summaryrefslogtreecommitdiffstats
path: root/puppet/controller-role.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/controller-role.yaml')
-rw-r--r--puppet/controller-role.yaml597
1 files changed, 597 insertions, 0 deletions
diff --git a/puppet/controller-role.yaml b/puppet/controller-role.yaml
new file mode 100644
index 00000000..05527b63
--- /dev/null
+++ b/puppet/controller-role.yaml
@@ -0,0 +1,597 @@
+heat_template_version: 2016-10-14
+
+description: >
+ OpenStack controller node configured by Puppet.
+
+parameters:
+ controllerExtraConfig:
+ default: {}
+ description: |
+ Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
+ type: json
+ ControllerExtraConfig:
+ default: {}
+ description: |
+ Controller specific hiera configuration data to inject into the cluster.
+ type: json
+ ControllerIPs:
+ default: {}
+ description: >
+ A network mapped list of IPs to assign to Controllers in the following form:
+ {
+ "internal_api": ["a.b.c.d", "e.f.g.h"],
+ ...
+ }
+ type: json
+ Debug:
+ default: ''
+ description: Set to True to enable debugging on all services.
+ type: string
+ EnableLoadBalancer:
+ default: true
+ description: Whether to deploy a LoadBalancer on the Controller
+ type: boolean
+ ExtraConfig:
+ default: {}
+ description: |
+ Additional hieradata to inject into the cluster, note that
+ ControllerExtraConfig takes precedence over ExtraConfig.
+ type: json
+ OvercloudControlFlavor:
+ description: Flavor for control nodes to request when deploying.
+ default: baremetal
+ type: string
+ constraints:
+ - custom_constraint: nova.flavor
+ controllerImage:
+ type: string
+ default: overcloud-full
+ constraints:
+ - custom_constraint: glance.image
+ ImageUpdatePolicy:
+ default: 'REBUILD_PRESERVE_EPHEMERAL'
+ description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
+ type: string
+ KeyName:
+ default: default
+ description: Name of an existing Nova key pair to enable SSH access to the instances
+ type: string
+ constraints:
+ - custom_constraint: nova.keypair
+ NeutronPublicInterface:
+ default: nic1
+ description: What interface to bridge onto br-ex for network nodes.
+ type: string
+ ServiceNetMap:
+ default: {}
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ EndpointMap:
+ default: {}
+ description: Mapping of service endpoint -> protocol. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ Hostname:
+ type: string
+ default: '' # Defaults to Heat created hostname
+ HostnameMap:
+ type: json
+ default: {}
+ description: Optional mapping to override hostnames
+ NetworkDeploymentActions:
+ type: comma_delimited_list
+ description: >
+ Heat action when to apply network configuration changes
+ default: ['CREATE']
+ NodeIndex:
+ type: number
+ default: 0
+ SoftwareConfigTransport:
+ default: POLL_SERVER_CFN
+ description: |
+ How the server should receive the metadata required for software configuration.
+ type: string
+ constraints:
+ - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
+ CloudDomain:
+ default: 'localdomain'
+ type: string
+ description: >
+ The DNS domain used for the hosts. This should match the dhcp_domain
+ configured in the Undercloud neutron. Defaults to localdomain.
+ ControllerServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This option is
+ role-specific and is merged with the values given to the ServerMetadata
+ parameter.
+ type: json
+ ServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API. This applies to
+ all roles and is merged with a role-specific metadata parameter.
+ type: json
+ ControllerSchedulerHints:
+ type: json
+ description: Optional scheduler hints to pass to nova
+ default: {}
+ ServiceConfigSettings:
+ type: json
+ default: {}
+ ServiceNames:
+ type: comma_delimited_list
+ default: []
+ MonitoringSubscriptions:
+ type: comma_delimited_list
+ default: []
+ ServiceMetadataSettings:
+ type: json
+ default: {}
+ ConfigCommand:
+ type: string
+ description: Command which will be run whenever configuration data changes
+ default: os-refresh-config --timeout 14400
+ UpgradeInitCommand:
+ type: string
+ description: |
+ Command or script snippet to run on all overcloud nodes to
+ initialize the upgrade process. E.g. a repository switch.
+ default: ''
+
+parameter_groups:
+- label: deprecated
+ description: Do not use deprecated params, they will be removed.
