1 description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
2 server,Dedicated RabbitMQ Server,Group of Nova Computes
3 heat_template_version: 2013-05-23
7 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The keystone auth secret.
17 description: The password for the cinder service account, used by cinder-api.
22 description: The iSCSI helper to use with cinder.
24 CinderLVMLoopDeviceSize:
26 description: The size of the loopback file used by the cinder LVM driver.
30 description: Set to True to enable debugging on all services.
35 Additional configuration to inject into the cluster. The JSON should have
36 the following structure:
39 [{"section": "SECTIONNAME",
41 [{"option": "OPTIONNAME",
52 [{"section": "default",
54 [{"option": "force_config_drive",
62 "value": "nova.cells.rpc_driver.CellsRPCDriver"
70 OvercloudControlFlavor:
72 description: Flavor for control nodes to request when deploying.
74 OvercloudComputeFlavor:
76 description: Flavor for compute nodes to request when deploying.
80 description: Glance port.
84 description: Protocol to use when connecting to glance, set to https for SSL.
88 description: The password for the glance service account, used by the glance services.
91 GlanceNotifierStrategy:
92 description: Strategy to use for Glance notification queue
96 description: The filepath of the file to use for logging messages from Glance.
101 description: The password for the Heat service account, used by the Heat services.
105 default: 'REBUILD_PRESERVE_EPHEMERAL'
106 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
110 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
112 NeutronBridgeMappings:
114 The OVS logical->physical bridge mappings to use. See the Neutron
115 documentation for details. Defaults to mapping br-ex - the external
116 bridge on hosts - to a physical name 'datacentre' which can be used
117 to create provider networks (and we use this for the default floating
118 network) - if changing this either use different post-install network
119 scripts or be sure to keep 'datacentre' as a mapping network name.
121 default: "datacentre:br-ex"
122 NeutronNetworkVLANRanges:
123 default: 'datacentre'
125 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
126 Neutron documentation for permitted values. Defaults to permitting any
127 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
131 description: The password for the neutron service account, used by neutron agents.
134 CeilometerComputeAgent:
135 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
139 - allowed_values: ['', Present]
140 CeilometerMeteringSecret:
142 description: Secret shared by the ceilometer services.
147 description: The password for the ceilometer service account.
150 SnmpdReadonlyUserName:
151 default: ro_snmp_user
152 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
154 SnmpdReadonlyUserPassword:
156 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
161 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
164 default: libvirt.LibvirtDriver
166 NovaComputeLibvirtType:
171 default: overcloud-compute
174 description: The password for the nova service account, used by nova-api.
179 default: 'datacentre'
181 If set, flat networks to configure in neutron plugins. Defaults to
182 'datacentre' to permit external network creation.
183 HypervisorNeutronPhysicalBridge:
186 An OVS bridge to create on each hypervisor. This defaults to br-ex the
187 same as the control plane nodes, as we have a uniform configuration of
188 the openvswitch agent. Typically should not need to be changed.
190 HypervisorNeutronPublicInterface:
192 description: What interface to add to the HypervisorNeutronPhysicalBridge.
194 NeutronPublicInterface:
196 description: What interface to bridge onto br-ex for network nodes.
198 NeutronPublicInterfaceDefaultRoute:
200 description: A custom default route for the NeutronPublicInterface.
202 NeutronPublicInterfaceIP:
204 description: A custom IP address to put onto the NeutronPublicInterface.
206 NeutronPublicInterfaceTag:
209 VLAN tag for creating a public VLAN. The tag will be used to
210 create an access port on the exterior bridge for each control plane node,
211 and that port will be given the IP address returned by neutron from the
212 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
213 overcloud.yaml to include the deployment of VLAN ports to the control
216 NeutronPublicInterfaceRawDevice:
218 description: If set, the public interface is a vlan with this device as the raw device.
220 NeutronControlPlaneID:
223 description: Neutron ID for ctlplane network.
