1 heat_template_version: 2014-10-16
4 Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
5 server,Dedicated RabbitMQ Server,Group of Nova Computes
8 # TODO(shadower): we should probably use the parameter groups to put
12 # Common parameters (not specific to a role)
15 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
18 CeilometerMeteringSecret:
20 description: Secret shared by the ceilometer services.
25 description: The password for the ceilometer service account.
30 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
34 description: Should be used for arbitrary ips.
38 description: Set to True to enable debugging on all services.
40 DefaultSignalTransport:
42 description: Transport to use for software-config signals.
45 - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
48 description: Glance port.
52 description: Protocol to use when connecting to glance, set to https for SSL.
55 default: 'REBUILD_PRESERVE_EPHEMERAL'
56 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
60 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
63 - custom_constraint: nova.keypair
64 NeutronBridgeMappings:
66 The OVS logical->physical bridge mappings to use. See the Neutron
67 documentation for details. Defaults to mapping br-ex - the external
68 bridge on hosts - to a physical name 'datacentre' which can be used
69 to create provider networks (and we use this for the default floating
70 network) - if changing this either use different post-install network
71 scripts or be sure to keep 'datacentre' as a mapping network name.
73 default: "datacentre:br-ex"
74 NeutronControlPlaneID:
77 description: Neutron ID for ctlplane network.
78 NeutronEnableTunnelling:
85 If set, flat networks to configure in neutron plugins. Defaults to
86 'datacentre' to permit external network creation.
89 description: The tenant network type for Neutron, either gre or vxlan.
93 description: The password for the neutron service account, used by neutron agents.
96 NeutronPublicInterface:
98 description: What interface to bridge onto br-ex for network nodes.
100 NeutronPublicInterfaceTag:
103 VLAN tag for creating a public VLAN. The tag will be used to
104 create an access port on the exterior bridge for each control plane node,
105 and that port will be given the IP address returned by neutron from the
106 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
107 overcloud.yaml to include the deployment of VLAN ports to the control
110 NeutronComputeAgentMode:
112 description: Agent mode for the neutron-l3-agent on the compute hosts
116 description: Agent mode for the neutron-l3-agent on the controller hosts
120 description: Whether to configure Neutron Distributed Virtual Routers
122 NeutronMetadataProxySharedSecret:
124 description: Shared secret to prevent spoofing
129 The tunnel types for the Neutron tenant network. To specify multiple
130 values, use a comma separated string, like so: 'gre,vxlan'
132 NeutronMechanismDrivers:
133 default: 'openvswitch'
135 The mechanism drivers for the Neutron tenant network. To specify multiple
136 values, use a comma separated string, like so: 'openvswitch,l2_population'
138 NeutronAllowL3AgentFailover:
140 description: Allow automatic l3-agent failover
144 description: Whether to enable l3-agent HA
148 description: The password for the nova service account, used by nova-api.
154 PublicVirtualFixedIPs:
157 Control the IP allocation for the PublicVirtualInterface port. E.g.
158 [{'ip_address':'1.2.3.4'}]
160 PublicVirtualNetwork:
164 Neutron network to allocate public virtual IP port on.
168 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
171 description: The username for RabbitMQ
175 description: The password for RabbitMQ
181 Rabbit client subscriber parameter to specify
182 an SSL connection to the RabbitMQ host.
186 description: Set rabbit subscriber port, change this if using SSL
188 SnmpdReadonlyUserName:
189 default: ro_snmp_user
190 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
192 SnmpdReadonlyUserPassword:
194 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
200 description: The Ceph cluster FSID.
203 description: The Ceph monitors key.
207 description: The Ceph admin client key.
210 # Controller-specific params
213 description: The keystone auth secret.
216 CinderLVMLoopDeviceSize:
218 description: The size of the loopback file used by the cinder LVM driver.
222 description: The password for the cinder service account, used by cinder-api.
227 description: The iSCSI helper to use with cinder.
232 controllerExtraConfig:
235 Controller specific configuration to inject into the cluster. Same
236 structure as ExtraConfig.
240 default: overcloud-control
242 - custom_constraint: glance.image
243 OvercloudControlFlavor:
244 description: Flavor for control nodes to request when deploying.
247 - custom_constraint: nova.flavor
248 ControlVirtualInterface:
250 description: Interface where virtual ip will be assigned.
255 Additional configuration to inject into the cluster. The JSON should have
256 the following structure:
259 [{"section": "SECTIONNAME",
261 [{"option": "OPTIONNAME",
272 [{"section": "default",
274 [{"option": "force_config_drive",
281 [{"option": "driver",
282 "value": "nova.cells.rpc_driver.CellsRPCDriver"
291 description: The filepath of the file to use for logging messages from Glance.
294 GlanceNotifierStrategy:
295 description: Strategy to use for Glance notification queue
300 description: The password for the glance service account, used by the glance services.
