1 heat_template_version: 2015-04-30
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
72 NeutronBridgeMappings:
74 The OVS logical->physical bridge mappings to use. See the Neutron
75 documentation for details. Defaults to mapping br-ex - the external
76 bridge on hosts - to a physical name 'datacentre' which can be used
77 to create provider networks (and we use this for the default floating
78 network) - if changing this either use different post-install network
79 scripts or be sure to keep 'datacentre' as a mapping network name.
81 default: "datacentre:br-ex"
82 NeutronEnableTunnelling:
88 Enable/disable the L2 population feature in the Neutron agents.
94 If set, flat networks to configure in neutron plugins.
97 default: '' # Has to be here because of the ignored empty value bug
100 description: The tenant network type for Neutron, either gre or vxlan.
102 NeutronNetworkVLANRanges:
103 default: 'datacentre'
105 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
106 Neutron documentation for permitted values. Defaults to permitting any
107 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
108 type: comma_delimited_list
110 description: The password for the neutron service account, used by neutron agents.
113 NeutronPhysicalBridge:
115 description: An OVS bridge to create for accessing external networks.
117 NeutronPublicInterface:
119 description: A port to add to the NeutronPhysicalBridge.
124 The tunnel types for the Neutron tenant network. To specify multiple
125 values, use a comma separated string, like so: 'gre,vxlan'
127 NeutronTunnelIdRanges:
129 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
130 of GRE tunnel IDs that are available for tenant network allocation
131 default: ["1:1000", ]
132 type: comma_delimited_list
135 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
136 of VXLAN VNI IDs that are available for tenant network allocation
137 default: ["1:1000", ]
138 type: comma_delimited_list
139 NeutronPublicInterfaceRawDevice:
145 NeutronMetadataProxySharedSecret:
146 description: Shared secret to prevent spoofing
152 The core plugin for Neutron. The value should be the entrypoint to be loaded
153 from neutron.core_plugins namespace.
155 NeutronServicePlugins:
158 Comma-separated list of service plugin entrypoints to be loaded from the
159 neutron.service_plugins namespace.
160 type: comma_delimited_list
162 default: "vxlan,vlan,flat,gre"
164 Comma-separated list of network type driver entrypoints to be loaded.
165 type: comma_delimited_list
166 NeutronMechanismDrivers:
167 default: 'openvswitch'
169 The mechanism drivers for the Neutron tenant network. To specify multiple
170 values, use a comma separated string, like so: 'openvswitch,l2_population'
172 # Not relevant for Computes, should be removed
173 NeutronAllowL3AgentFailover:
175 description: Allow automatic l3-agent failover
177 # Not relevant for Computes, should be removed
180 description: Whether to enable l3-agent HA
184 description: Agent mode for the neutron-l3-agent on the controller hosts
188 default: '' # Has to be here because of the ignored empty value bug
191 default: libvirt.LibvirtDriver
192 NovaComputeExtraConfig:
195 NovaCompute specific configuration to inject into the cluster. Same
196 structure as ExtraConfig.
198 NovaComputeLibvirtType:
201 NovaComputeLibvirtVifDriver:
203 description: Libvirt VIF driver configuration for the network
205 NovaEnableRbdBackend:
207 description: Whether to enable or not the Rbd backend for Nova
210 description: The password for the nova service account, used by nova-api.
215 default: '' # Has to be here because of the ignored empty value bug
218 description: Name of integration bridge used by Open vSwitch
220 NovaSecurityGroupAPI:
222 description: The full class name of the security API class
226 description: Comma-separated list of ntp servers
227 type: comma_delimited_list
230 default: '' # Has to be here because of the ignored empty value bug
233 description: The password for RabbitMQ
238 description: The username for RabbitMQ
243 Rabbit client subscriber parameter to specify
244 an SSL connection to the RabbitMQ host.
248 description: Set rabbit subscriber port, change this if using SSL
250 SnmpdReadonlyUserName:
251 default: ro_snmp_user
252 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
254 SnmpdReadonlyUserPassword:
255 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
258 EnablePackageInstall:
260 description: Set to true to enable package installation via Puppet
264 description: Mapping of service_name -> network name. Typically set
265 via parameter_defaults in the resource registry.
269 description: Mapping of service endpoint -> protocol. Typically set
270 via parameter_defaults in the resource registry.
276 Setting to a previously unused value during stack-update will trigger
277 package update on all nodes
280 default: '' # Defaults to Heat created hostname
281 NetworkDeploymentActions:
282 type: comma_delimited_list
284 Heat action when to apply network configuration changes
290 The DNS domain used for the hosts. This should match the dhcp_domain
291 configured in the Undercloud neutron. Defaults to localdomain.
