1 description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
2 server,Dedicated RabbitMQ Server,Group of Nova Computes
3 heat_template_version: 2013-05-23
7 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The keystone auth secret.
17 description: The password for the cinder service account, used by cinder-api.
22 description: The iSCSI helper to use with cinder.
24 CinderLVMLoopDeviceSize:
26 description: The size of the loopback file used by the cinder LVM driver.
30 description: Set to True to enable debugging on all services.
35 Additional configuration to inject into the cluster. The JSON should have
36 the following structure:
39 [{"section": "SECTIONNAME",
41 [{"option": "OPTIONNAME",
52 [{"section": "default",
54 [{"option": "force_config_drive",
62 "value": "nova.cells.rpc_driver.CellsRPCDriver"
70 controllerExtraConfig:
73 Controller specific configuration to inject into the cluster. Same
74 structure as ExtraConfig.
76 NovaComputeExtraConfig:
79 NovaCompute specific configuration to inject into the cluster. Same
80 structure as ExtraConfig.
82 OvercloudControlFlavor:
84 description: Flavor for control nodes to request when deploying.
86 OvercloudComputeFlavor:
88 description: Flavor for compute nodes to request when deploying.
92 description: Glance port.
96 description: Protocol to use when connecting to glance, set to https for SSL.
100 description: The password for the glance service account, used by the glance services.
103 GlanceNotifierStrategy:
104 description: Strategy to use for Glance notification queue
108 description: The filepath of the file to use for logging messages from Glance.
113 description: The password for the Heat service account, used by the Heat services.
117 default: 'REBUILD_PRESERVE_EPHEMERAL'
118 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
122 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
124 NeutronBridgeMappings:
126 The OVS logical->physical bridge mappings to use. See the Neutron
127 documentation for details. Defaults to mapping br-ex - the external
128 bridge on hosts - to a physical name 'datacentre' which can be used
129 to create provider networks (and we use this for the default floating
130 network) - if changing this either use different post-install network
131 scripts or be sure to keep 'datacentre' as a mapping network name.
133 default: "datacentre:br-ex"
134 NeutronNetworkVLANRanges:
135 default: 'datacentre'
137 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
138 Neutron documentation for permitted values. Defaults to permitting any
139 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
143 description: The password for the neutron service account, used by neutron agents.
146 CeilometerComputeAgent:
147 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
151 - allowed_values: ['', Present]
152 CeilometerMeteringSecret:
154 description: Secret shared by the ceilometer services.
159 description: The password for the ceilometer service account.
162 SnmpdReadonlyUserName:
163 default: ro_snmp_user
164 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
166 SnmpdReadonlyUserPassword:
168 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
173 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
176 default: libvirt.LibvirtDriver
178 NovaComputeLibvirtType:
183 default: overcloud-compute
186 description: The password for the nova service account, used by nova-api.
191 default: 'datacentre'
193 If set, flat networks to configure in neutron plugins. Defaults to
194 'datacentre' to permit external network creation.
195 HypervisorNeutronPhysicalBridge:
198 An OVS bridge to create on each hypervisor. This defaults to br-ex the
199 same as the control plane nodes, as we have a uniform configuration of
200 the openvswitch agent. Typically should not need to be changed.
202 HypervisorNeutronPublicInterface:
204 description: What interface to add to the HypervisorNeutronPhysicalBridge.
206 NeutronPublicInterface:
208 description: What interface to bridge onto br-ex for network nodes.
210 NeutronPublicInterfaceDefaultRoute:
212 description: A custom default route for the NeutronPublicInterface.
214 NeutronPublicInterfaceIP:
216 description: A custom IP address to put onto the NeutronPublicInterface.
218 NeutronPublicInterfaceTag:
221 VLAN tag for creating a public VLAN. The tag will be used to
222 create an access port on the exterior bridge for each control plane node,
223 and that port will be given the IP address returned by neutron from the
224 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
225 overcloud.yaml to include the deployment of VLAN ports to the control
228 NeutronPublicInterfaceRawDevice:
230 description: If set, the public interface is a vlan with this device as the raw device.
232 NeutronControlPlaneID:
235 description: Neutron ID for ctlplane network.
