1 description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
2 server,Dedicated RabbitMQ Server,Group of Nova Computes
3 heat_template_version: 2013-05-23
7 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The keystone auth secret.
17 description: The password for the cinder service account, used by cinder-api.
22 description: The iSCSI helper to use with cinder.
24 CinderLVMLoopDeviceSize:
26 description: The size of the loopback file used by the cinder LVM driver.
30 description: Set to True to enable debugging on all services.
35 Additional configuration to inject into the cluster. The JSON should have
36 the following structure:
39 [{"section": "SECTIONNAME",
41 [{"option": "OPTIONNAME",
52 [{"section": "default",
54 [{"option": "force_config_drive",
62 "value": "nova.cells.rpc_driver.CellsRPCDriver"
70 controllerExtraConfig:
73 Controller specific configuration to inject into the cluster. Same
74 structure as ExtraConfig.
76 NovaComputeExtraConfig:
79 NovaCompute specific configuration to inject into the cluster. Same
80 structure as ExtraConfig.
82 OvercloudControlFlavor:
84 description: Flavor for control nodes to request when deploying.
86 OvercloudComputeFlavor:
88 description: Flavor for compute nodes to request when deploying.
92 description: Glance port.
96 description: Protocol to use when connecting to glance, set to https for SSL.
100 description: The password for the glance service account, used by the glance services.
103 GlanceNotifierStrategy:
104 description: Strategy to use for Glance notification queue
108 description: The filepath of the file to use for logging messages from Glance.
113 description: The password for the Heat service account, used by the Heat services.
117 default: 'REBUILD_PRESERVE_EPHEMERAL'
118 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
122 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
124 NeutronBridgeMappings:
126 The OVS logical->physical bridge mappings to use. See the Neutron
127 documentation for details. Defaults to mapping br-ex - the external
128 bridge on hosts - to a physical name 'datacentre' which can be used
129 to create provider networks (and we use this for the default floating
130 network) - if changing this either use different post-install network
131 scripts or be sure to keep 'datacentre' as a mapping network name.
133 default: "datacentre:br-ex"
134 NeutronNetworkVLANRanges:
135 default: 'datacentre'
137 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
138 Neutron documentation for permitted values. Defaults to permitting any
139 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
143 description: The password for the neutron service account, used by neutron agents.
146 CeilometerComputeAgent:
147 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
151 - allowed_values: ['', Present]
152 CeilometerMeteringSecret:
154 description: Secret shared by the ceilometer services.
159 description: The password for the ceilometer service account.
162 SnmpdReadonlyUserName:
163 default: ro_snmp_user
164 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
166 SnmpdReadonlyUserPassword:
168 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
173 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
176 default: libvirt.LibvirtDriver
178 NovaComputeLibvirtType:
183 default: overcloud-compute
186 description: The password for the nova service account, used by nova-api.
191 default: 'datacentre'
193 If set, flat networks to configure in neutron plugins. Defaults to
194 'datacentre' to permit external network creation.
195 HypervisorNeutronPhysicalBridge:
198 An OVS bridge to create on each hypervisor. This defaults to br-ex the
199 same as the control plane nodes, as we have a uniform configuration of
200 the openvswitch agent. Typically should not need to be changed.
202 HypervisorNeutronPublicInterface:
204 description: What interface to add to the HypervisorNeutronPhysicalBridge.
206 NeutronPublicInterface:
208 description: What interface to bridge onto br-ex for network nodes.
210 NeutronPublicInterfaceDefaultRoute:
212 description: A custom default route for the NeutronPublicInterface.
214 NeutronPublicInterfaceIP:
216 description: A custom IP address to put onto the NeutronPublicInterface.
218 NeutronPublicInterfaceTag:
221 VLAN tag for creating a public VLAN. The tag will be used to
222 create an access port on the exterior bridge for each control plane node,
223 and that port will be given the IP address returned by neutron from the
224 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
225 overcloud.yaml to include the deployment of VLAN ports to the control
228 NeutronPublicInterfaceRawDevice:
230 description: If set, the public interface is a vlan with this device as the raw device.
232 NeutronControlPlaneID:
235 description: Neutron ID for ctlplane network.
