1 heat_template_version: 2015-04-30
4 OpenStack control plane node. Can be wrapped in a ResourceGroup for scaling.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
14 description: The keystone auth secret and db password.
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service and db account.
31 CinderEnableNfsBackend:
33 description: Whether to enable or not the NFS backend for Cinder
35 CinderEnableIscsiBackend:
37 description: Whether to enable or not the Iscsi backend for Cinder
39 CinderEnableRbdBackend:
41 description: Whether to enable or not the Rbd backend for Cinder
45 description: The iSCSI helper to use with cinder.
47 CinderLVMLoopDeviceSize:
49 description: The size of the loopback file used by the cinder LVM driver.
51 CinderNfsMountOptions:
54 Mount options for NFS mounts used by Cinder NFS backend. Effective
55 when CinderEnableNfsBackend is true.
60 NFS servers used by Cinder NFS backend. Effective when
61 CinderEnableNfsBackend is true.
62 type: comma_delimited_list
65 description: The password for the cinder service and db account, used by cinder-api.
70 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
72 ControllerExtraConfig:
75 Controller specific configuration to inject into the cluster. Same
76 structure as ExtraConfig.
78 ControlVirtualInterface:
80 description: Interface where virtual ip will be assigned.
84 description: Set to True to enable debugging on all services.
88 description: Whether to enable fencing in Pacemaker or not.
92 description: Whether to use Galera instead of regular MariaDB.
96 description: Whether to deploy Ceph Storage (OSD) on the Controller
100 description: Whether to enable Swift Storage on the Controller
105 Additional configuration to inject into the cluster. The JSON should have
106 the following structure:
109 [{"section": "SECTIONNAME",
111 [{"option": "OPTIONNAME",
122 [{"section": "default",
124 [{"option": "compute_manager",
125 "value": "ironic.nova.compute.manager.ClusterComputeManager"
131 [{"option": "driver",
132 "value": "nova.cells.rpc_driver.CellsRPCDriver"
143 Pacemaker fencing configuration. The JSON should have
144 the following structure:
148 "agent": "AGENT_NAME",
149 "host_mac": "HOST_MAC_ADDRESS",
150 "params": {"PARAM_NAME": "PARAM_VALUE"}
158 "agent": "fence_xvm",
159 "host_mac": "52:54:00:aa:bb:cc",
161 "multicast_address": "225.0.0.12",
162 "port": "baremetal_0",
164 "manage_key_file": true,
165 "key_file": "/etc/fence_xvm.key",
166 "key_file_password": "abcdef"
173 description: Flavor for control nodes to request when deploying.
176 - custom_constraint: nova.flavor
177 GlanceNotifierStrategy:
178 description: Strategy to use for Glance notification queue
182 description: The filepath of the file to use for logging messages from Glance.
187 description: The password for the glance service and db account, used by the glance services.
192 description: Glance port.
196 description: Protocol to use when connecting to glance, set to https for SSL.
200 description: The short name of the Glance backend to use. Should be one
201 of swift, rbd, or file
204 - allowed_values: ['swift', 'file', 'rbd']
207 description: The password for the Heat service and db account, used by the Heat services.
210 HeatStackDomainAdminPassword:
211 description: Password for heat_domain_admin user.
215 HeatAuthEncryptionKey:
216 description: Auth encryption key for heat-engine
220 description: Secret key for Django
225 default: overcloud-control
227 - custom_constraint: glance.image
229 default: 'REBUILD_PRESERVE_EPHEMERAL'
230 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
234 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
237 - custom_constraint: nova.keypair
238 KeystoneCACertificate:
240 description: Keystone self-signed certificate authority certificate.
242 KeystoneSigningCertificate:
244 description: Keystone certificate for verifying token validity.
248 description: Keystone key for signing tokens.
251 KeystoneSSLCertificate:
253 description: Keystone certificate for verifying token validity.
255 KeystoneSSLCertificateKey:
257 description: Keystone key for signing tokens.
