1 description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
2 server,Dedicated RabbitMQ Server,Group of Nova Computes
3 heat_template_version: 2013-05-23
7 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The keystone auth secret.
15 CeilometerComputeAgent:
16 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
20 - allowed_values: ['', Present]
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service account.
33 description: The iSCSI helper to use with cinder.
35 CinderLVMLoopDeviceSize:
37 description: The size of the loopback file used by the cinder LVM driver.
41 description: The password for the cinder service account, used by cinder-api.
46 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
50 description: Should be used for arbitrary ips.
52 controllerExtraConfig:
55 Controller specific configuration to inject into the cluster. Same
56 structure as ExtraConfig.
60 default: overcloud-control
61 ControlVirtualInterface:
63 description: Interface where virtual ip will be assigned.
67 description: Set to True to enable debugging on all services.
69 DefaultSignalTransport:
71 description: Transport to use for software-config signals.
74 - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
78 Additional configuration to inject into the cluster. The JSON should have
79 the following structure:
82 [{"section": "SECTIONNAME",
84 [{"option": "OPTIONNAME",
95 [{"section": "default",
97 [{"option": "force_config_drive",
104 [{"option": "driver",
105 "value": "nova.cells.rpc_driver.CellsRPCDriver"
114 description: The filepath of the file to use for logging messages from Glance.
119 description: The password for the glance service account, used by the glance services.
124 description: Glance port.
128 description: Protocol to use when connecting to glance, set to https for SSL.
130 GlanceNotifierStrategy:
131 description: Strategy to use for Glance notification queue
136 description: The password for the Heat service account, used by the Heat services.
139 HeatStackDomainAdminPassword:
140 description: Password for heat_domain_admin user.
144 HypervisorNeutronPhysicalBridge:
147 An OVS bridge to create on each hypervisor. This defaults to br-ex the
148 same as the control plane nodes, as we have a uniform configuration of
149 the openvswitch agent. Typically should not need to be changed.
151 HypervisorNeutronPublicInterface:
153 description: What interface to add to the HypervisorNeutronPhysicalBridge.
156 default: 'REBUILD_PRESERVE_EPHEMERAL'
157 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
161 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
163 KeystoneCACertificate:
165 description: Keystone self-signed certificate authority certificate.
167 KeystoneSigningCertificate:
169 description: Keystone certificate for verifying token validity.
173 description: Keystone key for signing tokens.
176 LiveUpdateComputeImage:
178 description: The image ID for live-updates to the overcloud compute nodes.
182 description: The IP address for the undercloud Glance API.
187 description: The live-update password for the undercloud Glance API.
189 LiveUpdateTenantName:
191 description: The live-update tenant name for the undercloud Glance API.
195 description: The live-update username for the undercloud Glance API.
197 MysqlInnodbBufferPoolSize:
199 Specifies the size of the buffer pool in megabytes. Setting to
200 zero should be interpreted as "no value" and will defer to the
204 NeutronBridgeMappings:
206 The OVS logical->physical bridge mappings to use. See the Neutron
207 documentation for details. Defaults to mapping br-ex - the external
208 bridge on hosts - to a physical name 'datacentre' which can be used
209 to create provider networks (and we use this for the default floating
210 network) - if changing this either use different post-install network
211 scripts or be sure to keep 'datacentre' as a mapping network name.
213 default: "datacentre:br-ex"
214 NeutronControlPlaneID:
217 description: Neutron ID for ctlplane network.
218 NeutronDnsmasqOptions:
219 default: 'dhcp-option-force=26,1400'
220 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
224 default: 'datacentre'
226 If set, flat networks to configure in neutron plugins. Defaults to
227 'datacentre' to permit external network creation.
230 description: The tenant network type for Neutron, either gre or vxlan.
232 NeutronNetworkVLANRanges:
233 default: 'datacentre'
235 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
236 Neutron documentation for permitted values. Defaults to permitting any
237 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
241 description: The password for the neutron service account, used by neutron agents.
244 NeutronPublicInterface:
246 description: What interface to bridge onto br-ex for network nodes.
248 NeutronPublicInterfaceDefaultRoute:
250 description: A custom default route for the NeutronPublicInterface.
252 NeutronPublicInterfaceIP:
254 description: A custom IP address to put onto the NeutronPublicInterface.
