1 heat_template_version: 2015-04-30
4 OpenStack control plane node. Can be wrapped in a ResourceGroup for scaling.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
14 description: The keystone auth secret and db password.
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service and db account.
31 CinderEnableIscsiBackend:
33 description: Whether to enable or not the Iscsi backend for Cinder
35 CinderEnableRbdBackend:
37 description: Whether to enable or not the Rbd backend for Cinder
41 description: The iSCSI helper to use with cinder.
43 CinderLVMLoopDeviceSize:
45 description: The size of the loopback file used by the cinder LVM driver.
49 description: The password for the cinder service and db account, used by cinder-api.
54 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
56 ControllerExtraConfig:
59 Controller specific configuration to inject into the cluster. Same
60 structure as ExtraConfig.
62 ControlVirtualInterface:
64 description: Interface where virtual ip will be assigned.
68 description: Set to True to enable debugging on all services.
72 description: Whether to enable fencing in Pacemaker or not.
76 description: Whether to use Galera instead of regular MariaDB.
80 description: Whether to deploy Ceph Storage (OSD) on the Controller
84 description: Whether to enable Swift Storage on the Controller
89 Additional configuration to inject into the cluster. The JSON should have
90 the following structure:
93 [{"section": "SECTIONNAME",
95 [{"option": "OPTIONNAME",
106 [{"section": "default",
108 [{"option": "compute_manager",
109 "value": "ironic.nova.compute.manager.ClusterComputeManager"
115 [{"option": "driver",
116 "value": "nova.cells.rpc_driver.CellsRPCDriver"
127 Pacemaker fencing configuration. The JSON should have
128 the following structure:
132 "agent": "AGENT_NAME",
133 "host_mac": "HOST_MAC_ADDRESS",
134 "params": {"PARAM_NAME": "PARAM_VALUE"}
142 "agent": "fence_xvm",
143 "host_mac": "52:54:00:aa:bb:cc",
145 "multicast_address": "225.0.0.12",
146 "port": "baremetal_0",
148 "manage_key_file": true,
149 "key_file": "/etc/fence_xvm.key",
150 "key_file_password": "abcdef"
157 description: Flavor for control nodes to request when deploying.
160 - custom_constraint: nova.flavor
161 GlanceNotifierStrategy:
162 description: Strategy to use for Glance notification queue
166 description: The filepath of the file to use for logging messages from Glance.
171 description: The password for the glance service and db account, used by the glance services.
176 description: Glance port.
180 description: Protocol to use when connecting to glance, set to https for SSL.
184 description: The short name of the Glance backend to use. Should be one
185 of swift, rbd, or file
188 - allowed_values: ['swift', 'file', 'rbd']
191 description: The password for the Heat service and db account, used by the Heat services.
194 HeatStackDomainAdminPassword:
195 description: Password for heat_domain_admin user.
199 HeatAuthEncryptionKey:
200 description: Auth encryption key for heat-engine
203 description: Secret key for Django
207 default: overcloud-control
209 - custom_constraint: glance.image
211 default: 'REBUILD_PRESERVE_EPHEMERAL'
212 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
216 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
219 - custom_constraint: nova.keypair
220 KeystoneCACertificate:
222 description: Keystone self-signed certificate authority certificate.
224 KeystoneSigningCertificate:
226 description: Keystone certificate for verifying token validity.
230 description: Keystone key for signing tokens.
233 KeystoneSSLCertificate:
235 description: Keystone certificate for verifying token validity.
237 KeystoneSSLCertificateKey:
239 description: Keystone key for signing tokens.
242 MysqlClusterUniquePart:
243 description: A unique identifier of the MySQL cluster the controller is in.
245 default: 'unset' # Has to be here because of the ignored empty value bug
246 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
248 # - length: {min: 4, max: 10}
249 MysqlInnodbBufferPoolSize:
251 Specifies the size of the buffer pool in megabytes. Setting to
252 zero should be interpreted as "no value" and will defer to the
257 description: Configures MySQL max_connections config setting
263 default: '' # Has to be here because of the ignored empty value bug
264 NeutronExternalNetworkBridge:
265 description: Name of bridge used for external network traffic.
