1 heat_template_version: 2014-10-16
4 Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
5 server,Dedicated RabbitMQ Server,Group of Nova Computes
8 # TODO(shadower): we should probably use the parameter groups to put
12 # Common parameters (not specific to a role)
15 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
18 CeilometerMeteringSecret:
20 description: Secret shared by the ceilometer services.
25 description: The password for the ceilometer service account.
30 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
34 description: Should be used for arbitrary ips.
38 description: Set to True to enable debugging on all services.
40 DefaultSignalTransport:
42 description: Transport to use for software-config signals.
45 - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
48 description: Glance port.
52 description: Protocol to use when connecting to glance, set to https for SSL.
55 default: 'REBUILD_PRESERVE_EPHEMERAL'
56 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
60 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
63 - custom_constraint: nova.keypair
64 NeutronBridgeMappings:
66 The OVS logical->physical bridge mappings to use. See the Neutron
67 documentation for details. Defaults to mapping br-ex - the external
68 bridge on hosts - to a physical name 'datacentre' which can be used
69 to create provider networks (and we use this for the default floating
70 network) - if changing this either use different post-install network
71 scripts or be sure to keep 'datacentre' as a mapping network name.
73 default: "datacentre:br-ex"
74 NeutronControlPlaneID:
77 description: Neutron ID for ctlplane network.
78 NeutronEnableTunnelling:
85 If set, flat networks to configure in neutron plugins. Defaults to
86 'datacentre' to permit external network creation.
89 description: The tenant network type for Neutron, either gre or vxlan.
93 description: The password for the neutron service account, used by neutron agents.
96 NeutronPublicInterface:
98 description: What interface to bridge onto br-ex for network nodes.
100 NeutronPublicInterfaceTag:
103 VLAN tag for creating a public VLAN. The tag will be used to
104 create an access port on the exterior bridge for each control plane node,
105 and that port will be given the IP address returned by neutron from the
106 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
107 overcloud.yaml to include the deployment of VLAN ports to the control
113 The tunnel types for the Neutron tenant network. To specify multiple
114 values, use a comma separated string, like so: 'gre,vxlan'
118 description: The password for the nova service account, used by nova-api.
124 PublicVirtualFixedIPs:
127 Control the IP allocation for the PublicVirtualInterface port. E.g.
128 [{'ip_address':'1.2.3.4'}]
130 PublicVirtualNetwork:
134 Neutron network to allocate public virtual IP port on.
138 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
141 description: The username for RabbitMQ
145 description: The password for RabbitMQ
148 SnmpdReadonlyUserName:
149 default: ro_snmp_user
150 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
152 SnmpdReadonlyUserPassword:
154 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
159 # Controller-specific params
162 description: The keystone auth secret.
165 CinderLVMLoopDeviceSize:
167 description: The size of the loopback file used by the cinder LVM driver.
171 description: The password for the cinder service account, used by cinder-api.
176 description: The iSCSI helper to use with cinder.
181 controllerExtraConfig:
184 Controller specific configuration to inject into the cluster. Same
185 structure as ExtraConfig.
189 default: overcloud-control
191 - custom_constraint: glance.image
192 OvercloudControlFlavor:
194 description: Flavor for control nodes to request when deploying.
197 - custom_constraint: nova.flavor
198 ControlVirtualInterface:
200 description: Interface where virtual ip will be assigned.
205 Additional configuration to inject into the cluster. The JSON should have
206 the following structure:
209 [{"section": "SECTIONNAME",
211 [{"option": "OPTIONNAME",
222 [{"section": "default",
224 [{"option": "force_config_drive",
231 [{"option": "driver",
232 "value": "nova.cells.rpc_driver.CellsRPCDriver"
241 description: The filepath of the file to use for logging messages from Glance.
244 GlanceNotifierStrategy:
245 description: Strategy to use for Glance notification queue
250 description: The password for the glance service account, used by the glance services.
255 description: The password for the Heat service account, used by the Heat services.
258 HeatStackDomainAdminPassword:
259 description: Password for heat_domain_admin user.
263 KeystoneCACertificate:
265 description: Keystone self-signed certificate authority certificate.
267 KeystoneSigningCertificate:
269 description: Keystone certificate for verifying token validity.
