1 heat_template_version: 2014-10-16
4 Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
5 server,Dedicated RabbitMQ Server,Group of Nova Computes
8 # TODO(shadower): we should probably use the parameter groups to put
12 # Common parameters (not specific to a role)
15 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
18 CeilometerMeteringSecret:
20 description: Secret shared by the ceilometer services.
25 description: The password for the ceilometer service account.
30 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
34 description: Should be used for arbitrary ips.
38 description: Set to True to enable debugging on all services.
40 DefaultSignalTransport:
42 description: Transport to use for software-config signals.
45 - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
48 description: Glance port.
52 description: Protocol to use when connecting to glance, set to https for SSL.
55 default: 'REBUILD_PRESERVE_EPHEMERAL'
56 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
60 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
63 - custom_constraint: nova.keypair
64 NeutronBridgeMappings:
66 The OVS logical->physical bridge mappings to use. See the Neutron
67 documentation for details. Defaults to mapping br-ex - the external
68 bridge on hosts - to a physical name 'datacentre' which can be used
69 to create provider networks (and we use this for the default floating
70 network) - if changing this either use different post-install network
71 scripts or be sure to keep 'datacentre' as a mapping network name.
73 default: "datacentre:br-ex"
74 NeutronControlPlaneID:
77 description: Neutron ID for ctlplane network.
78 NeutronEnableTunnelling:
85 If set, flat networks to configure in neutron plugins. Defaults to
86 'datacentre' to permit external network creation.
89 description: The tenant network type for Neutron, either gre or vxlan.
93 description: The password for the neutron service account, used by neutron agents.
96 NeutronPublicInterface:
98 description: What interface to bridge onto br-ex for network nodes.
100 NeutronPublicInterfaceTag:
103 VLAN tag for creating a public VLAN. The tag will be used to
104 create an access port on the exterior bridge for each control plane node,
105 and that port will be given the IP address returned by neutron from the
106 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
107 overcloud.yaml to include the deployment of VLAN ports to the control
110 NeutronComputeAgentMode:
112 description: Agent mode for the neutron-l3-agent on the compute hosts
116 description: Agent mode for the neutron-l3-agent on the controller hosts
120 description: Whether to configure Neutron Distributed Virtual Routers
122 NeutronMetadataProxySharedSecret:
124 description: Shared secret to prevent spoofing
129 The tunnel types for the Neutron tenant network. To specify multiple
130 values, use a comma separated string, like so: 'gre,vxlan'
132 NeutronMechanismDrivers:
133 default: 'openvswitch'
135 The mechanism drivers for the Neutron tenant network. To specify multiple
136 values, use a comma separated string, like so: 'openvswitch,l2_population'
138 NeutronAllowL3AgentFailover:
140 description: Allow automatic l3-agent failover
144 description: The password for the nova service account, used by nova-api.
150 PublicVirtualFixedIPs:
153 Control the IP allocation for the PublicVirtualInterface port. E.g.
154 [{'ip_address':'1.2.3.4'}]
156 PublicVirtualNetwork:
160 Neutron network to allocate public virtual IP port on.
164 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
167 description: The username for RabbitMQ
171 description: The password for RabbitMQ
177 Rabbit client subscriber parameter to specify
178 an SSL connection to the RabbitMQ host.
182 description: Set rabbit subscriber port, change this if using SSL
184 SnmpdReadonlyUserName:
185 default: ro_snmp_user
186 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
188 SnmpdReadonlyUserPassword:
190 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
195 # Controller-specific params
198 description: The keystone auth secret.
201 CinderLVMLoopDeviceSize:
203 description: The size of the loopback file used by the cinder LVM driver.
207 description: The password for the cinder service account, used by cinder-api.
212 description: The iSCSI helper to use with cinder.
217 controllerExtraConfig:
220 Controller specific configuration to inject into the cluster. Same
221 structure as ExtraConfig.
225 default: overcloud-control
227 - custom_constraint: glance.image
228 OvercloudControlFlavor:
229 description: Flavor for control nodes to request when deploying.
232 - custom_constraint: nova.flavor
233 ControlVirtualInterface:
235 description: Interface where virtual ip will be assigned.
240 Additional configuration to inject into the cluster. The JSON should have
241 the following structure:
244 [{"section": "SECTIONNAME",
246 [{"option": "OPTIONNAME",
257 [{"section": "default",
259 [{"option": "force_config_drive",
266 [{"option": "driver",
267 "value": "nova.cells.rpc_driver.CellsRPCDriver"
276 description: The filepath of the file to use for logging messages from Glance.