268 NeutronBridgeMappings:
270 The OVS logical->physical bridge mappings to use. See the Neutron
271 documentation for details. Defaults to mapping br-ex - the external
272 bridge on hosts - to a physical name 'datacentre' which can be used
273 to create provider networks (and we use this for the default floating
274 network) - if changing this either use different post-install network
275 scripts or be sure to keep 'datacentre' as a mapping network name.
277 default: "datacentre:br-ex"
278 NeutronDnsmasqOptions:
279 default: 'dhcp-option-force=26,1400'
280 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
284 description: Agent mode for the neutron-l3-agent on the controller hosts
288 description: Whether to configure Neutron Distributed Virtual Routers
290 NeutronMetadataProxySharedSecret:
292 description: Shared secret to prevent spoofing
294 NeutronMechanismDrivers:
295 default: 'openvswitch'
297 The mechanism drivers for the Neutron tenant network. To specify multiple
298 values, use a comma separated string, like so: 'openvswitch,l2_population'
300 NeutronAllowL3AgentFailover:
302 description: Allow automatic l3-agent failover
306 description: Whether to enable l3-agent HA
308 NeutronDhcpAgentsPerNetwork:
311 description: The number of neutron dhcp agents to schedule per network
312 NeutronEnableTunnelling:
317 default: 'datacentre'
318 description: If set, flat networks to configure in neutron plugins.
321 description: The tenant network type for Neutron, either gre or vxlan.
323 NeutronNetworkVLANRanges:
324 default: 'datacentre'
326 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
327 Neutron documentation for permitted values. Defaults to permitting any
328 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
329 type: comma_delimited_list
332 description: The password for the neutron service and db account, used by neutron agents.
335 NeutronPublicInterface:
337 description: What interface to bridge onto br-ex for network nodes.
339 NeutronPublicInterfaceTag:
342 VLAN tag for creating a public VLAN. The tag will be used to
343 create an access port on the exterior bridge for each control plane node,
344 and that port will be given the IP address returned by neutron from the
345 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
346 overcloud.yaml to include the deployment of VLAN ports to the control
349 NeutronPublicInterfaceDefaultRoute:
351 description: A custom default route for the NeutronPublicInterface.
353 NeutronPublicInterfaceIP:
355 description: A custom IP address to put onto the NeutronPublicInterface.
357 NeutronPublicInterfaceRawDevice:
359 description: If set, the public interface is a vlan with this device as the raw device.
364 The tunnel types for the Neutron tenant network. To specify multiple
365 values, use a comma separated string, like so: 'gre,vxlan'
367 NeutronTunnelIdRanges:
369 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
370 of GRE tunnel IDs that are available for tenant network allocation
371 default: ["1:1000", ]
372 type: comma_delimited_list
375 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
376 of VXLAN VNI IDs that are available for tenant network allocation
377 default: ["1:1000", ]
378 type: comma_delimited_list
381 description: The password for the nova service and db account, used by nova-api.
386 description: Should MongoDb journaling be disabled
393 description: The password for the 'pcsd' user.
394 PublicVirtualInterface:
397 Specifies the interface where the public-facing virtual ip will be assigned.
398 This should be int_public when a VLAN is being used.
402 default: '' # Has to be here because of the ignored empty value bug
405 default: '' # Has to be here because of the ignored empty value bug
409 description: The password for RabbitMQ
414 description: The username for RabbitMQ
419 Rabbit client subscriber parameter to specify
420 an SSL connection to the RabbitMQ host.
424 description: Set rabbit subscriber port, change this if using SSL
428 default: '' # Has to be here because of the ignored empty value bug
429 SnmpdReadonlyUserName:
430 default: ro_snmp_user
431 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
433 SnmpdReadonlyUserPassword:
435 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
440 description: If set, the contents of an SSL certificate authority file.
444 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
449 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
454 description: A random string to be used as a salt when hashing to determine mappings
460 description: Value of mount_check in Swift account/container/object -server.conf
465 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
468 description: Partition Power to use when building Swift rings
472 description: The password for the swift service account, used by the swift proxy
479 description: How many replicas to use in the swift rings.
482 default: '' # Has to be here because of the ignored empty value bug
492 KeystonePublicApiVirtualIP:
500 description: Mapping of service_name -> network name. Typically set
501 via parameter_defaults in the resource registry.
