1 description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
2 server,Dedicated RabbitMQ Server,Group of Nova Computes
3 heat_template_version: 2013-05-23
7 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The keystone auth secret.
15 CeilometerComputeAgent:
16 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
20 - allowed_values: ['', Present]
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service account.
33 description: The iSCSI helper to use with cinder.
35 CinderLVMLoopDeviceSize:
37 description: The size of the loopback file used by the cinder LVM driver.
41 description: The password for the cinder service account, used by cinder-api.
46 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
50 description: Should be used for arbitrary ips.
52 controllerExtraConfig:
55 Controller specific configuration to inject into the cluster. Same
56 structure as ExtraConfig.
60 default: overcloud-control
61 ControlVirtualInterface:
63 description: Interface where virtual ip will be assigned.
67 description: Set to True to enable debugging on all services.
69 DefaultSignalTransport:
71 description: Transport to use for software-config signals.
74 - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
78 Additional configuration to inject into the cluster. The JSON should have
79 the following structure:
82 [{"section": "SECTIONNAME",
84 [{"option": "OPTIONNAME",
95 [{"section": "default",
97 [{"option": "force_config_drive",
104 [{"option": "driver",
105 "value": "nova.cells.rpc_driver.CellsRPCDriver"
114 description: The filepath of the file to use for logging messages from Glance.
119 description: The password for the glance service account, used by the glance services.
124 description: Glance port.
128 description: Protocol to use when connecting to glance, set to https for SSL.
130 GlanceNotifierStrategy:
131 description: Strategy to use for Glance notification queue
136 description: The password for the Heat service account, used by the Heat services.
139 HeatStackDomainAdminPassword:
140 description: Password for heat_domain_admin user.
144 HypervisorNeutronPhysicalBridge:
147 An OVS bridge to create on each hypervisor. This defaults to br-ex the
148 same as the control plane nodes, as we have a uniform configuration of
149 the openvswitch agent. Typically should not need to be changed.
151 HypervisorNeutronPublicInterface:
153 description: What interface to add to the HypervisorNeutronPhysicalBridge.
156 default: 'REBUILD_PRESERVE_EPHEMERAL'
157 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
161 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
163 KeystoneCACertificate:
165 description: Keystone self-signed certificate authority certificate.
167 KeystoneSigningCertificate:
169 description: Keystone certificate for verifying token validity.
173 description: Keystone key for signing tokens.
176 KeystoneSSLCertificate:
178 description: Keystone certificate for verifying token validity.
180 KeystoneSSLCertificateKey:
182 description: Keystone key for signing tokens.
185 LiveUpdateComputeImage:
187 description: The image ID for live-updates to the overcloud compute nodes.
191 description: The IP address for the undercloud Glance API.
196 description: The live-update password for the undercloud Glance API.
198 LiveUpdateTenantName:
200 description: The live-update tenant name for the undercloud Glance API.
204 description: The live-update username for the undercloud Glance API.
206 MysqlInnodbBufferPoolSize:
208 Specifies the size of the buffer pool in megabytes. Setting to
209 zero should be interpreted as "no value" and will defer to the
213 NeutronBridgeMappings:
215 The OVS logical->physical bridge mappings to use. See the Neutron
216 documentation for details. Defaults to mapping br-ex - the external
217 bridge on hosts - to a physical name 'datacentre' which can be used
218 to create provider networks (and we use this for the default floating
219 network) - if changing this either use different post-install network
220 scripts or be sure to keep 'datacentre' as a mapping network name.
222 default: "datacentre:br-ex"
223 NeutronControlPlaneID:
226 description: Neutron ID for ctlplane network.
227 NeutronDnsmasqOptions:
228 default: 'dhcp-option-force=26,1400'
229 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
233 default: 'datacentre'
235 If set, flat networks to configure in neutron plugins. Defaults to
236 'datacentre' to permit external network creation.
239 description: The tenant network type for Neutron, either gre or vxlan.
241 NeutronNetworkVLANRanges:
242 default: 'datacentre'
244 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
245 Neutron documentation for permitted values. Defaults to permitting any
246 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
250 description: The password for the neutron service account, used by neutron agents.
253 NeutronPublicInterface:
255 description: What interface to bridge onto br-ex for network nodes.
