2f2d8183e6
When using neutron routed networks we need to specify either the subnet or a ip address in the fixed-ips-request when creating neutron ports. a) For the Vip's: Adds VipSubnetMap and VipSubnetMapDefaults parameters in service_net_map.yaml. The two maps are merged, so that the operator can override the subnet where VIP port should be hosted. For example: parameter_defaults: VipSubnetMap: ctlplane: ctlplane-leaf1 InternalApi: internal_api_leaf1 Storage: storage_leaf1 redis: internal_api_leaf1 b) For overcloud node ports: Enrich 'networks' in roles defenition to include both network and subnet data. Changes the list to a map instead of a list of strings. New schema: - name: <role_name> networks: <network_name> subnet: <subnet_name> For backward compatibility a conditional is used to check if the data is a map or not. In either case the internal list of role networks is created as '_role_networks' in the jinja2 templates. When the data is a map, and the map contains the 'subnet' key the subnet specified in roles_data.yaml is used as the subnet in the fixed-ips-reqest when ports are created. If subnet is not set (or role.networks is not a map) the default will be {{network.name_lower}}_subnet. Also, since the fixed_ips request passed to Vip ports are no longer [] by default, the conditinal has been updated to test for 'ip_address' entries in the request. Partial: blueprint tripleo-routed-networks-templates Depends-On: I773a38fd903fe287132151a4d178326a46890969 Change-Id: I77edc82723d00bfece6752b5dd2c79137db93443
924 lines
34 KiB
YAML
924 lines
34 KiB
YAML
{#- ## Some variables are set to enable rendering backwards compatible templates #}
|
|
{#- ## where a few parameter/resource names don't match the expected pattern #}
|
|
{#- ## FIXME: we need some way to deprecate the old inconsistent parameters #}
|
|
{%- set server_resource_name = role.deprecated_server_resource_name|default(role.name) -%}
|
|
heat_template_version: rocky
|
|
description: 'OpenStack {{role.name}} node configured by Puppet'
|
|
parameters:
|
|
{%- set default_flavor_name = role.FlavorDefault|default('baremetal') %}
|
|
{%- if role.deprecated_param_flavor is defined %}
|
|
{{role.deprecated_param_flavor}}:
|
|
description: DEPRECATED Use Overcloud{{role.name}}Flavor instead.
|
|
default: {{default_flavor_name}}
|
|
type: string
|
|
{%- endif %}
|
|
Overcloud{{role.name}}Flavor:
|
|
description: Flavor for the {{role.name}} node.
|
|
default: {{default_flavor_name}}
|
|
type: string
|
|
{%- if role.disable_constraints is not defined %}
|
|
constraints:
|
|
- custom_constraint: nova.flavor
|
|
{%- endif %}
|
|
{%- set default_image_name = role.ImageDefault|default('overcloud-full') %}
|
|
{%- if role.deprecated_param_image is defined %}
|
|
{{role.deprecated_param_image}}:
|
|
type: string
|
|
default: {{default_image_name}}
|
|
description: DEPRECATED Use {{role.name}}Image instead
|
|
{%- endif %}
|
|
{{role.name}}Image:
|
|
type: string
|
|
default: {{default_image_name}}
|
|
description: The disk image file to use for the role.
|
|
{%- if role.disable_constraints is not defined %}
|
|
constraints:
|
|
- custom_constraint: glance.image
|
|
{%- endif %}
|
|
ImageUpdatePolicy:
|
|
default: 'REBUILD_PRESERVE_EPHEMERAL'
|
|
description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
|
|
type: string
|
|
KeyName:
|
|
description: Name of an existing Nova key pair to enable SSH access to the instances
|
|
type: string
|
|
default: default
|
|
{%- if role.disable_constraints is not defined %}
|
|
constraints:
|
|
- custom_constraint: nova.keypair
|
|
{%- endif %}
|
|
NeutronPhysicalBridge:
|
|
default: 'br-ex'
|
|
description: An OVS bridge to create for accessing external networks.
|
|
type: string
|
|
NeutronPublicInterface:
|
|
default: nic1
|
|
description: Which interface to add to the NeutronPhysicalBridge.
|
|
type: string
|
|
ServiceNetMap:
|
|
default: {}
|
|
description: Mapping of service_name -> network name. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
EndpointMap:
|
|
default: {}
|
|
description: Mapping of service endpoint -> protocol. Typically set
|
|
via parameter_defaults in the resource registry.
|
|
type: json
|
|
UpdateIdentifier:
|
|
default: ''
|
|
type: string
|
|
description: >
|
|
Setting to a previously unused value during stack-update will trigger
|
|
package update on all nodes
|
|
Hostname:
|
|
type: string
|
|
default: '' # Defaults to Heat created hostname
|
|
HostnameMap:
|
|
type: json
|
|
default: {}
|
|
description: Optional mapping to override hostnames
|
|
ExtraConfig:
|
|
default: {}
|
|
description: |
|
|
Additional hiera configuration to inject into the cluster. Note
|
|
that {{role.name}}ExtraConfig takes precedence over ExtraConfig.
