Undercloud minion role

Provide a playbook and undercloud minion deploy role

Depends-On: https://review.opendev.org/#/c/672318/
Change-Id: Ia63561b9b7e8638e2d1869d4ad608a9b00da4deb

playbooks/multinode-minion.yml

@@ -0,0 +1,4 @@
+---
+- include: quickstart.yml
+- include: multinode-undercloud.yml
+- include: multinode-undercloud-minion.yml

playbooks/multinode-undercloud-minion.yml

@@ -0,0 +1,64 @@
+---
+# TODO(aschultz): fix tags in here to be undercloud-minion-setup
+- name: Collect output from undercloud
+  hosts: undercloud
+  gather_facts: false
+  tasks:
+    - name: Copy output files
+      include_role:
+        name: undercloud-deploy
+        tasks_from: gather-outputs
+  tags:
+    - undercloud-setup
+
+- name: Write output from undercloud
+  hosts: overcloud
+  gather_facts: false
+  tasks:
+    - name: Reading and setting undercloud facts from gather-outputs
+      set_fact:
+        undercloud_outputs: "{{ hostvars['undercloud']['undercloud_outputs'] }}"
+        undercloud_passwords: "{{ hostvars['undercloud']['undercloud_passwords'] }}"
+    - name: write output files
+      include_role:
+        name: undercloud-setup
+        tasks_from: write-outputs
+  tags:
+    - undercloud-setup
+
+- name: Setup the undercloud minion
+  hosts: overcloud
+  tasks:
+    - name: Include atop setup
+      include_role:
+        name: undercloud-setup
+        tasks_from: atop
+    - name: Set container update fact from undercloud
+      set_fact:
+        update_containers_append_tag: "{{ hostvars['undercloud']['update_containers_append_tag'] | default('') }}"
+    - name: Include repo-setup
+      include_role:
+        name: repo-setup
+    - name: Include package installs
+      include_role:
+        name: undercloud-setup
+        tasks_from: package_installs
+      when: package_installs|default(true)|bool
+    - name: Update built packages
+      shell: "{{ ansible_pkg_mgr }} --enablerepo='gating-repo' update -y"
+      become: true
+      when: hostvars['undercloud']['compressed_gating_repo'] is defined
+    - name: Include hostname tasks
+      include_role:
+        name: undercloud-setup
+        tasks_from: hostname
+      when: hostname_correction|default(false)|bool or step_set_undercloud_hostname|default(false)|bool
+  tags:
+    - undercloud-setup
+
+- name: Deploy the undercloud minion
+  hosts: overcloud
+  roles:
+    - undercloud-minion-deploy
+  tags:
+    - undercloud-setup

roles/undercloud-deploy/tasks/gather-outputs.yml

@@ -0,0 +1,17 @@
+---
+# gather the output post-undercloud installation and register variables with
+# their contents
+- name: Collect undercloud outputs
+  slurp:
+    src: "{{ working_dir }}/tripleo-undercloud-outputs.yaml"
+  register: tmp_undercloud_outputs
+
+- name: Collect undercloud passwords
+  slurp:
+    src: "{{ working_dir }}/tripleo-undercloud-passwords.yaml"
+  register: tmp_undercloud_passwords
+
+- name: Setting undercloud outputs and password facts
+  set_fact:
+    undercloud_outputs: "{{ tmp_undercloud_outputs['content'] | b64decode }}"
+    undercloud_passwords: "{{ tmp_undercloud_passwords['content'] | b64decode }}"