236 NeutronDnsmasqOptions:
237 default: 'dhcp-option-force=26,1400'
238 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
242 default: overcloud-control
248 description: The username for RabbitMQ
252 description: The password for RabbitMQ
258 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
259 HeatStackDomainAdminPassword:
260 description: Password for heat_domain_admin user.
266 description: The live-update username for the undercloud Glance API.
268 LiveUpdateTenantName:
270 description: The live-update tenant name for the undercloud Glance API.
274 description: The IP address for the undercloud Glance API.
279 description: The live-update password for the undercloud Glance API.
281 LiveUpdateComputeImage:
283 description: The image ID for live-updates to the overcloud compute nodes.
285 MysqlInnodbBufferPoolSize:
287 Specifies the size of the buffer pool in megabytes. Setting to
288 zero should be interpreted as "no value" and will defer to the
292 ControlVirtualInterface:
294 description: Interface where virtual ip will be assigned.
298 description: Should be used for arbitrary ips.
300 PublicVirtualFixedIPs:
303 Control the IP allocation for the PublicVirtualInterface port. E.g.
304 [{'ip_address':'1.2.3.4'}]
306 PublicVirtualInterface:
309 Specifies the interface where the public-facing virtual ip will be assigned.
310 This should be int_public when a VLAN is being used.
312 PublicVirtualNetwork:
316 Neutron network to allocate public virtual IP port on.
317 KeystoneCACertificate:
319 description: Keystone self-signed certificate authority certificate.
321 KeystoneSigningCertificate:
323 description: Keystone certificate for verifying token validity.
327 description: Keystone key for signing tokens.
330 DefaultSignalTransport:
332 description: Transport to use for software-config signals.
335 - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
338 type: OS::Neutron::Port
340 name: control_virtual_ip
341 network_id: {get_param: NeutronControlPlaneID}
343 get_param: ControlFixedIPs
344 MysqlClusterUniquePart:
345 type: OS::Heat::RandomString
349 type: OS::Heat::RandomString
353 type: OS::Neutron::Port
355 name: public_virtual_ip
356 network: {get_param: PublicVirtualNetwork}
358 get_param: PublicVirtualFixedIPs
360 type: OS::Heat::RandomString
364 get_param: RabbitCookieSalt
365 NovaCompute0Deployment:
367 Path: nova-compute-instance.yaml
368 SubKey: resources.NovaCompute0Deployment
370 DefaultSignalTransport:
371 get_param: DefaultSignalTransport
372 NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
373 KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
374 NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
375 GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
376 RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
380 - - mysql://nova:unset@
381 - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
383 NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
387 - - mysql://ceilometer:unset@
388 - *compute_database_host
393 - - mysql://neutron:unset@
394 - *compute_database_host
396 NeutronNetworkType: "gre"
397 NeutronEnableTunnelling: "True"
399 get_param: NeutronFlatNetworks
400 NeutronNetworkVLANRanges:
401 get_param: NeutronNetworkVLANRanges
402 NeutronPhysicalBridge:
403 get_param: HypervisorNeutronPhysicalBridge
404 NeutronPublicInterface:
405 get_param: HypervisorNeutronPublicInterface
406 NeutronBridgeMappings:
407 get_param: NeutronBridgeMappings
408 NovaCompute0AllNodesDeployment:
410 Path: nova-compute-instance.yaml
411 SubKey: resources.NovaCompute0AllNodesDeployment
413 AllNodesConfig: {get_resource: allNodesConfig}
416 Path: nova-compute-instance.yaml
417 SubKey: resources.NovaCompute0
418 NovaCompute0Passthrough:
420 Path: nova-compute-instance.yaml
421 SubKey: resources.NovaCompute0Passthrough
423 passthrough_config: {get_param: ExtraConfig}
424 NovaCompute0PassthroughSpecific:
426 Path: nova-compute-instance.yaml
427 SubKey: resources.NovaCompute0PassthroughSpecific