|
|
type: json
|
|
{{role.name}}ExtraConfig:
|
|
default: {}
|
|
description: |
|
|
Role specific additional hiera configuration to inject into the cluster.
|
|
type: json
|
|
{%- if role.deprecated_param_extraconfig is defined %}
|
|
{{role.deprecated_param_extraconfig}}:
|
|
default: {}
|
|
description: |
|
|
DEPRECATED use {{role.name}}ExtraConfig instead
|
|
type: json
|
|
{%- endif %}
|
|
{{role.name}}IPs:
|
|
default: {}
|
|
type: json
|
|
{%- if role.deprecated_param_ips is defined %}
|
|
{{role.deprecated_param_ips}}:
|
|
default: {}
|
|
description: DEPRECATED - use {{role.name}}IPs instead
|
|
type: json
|
|
{%- endif %}
|
|
{{role.name}}NetworkDeploymentActions:
|
|
type: comma_delimited_list
|
|
description: >
|
|
Heat action when to apply network configuration changes
|
|
default: []
|
|
NetworkDeploymentActions:
|
|
type: comma_delimited_list
|
|
description: >
|
|
Heat action when to apply network configuration changes
|
|
default: ['CREATE']
|
|
SoftwareConfigTransport:
|
|
default: POLL_SERVER_CFN
|
|
description: |
|
|
How the server should receive the metadata required for software configuration.
|
|
type: string
|
|
constraints:
|
|
- allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
|
|
CloudDomain:
|
|
default: 'localdomain'
|
|
type: string
|
|
description: >
|
|
The DNS domain used for the hosts. This must match the
|
|
overcloud_domain_name configured on the undercloud.
|
|
{{role.name}}ServerMetadata:
|
|
default: {}
|
|
description: >
|
|
Extra properties or metadata passed to Nova for the created nodes in
|
|
the overcloud. It's accessible via the Nova metadata API. This option is
|
|
role-specific and is merged with the values given to the ServerMetadata
|
|
parameter.
|
|
type: json
|
|
{%- if role.deprecated_param_metadata is defined %}
|
|
{{role.deprecated_param_metadata}}:
|
|
default: {}
|
|
description: DEPRECATED - use {{role.name}}ServerMetadata instead
|
|
type: json
|
|
{%- endif %}
|
|
ServerMetadata:
|
|
default: {}
|
|
description: >
|
|
Extra properties or metadata passed to Nova for the created nodes in
|
|
the overcloud. It's accessible via the Nova metadata API. This applies to
|
|
all roles and is merged with a role-specific metadata parameter.
|
|
type: json
|
|
{{role.name}}SchedulerHints:
|
|
type: json
|
|
description: Optional scheduler hints to pass to nova
|
|
default: {}
|
|
NodeIndex:
|
|
type: number
|
|
default: 0
|
|
ServiceConfigSettings:
|
|
type: json
|
|
default: {}
|
|
ServiceNames:
|
|
type: comma_delimited_list
|
|
default: []
|
|
MonitoringSubscriptions:
|
|
type: comma_delimited_list
|
|
default: []
|
|
ServiceMetadataSettings:
|
|
type: json
|
|
default: {}
|
|
ConfigCommand:
|
|
type: string
|
|
description: Command which will be run whenever configuration data changes
|
|
default: os-refresh-config --timeout 14400
|
|
ConfigCollectSplay:
|
|
type: number
|
|
default: 30
|
|
description: |
|
|
Maximum amount of time to possibly to delay configuration collection
|
|
polling. Defaults to 30 seconds. Set to 0 to disable it which will cause
|
|
the configuration collection to occur as soon as the collection process
|
|
starts. This setting is used to prevent the configuration collection
|
|
processes from polling all at the exact same time.
|
|
UpgradeInitCommand:
|
|
type: string
|
|
description: |
|
|
Command or script snippet to run on all overcloud nodes to
|
|
initialize the upgrade process. E.g. a repository switch.
|
|
default: ''
|
|
UpgradeInitCommonCommand:
|
|
type: string
|
|
description: |
|
|
Common commands required by the upgrades process. This should not
|
|
normally be modified by the operator and is set and unset in the
|
|
major-upgrade-composable-steps.yaml and major-upgrade-converge.yaml
|
|
environment files.
|
|
default: ''
|
|
DeploymentServerBlacklistDict:
|
|
default: {}
|
|
type: json
|
|
description: >
|
|
Map of server hostnames to blacklist from any triggered
|
|
deployments. If the value is 1, the server will be blacklisted. This
|
|
parameter is generated from the parent template.
|
|
RoleParameters:
|
|
type: json
|
|
description: Parameters specific to the role
|
|
default: {}
|
|
DeploymentSwiftDataMap:
|
|
type: json
|
|
description: |
|
|
Map of servers to Swift container and object for storing deployment data.