256 NeutronPublicInterfaceRawDevice:
258 description: If set, the public interface is a vlan with this device as the raw device.
260 NeutronPublicInterfaceTag:
263 VLAN tag for creating a public VLAN. The tag will be used to
264 create an access port on the exterior bridge for each control plane node,
265 and that port will be given the IP address returned by neutron from the
266 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
267 overcloud.yaml to include the deployment of VLAN ports to the control
273 The tunnel types for the Neutron tenant network. To specify multiple
274 values, use a comma separated string, like so: 'gre,vxlan'
277 default: libvirt.LibvirtDriver
279 NovaComputeExtraConfig:
282 NovaCompute specific configuration to inject into the cluster. Same
283 structure as ExtraConfig.
285 NovaComputeLibvirtType:
290 default: overcloud-compute
293 description: The password for the nova service account, used by nova-api.
299 OvercloudComputeFlavor:
301 description: Flavor for compute nodes to request when deploying.
303 OvercloudControlFlavor:
305 description: Flavor for control nodes to request when deploying.
307 PublicVirtualFixedIPs:
310 Control the IP allocation for the PublicVirtualInterface port. E.g.
311 [{'ip_address':'1.2.3.4'}]
313 PublicVirtualInterface:
316 Specifies the interface where the public-facing virtual ip will be assigned.
317 This should be int_public when a VLAN is being used.
319 PublicVirtualNetwork:
323 Neutron network to allocate public virtual IP port on.
327 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
330 description: The password for RabbitMQ
335 description: The username for RabbitMQ
337 SnmpdReadonlyUserName:
338 default: ro_snmp_user
339 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
341 SnmpdReadonlyUserPassword:
343 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
348 type: OS::Neutron::Port
350 name: control_virtual_ip
351 network_id: {get_param: NeutronControlPlaneID}
353 get_param: ControlFixedIPs
354 MysqlClusterUniquePart:
355 type: OS::Heat::RandomString
359 type: OS::Heat::RandomString
363 type: OS::Neutron::Port
365 name: public_virtual_ip
366 network: {get_param: PublicVirtualNetwork}
368 get_param: PublicVirtualFixedIPs
370 type: OS::Heat::RandomString
374 get_param: RabbitCookieSalt
375 NovaCompute0Deployment:
377 Path: nova-compute-instance.yaml
378 SubKey: resources.NovaCompute0Deployment
380 DefaultSignalTransport:
381 get_param: DefaultSignalTransport
382 NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
383 KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
384 NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
385 GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
386 RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
390 - - mysql://nova:unset@
391 - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
393 NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
397 - - mysql://ceilometer:unset@
398 - *compute_database_host
403 - - mysql://neutron:unset@
404 - *compute_database_host
407 get_param: NeutronNetworkType
409 get_param: NeutronTunnelTypes
410 NeutronEnableTunnelling: "True"
412 get_param: NeutronFlatNetworks
413 NeutronNetworkVLANRanges:
414 get_param: NeutronNetworkVLANRanges
415 NeutronPhysicalBridge:
416 get_param: HypervisorNeutronPhysicalBridge
417 NeutronPublicInterface:
418 get_param: HypervisorNeutronPublicInterface
419 NeutronBridgeMappings:
420 get_param: NeutronBridgeMappings
421 NovaCompute0AllNodesDeployment:
423 Path: nova-compute-instance.yaml
424 SubKey: resources.NovaCompute0AllNodesDeployment
426 AllNodesConfig: {get_resource: allNodesConfig}
429 Path: nova-compute-instance.yaml
430 SubKey: resources.NovaCompute0
431 NovaCompute0Passthrough:
433 Path: nova-compute-instance.yaml
434 SubKey: resources.NovaCompute0Passthrough
436 passthrough_config: {get_param: ExtraConfig}
437 NovaCompute0PassthroughSpecific:
439 Path: nova-compute-instance.yaml
440 SubKey: resources.NovaCompute0PassthroughSpecific
442 passthrough_config_specific: {get_param: NovaComputeExtraConfig}
