1 description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
2 server,Dedicated RabbitMQ Server,Group of Nova Computes
3 heat_template_version: 2013-05-23
7 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The keystone auth secret.
15 CeilometerComputeAgent:
16 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
20 - allowed_values: ['', Present]
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service account.
33 description: The iSCSI helper to use with cinder.
35 CinderLVMLoopDeviceSize:
37 description: The size of the loopback file used by the cinder LVM driver.
41 description: The password for the cinder service account, used by cinder-api.
46 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
50 description: Should be used for arbitrary ips.
52 controllerExtraConfig:
55 Controller specific configuration to inject into the cluster. Same
56 structure as ExtraConfig.
60 default: overcloud-control
61 ControlVirtualInterface:
63 description: Interface where virtual ip will be assigned.
67 description: Set to True to enable debugging on all services.
69 DefaultSignalTransport:
71 description: Transport to use for software-config signals.
74 - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
78 Additional configuration to inject into the cluster. The JSON should have
79 the following structure:
82 [{"section": "SECTIONNAME",
84 [{"option": "OPTIONNAME",
95 [{"section": "default",
97 [{"option": "force_config_drive",
104 [{"option": "driver",
105 "value": "nova.cells.rpc_driver.CellsRPCDriver"
114 description: The filepath of the file to use for logging messages from Glance.
119 description: The password for the glance service account, used by the glance services.
124 description: Glance port.
128 description: Protocol to use when connecting to glance, set to https for SSL.
130 GlanceNotifierStrategy:
131 description: Strategy to use for Glance notification queue
136 description: The password for the Heat service account, used by the Heat services.
139 HeatStackDomainAdminPassword:
140 description: Password for heat_domain_admin user.
144 HypervisorNeutronPhysicalBridge:
147 An OVS bridge to create on each hypervisor. This defaults to br-ex the
148 same as the control plane nodes, as we have a uniform configuration of
149 the openvswitch agent. Typically should not need to be changed.
151 HypervisorNeutronPublicInterface:
153 description: What interface to add to the HypervisorNeutronPhysicalBridge.
156 default: 'REBUILD_PRESERVE_EPHEMERAL'
157 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
161 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
163 KeystoneCACertificate:
165 description: Keystone self-signed certificate authority certificate.
167 KeystoneSigningCertificate:
169 description: Keystone certificate for verifying token validity.
173 description: Keystone key for signing tokens.
176 LiveUpdateComputeImage:
178 description: The image ID for live-updates to the overcloud compute nodes.
182 description: The IP address for the undercloud Glance API.
187 description: The live-update password for the undercloud Glance API.
189 LiveUpdateTenantName:
191 description: The live-update tenant name for the undercloud Glance API.
195 description: The live-update username for the undercloud Glance API.
197 MysqlInnodbBufferPoolSize:
199 Specifies the size of the buffer pool in megabytes. Setting to
200 zero should be interpreted as "no value" and will defer to the
204 NeutronBridgeMappings:
206 The OVS logical->physical bridge mappings to use. See the Neutron
207 documentation for details. Defaults to mapping br-ex - the external
208 bridge on hosts - to a physical name 'datacentre' which can be used
209 to create provider networks (and we use this for the default floating
210 network) - if changing this either use different post-install network
211 scripts or be sure to keep 'datacentre' as a mapping network name.
213 default: "datacentre:br-ex"
214 NeutronControlPlaneID:
217 description: Neutron ID for ctlplane network.
218 NeutronDnsmasqOptions:
219 default: 'dhcp-option-force=26,1400'
220 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
224 default: 'datacentre'
226 If set, flat networks to configure in neutron plugins. Defaults to
227 'datacentre' to permit external network creation.
230 description: The tenant network type for Neutron, either gre or vxlan.
232 NeutronNetworkVLANRanges:
233 default: 'datacentre'
235 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
236 Neutron documentation for permitted values. Defaults to permitting any
237 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
241 description: The password for the neutron service account, used by neutron agents.
244 NeutronPublicInterface:
246 description: What interface to bridge onto br-ex for network nodes.
248 NeutronPublicInterfaceDefaultRoute:
250 description: A custom default route for the NeutronPublicInterface.