273 description: Keystone key for signing tokens.
276 MysqlInnodbBufferPoolSize:
278 Specifies the size of the buffer pool in megabytes. Setting to
279 zero should be interpreted as "no value" and will defer to the
283 NeutronDnsmasqOptions:
284 default: 'dhcp-option-force=26,1400'
285 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
287 NeutronPublicInterfaceDefaultRoute:
289 description: A custom default route for the NeutronPublicInterface.
291 NeutronPublicInterfaceIP:
293 description: A custom IP address to put onto the NeutronPublicInterface.
295 NeutronPublicInterfaceRawDevice:
297 description: If set, the public interface is a vlan with this device as the raw device.
299 PublicVirtualInterface:
302 Specifies the interface where the public-facing virtual ip will be assigned.
303 This should be int_public when a VLAN is being used.
307 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
312 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
317 description: If set, the contents of an SSL certificate authority file.
321 description: A random string to be used as a salt when hashing to determine mappings in the ring.
326 description: The password for the swift service account, used by the swift proxy services.
331 description: Partition Power to use when building Swift rings
336 description: How many replicas to use in the swift rings.
338 # Compute-specific params
339 CeilometerComputeAgent:
340 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
344 - allowed_values: ['', Present]
348 HypervisorNeutronPhysicalBridge:
351 An OVS bridge to create on each hypervisor. This defaults to br-ex the
352 same as the control plane nodes, as we have a uniform configuration of
353 the openvswitch agent. Typically should not need to be changed.
355 HypervisorNeutronPublicInterface:
357 description: What interface to add to the HypervisorNeutronPhysicalBridge.
359 LiveUpdateComputeImage:
361 description: The image ID for live-updates to the overcloud compute nodes.
365 description: The IP address for the undercloud Glance API.
370 description: The live-update password for the undercloud Glance API.
372 LiveUpdateTenantName:
374 description: The live-update tenant name for the undercloud Glance API.
378 description: The live-update username for the undercloud Glance API.
380 NeutronNetworkVLANRanges:
381 default: 'datacentre'
383 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
384 Neutron documentation for permitted values. Defaults to permitting any
385 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
389 default: libvirt.LibvirtDriver
390 NovaComputeExtraConfig:
393 NovaCompute specific configuration to inject into the cluster. Same
394 structure as ExtraConfig.
396 NovaComputeLibvirtType:
401 default: overcloud-compute
403 - custom_constraint: glance.image
404 OvercloudComputeFlavor:
405 description: Use this flavor
409 - custom_constraint: nova.flavor
411 # Block storage specific parameters
416 default: overcloud-cinder-volume
418 OvercloudBlockStorageFlavor:
420 description: Flavor for block storage nodes to request when deploying.
423 # Object storage specific parameters
427 OvercloudSwiftStorageFlavor:
429 description: Flavor for Swift storage nodes to request when deploying.
432 default: overcloud-swift-storage
438 type: OS::Heat::ResourceGroup
440 count: {get_param: ControllerCount}
442 type: OS::TripleO::Controller
444 AdminPassword: {get_param: AdminPassword}
445 AdminToken: {get_param: AdminToken}
446 CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
447 CeilometerPassword: {get_param: CeilometerPassword}
448 CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
449 CinderPassword: {get_param: CinderPassword}
450 CinderISCSIHelper: {get_param: CinderISCSIHelper}
451 CloudName: {get_param: CloudName}
452 ControlVirtualInterface: {get_param: ControlVirtualInterface}
453 ControllerExtraConfig: {get_param: controllerExtraConfig}
454 ExtraConfig: {get_param: ExtraConfig}
455 Flavor: {get_param: OvercloudControlFlavor}
456 GlancePort: {get_param: GlancePort}
457 GlanceProtocol: {get_param: GlanceProtocol}
458 GlancePassword: {get_param: GlancePassword}
459 GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy}
460 GlanceLogFile: {get_param: GlanceLogFile}
461 HeatPassword: {get_param: HeatPassword}
462 HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword}