444 type: OS::Heat::StructuredConfig
446 group: os-apply-config
449 get_param: AdminPassword
451 get_param: AdminToken
454 get_param: NeutronPublicInterfaceIP
466 nodeid: {get_input: bootstack_nodeid}
469 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
474 - - mysql://cinder:unset@
477 debug: {get_param: Debug}
479 get_param: CinderLVMLoopDeviceSize
481 get_param: CinderPassword
483 get_param: CinderISCSIHelper
485 get_input: controller_host
487 bindnetaddr: {get_input: controller_host}
492 ip: {get_attr: [controller0, networks, ctlplane, 0]}
494 stonith_enabled : false
496 quorum_policy : ignore
500 host: {get_input: controller_virtual_ip}
505 - - mysql://glance:unset@
508 debug: {get_param: Debug}
510 get_input: controller_virtual_ip
512 get_param: GlancePort
514 get_param: GlanceProtocol
516 get_param: GlancePassword
517 swift-store-user: service:glance
519 get_param: GlancePassword
521 get_param: GlanceNotifierStrategy
523 get_param: GlanceLogFile
526 get_param: HeatPassword
527 admin_tenant_name: service
529 auth_encryption_key: unset___________
533 - - mysql://heat:unset@
536 debug: {get_param: Debug}
537 stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
538 watch_server_url: {get_input: heat.watch_server_url}
539 metadata_server_url: {get_input: heat.metadata_server_url}
540 waitcondition_server_url: {get_input: heat.waitcondition_server_url}
547 {get_attr: [controller0, name]}
552 - - mysql://keystone:unset@
555 debug: {get_param: Debug}
557 get_input: controller_virtual_ip
558 ca_certificate: {get_param: KeystoneCACertificate}
559 signing_key: {get_param: KeystoneSigningKey}
560 signing_certificate: {get_param: KeystoneSigningCertificate}
562 innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
564 root-password: {get_resource: MysqlRootPassword}
568 ip: {get_attr: [controller0, networks, ctlplane, 0]}
573 - {get_resource: MysqlClusterUniquePart}
575 debug: {get_param: Debug}
576 flat-networks: {get_param: NeutronFlatNetworks}
577 host: {get_input: controller_virtual_ip}
578 metadata_proxy_shared_secret: unset
580 enable_tunneling: 'True'
582 get_input: controller_host
583 network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
584 bridge_mappings: {get_param: NeutronBridgeMappings}
586 get_param: NeutronPublicInterface
587 public_interface_raw_device:
588 get_param: NeutronPublicInterfaceRawDevice
589 public_interface_route:
590 get_param: NeutronPublicInterfaceDefaultRoute
591 public_interface_tag:
592 get_param: NeutronPublicInterfaceTag
593 physical_bridge: br-ex
595 get_param: NeutronNetworkType
597 get_param: NeutronTunnelTypes
601 - - mysql://neutron:unset@
603 - /ovs_neutron?charset=utf8
605 get_param: NeutronPassword
607 get_param: NeutronDnsmasqOptions
612 - - mysql://ceilometer:unset@
615 debug: {get_param: Debug}
616 metering_secret: {get_param: CeilometerMeteringSecret}
618 get_param: CeilometerPassword
620 export_MIB: UCD-SNMP-MIB
622 get_param: SnmpdReadonlyUserName
623 readonly_user_password:
624 get_param: SnmpdReadonlyUserPassword
626 compute_driver: libvirt.LibvirtDriver
630 - - mysql://nova:unset@
633 default_floating_pool:
635 host: {get_input: controller_virtual_ip}
638 get_param: NovaPassword
640 host: {get_input: controller_virtual_ip}
642 get_param: RabbitUserName
644 get_param: RabbitPassword
651 - {server: {get_param: NtpServer}, fudge: "stratum 0"}
654 - vrrp_instance_name: VI_CONTROL
655 virtual_router_id: 51
657 get_param: ControlVirtualInterface
660 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
662 get_param: ControlVirtualInterface
663 - vrrp_instance_name: VI_PUBLIC
664 virtual_router_id: 52
666 get_param: PublicVirtualInterface
669 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
671 get_param: PublicVirtualInterface
679 get_param: PublicVirtualInterface
683 ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
685 get_param: ControlVirtualInterface
687 ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
689 get_param: PublicVirtualInterface
694 ip: {get_attr: [controller0, networks, ctlplane, 0]}