252 NeutronPublicInterfaceIP:
254 description: A custom IP address to put onto the NeutronPublicInterface.
256 NeutronPublicInterfaceRawDevice:
258 description: If set, the public interface is a vlan with this device as the raw device.
260 NeutronPublicInterfaceTag:
263 VLAN tag for creating a public VLAN. The tag will be used to
264 create an access port on the exterior bridge for each control plane node,
265 and that port will be given the IP address returned by neutron from the
266 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
267 overcloud.yaml to include the deployment of VLAN ports to the control
273 The tunnel types for the Neutron tenant network. To specify multiple
274 values, use a comma separated string, like so: 'gre,vxlan'
277 default: libvirt.LibvirtDriver
279 NovaComputeExtraConfig:
282 NovaCompute specific configuration to inject into the cluster. Same
283 structure as ExtraConfig.
285 NovaComputeLibvirtType:
290 default: overcloud-compute
293 description: The password for the nova service account, used by nova-api.
299 OvercloudComputeFlavor:
301 description: Flavor for compute nodes to request when deploying.
303 OvercloudControlFlavor:
305 description: Flavor for control nodes to request when deploying.
307 PublicVirtualFixedIPs:
310 Control the IP allocation for the PublicVirtualInterface port. E.g.
311 [{'ip_address':'1.2.3.4'}]
313 PublicVirtualInterface:
316 Specifies the interface where the public-facing virtual ip will be assigned.
317 This should be int_public when a VLAN is being used.
319 PublicVirtualNetwork:
323 Neutron network to allocate public virtual IP port on.
327 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
330 description: The password for RabbitMQ
335 description: The username for RabbitMQ
337 SnmpdReadonlyUserName:
338 default: ro_snmp_user
339 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
341 SnmpdReadonlyUserPassword:
343 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
348 type: OS::Neutron::Port
350 name: control_virtual_ip
351 network_id: {get_param: NeutronControlPlaneID}
353 get_param: ControlFixedIPs
354 replacement_policy: AUTO
355 MysqlClusterUniquePart:
356 type: OS::Heat::RandomString
360 type: OS::Heat::RandomString
364 type: OS::Neutron::Port
366 name: public_virtual_ip
367 network: {get_param: PublicVirtualNetwork}
369 get_param: PublicVirtualFixedIPs
370 replacement_policy: AUTO
372 type: OS::Heat::RandomString
376 get_param: RabbitCookieSalt
377 NovaCompute0Deployment:
379 Path: nova-compute-instance.yaml
380 SubKey: resources.NovaCompute0Deployment
382 DefaultSignalTransport:
383 get_param: DefaultSignalTransport
384 NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
385 KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
386 NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
387 GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
388 RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
392 - - mysql://nova:unset@
393 - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
395 NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
399 - - mysql://ceilometer:unset@
400 - *compute_database_host
405 - - mysql://neutron:unset@
406 - *compute_database_host
409 get_param: NeutronNetworkType
411 get_param: NeutronTunnelTypes
412 NeutronEnableTunnelling: "True"
414 get_param: NeutronFlatNetworks
415 NeutronNetworkVLANRanges:
416 get_param: NeutronNetworkVLANRanges
417 NeutronPhysicalBridge:
418 get_param: HypervisorNeutronPhysicalBridge
419 NeutronPublicInterface:
420 get_param: HypervisorNeutronPublicInterface
421 NeutronBridgeMappings:
422 get_param: NeutronBridgeMappings
423 NovaCompute0AllNodesDeployment:
425 Path: nova-compute-instance.yaml
426 SubKey: resources.NovaCompute0AllNodesDeployment
428 AllNodesConfig: {get_resource: allNodesConfig}
431 Path: nova-compute-instance.yaml
432 SubKey: resources.NovaCompute0
433 NovaCompute0Passthrough:
435 Path: nova-compute-instance.yaml
