1 heat_template_version: 2014-10-16
4 Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
5 server,Dedicated RabbitMQ Server,Group of Nova Computes
8 # TODO(shadower): we should probably use the parameter groups to put
12 # Common parameters (not specific to a role)
15 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
18 CeilometerMeteringSecret:
20 description: Secret shared by the ceilometer services.
25 description: The password for the ceilometer service account.
30 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
34 description: Should be used for arbitrary ips.
38 description: Set to True to enable debugging on all services.
40 DefaultSignalTransport:
42 description: Transport to use for software-config signals.
45 - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
48 description: Glance port.
52 description: Protocol to use when connecting to glance, set to https for SSL.
55 default: 'REBUILD_PRESERVE_EPHEMERAL'
56 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
60 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
62 NeutronBridgeMappings:
64 The OVS logical->physical bridge mappings to use. See the Neutron
65 documentation for details. Defaults to mapping br-ex - the external
66 bridge on hosts - to a physical name 'datacentre' which can be used
67 to create provider networks (and we use this for the default floating
68 network) - if changing this either use different post-install network
69 scripts or be sure to keep 'datacentre' as a mapping network name.
71 default: "datacentre:br-ex"
72 NeutronControlPlaneID:
75 description: Neutron ID for ctlplane network.
76 NeutronEnableTunnelling:
83 If set, flat networks to configure in neutron plugins. Defaults to
84 'datacentre' to permit external network creation.
87 description: The tenant network type for Neutron, either gre or vxlan.
91 description: The password for the neutron service account, used by neutron agents.
94 NeutronPublicInterface:
96 description: What interface to bridge onto br-ex for network nodes.
98 NeutronPublicInterfaceTag:
101 VLAN tag for creating a public VLAN. The tag will be used to
102 create an access port on the exterior bridge for each control plane node,
103 and that port will be given the IP address returned by neutron from the
104 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
105 overcloud.yaml to include the deployment of VLAN ports to the control
111 The tunnel types for the Neutron tenant network. To specify multiple
112 values, use a comma separated string, like so: 'gre,vxlan'
116 description: The password for the nova service account, used by nova-api.
122 PublicVirtualFixedIPs:
125 Control the IP allocation for the PublicVirtualInterface port. E.g.
126 [{'ip_address':'1.2.3.4'}]
128 PublicVirtualNetwork:
132 Neutron network to allocate public virtual IP port on.
136 description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
139 description: The username for RabbitMQ
143 description: The password for RabbitMQ
146 SnmpdReadonlyUserName:
147 default: ro_snmp_user
148 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
150 SnmpdReadonlyUserPassword:
152 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
157 # Controller-specific params
160 description: The keystone auth secret.
163 CinderLVMLoopDeviceSize:
165 description: The size of the loopback file used by the cinder LVM driver.
169 description: The password for the cinder service account, used by cinder-api.
174 description: The iSCSI helper to use with cinder.
179 controllerExtraConfig:
182 Controller specific configuration to inject into the cluster. Same
183 structure as ExtraConfig.
187 default: overcloud-control
188 OvercloudControlFlavor:
190 description: Flavor for control nodes to request when deploying.
192 ControlVirtualInterface:
194 description: Interface where virtual ip will be assigned.
199 Additional configuration to inject into the cluster. The JSON should have
200 the following structure:
203 [{"section": "SECTIONNAME",
205 [{"option": "OPTIONNAME",
216 [{"section": "default",
218 [{"option": "force_config_drive",
225 [{"option": "driver",
226 "value": "nova.cells.rpc_driver.CellsRPCDriver"
235 description: The filepath of the file to use for logging messages from Glance.
238 GlanceNotifierStrategy:
239 description: Strategy to use for Glance notification queue
244 description: The password for the glance service account, used by the glance services.
249 description: The password for the Heat service account, used by the Heat services.
252 HeatStackDomainAdminPassword:
253 description: Password for heat_domain_admin user.
257 KeystoneCACertificate:
259 description: Keystone self-signed certificate authority certificate.
261 KeystoneSigningCertificate:
263 description: Keystone certificate for verifying token validity.
267 description: Keystone key for signing tokens.
270 MysqlInnodbBufferPoolSize:
272 Specifies the size of the buffer pool in megabytes. Setting to
273 zero should be interpreted as "no value" and will defer to the
277 NeutronDnsmasqOptions:
278 default: 'dhcp-option-force=26,1400'
279 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
281 NeutronPublicInterfaceDefaultRoute:
283 description: A custom default route for the NeutronPublicInterface.
285 NeutronPublicInterfaceIP:
287 description: A custom IP address to put onto the NeutronPublicInterface.
289 NeutronPublicInterfaceRawDevice:
291 description: If set, the public interface is a vlan with this device as the raw device.
