heat_template_version: rocky description: > Post-deployment for the TripleO undercloud parameters: servers: type: json DeployedServerPortMap: default: {} type: json UndercloudHomeDir: description: The HOME directory where the stackrc and ssh credentials for the Undercloud will be installed. Set to /home/ to customize the location. type: string default: '/root' AdminPassword: #supplied by tripleo-undercloud-passwords.yaml type: string description: The password for the keystone admin account, used for monitoring, querying neutron etc. hidden: True SSLCertificate: description: > The content of the SSL certificate (without Key) in PEM format. type: string default: "" hidden: True PublicSSLCertificateAutogenerated: default: false description: > Whether the public SSL certificate was autogenerated or not. type: boolean InternalTLSCAFile: default: '/etc/ipa/ca.crt' type: string description: Specifies the default CA cert to use if TLS is used for services in the internal network. SnmpdReadonlyUserPassword: description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true MysqlRootPassword: type: string hidden: true default: '' DnsServers: default: [] description: > DNS servers to use for the Overcloud (2 max for some implementations). If not set the nameservers configured in the ctlplane subnet's dns_nameservers attribute will be used. type: comma_delimited_list CtlplaneLocalPhysicalNetwork: default: ctlplane type: string description: Physical network name for the ctlplane network local to the undercloud UndercloudCtlplaneSubnets: description: > Dictionary of subnets to configure on the Undercloud ctlplan network default: {} type: json UndercloudCtlplaneLocalSubnet: description: The subnet local to the undercloud on the ctlplane network default: ctlplane-subnet type: string UndercloudEnableRoutedNetworks: description: Enable support for routed ctlplane networks. default: False type: boolean UndercloudLocalMtu: # Override this via parameter_defaults default: 1500 description: MTU to use for the Undercloud local_interface. type: number constraints: - range: { min: 1000, max: 65536 } KeystoneRegion: type: string default: 'regionOne' description: Keystone region for endpoint UndercloudCloudName: type: string default: 'undercloud' description: Cloud name for the clouds.yaml EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json conditions: tls_enabled: or: - not: equals: - {get_param: SSLCertificate} - "" - equals: - {get_param: PublicSSLCertificateAutogenerated} - true ca_file_enabled: and: - not: equals: - {get_param: InternalTLSCAFile} - "" - tls_enabled resources: UndercloudPostConfig: type: OS::Heat::SoftwareConfig properties: group: script inputs: - name: deploy_identifier - name: admin_password - name: auth_url - name: internal_tls_ca_file - name: cloud_name config: {get_file: ./undercloud_post.sh} UndercloudPostDeployment: type: OS::Heat::SoftwareDeployments properties: name: UndercloudPostDeployment servers: {get_param: servers} config: {get_resource: UndercloudPostConfig} input_values: ssl_certificate: {get_param: SSLCertificate} homedir: {get_param: UndercloudHomeDir} admin_password: {get_param: AdminPassword} cloud_name: {get_param: UndercloudCloudName} internal_tls_ca_file: if: - ca_file_enabled - {get_param: InternalTLSCAFile} - '' auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} CloudsYamlConfig: type: OS::Heat::SoftwareConfig properties: group: script inputs: - name: admin_password - name: auth_url - name: cloud_name - name: home_dir - name: identity_api_version - name: project_name - name: project_domain_name - name: region_name - name: user_name - name: user_domain_name config: {get_file: ./clouds_yaml.py} CloudsYamlDeployment: type: OS::Heat::SoftwareDeployments properties: name: CloudsYamlDeployment servers: {get_param: servers} config: {get_resource: CloudsYamlConfig} input_values: admin_password: {get_param: AdminPassword} auth_url: {get_param: [EndpointMap, KeystonePublic, uri_no_suffix]} cloud_name: {get_param: UndercloudCloudName} home_dir: {get_param: UndercloudHomeDir} identity_api_version: 3 project_name: 'admin' project_domain_name: 'Default' region_name: {get_param: KeystoneRegion} user_name: 'admin' user_domain_name: 'Default' UndercloudPostPyConfig: type: OS::Heat::SoftwareConfig properties: group: script inputs: - name: config config: {get_file: ./undercloud_post.py} UndercloudPostPyDeployment: type: OS::Heat::SoftwareDeployments depends_on: [UndercloudPostDeployment, CloudsYamlDeployment] properties: name: UndercloudPostPyDeployment servers: {get_param: servers} config: {get_resource: UndercloudPostPyConfig} input_values: config: str_replace: template: JSON params: JSON: cloud_name: {get_param: UndercloudCloudName} home_dir: {get_param: UndercloudHomeDir} snmp_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} undercloud_db_password: {get_param: MysqlRootPassword} UndercloudCtlplaneNetworkConfig: type: OS::Heat::SoftwareConfig properties: group: script inputs: - name: config config: {get_file: ./undercloud_ctlplane_network.py} UndercloudCtlplaneNetworkDeployment: type: OS::Heat::SoftwareDeployments depends_on: [UndercloudPostDeployment, CloudsYamlDeployment] properties: name: UndercloudCtlplaneNetworkDeployment servers: {get_param: servers} config: {get_resource: UndercloudCtlplaneNetworkConfig} input_values: config: str_replace: template: JSON params: JSON: cloud_name: {get_param: UndercloudCloudName} local_ip: {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]} local_subnet: {get_param: UndercloudCtlplaneLocalSubnet} nameservers: {get_param: DnsServers} physical_network: {get_param: CtlplaneLocalPhysicalNetwork} subnets: {get_param: UndercloudCtlplaneSubnets} enable_routed_networks: {get_param: UndercloudEnableRoutedNetworks} mtu: {get_param: UndercloudLocalMtu} home_dir: {get_param: UndercloudHomeDir}