260 KeystoneNotificationDriver:
261 description: Comma-separated list of Oslo notification drivers used by Keystone
262 default: ['messaging']
263 type: comma_delimited_list
264 KeystoneNotificationFormat:
265 description: The Keystone notification format
269 - allowed_values: [ 'basic', 'cadf' ]
270 MysqlClusterUniquePart:
271 description: A unique identifier of the MySQL cluster the controller is in.
273 default: 'unset' # Has to be here because of the ignored empty value bug
274 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
276 # - length: {min: 4, max: 10}
277 MysqlInnodbBufferPoolSize:
279 Specifies the size of the buffer pool in megabytes. Setting to
280 zero should be interpreted as "no value" and will defer to the
285 description: Configures MySQL max_connections config setting
291 default: '' # Has to be here because of the ignored empty value bug
292 NeutronExternalNetworkBridge:
293 description: Name of bridge used for external network traffic.
296 NeutronBridgeMappings:
298 The OVS logical->physical bridge mappings to use. See the Neutron
299 documentation for details. Defaults to mapping br-ex - the external
300 bridge on hosts - to a physical name 'datacentre' which can be used
301 to create provider networks (and we use this for the default floating
302 network) - if changing this either use different post-install network
303 scripts or be sure to keep 'datacentre' as a mapping network name.
305 default: "datacentre:br-ex"
306 NeutronDnsmasqOptions:
307 default: 'dhcp-option-force=26,1400'
308 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
312 description: Agent mode for the neutron-l3-agent on the controller hosts
316 description: Whether to configure Neutron Distributed Virtual Routers
318 NeutronMetadataProxySharedSecret:
320 description: Shared secret to prevent spoofing
326 The core plugin for Neutron. The value should be the entrypoint to be loaded
327 from neutron.core_plugins namespace.
329 NeutronServicePlugins:
332 Comma-separated list of service plugin entrypoints to be loaded from the
333 neutron.service_plugins namespace.
334 type: comma_delimited_list
336 default: "vxlan,vlan,flat,gre"
338 Comma-separated list of network type driver entrypoints to be loaded.
339 type: comma_delimited_list
340 NeutronMechanismDrivers:
341 default: 'openvswitch'
343 The mechanism drivers for the Neutron tenant network. To specify multiple
344 values, use a comma separated string, like so: 'openvswitch,l2_population'
346 NeutronAllowL3AgentFailover:
348 description: Allow automatic l3-agent failover
352 description: Whether to enable l3-agent HA
354 NeutronDhcpAgentsPerNetwork:
357 description: The number of neutron dhcp agents to schedule per network
358 NeutronEnableIsolatedMetadata:
360 description: If True, DHCP provide metadata route to VM.
362 NeutronEnableTunnelling:
368 Enable/disable the L2 population feature in the Neutron agents.
372 default: 'datacentre'
373 description: If set, flat networks to configure in neutron plugins.
376 description: The tenant network type for Neutron, either gre or vxlan.
378 NeutronNetworkVLANRanges:
379 default: 'datacentre'
381 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
382 Neutron documentation for permitted values. Defaults to permitting any
383 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
384 type: comma_delimited_list
387 description: The password for the neutron service and db account, used by neutron agents.
390 NeutronPublicInterface:
392 description: What interface to bridge onto br-ex for network nodes.
394 NeutronPublicInterfaceTag:
397 VLAN tag for creating a public VLAN. The tag will be used to
398 create an access port on the exterior bridge for each control plane node,
399 and that port will be given the IP address returned by neutron from the
400 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
401 overcloud.yaml to include the deployment of VLAN ports to the control
404 NeutronPublicInterfaceDefaultRoute:
406 description: A custom default route for the NeutronPublicInterface.
408 NeutronPublicInterfaceIP:
410 description: A custom IP address to put onto the NeutronPublicInterface.
412 NeutronPublicInterfaceRawDevice:
414 description: If set, the public interface is a vlan with this device as the raw device.
