1 description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
2 server,Dedicated RabbitMQ Server,Group of Nova Computes
3 heat_template_version: 2013-05-23
7 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The keystone auth secret.
15 CeilometerComputeAgent:
16 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
20 - allowed_values: ['', Present]
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service account.
33 description: The iSCSI helper to use with cinder.
35 CinderLVMLoopDeviceSize:
37 description: The size of the loopback file used by the cinder LVM driver.
41 description: The password for the cinder service account, used by cinder-api.
46 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
50 description: Should be used for arbitrary ips.
52 controllerExtraConfig:
55 Controller specific configuration to inject into the cluster. Same
56 structure as ExtraConfig.
60 default: overcloud-control
61 ControlVirtualInterface:
63 description: Interface where virtual ip will be assigned.
67 description: Set to True to enable debugging on all services.
69 DefaultSignalTransport:
71 description: Transport to use for software-config signals.
74 - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
78 Additional configuration to inject into the cluster. The JSON should have
79 the following structure:
82 [{"section": "SECTIONNAME",
84 [{"option": "OPTIONNAME",
95 [{"section": "default",
97 [{"option": "force_config_drive",
104 [{"option": "driver",
105 "value": "nova.cells.rpc_driver.CellsRPCDriver"
114 description: The filepath of the file to use for logging messages from Glance.
119 description: The password for the glance service account, used by the glance services.
124 description: Glance port.
128 description: Protocol to use when connecting to glance, set to https for SSL.
130 GlanceNotifierStrategy:
131 description: Strategy to use for Glance notification queue
136 description: The password for the Heat service account, used by the Heat services.
139 HeatStackDomainAdminPassword:
140 description: Password for heat_domain_admin user.
144 HypervisorNeutronPhysicalBridge:
147 An OVS bridge to create on each hypervisor. This defaults to br-ex the
148 same as the control plane nodes, as we have a uniform configuration of
149 the openvswitch agent. Typically should not need to be changed.
151 HypervisorNeutronPublicInterface:
153 description: What interface to add to the HypervisorNeutronPhysicalBridge.
156 default: 'REBUILD_PRESERVE_EPHEMERAL'
157 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
161 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
163 KeystoneCACertificate:
165 description: Keystone self-signed certificate authority certificate.
167 KeystoneSigningCertificate:
169 description: Keystone certificate for verifying token validity.
173 description: Keystone key for signing tokens.
176 KeystoneSSLCertificate:
178 description: Keystone certificate for verifying token validity.
180 KeystoneSSLCertificateKey:
182 description: Keystone key for signing tokens.
185 LiveUpdateComputeImage:
187 description: The image ID for live-updates to the overcloud compute nodes.
191 description: The IP address for the undercloud Glance API.
196 description: The live-update password for the undercloud Glance API.
198 LiveUpdateTenantName:
200 description: The live-update tenant name for the undercloud Glance API.
204 description: The live-update username for the undercloud Glance API.
206 MysqlInnodbBufferPoolSize:
208 Specifies the size of the buffer pool in megabytes. Setting to
209 zero should be interpreted as "no value" and will defer to the
213 NeutronBridgeMappings:
215 The OVS logical->physical bridge mappings to use. See the Neutron
216 documentation for details. Defaults to mapping br-ex - the external
217 bridge on hosts - to a physical name 'datacentre' which can be used
218 to create provider networks (and we use this for the default floating
219 network) - if changing this either use different post-install network
220 scripts or be sure to keep 'datacentre' as a mapping network name.
222 default: "datacentre:br-ex"
223 NeutronControlPlaneID:
226 description: Neutron ID for ctlplane network.
227 NeutronDnsmasqOptions:
228 default: 'dhcp-option-force=26,1400'
229 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
233 default: 'datacentre'
235 If set, flat networks to configure in neutron plugins. Defaults to
236 'datacentre' to permit external network creation.
239 description: The tenant network type for Neutron, either gre or vxlan.
241 NeutronNetworkVLANRanges:
242 default: 'datacentre'
244 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
245 Neutron documentation for permitted values. Defaults to permitting any
246 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
250 description: The password for the neutron service account, used by neutron agents.
253 NeutronPublicInterface:
255 description: What interface to bridge onto br-ex for network nodes.