224 NeutronDnsmasqOptions:
225 default: 'dhcp-option-force=26,1400'
226 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
230 default: overcloud-control
236 description: The username for RabbitMQ
240 description: The password for RabbitMQ
246 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
247 HeatStackDomainAdminPassword:
248 description: Password for heat_domain_admin user.
254 description: The live-update username for the undercloud Glance API.
256 LiveUpdateTenantName:
258 description: The live-update tenant name for the undercloud Glance API.
262 description: The IP address for the undercloud Glance API.
267 description: The live-update password for the undercloud Glance API.
269 LiveUpdateComputeImage:
271 description: The image ID for live-updates to the overcloud compute nodes.
273 MysqlInnodbBufferPoolSize:
275 Specifies the size of the buffer pool in megabytes. Setting to
276 zero should be interpreted as "no value" and will defer to the
280 ControlVirtualInterface:
282 description: Interface where virtual ip will be assigned.
286 description: Should be used for arbitrary ips.
288 PublicVirtualFixedIPs:
291 Control the IP allocation for the PublicVirtualInterface port. E.g.
292 [{'ip_address':'1.2.3.4'}]
294 PublicVirtualInterface:
297 Specifies the interface where the public-facing virtual ip will be assigned.
298 This should be int_public when a VLAN is being used.
300 PublicVirtualNetwork:
304 Neutron network to allocate public virtual IP port on.
305 KeystoneCACertificate:
307 description: Keystone self-signed certificate authority certificate.
309 KeystoneSigningCertificate:
311 description: Keystone certificate for verifying token validity.
315 description: Keystone key for signing tokens.
318 DefaultSignalTransport:
320 description: Transport to use for software-config signals.
323 - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
326 type: OS::Neutron::Port
328 name: control_virtual_ip
329 network_id: {get_param: NeutronControlPlaneID}
331 get_param: ControlFixedIPs
332 MysqlClusterUniquePart:
333 type: OS::Heat::RandomString
337 type: OS::Heat::RandomString
341 type: OS::Neutron::Port
343 name: public_virtual_ip
344 network: {get_param: PublicVirtualNetwork}
346 get_param: PublicVirtualFixedIPs
348 type: OS::Heat::RandomString
352 get_param: RabbitCookieSalt
353 NovaCompute0Deployment:
355 Path: nova-compute-instance.yaml
356 SubKey: resources.NovaCompute0Deployment
358 DefaultSignalTransport:
359 get_param: DefaultSignalTransport
360 NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
361 KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
362 NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
363 GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
364 RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
368 - - mysql://nova:unset@
369 - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
371 NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
375 - - mysql://ceilometer:unset@
376 - *compute_database_host
381 - - mysql://neutron:unset@
382 - *compute_database_host
384 NeutronNetworkType: "gre"
385 NeutronEnableTunnelling: "True"
387 get_param: NeutronFlatNetworks
388 NeutronNetworkVLANRanges:
389 get_param: NeutronNetworkVLANRanges
390 NeutronPhysicalBridge:
391 get_param: HypervisorNeutronPhysicalBridge
392 NeutronPublicInterface:
393 get_param: HypervisorNeutronPublicInterface
394 NeutronBridgeMappings:
395 get_param: NeutronBridgeMappings
396 NovaCompute0AllNodesDeployment:
398 Path: nova-compute-instance.yaml
399 SubKey: resources.NovaCompute0AllNodesDeployment
401 AllNodesConfig: {get_resource: allNodesConfig}
402 NovaCompute0Passthrough:
404 Path: nova-compute-instance.yaml
405 SubKey: resources.NovaCompute0Passthrough
407 passthrough_config: {get_param: ExtraConfig}
410 Path: nova-compute-instance.yaml