236 NeutronDnsmasqOptions:
237 default: 'dhcp-option-force=26,1400'
238 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
242 default: overcloud-control
248 description: The username for RabbitMQ
252 description: The password for RabbitMQ
258 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
259 HeatStackDomainAdminPassword:
260 description: Password for heat_domain_admin user.
266 description: The live-update username for the undercloud Glance API.
268 LiveUpdateTenantName:
270 description: The live-update tenant name for the undercloud Glance API.
274 description: The IP address for the undercloud Glance API.
279 description: The live-update password for the undercloud Glance API.
281 LiveUpdateComputeImage:
283 description: The image ID for live-updates to the overcloud compute nodes.
285 MysqlInnodbBufferPoolSize:
287 Specifies the size of the buffer pool in megabytes. Setting to
288 zero should be interpreted as "no value" and will defer to the
292 ControlVirtualInterface:
294 description: Interface where virtual ip will be assigned.
298 description: Should be used for arbitrary ips.
300 PublicVirtualFixedIPs:
303 Control the IP allocation for the PublicVirtualInterface port. E.g.
304 [{'ip_address':'1.2.3.4'}]
306 PublicVirtualInterface:
309 Specifies the interface where the public-facing virtual ip will be assigned.
310 This should be int_public when a VLAN is being used.
312 PublicVirtualNetwork:
316 Neutron network to allocate public virtual IP port on.
317 KeystoneCACertificate:
319 description: Keystone self-signed certificate authority certificate.
321 KeystoneSigningCertificate:
323 description: Keystone certificate for verifying token validity.
327 description: Keystone key for signing tokens.
330 DefaultSignalTransport:
332 description: Transport to use for software-config signals.
335 - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
338 type: OS::Neutron::Port
340 name: control_virtual_ip
341 network_id: {get_param: NeutronControlPlaneID}
343 get_param: ControlFixedIPs
344 MysqlClusterUniquePart:
345 type: OS::Heat::RandomString
349 type: OS::Heat::RandomString
353 type: OS::Neutron::Port
355 name: public_virtual_ip
356 network: {get_param: PublicVirtualNetwork}
358 get_param: PublicVirtualFixedIPs
360 type: OS::Heat::RandomString
364 get_param: RabbitCookieSalt
365 NovaCompute0Deployment:
367 Path: nova-compute-instance.yaml
368 SubKey: resources.NovaCompute0Deployment
370 DefaultSignalTransport:
371 get_param: DefaultSignalTransport
372 NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
373 KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
374 NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
375 GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
376 RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
380 - - mysql://nova:unset@
381 - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
383 NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
387 - - mysql://ceilometer:unset@
388 - *compute_database_host
393 - - mysql://neutron:unset@
394 - *compute_database_host
396 NeutronNetworkType: "gre"
397 NeutronEnableTunnelling: "True"
399 get_param: NeutronFlatNetworks
400 NeutronNetworkVLANRanges:
401 get_param: NeutronNetworkVLANRanges
402 NeutronPhysicalBridge:
403 get_param: HypervisorNeutronPhysicalBridge
404 NeutronPublicInterface:
405 get_param: HypervisorNeutronPublicInterface
406 NeutronBridgeMappings:
407 get_param: NeutronBridgeMappings
408 NovaCompute0AllNodesDeployment:
410 Path: nova-compute-instance.yaml
411 SubKey: resources.NovaCompute0AllNodesDeployment
413 AllNodesConfig: {get_resource: allNodesConfig}
416 Path: nova-compute-instance.yaml
417 SubKey: resources.NovaCompute0
418 NovaCompute0Passthrough:
420 Path: nova-compute-instance.yaml
421 SubKey: resources.NovaCompute0Passthrough
423 passthrough_config: {get_param: ExtraConfig}
424 NovaCompute0PassthroughSpecific:
426 Path: nova-compute-instance.yaml
427 SubKey: resources.NovaCompute0PassthroughSpecific
429 passthrough_config_specific: {get_param: NovaComputeExtraConfig}
