controller-config.yaml

   1 heat_template_version: 2014-10-16
   2
   3 description: >
   4   Controller Config for Controller.
   5
   6 parameters:
   7   # unused here but is a placeholder for other compute-config templates
   8   # which may choose to create in-templates resources that require controller
   9   controller_id:
  10     type: string
  11     hidden: true
  12
  13 resources:
  14
  15   ControllerConfigImpl:
  16     type: OS::Heat::StructuredConfig
  17     properties:
  18       group: os-apply-config
  19       config:
  20         admin-password: {get_input: admin_password}
  21         admin-token: {get_input: admin_token}
  22         bootstack:
  23           public_interface_ip: {get_input: neutron_public_interface_ip}
  24         bootstrap_host:
  25           nodeid: {get_input: bootstack_nodeid}
  26         cinder:
  27           db: {get_input: cinder_dsn}
  28           debug: {get_input: debug}
  29           volume_size_mb: {get_input: cinder_lvm_loop_device_size}
  30           service-password: {get_input: cinder_password}
  31           iscsi-helper: {get_input: CinderISCSIHelper}
  32         controller-address: {get_input: controller_host}
  33         corosync:
  34           bindnetaddr: {get_input: controller_host}
  35           mcastport: 5577
  36         pacemaker:
  37           stonith_enabled : false
  38           recheck_interval : 5
  39           quorum_policy : ignore
  40         db-password: unset
  41         glance:
  42           registry:
  43             host: {get_input: controller_virtual_ip}
  44           backend: swift
  45           db: {get_input: glance_dsn}
  46           debug: {get_input: debug}
  47           host: {get_input: controller_virtual_ip}
  48           port: {get_input: glance_port}
  49           protocol: {get_input: glance_protocol}
  50           service-password: {get_input: glance_password}
  51           swift-store-user: service:glance
  52           swift-store-key: {get_input: glance_password}
  53           notifier-strategy: {get_input: glance_notifier_strategy}
  54           log-file: {get_input: glance_log_file}
  55         heat:
  56           admin_password: {get_input: heat_password}
  57           admin_tenant_name: service
  58           admin_user: heat
  59           auth_encryption_key: unset___________
  60           db: {get_input: heat_dsn}
  61           debug: {get_input: debug}
  62           stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
  63           watch_server_url: {get_input: heat.watch_server_url}
  64           metadata_server_url: {get_input: heat.metadata_server_url}
  65           waitcondition_server_url: {get_input: heat.waitcondition_server_url}
  66         keystone:
  67           db: {get_input: keystone_dsn}
  68           debug: {get_input: debug}
  69           host: {get_input: controller_virtual_ip}
  70           ca_certificate: {get_input: keystone_ca_certificate}
  71           signing_key: {get_input: keystone_signing_key}
  72           signing_certificate: {get_input: keystone_signing_certificate}
  73           ssl:
  74               certificate: {get_input: keystone_ssl_certificate}
  75               certificate_key: {get_input: keystone_ssl_certificate_key}
  76         mysql:
  77           innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
  78           local_bind: true
  79           root-password: {get_input: mysql_root_password}
  80           cluster_name: {get_input: mysql_cluster_name}
  81         neutron:
  82           debug: {get_input: debug}
  83           flat-networks: {get_input: neutron_flat_networks}
  84           host: {get_input: controller_virtual_ip}
  85           metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
  86           agent_mode: {get_input: neutron_agent_mode}
  87           router_distributed: {get_input: neutron_router_distributed}
  88           mechanism_drivers: {get_input: neutron_mechanism_drivers}
  89           allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
  90           l3_ha: {get_input: neutron_l3_ha}
  91           ovs:
  92             enable_tunneling: {get_input: neutron_enable_tunneling}
  93             local_ip: {get_input: controller_host}
  94             network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
  95             bridge_mappings: {get_input: neutron_bridge_mappings}
  96             public_interface: {get_input: neutron_public_interface}
  97             public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
  98             public_interface_route: {get_input: neutron_public_interface_default_route}
  99             public_interface_tag: {get_input: neutron_public_interface_tag}
 100             physical_bridge: br-ex
 101             tenant_network_type: {get_input: neutron_tenant_network_type}
 102             tunnel_types: {get_input: neutron_tunnel_types}
 103           ovs_db: {get_input: neutron_dsn}
 104           service-password: {get_input: neutron_password}
 105           dnsmasq-options: {get_input: neutron_dnsmasq_options}
 106         ceilometer:
 107           db: {get_input: ceilometer_dsn}
 108           debug: {get_input: debug}
 109           metering_secret: {get_input: ceilometer_metering_secret}
 110           service-password: {get_input: ceilometer_password}