257 NeutronPublicInterfaceDefaultRoute:
259 description: A custom default route for the NeutronPublicInterface.
261 NeutronPublicInterfaceIP:
263 description: A custom IP address to put onto the NeutronPublicInterface.
265 NeutronPublicInterfaceRawDevice:
267 description: If set, the public interface is a vlan with this device as the raw device.
269 NeutronPublicInterfaceTag:
272 VLAN tag for creating a public VLAN. The tag will be used to
273 create an access port on the exterior bridge for each control plane node,
274 and that port will be given the IP address returned by neutron from the
275 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
276 overcloud.yaml to include the deployment of VLAN ports to the control
282 The tunnel types for the Neutron tenant network. To specify multiple
283 values, use a comma separated string, like so: 'gre,vxlan'
286 default: libvirt.LibvirtDriver
288 NovaComputeExtraConfig:
291 NovaCompute specific configuration to inject into the cluster. Same
292 structure as ExtraConfig.
294 NovaComputeLibvirtType:
299 default: overcloud-compute
302 description: The password for the nova service account, used by nova-api.
308 OvercloudComputeFlavor:
310 description: Flavor for compute nodes to request when deploying.
312 OvercloudControlFlavor:
314 description: Flavor for control nodes to request when deploying.
316 PublicVirtualFixedIPs:
319 Control the IP allocation for the PublicVirtualInterface port. E.g.
320 [{'ip_address':'1.2.3.4'}]
322 PublicVirtualInterface:
325 Specifies the interface where the public-facing virtual ip will be assigned.
326 This should be int_public when a VLAN is being used.
328 PublicVirtualNetwork:
332 Neutron network to allocate public virtual IP port on.
336 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
339 description: The password for RabbitMQ
344 description: The username for RabbitMQ
349 Rabbit client subscriber parameter to specify
350 an SSL connection to the RabbitMQ host.
354 description: Set rabbit subscriber port, change this if using SSL
356 SnmpdReadonlyUserName:
357 default: ro_snmp_user
358 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
360 SnmpdReadonlyUserPassword:
362 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
367 type: OS::Neutron::Port
369 name: control_virtual_ip
370 network_id: {get_param: NeutronControlPlaneID}
372 get_param: ControlFixedIPs
373 replacement_policy: AUTO
374 MysqlClusterUniquePart:
375 type: OS::Heat::RandomString
379 type: OS::Heat::RandomString
383 type: OS::Neutron::Port
385 name: public_virtual_ip
386 network: {get_param: PublicVirtualNetwork}
388 get_param: PublicVirtualFixedIPs
389 replacement_policy: AUTO
391 type: OS::Heat::RandomString
395 get_param: RabbitCookieSalt
396 NovaCompute0Deployment:
398 Path: nova-compute-instance.yaml
399 SubKey: resources.NovaCompute0Deployment
401 DefaultSignalTransport:
402 get_param: DefaultSignalTransport
403 NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
404 KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
405 NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
406 GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
407 RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
411 - - mysql://nova:unset@
412 - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
414 NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
418 - - mysql://ceilometer:unset@
419 - *compute_database_host
424 - - mysql://neutron:unset@
425 - *compute_database_host
428 get_param: NeutronNetworkType
430 get_param: NeutronTunnelTypes
431 NeutronEnableTunnelling: "True"
433 get_param: NeutronFlatNetworks
434 NeutronNetworkVLANRanges:
435 get_param: NeutronNetworkVLANRanges
436 NeutronPhysicalBridge:
437 get_param: HypervisorNeutronPhysicalBridge
438 NeutronPublicInterface:
439 get_param: HypervisorNeutronPublicInterface
440 NeutronBridgeMappings:
441 get_param: NeutronBridgeMappings
442 NovaCompute0AllNodesDeployment:
444 Path: nova-compute-instance.yaml
445 SubKey: resources.NovaCompute0AllNodesDeployment
447 AllNodesConfig: {get_resource: allNodesConfig}
450 Path: nova-compute-instance.yaml