419 The tunnel types for the Neutron tenant network. To specify multiple
420 values, use a comma separated string, like so: 'gre,vxlan'
422 NeutronTunnelIdRanges:
424 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
425 of GRE tunnel IDs that are available for tenant network allocation
426 default: ["1:1000", ]
427 type: comma_delimited_list
430 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
431 of VXLAN VNI IDs that are available for tenant network allocation
432 default: ["1:1000", ]
433 type: comma_delimited_list
436 description: The password for the nova service and db account, used by nova-api.
441 description: Should MongoDb journaling be disabled
448 description: The password for the 'pcsd' user.
450 PublicVirtualInterface:
453 Specifies the interface where the public-facing virtual ip will be assigned.
454 This should be int_public when a VLAN is being used.
458 default: '' # Has to be here because of the ignored empty value bug
461 default: '' # Has to be here because of the ignored empty value bug
465 description: The password for RabbitMQ
470 description: The username for RabbitMQ
475 Rabbit client subscriber parameter to specify
476 an SSL connection to the RabbitMQ host.
480 description: Set rabbit subscriber port, change this if using SSL
484 description: Configures RabbitMQ FD limit
488 default: '' # Has to be here because of the ignored empty value bug
489 SnmpdReadonlyUserName:
490 default: ro_snmp_user
491 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
493 SnmpdReadonlyUserPassword:
495 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
500 description: If set, the contents of an SSL certificate authority file.
504 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
509 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
514 description: A random string to be used as a salt when hashing to determine mappings
520 description: Value of mount_check in Swift account/container/object -server.conf
525 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
528 description: Partition Power to use when building Swift rings
532 description: The password for the swift service account, used by the swift proxy
539 description: How many replicas to use in the swift rings.
542 default: '' # Has to be here because of the ignored empty value bug
552 KeystoneAdminApiVirtualIP:
555 KeystonePublicApiVirtualIP:
566 description: Mapping of service_name -> network name. Typically set
567 via parameter_defaults in the resource registry.
573 Setting to a previously unused value during stack-update will trigger
574 package update on all nodes
577 default: '' # Defaults to Heat created hostname
582 type: OS::Nova::Server
584 image: {get_param: Image}
585 image_update_policy: {get_param: ImageUpdatePolicy}
586 flavor: {get_param: Flavor}
587 key_name: {get_param: KeyName}
590 user_data_format: SOFTWARE_CONFIG
591 user_data: {get_resource: NodeUserData}
592 name: {get_param: Hostname}
595 type: OS::TripleO::NodeUserData
598 type: OS::TripleO::Controller::Ports::ExternalPort
600 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
603 type: OS::TripleO::Controller::Ports::InternalApiPort
605 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
608 type: OS::TripleO::Controller::Ports::StoragePort
610 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
613 type: OS::TripleO::Controller::Ports::StorageMgmtPort
615 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
618 type: OS::TripleO::Controller::Ports::TenantPort
620 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
623 type: OS::TripleO::Controller::Net::SoftwareConfig
625 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
626 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
627 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
628 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
629 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
630 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
633 type: OS::TripleO::SoftwareDeployment
635 signal_transport: NO_SIGNAL
