1 description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
2 server,Dedicated RabbitMQ Server,Group of Nova Computes
3 heat_template_version: 2013-05-23
7 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The keystone auth secret.
15 CeilometerComputeAgent:
16 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
20 - allowed_values: ['', Present]
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service account.
33 description: The iSCSI helper to use with cinder.
35 CinderLVMLoopDeviceSize:
37 description: The size of the loopback file used by the cinder LVM driver.
41 description: The password for the cinder service account, used by cinder-api.
46 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
50 description: Should be used for arbitrary ips.
52 controllerExtraConfig:
55 Controller specific configuration to inject into the cluster. Same
56 structure as ExtraConfig.
60 default: overcloud-control
62 - custom_constraint: glance.image
63 ControlVirtualInterface:
65 description: Interface where virtual ip will be assigned.
69 description: Set to True to enable debugging on all services.
71 DefaultSignalTransport:
73 description: Transport to use for software-config signals.
76 - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
80 Additional configuration to inject into the cluster. The JSON should have
81 the following structure:
84 [{"section": "SECTIONNAME",
86 [{"option": "OPTIONNAME",
97 [{"section": "default",
99 [{"option": "force_config_drive",
106 [{"option": "driver",
107 "value": "nova.cells.rpc_driver.CellsRPCDriver"
116 description: The filepath of the file to use for logging messages from Glance.
121 description: The password for the glance service account, used by the glance services.
126 description: Glance port.
130 description: Protocol to use when connecting to glance, set to https for SSL.
132 GlanceNotifierStrategy:
133 description: Strategy to use for Glance notification queue
138 description: The password for the Heat service account, used by the Heat services.
141 HeatStackDomainAdminPassword:
142 description: Password for heat_domain_admin user.
146 HypervisorNeutronPhysicalBridge:
149 An OVS bridge to create on each hypervisor. This defaults to br-ex the
150 same as the control plane nodes, as we have a uniform configuration of
151 the openvswitch agent. Typically should not need to be changed.
153 HypervisorNeutronPublicInterface:
155 description: What interface to add to the HypervisorNeutronPhysicalBridge.
158 default: 'REBUILD_PRESERVE_EPHEMERAL'
159 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
163 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
166 - custom_constraint: nova.keypair
167 KeystoneCACertificate:
169 description: Keystone self-signed certificate authority certificate.
171 KeystoneSigningCertificate:
173 description: Keystone certificate for verifying token validity.
177 description: Keystone key for signing tokens.
180 LiveUpdateComputeImage:
182 description: The image ID for live-updates to the overcloud compute nodes.
186 description: The IP address for the undercloud Glance API.
191 description: The live-update password for the undercloud Glance API.
193 LiveUpdateTenantName:
195 description: The live-update tenant name for the undercloud Glance API.
199 description: The live-update username for the undercloud Glance API.
201 MysqlInnodbBufferPoolSize:
203 Specifies the size of the buffer pool in megabytes. Setting to
204 zero should be interpreted as "no value" and will defer to the
208 NeutronBridgeMappings:
210 The OVS logical->physical bridge mappings to use. See the Neutron
211 documentation for details. Defaults to mapping br-ex - the external
212 bridge on hosts - to a physical name 'datacentre' which can be used
213 to create provider networks (and we use this for the default floating
214 network) - if changing this either use different post-install network
215 scripts or be sure to keep 'datacentre' as a mapping network name.
217 default: "datacentre:br-ex"
218 NeutronControlPlaneID:
221 description: Neutron ID for ctlplane network.
222 NeutronDnsmasqOptions:
223 default: 'dhcp-option-force=26,1400'
224 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
228 default: 'datacentre'
230 If set, flat networks to configure in neutron plugins. Defaults to
231 'datacentre' to permit external network creation.
234 description: The tenant network type for Neutron, either gre or vxlan.
236 NeutronNetworkVLANRanges:
237 default: 'datacentre'
239 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
240 Neutron documentation for permitted values. Defaults to permitting any
241 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
245 description: The password for the neutron service account, used by neutron agents.
248 NeutronPublicInterface:
250 description: What interface to bridge onto br-ex for network nodes.
252 NeutronPublicInterfaceDefaultRoute:
254 description: A custom default route for the NeutronPublicInterface.
