1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
72 NeutronBridgeMappings:
74 The OVS logical->physical bridge mappings to use. See the Neutron
75 documentation for details. Defaults to mapping br-ex - the external
76 bridge on hosts - to a physical name 'datacentre' which can be used
77 to create provider networks (and we use this for the default floating
78 network) - if changing this either use different post-install network
79 scripts or be sure to keep 'datacentre' as a mapping network name.
80 type: comma_delimited_list
81 default: "datacentre:br-ex"
82 NeutronEnableTunnelling:
88 Enable/disable the L2 population feature in the Neutron agents.
91 type: comma_delimited_list
94 If set, flat networks to configure in neutron plugins.
97 default: '' # Has to be here because of the ignored empty value bug
99 type: comma_delimited_list
100 description: The tenant network type for Neutron.
102 NeutronNetworkVLANRanges:
103 default: 'datacentre:1:1000'
105 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
106 Neutron documentation for permitted values. Defaults to permitting any
107 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
108 type: comma_delimited_list
110 description: The password for the neutron service account, used by neutron agents.
113 NeutronPhysicalBridge:
115 description: An OVS bridge to create for accessing external networks.
117 NeutronPublicInterface:
119 description: A port to add to the NeutronPhysicalBridge.
122 type: comma_delimited_list
124 The tunnel types for the Neutron tenant network.
126 NeutronTunnelIdRanges:
128 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
129 of GRE tunnel IDs that are available for tenant network allocation
130 default: ["1:1000", ]
131 type: comma_delimited_list
134 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
135 of VXLAN VNI IDs that are available for tenant network allocation
136 default: ["1:1000", ]
137 type: comma_delimited_list
138 NeutronPublicInterfaceRawDevice:
144 NeutronMetadataProxySharedSecret:
145 description: Shared secret to prevent spoofing
151 The core plugin for Neutron. The value should be the entrypoint to be loaded
152 from neutron.core_plugins namespace.
154 NeutronServicePlugins:
155 default: "router,qos"
157 Comma-separated list of service plugin entrypoints to be loaded from the
158 neutron.service_plugins namespace.
159 type: comma_delimited_list
161 default: "vxlan,vlan,flat,gre"
163 Comma-separated list of network type driver entrypoints to be loaded.
164 type: comma_delimited_list
165 NeutronMechanismDrivers:
166 default: 'openvswitch'
168 The mechanism drivers for the Neutron tenant network.
169 type: comma_delimited_list
170 NeutronAgentExtensions:
173 Comma-separated list of extensions enabled for the Neutron agents.
174 type: comma_delimited_list
175 # Not relevant for Computes, should be removed
176 NeutronAllowL3AgentFailover:
178 description: Allow automatic l3-agent failover
180 # Not relevant for Computes, should be removed
183 description: Whether to enable l3-agent HA
187 description: Agent mode for the neutron-l3-agent on the controller hosts
191 default: '' # Has to be here because of the ignored empty value bug
194 default: libvirt.LibvirtDriver
195 NovaComputeExtraConfig:
198 NovaCompute specific configuration to inject into the cluster. Same
199 structure as ExtraConfig.
201 NovaComputeLibvirtType:
204 NovaComputeLibvirtVifDriver:
206 description: Libvirt VIF driver configuration for the network
208 NovaEnableRbdBackend:
210 description: Whether to enable or not the Rbd backend for Nova
213 description: The password for the nova service account, used by nova-api.
218 default: '' # Has to be here because of the ignored empty value bug
221 description: Name of integration bridge used by Open vSwitch
223 NovaSecurityGroupAPI:
225 description: The full class name of the security API class
229 description: Comma-separated list of ntp servers
230 type: comma_delimited_list
233 default: '' # Has to be here because of the ignored empty value bug
236 description: The password for RabbitMQ
241 description: The username for RabbitMQ
246 Rabbit client subscriber parameter to specify
247 an SSL connection to the RabbitMQ host.