257 NeutronPublicInterfaceDefaultRoute:
259 description: A custom default route for the NeutronPublicInterface.
261 NeutronPublicInterfaceIP:
263 description: A custom IP address to put onto the NeutronPublicInterface.
265 NeutronPublicInterfaceRawDevice:
267 description: If set, the public interface is a vlan with this device as the raw device.
269 NeutronPublicInterfaceTag:
272 VLAN tag for creating a public VLAN. The tag will be used to
273 create an access port on the exterior bridge for each control plane node,
274 and that port will be given the IP address returned by neutron from the
275 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
276 overcloud.yaml to include the deployment of VLAN ports to the control
282 The tunnel types for the Neutron tenant network. To specify multiple
283 values, use a comma separated string, like so: 'gre,vxlan'
286 default: libvirt.LibvirtDriver
288 NovaComputeExtraConfig:
291 NovaCompute specific configuration to inject into the cluster. Same
292 structure as ExtraConfig.
294 NovaComputeLibvirtType:
299 default: overcloud-compute
302 description: The password for the nova service account, used by nova-api.
308 OvercloudComputeFlavor:
310 description: Flavor for compute nodes to request when deploying.
312 OvercloudControlFlavor:
314 description: Flavor for control nodes to request when deploying.
316 PublicVirtualFixedIPs:
319 Control the IP allocation for the PublicVirtualInterface port. E.g.
320 [{'ip_address':'1.2.3.4'}]
322 PublicVirtualInterface:
325 Specifies the interface where the public-facing virtual ip will be assigned.
326 This should be int_public when a VLAN is being used.
328 PublicVirtualNetwork:
332 Neutron network to allocate public virtual IP port on.
336 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
339 description: The password for RabbitMQ
344 description: The username for RabbitMQ
346 SnmpdReadonlyUserName:
347 default: ro_snmp_user
348 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
350 SnmpdReadonlyUserPassword:
352 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
357 type: OS::Neutron::Port
359 name: control_virtual_ip
360 network_id: {get_param: NeutronControlPlaneID}
362 get_param: ControlFixedIPs
363 MysqlClusterUniquePart:
364 type: OS::Heat::RandomString
368 type: OS::Heat::RandomString
372 type: OS::Neutron::Port
374 name: public_virtual_ip
375 network: {get_param: PublicVirtualNetwork}
377 get_param: PublicVirtualFixedIPs
379 type: OS::Heat::RandomString
383 get_param: RabbitCookieSalt
384 NovaCompute0Deployment:
386 Path: nova-compute-instance.yaml
387 SubKey: resources.NovaCompute0Deployment
389 DefaultSignalTransport:
390 get_param: DefaultSignalTransport
391 NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
392 KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
393 NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
394 GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
395 RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
399 - - mysql://nova:unset@
400 - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
402 NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
406 - - mysql://ceilometer:unset@
407 - *compute_database_host
412 - - mysql://neutron:unset@
413 - *compute_database_host
416 get_param: NeutronNetworkType
418 get_param: NeutronTunnelTypes
419 NeutronEnableTunnelling: "True"
421 get_param: NeutronFlatNetworks
422 NeutronNetworkVLANRanges:
423 get_param: NeutronNetworkVLANRanges
424 NeutronPhysicalBridge:
425 get_param: HypervisorNeutronPhysicalBridge
426 NeutronPublicInterface:
427 get_param: HypervisorNeutronPublicInterface
428 NeutronBridgeMappings:
429 get_param: NeutronBridgeMappings
430 NovaCompute0AllNodesDeployment:
432 Path: nova-compute-instance.yaml
433 SubKey: resources.NovaCompute0AllNodesDeployment
435 AllNodesConfig: {get_resource: allNodesConfig}
438 Path: nova-compute-instance.yaml
439 SubKey: resources.NovaCompute0
440 NovaCompute0Passthrough:
442 Path: nova-compute-instance.yaml
443 SubKey: resources.NovaCompute0Passthrough
445 passthrough_config: {get_param: ExtraConfig}
446 NovaCompute0PassthroughSpecific:
448 Path: nova-compute-instance.yaml