305 description: The password for the Heat service account, used by the Heat services.
308 HeatStackDomainAdminPassword:
309 description: Password for heat_domain_admin user.
313 KeystoneCACertificate:
315 description: Keystone self-signed certificate authority certificate.
317 KeystoneSigningCertificate:
319 description: Keystone certificate for verifying token validity.
323 description: Keystone key for signing tokens.
326 KeystoneSSLCertificate:
328 description: Keystone certificate for verifying token validity.
330 KeystoneSSLCertificateKey:
332 description: Keystone key for signing tokens.
335 MysqlInnodbBufferPoolSize:
337 Specifies the size of the buffer pool in megabytes. Setting to
338 zero should be interpreted as "no value" and will defer to the
342 NeutronDnsmasqOptions:
343 default: 'dhcp-option-force=26,1400'
344 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
346 NeutronPublicInterfaceDefaultRoute:
348 description: A custom default route for the NeutronPublicInterface.
350 NeutronPublicInterfaceIP:
352 description: A custom IP address to put onto the NeutronPublicInterface.
354 NeutronPublicInterfaceRawDevice:
356 description: If set, the public interface is a vlan with this device as the raw device.
358 PublicVirtualInterface:
361 Specifies the interface where the public-facing virtual ip will be assigned.
362 This should be int_public when a VLAN is being used.
366 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
371 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
376 description: If set, the contents of an SSL certificate authority file.
380 description: A random string to be used as a salt when hashing to determine mappings in the ring.
385 description: The password for the swift service account, used by the swift proxy services.
390 description: Value of mount_check in Swift account/container/object -server.conf
395 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
398 description: Partition Power to use when building Swift rings
403 description: How many replicas to use in the swift rings.
405 # Compute-specific params
406 CeilometerComputeAgent:
407 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
411 - allowed_values: ['', Present]
415 HypervisorNeutronPhysicalBridge:
418 An OVS bridge to create on each hypervisor. This defaults to br-ex the
419 same as the control plane nodes, as we have a uniform configuration of
420 the openvswitch agent. Typically should not need to be changed.
422 HypervisorNeutronPublicInterface:
424 description: What interface to add to the HypervisorNeutronPhysicalBridge.
426 NeutronNetworkVLANRanges:
427 default: 'datacentre'
429 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
430 Neutron documentation for permitted values. Defaults to permitting any
431 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
435 default: libvirt.LibvirtDriver
436 NovaComputeExtraConfig:
439 NovaCompute specific configuration to inject into the cluster. Same
440 structure as ExtraConfig.
442 NovaComputeLibvirtType:
447 default: overcloud-compute
449 - custom_constraint: glance.image
450 OvercloudComputeFlavor:
451 description: Use this flavor
454 - custom_constraint: nova.flavor
456 # Block storage specific parameters
461 default: overcloud-cinder-volume
463 OvercloudBlockStorageFlavor:
464 description: Flavor for block storage nodes to request when deploying.
467 - custom_constraint: nova.flavor
469 # Object storage specific parameters
473 OvercloudSwiftStorageFlavor:
474 description: Flavor for Swift storage nodes to request when deploying.
477 - custom_constraint: nova.flavor
479 default: overcloud-swift-storage
482 # Ceph storage specific parameters
487 default: overcloud-ceph-storage
489 OvercloudCephStorageFlavor:
491 description: Flavor for Ceph storage nodes to request when deploying.
