: comma_delimited_list
  15   service_ips:
  16     type: json
  17   service_node_names:
  18     type: json
  19   short_service_node_names:
  20     type: json
  21   short_service_bootstrap_node:
  22     type: json
  23   controller_names:
  24     type: comma_delimited_list
  25   cellv2_discovery_hosts:
  26     type: comma_delimited_list
  27   NetVipMap:
  28     type: json
  29   RedisVirtualIP:
  30     type: string
  31     default: ''
  32   ServiceNetMap:
  33     type: json
  34   DeployIdentifier:
  35     type: string
  36     default: ''
  37     description: >
  38       Setting this to a unique value will re-run any deployment tasks which
  39       perform configuration on a Heat stack-update.
  40   UpdateIdentifier:
  41     type: string
  42     default: ''
  43     description: >
  44       Setting to a previously unused value during stack-update will trigger
  45       package update on all nodes
  46   StackAction:
  47     type: string
  48     description: >
  49       Heat action on performed top-level stack.  Note StackUpdateType is
  50       set to UPGRADE when a major-version upgrade is in progress.
  51     constraints:
  52     - allowed_values: ['CREATE', 'UPDATE']
  53   StackUpdateType:
  54     type: string
  55     description: >
  56       Type of update, to differentiate between UPGRADE and UPDATE cases
  57       when StackAction is UPDATE (both are the same stack action).
  58     constraints:
  59     - allowed_values: ['', 'UPGRADE']
  60     default: ''
  61   # NOTE(jaosorior): This is being set as IPA as it's the first
  62   # CA we'll actually be testing out. But we can change this if
  63   # people request it.
  64   CertmongerCA:
  65     type: string
  66     default: 'IPA'
  67   EnableInternalTLS:
  68     type: boolean
  69     default: false
  70
  71 {%- for network in networks %}
  72   {{network.name}}NetName:
  73     default: {{network.name_lower}}
  74     description: The name of the {{network.name_lower}} network.
  75     type: string
  76 {%- endfor %}
  77
  78
  79 resources:
  80
  81   allNodesConfigImpl:
  82     type: OS::Heat::StructuredConfig
  83     properties:
  84       group: hiera
  85       config:
  86         datafiles:
  87           bootstrap_node:
  88             bootstrap_nodeid: {get_input: bootstrap_nodeid}
  89             bootstrap_nodeid_ip: {get_input: bootstrap_nodeid_ip}
  90           all_nodes:
  91            map_merge:
  92               - enabled_services:
  93                   yaql:
  94                     expression: $.data.distinct()
  95                     data: {get_param: enabled_services}
  96               # This writes out a mapping of service_name_enabled: 'true'
  97               # For any services not enabled, hiera foo_enabled will
  98               # return nil, as it's undefined
  99               - map_merge:
 100                   repeat:
 101                     template:
 102                       # Note this must be string 'true' due to
 103                       # https://bugs.launchpad.net/heat/+bug/1617203
 104                       SERVICE_enabled: 'true'
 105                     for_each:
 106                       SERVICE: {get_param: enabled_services}
 107               # Dynamically generate per-service network data
 108               # This works as follows (outer->inner functions)
 109               # yaql - filters services where no mapping exists in ServiceNetMap
 110               #   map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
 111               #     map_merge/repeat: generate a per-service mapping
 112               - yaql:
 113                   # This filters any entries where the value hasn't been substituted for
 114                   # a list, e.g it's still $service_network.  This happens when there is
 115                   # no network defined for the service in the ServiceNetMap, which is OK
 116                   # as not all services have to be bound to a network, so we filter them
 117                   expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
 118                   data:
 119                     map:
 120                       map_replace:
 121                         - map_merge:
 122                             repeat:
 123                               template:
 124                                 SERVICE_network: SERVICE_network
 125                               for_each:
 126                                 SERVICE: {get_param: enabled_services}
 127                         - values: {get_param: ServiceNetMap}
 128               # Keystone doesn't provide separate entries for the public
 129               # and admin endpoints, so we need to add them here manually
 130               # like we do in the vip-config below
 131               - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]}
 132                 keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]}
 133               # provides a mapping of service_name_ips to a list of IPs
 134               - {get_param: service_ips}