449 SubKey: resources.NovaCompute0PassthroughSpecific
451 passthrough_config_specific: {get_param: NovaComputeExtraConfig}
453 type: OS::Heat::StructuredConfig
455 group: os-apply-config
458 get_param: AdminPassword
460 get_param: AdminToken
463 get_param: NeutronPublicInterfaceIP
475 nodeid: {get_input: bootstack_nodeid}
478 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
483 - - mysql://cinder:unset@
486 debug: {get_param: Debug}
488 get_param: CinderLVMLoopDeviceSize
490 get_param: CinderPassword
492 get_param: CinderISCSIHelper
494 get_input: controller_host
496 bindnetaddr: {get_input: controller_host}
501 ip: {get_attr: [controller0, networks, ctlplane, 0]}
503 stonith_enabled : false
505 quorum_policy : ignore
509 host: {get_input: controller_virtual_ip}
514 - - mysql://glance:unset@
517 debug: {get_param: Debug}
519 get_input: controller_virtual_ip
521 get_param: GlancePort
523 get_param: GlanceProtocol
525 get_param: GlancePassword
526 swift-store-user: service:glance
528 get_param: GlancePassword
530 get_param: GlanceNotifierStrategy
532 get_param: GlanceLogFile
535 get_param: HeatPassword
536 admin_tenant_name: service
538 auth_encryption_key: unset___________
542 - - mysql://heat:unset@
545 debug: {get_param: Debug}
546 stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
547 watch_server_url: {get_input: heat.watch_server_url}
548 metadata_server_url: {get_input: heat.metadata_server_url}
549 waitcondition_server_url: {get_input: heat.waitcondition_server_url}
556 {get_attr: [controller0, name]}
561 - - mysql://keystone:unset@
564 debug: {get_param: Debug}
566 get_input: controller_virtual_ip
567 ca_certificate: {get_param: KeystoneCACertificate}
568 signing_key: {get_param: KeystoneSigningKey}
569 signing_certificate: {get_param: KeystoneSigningCertificate}
571 certificate: {get_param: KeystoneSSLCertificate}
572 certificate_key: {get_param: KeystoneSSLCertificateKey}
574 innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
576 root-password: {get_resource: MysqlRootPassword}
580 ip: {get_attr: [controller0, networks, ctlplane, 0]}
585 - {get_resource: MysqlClusterUniquePart}
587 debug: {get_param: Debug}
588 flat-networks: {get_param: NeutronFlatNetworks}
589 host: {get_input: controller_virtual_ip}
590 metadata_proxy_shared_secret: unset
592 enable_tunneling: 'True'
594 get_input: controller_host
595 network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
596 bridge_mappings: {get_param: NeutronBridgeMappings}
598 get_param: NeutronPublicInterface
599 public_interface_raw_device:
600 get_param: NeutronPublicInterfaceRawDevice
601 public_interface_route:
602 get_param: NeutronPublicInterfaceDefaultRoute
603 public_interface_tag:
604 get_param: NeutronPublicInterfaceTag
605 physical_bridge: br-ex
607 get_param: NeutronNetworkType
609 get_param: NeutronTunnelTypes
613 - - mysql://neutron:unset@
615 - /ovs_neutron?charset=utf8
617 get_param: NeutronPassword
619 get_param: NeutronDnsmasqOptions
624 - - mysql://ceilometer:unset@
627 debug: {get_param: Debug}
628 metering_secret: {get_param: CeilometerMeteringSecret}
630 get_param: CeilometerPassword
632 export_MIB: UCD-SNMP-MIB
634 get_param: SnmpdReadonlyUserName
635 readonly_user_password:
636 get_param: SnmpdReadonlyUserPassword
638 compute_driver: libvirt.LibvirtDriver
642 - - mysql://nova:unset@
645 default_floating_pool:
647 host: {get_input: controller_virtual_ip}
650 get_param: NovaPassword
652 host: {get_input: controller_virtual_ip}
654 get_param: RabbitUserName
656 get_param: RabbitPassword
663 - {server: {get_param: NtpServer}, fudge: "stratum 0"}
666 - vrrp_instance_name: VI_CONTROL
667 virtual_router_id: 51
669 get_param: ControlVirtualInterface
672 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
674 get_param: ControlVirtualInterface
675 - vrrp_instance_name: VI_PUBLIC
676 virtual_router_id: 52
678 get_param: PublicVirtualInterface
681 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
683 get_param: PublicVirtualInterface
691 get_param: PublicVirtualInterface
695 ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
697 get_param: ControlVirtualInterface