+ parameters:
+ - controllerExtraConfig
+
+resources:
+
+ Controller:
+ type: OS::TripleO::Server
+ metadata:
+ os-collect-config:
+ command: {get_param: ConfigCommand}
+ properties:
+ image: {get_param: controllerImage}
+ image_update_policy: {get_param: ImageUpdatePolicy}
+ flavor: {get_param: OvercloudControlFlavor}
+ key_name: {get_param: KeyName}
+ networks:
+ - network: ctlplane
+ user_data_format: SOFTWARE_CONFIG
+ user_data: {get_resource: UserData}
+ name:
+ str_replace:
+ template: {get_param: Hostname}
+ params: {get_param: HostnameMap}
+ software_config_transport: {get_param: SoftwareConfigTransport}
+ metadata:
+ map_merge:
+ - {get_param: ServerMetadata}
+ - {get_param: ControllerServerMetadata}
+ - {get_param: ServiceMetadataSettings}
+ scheduler_hints: {get_param: ControllerSchedulerHints}
+
+ # Combine the NodeAdminUserData and NodeUserData mime archives
+ UserData:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: NodeAdminUserData}
+ type: multipart
+ - config: {get_resource: NodeUserData}
+ type: multipart
+ - config: {get_resource: RoleUserData}
+ type: multipart
+
+ # Creates the "heat-admin" user if configured via the environment
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ NodeAdminUserData:
+ type: OS::TripleO::NodeAdminUserData
+
+ # For optional operator additional userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ NodeUserData:
+ type: OS::TripleO::NodeUserData
+
+ # For optional operator role-specific userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ RoleUserData:
+ type: OS::TripleO::Controller::NodeUserData
+
+ ExternalPort:
+ type: OS::TripleO::Controller::Ports::ExternalPort
+ properties:
+ IPPool: {get_param: ControllerIPs}
+ NodeIndex: {get_param: NodeIndex}
+ ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
+
+ InternalApiPort:
+ type: OS::TripleO::Controller::Ports::InternalApiPort
+ properties:
+ IPPool: {get_param: ControllerIPs}
+ NodeIndex: {get_param: NodeIndex}
+ ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
+
+ StoragePort:
+ type: OS::TripleO::Controller::Ports::StoragePort
+ properties:
+ IPPool: {get_param: ControllerIPs}
+ NodeIndex: {get_param: NodeIndex}
+ ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
+
+ StorageMgmtPort:
+ type: OS::TripleO::Controller::Ports::StorageMgmtPort
+ properties:
+ IPPool: {get_param: ControllerIPs}
+ NodeIndex: {get_param: NodeIndex}
+ ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
+
+ TenantPort:
+ type: OS::TripleO::Controller::Ports::TenantPort
+ properties:
+ IPPool: {get_param: ControllerIPs}
+ NodeIndex: {get_param: NodeIndex}
+ ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
+
+ ManagementPort:
+ type: OS::TripleO::Controller::Ports::ManagementPort
+ properties:
+ IPPool: {get_param: ControllerIPs}
+ NodeIndex: {get_param: NodeIndex}
+ ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
+
+ NetIpMap:
+ type: OS::TripleO::Network::Ports::NetIpMap
+ properties:
+ ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
+ ExternalIp: {get_attr: [ExternalPort, ip_address]}
+ ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
+ ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
+ InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
+ InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
+ InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
+ StorageIp: {get_attr: [StoragePort, ip_address]}
+ StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
+ StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
+ StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
+ StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
+ StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
+ TenantIp: {get_attr: [TenantPort, ip_address]}
+ TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
+ TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
+ ManagementIp: {get_attr: [ManagementPort, ip_address]}
+ ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
+ ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
+
+ NetHostMap:
+ type: OS::Heat::Value
+ properties:
+ type: json
+ value:
+ external:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - external
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - external
+ internal_api:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - internalapi
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - internalapi
+ storage:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - storage
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - storage
+ storage_mgmt:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - storagemgmt
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - storagemgmt
+ tenant:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - tenant
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - tenant
+ management:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - management
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - management
+ ctlplane:
+ fqdn:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - ctlplane
+ - {get_param: CloudDomain}
+ short:
+ list_join:
+ - '.'