roles/undercloud-minion-deploy/README.md

@@ -0,0 +1,90 @@
+undercloud-minion-deploy
+==========================================
+
+An Ansible role to execute the deployment of the tripleo undercloud minion
+
+Requirements
+------------
+
+This requiest an existing undercloud deployed somewhere and another host
+to deploy the minion on.
+
+Role Variables
+--------------
+
+- `minion_templates_path`: <'/usr/share/openstack-tripleo-heat-templates'> --
+a path to git clone and check-out t-h-t templates from the corresponding repo/branch/ref paths.
+- `minion_config_file`: <'minion.conf.j2'> -- the name of the jinja template
+used as the base for the minion.conf
+- `minion_install_script`: <'minion-install.j2'> -- the name of the jinja template
+used as the base for the minion-install bash script and dev envs hacking. Note, the
+defaults imply the 'openstack minion install' command will be invoked. See the minion
+deployment methods section below for the alternative modes.
+- `minion_install_log`: <'{{ working_dir }}/minion_install.log'> -- the full path
+to the minion install log file.
+- `minion_hieradata_override`: <null> -- the name of a file containing overrides (hieradata or parameter defaults)
+- `step_install_minion`: <'true'> -- turn on/off the minion deployment
+- `minion_conf_extra`: <''> -- extra options to be added to ~/minion.conf
+- `minion_extra_args`: <''> -- extra options for minion deploy command.
+- `minion_install_cmd`: <'openstack minion install'> -- command used to install the minion
+- `minion_install_cli_options`: <''> -- extra options for minion install command.
+- `minion_enable_heat_engine`: <'true'> -- sets up the 'enable_heat_engine' option
+  in minion.conf.
+- `minion_enable_ironic_conductor`: <'false'> -- sets up the 'enable_ironic_conductor'
+  option in minion.conf.
+- `minion_cloud_domain`: The domain configured for use by containerized
+  minion via the tripleo client's `--local-domain` option. It is unset by default.
+- `local_docker_registry_host`: <`docker_registry_host`> -- registry host/port
+  for containerized minion services. Defaults to the value provided for overcloud.
+  You may want to diverge it, if building locally, or fetching from remote registries
+  not fitting the overcloud deployment needs.
+- `minion_container_images_file`: <""> --
+  The environment file with default parameters for containers to use with
+  minion install CLI. This should only be used to override image prepare
+  generating this during the minion install.
+- `minion_custom_env_files`: <null> --
+  A space-separate string for custom t-h-t env files for `minion.conf` used with heat installer.
+- `minion_minion_output_dir`: <null> -- allows customize output directory for state, like
+  downloaded ansible configs and processed heat templates for heat installer
+- `minion_minion_cleanup`: <null> -- controls tear down of the processed heat templates
+- `minion_upgrade_cleanup`: <null> -- controls post upgrade cleanup after we containerize the minion.
+- `update_containers`: <false> -- whether to update containers from the local registry.
+- `minion_roles_data`: <null> -- A custom t-h-t roles file. Consumed from ``minion_templates_path``
+  or an alternative location as well.
+- `minion_selinux_enabled`: <'true'> -- Enabled for RHEL by default, Disabled for CentOS by default
+- `minion_container_cli`: <'podman'> -- Container CLI to use for the Undercloud deployment. Default to 'podman'.
+
+Role Network Variables
+----------------------
+- `minion_local_ip`: <hostvars['minion'].minion_ip> -- Sets up the `local_ip`
+parameter from an inventory. Must be belonging to the `minion_network_cidr`. It is used
+by overcloud nodes to access the minion node via a routable
+[ctlplane network]((https://docs.openstack.org/developer/tripleo-docs/advanced_deployment/network_isolation).
+Note that the minion.conf takes the default value based on the `minion_network_cidr`
+instead.
+- `minion_minion_nameservers`: <['8.8.8.8']> -- Sets up the 'minion_minion_nameservers'
+from minion.conf. May be a string or a sequence. Only the last item goes for
+the minion deploy command.
+- `minion_minion_hostname`: Sets up the 'minion_hostname' value from minion.conf.
+- `minion_resource_registry_args`: Complements 'resource_registry' for minion
+  heat templates. Defaults to nothing.
+- `minion_network_environment_args`: Complements Undercloud networking
+  setup with the default parameters for heat templates (parameter_defaults).
+- `minion_net_config_override`: <null> -- a j2 template for os-net-config
+  used to override network configuration, which is normally defined via
+  'OS::TripleO::Undercloud::Net::SoftwareConfig'. Accepts instack tags like LOCAL_IP et al.
+  When it is defined, the ``minion_resource_registry_args`` value will be discarded.
+
+Example Playbook
+----------------
+
+Sample playbook to call the role
+
+```yaml
+# Deploy the minion
+- name:  Install minion
+  hosts: minion
+  gather_facts: false
+  roles:
+    - minion-deploy
+```