293 PublicVirtualInterface:
296 Specifies the interface where the public-facing virtual ip will be assigned.
297 This should be int_public when a VLAN is being used.
301 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
306 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
311 description: If set, the contents of an SSL certificate authority file.
315 description: A random string to be used as a salt when hashing to determine mappings in the ring.
320 description: The password for the swift service account, used by the swift proxy services.
325 description: Partition Power to use when building Swift rings
330 description: How many replicas to use in the swift rings.
332 # Compute-specific params
333 CeilometerComputeAgent:
334 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
338 - allowed_values: ['', Present]
342 HypervisorNeutronPhysicalBridge:
345 An OVS bridge to create on each hypervisor. This defaults to br-ex the
346 same as the control plane nodes, as we have a uniform configuration of
347 the openvswitch agent. Typically should not need to be changed.
349 HypervisorNeutronPublicInterface:
351 description: What interface to add to the HypervisorNeutronPhysicalBridge.
353 LiveUpdateComputeImage:
355 description: The image ID for live-updates to the overcloud compute nodes.
359 description: The IP address for the undercloud Glance API.
364 description: The live-update password for the undercloud Glance API.
366 LiveUpdateTenantName:
368 description: The live-update tenant name for the undercloud Glance API.
372 description: The live-update username for the undercloud Glance API.
374 NeutronNetworkVLANRanges:
375 default: 'datacentre'
377 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
378 Neutron documentation for permitted values. Defaults to permitting any
379 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
383 default: libvirt.LibvirtDriver
384 NovaComputeExtraConfig:
387 NovaCompute specific configuration to inject into the cluster. Same
388 structure as ExtraConfig.
390 NovaComputeLibvirtType:
395 default: overcloud-compute
396 OvercloudComputeFlavor:
397 description: Use this flavor
405 type: OS::Heat::ResourceGroup
407 count: {get_param: ControllerCount}
409 type: OS::TripleO::Controller
411 AdminPassword: {get_param: AdminPassword}
412 AdminToken: {get_param: AdminToken}
413 CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
414 CeilometerPassword: {get_param: CeilometerPassword}
415 CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
416 CinderPassword: {get_param: CinderPassword}
417 CinderISCSIHelper: {get_param: CinderISCSIHelper}
418 CloudName: {get_param: CloudName}
419 ControlVirtualInterface: {get_param: ControlVirtualInterface}
420 ControllerExtraConfig: {get_param: controllerExtraConfig}
421 ExtraConfig: {get_param: ExtraConfig}
422 Flavor: {get_param: OvercloudControlFlavor}
423 GlancePort: {get_param: GlancePort}
424 GlanceProtocol: {get_param: GlanceProtocol}
425 GlancePassword: {get_param: GlancePassword}
426 GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy}
427 GlanceLogFile: {get_param: GlanceLogFile}
428 HeatPassword: {get_param: HeatPassword}
429 HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword}
430 Image: {get_param: controllerImage}
431 ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
432 KeyName: {get_param: KeyName}
433 KeystoneCACertificate: {get_param: KeystoneCACertificate}
434 KeystoneSigningCertificate: {get_param: KeystoneSigningCertificate}
435 KeystoneSigningKey: {get_param: KeystoneSigningKey}
436 MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
437 MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize}
438 MysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
439 NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP}
440 NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
441 NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
442 NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
443 NeutronPublicInterface: {get_param: NeutronPublicInterface}
444 NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
445 NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
446 NeutronPassword: {get_param: NeutronPassword}
447 NeutronDnsmasqOptions: {get_param: NeutronDnsmasqOptions}
448 NovaPassword: {get_param: NovaPassword}
449 NtpServer: {get_param: NtpServer}
450 PublicVirtualInterface: {get_param: PublicVirtualInterface}
451 RabbitUserName: {get_param: RabbitUserName}
452 RabbitPassword: {get_param: RabbitPassword}
453 RabbitCookie: {get_attr: [RabbitCookie, value]}
454 SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
455 SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
456 SSLCertificate: {get_param: SSLCertificate}
457 SSLKey: {get_param: SSLKey}
458 SSLCACertificate: {get_param: SSLCACertificate}
459 VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
460 PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
463 type: OS::Heat::ResourceGroup
465 count: {get_param: ComputeCount}
467 type: OS::TripleO::Compute
469 AdminPassword: {get_param: AdminPassword}
470 CeilometerComputeAgent: {get_param: CeilometerComputeAgent}
471 CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
472 CeilometerPassword: {get_param: CeilometerPassword}