436 SubKey: resources.NovaCompute0Passthrough
438 passthrough_config: {get_param: ExtraConfig}
439 NovaCompute0PassthroughSpecific:
441 Path: nova-compute-instance.yaml
442 SubKey: resources.NovaCompute0PassthroughSpecific
444 passthrough_config_specific: {get_param: NovaComputeExtraConfig}
446 type: OS::Heat::StructuredConfig
448 group: os-apply-config
451 get_param: AdminPassword
453 get_param: AdminToken
456 get_param: NeutronPublicInterfaceIP
468 nodeid: {get_input: bootstack_nodeid}
471 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
476 - - mysql://cinder:unset@
479 debug: {get_param: Debug}
481 get_param: CinderLVMLoopDeviceSize
483 get_param: CinderPassword
485 get_param: CinderISCSIHelper
487 get_input: controller_host
489 bindnetaddr: {get_input: controller_host}
494 ip: {get_attr: [controller0, networks, ctlplane, 0]}
496 stonith_enabled : false
498 quorum_policy : ignore
502 host: {get_input: controller_virtual_ip}
507 - - mysql://glance:unset@
510 debug: {get_param: Debug}
512 get_input: controller_virtual_ip
514 get_param: GlancePort
516 get_param: GlanceProtocol
518 get_param: GlancePassword
519 swift-store-user: service:glance
521 get_param: GlancePassword
523 get_param: GlanceNotifierStrategy
525 get_param: GlanceLogFile
528 get_param: HeatPassword
529 admin_tenant_name: service
531 auth_encryption_key: unset___________
535 - - mysql://heat:unset@
538 debug: {get_param: Debug}
539 stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
540 watch_server_url: {get_input: heat.watch_server_url}
541 metadata_server_url: {get_input: heat.metadata_server_url}
542 waitcondition_server_url: {get_input: heat.waitcondition_server_url}
549 {get_attr: [controller0, name]}
554 - - mysql://keystone:unset@
557 debug: {get_param: Debug}
559 get_input: controller_virtual_ip
560 ca_certificate: {get_param: KeystoneCACertificate}
561 signing_key: {get_param: KeystoneSigningKey}
562 signing_certificate: {get_param: KeystoneSigningCertificate}
564 innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
566 root-password: {get_resource: MysqlRootPassword}
570 ip: {get_attr: [controller0, networks, ctlplane, 0]}
575 - {get_resource: MysqlClusterUniquePart}
577 debug: {get_param: Debug}
578 flat-networks: {get_param: NeutronFlatNetworks}
579 host: {get_input: controller_virtual_ip}
580 metadata_proxy_shared_secret: unset
582 enable_tunneling: 'True'
584 get_input: controller_host
585 network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
586 bridge_mappings: {get_param: NeutronBridgeMappings}
588 get_param: NeutronPublicInterface
589 public_interface_raw_device:
590 get_param: NeutronPublicInterfaceRawDevice
591 public_interface_route:
592 get_param: NeutronPublicInterfaceDefaultRoute
593 public_interface_tag:
594 get_param: NeutronPublicInterfaceTag
595 physical_bridge: br-ex
597 get_param: NeutronNetworkType
599 get_param: NeutronTunnelTypes
603 - - mysql://neutron:unset@
605 - /ovs_neutron?charset=utf8
607 get_param: NeutronPassword
609 get_param: NeutronDnsmasqOptions
614 - - mysql://ceilometer:unset@
617 debug: {get_param: Debug}
618 metering_secret: {get_param: CeilometerMeteringSecret}
620 get_param: CeilometerPassword
622 export_MIB: UCD-SNMP-MIB
624 get_param: SnmpdReadonlyUserName
625 readonly_user_password:
626 get_param: SnmpdReadonlyUserPassword
628 compute_driver: libvirt.LibvirtDriver
632 - - mysql://nova:unset@
635 default_floating_pool:
637 host: {get_input: controller_virtual_ip}
640 get_param: NovaPassword
642 host: {get_input: controller_virtual_ip}
644 get_param: RabbitUserName
646 get_param: RabbitPassword
653 - {server: {get_param: NtpServer}, fudge: "stratum 0"}
656 - vrrp_instance_name: VI_CONTROL
657 virtual_router_id: 51
659 get_param: ControlVirtualInterface
662 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
664 get_param: ControlVirtualInterface
665 - vrrp_instance_name: VI_PUBLIC
666 virtual_router_id: 52
668 get_param: PublicVirtualInterface