251 description: Set rabbit subscriber port, change this if using SSL
253 SnmpdReadonlyUserName:
254 default: ro_snmp_user
255 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
257 SnmpdReadonlyUserPassword:
258 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
261 EnablePackageInstall:
263 description: Set to true to enable package installation via Puppet
267 description: Mapping of service_name -> network name. Typically set
268 via parameter_defaults in the resource registry.
272 description: Mapping of service endpoint -> protocol. Typically set
273 via parameter_defaults in the resource registry.
277 description: The timezone to be set on compute nodes.
283 Setting to a previously unused value during stack-update will trigger
284 package update on all nodes
287 default: '' # Defaults to Heat created hostname
288 NetworkDeploymentActions:
289 type: comma_delimited_list
291 Heat action when to apply network configuration changes
293 SoftwareConfigTransport:
294 default: POLL_SERVER_CFN
296 How the server should receive the metadata required for software configuration.
299 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
304 The DNS domain used for the hosts. This should match the dhcp_domain
305 configured in the Undercloud neutron. Defaults to localdomain.
309 Extra properties or metadata passed to Nova for the created nodes in
310 the overcloud. It's accessible via the Nova metadata API.
314 description: Optional scheduler hints to pass to nova
320 type: OS::Nova::Server
325 get_param: ImageUpdatePolicy
326 flavor: {get_param: Flavor}
327 key_name: {get_param: KeyName}
330 user_data_format: SOFTWARE_CONFIG
331 user_data: {get_resource: UserData}
332 name: {get_param: Hostname}
333 software_config_transport: {get_param: SoftwareConfigTransport}
334 metadata: {get_param: ServerMetadata}
335 scheduler_hints: {get_param: SchedulerHints}
337 # Combine the NodeAdminUserData and NodeUserData mime archives
339 type: OS::Heat::MultipartMime
342 - config: {get_resource: NodeAdminUserData}
344 - config: {get_resource: NodeUserData}
347 # Creates the "heat-admin" user if configured via the environment
348 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
350 type: OS::TripleO::NodeAdminUserData
352 # For optional operator additional userdata
353 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
355 type: OS::TripleO::NodeUserData
358 type: OS::TripleO::Compute::Ports::ExternalPort
360 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
363 type: OS::TripleO::Compute::Ports::InternalApiPort
365 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
368 type: OS::TripleO::Compute::Ports::StoragePort
370 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
373 type: OS::TripleO::Compute::Ports::StorageMgmtPort
375 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
378 type: OS::TripleO::Compute::Ports::TenantPort
380 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
383 type: OS::TripleO::Compute::Ports::ManagementPort
385 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
388 type: OS::TripleO::Network::Ports::NetIpMap
390 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
391 ExternalIp: {get_attr: [ExternalPort, ip_address]}
392 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
393 StorageIp: {get_attr: [StoragePort, ip_address]}
394 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
395 TenantIp: {get_attr: [TenantPort, ip_address]}
396 ManagementIp: {get_attr: [ManagementPort, ip_address]}
399 type: OS::TripleO::Compute::Net::SoftwareConfig
401 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
402 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
403 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
404 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
405 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
406 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
407 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
410 type: OS::TripleO::SoftwareDeployment
412 config: {get_resource: NetworkConfig}
413 server: {get_resource: NovaCompute}
414 actions: {get_param: NetworkDeploymentActions}
416 bridge_name: {get_param: NeutronPhysicalBridge}
417 interface_name: {get_param: NeutronPublicInterface}
420 type: OS::Heat::StructuredConfig
422 group: os-apply-config
427 - heat_config_%{::deploy_config_name}
428 - compute_extraconfig
431 - ceph_cluster # provided by CephClusterConfig
433 - all_nodes # provided by allNodesConfig
436 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
437 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
438 - midonet_data # Optionally provided by AllNodesExtraConfig
441 mapped_data: {get_param: NovaComputeExtraConfig}
443 mapped_data: {get_param: ExtraConfig}
445 raw_data: {get_file: hieradata/common.yaml}
447 raw_data: {get_file: hieradata/ceph.yaml}
449 raw_data: {get_file: hieradata/compute.yaml}
451 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
452 nova::debug: {get_input: debug}
453 nova::rabbit_userid: {get_input: rabbit_username}
454 nova::rabbit_password: {get_input: rabbit_password}
455 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
456 nova::rabbit_port: {get_input: rabbit_client_port}