roles/undercloud-minion-deploy/defaults/main.yml

@@ -0,0 +1,67 @@
+---
+
+minion_config_file: minion.conf.j2
+minion_install_cmd: openstack undercloud minion install
+minion_install_cli_options: ""
+minion_post_install_script: minion-install-post.sh.j2
+minion_install_log: "{{ working_dir }}/minion_install.log"
+
+minion_install_script: minion-install.sh.j2
+
+# defines extra args for the minion deploy command
+minion_extra_args: ""
+
+# only to be used in libvirt deployments, see environment config for details
+nameserver_from_virthost: false
+virthost_nameservers: []
+
+step_install_minion: true
+
+minion_conf_extra: ""
+
+minion_enable_heat_engine: true
+minion_enable_ironic_conductor: true
+
+minion_minion_debug: true
+
+# Path to tripleo-heat-templates to be cloned from given repo/branch/refscpec
+minion_templates_path: /usr/share/openstack-tripleo-heat-templates
+
+minion_container_insecure_registries:
+  - 192.168.24.1
+
+# Use to populate the resource registry for nic configs and networking setup
+minion_resource_registry_args: {}
+minion_network_environment_args: {}
+
+update_containers: false
+gating_repo_name: gating-repo
+update_containers_repo: "{{ gating_repo_name }},delorean-current"
+
+default_minion_roles_data_path: "{{ minion_templates_path }}/roles_data_minion.yaml"
+
+# We disable selinux when running under CentOS. It's enabled for RHEL
+minion_selinux_enabled: >-
+   {% if ansible_distribution == 'CentOS' -%}
+   false
+   {%- else -%}
+   true
+   {%- endif -%}
+
+minion_container_cli: >-
+   podman
+minion_healthcheck_disabled: false
+
+# Define a custom t-h-t installation for UC
+minion_custom_tht_script: custom-tht-script.sh.j2
+minion_custom_tht_log: minion_custom_tht_script.log
+
+# FIXME(bogdando) adapt these for real UC upgrade/deploy cases.
+# As the tht prep config templates converged with the overcloud upgrade/deploy cases,
+# these are yet meaningless for minion installations so the defaults
+# are set only to disable the controlled code blocks.
+minion_composable_scenario: ""
+minion_upgrade_composable_scenario: ""
+minion_prep_post_hook_script: ""
+minion_tht_rpm_url: ""
+download_minion_templates_rpm: false

roles/undercloud-minion-deploy/meta/main.yml

@@ -0,0 +1,4 @@
+---
+dependencies:
+  - extras-common
+  - container-prep

roles/undercloud-minion-deploy/tasks/create-scripts.yml

@@ -0,0 +1,57 @@
+---
+# Creat the scripts that will be used to deploy the undercloud minion
+# environment.
+- name: Check the dns information provided by the virthost
+  shell: >
+    awk 'match($0, /nameserver\s+(([0-9]{1,3}.?){4})/,address){ print address[1] }' /etc/resolv.conf
+  delegate_to: virthost
+  register: virthost_nameservers_output
+  when: nameserver_from_virthost|bool
+
+- name: set name server facts
+  set_fact:
+    virthost_nameservers: "{{ virthost_nameservers_output.stdout_lines }}"
+  when: nameserver_from_virthost|bool
+
+- name: Create minion configuration
+  template:
+    src: "{{ minion_config_file }}"
+    dest: "./minion.conf"
+    mode: 0600
+
+- name: Create minion install script
+  template:
+    src: "{{ minion_install_script }}"
+    dest: "{{ working_dir }}/minion-install.sh"
+    mode: 0755
+
+- name: Prepare undercloud custom t-h-t branch/refspec
+  include_role:
+    name: tht-prep-config
+  vars:
+    custom_tht_log: "{{ undercloud_custom_tht_log }}"
+    custom_tht_script: "{{ undercloud_custom_tht_script }}"
+    tht_templates_repo: "{{ undercloud_templates_repo|default('') }}"
+    tht_templates_refspec: "{{ undercloud_templates_refspec|default('') }}"
+    tht_templates_branch: "{{ undercloud_templates_branch|default('') }}"
+    tht_templates_path: "{{ undercloud_templates_path }}"
+    composable_scenario: "{{ undercloud_composable_scenario }}"
+    upgrade_composable_scenario: "{{ undercloud_upgrade_composable_scenario }}"
+    prep_post_hook_script: "{{ undercloud_prep_post_hook_script }}"
+    download_templates_rpm: "{{ download_undercloud_templates_rpm }}"
+    tht_rpm_url: "{{ undercloud_tht_rpm_url }}"
+  when:
+    - undercloud_templates_branch is defined or undercloud_templates_refspec is defined
+    - undercloud_templates_repo is defined
+    - undercloud_templates_path is defined
+
+- name: Create the minion parameter defaults file.
+  template:
+    src: minion-parameter-defaults.yaml.j2
+    dest: "{{ working_dir }}/minion-parameter-defaults.yaml"
+    mode: 0600
+
+- name: Write containers-prepare-parameter.yaml
+  template:
+    src: containers-prepare-parameter.yaml.j2
+    dest: "{{ working_dir }}/containers-prepare-parameter.yaml"