296 Extra properties or metadata passed to Nova for the created nodes in
297 the overcloud. It's accessible via the Nova metadata API.
303 type: OS::Nova::Server
308 get_param: ImageUpdatePolicy
309 flavor: {get_param: Flavor}
310 key_name: {get_param: KeyName}
313 user_data_format: SOFTWARE_CONFIG
314 user_data: {get_resource: UserData}
315 name: {get_param: Hostname}
316 metadata: {get_param: ServerMetadata}
318 # Combine the NodeAdminUserData and NodeUserData mime archives
320 type: OS::Heat::MultipartMime
323 - config: {get_resource: NodeAdminUserData}
325 - config: {get_resource: NodeUserData}
328 # Creates the "heat-admin" user if configured via the environment
329 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
331 type: OS::TripleO::NodeAdminUserData
333 # For optional operator additional userdata
334 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
336 type: OS::TripleO::NodeUserData
339 type: OS::TripleO::Compute::Ports::InternalApiPort
341 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
344 type: OS::TripleO::Compute::Ports::StoragePort
346 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
349 type: OS::TripleO::Compute::Ports::TenantPort
351 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
354 type: OS::TripleO::Network::Ports::NetIpMap
356 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
357 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
358 StorageIp: {get_attr: [StoragePort, ip_address]}
359 TenantIp: {get_attr: [TenantPort, ip_address]}
362 type: OS::TripleO::Compute::Net::SoftwareConfig
364 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
365 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
366 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
367 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
370 type: OS::TripleO::SoftwareDeployment
372 config: {get_resource: NetworkConfig}
373 server: {get_resource: NovaCompute}
374 actions: {get_param: NetworkDeploymentActions}
376 bridge_name: {get_param: NeutronPhysicalBridge}
377 interface_name: {get_param: NeutronPublicInterface}
380 type: OS::Heat::StructuredConfig
382 group: os-apply-config
387 - heat_config_%{::deploy_config_name}
388 - compute_extraconfig
391 - ceph_cluster # provided by CephClusterConfig
393 - all_nodes # provided by allNodesConfig
396 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
397 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
400 mapped_data: {get_param: NovaComputeExtraConfig}
402 mapped_data: {get_param: ExtraConfig}
404 raw_data: {get_file: hieradata/common.yaml}
406 raw_data: {get_file: hieradata/ceph.yaml}
408 raw_data: {get_file: hieradata/compute.yaml}
410 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
411 nova::debug: {get_input: debug}
412 nova::rabbit_userid: {get_input: rabbit_username}
413 nova::rabbit_password: {get_input: rabbit_password}
414 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
415 nova::rabbit_port: {get_input: rabbit_client_port}
416 nova_compute_driver: {get_input: nova_compute_driver}
417 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
418 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
419 nova_api_host: {get_input: nova_api_host}
420 nova::compute::vncproxy_host: {get_input: nova_public_ip}
421 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
422 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
423 nova_password: {get_input: nova_password}
424 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
425 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
426 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
427 ceilometer::debug: {get_input: debug}
428 ceilometer::rabbit_userid: {get_input: rabbit_username}
429 ceilometer::rabbit_password: {get_input: rabbit_password}
430 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
431 ceilometer::rabbit_port: {get_input: rabbit_client_port}
432 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
433 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
434 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
435 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
436 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
437 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
438 nova::glance_api_servers: {get_input: glance_api_servers}
439 neutron::debug: {get_input: debug}
440 neutron::rabbit_password: {get_input: rabbit_password}
441 neutron::rabbit_user: {get_input: rabbit_username}
442 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
443 neutron::rabbit_port: {get_input: rabbit_client_port}
444 neutron_flat_networks: {get_input: neutron_flat_networks}
445 neutron_host: {get_input: neutron_host}
446 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
448 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
449 neutron_tunnel_types: {get_input: neutron_tunnel_types}
450 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
451 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
452 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
453 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
454 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
455 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
456 neutron_physical_bridge: {get_input: neutron_physical_bridge}
457 neutron_public_interface: {get_input: neutron_public_interface}
458 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
459 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
460 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
461 neutron_router_distributed: {get_input: neutron_router_distributed}
462 neutron_agent_mode: {get_input: neutron_agent_mode}
463 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
464 neutron::core_plugin: {get_input: neutron_core_plugin}
465 neutron::service_plugins: {get_input: neutron_service_plugins}