279 GlanceNotifierStrategy:
280 description: Strategy to use for Glance notification queue
285 description: The password for the glance service account, used by the glance services.
290 description: The password for the Heat service account, used by the Heat services.
293 HeatStackDomainAdminPassword:
294 description: Password for heat_domain_admin user.
298 KeystoneCACertificate:
300 description: Keystone self-signed certificate authority certificate.
302 KeystoneSigningCertificate:
304 description: Keystone certificate for verifying token validity.
308 description: Keystone key for signing tokens.
311 KeystoneSSLCertificate:
313 description: Keystone certificate for verifying token validity.
315 KeystoneSSLCertificateKey:
317 description: Keystone key for signing tokens.
320 MysqlInnodbBufferPoolSize:
322 Specifies the size of the buffer pool in megabytes. Setting to
323 zero should be interpreted as "no value" and will defer to the
327 NeutronDnsmasqOptions:
328 default: 'dhcp-option-force=26,1400'
329 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
331 NeutronPublicInterfaceDefaultRoute:
333 description: A custom default route for the NeutronPublicInterface.
335 NeutronPublicInterfaceIP:
337 description: A custom IP address to put onto the NeutronPublicInterface.
339 NeutronPublicInterfaceRawDevice:
341 description: If set, the public interface is a vlan with this device as the raw device.
343 PublicVirtualInterface:
346 Specifies the interface where the public-facing virtual ip will be assigned.
347 This should be int_public when a VLAN is being used.
351 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
356 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
361 description: If set, the contents of an SSL certificate authority file.
365 description: A random string to be used as a salt when hashing to determine mappings in the ring.
370 description: The password for the swift service account, used by the swift proxy services.
375 description: Partition Power to use when building Swift rings
380 description: How many replicas to use in the swift rings.
382 # Compute-specific params
383 CeilometerComputeAgent:
384 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
388 - allowed_values: ['', Present]
392 HypervisorNeutronPhysicalBridge:
395 An OVS bridge to create on each hypervisor. This defaults to br-ex the
396 same as the control plane nodes, as we have a uniform configuration of
397 the openvswitch agent. Typically should not need to be changed.
399 HypervisorNeutronPublicInterface:
401 description: What interface to add to the HypervisorNeutronPhysicalBridge.
403 NeutronNetworkVLANRanges:
404 default: 'datacentre'
406 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
407 Neutron documentation for permitted values. Defaults to permitting any
408 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
412 default: libvirt.LibvirtDriver
413 NovaComputeExtraConfig:
416 NovaCompute specific configuration to inject into the cluster. Same
417 structure as ExtraConfig.
419 NovaComputeLibvirtType:
424 default: overcloud-compute
426 - custom_constraint: glance.image
427 OvercloudComputeFlavor:
428 description: Use this flavor
431 - custom_constraint: nova.flavor
433 # Block storage specific parameters
438 default: overcloud-cinder-volume
440 OvercloudBlockStorageFlavor:
441 description: Flavor for block storage nodes to request when deploying.
444 - custom_constraint: nova.flavor
446 # Object storage specific parameters
450 OvercloudSwiftStorageFlavor:
451 description: Flavor for Swift storage nodes to request when deploying.