507 Setting to a previously unused value during stack-update will trigger
508 package update on all nodes
511 default: '' # Defaults to Heat created hostname
516 type: OS::Nova::Server
518 image: {get_param: Image}
519 image_update_policy: {get_param: ImageUpdatePolicy}
520 flavor: {get_param: Flavor}
521 key_name: {get_param: KeyName}
524 user_data_format: SOFTWARE_CONFIG
525 user_data: {get_resource: NodeUserData}
526 name: {get_param: Hostname}
529 type: OS::TripleO::NodeUserData
532 type: OS::TripleO::Controller::Ports::ExternalPort
534 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
537 type: OS::TripleO::Controller::Ports::InternalApiPort
539 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
542 type: OS::TripleO::Controller::Ports::StoragePort
544 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
547 type: OS::TripleO::Controller::Ports::StorageMgmtPort
549 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
552 type: OS::TripleO::Controller::Ports::TenantPort
554 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
557 type: OS::TripleO::Controller::Net::SoftwareConfig
559 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
560 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
561 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
562 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
563 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
566 type: OS::TripleO::SoftwareDeployment
568 signal_transport: NO_SIGNAL
569 config: {get_resource: NetworkConfig}
570 server: {get_resource: Controller}
573 interface_name: {get_param: NeutronPublicInterface}
575 ControllerPassthroughConfig:
576 type: OS::Heat::StructuredConfig
578 group: os-apply-config
579 config: {get_input: passthrough_config}
581 ControllerPassthroughConfigSpecific:
582 type: OS::Heat::StructuredConfig
584 group: os-apply-config
585 config: {get_input: passthrough_config_specific}
588 type: OS::Heat::StructuredConfig
590 group: os-apply-config
592 admin-password: {get_input: admin_password}
593 admin-token: {get_input: admin_token}
595 public_interface_ip: {get_input: neutron_public_interface_ip}
597 nodeid: {get_input: bootstack_nodeid}
599 db: {get_input: cinder_dsn}
600 debug: {get_input: debug}
601 volume_size_mb: {get_input: cinder_lvm_loop_device_size}
602 service-password: {get_input: cinder_password}
603 iscsi-helper: {get_input: CinderISCSIHelper}
604 controller-address: {get_input: controller_host}
606 bindnetaddr: {get_input: controller_host}
609 stonith_enabled : false
611 quorum_policy : ignore
615 host: {get_input: controller_virtual_ip}
617 db: {get_input: glance_dsn}
618 debug: {get_input: debug}
619 host: {get_input: controller_virtual_ip}
620 port: {get_input: glance_port}
621 protocol: {get_input: glance_protocol}
622 service-password: {get_input: glance_password}
623 swift-store-user: service:glance
624 swift-store-key: {get_input: glance_password}
625 notifier-strategy: {get_input: glance_notifier_strategy}
626 log-file: {get_input: glance_log_file}
628 admin_password: {get_input: heat_password}
629 admin_tenant_name: service
631 auth_encryption_key: {get_input: heat_auth_encryption_key}
632 db: {get_input: heat_dsn}
633 debug: {get_input: debug}
634 stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
635 watch_server_url: {get_input: heat.watch_server_url}
636 metadata_server_url: {get_input: heat.metadata_server_url}
637 waitcondition_server_url: {get_input: heat.waitcondition_server_url}
639 db: {get_input: keystone_dsn}
640 debug: {get_input: debug}
641 host: {get_input: controller_virtual_ip}
642 ca_certificate: {get_input: keystone_ca_certificate}
643 signing_key: {get_input: keystone_signing_key}
644 signing_certificate: {get_input: keystone_signing_certificate}
646 certificate: {get_input: keystone_ssl_certificate}
647 certificate_key: {get_input: keystone_ssl_certificate_key}
649 innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
651 root-password: {get_input: mysql_root_password}
652 cluster_name: {get_input: mysql_cluster_name}
654 debug: {get_input: debug}
655 flat-networks: {get_input: neutron_flat_networks}
656 host: {get_input: controller_virtual_ip}
657 metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