451 SubKey: resources.NovaCompute0
452 NovaCompute0Passthrough:
454 Path: nova-compute-instance.yaml
455 SubKey: resources.NovaCompute0Passthrough
457 passthrough_config: {get_param: ExtraConfig}
458 NovaCompute0PassthroughSpecific:
460 Path: nova-compute-instance.yaml
461 SubKey: resources.NovaCompute0PassthroughSpecific
463 passthrough_config_specific: {get_param: NovaComputeExtraConfig}
465 type: OS::Heat::StructuredConfig
467 group: os-apply-config
470 get_param: AdminPassword
472 get_param: AdminToken
475 get_param: NeutronPublicInterfaceIP
487 nodeid: {get_input: bootstack_nodeid}
490 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
495 - - mysql://cinder:unset@
498 debug: {get_param: Debug}
500 get_param: CinderLVMLoopDeviceSize
502 get_param: CinderPassword
504 get_param: CinderISCSIHelper
506 get_input: controller_host
508 bindnetaddr: {get_input: controller_host}
513 ip: {get_attr: [controller0, networks, ctlplane, 0]}
515 stonith_enabled : false
517 quorum_policy : ignore
521 host: {get_input: controller_virtual_ip}
526 - - mysql://glance:unset@
529 debug: {get_param: Debug}
531 get_input: controller_virtual_ip
533 get_param: GlancePort
535 get_param: GlanceProtocol
537 get_param: GlancePassword
538 swift-store-user: service:glance
540 get_param: GlancePassword
542 get_param: GlanceNotifierStrategy
544 get_param: GlanceLogFile
547 get_param: HeatPassword
548 admin_tenant_name: service
550 auth_encryption_key: unset___________
554 - - mysql://heat:unset@
557 debug: {get_param: Debug}
558 stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
559 watch_server_url: {get_input: heat.watch_server_url}
560 metadata_server_url: {get_input: heat.metadata_server_url}
561 waitcondition_server_url: {get_input: heat.waitcondition_server_url}
568 {get_attr: [controller0, name]}
573 - - mysql://keystone:unset@
576 debug: {get_param: Debug}
578 get_input: controller_virtual_ip
579 ca_certificate: {get_param: KeystoneCACertificate}
580 signing_key: {get_param: KeystoneSigningKey}
581 signing_certificate: {get_param: KeystoneSigningCertificate}
583 certificate: {get_param: KeystoneSSLCertificate}
584 certificate_key: {get_param: KeystoneSSLCertificateKey}
586 innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
588 root-password: {get_resource: MysqlRootPassword}
592 ip: {get_attr: [controller0, networks, ctlplane, 0]}
597 - {get_resource: MysqlClusterUniquePart}
599 debug: {get_param: Debug}
600 flat-networks: {get_param: NeutronFlatNetworks}
601 host: {get_input: controller_virtual_ip}
602 metadata_proxy_shared_secret: unset
604 enable_tunneling: 'True'
606 get_input: controller_host
607 network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
608 bridge_mappings: {get_param: NeutronBridgeMappings}
610 get_param: NeutronPublicInterface
611 public_interface_raw_device:
612 get_param: NeutronPublicInterfaceRawDevice
613 public_interface_route:
614 get_param: NeutronPublicInterfaceDefaultRoute
615 public_interface_tag:
616 get_param: NeutronPublicInterfaceTag
617 physical_bridge: br-ex
619 get_param: NeutronNetworkType
621 get_param: NeutronTunnelTypes
625 - - mysql://neutron:unset@
627 - /ovs_neutron?charset=utf8
629 get_param: NeutronPassword
631 get_param: NeutronDnsmasqOptions
636 - - mysql://ceilometer:unset@
639 debug: {get_param: Debug}
640 metering_secret: {get_param: CeilometerMeteringSecret}
642 get_param: CeilometerPassword
644 export_MIB: UCD-SNMP-MIB
646 get_param: SnmpdReadonlyUserName
647 readonly_user_password:
648 get_param: SnmpdReadonlyUserPassword
650 compute_driver: libvirt.LibvirtDriver
654 - - mysql://nova:unset@
657 default_floating_pool:
659 host: {get_input: controller_virtual_ip}
662 get_param: NovaPassword
664 host: {get_input: controller_virtual_ip}
666 get_param: RabbitUserName
668 get_param: RabbitPassword
673 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
674 rabbit_port: {get_param: RabbitClientPort}
677 - {server: {get_param: NtpServer}, fudge: "stratum 0"}
680 - vrrp_instance_name: VI_CONTROL
681 virtual_router_id: 51
683 get_param: ControlVirtualInterface
686 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