636 config: {get_resource: NetworkConfig}
637 server: {get_resource: Controller}
640 interface_name: {get_param: NeutronPublicInterface}
642 ControllerPassthroughConfig:
643 type: OS::Heat::StructuredConfig
645 group: os-apply-config
646 config: {get_input: passthrough_config}
648 ControllerPassthroughConfigSpecific:
649 type: OS::Heat::StructuredConfig
651 group: os-apply-config
652 config: {get_input: passthrough_config_specific}
655 type: OS::Heat::StructuredConfig
657 group: os-apply-config
659 admin-password: {get_input: admin_password}
660 admin-token: {get_input: admin_token}
662 public_interface_ip: {get_input: neutron_public_interface_ip}
664 nodeid: {get_input: bootstack_nodeid}
666 db: {get_input: cinder_dsn}
667 debug: {get_input: debug}
668 volume_size_mb: {get_input: cinder_lvm_loop_device_size}
669 service-password: {get_input: cinder_password}
670 iscsi-helper: {get_input: CinderISCSIHelper}
671 controller-address: {get_input: controller_host}
673 bindnetaddr: {get_input: controller_host}
676 stonith_enabled : false
678 quorum_policy : ignore
682 host: {get_input: controller_virtual_ip}
684 db: {get_input: glance_dsn}
685 debug: {get_input: debug}
686 host: {get_input: controller_virtual_ip}
687 port: {get_input: glance_port}
688 uri: {get_input: glance_uri}
689 protocol: {get_input: glance_protocol}
690 service-password: {get_input: glance_password}
691 swift-store-user: service:glance
692 swift-store-key: {get_input: glance_password}
693 notifier-strategy: {get_input: glance_notifier_strategy}
694 log-file: {get_input: glance_log_file}
696 admin_password: {get_input: heat_password}
697 admin_tenant_name: service
699 auth_encryption_key: {get_input: heat_auth_encryption_key}
700 db: {get_input: heat_dsn}
701 debug: {get_input: debug}
702 stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
703 watch_server_url: {get_input: heat.watch_server_url}
704 metadata_server_url: {get_input: heat.metadata_server_url}
705 waitcondition_server_url: {get_input: heat.waitcondition_server_url}
707 db: {get_input: keystone_dsn}
708 debug: {get_input: debug}
709 host: {get_input: controller_virtual_ip}
710 ca_certificate: {get_input: keystone_ca_certificate}
711 signing_key: {get_input: keystone_signing_key}
712 signing_certificate: {get_input: keystone_signing_certificate}
714 certificate: {get_input: keystone_ssl_certificate}
715 certificate_key: {get_input: keystone_ssl_certificate_key}
717 innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
719 root-password: {get_input: mysql_root_password}
720 cluster_name: {get_input: mysql_cluster_name}
722 debug: {get_input: debug}
723 flat-networks: {get_input: neutron_flat_networks}
724 host: {get_input: controller_virtual_ip}
725 metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
726 agent_mode: {get_input: neutron_agent_mode}
727 router_distributed: {get_input: neutron_router_distributed}
728 core_plugin: {get_input: neutron_core_plugin}
729 service_plugins: {get_input: neutron_service_plugins}
730 type_drivers: {get_input: neutron_type_drivers}
731 mechanism_drivers: {get_input: neutron_mechanism_drivers}
732 allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
733 l3_ha: {get_input: neutron_l3_ha}
734 dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
735 enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
737 enable_tunneling: {get_input: neutron_enable_tunneling}
738 l2_population: {get_input: neutron_enable_l2pop}
739 local_ip: {get_input: controller_host}
740 network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
741 bridge_mappings: {get_input: neutron_bridge_mappings}
742 public_interface: {get_input: neutron_public_interface}
743 public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
744 public_interface_route: {get_input: neutron_public_interface_default_route}
745 public_interface_tag: {get_input: neutron_public_interface_tag}
746 physical_bridge: br-ex
747 tenant_network_type: {get_input: neutron_tenant_network_type}
748 tunnel_types: {get_input: neutron_tunnel_types}