|
|
The keys are the Heat assigned hostnames, and the value is a map of the
|
|
container/object name in Swift. Example value:
|
|
overcloud-controller-0:
|
|
container: overcloud-controller
|
|
object: 0
|
|
overcloud-controller-1:
|
|
container: overcloud-controller
|
|
object: 1
|
|
overcloud-controller-2:
|
|
container: overcloud-controller
|
|
object: 2
|
|
overcloud-novacompute-0:
|
|
container: overcloud-compute
|
|
object: 0
|
|
default: {}
|
|
{{role.name}}ControlPlaneSubnet:
|
|
default: ctlplane-subnet
|
|
description: |
|
|
Name of the subnet on ctlplane network for this role.
|
|
type: string
|
|
{{role.name}}AnyErrorsFatal:
|
|
default: yes
|
|
type: string
|
|
{#- We generally won't want any failures on HA Controller roles, 15% will cause any 1 node to fail the deploy, #}
|
|
{#- for a 3 or 5 node Role, making it a fairly safe default. #}
|
|
{{role.name}}MaxFailPercentage:
|
|
default: 15
|
|
type: number
|
|
ControlPlaneSubnetCidr:
|
|
default: ''
|
|
description: >
|
|
The subnet CIDR of the control plane network. (The parameter is
|
|
automatically resolved from the ctlplane subnet's cidr attribute.)
|
|
type: string
|
|
ControlPlaneDefaultRoute:
|
|
default: ''
|
|
description: The default route of the control plane network. (The parameter
|
|
is automatically resolved from the ctlplane subnet's gateway_ip attribute.)
|
|
type: string
|
|
ControlPlaneStaticRoutes:
|
|
default: []
|
|
description: >
|
|
Routes for the ctlplane network traffic.
|
|
JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}]
|
|
Unless the default is changed, the parameter is automatically resolved
|
|
from the subnet host_routes attribute.
|
|
type: json
|
|
EC2MetadataIp:
|
|
default: ''
|
|
description: The IP address of the EC2 metadata server. (The parameter
|
|
is automatically resolved from the ctlplane subnet's host_routes attribute.)
|
|
type: string
|
|
DnsServers: # Override this via parameter_defaults
|
|
default: []
|
|
description: >
|
|
DNS servers to use for the Overcloud (2 max for some implementations).
|
|
If not set the nameservers configured in the ctlplane subnet's
|
|
dns_nameservers attribute will be used.
|
|
type: comma_delimited_list
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
{{network.name}}InterfaceRoutes:
|
|
default: []
|
|
description: >
|
|
Routes for the {{network.name_lower}} network traffic.
|
|
JSON route e.g. [{'destination':'10.0.0.0/16', 'nexthop':'10.0.0.1'}]
|
|
Unless the default is changed, the parameter is automatically resolved
|
|
from the subnet host_routes attribute.
|
|
type: json
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
|
|
ServerDeletionPolicy:
|
|
description: Whether to retain or delete servers on deletion of the stack
|
|
type: string
|
|
default: delete
|
|
constraints:
|
|
- allowed_values: [delete, retain]
|
|
|
|
UserData:
|
|
type: string
|
|
|
|
{% if role.uses_deprecated_params|default(false) %}
|
|
parameter_groups:
|
|
- label: deprecated
|
|
description: Do not use deprecated params, they will be removed.
|
|
parameters:
|
|
{%- for property in role %}
|
|
{%- if property.startswith('deprecated_param_') and not role[property].endswith('SchedulerHints') %}
|
|
- {{role[property]}}
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
{%- endif %}
|
|
|
|
conditions:
|
|
server_blacklisted:
|
|
equals:
|
|
- {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
|
|
- 1
|
|
server_not_blacklisted:
|
|
not:
|
|
equals:
|
|
- {get_param: [DeploymentServerBlacklistDict, {get_param: Hostname}]}
|
|
- 1
|
|
deployment_swift_data_map_unset:
|
|
equals:
|
|
- get_param:
|
|
- DeploymentSwiftDataMap
|
|
- {get_param: Hostname}
|
|
- ""
|
|
{%- if role.deprecated_param_image is defined %}
|
|
deprecated_param_image_set:
|
|
not:
|
|
equals:
|
|
- {get_param: {{role.deprecated_param_image}}}
|
|
- {{default_image_name}}
|
|
{%- endif %}
|
|
{%- if role.deprecated_param_flavor is defined %}
|
|
deprecated_param_flavor_set:
|
|
not:
|
|
equals:
|
|
- {get_param: {{role.deprecated_param_flavor}}}
|
|
- {{default_flavor_name}}
|
|
{%- endif %}
|
|
role_network_deployment_actions_exists:
|
|
not:
|
|
equals:
|
|
- {get_param: {{role.name}}NetworkDeploymentActions}
|
|
- []
|
|
ctlplane_fixed_ip_set:
|
|
or:
|
|