256 NeutronPublicInterfaceIP:
258 description: A custom IP address to put onto the NeutronPublicInterface.
260 NeutronPublicInterfaceRawDevice:
262 description: If set, the public interface is a vlan with this device as the raw device.
264 NeutronPublicInterfaceTag:
267 VLAN tag for creating a public VLAN. The tag will be used to
268 create an access port on the exterior bridge for each control plane node,
269 and that port will be given the IP address returned by neutron from the
270 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
271 overcloud.yaml to include the deployment of VLAN ports to the control
277 The tunnel types for the Neutron tenant network. To specify multiple
278 values, use a comma separated string, like so: 'gre,vxlan'
281 default: libvirt.LibvirtDriver
283 NovaComputeExtraConfig:
286 NovaCompute specific configuration to inject into the cluster. Same
287 structure as ExtraConfig.
289 NovaComputeLibvirtType:
294 default: overcloud-compute
296 - custom_constraint: glance.image
299 description: The password for the nova service account, used by nova-api.
305 OvercloudComputeFlavor:
307 description: Flavor for compute nodes to request when deploying.
310 - custom_constraint: nova.flavor
311 OvercloudControlFlavor:
313 description: Flavor for control nodes to request when deploying.
316 - custom_constraint: nova.flavor
317 PublicVirtualFixedIPs:
320 Control the IP allocation for the PublicVirtualInterface port. E.g.
321 [{'ip_address':'1.2.3.4'}]
323 PublicVirtualInterface:
326 Specifies the interface where the public-facing virtual ip will be assigned.
327 This should be int_public when a VLAN is being used.
329 PublicVirtualNetwork:
333 Neutron network to allocate public virtual IP port on.
337 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
340 description: The password for RabbitMQ
345 description: The username for RabbitMQ
347 SnmpdReadonlyUserName:
348 default: ro_snmp_user
349 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
351 SnmpdReadonlyUserPassword:
353 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
358 type: OS::Neutron::Port
360 name: control_virtual_ip
361 network_id: {get_param: NeutronControlPlaneID}
363 get_param: ControlFixedIPs
364 MysqlClusterUniquePart:
365 type: OS::Heat::RandomString
369 type: OS::Heat::RandomString
373 type: OS::Neutron::Port
375 name: public_virtual_ip
376 network: {get_param: PublicVirtualNetwork}
378 get_param: PublicVirtualFixedIPs
380 type: OS::Heat::RandomString
384 get_param: RabbitCookieSalt
385 NovaCompute0Deployment:
387 Path: nova-compute-instance.yaml
388 SubKey: resources.NovaCompute0Deployment
390 DefaultSignalTransport:
391 get_param: DefaultSignalTransport
392 NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
393 KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
394 NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
395 GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
396 RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
400 - - mysql://nova:unset@
401 - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
403 NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
407 - - mysql://ceilometer:unset@
408 - *compute_database_host
413 - - mysql://neutron:unset@
414 - *compute_database_host
417 get_param: NeutronNetworkType
419 get_param: NeutronTunnelTypes
420 NeutronEnableTunnelling: "True"
422 get_param: NeutronFlatNetworks
423 NeutronNetworkVLANRanges:
424 get_param: NeutronNetworkVLANRanges
425 NeutronPhysicalBridge:
426 get_param: HypervisorNeutronPhysicalBridge
427 NeutronPublicInterface:
428 get_param: HypervisorNeutronPublicInterface
429 NeutronBridgeMappings:
430 get_param: NeutronBridgeMappings
431 NovaCompute0AllNodesDeployment:
433 Path: nova-compute-instance.yaml
434 SubKey: resources.NovaCompute0AllNodesDeployment
436 AllNodesConfig: {get_resource: allNodesConfig}
439 Path: nova-compute-instance.yaml
440 SubKey: resources.NovaCompute0
441 NovaCompute0Passthrough:
443 Path: nova-compute-instance.yaml
444 SubKey: resources.NovaCompute0Passthrough
446 passthrough_config: {get_param: ExtraConfig}
447 NovaCompute0PassthroughSpecific:
449 Path: nova-compute-instance.yaml
450 SubKey: resources.NovaCompute0PassthroughSpecific
452 passthrough_config_specific: {get_param: NovaComputeExtraConfig}
454 type: OS::Heat::StructuredConfig
456 group: os-apply-config
459 get_param: AdminPassword
461 get_param: AdminToken
464 get_param: NeutronPublicInterfaceIP
476 nodeid: {get_input: bootstack_nodeid}
479 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
484 - - mysql://cinder:unset@
487 debug: {get_param: Debug}
489 get_param: CinderLVMLoopDeviceSize
491 get_param: CinderPassword
493 get_param: CinderISCSIHelper
495 get_input: controller_host
497 bindnetaddr: {get_input: controller_host}
502 ip: {get_attr: [controller0, networks, ctlplane, 0]}
504 stonith_enabled : false
506 quorum_policy : ignore
510 host: {get_input: controller_virtual_ip}
515 - - mysql://glance:unset@
518 debug: {get_param: Debug}
520 get_input: controller_virtual_ip
522 get_param: GlancePort
524 get_param: GlanceProtocol
526 get_param: GlancePassword
527 swift-store-user: service:glance
529 get_param: GlancePassword
531 get_param: GlanceNotifierStrategy
533 get_param: GlanceLogFile
536 get_param: HeatPassword
537 admin_tenant_name: service
539 auth_encryption_key: unset___________
543 - - mysql://heat:unset@
546 debug: {get_param: Debug}
547 stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
548 watch_server_url: {get_input: heat.watch_server_url}
549 metadata_server_url: {get_input: heat.metadata_server_url}
550 waitcondition_server_url: {get_input: heat.waitcondition_server_url}
557 {get_attr: [controller0, name]}
562 - - mysql://keystone:unset@
565 debug: {get_param: Debug}
567 get_input: controller_virtual_ip
568 ca_certificate: {get_param: KeystoneCACertificate}
569 signing_key: {get_param: KeystoneSigningKey}
570 signing_certificate: {get_param: KeystoneSigningCertificate}
572 innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
574 root-password: {get_resource: MysqlRootPassword}
578 ip: {get_attr: [controller0, networks, ctlplane, 0]}
583 - {get_resource: MysqlClusterUniquePart}
585 debug: {get_param: Debug}
586 flat-networks: {get_param: NeutronFlatNetworks}
587 host: {get_input: controller_virtual_ip}
588 metadata_proxy_shared_secret: unset
590 enable_tunneling: 'True'
592 get_input: controller_host
593 network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
594 bridge_mappings: {get_param: NeutronBridgeMappings}
596 get_param: NeutronPublicInterface
597 public_interface_raw_device:
598 get_param: NeutronPublicInterfaceRawDevice
599 public_interface_route:
600 get_param: NeutronPublicInterfaceDefaultRoute
601 public_interface_tag:
602 get_param: NeutronPublicInterfaceTag
603 physical_bridge: br-ex
605 get_param: NeutronNetworkType
607 get_param: NeutronTunnelTypes
611 - - mysql://neutron:unset@
613 - /ovs_neutron?charset=utf8
615 get_param: NeutronPassword
617 get_param: NeutronDnsmasqOptions
622 - - mysql://ceilometer:unset@
625 debug: {get_param: Debug}
626 metering_secret: {get_param: CeilometerMeteringSecret}
628 get_param: CeilometerPassword
630 export_MIB: UCD-SNMP-MIB
632 get_param: SnmpdReadonlyUserName
633 readonly_user_password:
634 get_param: SnmpdReadonlyUserPassword
636 compute_driver: libvirt.LibvirtDriver
640 - - mysql://nova:unset@
643 default_floating_pool:
645 host: {get_input: controller_virtual_ip}
648 get_param: NovaPassword
650 host: {get_input: controller_virtual_ip}
652 get_param: RabbitUserName
654 get_param: RabbitPassword
661 - {server: {get_param: NtpServer}, fudge: "stratum 0"}
664 - vrrp_instance_name: VI_CONTROL
665 virtual_router_id: 51
667 get_param: ControlVirtualInterface
670 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
672 get_param: ControlVirtualInterface
673 - vrrp_instance_name: VI_PUBLIC
674 virtual_router_id: 52
676 get_param: PublicVirtualInterface
679 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
681 get_param: PublicVirtualInterface
689 get_param: PublicVirtualInterface
693 ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
695 get_param: ControlVirtualInterface
697 ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
699 get_param: PublicVirtualInterface