695 name: {get_attr: [controller0, name]}
697 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
699 - name: keystone_admin
701 net_binds: &public_binds
702 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
703 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
704 - name: keystone_public
706 net_binds: *public_binds
709 net_binds: *public_binds
712 net_binds: *public_binds
715 net_binds: *public_binds
718 net_binds: *public_binds
719 - name: glance_registry
721 net_binds: *public_binds
724 net_binds: *public_binds
725 - name: heat_cloudwatch
727 net_binds: *public_binds
730 net_binds: *public_binds
742 net_binds: *public_binds
743 - name: nova_metadata
745 net_binds: *public_binds
746 - name: nova_novncproxy
748 net_binds: *public_binds
751 net_binds: *public_binds
752 - name: swift_proxy_server
754 net_binds: *public_binds
760 controllerPassthrough:
761 type: OS::Heat::StructuredConfig
763 group: os-apply-config
764 config: {get_input: passthrough_config}
765 controllerPassthroughSpecific:
766 type: OS::Heat::StructuredConfig
768 group: os-apply-config
769 config: {get_input: passthrough_config_specific}
771 type: OS::Nova::Server
774 get_param: controllerImage
776 get_param: ImageUpdatePolicy
778 get_param: OvercloudControlFlavor
783 user_data_format: SOFTWARE_CONFIG
784 controller0AllNodesDeployment:
785 depends_on: [controller0Deployment,controller0SSLDeployment,controller0Swift,controller0PassthroughSpecific]
786 type: OS::Heat::StructuredDeployment
788 signal_transport: {get_param: DefaultSignalTransport}
789 config: {get_resource: allNodesConfig}
790 server: {get_resource: controller0}
791 controller0Deployment:
792 type: OS::Heat::StructuredDeployment
794 signal_transport: NO_SIGNAL
795 config: {get_resource: controllerConfig}
796 server: {get_resource: controller0}
798 bootstack_nodeid: {get_attr: [controller0, name]}
799 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
800 controller_virtual_ip:
801 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
802 heat.watch_server_url:
806 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
808 heat.metadata_server_url:
812 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
814 heat.waitcondition_server_url:
818 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
819 - ':8000/v1/waitcondition'
821 type: OS::Heat::StructuredConfig
824 completion-signal: {get_input: deploy_signal_id}
834 - - {get_attr: [NovaCompute0, networks, ctlplane, 0]}
835 - {get_attr: [NovaCompute0, name]}
838 - - {get_attr: [NovaCompute0, name]}
846 - - {get_attr: [BlockStorage0, networks, ctlplane, 0]}
847 - {get_attr: [BlockStorage0, name]}
850 - - {get_attr: [BlockStorage0, name]}
858 - - {get_attr: [SwiftStorage0, networks, ctlplane, 0]}
859 - {get_attr: [SwiftStorage0, name]}
862 - - {get_attr: [SwiftStorage0, name]}
870 - - {get_attr: [controller0, networks, ctlplane, 0]}
871 - {get_attr: [controller0, name]}
874 - - {get_attr: [controller0, name]}
876 - {get_param: CloudName}
883 {get_attr: [controller0, name]}
884 controller0SSLDeployment:
885 type: OS::Heat::StructuredDeployment
887 config: {get_resource: SSLConfig}
888 server: {get_resource: controller0}
889 signal_transport: NO_SIGNAL
891 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
892 ssl_certificate: {get_param: SSLCertificate}
893 ssl_key: {get_param: SSLKey}
894 ssl_ca_certificate: {get_param: SSLCACertificate}
895 controller0Passthrough:
896 type: OS::Heat::StructuredDeployment
898 config: {get_resource: controllerPassthrough}
899 server: {get_resource: controller0}
900 signal_transport: NO_SIGNAL
902 passthrough_config: {get_param: ExtraConfig}
903 controller0PassthroughSpecific:
904 depends_on: [controller0Passthrough]
905 type: OS::Heat::StructuredDeployment
907 config: {get_resource: controllerPassthroughSpecific}
908 server: {get_resource: controller0}
909 signal_transport: NO_SIGNAL
911 passthrough_config_specific: {get_param: controllerExtraConfig}
914 description: URL for the Overcloud Keystone service
919 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}