- not:
|
|
equals:
|
|
- {get_param: [{{role.name}}IPs, 'ctlplane', {get_param: NodeIndex}]}
|
|
- ""
|
|
{%- if role.deprecated_param_ips %}
|
|
- not:
|
|
equals:
|
|
- {get_param: [{{role.deprecated_param_ips}}, 'ctlplane', {get_param: NodeIndex}]}
|
|
- ""
|
|
{%- endif %}
|
|
- false # NOTE(hjensas): Make sure 'or' get's 2 conditions or more
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
{{role.name}}_{{network.name}}_fixed_ip_set:
|
|
not:
|
|
equals:
|
|
- {get_param: [{{role.name}}IPs, '{{network.name_lower}}', {get_param: NodeIndex}]}
|
|
- ''
|
|
{{network.name_lower}}_interface_routes_set:
|
|
not:
|
|
equals:
|
|
- {get_param: {{network.name}}InterfaceRoutes}
|
|
- []
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
ctlplane_subnet_cidr_set:
|
|
not:
|
|
equals: [{get_param: ControlPlaneSubnetCidr}, '']
|
|
ctlplane_default_route_set:
|
|
not:
|
|
equals: [{get_param: ControlPlaneDefaultRoute}, '']
|
|
ctlplane_static_routes_set:
|
|
not:
|
|
equals: [{get_param: ControlPlaneStaticRoutes}, []]
|
|
ec2metadaip_set:
|
|
not:
|
|
equals: [{get_param: EC2MetadataIp}, '']
|
|
dnsservers_set:
|
|
not:
|
|
equals: [{get_param: DnsServers}, []]
|
|
|
|
resources:
|
|
{{server_resource_name}}:
|
|
type: OS::TripleO::{{role.name}}Server
|
|
deletion_policy: {get_param: ServerDeletionPolicy}
|
|
metadata:
|
|
os-collect-config:
|
|
command: {get_param: ConfigCommand}
|
|
splay: {get_param: ConfigCollectSplay}
|
|
properties:
|
|
image:
|
|
{%- if role.deprecated_param_image is defined %}
|
|
if:
|
|
- deprecated_param_image_set
|
|
- {get_param: {{role.deprecated_param_image}}}
|
|
- {get_param: {{role.name}}Image}
|
|
{%- else %}
|
|
get_param: {{role.name}}Image
|
|
{%- endif %}
|
|
image_update_policy: {get_param: ImageUpdatePolicy}
|
|
flavor:
|
|
{%- if role.deprecated_param_flavor is defined %}
|
|
if:
|
|
- deprecated_param_flavor_set
|
|
- {get_param: {{role.deprecated_param_flavor}}}
|
|
- {get_param: Overcloud{{role.name}}Flavor}
|
|
{%- else %}
|
|
get_param: Overcloud{{role.name}}Flavor
|
|
{%- endif %}
|
|
key_name: {get_param: KeyName}
|
|
networks:
|
|
- if:
|
|
- ctlplane_fixed_ip_set
|
|
- network: ctlplane
|
|
subnet: {get_param: {{role.name}}ControlPlaneSubnet}
|
|
fixed_ip:
|
|
yaql:
|
|
expression: $.data.where(not isEmpty($)).first()
|
|
data:
|
|
- get_param: [{{role.name}}IPs, 'ctlplane', {get_param: NodeIndex}]
|
|
{%- if role.deprecated_param_ips %}
|
|
- get_param: [{{role.deprecated_param_ips}}, 'ctlplane', {get_param: NodeIndex}]
|
|
{%- endif %}
|
|
- network: ctlplane
|
|
subnet: {get_param: {{role.name}}ControlPlaneSubnet}
|
|
user_data_format: SOFTWARE_CONFIG
|
|
user_data: {get_param: UserData}
|
|
name:
|
|
yaql:
|
|
expression: $.data.hostname_map.get($.data.hostname, $.data.hostname).toLower()
|
|
data:
|
|
hostname: {get_param: Hostname}
|
|
hostname_map: {get_param: HostnameMap}
|
|
software_config_transport: {get_param: SoftwareConfigTransport}
|
|
metadata:
|
|
map_merge:
|
|
- {get_param: ServerMetadata}
|
|
{%- if role.deprecated_param_metadata is defined %}
|
|
- {get_param: {{role.deprecated_param_metadata}}}
|
|
{%- endif %}
|
|
- {get_param: {{role.name}}ServerMetadata}
|
|
- {get_param: ServiceMetadataSettings}
|
|
scheduler_hints: {get_param: {{role.name}}SchedulerHints}
|
|
deployment_swift_data:
|
|
if:
|
|
- deployment_swift_data_map_unset
|
|
- {}
|
|
- {get_param: [DeploymentSwiftDataMap,
|
|
{get_param: Hostname}]}
|
|
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
{{network.name}}Port:
|
|
type: OS::TripleO::{{role.name}}::Ports::{{network.name}}Port
|
|
properties:
|
|
PortName:
|
|
list_join:
|
|
- '_'
|
|
- - {get_attr: [{{server_resource_name}}, name]}
|
|
- {{network.name}}
|
|
ControlPlaneIP: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
|
|
FixedIPs:
|
|
if:
|
|
- {{role.name}}_{{network.name}}_fixed_ip_set
|
|
- [{ip_address: {get_param: [{{role.name}}IPs, '{{network.name_lower}}', {get_param: NodeIndex}]}}]
|
|
{%- if role.networks is mapping and role.networks.get(network.name) %}
|
|
- [{subnet: {{role.networks[network.name].get('subnet', network.name_lower + '_subnet')}}}]
|
|
{%- else %}
|
|
- [{subnet: {{network.name_lower}}_subnet}]
|
|
{%- endif %}
|
|
ControlPlaneSubnetCidr:
|
|
if:
|
|
- ctlplane_subnet_cidr_set
|
|
- {get_param: ControlPlaneSubnetCidr}
|
|
# DeployedServer docs specify 'cidr: 24' in DeployedServerPortMap.
|
|
# Support both that, and 'cidr: 192.168.24.0/24'.
|
|
- yaql:
|
|
expression: str("{0}".format($.data).split("/")[-1])
|
|
data: {get_attr: [{{server_resource_name}}, addresses, ctlplane, 0, subnets, 0, cidr]}
|
|
IPPool:
|
|
map_merge:
|
|
{%- if role.deprecated_param_ips is defined %}
|
|
- {get_param: {{role.deprecated_param_ips}}}
|
|
{%- endif %}
|
|
- {get_param: {{role.name}}IPs}
|
|
NodeIndex: {get_param: NodeIndex}
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
|
|
NetworkConfig:
|
|
type: OS::TripleO::{{role.name}}::Net::SoftwareConfig
|
|
properties:
|
|
ControlPlaneIp: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
|
|
ControlPlaneSubnetCidr:
|
|
if:
|
|
- ctlplane_subnet_cidr_set
|
|
- {get_param: ControlPlaneSubnetCidr}
|
|
- yaql:
|
|
expression: str("{0}".format($.data).split("/")[-1])
|
|
data: {get_attr: [{{server_resource_name}}, addresses, ctlplane, 0, subnets, 0, cidr]}
|
|
|
|
ControlPlaneDefaultRoute:
|
|
if:
|
|
- ctlplane_default_route_set
|
|
- {get_param: ControlPlaneDefaultRoute}
|
|
- {get_attr: [{{server_resource_name}}, addresses, ctlplane, 0, subnets, 0, gateway_ip]}
|
|
ControlPlaneStaticRoutes:
|
|
if:
|
|
- ctlplane_static_routes_set
|
|
- {get_param: ControlPlaneStaticRoutes}
|
|
- {get_attr: [{{server_resource_name}}, addresses, ctlplane, 0, subnets, 0, host_routes]}
|
|
ControlPlaneMtu: {get_attr: [{{server_resource_name}}, addresses, ctlplane, 0, network, mtu]}
|
|
EC2MetadataIp:
|
|
if:
|
|
- ec2metadaip_set
|
|
- {get_param: EC2MetadataIp}
|
|
- yaql:
|
|
# NOTE(hjensas): DeployedServer sets the EC2MetadataIp in DeployedServerEnvironment.
|
|
# Return an empty string if there are no host_routes in the subnet. (Standalone and Container Undercloud)
|
|
expression: switch($.data = null => '', $.data != null => $.data.where($.destination = "169.254.169.254/32").nexthop.first())
|
|
data: {get_attr: [{{server_resource_name}}, addresses, ctlplane, 0, subnets, 0, host_routes]}
|
|
DnsServers:
|
|
if:
|
|
- dnsservers_set
|
|
- {get_param: DnsServers}
|
|
- {get_attr: [{{server_resource_name}}, addresses, ctlplane, 0, subnets, 0, dns_nameservers]}
|
|
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
{{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]}
|
|
{{network.name}}InterfaceRoutes:
|
|
if:
|
|
- {{network.name_lower}}_interface_routes_set
|
|
- {get_param: {{network.name}}InterfaceRoutes}
|
|
- {get_attr: [{{network.name}}Port, host_routes]}
|
|
{{network.name}}Mtu: {get_attr: [{{network.name}}Port, mtu]}
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
|
|
NetIpMap:
|
|
type: OS::TripleO::Network::Ports::NetIpMap
|
|
properties:
|
|
ControlPlaneIp: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
|
|
ControlPlaneSubnetCidr:
|
|
if:
|
|
- ctlplane_subnet_cidr_set
|
|
- {get_param: ControlPlaneSubnetCidr}
|
|
- yaql:
|
|
expression: str("{0}".format($.data).split("/")[-1])
|
|
data: {get_attr: [{{server_resource_name}}, addresses, ctlplane, 0, subnets, 0, cidr]}
|
|
|
|
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
{{network.name}}Ip: {get_attr: [{{network.name}}Port, ip_address]}
|
|
{{network.name}}IpSubnet: {get_attr: [{{network.name}}Port, ip_subnet]}
|
|
{{network.name}}IpUri: {get_attr: [{{network.name}}Port, ip_address_uri]}
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
|
|
NetHostMap:
|
|
type: OS::Heat::Value
|
|
properties:
|
|
type: json
|
|
value:
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
{{network.name_lower}}:
|
|
fqdn:
|
|
list_join:
|
|
- '.'
