openstack/tripleo-heat-templates
Code Issues Proposed changes
78ee893158
tripleo-heat-templates/extraconfig/post_deploy/undercloud_post.yaml
Harald Jensås afa16ae150 Create clouds.yaml for the undercloud 
Add the cloud to clouds.yaml for the undercloud so
that it is available for post deploy script's.

The clouds.yaml is created both in the stack users
home directory ~/.config/openstack/clouds.yaml and
globally for the system in /etc/openstack/clouds.yaml.

Update standalone post configuration to use the same
code to create and update clouds.yaml on standalone.

clouds.yaml is used when setting up client's in other
post scripts instead of passing all the options to
each script.

Partial-Bug: #1801927
Change-Id: I6402fa561745bacf184b1ad2ada44bf8f7c75324
2018-11-22 13:54:54 +01:00

247 lines
7.7 KiB
YAML
Raw Blame History

heat_template_version: rocky
description: >
Post-deployment for the TripleO undercloud
parameters:
servers:
type: json
DeployedServerPortMap:
default: {}
type: json
UndercloudHomeDir:
description: The HOME directory where the stackrc and ssh credentials for the Undercloud will be installed. Set to /home/<user> to customize the location.
type: string
default: '/root'
AdminPassword: #supplied by tripleo-undercloud-passwords.yaml
type: string
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
hidden: True
SSLCertificate:
description: >
The content of the SSL certificate (without Key) in PEM format.
type: string
default: ""
hidden: True
PublicSSLCertificateAutogenerated:
default: false
description: >
Whether the public SSL certificate was autogenerated or not.
type: boolean
InternalTLSCAFile:
default: '/etc/ipa/ca.crt'
type: string
description: Specifies the default CA cert to use if TLS is used for
services in the internal network.
SnmpdReadonlyUserPassword:
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
type: string
hidden: true
DnsServers:
default: []
description: >
DNS servers to use for the Overcloud (2 max for some implementations).
If not set the nameservers configured in the ctlplane subnet's
dns_nameservers attribute will be used.
type: comma_delimited_list
CtlplaneLocalPhysicalNetwork:
default: ctlplane
type: string
description: Physical network name for the ctlplane network local to the undercloud
UndercloudCtlplaneSubnets:
description: >
Dictionary of subnets to configure on the Undercloud ctlplan network
default: {}
type: json
UndercloudCtlplaneLocalSubnet:
description: The subnet local to the undercloud on the ctlplane network
default: ctlplane-subnet
type: string
UndercloudEnableRoutedNetworks:
description: Enable support for routed ctlplane networks.
default: False
type: boolean
UndercloudLocalMtu: # Override this via parameter_defaults
default: 1500
description: MTU to use for the Undercloud local_interface.
type: number
constraints:
- range: { min: 1000, max: 65536 }
KeystoneRegion:
type: string
default: 'regionOne'
description: Keystone region for endpoint
UndercloudCloudName:
type: string
default: 'undercloud'
description: Cloud name for the clouds.yaml
conditions:
tls_enabled:
or:
- not:
equals:
- {get_param: SSLCertificate}
- ""
- equals:
- {get_param: PublicSSLCertificateAutogenerated}
- true
ca_file_enabled:
and:
- not:
equals:
- {get_param: InternalTLSCAFile}
- ""
- tls_enabled
resources:
UndercloudPostConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
inputs:
- name: deploy_identifier
- name: admin_password
- name: auth_url
- name: internal_tls_ca_file
- name: cloud_name
config: {get_file: ./undercloud_post.sh}
UndercloudPostDeployment:
type: OS::Heat::SoftwareDeployments
properties:
name: UndercloudPostDeployment
servers: {get_param: servers}
config: {get_resource: UndercloudPostConfig}
input_values:
ssl_certificate: {get_param: SSLCertificate}
homedir: {get_param: UndercloudHomeDir}
admin_password: {get_param: AdminPassword}
cloud_name: {get_param: UndercloudCloudName}
internal_tls_ca_file:
if:
- ca_file_enabled
- {get_param: InternalTLSCAFile}
- ''
# if SSL is enabled we use the public virtual ip as the stackrc endpoint
auth_url:
if:
- tls_enabled
- make_url:
scheme: https
host: {get_param: [DeployedServerPortMap, 'public_virtual_ip', fixed_ips, 0, ip_address]}
port: 13000
path: /
- make_url:
scheme: http
host: {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]}
port: 5000
path: /
CloudsYamlConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
inputs:
- name: admin_password
- name: auth_url
- name: cloud_name
- name: home_dir
- name: identity_api_version
- name: project_name
- name: project_domain_name
- name: region_name
- name: user_name
- name: user_domain_name
config: {get_file: ./clouds_yaml.py}
CloudsYamlDeployment:
type: OS::Heat::SoftwareDeployments
properties:
name: CloudsYamlDeployment
servers: {get_param: servers}
config: {get_resource: CloudsYamlConfig}
input_values:
admin_password: {get_param: AdminPassword}
auth_url:
if:
- tls_enabled
- make_url:
scheme: https
host: {get_param: [DeployedServerPortMap, 'public_virtual_ip', fixed_ips, 0, ip_address]}
port: 13000
path: /
- make_url:
scheme: http
host: {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]}
port: 5000
path: /
cloud_name: {get_param: UndercloudCloudName}
home_dir: {get_param: UndercloudHomeDir}
identity_api_version: 3
project_name: 'admin'
project_domain_name: 'Default'
region_name: {get_param: KeystoneRegion}
user_name: 'admin'
user_domain_name: 'Default'
UndercloudPostPyConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
inputs:
- name: config
config: {get_file: ./undercloud_post.py}
UndercloudPostPyDeployment:
type: OS::Heat::SoftwareDeployments
depends_on: [UndercloudPostDeployment, CloudsYamlDeployment]
properties:
name: UndercloudPostPyDeployment
servers: {get_param: servers}
config: {get_resource: UndercloudPostPyConfig}
input_values:
config:
str_replace:
template: JSON
params:
JSON:
cloud_name: {get_param: UndercloudCloudName}
home_dir: {get_param: UndercloudHomeDir}
snmp_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
UndercloudCtlplaneNetworkConfig:
type: OS::Heat::SoftwareConfig
properties:
group: script
inputs:
- name: config
config: {get_file: ./undercloud_ctlplane_network.py}
UndercloudCtlplaneNetworkDeployment:
type: OS::Heat::SoftwareDeployments
depends_on: [UndercloudPostDeployment, CloudsYamlDeployment]
properties:
name: UndercloudCtlplaneNetworkDeployment
servers: {get_param: servers}
config: {get_resource: UndercloudCtlplaneNetworkConfig}
input_values:
config:
str_replace:
template: JSON
params:
JSON:
cloud_name: {get_param: UndercloudCloudName}
local_ip: {get_param: [DeployedServerPortMap, 'control_virtual_ip', fixed_ips, 0, ip_address]}
local_subnet: {get_param: UndercloudCtlplaneLocalSubnet}
nameservers: {get_param: DnsServers}
physical_network: {get_param: CtlplaneLocalPhysicalNetwork}
subnets: {get_param: UndercloudCtlplaneSubnets}
enable_routed_networks: {get_param: UndercloudEnableRoutedNetworks}
mtu: {get_param: UndercloudLocalMtu}
home_dir: {get_param: UndercloudHomeDir}
View Git Blame Copy Permalink