431 type: OS::Heat::StructuredConfig
433 group: os-apply-config
436 get_param: AdminPassword
438 get_param: AdminToken
441 get_param: NeutronPublicInterfaceIP
455 nodeid: {get_input: bootstack_nodeid}
458 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
463 - - mysql://cinder:unset@
466 debug: {get_param: Debug}
468 get_param: CinderLVMLoopDeviceSize
470 get_param: CinderPassword
472 get_param: CinderISCSIHelper
474 get_input: controller_host
476 bindnetaddr: {get_input: controller_host}
481 ip: {get_attr: [controller0, networks, ctlplane, 0]}
483 stonith_enabled : false
485 quorum_policy : ignore
489 host: {get_input: controller_virtual_ip}
494 - - mysql://glance:unset@
497 debug: {get_param: Debug}
499 get_input: controller_virtual_ip
501 get_param: GlancePort
503 get_param: GlanceProtocol
505 get_param: GlancePassword
506 swift-store-user: service:glance
508 get_param: GlancePassword
510 get_param: GlanceNotifierStrategy
512 get_param: GlanceLogFile
515 get_param: HeatPassword
516 admin_tenant_name: service
518 auth_encryption_key: unset___________
522 - - mysql://heat:unset@
525 debug: {get_param: Debug}
526 stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
527 watch_server_url: {get_input: heat.watch_server_url}
528 metadata_server_url: {get_input: heat.metadata_server_url}
529 waitcondition_server_url: {get_input: heat.waitcondition_server_url}
536 {get_attr: [controller0, show, name]}
541 - - mysql://keystone:unset@
544 debug: {get_param: Debug}
546 get_input: controller_virtual_ip
547 ca_certificate: {get_param: KeystoneCACertificate}
548 signing_key: {get_param: KeystoneSigningKey}
549 signing_certificate: {get_param: KeystoneSigningCertificate}
551 innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
553 root-password: {get_resource: MysqlRootPassword}
557 ip: {get_attr: [controller0, networks, ctlplane, 0]}
562 - {get_resource: MysqlClusterUniquePart}
564 debug: {get_param: Debug}
565 flat-networks: {get_param: NeutronFlatNetworks}
566 host: {get_input: controller_virtual_ip}
567 metadata_proxy_shared_secret: unset
569 enable_tunneling: 'True'
571 get_input: controller_host
572 network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
573 bridge_mappings: {get_param: NeutronBridgeMappings}
575 get_param: NeutronPublicInterface
576 public_interface_raw_device:
577 get_param: NeutronPublicInterfaceRawDevice
578 public_interface_route:
579 get_param: NeutronPublicInterfaceDefaultRoute
580 public_interface_tag:
581 get_param: NeutronPublicInterfaceTag
582 physical_bridge: br-ex
583 tenant_network_type: gre
587 - - mysql://neutron:unset@
589 - /ovs_neutron?charset=utf8
591 get_param: NeutronPassword
593 get_param: NeutronDnsmasqOptions
598 - - mysql://ceilometer:unset@
601 debug: {get_param: Debug}
602 metering_secret: {get_param: CeilometerMeteringSecret}
604 get_param: CeilometerPassword
606 export_MIB: UCD-SNMP-MIB
608 get_param: SnmpdReadonlyUserName
609 readonly_user_password:
610 get_param: SnmpdReadonlyUserPassword
612 compute_driver: libvirt.LibvirtDriver
616 - - mysql://nova:unset@
619 default_floating_pool:
621 host: {get_input: controller_virtual_ip}
624 get_param: NovaPassword
626 host: {get_input: controller_virtual_ip}
628 get_param: RabbitUserName
630 get_param: RabbitPassword
637 - {server: {get_param: NtpServer}, fudge: "stratum 0"}
640 - vrrp_instance_name: VI_CONTROL
641 virtual_router_id: 51
643 get_param: ControlVirtualInterface
646 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
648 get_param: ControlVirtualInterface
649 - vrrp_instance_name: VI_PUBLIC
650 virtual_router_id: 52
652 get_param: PublicVirtualInterface
655 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
657 get_param: PublicVirtualInterface
665 get_param: PublicVirtualInterface
669 ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
671 get_param: ControlVirtualInterface
673 ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
675 get_param: PublicVirtualInterface
680 ip: {get_attr: [controller0, networks, ctlplane, 0]}
681 name: {get_attr: [controller0, show, name]}