749 tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
750 vni_ranges: {get_input: neutron_vni_ranges}
751 ovs_db: {get_input: neutron_dsn}
752 service-password: {get_input: neutron_password}
753 dnsmasq-options: {get_input: neutron_dnsmasq_options}
755 db: {get_input: ceilometer_dsn}
756 debug: {get_input: debug}
757 metering_secret: {get_input: ceilometer_metering_secret}
758 service-password: {get_input: ceilometer_password}
760 export_MIB: UCD-SNMP-MIB
761 readonly_user_name: {get_input: snmpd_readonly_user_name}
762 readonly_user_password: {get_input: snmpd_readonly_user_password}
764 compute_driver: libvirt.LibvirtDriver
765 db: {get_input: nova_dsn}
766 default_floating_pool:
768 host: {get_input: controller_virtual_ip}
770 service-password: {get_input: nova_password}
772 nojournal: {get_input: mongodb_no_journal}
774 host: {get_input: controller_virtual_ip}
775 username: {get_input: rabbit_username}
776 password: {get_input: rabbit_password}
777 cookie: {get_input: rabbit_cookie}
778 rabbit_client_use_ssl: {get_input: rabbit_client_use_ssl}
779 rabbit_port: {get_input: rabbit_client_port}
782 - {server: {get_input: ntp_server}}
785 - vrrp_instance_name: VI_CONTROL
786 virtual_router_id: 51
787 keepalive_interface: {get_input: control_virtual_interface}
790 - ip: {get_input: controller_virtual_ip}
791 interface: {get_input: control_virtual_interface}
792 - vrrp_instance_name: VI_PUBLIC
793 virtual_router_id: 52
794 keepalive_interface: {get_input: public_virtual_interface}
797 - ip: {get_input: public_virtual_ip}
798 interface: {get_input: public_virtual_interface}
805 keepalive_interface: {get_input: public_virtual_interface}
809 ip: {get_input: controller_virtual_ip}
810 interface: {get_input: control_virtual_interface}
812 ip: {get_input: public_virtual_ip}
813 interface: {get_input: public_virtual_interface}
816 - ip: {get_input: controller_virtual_ip}
818 - option httpchk GET /
820 - name: keystone_admin
822 net_binds: &public_binds
823 - ip: {get_input: controller_virtual_ip}
824 - ip: {get_input: public_virtual_ip}
825 - name: keystone_public
827 net_binds: *public_binds
830 net_binds: *public_binds
833 net_binds: *public_binds
836 net_binds: *public_binds
839 net_binds: *public_binds
840 - name: glance_registry
842 net_binds: *public_binds
843 options: # overwrite options as glace_reg needs auth for http req
846 net_binds: *public_binds
847 - name: heat_cloudwatch
849 net_binds: *public_binds
852 net_binds: *public_binds
864 net_binds: *public_binds
865 - name: nova_metadata
867 net_binds: *public_binds
868 - name: nova_novncproxy
870 net_binds: *public_binds
873 net_binds: *public_binds
874 options: # overwrite options as ceil needs auth for http req
875 - name: swift_proxy_server
877 net_binds: *public_binds
879 - option httpchk GET /info
887 ControllerDeployment:
888 type: OS::TripleO::SoftwareDeployment
890 signal_transport: NO_SIGNAL
891 config: {get_resource: ControllerConfig}
892 server: {get_resource: Controller}
894 bootstack_nodeid: {get_attr: [Controller, name]}
895 controller_host: {get_attr: [Controller, networks, ctlplane, 0]}
896 controller_virtual_ip: {get_param: VirtualIP}
897 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
898 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
899 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
900 heat.watch_server_url:
904 - {get_param: VirtualIP}
906 heat.metadata_server_url:
910 - {get_param: VirtualIP}
912 heat.waitcondition_server_url:
916 - {get_param: VirtualIP}
917 - ':8000/v1/waitcondition'
918 admin_password: {get_param: AdminPassword}
919 admin_token: {get_param: AdminToken}
920 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
921 debug: {get_param: Debug}
922 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
923 cinder_password: {get_param: CinderPassword}
924 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
928 - - 'mysql://cinder:'
929 - {get_param: CinderPassword}
931 - {get_param: VirtualIP}