roles/undercloud-minion-deploy/tasks/install-minion.yml

@@ -0,0 +1,12 @@
+---
+- name: Run dstat on the minion prior to minion install
+  include_role:
+    name: validate-perf
+  when: step_install_minion|bool
+
+- name: Install the minion
+  shell: >
+    set -o pipefail &&
+    {{ working_dir }}/minion-install.sh 2>&1 {{ timestamper_cmd }} >
+    {{ minion_install_log }}
+  when: step_install_minion|bool

roles/undercloud-minion-deploy/tasks/main.yml

@@ -0,0 +1,13 @@
+---
+- name: gather facts used by role
+  setup:
+    gather_subset: "!min,distribution"
+  when: ansible_distribution is not defined
+
+- include: create-scripts.yml
+  tags:
+    - minion-scripts
+
+- include: install-minion.yml
+  tags:
+    - minion-install

roles/undercloud-minion-deploy/templates/containers-prepare-parameter.yaml.j2

@@ -0,0 +1,12 @@
+parameter_defaults:
+  DockerInsecureRegistryAddress:
+  - {{ local_docker_registry_host }}:8787
+  ContainerImagePrepare:
+    - set:
+        tag: "{{ container_build_id }}{{ update_containers_append_tag }}"
+        namespace: "{{ local_docker_registry_host }}:8787/{{ docker_registry_namespace_used }}"
+        name_prefix: "{{ docker_prep_prefix }}"
+        name_suffix: "{{ docker_prep_suffix }}"
+        ceph_namespace: "{{ docker_ceph_namespace }}"
+        ceph_image: "{{ docker_ceph_image }}"
+        ceph_tag: "{{ docker_ceph_tag }}"

roles/undercloud-minion-deploy/templates/hieradata-overrides-t-h-t-minion.yaml.j2

@@ -0,0 +1,7 @@
+parameter_defaults:
+  UndercloudMinionExtraConfig:
+    {% if undercloud_heat_workers is defined -%}
+    heat::engine::num_engine_workers: {{undercloud_heat_workers}}
+    {% elif undercloud_workers is defined -%}
+    heat::engine::num_engine_workers: "%{hiera('undercloud_workers')}"
+    {%- endif %}

roles/undercloud-minion-deploy/templates/minion-install.sh.j2

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -eux
+
+### --start_docs
+## Installing the undercloud minion
+## ================================
+## ::
+
+{% for var in (minion_env_vars|default([])) %}
+export {{ var }}
+{% endfor %}
+
+{{ minion_install_cmd }} {{ minion_install_cli_options }}
+
+### --stop_docs

roles/undercloud-minion-deploy/templates/minion-parameter-defaults.yaml.j2

@@ -0,0 +1,13 @@
+{#
+This takes advantage of the fact that valid JSON is also
+valid YAML.  The default to_nice_yaml filter doesn't quote strings,
+which can cause unexpected implicit type conversion when the
+resulting YAML is consumed, whereas with JSON all strings are quoted.
+#}
+{% if minion_resource_registry_args %}
+{% set minion_resource_registry = {'resource_registry': minion_resource_registry_args} %}
+{% else %}
+{% set minion_resource_registry = {} %}
+{% endif %}
+{% set minion_parameter_defaults = {'parameter_defaults': minion_network_environment_args} %}
+{{ minion_parameter_defaults|combine(minion_resource_registry, recursive=True)|to_nice_json }}