463 Image: {get_param: controllerImage}
464 ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
465 KeyName: {get_param: KeyName}
466 KeystoneCACertificate: {get_param: KeystoneCACertificate}
467 KeystoneSigningCertificate: {get_param: KeystoneSigningCertificate}
468 KeystoneSigningKey: {get_param: KeystoneSigningKey}
469 MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
470 MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize}
471 MysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
472 NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP}
473 NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
474 NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
475 NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
476 NeutronPublicInterface: {get_param: NeutronPublicInterface}
477 NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
478 NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
479 NeutronPassword: {get_param: NeutronPassword}
480 NeutronDnsmasqOptions: {get_param: NeutronDnsmasqOptions}
481 NovaPassword: {get_param: NovaPassword}
482 NtpServer: {get_param: NtpServer}
483 PublicVirtualInterface: {get_param: PublicVirtualInterface}
484 RabbitUserName: {get_param: RabbitUserName}
485 RabbitPassword: {get_param: RabbitPassword}
486 RabbitCookie: {get_attr: [RabbitCookie, value]}
487 SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
488 SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
489 SSLCertificate: {get_param: SSLCertificate}
490 SSLKey: {get_param: SSLKey}
491 SSLCACertificate: {get_param: SSLCACertificate}
492 SwiftHashSuffix: {get_param: SwiftHashSuffix}
493 SwiftPartPower: {get_param: SwiftPartPower}
494 SwiftPassword: {get_param: SwiftPassword}
495 SwiftReplicas: { get_param: SwiftReplicas}
496 VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
497 PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
500 type: OS::Heat::ResourceGroup
502 count: {get_param: ComputeCount}
504 type: OS::TripleO::Compute
506 AdminPassword: {get_param: AdminPassword}
507 CeilometerComputeAgent: {get_param: CeilometerComputeAgent}
508 CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
509 CeilometerPassword: {get_param: CeilometerPassword}
510 ExtraConfig: {get_param: ExtraConfig}
511 Flavor: {get_param: OvercloudComputeFlavor}
512 GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
513 GlancePort: {get_param: GlancePort}
514 GlanceProtocol: {get_param: GlanceProtocol}
515 Image: {get_param: NovaImage}
516 ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
517 KeyName: {get_param: KeyName}
518 KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
519 LiveUpdateComputeImage: {get_param: LiveUpdateComputeImage}
520 LiveUpdateHost: {get_param: LiveUpdateHost}
521 LiveUpdatePassword: {get_param: LiveUpdatePassword}
522 LiveUpdateTenantName: {get_param: LiveUpdateTenantName}
523 LiveUpdateUserName: {get_param: LiveUpdateUserName}
524 NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
525 NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
526 NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
527 NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
528 NeutronNetworkType: {get_param: NeutronNetworkType}
529 NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
530 NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
531 NeutronPassword: {get_param: NeutronPassword}
532 NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge}
533 NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface}
534 NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
535 NovaComputeDriver: {get_param: NovaComputeDriver}
536 NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
537 NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
538 NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
539 NovaPassword: {get_param: NovaPassword}
540 NtpServer: {get_param: NtpServer}
541 RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
542 RabbitPassword: {get_param: RabbitPassword}
543 RabbitUserName: {get_param: RabbitUserName}
544 SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
545 SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
549 - - mysql://nova:unset@
550 - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
555 - - mysql://ceilometer:unset@
556 - *compute_database_host
561 - - mysql://neutron:unset@
562 - *compute_database_host