658 agent_mode: {get_input: neutron_agent_mode}
659 router_distributed: {get_input: neutron_router_distributed}
660 mechanism_drivers: {get_input: neutron_mechanism_drivers}
661 allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
662 l3_ha: {get_input: neutron_l3_ha}
663 dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
665 enable_tunneling: {get_input: neutron_enable_tunneling}
666 local_ip: {get_input: controller_host}
667 network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
668 bridge_mappings: {get_input: neutron_bridge_mappings}
669 public_interface: {get_input: neutron_public_interface}
670 public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
671 public_interface_route: {get_input: neutron_public_interface_default_route}
672 public_interface_tag: {get_input: neutron_public_interface_tag}
673 physical_bridge: br-ex
674 tenant_network_type: {get_input: neutron_tenant_network_type}
675 tunnel_types: {get_input: neutron_tunnel_types}
676 tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
677 vni_ranges: {get_input: neutron_vni_ranges}
678 ovs_db: {get_input: neutron_dsn}
679 service-password: {get_input: neutron_password}
680 dnsmasq-options: {get_input: neutron_dnsmasq_options}
682 db: {get_input: ceilometer_dsn}
683 debug: {get_input: debug}
684 metering_secret: {get_input: ceilometer_metering_secret}
685 service-password: {get_input: ceilometer_password}
687 export_MIB: UCD-SNMP-MIB
688 readonly_user_name: {get_input: snmpd_readonly_user_name}
689 readonly_user_password: {get_input: snmpd_readonly_user_password}
691 compute_driver: libvirt.LibvirtDriver
692 db: {get_input: nova_dsn}
693 default_floating_pool:
695 host: {get_input: controller_virtual_ip}
697 service-password: {get_input: nova_password}
699 nojournal: {get_input: mongodb_no_journal}
701 host: {get_input: controller_virtual_ip}
702 username: {get_input: rabbit_username}
703 password: {get_input: rabbit_password}
704 cookie: {get_input: rabbit_cookie}
705 rabbit_client_use_ssl: {get_input: rabbit_client_use_ssl}
706 rabbit_port: {get_input: rabbit_client_port}
709 - {server: {get_input: ntp_server}}
712 - vrrp_instance_name: VI_CONTROL
713 virtual_router_id: 51
714 keepalive_interface: {get_input: control_virtual_interface}
717 - ip: {get_input: controller_virtual_ip}
718 interface: {get_input: control_virtual_interface}
719 - vrrp_instance_name: VI_PUBLIC
720 virtual_router_id: 52
721 keepalive_interface: {get_input: public_virtual_interface}
724 - ip: {get_input: public_virtual_ip}
725 interface: {get_input: public_virtual_interface}
732 keepalive_interface: {get_input: public_virtual_interface}
736 ip: {get_input: controller_virtual_ip}
737 interface: {get_input: control_virtual_interface}
739 ip: {get_input: public_virtual_ip}
740 interface: {get_input: public_virtual_interface}
743 - ip: {get_input: controller_virtual_ip}
745 - option httpchk GET /
747 - name: keystone_admin
749 net_binds: &public_binds
750 - ip: {get_input: controller_virtual_ip}
751 - ip: {get_input: public_virtual_ip}
752 - name: keystone_public
754 net_binds: *public_binds
757 net_binds: *public_binds
760 net_binds: *public_binds
763 net_binds: *public_binds
766 net_binds: *public_binds
767 - name: glance_registry
769 net_binds: *public_binds
770 options: # overwrite options as glace_reg needs auth for http req
773 net_binds: *public_binds
774 - name: heat_cloudwatch
776 net_binds: *public_binds
779 net_binds: *public_binds
791 net_binds: *public_binds
792 - name: nova_metadata
794 net_binds: *public_binds
795 - name: nova_novncproxy
797 net_binds: *public_binds
800 net_binds: *public_binds
801 options: # overwrite options as ceil needs auth for http req
802 - name: swift_proxy_server
804 net_binds: *public_binds
806 - option httpchk GET /info
814 ControllerDeployment:
815 type: OS::TripleO::SoftwareDeployment
817 signal_transport: NO_SIGNAL
818 config: {get_resource: ControllerConfig}
819 server: {get_resource: Controller}
821 bootstack_nodeid: {get_attr: [Controller, name]}
822 controller_host: {get_attr: [Controller, networks, ctlplane, 0]}
823 controller_virtual_ip: {get_param: VirtualIP}
824 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
