{%- set _networks = [] -%} {%- for network in networks if network.enabled|default(true) -%} {%- set _networks = _networks.append(network.name) -%} {%- endfor -%} heat_template_version: rocky description: 'All Nodes Config for Puppet' parameters: {%- for network in networks if network.vip|default(false) %} cloud_name_{{network.name_lower}}: type: string {%- endfor %} cloud_name_ctlplane: type: string enabled_services: type: comma_delimited_list controller_ips: type: comma_delimited_list service_ips: type: json service_node_names: type: json short_service_node_names: type: json short_service_bootstrap_node: type: json service_bootstrap_node_ip: type: json controller_names: type: comma_delimited_list NetVipMap: type: json RedisVirtualIP: type: string default: '' ServiceNetMap: type: json DeployIdentifier: type: string default: '' description: > Setting this to a unique value will re-run any deployment tasks which perform configuration on a Heat stack-update. UpdateIdentifier: type: string default: '' description: > Setting to a previously unused value during stack-update will trigger package update on all nodes StackAction: type: string description: > Heat action on performed top-level stack. Note StackUpdateType is set to UPGRADE when a major-version upgrade is in progress. constraints: - allowed_values: ['CREATE', 'UPDATE'] StackUpdateType: type: string description: > Type of update, to differentiate between UPGRADE and UPDATE cases when StackAction is UPDATE (both are the same stack action). constraints: - allowed_values: ['', 'UPGRADE', 'FASTFORWARDUPGRADE'] default: '' EnableInternalTLS: type: boolean default: false AllNodesExtraMapData: type: json default: {} description: Map of extra data (hieradata) to set on each node. {%- for network in networks if network.enabled|default(true) %} {{network.name}}NetName: default: {{network.name_lower}} description: The name of the {{network.name_lower}} network. type: string {%- endfor %} ContainerCli: type: string default: 'podman' description: CLI tool used to manage containers. constraints: - allowed_values: ['docker', 'podman'] resources: allNodesConfigValue: type: OS::Heat::Value properties: value: yaql: expression: $.data.all_nodes_extra_map_data.mergeWith($.data.all_nodes) data: all_nodes_extra_map_data: {get_param: AllNodesExtraMapData} all_nodes: map_merge: - enabled_services: yaql: expression: $.data.distinct() data: {get_param: enabled_services} # This writes out a mapping of service_name_enabled: 'true' # For any services not enabled, hiera foo_enabled will # return nil, as it's undefined - map_merge: repeat: template: # Note this must be string 'true' due to # https://bugs.launchpad.net/heat/+bug/1617203 SERVICE_enabled: 'true' for_each: SERVICE: {get_param: enabled_services} # Dynamically generate per-service network data # This works as follows (outer->inner functions) # yaql - filters services where no mapping exists in ServiceNetMap # map_replace: substitute e.g heat_api_network with network name from ServiceNetMap # map_merge/repeat: generate a per-service mapping - yaql: # This filters any entries where the value hasn't been substituted for # a list, e.g it's still $service_network. This happens when there is # no network defined for the service in the ServiceNetMap, which is OK # as not all services have to be bound to a network, so we filter them expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network"))) data: map: map_replace: - map_merge: repeat: template: SERVICE_network: SERVICE_network for_each: SERVICE: {get_param: enabled_services} - values: {get_param: ServiceNetMap} # Keystone doesn't provide separate entries for the public # and admin endpoints, so we need to add them here manually # like we do in the vip-config below - keystone_admin_api_network: {get_param: [ServiceNetMap, keystone_admin_api_network]} keystone_public_api_network: {get_param: [ServiceNetMap, keystone_public_api_network]} # provides a mapping of service_name_ips to a list of IPs - {get_param: service_ips} - {get_param: service_node_names} - {get_param: short_service_node_names} - {get_param: short_service_bootstrap_node} - {get_param: service_bootstrap_node_ip} - controller_node_ips: list_join: - ',' - {get_param: controller_ips} controller_node_names: list_join: - ',' - {get_param: controller_names} deploy_identifier: {get_param: DeployIdentifier} stack_action: {get_param: StackAction} stack_update_type: {get_param: StackUpdateType} container_cli: {get_param: ContainerCli} allNodesConfigImpl: type: OS::Heat::StructuredConfig properties: group: hiera config: datafiles: bootstrap_node: bootstrap_nodeid: {get_input: bootstrap_nodeid} all_nodes: {get_attr: [allNodesConfigValue, value]} vip_data: map_merge: # Dynamically generate per-service VIP data based on enabled_services # This works as follows (outer->inner functions) # yaql - filters services where no mapping exists in ServiceNetMap # map_replace: substitute e.g internal_api with the IP from NetVipMap # map_replace: substitute e.g heat_api_network with network name from ServiceNetMap # map_merge/repeat: generate a per-service mapping - yaql: # This filters any entries where the value hasn't been substituted for # a list, e.g it's still $service_network. This happens when there is # no network defined for the service in the ServiceNetMap, which is OK # as not all services have to be bound to a network, so we filter them expression: dict($.data.map.items().where(isString($[1]) and not $[1].endsWith("_network"))) data: map: map_replace: - map_replace: - map_merge: repeat: template: SERVICE_vip: SERVICE_network for_each: SERVICE: {get_param: enabled_services} - values: {get_param: ServiceNetMap} - values: {get_param: NetVipMap} - keystone_admin_api_vip: get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_admin_api_network]}] keystone_public_api_vip: get_param: [NetVipMap, {get_param: [ServiceNetMap, keystone_public_api_network]}] {%- if 'External' in _networks %} public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]} {%- else %} public_virtual_ip: {get_param: [NetVipMap, ctlplane]} {%- endif %} controller_virtual_ip: {get_param: [NetVipMap, ctlplane]} {%- if 'InternalApi' in _networks %} # the internal_api_virtual_ip is needed for contrail only internal_api_virtual_ip: {get_param: [NetVipMap, {get_param: InternalApiNetName}]} {%- endif %} network_virtual_ips: ctlplane: ip_address: {get_param: [NetVipMap, ctlplane]} index: 1 {%- for network in networks if network.vip|default(false) and network.enabled|default(true) %} # External virtual ip is currently being handled separately as public_virtual_ip. # Likewise, optional StorageNFS virtual ip is handled separately as ganesha_vip. {%- if network.name != 'External' and network.name != 'StorageNFS' %} {{network.name_lower}}: ip_address: {get_param: [NetVipMap, {get_param: {{network.name}}NetName}]} index: {{loop.index + 1}} {%- endif %} {%- endfor %} redis_vip: {get_param: RedisVirtualIP} {%- for network in networks if network.name == 'StorageNFS' and network.enabled|default(true) %} ganesha_vip: {get_param: [NetVipMap, {get_param: StorageNFSNetName}]} {%- endfor %} # public_virtual_ip and controller_virtual_ip are needed in # both HAproxy & keepalived. {%- if 'External' in _networks %} tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]} tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, {get_param: ExternalNetName}]} {%- else %} tripleo::haproxy::public_virtual_ip: {get_param: [NetVipMap, ctlplane]} tripleo::keepalived::public_virtual_ip: {get_param: [NetVipMap, ctlplane]} {%- endif %} tripleo::haproxy::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]} tripleo::keepalived::controller_virtual_ip: {get_param: [NetVipMap, ctlplane]} tripleo::keepalived::redis_virtual_ip: {get_param: RedisVirtualIP} tripleo::redis_notification::haproxy_monitor_ip: {get_param: [NetVipMap, ctlplane]} {%- for network in networks if network.vip|default(false) and network.enabled|default(true) %} cloud_name_{{network.name_lower}}: {get_param: cloud_name_{{network.name_lower}}} {%- endfor %} cloud_name_ctlplane: {get_param: cloud_name_ctlplane} enable_internal_tls: {get_param: EnableInternalTLS} outputs: config_id: description: The ID of the allNodesConfigImpl resource. value: {get_resource: allNodesConfigImpl} all_nodes_config: description: The all_nodes hieradata config value: {get_attr: [allNodesConfigValue, value]}