411 SubKey: resources.NovaCompute0
413 type: OS::Heat::StructuredConfig
415 group: os-apply-config
418 get_param: AdminPassword
420 get_param: AdminToken
423 get_param: NeutronPublicInterfaceIP
437 nodeid: {get_input: bootstack_nodeid}
440 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
445 - - mysql://cinder:unset@
448 debug: {get_param: Debug}
450 get_param: CinderLVMLoopDeviceSize
452 get_param: CinderPassword
454 get_param: CinderISCSIHelper
456 get_input: controller_host
458 bindnetaddr: {get_input: controller_host}
463 ip: {get_attr: [controller0, networks, ctlplane, 0]}
465 stonith_enabled : false
467 quorum_policy : ignore
471 host: {get_input: controller_virtual_ip}
476 - - mysql://glance:unset@
479 debug: {get_param: Debug}
481 get_input: controller_virtual_ip
483 get_param: GlancePort
485 get_param: GlanceProtocol
487 get_param: GlancePassword
488 swift-store-user: service:glance
490 get_param: GlancePassword
492 get_param: GlanceNotifierStrategy
494 get_param: GlanceLogFile
497 get_param: HeatPassword
498 admin_tenant_name: service
500 auth_encryption_key: unset___________
504 - - mysql://heat:unset@
507 debug: {get_param: Debug}
508 stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
509 watch_server_url: {get_input: heat.watch_server_url}
510 metadata_server_url: {get_input: heat.metadata_server_url}
511 waitcondition_server_url: {get_input: heat.waitcondition_server_url}
518 {get_attr: [controller0, show, name]}
523 - - mysql://keystone:unset@
526 debug: {get_param: Debug}
528 get_input: controller_virtual_ip
529 ca_certificate: {get_param: KeystoneCACertificate}
530 signing_key: {get_param: KeystoneSigningKey}
531 signing_certificate: {get_param: KeystoneSigningCertificate}
533 innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
535 root-password: {get_resource: MysqlRootPassword}
539 ip: {get_attr: [controller0, networks, ctlplane, 0]}
544 - {get_resource: MysqlClusterUniquePart}
546 debug: {get_param: Debug}
547 flat-networks: {get_param: NeutronFlatNetworks}
548 host: {get_input: controller_virtual_ip}
549 metadata_proxy_shared_secret: unset
551 enable_tunneling: 'True'
553 get_input: controller_host
554 network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
555 bridge_mappings: {get_param: NeutronBridgeMappings}
557 get_param: NeutronPublicInterface
558 public_interface_raw_device:
559 get_param: NeutronPublicInterfaceRawDevice
560 public_interface_route:
561 get_param: NeutronPublicInterfaceDefaultRoute
562 public_interface_tag:
563 get_param: NeutronPublicInterfaceTag
564 physical_bridge: br-ex
565 tenant_network_type: gre
569 - - mysql://neutron:unset@
571 - /ovs_neutron?charset=utf8
573 get_param: NeutronPassword
575 get_param: NeutronDnsmasqOptions
580 - - mysql://ceilometer:unset@
583 debug: {get_param: Debug}
584 metering_secret: {get_param: CeilometerMeteringSecret}
586 get_param: CeilometerPassword
588 export_MIB: UCD-SNMP-MIB
590 get_param: SnmpdReadonlyUserName
591 readonly_user_password:
592 get_param: SnmpdReadonlyUserPassword
594 compute_driver: libvirt.LibvirtDriver
598 - - mysql://nova:unset@
601 default_floating_pool:
603 host: {get_input: controller_virtual_ip}
606 get_param: NovaPassword
608 host: {get_input: controller_virtual_ip}
610 get_param: RabbitUserName
612 get_param: RabbitPassword
619 - {server: {get_param: NtpServer}, fudge: "stratum 0"}
622 - vrrp_instance_name: VI_CONTROL
623 virtual_router_id: 51
625 get_param: ControlVirtualInterface
628 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
630 get_param: ControlVirtualInterface
631 - vrrp_instance_name: VI_PUBLIC
632 virtual_router_id: 52
634 get_param: PublicVirtualInterface
637 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
639 get_param: PublicVirtualInterface
647 get_param: PublicVirtualInterface