454 - custom_constraint: nova.flavor
456 default: overcloud-swift-storage
462 type: OS::Heat::ResourceGroup
464 count: {get_param: ControllerCount}
466 type: OS::TripleO::Controller
468 AdminPassword: {get_param: AdminPassword}
469 AdminToken: {get_param: AdminToken}
470 CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
471 CeilometerPassword: {get_param: CeilometerPassword}
472 CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
473 CinderPassword: {get_param: CinderPassword}
474 CinderISCSIHelper: {get_param: CinderISCSIHelper}
475 CloudName: {get_param: CloudName}
476 ControlVirtualInterface: {get_param: ControlVirtualInterface}
477 ControllerExtraConfig: {get_param: controllerExtraConfig}
478 ExtraConfig: {get_param: ExtraConfig}
479 Flavor: {get_param: OvercloudControlFlavor}
480 GlancePort: {get_param: GlancePort}
481 GlanceProtocol: {get_param: GlanceProtocol}
482 GlancePassword: {get_param: GlancePassword}
483 GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy}
484 GlanceLogFile: {get_param: GlanceLogFile}
485 HeatPassword: {get_param: HeatPassword}
486 HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword}
487 Image: {get_param: controllerImage}
488 ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
489 KeyName: {get_param: KeyName}
490 KeystoneCACertificate: {get_param: KeystoneCACertificate}
491 KeystoneSigningCertificate: {get_param: KeystoneSigningCertificate}
492 KeystoneSigningKey: {get_param: KeystoneSigningKey}
493 KeystoneSSLCertificate: {get_param: KeystoneSSLCertificate}
494 KeystoneSSLCertificateKey: {get_param: KeystoneSSLCertificateKey}
495 MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
496 MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize}
497 MysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
498 NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP}
499 NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
500 NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
501 NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
502 NeutronPublicInterface: {get_param: NeutronPublicInterface}
503 NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
504 NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
505 NeutronPassword: {get_param: NeutronPassword}
506 NeutronDnsmasqOptions: {get_param: NeutronDnsmasqOptions}
507 NeutronDVR: {get_param: NeutronDVR}
508 NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
509 NeutronAgentMode: {get_param: NeutronAgentMode}
510 NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
511 NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
512 NeutronNetworkType: {get_param: NeutronNetworkType}
513 NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
514 NovaPassword: {get_param: NovaPassword}
515 NtpServer: {get_param: NtpServer}
516 PublicVirtualInterface: {get_param: PublicVirtualInterface}
517 RabbitUserName: {get_param: RabbitUserName}
518 RabbitPassword: {get_param: RabbitPassword}
519 RabbitCookie: {get_attr: [RabbitCookie, value]}
520 RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
521 RabbitClientPort: {get_param: RabbitClientPort}
522 SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
523 SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
524 SSLCertificate: {get_param: SSLCertificate}
525 SSLKey: {get_param: SSLKey}
526 SSLCACertificate: {get_param: SSLCACertificate}
527 SwiftHashSuffix: {get_param: SwiftHashSuffix}
528 SwiftPartPower: {get_param: SwiftPartPower}
529 SwiftPassword: {get_param: SwiftPassword}
530 SwiftReplicas: { get_param: SwiftReplicas}
531 VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
532 PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
535 type: OS::Heat::ResourceGroup
537 count: {get_param: ComputeCount}
539 type: OS::TripleO::Compute
541 AdminPassword: {get_param: AdminPassword}
542 CeilometerComputeAgent: {get_param: CeilometerComputeAgent}
543 CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
544 CeilometerPassword: {get_param: CeilometerPassword}
545 ExtraConfig: {get_param: ExtraConfig}
546 Flavor: {get_param: OvercloudComputeFlavor}
547 GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
548 GlancePort: {get_param: GlancePort}
549 GlanceProtocol: {get_param: GlanceProtocol}
550 Image: {get_param: NovaImage}
551 ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
552 KeyName: {get_param: KeyName}
553 KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
554 NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
555 NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
556 NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
557 NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
558 NeutronNetworkType: {get_param: NeutronNetworkType}
559 NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
560 NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
561 NeutronPassword: {get_param: NeutronPassword}
562 NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge}
563 NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface}
564 NeutronDVR: {get_param: NeutronDVR}
565 NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