|
|
- - {get_attr: [{{server_resource_name}}, name]}
|
|
- {{network.name.lower()}}
|
|
- {get_param: CloudDomain}
|
|
short:
|
|
list_join:
|
|
- '.'
|
|
- - {get_attr: [{{server_resource_name}}, name]}
|
|
- {{network.name.lower()}}
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
ctlplane:
|
|
fqdn:
|
|
list_join:
|
|
- '.'
|
|
- - {get_attr: [{{server_resource_name}}, name]}
|
|
- ctlplane
|
|
- {get_param: CloudDomain}
|
|
short:
|
|
list_join:
|
|
- '.'
|
|
- - {get_attr: [{{server_resource_name}}, name]}
|
|
- ctlplane
|
|
canonical:
|
|
fqdn:
|
|
list_join:
|
|
- '.'
|
|
- - {get_attr: [{{server_resource_name}}, name]}
|
|
- {get_param: CloudDomain}
|
|
short:
|
|
- {get_attr: [{{server_resource_name}}, name]}
|
|
|
|
PreNetworkConfig:
|
|
type: OS::TripleO::{{role.name}}::PreNetworkConfig
|
|
properties:
|
|
server: {get_resource: {{server_resource_name}}}
|
|
RoleParameters: {get_param: RoleParameters}
|
|
ServiceNames: {get_param: ServiceNames}
|
|
deployment_actions: {get_attr: [DeploymentActions, value]}
|
|
|
|
NetworkDeployment:
|
|
type: OS::TripleO::SoftwareDeployment
|
|
depends_on: PreNetworkConfig
|
|
properties:
|
|
name: NetworkDeployment
|
|
config: {get_resource: NetworkConfig}
|
|
server: {get_resource: {{server_resource_name}}}
|
|
input_values:
|
|
bridge_name: {get_param: NeutronPhysicalBridge}
|
|
interface_name: {get_param: NeutronPublicInterface}
|
|
actions:
|
|
if:
|
|
- server_not_blacklisted
|
|
- if:
|
|
- role_network_deployment_actions_exists
|
|
- {get_param: {{role.name}}NetworkDeploymentActions}
|
|
- {get_param: NetworkDeploymentActions}
|
|
- []
|
|
|
|
{{server_resource_name}}UpgradeInitConfig:
|
|
type: OS::Heat::SoftwareConfig
|
|
properties:
|
|
group: script
|
|
config:
|
|
list_join:
|
|
- ''
|
|
- - "#!/bin/bash\n\n"
|
|
- "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
|
|
- get_param: UpgradeInitCommand
|
|
- get_param: UpgradeInitCommonCommand
|
|
|
|
# Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
|
|
# but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
|
|
{{server_resource_name}}UpgradeInitDeployment:
|
|
type: OS::Heat::SoftwareDeployment
|
|
depends_on: NetworkDeployment
|
|
properties:
|
|
name: {{server_resource_name}}UpgradeInitDeployment
|
|
server: {get_resource: {{server_resource_name}}}
|
|
config: {get_resource: {{server_resource_name}}UpgradeInitConfig}
|
|
actions:
|
|
if:
|
|
- server_not_blacklisted
|
|
- ['CREATE', 'UPDATE']
|
|
- []
|
|
|
|
{{server_resource_name}}Deployment:
|
|
type: OS::Heat::StructuredDeployment
|
|
depends_on: {{server_resource_name}}UpgradeInitDeployment
|
|
properties:
|
|
name: {{server_resource_name}}Deployment
|
|
config: {get_resource: {{server_resource_name}}Config}
|
|
server: {get_resource: {{server_resource_name}}}
|
|
actions:
|
|
if:
|
|
- server_not_blacklisted
|
|
- ['CREATE', 'UPDATE']
|
|
- []
|
|
|
|
{{server_resource_name}}Config:
|
|
type: OS::Heat::StructuredConfig
|
|
properties:
|
|
group: hiera
|
|
config:
|
|
hierarchy:
|
|
- '"%{::uuid}"'
|
|
- docker_puppet # Optionally provided by docker-puppet.py
|
|
- heat_config_%{::deploy_config_name}
|
|
- config_step
|
|
- {{role.name.lower()}}_extraconfig
|
|
- extraconfig
|
|
- service_names
|
|
- service_configs
|
|
- {{role.name.lower()}}
|
|
- bootstrap_node # provided by allNodesConfig
|
|
- all_nodes # provided by allNodesConfig
|
|
- vip_data # provided by allNodesConfig
|
|
- net_ip_map
|
|
- '"%{::osfamily}"'
|
|
# The following are required for compatibility with the Controller role
|
|
# where some vendor integrations added hieradata via ExtraConfigPre
|
|
- neutron_bigswitch_data # Optionally provided by Controller/ComputeExtraConfigPre
|
|
- neutron_cisco_data # Optionally provided by Controller/ComputeExtraConfigPre
|
|
- cisco_n1kv_data # Optionally provided by Controller/ComputeExtraConfigPre
|
|
- midonet_data #Optionally provided by AllNodesExtraConfig
|
|
- cisco_aci_data # Optionally provided by Controller/ComputeExtraConfigPre
|
|
merge_behavior: deeper