651 ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
653 get_param: ControlVirtualInterface
655 ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
657 get_param: PublicVirtualInterface
662 ip: {get_attr: [controller0, networks, ctlplane, 0]}
663 name: {get_attr: [controller0, show, name]}
665 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
667 - name: keystone_admin
669 net_binds: &public_binds
670 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
671 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
672 - name: keystone_public
674 net_binds: *public_binds
677 net_binds: *public_binds
680 net_binds: *public_binds
683 net_binds: *public_binds
686 net_binds: *public_binds
687 - name: glance_registry
689 net_binds: *public_binds
692 net_binds: *public_binds
693 - name: heat_cloudwatch
695 net_binds: *public_binds
698 net_binds: *public_binds
710 net_binds: *public_binds
711 - name: nova_metadata
713 net_binds: *public_binds
716 net_binds: *public_binds
717 - name: swift_proxy_server
719 net_binds: *public_binds
725 controllerPassthrough:
726 type: OS::Heat::StructuredConfig
728 group: os-apply-config
729 config: {get_input: passthrough_config}
731 type: OS::Nova::Server
734 get_param: controllerImage
736 get_param: ImageUpdatePolicy
738 get_param: OvercloudControlFlavor
743 user_data_format: SOFTWARE_CONFIG
744 controller0AllNodesDeployment:
745 depends_on: [controller0Deployment,controller0SSLDeployment,controller0Swift,controller0Passthrough]
746 type: OS::Heat::StructuredDeployment
748 signal_transport: {get_param: DefaultSignalTransport}
749 config: {get_resource: allNodesConfig}
750 server: {get_resource: controller0}
751 controller0Deployment:
752 type: OS::Heat::StructuredDeployment
754 signal_transport: NO_SIGNAL
755 config: {get_resource: controllerConfig}
756 server: {get_resource: controller0}
758 bootstack_nodeid: {get_attr: [controller0, show, name]}
759 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
760 controller_virtual_ip:
761 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
762 heat.watch_server_url:
766 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
768 heat.metadata_server_url:
772 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
774 heat.waitcondition_server_url:
778 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
779 - ':8000/v1/waitcondition'
781 type: OS::Heat::StructuredConfig
784 completion-signal: {get_input: deploy_signal_id}
794 - - {get_attr: [NovaCompute0, networks, ctlplane, 0]}
795 - {get_attr: [NovaCompute0, show, name]}
798 - - {get_attr: [NovaCompute0, show, name]}
806 - - {get_attr: [BlockStorage0, networks, ctlplane, 0]}
807 - {get_attr: [BlockStorage0, show, name]}
810 - - {get_attr: [BlockStorage0, show, name]}
818 - - {get_attr: [SwiftStorage0, networks, ctlplane, 0]}
819 - {get_attr: [SwiftStorage0, show, name]}
822 - - {get_attr: [SwiftStorage0, show, name]}
830 - - {get_attr: [controller0, networks, ctlplane, 0]}
831 - {get_attr: [controller0, show, name]}
834 - - {get_attr: [controller0, show, name]}
836 - {get_param: CloudName}
843 {get_attr: [controller0, show, name]}
844 controller0SSLDeployment:
845 type: OS::Heat::StructuredDeployment
847 config: {get_resource: SSLConfig}
848 server: {get_resource: controller0}
849 signal_transport: NO_SIGNAL
851 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
852 ssl_certificate: {get_param: SSLCertificate}
853 ssl_key: {get_param: SSLKey}
854 ssl_ca_certificate: {get_param: SSLCACertificate}
855 controller0Passthrough:
856 type: OS::Heat::StructuredDeployment
858 config: {get_resource: controllerPassthrough}
859 server: {get_resource: controller0}
860 signal_transport: NO_SIGNAL
862 passthrough_config: {get_param: ExtraConfig}
865 description: URL for the Overcloud Keystone service
870 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}