roles/undercloud-minion-deploy/templates/minion.conf.j2

@@ -0,0 +1,221 @@
+[DEFAULT]
+
+#
+# From minion_config
+#
+
+# Cleanup temporary files. Setting this to False will leave the
+# temporary files used during deployment in place after the command is
+# run. This is useful for debugging the generated files or if errors
+# occur. (boolean value)
+#cleanup = true
+
+# Container CLI used for deployment; Can be docker or podman. (string
+# value)
+container_cli = {{ minion_container_cli }}
+
+# Whether or not we disable the container healthchecks. (boolean
+# value)
+container_healthcheck_disabled = {{ minion_healthcheck_disabled }}
+
+# Heat environment file with parameters for all required container
+# images. Or alternatively, parameter "ContainerImagePrepare" to drive
+# the required image preparation. (string value)
+{% if minion_container_images_file is defined %}
+container_images_file = {{ minion_container_images_file }}
+{% else %}
+container_images_file = {{ working_dir }}/containers-prepare-parameter.yaml
+{% endif %}
+
+# Used to add custom insecure registries for containers. (list value)
+# Deprecated group/name - [DEFAULT]/docker_insecure_registries
+{% if minion_container_insecure_registries is defined and minion_container_insecure_registries|length>0 %}
+container_insecure_registries = {{ minion_container_insecure_registries | join(',') }}
+{% elif undercloud_docker_insecure_registries is defined and undercloud_docker_insecure_registries|length>0 %}
+container_insecure_registries = {{ undercloud_docker_insecure_registries }}
+{% else %}
+#container_insecure_registries =
+{% endif %}
+
+# An optional container registry mirror that will be used. (string
+# value)
+# Deprecated group/name - [DEFAULT]/docker_registry_mirror
+#container_registry_mirror =
+
+# List of any custom environment yaml files to use. These are applied
+# after any other configuration and can be used to override any
+# derived values. This should be used only by advanced users. (list
+# value)
+{% if minion_custom_env_files is defined %}
+custom_env_files = {{ minion_custom_env_files.split()|join(',') }}
+{% else %}
+#custom_env_files =
+{% endif %}
+
+# User used to run openstack undercloud install command which will be
+# used to add the user to the docker group, required to upload
+# containers (string value)
+#deployment_user = <None>
+
+# Whether to install the Heat Engine service. (boolean value)
+enable_heat_engine = {{ minion_enable_heat_engine }}
+
+# Whether to install the Ironic Conductor service. This is currently
+# disabled by default. (boolean value)
+enable_ironic_conductor = {{ minion_enable_ironic_conductor }}
+
+# URL for the heat container image to use. (string value)
+#heat_container_image =
+
+# Execute the heat-all process natively on this host. This option
+# requires that the heat-all binaries be installed locally on this
+# machine. This option is enabled by default which means heat-all is
+# executed on the host OS  directly. (boolean value)
+#heat_native = true
+
+# Path to hieradata override file. Relative paths get computed inside
+# of $HOME. When it points to a heat env file, it is passed in t-h-t
+# via "-e <file>", as is. When the file contains legacy instack data,
+# it is wrapped with <role>ExtraConfig and also passed in for
+# t-h-t as a temp file created in output_dir. Note, instack hiera data
+# may be not t-h-t compatible and will highly likely require a manual
+# revision. (string value)
+{% if minion_hieradata_override is defined %}
+hieradata_override = {{ minion_hieradata_override }}
+{% else %}
+#hieradata_override =
+{% endif %}
+
+# Whether to enable the debug log level for OpenStack services and
+# Container Image Prepare step. (boolean value)
+minion_debug = {{ minion_minion_debug }}
+
+# Enable or disable SELinux during the deployment. (boolean value)
+minion_enable_selinux = {{ minion_selinux_enabled }}
+
+# Run pre-flight checks when installing or upgrading. (boolean value)
+#minion_enable_validations = true
+
+# Fully qualified hostname (including domain) to set on the
+# Undercloud. If left unset, the current hostname will be used, but
+# the user is responsible for configuring all system hostname settings
+# appropriately.  If set, the undercloud install will configure all
+# system hostname settings. (string value)
+#minion_hostname = <None>
+
+# Network interface on the Undercloud that will be handling the PXE
+# boots and DHCP for Overcloud instances. (string value)
+{% if minion_local_interface is defined %}
+minion_local_interface = {{ minion_local_interface }}
+{% else %}
+#minion_local_interface = eth1
+{% endif %}
+
+# IP information for the interface on the Undercloud that will be
+# handling the PXE boots and DHCP for Overcloud instances.  The IP
+# portion of the value will be assigned to the network interface
+# defined by local_interface, with the netmask defined by the prefix
