heat_template_version: wallaby

description: >
  Post-deployment for the TripleO undercloud

parameters:
  servers:
    type: json
  DeployedServerPortMap:
    default: {}
    type: json
  UndercloudHomeDir:
    description: The HOME directory where the stackrc and ssh credentials for the Undercloud will be installed. Set to /home/<user> to customize the location.
    type: string
    default: '/root'
  AdminPassword: #supplied by tripleo-undercloud-passwords.yaml
    type: string
    description: The password for the keystone admin account, used for monitoring, querying neutron etc.
    hidden: True
  SSLCertificate:
    description: >
      The content of the SSL certificate (without Key) in PEM format.
    type: string
    default: ""
    hidden: True
  PublicSSLCertificateAutogenerated:
    default: false
    description: >
      Whether the public SSL certificate was autogenerated or not.
    type: boolean
  InternalTLSCAFile:
    default: '/etc/ipa/ca.crt'
    type: string
    description: Specifies the default CA cert to use if TLS is used for
                 services in the internal network.
  SnmpdReadonlyUserPassword:
    description: The user password for SNMPd with readonly rights running on all Overcloud nodes
    type: string
    hidden: true
  MysqlRootPassword:
    type: string
    hidden: true
    default: ''
  DnsServers:
    default: []
    description: >
      DNS servers to use for the Overcloud (2 max for some implementations).
      If not set the nameservers configured in the ctlplane subnet's
      dns_nameservers attribute will be used.
    type: comma_delimited_list
  CtlplaneLocalPhysicalNetwork:
    default: ctlplane
    type: string
    description: Physical network name for the ctlplane network local to the undercloud
  UndercloudCtlplaneSubnets:
    description: >
      Dictionary of subnets to configure on the Undercloud ctlplan network
    default: {}
    type: json
  UndercloudCtlplaneLocalSubnet:
    description: The subnet local to the undercloud on the ctlplane network
    default: ctlplane-subnet
    type: string
  UndercloudEnableRoutedNetworks:
    description: Enable support for routed ctlplane networks.
    default: False
    type: boolean
  UndercloudLocalMtu: # Override this via parameter_defaults
    default: 1500
    description: MTU to use for the Undercloud local_interface.
    type: number
    constraints:
      - range: { min: 1000, max: 65536 }
  UndercloudCtlplaneIPv6AddressMode:
    default: dhcpv6-stateless
    description: >
      IPv6 address configuration mode for the undercloud provisioning network.
    type: string
    constraints:
      - allowed_values: ['dhcpv6-stateless', 'dhcpv6-stateful']
  UndercloudCloudName:
    type: string
    default: 'undercloud'
    description: Cloud name for the clouds.yaml
  EndpointMap:
    default: {}
    description: Mapping of service endpoint -> protocol. Typically set
                 via parameter_defaults in the resource registry.
    type: json
  CloudDomain:
    default: 'localdomain'
    type: string
    description: >
      The DNS domain used for the hosts. This must match the
      overcloud_domain_name configured on the undercloud.

conditions:

  tls_enabled:
    or:
    - not:
        equals:
        - {get_param: SSLCertificate}
        - ""
    - equals:
        - {get_param: PublicSSLCertificateAutogenerated}
        - true

  ca_file_enabled:
    and:
    - not:
        equals:
        - {get_param: InternalTLSCAFile}
        - ""
    - tls_enabled

resources:
  UndercloudPostConfig:
    type: OS::Heat::SoftwareConfig
    properties:
      group: script
      inputs:
        - name: ssl_certificate
        - name: cloud_name
        - name: homedir
      config: {get_file: ./undercloud_post.sh}

  UndercloudPostDeployment:
    type: OS::Heat::SoftwareDeploymentGroup
    properties:
      name: UndercloudPostDeployment
      servers: {get_param: servers}
      config: {get_resource: UndercloudPostConfig}
      input_values:
        ssl_certificate: {get_param: SSLCertificate}
        cloud_name: {get_param: UndercloudCloudName}
        homedir: {get_param: UndercloudHomeDir}

  UndercloudPostPyConfig:
    type: OS::Heat::SoftwareConfig
    properties:
      group: script
      inputs:
        - name: config
      config: {get_file: ./undercloud_post.py}

  UndercloudPostPyDeployment:
    type: OS::Heat::SoftwareDeploymentGroup
    depends_on: UndercloudPostDeployment
    properties:
      name: UndercloudPostPyDeployment
      servers: {get_param: servers}
      config: {get_resource: UndercloudPostPyConfig}
      input_values:
        config:
          str_replace:
            template: JSON
            params:
              JSON:
                cloud_name: {get_param: UndercloudCloudName}
                home_dir: {get_param: UndercloudHomeDir}
                snmp_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
                undercloud_db_password: {get_param: MysqlRootPassword}
                undercloud_db_host: {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]}


  UndercloudCtlplaneNetworkConfig:
    type: OS::Heat::SoftwareConfig
    properties:
      group: script
      inputs:
        - name: config
      config: {get_file: ./undercloud_ctlplane_network.py}

  UndercloudCtlplaneNetworkDeployment:
    type: OS::Heat::SoftwareDeploymentGroup
    depends_on: UndercloudPostDeployment
    properties:
      name: UndercloudCtlplaneNetworkDeployment
      servers: {get_param: servers}
      config: {get_resource: UndercloudCtlplaneNetworkConfig}
      input_values:
        config:
          str_replace:
            template: JSON
            params:
              JSON:
                cloud_name: {get_param: UndercloudCloudName}
                cloud_domain: {get_param: CloudDomain}
                local_ip: {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]}
                local_subnet: {get_param: UndercloudCtlplaneLocalSubnet}
                physical_network: {get_param: CtlplaneLocalPhysicalNetwork}
                subnets: {get_param: UndercloudCtlplaneSubnets}
                enable_routed_networks: {get_param: UndercloudEnableRoutedNetworks}
                mtu: {get_param: UndercloudLocalMtu}
                home_dir: {get_param: UndercloudHomeDir}
                ipv6_address_mode: {get_param: UndercloudCtlplaneIPv6AddressMode}