933 glance_port: {get_param: GlancePort}
934 glance_protocol: {get_param: GlanceProtocol}
935 glance_password: {get_param: GlancePassword}
936 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
937 glance_log_file: {get_param: GlanceLogFile}
941 - - 'mysql://glance:'
942 - {get_param: GlancePassword}
944 - {get_param: VirtualIP}
946 heat_password: {get_param: HeatPassword}
947 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
948 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
953 - {get_param: HeatPassword}
955 - {get_param: VirtualIP}
957 keystone_ca_certificate: {get_param: KeystoneCACertificate}
958 keystone_signing_key: {get_param: KeystoneSigningKey}
959 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
960 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
961 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
965 - - 'mysql://keystone:'
966 - {get_param: AdminToken}
968 - {get_param: VirtualIP}
970 mongodb_no_journal: {get_param: MongoDbNoJournal}
971 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
972 mysql_root_password: {get_param: MysqlRootPassword}
975 template: tripleo-CLUSTER
977 CLUSTER: {get_param: MysqlClusterUniquePart}
978 neutron_flat_networks: {get_param: NeutronFlatNetworks}
979 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
980 neutron_agent_mode: {get_param: NeutronAgentMode}
981 neutron_router_distributed: {get_param: NeutronDVR}
982 neutron_core_plugin: {get_param: NeutronCorePlugin}
983 neutron_service_plugins:
985 template: "['PLUGINS']"
990 - {get_param: NeutronServicePlugins}
991 neutron_type_drivers:
993 template: "['DRIVERS']"
998 - {get_param: NeutronTypeDrivers}
999 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
1000 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1001 neutron_l3_ha: {get_param: NeutronL3HA}
1002 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1003 neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
1004 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
1005 neutron_public_interface: {get_param: NeutronPublicInterface}
1006 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1007 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1008 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1009 neutron_tenant_network_type: {get_param: NeutronNetworkType}
1010 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
1011 neutron_tunnel_id_ranges:
1013 template: "['RANGES']"
1018 - {get_param: NeutronTunnelIdRanges}
1021 template: "['RANGES']"
1026 - {get_param: NeutronVniRanges}
1027 neutron_password: {get_param: NeutronPassword}
1028 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1032 - - 'mysql://neutron:'
1033 - {get_param: NeutronPassword}
1035 - {get_param: VirtualIP}
1036 - '/ovs_neutron?charset=utf8'
1037 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1038 ceilometer_password: {get_param: CeilometerPassword}
1042 - - 'mysql://ceilometer:'
1043 - {get_param: CeilometerPassword}
1045 - {get_param: VirtualIP}
1047 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1048 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1049 nova_password: {get_param: NovaPassword}
1054 - {get_param: NovaPassword}
1056 - {get_param: VirtualIP}
1058 rabbit_username: {get_param: RabbitUserName}
1059 rabbit_password: {get_param: RabbitPassword}
1060 rabbit_cookie: {get_param: RabbitCookie}
1061 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1062 rabbit_client_port: {get_param: RabbitClientPort}
1063 ntp_server: {get_param: NtpServer}
1064 control_virtual_interface: {get_param: ControlVirtualInterface}
1065 public_virtual_interface: {get_param: PublicVirtualInterface}
1066 public_virtual_ip: {get_param: PublicVirtualIP}
1069 type: OS::Heat::StructuredConfig
1071 group: os-apply-config
1074 ca_certificate: {get_input: ssl_ca_certificate}
1076 cert: {get_input: ssl_certificate}
1077 key: {get_input: ssl_key}
1078 cacert: {get_input: ssl_ca_certificate}
1083 connect_host: {get_input: controller_host}
1087 connect_host: {get_input: controller_host}