+# portion of the value. (string value)
+minion_local_ip = {{ minion_local_ip|default(
+    '%s/%s' % (undercloud_network_cidr|nthhost(4),
+    undercloud_network_cidr.split('/').1)) }}
+#minion_local_ip = 192.168.24.50/24
+
+# MTU to use for the local_interface. (integer value)
+{% if minion_local_mtu is defined %}
+minion_local_mtu = {{ minion_local_mtu }}
+{% endif %}
+#minion_local_mtu = 1500
+
+# The path to a log file to store the undercloud install/upgrade logs.
+# (string value)
+minion_log_file = {{ minion_install_log }}
+
+# DNS nameserver(s). Use for the undercloud node and for the overcloud
+# nodes. (NOTE: To use different nameserver(s) for the overcloud,
+# override the DnsServers parameter in overcloud environment.) (list
+# value)
+{% if virthost_nameservers is string %}
+minion_nameservers = {{ virthost_nameservers }}
+{% elif virthost_nameservers is sequence and virthost_nameservers|length > 0 %}
+minion_nameservers = {{ virthost_nameservers|join(',') }}
+{% elif minion_minion_nameservers is string %}
+minion_nameservers = {{ minion_minion_nameservers }}
+{% elif minion_minion_nameservers is sequence %}
+minion_nameservers = {{ minion_minion_nameservers|join(',') }}
+{% elif undercloud_undercloud_nameservers is string %}
+minion_nameservers = {{ undercloud_undercloud_nameservers }}
+{% elif undercloud_undercloud_nameservers is sequence %}
+minion_nameservers = {{ undercloud_undercloud_nameservers|join(',') }}
+{% else %}
+#minion_nameservers =
+{% endif %}
+
+# List of ntp servers to use. (list value)
+{% if minion_minion_ntp_servers is string %}
+minion_ntp_servers = {{ minion_minion_ntp_servers }}
+{% elif minion_minion_ntp_servers is sequence %}
+minion_ntp_servers = {{ minion_minion_ntp_servers|join(',') }}
+{% elif undercloud_undercloud_ntp_servers is string %}
+minion_ntp_servers = {{ undercloud_undercloud_ntp_servers }}
+{% elif undercloud_undercloud_ntp_servers is sequence %}
+minion_ntp_servers = {{ undercloud_undercloud_ntp_servers|join(',') }}
+{% else %}
+#minion_ntp_servers = 0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org,3.pool.ntp.org
+{% endif %}
+
+# The name of the file to look for the passwords used to connect to
+# the undercloud. We assume this file is in the folder where the
+# command is executed if a fully qualified path is not provided.
+# (string value)
+#minion_password_file = tripleo-undercloud-passwords.yaml
+
+# TODO: Certificate file to use for OpenStack service SSL connections.
+# Setting this enables SSL for the OpenStack API endpoints, leaving it
+# unset disables SSL. (string value)
+#minion_service_certificate =
+
+# Host timezone to be used. If no timezone is specified, the existing
+# timezone configuration is used. (string value)
+#minion_timezone = <None>
+
+# The name of the file to look for the undercloud output file that
+# contains configuration information. We assume this file is in the
+# folder where the command is executed if a fully qualified path is
+# not provided. (string value)
+#minion_undercloud_output_file = tripleo-undercloud-output.yaml
+
+# Path to network config override template.Relative paths get computed
+# inside of $HOME. Must be in the json format.Its content overrides
+# anything in t-h-t UndercloudNetConfigOverride. The processed
+# template is then passed in Heat via the undercloud_parameters.yaml
+# file created in output_dir and used to configure the networking via
+# run-os-net-config. If you wish to disable you can set this location
+# to an empty file.Templated for instack j2 tags may be used, for
+# example:
+#
+# ... snip example because ansible ...
+#
+#   (string value)
+#net_config_override =
+
+# Networks file to override for heat. May be an absolute path or the
+# path relative to the t-h-t templates directory used for deployment
+# (string value)
+#networks_file = <None>
+
+# Directory to output state, processed heat templates, ansible
+# deployment files. (string value)
+{% if minion_minion_output_dir is defined %}
+output_dir = {{ minion_minion_output_dir }}
+{% else %}
+#output_dir = $HOME/.undercloud-heat-installer
+{% endif %}
+
+# Roles file to override for heat. May be an absolute path or the path
+# relative to the t-h-t templates directory used for deployment
+# (string value)
+#roles_file = <None>
+
+# heat templates file to override. (string value)
+templates = {{ minion_templates_path }}

roles/undercloud-setup/tasks/write-outputs.yml

@@ -0,0 +1,11 @@
+---
+# write out undercloud_outputs and undercloud_passwords to files
+- name: Write out tripleo-undercloud-outputs.yaml
+  copy:
+    content: "{{ undercloud_outputs }}"
+    dest: "{{ working_dir }}/tripleo-undercloud-outputs.yaml"
+
+- name: Write out tripleo-undercloud-passwords.yaml
+  copy:
+    content: "{{ undercloud_passwords }}"
+    dest: "{{ working_dir }}/tripleo-undercloud-passwords.yaml"