466 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
467 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
468 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
469 keystone_public_api_virtual_ip: {get_input: keystone_vip}
470 admin_password: {get_input: admin_password}
471 ntp::servers: {get_input: ntp_servers}
472 tripleo::packages::enable_install: {get_input: enable_package_install}
473 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
475 NovaComputeDeployment:
476 type: OS::TripleO::SoftwareDeployment
477 depends_on: NetworkDeployment
479 config: {get_resource: NovaComputeConfig}
480 server: {get_resource: NovaCompute}
482 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
483 debug: {get_param: Debug}
484 nova_compute_driver: {get_param: NovaComputeDriver}
485 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
486 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
487 nova_public_ip: {get_param: NovaPublicIP}
488 nova_api_host: {get_param: NovaApiHost}
489 nova_password: {get_param: NovaPassword}
490 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
491 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
492 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
493 nova_ovs_bridge: {get_param: NovaOVSBridge}
494 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
495 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
496 ceilometer_password: {get_param: CeilometerPassword}
497 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
498 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
499 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
500 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
501 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
502 neutron_flat_networks: {get_param: NeutronFlatNetworks}
503 neutron_host: {get_param: NeutronHost}
504 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
505 neutron_tenant_network_type: {get_param: NeutronNetworkType}
506 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
507 neutron_tunnel_id_ranges:
509 template: "['RANGES']"
514 - {get_param: NeutronTunnelIdRanges}
517 template: "['RANGES']"
522 - {get_param: NeutronVniRanges}
523 neutron_network_vlan_ranges:
525 template: "['RANGES']"
530 - {get_param: NeutronNetworkVLANRanges}
531 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
532 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
533 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
534 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
535 neutron_public_interface: {get_param: NeutronPublicInterface}
536 neutron_password: {get_param: NeutronPassword}
537 neutron_agent_mode: {get_param: NeutronAgentMode}
538 neutron_router_distributed: {get_param: NeutronDVR}
539 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
540 neutron_core_plugin: {get_param: NeutronCorePlugin}
541 neutron_service_plugins:
543 template: "['PLUGINS']"
548 - {get_param: NeutronServicePlugins}
549 neutron_type_drivers:
551 template: "['DRIVERS']"
556 - {get_param: NeutronTypeDrivers}
557 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
558 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
559 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
560 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
561 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
562 admin_password: {get_param: AdminPassword}
563 rabbit_username: {get_param: RabbitUserName}
564 rabbit_password: {get_param: RabbitPassword}
565 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
566 rabbit_client_port: {get_param: RabbitClientPort}
567 ntp_servers: {get_param: NtpServer}
568 enable_package_install: {get_param: EnablePackageInstall}
569 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
571 # Resource for site-specific injection of root certificate
573 depends_on: NovaComputeDeployment
574 type: OS::TripleO::NodeTLSCAData
576 server: {get_resource: NovaCompute}
578 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
579 ComputeExtraConfigPre:
580 depends_on: NovaComputeDeployment
581 type: OS::TripleO::ComputeExtraConfigPre
583 server: {get_resource: NovaCompute}
585 # Hook for site-specific additional pre-deployment config,
586 # applying to all nodes, e.g node registration/unregistration
588 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
589 type: OS::TripleO::NodeExtraConfig
591 server: {get_resource: NovaCompute}
594 type: OS::TripleO::Tasks::PackageUpdate
597 type: OS::Heat::SoftwareDeployment
599 config: {get_resource: UpdateConfig}
600 server: {get_resource: NovaCompute}
603 get_param: UpdateIdentifier
607 description: IP address of the server in the ctlplane network
608 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
609 internal_api_ip_address:
610 description: IP address of the server in the internal_api network
611 value: {get_attr: [InternalApiPort, ip_address]}
613 description: IP address of the server in the storage network
614 value: {get_attr: [StoragePort, ip_address]}
616 description: IP address of the server in the tenant network
617 value: {get_attr: [TenantPort, ip_address]}
619 description: Hostname of the server
620 value: {get_attr: [NovaCompute, name]}
623 Server's IP address and hostname in the /etc/hosts format
626 template: "IP HOST.DOMAIN HOST"
628 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
629 DOMAIN: {get_param: CloudDomain}
630 HOST: {get_attr: [NovaCompute, name]}
631 nova_server_resource:
632 description: Heat resource handle for the Nova compute server
634 {get_resource: NovaCompute}
636 description: identifier which changes if the node configuration may need re-applying
640 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
641 - {get_attr: [NodeTLSCAData, deploy_stdout]}
642 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
643 - {get_param: UpdateIdentifier}