+ - - {get_attr: [Controller, name]}
+ - ctlplane
+
+ NetworkConfig:
+ type: OS::TripleO::Controller::Net::SoftwareConfig
+ properties:
+ ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
+ ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
+ InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
+ StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
+ StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
+ TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
+ ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
+
+ NetworkDeployment:
+ type: OS::TripleO::SoftwareDeployment
+ properties:
+ name: NetworkDeployment
+ config: {get_resource: NetworkConfig}
+ server: {get_resource: Controller}
+ actions: {get_param: NetworkDeploymentActions}
+ input_values:
+ bridge_name: br-ex
+ interface_name: {get_param: NeutronPublicInterface}
+
+ # Resource for site-specific injection of root certificate
+ NodeTLSCAData:
+ depends_on: NetworkDeployment
+ type: OS::TripleO::NodeTLSCAData
+ properties:
+ server: {get_resource: Controller}
+
+ # Resource for site-specific passing of private keys/certificates
+ NodeTLSData:
+ depends_on: NodeTLSCAData
+ type: OS::TripleO::NodeTLSData
+ properties:
+ server: {get_resource: Controller}
+ NodeIndex: {get_param: NodeIndex}
+
+ ControllerUpgradeInitConfig:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config:
+ list_join:
+ - ''
+ - - "#!/bin/bash\n\n"
+ - "if [[ -f /etc/resolv.conf.save ]] ; then rm /etc/resolv.conf.save; fi\n\n"
+ - get_param: UpgradeInitCommand
+
+ # Note we may be able to make this conditional on UpgradeInitCommandNotEmpty
+ # but https://bugs.launchpad.net/heat/+bug/1649900 needs fixing first
+ ControllerUpgradeInitDeployment:
+ type: OS::Heat::SoftwareDeployment
+ depends_on: NetworkDeployment
+ properties:
+ name: ControllerUpgradeInitDeployment
+ server: {get_resource: Controller}
+ config: {get_resource: ControllerUpgradeInitConfig}
+
+ ControllerDeployment:
+ type: OS::TripleO::SoftwareDeployment
+ depends_on: ControllerUpgradeInitDeployment
+ properties:
+ name: ControllerDeployment
+ config: {get_resource: ControllerConfig}
+ server: {get_resource: Controller}
+ input_values:
+ bootstack_nodeid: {get_attr: [Controller, name]}
+ enable_load_balancer: {get_param: EnableLoadBalancer}
+ enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
+
+ # Map heat metadata into hiera datafiles
+ ControllerConfig:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: hiera
+ config:
+ hierarchy:
+ - '"%{::uuid}"'
+ - heat_config_%{::deploy_config_name}
+ - controller_extraconfig
+ - extraconfig
+ - service_configs
+ - service_names
+ - controller
+ - bootstrap_node # provided by BootstrapNodeConfig
+ - all_nodes # provided by allNodesConfig
+ - vip_data # provided by allNodesConfig
+ - '"%{::osfamily}"'
+ - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
+ - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
+ - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
+ - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
+ - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
+ - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
+ - midonet_data #Optionally provided by AllNodesExtraConfig
+ - cisco_aci_data # Optionally provided by ControllerExtraConfigPre
+ merge_behavior: deeper
+ datafiles:
+ service_names:
+ service_names: {get_param: ServiceNames}
+ sensu::subscriptions: {get_param: MonitoringSubscriptions}
+ service_configs:
+ map_replace:
+ - {get_param: ServiceConfigSettings}
+ - values: {get_attr: [NetIpMap, net_ip_map]}
+ controller_extraconfig:
+ map_merge:
+ - {get_param: controllerExtraConfig}
+ - {get_param: ControllerExtraConfig}
+ extraconfig: {get_param: ExtraConfig}
+ controller:
+ # data supplied directly to this deployment configuration, etc
+ bootstack_nodeid: {get_input: bootstack_nodeid}
+ # Pacemaker
+ enable_load_balancer: {get_input: enable_load_balancer}
+
+ # Misc
+ tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
+ tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
+ fqdn_internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ fqdn_storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ fqdn_storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ fqdn_tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ fqdn_management: {get_attr: [NetHostMap, value, management, fqdn]}