688 get_param: ControlVirtualInterface
689 - vrrp_instance_name: VI_PUBLIC
690 virtual_router_id: 52
692 get_param: PublicVirtualInterface
695 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
697 get_param: PublicVirtualInterface
705 get_param: PublicVirtualInterface
709 ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
711 get_param: ControlVirtualInterface
713 ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
715 get_param: PublicVirtualInterface
720 ip: {get_attr: [controller0, networks, ctlplane, 0]}
721 name: {get_attr: [controller0, name]}
723 - &control_vip {ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}}
724 - &public_vip {ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}}
726 - name: keystone_admin
728 - name: keystone_public
738 - name: glance_registry
742 - name: heat_cloudwatch
759 - name: nova_metadata
761 - name: nova_novncproxy
765 - name: swift_proxy_server
774 controllerPassthrough:
775 type: OS::Heat::StructuredConfig
777 group: os-apply-config
778 config: {get_input: passthrough_config}
779 controllerPassthroughSpecific:
780 type: OS::Heat::StructuredConfig
782 group: os-apply-config
783 config: {get_input: passthrough_config_specific}
785 type: OS::Nova::Server
788 get_param: controllerImage
790 get_param: ImageUpdatePolicy
792 get_param: OvercloudControlFlavor
797 user_data_format: SOFTWARE_CONFIG
798 controller0AllNodesDeployment:
799 depends_on: [controller0Deployment,controller0SSLDeployment,controller0Swift,controller0PassthroughSpecific]
800 type: OS::Heat::StructuredDeployment
802 signal_transport: {get_param: DefaultSignalTransport}
803 config: {get_resource: allNodesConfig}
804 server: {get_resource: controller0}
805 controller0Deployment:
806 type: OS::Heat::StructuredDeployment
808 signal_transport: NO_SIGNAL
809 config: {get_resource: controllerConfig}
810 server: {get_resource: controller0}
812 bootstack_nodeid: {get_attr: [controller0, name]}
813 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
814 controller_virtual_ip:
815 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
816 heat.watch_server_url:
820 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
822 heat.metadata_server_url:
826 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
828 heat.waitcondition_server_url:
832 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
833 - ':8000/v1/waitcondition'
835 type: OS::Heat::StructuredConfig
838 completion-signal: {get_input: deploy_signal_id}
848 - - {get_attr: [NovaCompute0, networks, ctlplane, 0]}
849 - {get_attr: [NovaCompute0, name]}
852 - - {get_attr: [NovaCompute0, name]}
860 - - {get_attr: [BlockStorage0, networks, ctlplane, 0]}
861 - {get_attr: [BlockStorage0, name]}
864 - - {get_attr: [BlockStorage0, name]}
872 - - {get_attr: [SwiftStorage0, networks, ctlplane, 0]}
873 - {get_attr: [SwiftStorage0, name]}
876 - - {get_attr: [SwiftStorage0, name]}
884 - - {get_attr: [controller0, networks, ctlplane, 0]}
885 - {get_attr: [controller0, name]}
888 - - {get_attr: [controller0, name]}
890 - {get_param: CloudName}
897 {get_attr: [controller0, name]}
898 controller0SSLDeployment:
899 type: OS::Heat::StructuredDeployment
901 config: {get_resource: SSLConfig}
902 server: {get_resource: controller0}
903 signal_transport: NO_SIGNAL
905 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
906 ssl_certificate: {get_param: SSLCertificate}
907 ssl_key: {get_param: SSLKey}
908 ssl_ca_certificate: {get_param: SSLCACertificate}
909 controller0Passthrough:
910 type: OS::Heat::StructuredDeployment
912 config: {get_resource: controllerPassthrough}
913 server: {get_resource: controller0}
914 signal_transport: NO_SIGNAL
916 passthrough_config: {get_param: ExtraConfig}
917 controller0PassthroughSpecific:
918 depends_on: [controller0Passthrough]
919 type: OS::Heat::StructuredDeployment
921 config: {get_resource: controllerPassthroughSpecific}
922 server: {get_resource: controller0}
923 signal_transport: NO_SIGNAL
925 passthrough_config_specific: {get_param: controllerExtraConfig}
928 description: URL for the Overcloud Keystone service
933 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}