|
|
datafiles:
|
|
service_names:
|
|
service_names: {get_param: ServiceNames}
|
|
sensu::subscriptions: {get_param: MonitoringSubscriptions}
|
|
net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
|
|
service_configs: {get_param: ServiceConfigSettings}
|
|
{{role.name.lower()}}_extraconfig:
|
|
map_merge:
|
|
{%- if role.deprecated_param_extraconfig is defined %}
|
|
- {get_param: {{role.deprecated_param_extraconfig}}}
|
|
{%- endif %}
|
|
- {get_param: {{role.name}}ExtraConfig}
|
|
extraconfig: {get_param: ExtraConfig}
|
|
{{role.name.lower()}}:
|
|
tripleo::clouddomain: {get_param: CloudDomain}
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
fqdn_{{network.name_lower}}: {get_attr: [NetHostMap, value, {{network.name_lower}}, fqdn]}
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
|
|
fqdn_canonical: {get_attr: [NetHostMap, value, canonical, fqdn]}
|
|
|
|
# Resource for site-specific injection of root certificate
|
|
NodeTLSCAData:
|
|
depends_on: NetworkDeployment
|
|
type: OS::TripleO::NodeTLSCAData
|
|
properties:
|
|
server: {get_resource: {{server_resource_name}}}
|
|
|
|
# Hook for site-specific additional pre-deployment config, e.g extra hieradata
|
|
{{role.name}}ExtraConfigPre:
|
|
depends_on: {{server_resource_name}}Deployment
|
|
type: OS::TripleO::{{role.name}}ExtraConfigPre
|
|
# We have to use conditions here so that we don't break backwards
|
|
# compatibility with templates everywhere
|
|
condition: server_not_blacklisted
|
|
properties:
|
|
server: {get_resource: {{server_resource_name}}}
|
|
|
|
# Hook for site-specific additional pre-deployment config,
|
|
# applying to all nodes, e.g node registration/unregistration
|
|
NodeExtraConfig:
|
|
depends_on:
|
|
- {{role.name}}ExtraConfigPre
|
|
- NodeTLSCAData
|
|
type: OS::TripleO::NodeExtraConfig
|
|
# We have to use conditions here so that we don't break backwards
|
|
# compatibility with templates everywhere
|
|
condition: server_not_blacklisted
|
|
properties:
|
|
server: {get_resource: {{server_resource_name}}}
|
|
|
|
DeploymentActions:
|
|
type: OS::Heat::Value
|
|
properties:
|
|
value:
|
|
if:
|
|
- server_not_blacklisted
|
|
- ['CREATE', 'UPDATE']
|
|
- []
|
|
|
|
SshHostPubKey:
|
|
type: OS::TripleO::Ssh::HostPubKey
|
|
depends_on: {{server_resource_name}}Deployment
|
|
properties:
|
|
server: {get_resource: {{server_resource_name}}}
|
|
deployment_actions: {get_attr: [DeploymentActions, value]}
|
|
|
|
SshKnownHostsHostnames:
|
|
type: OS::Heat::Value
|
|
properties:
|
|
value:
|
|
str_replace:
|
|
template: "[PRIMARYIP]*,[PRIMARYHOST.DOMAIN]*,[PRIMARYHOST]*,\
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
[{{network.name}}IP]*,[{{network.name}}HOST.DOMAIN]*,\
|
|
[{{network.name}}HOST]*,\
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
[CTLPLANEIP]*,[CTLPLANEHOST.DOMAIN]*,[CTLPLANEHOST]*"
|
|
params:
|
|
PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
|
|
DOMAIN: {get_param: CloudDomain}
|
|
PRIMARYHOST: {get_attr: [{{server_resource_name}}, name]}
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
{{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]}
|
|
{{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]}
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
CTLPLANEIP: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
|
|
CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
|
|
|
|
outputs:
|
|
ip_address:
|
|
description: IP address of the server in the ctlplane network
|
|
value: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
|
|
blacklist_ip_address:
|
|
description: IP address of the server if the server is blacklisted, otherwise this output will be an empty string
|
|
value:
|
|
if:
|
|
- server_blacklisted
|
|
- {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
|
|
- ""
|
|
blacklist_hostname:
|
|
description: Hostname of the server if the server is blacklisted, otherwise this output will be an empty string
|
|
value:
|
|
if:
|
|
- server_blacklisted
|
|
- {get_attr: [{{server_resource_name}}, name]}