1091 connect_host: {get_input: controller_host}
1095 connect_host: {get_input: controller_host}
1099 connect_host: {get_input: controller_host}
1100 - name: 'swift-proxy'
1103 connect_host: {get_input: controller_host}
1107 connect_host: {get_input: controller_host}
1108 - name: 'ceilometer'
1111 connect_host: {get_input: controller_host}
1113 ControllerSSLDeployment:
1114 type: OS::Heat::StructuredDeployment
1116 config: {get_resource: SSLConfig}
1117 server: {get_resource: Controller}
1118 signal_transport: NO_SIGNAL
1120 controller_host: {get_attr: [Controller, networks, ctlplane, 0]}
1121 ssl_certificate: {get_param: SSLCertificate}
1122 ssl_key: {get_param: SSLKey}
1123 ssl_ca_certificate: {get_param: SSLCACertificate}
1125 ControllerPassthroughDeployment:
1126 type: OS::Heat::StructuredDeployment
1128 config: {get_resource: ControllerPassthroughConfig}
1129 server: {get_resource: Controller}
1130 signal_transport: NO_SIGNAL
1132 passthrough_config: {get_param: ExtraConfig}
1134 ControllerPassthroughSpecificDeployment:
1135 depends_on: [ControllerPassthroughDeployment]
1136 type: OS::Heat::StructuredDeployment
1138 config: {get_resource: ControllerPassthroughConfigSpecific}
1139 server: {get_resource: Controller}
1140 signal_transport: NO_SIGNAL
1142 passthrough_config_specific: {get_param: ControllerExtraConfig}
1145 type: OS::Heat::StructuredConfig
1147 group: os-apply-config
1150 hash: { get_input: swift_hash_suffix }
1151 part-power: { get_input: swift_part_power }
1152 mount-check: { get_input: swift_mount_check }
1153 min-part-hours: { get_input: swift_min_part_hours }
1154 replicas: {get_input: swift_replicas }
1155 service-password: { get_input: swift_password }
1158 type: OS::Heat::StructuredDeployment
1160 server: {get_resource: Controller}
1161 config: {get_resource: SwiftConfig}
1162 signal_transport: NO_SIGNAL
1164 swift_hash_suffix: {get_param: SwiftHashSuffix}
1165 swift_mount_check: {get_param: SwiftMountCheck}
1166 swift_password: {get_param: SwiftPassword}
1167 swift_min_part_hours: {get_param: SwiftMinPartHours}
1168 swift_part_power: {get_param: SwiftPartPower}
1169 swift_replicas: { get_param: SwiftReplicas}
1173 description: IP address of the server in the ctlplane network
1174 value: {get_attr: [Controller, networks, ctlplane, 0]}
1175 external_ip_address:
1176 description: IP address of the server in the external network
1177 value: {get_attr: [ExternalPort, ip_address]}
1178 internal_api_ip_address:
1179 description: IP address of the server in the internal_api network
1180 value: {get_attr: [InternalApiPort, ip_address]}
1182 description: IP address of the server in the storage network
1183 value: {get_attr: [StoragePort, ip_address]}
1184 storage_mgmt_ip_address:
1185 description: IP address of the server in the storage_mgmt network
1186 value: {get_attr: [StorageMgmtPort, ip_address]}
1188 description: IP address of the server in the tenant network
1189 value: {get_attr: [TenantPort, ip_address]}
1191 description: Hostname of the server
1192 value: {get_attr: [Controller, name]}
1195 Node object in the format {ip: ..., name: ...} format that the corosync
1198 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1199 name: {get_attr: [Controller, name]}
1202 Server's IP address and hostname in the /etc/hosts format
1205 template: IP HOST CLOUDNAME
1207 IP: {get_attr: [Controller, networks, ctlplane, 0]}
1208 HOST: {get_attr: [Controller, name]}
1209 CLOUDNAME: {get_param: CloudName}
1210 nova_server_resource:
1211 description: Heat resource handle for the Nova compute server
1213 {get_resource: Controller}
1215 description: Swift device formatted for swift-ring-builder
1218 template: 'r1z1-IP:%PORT%/d1'
1220 IP: {get_attr: [Controller, networks, ctlplane, 0]}
1221 swift_proxy_memcache:
1222 description: Swift proxy-memcache value
1225 template: "IP:11211"
1227 IP: {get_attr: [Controller, networks, ctlplane, 0]}
1229 description: identifier which changes if the node configuration may need re-applying
1230 value: "None - NO_SIGNAL"