699 ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
701 get_param: PublicVirtualInterface
706 ip: {get_attr: [controller0, networks, ctlplane, 0]}
707 name: {get_attr: [controller0, name]}
709 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
711 - name: keystone_admin
713 net_binds: &public_binds
714 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
715 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
716 - name: keystone_public
718 net_binds: *public_binds
721 net_binds: *public_binds
724 net_binds: *public_binds
727 net_binds: *public_binds
730 net_binds: *public_binds
731 - name: glance_registry
733 net_binds: *public_binds
736 net_binds: *public_binds
737 - name: heat_cloudwatch
739 net_binds: *public_binds
742 net_binds: *public_binds
754 net_binds: *public_binds
755 - name: nova_metadata
757 net_binds: *public_binds
760 net_binds: *public_binds
761 - name: swift_proxy_server
763 net_binds: *public_binds
769 controllerPassthrough:
770 type: OS::Heat::StructuredConfig
772 group: os-apply-config
773 config: {get_input: passthrough_config}
774 controllerPassthroughSpecific:
775 type: OS::Heat::StructuredConfig
777 group: os-apply-config
778 config: {get_input: passthrough_config_specific}
780 type: OS::Nova::Server
783 get_param: controllerImage
785 get_param: ImageUpdatePolicy
787 get_param: OvercloudControlFlavor
792 user_data_format: SOFTWARE_CONFIG
793 controller0AllNodesDeployment:
794 depends_on: [controller0Deployment,controller0SSLDeployment,controller0Swift,controller0PassthroughSpecific]
795 type: OS::Heat::StructuredDeployment
797 signal_transport: {get_param: DefaultSignalTransport}
798 config: {get_resource: allNodesConfig}
799 server: {get_resource: controller0}
800 controller0Deployment:
801 type: OS::Heat::StructuredDeployment
803 signal_transport: NO_SIGNAL
804 config: {get_resource: controllerConfig}
805 server: {get_resource: controller0}
807 bootstack_nodeid: {get_attr: [controller0, name]}
808 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
809 controller_virtual_ip:
810 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
811 heat.watch_server_url:
815 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
817 heat.metadata_server_url:
821 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
823 heat.waitcondition_server_url:
827 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
828 - ':8000/v1/waitcondition'
830 type: OS::Heat::StructuredConfig
833 completion-signal: {get_input: deploy_signal_id}
843 - - {get_attr: [NovaCompute0, networks, ctlplane, 0]}
844 - {get_attr: [NovaCompute0, name]}
847 - - {get_attr: [NovaCompute0, name]}
855 - - {get_attr: [BlockStorage0, networks, ctlplane, 0]}
856 - {get_attr: [BlockStorage0, name]}
859 - - {get_attr: [BlockStorage0, name]}
867 - - {get_attr: [SwiftStorage0, networks, ctlplane, 0]}
868 - {get_attr: [SwiftStorage0, name]}
871 - - {get_attr: [SwiftStorage0, name]}
879 - - {get_attr: [controller0, networks, ctlplane, 0]}
880 - {get_attr: [controller0, name]}
883 - - {get_attr: [controller0, name]}
885 - {get_param: CloudName}
892 {get_attr: [controller0, name]}
893 controller0SSLDeployment:
894 type: OS::Heat::StructuredDeployment
896 config: {get_resource: SSLConfig}
897 server: {get_resource: controller0}
898 signal_transport: NO_SIGNAL
900 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
901 ssl_certificate: {get_param: SSLCertificate}
902 ssl_key: {get_param: SSLKey}
903 ssl_ca_certificate: {get_param: SSLCACertificate}
904 controller0Passthrough:
905 type: OS::Heat::StructuredDeployment
907 config: {get_resource: controllerPassthrough}
908 server: {get_resource: controller0}
909 signal_transport: NO_SIGNAL
911 passthrough_config: {get_param: ExtraConfig}
912 controller0PassthroughSpecific:
913 depends_on: [controller0Passthrough]
914 type: OS::Heat::StructuredDeployment
916 config: {get_resource: controllerPassthroughSpecific}
917 server: {get_resource: controller0}
918 signal_transport: NO_SIGNAL
920 passthrough_config_specific: {get_param: controllerExtraConfig}
923 description: URL for the Overcloud Keystone service
928 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}