|
|
- ""
|
|
hostname:
|
|
description: Hostname of the server
|
|
value: {get_attr: [{{server_resource_name}}, name]}
|
|
hostname_map:
|
|
description: Mapping of network names to hostnames
|
|
value:
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
{{network.name_lower|default(network.name.lower())}}: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower()) }}, fqdn]}
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
|
|
canonical: {get_attr: [NetHostMap, value, canonical, fqdn]}
|
|
hosts_entry:
|
|
value:
|
|
str_replace:
|
|
template: |
|
|
PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
{{network.name}}IP {{network.name}}HOST.DOMAIN {{network.name}}HOST
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
|
|
params:
|
|
PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, {{role.name}}HostnameResolveNetwork]}]}
|
|
DOMAIN: {get_param: CloudDomain}
|
|
PRIMARYHOST: {get_attr: [{{server_resource_name}}, name]}
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
{{network.name}}IP: {get_attr: [{{network.name}}Port, ip_address]}
|
|
{{network.name}}HOST: {get_attr: [NetHostMap, value, {{network.name_lower|default(network.name.lower())}}, short]}
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
CTLPLANEIP: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
|
|
CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
|
|
known_hosts_entry:
|
|
description: Entry for ssh known hosts
|
|
value:
|
|
list_join:
|
|
- ' '
|
|
- - {get_attr: [SshKnownHostsHostnames, value]}
|
|
- {get_attr: [SshHostPubKey, ecdsa]}
|
|
known_hosts_hostnames:
|
|
description: Mapping of server name to hostnames portion of ssh known hosts entry
|
|
value:
|
|
map_replace:
|
|
- name: {get_attr: [SshKnownHostsHostnames, value]}
|
|
- keys:
|
|
name: {get_attr: [{{server_resource_name}}, name]}
|
|
nova_server_resource:
|
|
description: Heat resource handle for {{role.name}} server
|
|
value:
|
|
{get_resource: {{server_resource_name}}}
|
|
condition: server_not_blacklisted
|
|
deployed_server_port_map:
|
|
description: |
|
|
Map of Heat created hostname of the server to ip address. This is the
|
|
hostname before it has been mapped with the HostnameMap parameter, and
|
|
the IP address from the ctlplane network. This map can be used to construct
|
|
the DeployedServerPortMap parameter when using split-stack.
|
|
value:
|
|
map_replace:
|
|
- hostname:
|
|
fixed_ips:
|
|
- ip_address: {get_attr: [{{server_resource_name}}, networks, ctlplane, 0]}
|
|
subnets:
|
|
- cidr: {get_attr: [{{server_resource_name}}, addresses, ctlplane, 0, subnets, 0, cidr]}
|
|
- keys:
|
|
hostname:
|
|
list_join:
|
|
- '-'
|
|
- - {get_param: Hostname}
|
|
- ctlplane
|
|
deployed_server_deployment_swift_data_map:
|
|
description:
|
|
Map of Heat created hostname of the server to the Swift container and object
|
|
used to created the temporary url for metadata polling with
|
|
os-collect-config.
|
|
value:
|
|
map_replace:
|
|
- hostname:
|
|
container:
|
|
str_split:
|
|
- '/'
|
|
- {get_attr: [{{server_resource_name}}, os_collect_config, request, metadata_url]}
|
|
- 5
|
|
object:
|
|
str_split:
|
|
- '?'
|
|
- str_split:
|
|
- '/'
|
|
- {get_attr: [{{server_resource_name}}, os_collect_config, request, metadata_url]}
|
|
- 6
|
|
- 0
|
|
- keys: {hostname: {get_param: Hostname}}
|
|
os_collect_config:
|
|
description: The os-collect-config configuration associated with this server resource
|
|
value: {get_attr: [{{server_resource_name}}, os_collect_config]}
|
|
{%- for network in networks %}
|
|
{%- if network.enabled|default(true) and network.name in role.networks|default([]) %}
|
|
{{network.name_lower|default(network.name.lower())}}_ip_address:
|
|
description: IP address of the server in the {{network.name}} network
|
|
value: {get_attr: [{{network.name}}Port, ip_address]}
|
|
{%- endif %}
|
|
{%- endfor %}
|
|
role_group_vars:
|
|
value:
|
|
any_errors_fatal: {get_param: {{role.name}}AnyErrorsFatal}
|
|
max_fail_percentage: {get_param: {{role.name}}MaxFailPercentage}
|