566 NeutronAgentMode: {get_param: NeutronComputeAgentMode}
567 NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
568 NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
569 NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
570 NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
571 NovaComputeDriver: {get_param: NovaComputeDriver}
572 NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
573 NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
574 NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
575 NovaPassword: {get_param: NovaPassword}
576 NtpServer: {get_param: NtpServer}
577 RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
578 RabbitPassword: {get_param: RabbitPassword}
579 RabbitUserName: {get_param: RabbitUserName}
580 SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
581 SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
584 type: OS::Heat::ResourceGroup
586 count: {get_param: BlockStorageCount}
588 type: OS::TripleO::BlockStorage
590 AdminPassword: {get_param: AdminPassword}
591 Image: {get_param: BlockStorageImage}
592 CinderISCSIHelper: {get_param: CinderISCSIHelper}
593 CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
594 CinderPassword: {get_param: CinderPassword}
595 VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
596 KeyName: {get_param: KeyName}
597 Flavor: {get_param: OvercloudBlockStorageFlavor}
598 RabbitPassword: {get_param: RabbitPassword}
599 RabbitUserName: {get_param: RabbitUserName}
602 type: OS::Heat::ResourceGroup
604 count: {get_param: ObjectStorageCount}
606 type: OS::TripleO::ObjectStorage
608 ControllerIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
609 KeyName: {get_param: KeyName}
610 NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
611 NeutronNetworkType: {get_param: NeutronNetworkType}
612 Flavor: {get_param: OvercloudSwiftStorageFlavor}
613 HashSuffix: {get_param: SwiftHashSuffix}
614 PartPower: {get_param: SwiftPartPower}
615 Password: {get_param: SwiftPassword}
616 Image: {get_param: SwiftStorageImage}
617 Replicas: { get_param: SwiftReplicas}
621 type: OS::Heat::StructuredConfig
624 completion-signal: {get_input: deploy_signal_id}
630 - {get_attr: [Compute, hosts_entry]}
633 - {get_attr: [Controller, hosts_entry]}
636 - {get_attr: [BlockStorage, hosts_entry]}
639 - {get_attr: [ObjectStorage, hosts_entry]}
644 - {get_attr: [Controller, hostname]}
646 net.ipv4.tcp_keepalive_time: 5
647 net.ipv4.tcp_keepalive_probes: 5
648 net.ipv4.tcp_keepalive_intvl: 1
651 type: OS::Heat::RandomString
655 MysqlClusterUniquePart:
656 type: OS::Heat::RandomString
661 type: OS::Heat::RandomString
664 salt: {get_param: RabbitCookieSalt}
667 type: OS::Neutron::Port
669 name: control_virtual_ip
670 network_id: {get_param: NeutronControlPlaneID}
671 fixed_ips: {get_param: ControlFixedIPs}
672 replacement_policy: AUTO
675 type: OS::Neutron::Port
677 name: public_virtual_ip
678 network: {get_param: PublicVirtualNetwork}
679 fixed_ips: {get_param: PublicVirtualFixedIPs}
680 replacement_policy: AUTO
682 ControllerBootstrapNodeConfig:
683 type: OS::Heat::StructuredConfig
685 group: os-apply-config
688 bootstrap_nodeid: {get_attr: [Controller, resource.0.hostname]}
690 ControllerBootstrapNodeDeployment:
691 type: OS::Heat::StructuredDeployments
693 config: {get_resource: ControllerBootstrapNodeConfig}
694 servers: {get_attr: [Controller, attributes, nova_server_resource]}
695 signal_transport: NO_SIGNAL
697 ControllerSwiftDeployment:
698 type: OS::Heat::StructuredDeployments
700 config: {get_resource: SwiftDevicesAndProxyConfig}
701 servers: {get_attr: [Controller, attributes, nova_server_resource]}
702 signal_transport: NO_SIGNAL
704 ObjectStorageSwiftDeployment:
705 type: OS::Heat::StructuredDeployments
707 config: {get_resource: SwiftDevicesAndProxyConfig}
708 servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
709 signal_transport: NO_SIGNAL
711 SwiftDevicesAndProxyConfig:
712 type: OS::Heat::StructuredConfig
714 group: os-apply-config
722 - {get_attr: [Controller, swift_device]}
725 - {get_attr: [ObjectStorage, swift_device]}
729 - {get_attr: [Controller, swift_proxy_memcache]}
731 ControllerClusterConfig:
732 type: OS::Heat::StructuredConfig
736 nodes: {get_attr: [Controller, corosync_node]}
740 nodes: {get_attr: [Controller, hostname]}
742 nodes: {get_attr: [Controller, corosync_node]}
744 nodes: {get_attr: [Controller, corosync_node]}
746 ControllerClusterDeployment:
747 type: OS::Heat::StructuredDeployments
749 config: {get_resource: ControllerClusterConfig}
750 servers: {get_attr: [Controller, attributes, nova_server_resource]}
751 signal_transport: NO_SIGNAL
753 ControllerAllNodesDeployment:
754 type: OS::Heat::StructuredDeployments
756 config: {get_resource: allNodesConfig}
757 servers: {get_attr: [Controller, attributes, nova_server_resource]}
759 ComputeAllNodesDeployment:
760 type: OS::Heat::StructuredDeployments
762 config: {get_resource: allNodesConfig}
763 servers: {get_attr: [Compute, attributes, nova_server_resource]}
768 description: URL for the Overcloud Keystone service
773 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}