704 ip: {get_attr: [controller0, networks, ctlplane, 0]}
705 name: {get_attr: [controller0, name]}
707 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
709 - name: keystone_admin
711 net_binds: &public_binds
712 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
713 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
714 - name: keystone_public
716 net_binds: *public_binds
719 net_binds: *public_binds
722 net_binds: *public_binds
725 net_binds: *public_binds
728 net_binds: *public_binds
729 - name: glance_registry
731 net_binds: *public_binds
734 net_binds: *public_binds
735 - name: heat_cloudwatch
737 net_binds: *public_binds
740 net_binds: *public_binds
752 net_binds: *public_binds
753 - name: nova_metadata
755 net_binds: *public_binds
756 - name: nova_novncproxy
758 net_binds: *public_binds
761 net_binds: *public_binds
762 - name: swift_proxy_server
764 net_binds: *public_binds
770 controllerPassthrough:
771 type: OS::Heat::StructuredConfig
773 group: os-apply-config
774 config: {get_input: passthrough_config}
775 controllerPassthroughSpecific:
776 type: OS::Heat::StructuredConfig
778 group: os-apply-config
779 config: {get_input: passthrough_config_specific}
781 type: OS::Nova::Server
784 get_param: controllerImage
786 get_param: ImageUpdatePolicy
788 get_param: OvercloudControlFlavor
793 user_data_format: SOFTWARE_CONFIG
794 controller0AllNodesDeployment:
795 depends_on: [controller0Deployment,controller0SSLDeployment,controller0Swift,controller0PassthroughSpecific]
796 type: OS::Heat::StructuredDeployment
798 signal_transport: {get_param: DefaultSignalTransport}
799 config: {get_resource: allNodesConfig}
800 server: {get_resource: controller0}
801 controller0Deployment:
802 type: OS::Heat::StructuredDeployment
804 signal_transport: NO_SIGNAL
805 config: {get_resource: controllerConfig}
806 server: {get_resource: controller0}
808 bootstack_nodeid: {get_attr: [controller0, name]}
809 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
810 controller_virtual_ip:
811 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
812 heat.watch_server_url:
816 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
818 heat.metadata_server_url:
822 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
824 heat.waitcondition_server_url:
828 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
829 - ':8000/v1/waitcondition'
831 type: OS::Heat::StructuredConfig
834 completion-signal: {get_input: deploy_signal_id}
844 - - {get_attr: [NovaCompute0, networks, ctlplane, 0]}
845 - {get_attr: [NovaCompute0, name]}
848 - - {get_attr: [NovaCompute0, name]}
856 - - {get_attr: [BlockStorage0, networks, ctlplane, 0]}
857 - {get_attr: [BlockStorage0, name]}
860 - - {get_attr: [BlockStorage0, name]}
868 - - {get_attr: [SwiftStorage0, networks, ctlplane, 0]}
869 - {get_attr: [SwiftStorage0, name]}
872 - - {get_attr: [SwiftStorage0, name]}
880 - - {get_attr: [controller0, networks, ctlplane, 0]}
881 - {get_attr: [controller0, name]}
884 - - {get_attr: [controller0, name]}
886 - {get_param: CloudName}
893 {get_attr: [controller0, name]}
894 controller0SSLDeployment:
895 type: OS::Heat::StructuredDeployment
897 config: {get_resource: SSLConfig}
898 server: {get_resource: controller0}
899 signal_transport: NO_SIGNAL
901 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
902 ssl_certificate: {get_param: SSLCertificate}
903 ssl_key: {get_param: SSLKey}
904 ssl_ca_certificate: {get_param: SSLCACertificate}
905 controller0Passthrough:
906 type: OS::Heat::StructuredDeployment
908 config: {get_resource: controllerPassthrough}
909 server: {get_resource: controller0}
910 signal_transport: NO_SIGNAL
912 passthrough_config: {get_param: ExtraConfig}
913 controller0PassthroughSpecific:
914 depends_on: [controller0Passthrough]
915 type: OS::Heat::StructuredDeployment
917 config: {get_resource: controllerPassthroughSpecific}
918 server: {get_resource: controller0}
919 signal_transport: NO_SIGNAL
921 passthrough_config_specific: {get_param: controllerExtraConfig}
924 description: URL for the Overcloud Keystone service
929 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}