566 type: OS::Heat::ResourceGroup
568 count: {get_param: BlockStorageCount}
570 type: OS::TripleO::BlockStorage
572 AdminPassword: {get_param: AdminPassword}
573 Image: {get_param: BlockStorageImage}
574 CinderISCSIHelper: {get_param: CinderISCSIHelper}
575 CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
576 CinderPassword: {get_param: CinderPassword}
577 ControllerIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
578 KeyName: {get_param: KeyName}
579 NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
580 NeutronNetworkType: {get_param: NeutronNetworkType}
581 NeutronPassword: {get_param: NeutronPassword}
582 NeutronPublicInterface: {get_param: NeutronPublicInterface}
583 Flavor: {get_param: OvercloudBlockStorageFlavor}
584 RabbitPassword: {get_param: RabbitPassword}
585 RabbitUserName: {get_param: RabbitUserName}
588 type: OS::Heat::ResourceGroup
590 count: {get_param: ObjectStorageCount}
592 type: OS::TripleO::ObjectStorage
594 ControllerIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
595 KeyName: {get_param: KeyName}
596 NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
597 NeutronNetworkType: {get_param: NeutronNetworkType}
598 Flavor: {get_param: OvercloudSwiftStorageFlavor}
599 HashSuffix: {get_param: SwiftHashSuffix}
600 PartPower: {get_param: SwiftPartPower}
601 Password: {get_param: SwiftPassword}
602 Image: {get_param: SwiftStorageImage}
603 Replicas: { get_param: SwiftReplicas}
607 type: OS::Heat::StructuredConfig
610 completion-signal: {get_input: deploy_signal_id}
616 - {get_attr: [Compute, hosts_entry]}
619 - {get_attr: [Controller, hosts_entry]}
622 - {get_attr: [BlockStorage, hosts_entry]}
625 - {get_attr: [ObjectStorage, hosts_entry]}
630 - {get_attr: [Controller, hostname]}
633 type: OS::Heat::RandomString
637 MysqlClusterUniquePart:
638 type: OS::Heat::RandomString
643 type: OS::Heat::RandomString
646 salt: {get_param: RabbitCookieSalt}
649 type: OS::Neutron::Port
651 name: control_virtual_ip
652 network_id: {get_param: NeutronControlPlaneID}
653 fixed_ips: {get_param: ControlFixedIPs}
654 replacement_policy: AUTO
657 type: OS::Neutron::Port
659 name: public_virtual_ip
660 network: {get_param: PublicVirtualNetwork}
661 fixed_ips: {get_param: PublicVirtualFixedIPs}
662 replacement_policy: AUTO
664 ControllerBootstrapNodeConfig:
665 type: OS::Heat::StructuredConfig
667 group: os-apply-config
670 bootstrap_nodeid: {get_attr: [Controller, resource.0.hostname]}
672 ControllerBootstrapNodeDeployment:
673 type: OS::Heat::StructuredDeployments
675 config: {get_resource: ControllerBootstrapNodeConfig}
676 servers: {get_attr: [Controller, attributes, nova_server_resource]}
677 signal_transport: NO_SIGNAL
679 ControllerSwiftDeployment:
680 type: OS::Heat::StructuredDeployments
682 config: {get_resource: SwiftDevicesAndProxyConfig}
683 servers: {get_attr: [Controller, attributes, nova_server_resource]}
684 signal_transport: NO_SIGNAL
686 ObjectStorageSwiftDeployment:
687 type: OS::Heat::StructuredDeployments
689 config: {get_resource: SwiftDevicesAndProxyConfig}
690 servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
691 signal_transport: NO_SIGNAL
693 SwiftDevicesAndProxyConfig:
694 type: OS::Heat::StructuredConfig
696 group: os-apply-config
704 - {get_attr: [Controller, swift_device]}
707 - {get_attr: [ObjectStorage, swift_device]}
711 - {get_attr: [Controller, swift_proxy_memcache]}
713 ControllerClusterConfig:
714 type: OS::Heat::StructuredConfig
718 nodes: {get_attr: [Controller, corosync_node]}
722 nodes: {get_attr: [Controller, hostname]}
724 nodes: {get_attr: [Controller, corosync_node]}
726 nodes: {get_attr: [Controller, corosync_node]}
728 ControllerClusterDeployment:
729 type: OS::Heat::StructuredDeployments
731 config: {get_resource: ControllerClusterConfig}
732 servers: {get_attr: [Controller, attributes, nova_server_resource]}
733 signal_transport: NO_SIGNAL
735 ControllerAllNodesDeployment:
736 type: OS::Heat::StructuredDeployments
738 config: {get_resource: allNodesConfig}
739 servers: {get_attr: [Controller, attributes, nova_server_resource]}
741 ComputeAllNodesDeployment:
742 type: OS::Heat::StructuredDeployments
744 config: {get_resource: allNodesConfig}
745 servers: {get_attr: [Compute, attributes, nova_server_resource]}
750 description: URL for the Overcloud Keystone service
755 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}