473 ExtraConfig: {get_param: ExtraConfig}
474 Flavor: {get_param: OvercloudComputeFlavor}
475 GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
476 GlancePort: {get_param: GlancePort}
477 GlanceProtocol: {get_param: GlanceProtocol}
478 Image: {get_param: NovaImage}
479 ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
480 KeyName: {get_param: KeyName}
481 KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
482 LiveUpdateComputeImage: {get_param: LiveUpdateComputeImage}
483 LiveUpdateHost: {get_param: LiveUpdateHost}
484 LiveUpdatePassword: {get_param: LiveUpdatePassword}
485 LiveUpdateTenantName: {get_param: LiveUpdateTenantName}
486 LiveUpdateUserName: {get_param: LiveUpdateUserName}
487 NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
488 NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
489 NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
490 NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
491 NeutronNetworkType: {get_param: NeutronNetworkType}
492 NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
493 NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
494 NeutronPassword: {get_param: NeutronPassword}
495 NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge}
496 NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface}
497 NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
498 NovaComputeDriver: {get_param: NovaComputeDriver}
499 NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
500 NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
501 NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
502 NovaPassword: {get_param: NovaPassword}
503 NtpServer: {get_param: NtpServer}
504 RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
505 RabbitPassword: {get_param: RabbitPassword}
506 RabbitUserName: {get_param: RabbitUserName}
507 SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
508 SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
512 - - mysql://nova:unset@
513 - &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
518 - - mysql://ceilometer:unset@
519 - *compute_database_host
524 - - mysql://neutron:unset@
525 - *compute_database_host
529 type: OS::Heat::StructuredConfig
532 completion-signal: {get_input: deploy_signal_id}
538 - {get_attr: [Compute, hosts_entry]}
541 - {get_attr: [Controller, hosts_entry]}
542 # TODO: ADD BLOCK STORAGE ENTRY HERE
543 # TODO: ADD SWIFT STORAGE ENTRY HERE
548 - {get_attr: [Controller, hostname]}
551 type: OS::Heat::RandomString
555 MysqlClusterUniquePart:
556 type: OS::Heat::RandomString
561 type: OS::Heat::RandomString
564 salt: {get_param: RabbitCookieSalt}
567 type: OS::Neutron::Port
569 name: control_virtual_ip
570 network_id: {get_param: NeutronControlPlaneID}
571 fixed_ips: {get_param: ControlFixedIPs}
574 type: OS::Neutron::Port
576 name: public_virtual_ip
577 network: {get_param: PublicVirtualNetwork}
578 fixed_ips: {get_param: PublicVirtualFixedIPs}
580 ControllerBootstrapNodeConfig:
581 type: OS::Heat::StructuredConfig
583 group: os-apply-config
586 bootstrap_nodeid: {get_attr: [Controller, resource.0.hostname]}
588 ControllerBootstrapNodeDeployment:
589 type: OS::Heat::StructuredDeployments
591 config: {get_resource: ControllerBootstrapNodeConfig}
592 servers: {get_attr: [Controller, attributes, nova_server_resource]}
593 signal_transport: NO_SIGNAL
595 ControllerSwiftDeployment:
596 type: OS::Heat::StructuredDeployments
598 config: {get_resource: ControllerSwiftConfig}
599 servers: {get_attr: [Controller, attributes, nova_server_resource]}
600 signal_transport: NO_SIGNAL
602 swift_hash_suffix: {get_param: SwiftHashSuffix}
603 swift_password: {get_param: SwiftPassword}
604 swift_part_power: {get_param: SwiftPartPower}
605 swift_replicas: { get_param: SwiftReplicas}
607 ControllerSwiftConfig:
608 type: OS::Heat::StructuredConfig
610 group: os-apply-config
618 - {get_attr: [Controller, swift_device]}
621 # TODO: replace the empty list with this:
622 # - {get_attr: [ObjectStorage, swift_device]}
623 # Once we have the swift/object-storage role
625 hash: { get_input: swift_hash_suffix }
626 part-power: { get_input: swift_part_power }
630 - {get_attr: [Controller, swift_proxy_memcache]}
631 replicas: {get_input: swift_replicas }
632 service-password: { get_input: swift_password }
634 ControllerClusterConfig:
635 type: OS::Heat::StructuredConfig
639 nodes: {get_attr: [Controller, corosync_node]}
643 nodes: {get_attr: [Controller, hostname]}
645 nodes: {get_attr: [Controller, corosync_node]}
647 nodes: {get_attr: [Controller, corosync_node]}
649 ControllerClusterDeployment:
650 type: OS::Heat::StructuredDeployments
652 config: {get_resource: ControllerClusterConfig}
653 servers: {get_attr: [Controller, attributes, nova_server_resource]}
654 signal_transport: NO_SIGNAL
656 ControllerAllNodesDeployment:
657 type: OS::Heat::StructuredDeployments
659 config: {get_resource: allNodesConfig}
660 servers: {get_attr: [Controller, attributes, nova_server_resource]}
662 ComputeAllNodesDeployment:
663 type: OS::Heat::StructuredDeployments
665 config: {get_resource: allNodesConfig}
666 servers: {get_attr: [Compute, attributes, nova_server_resource]}
671 description: URL for the Overcloud Keystone service
676 - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}