 111         snmpd:
 112           export_MIB: UCD-SNMP-MIB
 113           readonly_user_name: {get_input: snmpd_readonly_user_name}
 114           readonly_user_password: {get_input: snmpd_readonly_user_password}
 115         nova:
 116           compute_driver: libvirt.LibvirtDriver
 117           db: {get_input: nova_dsn}
 118           default_floating_pool:
 119             ext-net
 120           host: {get_input: controller_virtual_ip}
 121           metadata-proxy: true
 122           service-password: {get_input: nova_password}
 123         rabbit:
 124           host: {get_input: controller_virtual_ip}
 125           username: {get_input: rabbit_username}
 126           password: {get_input: rabbit_password}
 127           cookie: {get_input: rabbit_cookie}
 128           rabbit_client_use_ssl: {get_input: rabbit_client_use_ssl}
 129           rabbit_port: {get_input: rabbit_client_port}
 130         ntp:
 131           servers:
 132               - {server: {get_input: ntp_server}}
 133         virtual_interfaces:
 134           instances:
 135             - vrrp_instance_name: VI_CONTROL
 136               virtual_router_id: 51
 137               keepalive_interface: {get_input: control_virtual_interface}
 138               priority: 101
 139               virtual_ips:
 140               - ip: {get_input: controller_virtual_ip}
 141                 interface: {get_input: control_virtual_interface}
 142             - vrrp_instance_name: VI_PUBLIC
 143               virtual_router_id: 52
 144               keepalive_interface: {get_input: public_virtual_interface}
 145               priority: 101
 146               virtual_ips:
 147               - ip: {get_input: public_virtual_ip}
 148                 interface: {get_input: public_virtual_interface}
 149           vrrp_sync_groups:
 150             - name: VG1
 151               members:
 152                 - VI_CONTROL
 153                 - VI_PUBLIC
 154         keepalived:
 155           keepalive_interface: {get_input: public_virtual_interface}
 156           priority: 101
 157         virtual_ips:
 158             -
 159               ip: {get_input: controller_virtual_ip}
 160               interface: {get_input: control_virtual_interface}
 161             -
 162               ip: {get_input: public_virtual_ip}
 163               interface: {get_input: public_virtual_interface}
 164         haproxy:
 165           net_binds:
 166             - ip: {get_input: controller_virtual_ip}
 167           options:
 168             - option httpchk GET /
 169           services:
 170             - name: keystone_admin
 171               port: 35357
 172               net_binds: &public_binds
 173                 - ip: {get_input: controller_virtual_ip}
 174                 - ip: {get_input: public_virtual_ip}
 175             - name: keystone_public
 176               port: 5000
 177               net_binds: *public_binds
 178             - name: horizon
 179               port: 80
 180               net_binds: *public_binds
 181             - name: neutron
 182               port: 9696
 183               net_binds: *public_binds
 184             - name: cinder
 185               port: 8776
 186               net_binds: *public_binds
 187             - name: glance_api
 188               port: 9292
 189               net_binds: *public_binds
 190             - name: glance_registry
 191               port: 9191
 192               net_binds: *public_binds
 193               options: # overwrite options as glace_reg needs auth for http req
 194             - name: heat_api
 195               port: 8004
 196               net_binds: *public_binds
 197             - name: heat_cloudwatch
 198               port: 8003
 199               net_binds: *public_binds
 200             - name: heat_cfn
 201               port: 8000
 202               net_binds: *public_binds
 203             - name: mysql
 204               port: 3306
 205               extra_server_params:
 206                 - backup
 207               options:
 208                 - timeout client 0
 209                 - timeout server 0
 210             - name: nova_ec2
 211               port: 8773
 212             - name: nova_osapi
 213               port: 8774
 214               net_binds: *public_binds
 215             - name: nova_metadata
 216               port: 8775
 217               net_binds: *public_binds
 218             - name: nova_novncproxy
 219               port: 6080
 220               net_binds: *public_binds
 221             - name: ceilometer
 222               port: 8777
 223               net_binds: *public_binds
 224               options: # overwrite options as ceil needs auth for http req
 225             - name: swift_proxy_server
 226               port: 8080
 227               net_binds: *public_binds
 228               options:
 229                 - option httpchk GET /info
 230             - name: rabbitmq
 231               port: 5672
 232               options:
 233                 - timeout client 0
 234                 - timeout server 0
 235                 - maxconn 1500
 236
 237 outputs:
 238   config_id:
 239     description: The ID of the ControllerConfigImpl resource.
 240     value:
 241       {get_resource: ControllerConfigImpl}