openstack/tripleo-heat-templates
Code Issues Proposed changes

Add NodeAdminUserData interface for "heat-admin" user

Browse Source 
Reinstates the heat-admin user via template user-data, which
replaces the previous boothook injected user provided by the
(deprecated now removed) heat instance_user option.

This has some advantages over the heat.conf option, e.g it allows
for much easier customzation of the user configuration (additional
SSH keys, adding groups etc), and also in future if we support
deploying more than one overcloud you could specify a different
user per deployment.

Co-Authored-By: Dan Prince <dprince@redhat.com>
Change-Id: I2235b9690c01542d8a28ec1c1a4607de751aea29
Closes-Bug: #1229849
This commit is contained in:
Steven Hardy 2015-09-03 10:38:59 +01:00
parent e83af2b8c0
commit d578cf1ac0
7 changed files with 123 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
firstboot/userdata_heat_admin.yaml Normal file
View File

@ -0,0 +1,29 @@
heat_template_version: 2014-10-16
parameters:
# Can be overriden via parameter_defaults in the environment
node_admin_username:
type: string
default: heat-admin
description: >
Uses cloud-init to create an additional user with a known name, in addition
to the distro-default user created by the cloud-init default.
resources:
userdata:
type: OS::Heat::MultipartMime
properties:
parts:
- config: {get_resource: user_config}
# Note this requires cloud-init >= 0.7.2 ref bug #1100920
user_config:
type: OS::Heat::CloudConfig
properties:
cloud_config:
user: {get_param: node_admin_username}
outputs:
OS::stack_id:
value: {get_resource: userdata}

4
overcloud-resource-registry-puppet.yaml
View File

@ -23,6 +23,10 @@ resource_registry:
OS::TripleO::BootstrapNode::SoftwareConfig: puppet/bootstrap-config.yaml
OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml
# This creates the "heat-admin" user for all OS images by default
# To disable, replace with firstboot/userdata_default.yaml
OS::TripleO::NodeAdminUserData: firstboot/userdata_heat_admin.yaml
# Hooks for operator extra config
# NodeUserData == Cloud-init additional user-data, e.g cloud-config
# ControllerExtraConfigPre == Controller configuration pre service deployment

19
puppet/ceph-storage-puppet.yaml
View File

@ -66,9 +66,26 @@ resources:
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
user_data: {get_resource: UserData}
name: {get_param: Hostname}
# Combine the NodeAdminUserData and NodeUserData mime archives
UserData:
type: OS::Heat::MultipartMime
properties:
parts:
- config: {get_resource: NodeAdminUserData}
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeAdminUserData:
type: OS::TripleO::NodeAdminUserData
# For optional operator additional userdata
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeUserData:
type: OS::TripleO::NodeUserData

19
puppet/cinder-storage-puppet.yaml
View File

@ -120,9 +120,26 @@ resources:
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
user_data: {get_resource: UserData}
name: {get_param: Hostname}
# Combine the NodeAdminUserData and NodeUserData mime archives
UserData:
type: OS::Heat::MultipartMime
properties:
parts:
- config: {get_resource: NodeAdminUserData}
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeAdminUserData:
type: OS::TripleO::NodeAdminUserData
# For optional operator additional userdata
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeUserData:
type: OS::TripleO::NodeUserData

19
puppet/compute-puppet.yaml
View File

@ -260,9 +260,26 @@ resources:
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
user_data: {get_resource: UserData}
name: {get_param: Hostname}
# Combine the NodeAdminUserData and NodeUserData mime archives
UserData:
type: OS::Heat::MultipartMime
properties:
parts:
- config: {get_resource: NodeAdminUserData}
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeAdminUserData:
type: OS::TripleO::NodeAdminUserData
# For optional operator additional userdata
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeUserData:
type: OS::TripleO::NodeUserData

19
puppet/controller-puppet.yaml
View File

@ -528,9 +528,26 @@ resources:
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
user_data: {get_resource: UserData}
name: {get_param: Hostname}
# Combine the NodeAdminUserData and NodeUserData mime archives
UserData:
type: OS::Heat::MultipartMime
properties:
parts:
- config: {get_resource: NodeAdminUserData}
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeAdminUserData:
type: OS::TripleO::NodeAdminUserData
# For optional operator additional userdata
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeUserData:
type: OS::TripleO::NodeUserData

19
puppet/swift-storage-puppet.yaml
View File

@ -89,9 +89,26 @@ resources:
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: NodeUserData}
user_data: {get_resource: UserData}
name: {get_param: Hostname}
# Combine the NodeAdminUserData and NodeUserData mime archives
UserData:
type: OS::Heat::MultipartMime
properties:
parts:
- config: {get_resource: NodeAdminUserData}
type: multipart
- config: {get_resource: NodeUserData}
type: multipart
# Creates the "heat-admin" user if configured via the environment
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeAdminUserData:
type: OS::TripleO::NodeAdminUserData
# For optional operator additional userdata
# Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeUserData:
type: OS::TripleO::NodeUserData