683 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
685 - name: keystone_admin
687 net_binds: &public_binds
688 - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
689 - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
690 - name: keystone_public
692 net_binds: *public_binds
695 net_binds: *public_binds
698 net_binds: *public_binds
701 net_binds: *public_binds
704 net_binds: *public_binds
705 - name: glance_registry
707 net_binds: *public_binds
710 net_binds: *public_binds
711 - name: heat_cloudwatch
713 net_binds: *public_binds
716 net_binds: *public_binds
728 net_binds: *public_binds
729 - name: nova_metadata
731 net_binds: *public_binds
734 net_binds: *public_binds
735 - name: swift_proxy_server
737 net_binds: *public_binds
743 controllerPassthrough:
744 type: OS::Heat::StructuredConfig
746 group: os-apply-config
747 config: {get_input: passthrough_config}
748 controllerPassthroughSpecific:
749 type: OS::Heat::StructuredConfig
751 group: os-apply-config
752 config: {get_input: passthrough_config_specific}
754 type: OS::Nova::Server
757 get_param: controllerImage
759 get_param: ImageUpdatePolicy
761 get_param: OvercloudControlFlavor
766 user_data_format: SOFTWARE_CONFIG
767 controller0AllNodesDeployment:
768 depends_on: [controller0Deployment,controller0SSLDeployment,controller0Swift,controller0PassthroughSpecific]
769 type: OS::Heat::StructuredDeployment
771 signal_transport: {get_param: DefaultSignalTransport}
772 config: {get_resource: allNodesConfig}
773 server: {get_resource: controller0}
774 controller0Deployment:
775 type: OS::Heat::StructuredDeployment
777 signal_transport: NO_SIGNAL
778 config: {get_resource: controllerConfig}
779 server: {get_resource: controller0}
781 bootstack_nodeid: {get_attr: [controller0, show, name]}
782 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
783 controller_virtual_ip:
784 {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
785 heat.watch_server_url:
789 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
791 heat.metadata_server_url:
795 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
797 heat.waitcondition_server_url:
801 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
802 - ':8000/v1/waitcondition'
804 type: OS::Heat::StructuredConfig
807 completion-signal: {get_input: deploy_signal_id}
817 - - {get_attr: [NovaCompute0, networks, ctlplane, 0]}
818 - {get_attr: [NovaCompute0, show, name]}
821 - - {get_attr: [NovaCompute0, show, name]}
829 - - {get_attr: [BlockStorage0, networks, ctlplane, 0]}
830 - {get_attr: [BlockStorage0, show, name]}
833 - - {get_attr: [BlockStorage0, show, name]}
841 - - {get_attr: [SwiftStorage0, networks, ctlplane, 0]}
842 - {get_attr: [SwiftStorage0, show, name]}
845 - - {get_attr: [SwiftStorage0, show, name]}
853 - - {get_attr: [controller0, networks, ctlplane, 0]}
854 - {get_attr: [controller0, show, name]}
857 - - {get_attr: [controller0, show, name]}
859 - {get_param: CloudName}
866 {get_attr: [controller0, show, name]}
867 controller0SSLDeployment:
868 type: OS::Heat::StructuredDeployment
870 config: {get_resource: SSLConfig}
871 server: {get_resource: controller0}
872 signal_transport: NO_SIGNAL
874 controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
875 ssl_certificate: {get_param: SSLCertificate}
876 ssl_key: {get_param: SSLKey}
877 ssl_ca_certificate: {get_param: SSLCACertificate}
878 controller0Passthrough:
879 type: OS::Heat::StructuredDeployment
881 config: {get_resource: controllerPassthrough}
882 server: {get_resource: controller0}
883 signal_transport: NO_SIGNAL
885 passthrough_config: {get_param: ExtraConfig}
886 controller0PassthroughSpecific:
887 depends_on: [controller0Passthrough]
888 type: OS::Heat::StructuredDeployment
890 config: {get_resource: controllerPassthroughSpecific}
891 server: {get_resource: controller0}
892 signal_transport: NO_SIGNAL
894 passthrough_config_specific: {get_param: controllerExtraConfig}
897 description: URL for the Overcloud Keystone service
902 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}