671 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
673 get_param: PublicVirtualInterface
681 get_param: PublicVirtualInterface
685 ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
687 get_param: ControlVirtualInterface
689 ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
691 get_param: PublicVirtualInterface
696 ip: {get_attr: [controller0, networks, ctlplane, 0]}
697 name: {get_attr: [controller0, name]}
699 - &control_vip {ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}}
700 - &public_vip {ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}}
702 - name: keystone_admin
704 - name: keystone_public
714 - name: glance_registry
718 - name: heat_cloudwatch
735 - name: nova_metadata
737 - name: nova_novncproxy
741 - name: swift_proxy_server
750 controllerPassthrough:
751 type: OS::Heat::StructuredConfig
753 group: os-apply-config
754 config: {get_input: passthrough_config}
755 controllerPassthroughSpecific:
756 type: OS::Heat::StructuredConfig
758 group: os-apply-config
759 config: {get_input: passthrough_config_specific}
761 type: OS::Nova::Server
764 get_param: controllerImage
766 get_param: ImageUpdatePolicy
768 get_param: OvercloudControlFlavor
773 user_data_format: SOFTWARE_CONFIG
774 controller0AllNodesDeployment:
775 depends_on: [controller0Deployment,controller0SSLDeployment,controller0Swift,controller0PassthroughSpecific]
776 type: OS::Heat::StructuredDeployment
778 signal_transport: {get_param: DefaultSignalTransport}
779 config: {get_resource: allNodesConfig}
780 server: {get_resource: controller0}
781 controller0Deployment:
782 type: OS::Heat::StructuredDeployment
784 signal_transport: NO_SIGNAL
785 config: {get_resource: controllerConfig}
786 server: {get_resource: controller0}
788 bootstack_nodeid: {get_attr: [controller0, name]}
789 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
790 controller_virtual_ip:
791 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
792 heat.watch_server_url:
796 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
798 heat.metadata_server_url:
802 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
804 heat.waitcondition_server_url:
808 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
809 - ':8000/v1/waitcondition'
811 type: OS::Heat::StructuredConfig
814 completion-signal: {get_input: deploy_signal_id}
824 - - {get_attr: [NovaCompute0, networks, ctlplane, 0]}
825 - {get_attr: [NovaCompute0, name]}
828 - - {get_attr: [NovaCompute0, name]}
836 - - {get_attr: [BlockStorage0, networks, ctlplane, 0]}
837 - {get_attr: [BlockStorage0, name]}
840 - - {get_attr: [BlockStorage0, name]}
848 - - {get_attr: [SwiftStorage0, networks, ctlplane, 0]}
849 - {get_attr: [SwiftStorage0, name]}
852 - - {get_attr: [SwiftStorage0, name]}
860 - - {get_attr: [controller0, networks, ctlplane, 0]}
861 - {get_attr: [controller0, name]}
864 - - {get_attr: [controller0, name]}
866 - {get_param: CloudName}
873 {get_attr: [controller0, name]}
874 controller0SSLDeployment:
875 type: OS::Heat::StructuredDeployment
877 config: {get_resource: SSLConfig}
878 server: {get_resource: controller0}
879 signal_transport: NO_SIGNAL
881 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
882 ssl_certificate: {get_param: SSLCertificate}
883 ssl_key: {get_param: SSLKey}
884 ssl_ca_certificate: {get_param: SSLCACertificate}
885 controller0Passthrough:
886 type: OS::Heat::StructuredDeployment
888 config: {get_resource: controllerPassthrough}
889 server: {get_resource: controller0}
890 signal_transport: NO_SIGNAL
892 passthrough_config: {get_param: ExtraConfig}
893 controller0PassthroughSpecific:
894 depends_on: [controller0Passthrough]
895 type: OS::Heat::StructuredDeployment
897 config: {get_resource: controllerPassthroughSpecific}
898 server: {get_resource: controller0}
899 signal_transport: NO_SIGNAL
901 passthrough_config_specific: {get_param: controllerExtraConfig}
904 description: URL for the Overcloud Keystone service
909 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}