825 heat.watch_server_url:
829 - {get_param: VirtualIP}
831 heat.metadata_server_url:
835 - {get_param: VirtualIP}
837 heat.waitcondition_server_url:
841 - {get_param: VirtualIP}
842 - ':8000/v1/waitcondition'
843 admin_password: {get_param: AdminPassword}
844 admin_token: {get_param: AdminToken}
845 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
846 debug: {get_param: Debug}
847 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
848 cinder_password: {get_param: CinderPassword}
849 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
853 - - 'mysql://cinder:'
854 - {get_param: CinderPassword}
856 - {get_param: VirtualIP}
858 glance_port: {get_param: GlancePort}
859 glance_protocol: {get_param: GlanceProtocol}
860 glance_password: {get_param: GlancePassword}
861 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
862 glance_log_file: {get_param: GlanceLogFile}
866 - - 'mysql://glance:'
867 - {get_param: GlancePassword}
869 - {get_param: VirtualIP}
871 heat_password: {get_param: HeatPassword}
872 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
873 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
878 - {get_param: HeatPassword}
880 - {get_param: VirtualIP}
882 keystone_ca_certificate: {get_param: KeystoneCACertificate}
883 keystone_signing_key: {get_param: KeystoneSigningKey}
884 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
885 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
886 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
890 - - 'mysql://keystone:'
891 - {get_param: AdminToken}
893 - {get_param: VirtualIP}
895 mongodb_no_journal: {get_param: MongoDbNoJournal}
896 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
897 mysql_root_password: {get_param: MysqlRootPassword}
900 template: tripleo-CLUSTER
902 CLUSTER: {get_param: MysqlClusterUniquePart}
903 neutron_flat_networks: {get_param: NeutronFlatNetworks}
904 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
905 neutron_agent_mode: {get_param: NeutronAgentMode}
906 neutron_router_distributed: {get_param: NeutronDVR}
907 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
908 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
909 neutron_l3_ha: {get_param: NeutronL3HA}
910 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
911 neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
912 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
913 neutron_public_interface: {get_param: NeutronPublicInterface}
914 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
915 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
916 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
917 neutron_tenant_network_type: {get_param: NeutronNetworkType}
918 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
919 neutron_tunnel_id_ranges:
921 template: "['RANGES']"
926 - {get_param: NeutronTunnelIdRanges}
929 template: "['RANGES']"
934 - {get_param: NeutronVniRanges}
935 neutron_password: {get_param: NeutronPassword}
936 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
940 - - 'mysql://neutron:'
941 - {get_param: NeutronPassword}
943 - {get_param: VirtualIP}
944 - '/ovs_neutron?charset=utf8'
945 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
946 ceilometer_password: {get_param: CeilometerPassword}
950 - - 'mysql://ceilometer:'
951 - {get_param: CeilometerPassword}
953 - {get_param: VirtualIP}
955 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
956 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
957 nova_password: {get_param: NovaPassword}
962 - {get_param: NovaPassword}
964 - {get_param: VirtualIP}
966 rabbit_username: {get_param: RabbitUserName}
967 rabbit_password: {get_param: RabbitPassword}
968 rabbit_cookie: {get_param: RabbitCookie}
969 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
970 rabbit_client_port: {get_param: RabbitClientPort}
971 ntp_server: {get_param: NtpServer}
972 control_virtual_interface: {get_param: ControlVirtualInterface}
973 public_virtual_interface: {get_param: PublicVirtualInterface}
974 public_virtual_ip: {get_param: PublicVirtualIP}
977 type: OS::Heat::StructuredConfig
979 group: os-apply-config
982 ca_certificate: {get_input: ssl_ca_certificate}
984 cert: {get_input: ssl_certificate}