429 passthrough_config_specific: {get_param: NovaComputeExtraConfig}
431 type: OS::Heat::StructuredConfig
433 group: os-apply-config
436 get_param: AdminPassword
438 get_param: AdminToken
441 get_param: NeutronPublicInterfaceIP
453 nodeid: {get_input: bootstack_nodeid}
456 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
461 - - mysql://cinder:unset@
464 debug: {get_param: Debug}
466 get_param: CinderLVMLoopDeviceSize
468 get_param: CinderPassword
470 get_param: CinderISCSIHelper
472 get_input: controller_host
474 bindnetaddr: {get_input: controller_host}
479 ip: {get_attr: [controller0, networks, ctlplane, 0]}
481 stonith_enabled : false
483 quorum_policy : ignore
487 host: {get_input: controller_virtual_ip}
492 - - mysql://glance:unset@
495 debug: {get_param: Debug}
497 get_input: controller_virtual_ip
499 get_param: GlancePort
501 get_param: GlanceProtocol
503 get_param: GlancePassword
504 swift-store-user: service:glance
506 get_param: GlancePassword
508 get_param: GlanceNotifierStrategy
510 get_param: GlanceLogFile
513 get_param: HeatPassword
514 admin_tenant_name: service
516 auth_encryption_key: unset___________
520 - - mysql://heat:unset@
523 debug: {get_param: Debug}
524 stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
525 watch_server_url: {get_input: heat.watch_server_url}
526 metadata_server_url: {get_input: heat.metadata_server_url}
527 waitcondition_server_url: {get_input: heat.waitcondition_server_url}
534 {get_attr: [controller0, name]}
539 - - mysql://keystone:unset@
542 debug: {get_param: Debug}
544 get_input: controller_virtual_ip
545 ca_certificate: {get_param: KeystoneCACertificate}
546 signing_key: {get_param: KeystoneSigningKey}
547 signing_certificate: {get_param: KeystoneSigningCertificate}
549 innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
551 root-password: {get_resource: MysqlRootPassword}
555 ip: {get_attr: [controller0, networks, ctlplane, 0]}
560 - {get_resource: MysqlClusterUniquePart}
562 debug: {get_param: Debug}
563 flat-networks: {get_param: NeutronFlatNetworks}
564 host: {get_input: controller_virtual_ip}
565 metadata_proxy_shared_secret: unset
567 enable_tunneling: 'True'
569 get_input: controller_host
570 network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
571 bridge_mappings: {get_param: NeutronBridgeMappings}
573 get_param: NeutronPublicInterface
574 public_interface_raw_device:
575 get_param: NeutronPublicInterfaceRawDevice
576 public_interface_route:
577 get_param: NeutronPublicInterfaceDefaultRoute
578 public_interface_tag:
579 get_param: NeutronPublicInterfaceTag
580 physical_bridge: br-ex
581 tenant_network_type: gre
585 - - mysql://neutron:unset@
587 - /ovs_neutron?charset=utf8
589 get_param: NeutronPassword
591 get_param: NeutronDnsmasqOptions
596 - - mysql://ceilometer:unset@
599 debug: {get_param: Debug}
600 metering_secret: {get_param: CeilometerMeteringSecret}
602 get_param: CeilometerPassword
604 export_MIB: UCD-SNMP-MIB
606 get_param: SnmpdReadonlyUserName
607 readonly_user_password:
608 get_param: SnmpdReadonlyUserPassword
610 compute_driver: libvirt.LibvirtDriver
614 - - mysql://nova:unset@
617 default_floating_pool:
619 host: {get_input: controller_virtual_ip}
622 get_param: NovaPassword
624 host: {get_input: controller_virtual_ip}
626 get_param: RabbitUserName
628 get_param: RabbitPassword
635 - {server: {get_param: NtpServer}, fudge: "stratum 0"}
638 - vrrp_instance_name: VI_CONTROL
639 virtual_router_id: 51
641 get_param: ControlVirtualInterface
644 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
646 get_param: ControlVirtualInterface
647 - vrrp_instance_name: VI_PUBLIC
648 virtual_router_id: 52
650 get_param: PublicVirtualInterface
653 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
655 get_param: PublicVirtualInterface
663 get_param: PublicVirtualInterface
667 ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
669 get_param: ControlVirtualInterface
671 ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
673 get_param: PublicVirtualInterface
678 ip: {get_attr: [controller0, networks, ctlplane, 0]}