497 type: OS::Heat::ResourceGroup
499 count: {get_param: ControllerCount}
501 type: OS::TripleO::Controller
503 AdminPassword: {get_param: AdminPassword}
504 AdminToken: {get_param: AdminToken}
505 CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
506 CeilometerPassword: {get_param: CeilometerPassword}
507 CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
508 CinderPassword: {get_param: CinderPassword}
509 CinderISCSIHelper: {get_param: CinderISCSIHelper}
510 CloudName: {get_param: CloudName}
511 ControlVirtualInterface: {get_param: ControlVirtualInterface}
512 ControllerExtraConfig: {get_param: controllerExtraConfig}
513 ExtraConfig: {get_param: ExtraConfig}
514 Flavor: {get_param: OvercloudControlFlavor}
515 GlancePort: {get_param: GlancePort}
516 GlanceProtocol: {get_param: GlanceProtocol}
517 GlancePassword: {get_param: GlancePassword}
518 GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy}
519 GlanceLogFile: {get_param: GlanceLogFile}
520 HeatPassword: {get_param: HeatPassword}
521 HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword}
522 Image: {get_param: controllerImage}
523 ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
524 KeyName: {get_param: KeyName}
525 KeystoneCACertificate: {get_param: KeystoneCACertificate}
526 KeystoneSigningCertificate: {get_param: KeystoneSigningCertificate}
527 KeystoneSigningKey: {get_param: KeystoneSigningKey}
528 KeystoneSSLCertificate: {get_param: KeystoneSSLCertificate}
529 KeystoneSSLCertificateKey: {get_param: KeystoneSSLCertificateKey}
530 MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
531 MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize}
532 MysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
533 NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP}
534 NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
535 NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
536 NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
537 NeutronPublicInterface: {get_param: NeutronPublicInterface}
538 NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
539 NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
540 NeutronPassword: {get_param: NeutronPassword}
541 NeutronDnsmasqOptions: {get_param: NeutronDnsmasqOptions}
542 NeutronDVR: {get_param: NeutronDVR}
543 NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
544 NeutronAgentMode: {get_param: NeutronAgentMode}
545 NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
546 NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
547 NeutronL3HA: {get_param: NeutronL3HA}
548 NeutronNetworkType: {get_param: NeutronNetworkType}
549 NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
550 NovaPassword: {get_param: NovaPassword}
551 NtpServer: {get_param: NtpServer}
552 PublicVirtualInterface: {get_param: PublicVirtualInterface}
553 RabbitUserName: {get_param: RabbitUserName}
554 RabbitPassword: {get_param: RabbitPassword}
555 RabbitCookie: {get_attr: [RabbitCookie, value]}
556 RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
557 RabbitClientPort: {get_param: RabbitClientPort}
558 SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
559 SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
560 SSLCertificate: {get_param: SSLCertificate}
561 SSLKey: {get_param: SSLKey}
562 SSLCACertificate: {get_param: SSLCACertificate}
563 SwiftHashSuffix: {get_param: SwiftHashSuffix}
564 SwiftMountCheck: {get_param: SwiftMountCheck}
565 SwiftMinPartHours: {get_param: SwiftMinPartHours}
566 SwiftPartPower: {get_param: SwiftPartPower}
567 SwiftPassword: {get_param: SwiftPassword}
568 SwiftReplicas: { get_param: SwiftReplicas}
569 VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
570 PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
573 type: OS::Heat::ResourceGroup
575 count: {get_param: ComputeCount}
577 type: OS::TripleO::Compute
579 AdminPassword: {get_param: AdminPassword}
580 CeilometerComputeAgent: {get_param: CeilometerComputeAgent}
581 CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
582 CeilometerPassword: {get_param: CeilometerPassword}
583 ExtraConfig: {get_param: ExtraConfig}
584 Flavor: {get_param: OvercloudComputeFlavor}
585 GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
586 GlancePort: {get_param: GlancePort}
587 GlanceProtocol: {get_param: GlanceProtocol}
588 Image: {get_param: NovaImage}
589 ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
590 KeyName: {get_param: KeyName}
591 KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
592 NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
593 NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
594 NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
595 NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
596 NeutronNetworkType: {get_param: NeutronNetworkType}
597 NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
598 NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
599 NeutronPassword: {get_param: NeutronPassword}
600 NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge}
601 NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface}
602 NeutronDVR: {get_param: NeutronDVR}
603 NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
604 NeutronAgentMode: {get_param: NeutronComputeAgentMode}
605 NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
606 NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
607 NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
608 NeutronL3HA: {get_param: NeutronL3HA}
609 NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
610 NovaComputeDriver: {get_param: NovaComputeDriver}
611 NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
612 NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
613 NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