+ fqdn_ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
+
+ # Hook for site-specific additional pre-deployment config, e.g extra hieradata
+ ControllerExtraConfigPre:
+ depends_on: ControllerDeployment
+ type: OS::TripleO::ControllerExtraConfigPre
+ properties:
+ server: {get_resource: Controller}
+
+ # Hook for site-specific additional pre-deployment config,
+ # applying to all nodes, e.g node registration/unregistration
+ NodeExtraConfig:
+ depends_on: [ControllerExtraConfigPre, NodeTLSData]
+ type: OS::TripleO::NodeExtraConfig
+ properties:
+ server: {get_resource: Controller}
+
+ UpdateConfig:
+ type: OS::TripleO::Tasks::PackageUpdate
+
+ UpdateDeployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ name: UpdateDeployment
+ config: {get_resource: UpdateConfig}
+ server: {get_resource: Controller}
+ input_values:
+ update_identifier:
+ get_param: UpdateIdentifier
+
+outputs:
+ ip_address:
+ description: IP address of the server in the ctlplane network
+ value: {get_attr: [Controller, networks, ctlplane, 0]}
+ external_ip_address:
+ description: IP address of the server in the external network
+ value: {get_attr: [ExternalPort, ip_address]}
+ internal_api_ip_address:
+ description: IP address of the server in the internal_api network
+ value: {get_attr: [InternalApiPort, ip_address]}
+ storage_ip_address:
+ description: IP address of the server in the storage network
+ value: {get_attr: [StoragePort, ip_address]}
+ storage_mgmt_ip_address:
+ description: IP address of the server in the storage_mgmt network
+ value: {get_attr: [StorageMgmtPort, ip_address]}
+ tenant_ip_address:
+ description: IP address of the server in the tenant network
+ value: {get_attr: [TenantPort, ip_address]}
+ management_ip_address:
+ description: IP address of the server in the management network
+ value: {get_attr: [ManagementPort, ip_address]}
+ hostname:
+ description: Hostname of the server
+ value: {get_attr: [Controller, name]}
+ hostname_map:
+ description: Mapping of network names to hostnames
+ value:
+ external: {get_attr: [NetHostMap, value, external, fqdn]}
+ internal_api: {get_attr: [NetHostMap, value, internal_api, fqdn]}
+ storage: {get_attr: [NetHostMap, value, storage, fqdn]}
+ storage_mgmt: {get_attr: [NetHostMap, value, storage_mgmt, fqdn]}
+ tenant: {get_attr: [NetHostMap, value, tenant, fqdn]}
+ management: {get_attr: [NetHostMap, value, management, fqdn]}
+ ctlplane: {get_attr: [NetHostMap, value, ctlplane, fqdn]}
+ hosts_entry:
+ description: >
+ Server's IP address and hostname in the /etc/hosts format
+ value:
+ str_replace:
+ template: |
+ PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
+ EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
+ INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
+ STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
+ STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
+ TENANTIP TENANTHOST.DOMAIN TENANTHOST
+ MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
+ CTLPLANEIP CTLPLANEHOST.DOMAIN CTLPLANEHOST
+ params:
+ PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
+ DOMAIN: {get_param: CloudDomain}
+ PRIMARYHOST: {get_attr: [Controller, name]}
+ EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
+ EXTERNALHOST: {get_attr: [NetHostMap, value, external, short]}
+ INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
+ INTERNAL_APIHOST: {get_attr: [NetHostMap, value, internal_api, short]}
+ STORAGEIP: {get_attr: [StoragePort, ip_address]}
+ STORAGEHOST: {get_attr: [NetHostMap, value, storage, short]}
+ STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
+ STORAGE_MGMTHOST: {get_attr: [NetHostMap, value, storage_mgmt, short]}
+ TENANTIP: {get_attr: [TenantPort, ip_address]}
+ TENANTHOST: {get_attr: [NetHostMap, value, tenant, short]}
+ MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
+ MANAGEMENTHOST: {get_attr: [NetHostMap, value, management, short]}
+ CTLPLANEIP: {get_attr: [Controller, networks, ctlplane, 0]}
+ CTLPLANEHOST: {get_attr: [NetHostMap, value, ctlplane, short]}
+ nova_server_resource:
+ description: Heat resource handle for the Nova compute server
+ value:
+ {get_resource: Controller}
+ tls_key_modulus_md5:
+ description: MD5 checksum of the TLS Key Modulus
+ value: {get_attr: [NodeTLSData, key_modulus_md5]}
+ tls_cert_modulus_md5:
+ description: MD5 checksum of the TLS Certificate Modulus
+ value: {get_attr: [NodeTLSData, cert_modulus_md5]}