679 name: {get_attr: [controller0, name]}
681 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
683 - name: keystone_admin
685 net_binds: &public_binds
686 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
687 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
688 - name: keystone_public
690 net_binds: *public_binds
693 net_binds: *public_binds
696 net_binds: *public_binds
699 net_binds: *public_binds
702 net_binds: *public_binds
703 - name: glance_registry
705 net_binds: *public_binds
708 net_binds: *public_binds
709 - name: heat_cloudwatch
711 net_binds: *public_binds
714 net_binds: *public_binds
726 net_binds: *public_binds
727 - name: nova_metadata
729 net_binds: *public_binds
732 net_binds: *public_binds
733 - name: swift_proxy_server
735 net_binds: *public_binds
741 controllerPassthrough:
742 type: OS::Heat::StructuredConfig
744 group: os-apply-config
745 config: {get_input: passthrough_config}
746 controllerPassthroughSpecific:
747 type: OS::Heat::StructuredConfig
749 group: os-apply-config
750 config: {get_input: passthrough_config_specific}
752 type: OS::Nova::Server
755 get_param: controllerImage
757 get_param: ImageUpdatePolicy
759 get_param: OvercloudControlFlavor
764 user_data_format: SOFTWARE_CONFIG
765 controller0AllNodesDeployment:
766 depends_on: [controller0Deployment,controller0SSLDeployment,controller0Swift,controller0PassthroughSpecific]
767 type: OS::Heat::StructuredDeployment
769 signal_transport: {get_param: DefaultSignalTransport}
770 config: {get_resource: allNodesConfig}
771 server: {get_resource: controller0}
772 controller0Deployment:
773 type: OS::Heat::StructuredDeployment
775 signal_transport: NO_SIGNAL
776 config: {get_resource: controllerConfig}
777 server: {get_resource: controller0}
779 bootstack_nodeid: {get_attr: [controller0, name]}
780 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
781 controller_virtual_ip:
782 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
783 heat.watch_server_url:
787 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
789 heat.metadata_server_url:
793 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
795 heat.waitcondition_server_url:
799 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
800 - ':8000/v1/waitcondition'
802 type: OS::Heat::StructuredConfig
805 completion-signal: {get_input: deploy_signal_id}
815 - - {get_attr: [NovaCompute0, networks, ctlplane, 0]}
816 - {get_attr: [NovaCompute0, name]}
819 - - {get_attr: [NovaCompute0, name]}
827 - - {get_attr: [BlockStorage0, networks, ctlplane, 0]}
828 - {get_attr: [BlockStorage0, name]}
831 - - {get_attr: [BlockStorage0, name]}
839 - - {get_attr: [SwiftStorage0, networks, ctlplane, 0]}
840 - {get_attr: [SwiftStorage0, name]}
843 - - {get_attr: [SwiftStorage0, name]}
851 - - {get_attr: [controller0, networks, ctlplane, 0]}
852 - {get_attr: [controller0, name]}
855 - - {get_attr: [controller0, name]}
857 - {get_param: CloudName}
864 {get_attr: [controller0, name]}
865 controller0SSLDeployment:
866 type: OS::Heat::StructuredDeployment
868 config: {get_resource: SSLConfig}
869 server: {get_resource: controller0}
870 signal_transport: NO_SIGNAL
872 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
873 ssl_certificate: {get_param: SSLCertificate}
874 ssl_key: {get_param: SSLKey}
875 ssl_ca_certificate: {get_param: SSLCACertificate}
876 controller0Passthrough:
877 type: OS::Heat::StructuredDeployment
879 config: {get_resource: controllerPassthrough}
880 server: {get_resource: controller0}
881 signal_transport: NO_SIGNAL
883 passthrough_config: {get_param: ExtraConfig}
884 controller0PassthroughSpecific:
885 depends_on: [controller0Passthrough]
886 type: OS::Heat::StructuredDeployment
888 config: {get_resource: controllerPassthroughSpecific}
889 server: {get_resource: controller0}
890 signal_transport: NO_SIGNAL
892 passthrough_config_specific: {get_param: controllerExtraConfig}
895 description: URL for the Overcloud Keystone service
900 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}