985 key: {get_input: ssl_key}
986 cacert: {get_input: ssl_ca_certificate}
991 connect_host: {get_input: controller_host}
995 connect_host: {get_input: controller_host}
999 connect_host: {get_input: controller_host}
1003 connect_host: {get_input: controller_host}
1007 connect_host: {get_input: controller_host}
1008 - name: 'swift-proxy'
1011 connect_host: {get_input: controller_host}
1015 connect_host: {get_input: controller_host}
1016 - name: 'ceilometer'
1019 connect_host: {get_input: controller_host}
1021 ControllerSSLDeployment:
1022 type: OS::Heat::StructuredDeployment
1024 config: {get_resource: SSLConfig}
1025 server: {get_resource: Controller}
1026 signal_transport: NO_SIGNAL
1028 controller_host: {get_attr: [Controller, networks, ctlplane, 0]}
1029 ssl_certificate: {get_param: SSLCertificate}
1030 ssl_key: {get_param: SSLKey}
1031 ssl_ca_certificate: {get_param: SSLCACertificate}
1033 ControllerPassthroughDeployment:
1034 type: OS::Heat::StructuredDeployment
1036 config: {get_resource: ControllerPassthroughConfig}
1037 server: {get_resource: Controller}
1038 signal_transport: NO_SIGNAL
1040 passthrough_config: {get_param: ExtraConfig}
1042 ControllerPassthroughSpecificDeployment:
1043 depends_on: [ControllerPassthroughDeployment]
1044 type: OS::Heat::StructuredDeployment
1046 config: {get_resource: ControllerPassthroughConfigSpecific}
1047 server: {get_resource: Controller}
1048 signal_transport: NO_SIGNAL
1050 passthrough_config_specific: {get_param: ControllerExtraConfig}
1053 type: OS::Heat::StructuredConfig
1055 group: os-apply-config
1058 hash: { get_input: swift_hash_suffix }
1059 part-power: { get_input: swift_part_power }
1060 mount-check: { get_input: swift_mount_check }
1061 min-part-hours: { get_input: swift_min_part_hours }
1062 replicas: {get_input: swift_replicas }
1063 service-password: { get_input: swift_password }
1066 type: OS::Heat::StructuredDeployment
1068 server: {get_resource: Controller}
1069 config: {get_resource: SwiftConfig}
1070 signal_transport: NO_SIGNAL
1072 swift_hash_suffix: {get_param: SwiftHashSuffix}
1073 swift_mount_check: {get_param: SwiftMountCheck}
1074 swift_password: {get_param: SwiftPassword}
1075 swift_min_part_hours: {get_param: SwiftMinPartHours}
1076 swift_part_power: {get_param: SwiftPartPower}
1077 swift_replicas: { get_param: SwiftReplicas}
1081 description: IP address of the server in the ctlplane network
1082 value: {get_attr: [Controller, networks, ctlplane, 0]}
1083 external_ip_address:
1084 description: IP address of the server in the external network
1085 value: {get_attr: [ExternalPort, ip_address]}
1086 internal_api_ip_address:
1087 description: IP address of the server in the internal_api network
1088 value: {get_attr: [InternalApiPort, ip_address]}
1090 description: IP address of the server in the storage network
1091 value: {get_attr: [StoragePort, ip_address]}
1092 storage_mgmt_ip_address:
1093 description: IP address of the server in the storage_mgmt network
1094 value: {get_attr: [StorageMgmtPort, ip_address]}
1096 description: IP address of the server in the tenant network
1097 value: {get_attr: [TenantPort, ip_address]}
1099 description: Hostname of the server
1100 value: {get_attr: [Controller, name]}
1103 Node object in the format {ip: ..., name: ...} format that the corosync
1106 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1107 name: {get_attr: [Controller, name]}
1110 Server's IP address and hostname in the /etc/hosts format
1113 template: IP HOST CLOUDNAME
1115 IP: {get_attr: [Controller, networks, ctlplane, 0]}
1116 HOST: {get_attr: [Controller, name]}
1117 CLOUDNAME: {get_param: CloudName}
1118 nova_server_resource:
1119 description: Heat resource handle for the Nova compute server
1121 {get_resource: Controller}
1123 description: Swift device formatted for swift-ring-builder
1126 template: 'r1z1-IP:%PORT%/d1'
1128 IP: {get_attr: [Controller, networks, ctlplane, 0]}
1129 swift_proxy_memcache:
1130 description: Swift proxy-memcache value
1133 template: "IP:11211"
1135 IP: {get_attr: [Controller, networks, ctlplane, 0]}
1137 description: identifier which changes if the node configuration may need re-applying
1138 value: "None - NO_SIGNAL"