614 NovaPassword: {get_param: NovaPassword}
615 NtpServer: {get_param: NtpServer}
616 RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
617 RabbitPassword: {get_param: RabbitPassword}
618 RabbitUserName: {get_param: RabbitUserName}
619 SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
620 SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
623 type: OS::Heat::ResourceGroup
625 count: {get_param: BlockStorageCount}
627 type: OS::TripleO::BlockStorage
629 Image: {get_param: BlockStorageImage}
630 CinderISCSIHelper: {get_param: CinderISCSIHelper}
631 CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
632 VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
633 KeyName: {get_param: KeyName}
634 Flavor: {get_param: OvercloudBlockStorageFlavor}
635 RabbitPassword: {get_param: RabbitPassword}
636 RabbitUserName: {get_param: RabbitUserName}
637 NtpServer: {get_param: NtpServer}
640 type: OS::Heat::ResourceGroup
642 count: {get_param: ObjectStorageCount}
644 type: OS::TripleO::ObjectStorage
646 KeyName: {get_param: KeyName}
647 Flavor: {get_param: OvercloudSwiftStorageFlavor}
648 HashSuffix: {get_param: SwiftHashSuffix}
649 MountCheck: {get_param: SwiftMountCheck}
650 MinPartHours: {get_param: SwiftMinPartHours}
651 PartPower: {get_param: SwiftPartPower}
652 Image: {get_param: SwiftStorageImage}
653 Replicas: { get_param: SwiftReplicas}
654 NtpServer: {get_param: NtpServer}
657 type: OS::Heat::ResourceGroup
659 count: {get_param: CephStorageCount}
661 type: OS::TripleO::CephStorage
663 Image: {get_param: CephStorageImage}
664 KeyName: {get_param: KeyName}
665 Flavor: {get_param: OvercloudCephStorageFlavor}
666 CephClusterFSID: {get_param: CephClusterFSID}
667 CephMonKey: {get_param: CephMonKey}
668 CephAdminKey: {get_param: CephAdminKey}
669 CephMonitors: {get_attr: [Controller, corosync_node]}
672 type: OS::TripleO::AllNodes::SoftwareConfig
674 compute_hosts: {get_attr: [Compute, hosts_entry]}
675 controller_hosts: {get_attr: [Controller, hosts_entry]}
676 block_storage_hosts: {get_attr: [BlockStorage, hosts_entry]}
677 object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]}
678 ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]}
679 controller_names: {get_attr: [Controller, hostname]}
682 type: OS::Heat::RandomString
686 MysqlClusterUniquePart:
687 type: OS::Heat::RandomString
692 type: OS::Heat::RandomString
695 salt: {get_param: RabbitCookieSalt}
698 type: OS::Neutron::Port
700 name: control_virtual_ip
701 network_id: {get_param: NeutronControlPlaneID}
702 fixed_ips: {get_param: ControlFixedIPs}
703 replacement_policy: AUTO
706 type: OS::Neutron::Port
708 name: public_virtual_ip
709 network: {get_param: PublicVirtualNetwork}
710 fixed_ips: {get_param: PublicVirtualFixedIPs}
711 replacement_policy: AUTO
713 ControllerBootstrapNodeConfig:
714 type: OS::TripleO::BootstrapNode::SoftwareConfig
716 bootstrap_nodeid: {get_attr: [Controller, resource.0.hostname]}
718 ControllerBootstrapNodeDeployment:
719 type: OS::Heat::StructuredDeployments
721 config: {get_attr: [ControllerBootstrapNodeConfig, config_id]}
722 servers: {get_attr: [Controller, attributes, nova_server_resource]}
723 signal_transport: NO_SIGNAL
725 ControllerSwiftDeployment:
726 type: OS::Heat::StructuredDeployments
728 config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
729 servers: {get_attr: [Controller, attributes, nova_server_resource]}
730 signal_transport: NO_SIGNAL
732 ObjectStorageSwiftDeployment:
733 type: OS::Heat::StructuredDeployments
735 config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
736 servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
737 signal_transport: NO_SIGNAL
739 SwiftDevicesAndProxyConfig:
740 type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig
742 controller_swift_devices: {get_attr: [Controller, swift_device]}
743 object_store_swift_devices: {get_attr: [ObjectStorage, swift_device]}
744 controller_swift_proxy_memcaches: {get_attr: [Controller, swift_proxy_memcache]}
746 ControllerClusterConfig:
747 type: OS::Heat::StructuredConfig
751 nodes: {get_attr: [Controller, corosync_node]}
755 nodes: {get_attr: [Controller, hostname]}
757 nodes: {get_attr: [Controller, corosync_node]}
759 nodes: {get_attr: [Controller, corosync_node]}
761 ControllerClusterDeployment:
762 type: OS::Heat::StructuredDeployments
764 config: {get_resource: ControllerClusterConfig}
765 servers: {get_attr: [Controller, attributes, nova_server_resource]}
766 signal_transport: NO_SIGNAL
768 ControllerAllNodesDeployment:
769 type: OS::Heat::StructuredDeployments
771 config: {get_attr: [allNodesConfig, config_id]}
772 servers: {get_attr: [Controller, attributes, nova_server_resource]}
774 ComputeAllNodesDeployment:
775 type: OS::Heat::StructuredDeployments
777 config: {get_attr: [allNodesConfig, config_id]}
778 servers: {get_attr: [Compute, attributes, nova_server_resource]}
780 # Nested stack deployment runs after all other controller deployments
781 ControllerNodesPostDeployment:
782 type: OS::TripleO::ControllerPostDeployment
783 depends_on: [ControllerBootstrapNodeDeployment, ControllerAllNodesDeployment, ControllerSwiftDeployment]
785 servers: {get_attr: [Controller, attributes, nova_server_resource]}
787 ComputeNodesPostDeployment:
788 type: OS::TripleO::ComputePostDeployment
789 depends_on: ComputeAllNodesDeployment
791 servers: {get_attr: [Compute, attributes, nova_server_resource]}
793 ObjectStorageNodesPostDeployment:
794 type: OS::TripleO::ObjectStoragePostDeployment
795 depends_on: ObjectStorageSwiftDeployment
797 servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
801 description: URL for the Overcloud Keystone service
806 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
Code Review / apex-tripleo-heat-templates.git / blob