 135               - {get_param: service_node_names}
 136               - {get_param: short_service_node_names}
 137               - {get_param: short_service_bootstrap_node}
 138               - controller_node_ips:
 139                   list_join:
 140                   - ','
 141                   - {get_param: controller_ips}
 142                 controller_node_names:
 143                   list_join:
 144                   - ','
 145                   - {get_param: controller_names}
 146               - cellv2_discovery_hosts:
 147                   list_join:
 148                   - ','
 149                   - {get_param: cellv2_discovery_hosts}
 150                 deploy_identifier: {get_param: DeployIdentifier}
 151                 update_identifier: {get_param: UpdateIdentifier}
 152                 stack_action: {get_param: StackAction}
 153                 stack_update_type: {get_param: StackUpdateType}
 154           vip_data:
 155             map_merge:
 156               # Dynamically generate per-service VIP data based on enabled_services
 157               # This works as follows (outer->inner functions)
 158               # yaql - filters services where no mapping exists in ServiceNetMap
 159               #   map_replace: substitute e.g internal_api with the IP from NetVipMap
 160               #     map_replace: substitute e.g heat_api_network with network name from ServiceNetMap
 161               #       map_merge/repeat: generate a per-service mapping
 162               - yaql:
 163                   # This filters any entries where the value hasn't been substituted for
 164                   # a list, e.g it's still $service_network.  This happens when there is
 165                   # no network defined for the service in the ServiceNetMap, which is OK
 166                   # as not all services have to be bound to a network, so we filter them
 167                   expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network")))
 168                   data:
 169                     map:
 170                       map_replace:
 171                         - map_replace:
 172                             - map_merge:
 173                                 repeat:
 174                                   template:
 175                                     SERVICE_vip: SERVICE_network
 176                                   for_each:
 177                                     SERVICE: {get_param: enabled_services}
 178                             - values: {get_param: ServiceNetMap}
 179                         - values: {get_param: NetVipMap}
 180               - keystone_admin_api_vip:
 181                   get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}]
 182                 keystone_public_api_vip:
 183                   get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}]
 184                 public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]}
 185                 controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
 186                 internal_api_virtual_ip: {get_param: [NetVipMap, {get_param: InternalApiNetName}]}
 187                 storage_virtual_ip: {get_param: [NetVipMap, {get_param: StorageNetName}]}
 188                 storage_mgmt_virtual_ip: {get_param: [NetVipMap, {get_param: StorageMgmtNetName}]}
 189                 redis_vip: {get_param: RedisVirtualIP}
 190                 # public_virtual_ip and controller_virtual_ip are needed in
 191                 # both HAproxy & keepalived.
 192                 tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]}
 193                 tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
 194                 tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]}
 195                 tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]}
 196                 tripleo::keepalived::internal_api_virtual_ip: {get_param: [NetVipMap, {get_param: InternalApiNetName}]}
 197                 tripleo::keepalived::storage_virtual_ip: {get_param: [NetVipMap, {get_param: StorageNetName}]}
 198                 tripleo::keepalived::storage_mgmt_virtual_ip: {get_param: [NetVipMap, {get_param: StorageMgmtNetName}]}
 199                 tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP}
 200                 tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]}
 201                 cloud_name_external: {get_param: cloud_name_external}
 202                 cloud_name_internal_api: {get_param: cloud_name_internal_api}
 203                 cloud_name_storage: {get_param: cloud_name_storage}
 204                 cloud_name_storage_mgmt: {get_param: cloud_name_storage_mgmt}
 205                 cloud_name_ctlplane: {get_param: cloud_name_ctlplane}
 206                 # TLS parameters
 207                 certmonger_ca: {get_param: CertmongerCA}
 208                 enable_internal_tls: {get_param: EnableInternalTLS}
 209
 210 outputs:
 211   config_id:
 212     description: The ID of the allNodesConfigImpl resource.
 213     value:
 214       {get_resource: allNodesConfigImpl}