457 nova_compute_driver: {get_input: nova_compute_driver}
458 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
459 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
460 nova_api_host: {get_input: nova_api_host}
461 nova::compute::vncproxy_host: {get_input: nova_public_ip}
462 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
463 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
464 nova_password: {get_input: nova_password}
465 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
466 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
467 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
468 ceilometer::debug: {get_input: debug}
469 ceilometer::rabbit_userid: {get_input: rabbit_username}
470 ceilometer::rabbit_password: {get_input: rabbit_password}
471 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
472 ceilometer::rabbit_port: {get_input: rabbit_client_port}
473 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
474 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
475 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
476 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
477 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
478 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
479 nova::glance_api_servers: {get_input: glance_api_servers}
480 neutron::debug: {get_input: debug}
481 neutron::rabbit_password: {get_input: rabbit_password}
482 neutron::rabbit_user: {get_input: rabbit_username}
483 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
484 neutron::rabbit_port: {get_input: rabbit_client_port}
485 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
486 neutron_host: {get_input: neutron_host}
487 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
489 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
490 neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types}
491 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
492 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
493 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
494 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
495 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
496 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
497 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
498 neutron_physical_bridge: {get_input: neutron_physical_bridge}
499 neutron_public_interface: {get_input: neutron_public_interface}
500 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
501 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
502 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
503 neutron_router_distributed: {get_input: neutron_router_distributed}
504 neutron_agent_mode: {get_input: neutron_agent_mode}
505 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
506 neutron::core_plugin: {get_input: neutron_core_plugin}
507 neutron::service_plugins: {get_input: neutron_service_plugins}
508 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
509 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
510 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
511 keystone_public_api_virtual_ip: {get_input: keystone_vip}
512 admin_password: {get_input: admin_password}
513 ntp::servers: {get_input: ntp_servers}
514 timezone::timezone: {get_input: timezone}
515 tripleo::packages::enable_install: {get_input: enable_package_install}
516 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
518 NovaComputeDeployment:
519 type: OS::TripleO::SoftwareDeployment
520 depends_on: NetworkDeployment
522 config: {get_resource: NovaComputeConfig}
523 server: {get_resource: NovaCompute}
525 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
526 debug: {get_param: Debug}
527 nova_compute_driver: {get_param: NovaComputeDriver}
528 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
529 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
530 nova_public_ip: {get_param: NovaPublicIP}
531 nova_api_host: {get_param: NovaApiHost}
532 nova_password: {get_param: NovaPassword}
533 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
534 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
535 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
536 nova_ovs_bridge: {get_param: NovaOVSBridge}
537 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
538 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
539 ceilometer_password: {get_param: CeilometerPassword}
540 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
541 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
542 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
543 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
544 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
545 neutron_flat_networks:
549 NETWORKS: {get_param: NeutronFlatNetworks}
550 neutron_host: {get_param: NeutronHost}
551 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
552 neutron_tunnel_id_ranges:
556 RANGES: {get_param: NeutronTunnelIdRanges}
561 RANGES: {get_param: NeutronVniRanges}
562 neutron_tenant_network_types:
566 TYPES: {get_param: NeutronNetworkType}
567 neutron_tunnel_types:
571 TYPES: {get_param: NeutronTunnelTypes}
572 neutron_network_vlan_ranges:
576 RANGES: {get_param: NeutronNetworkVLANRanges}
577 neutron_bridge_mappings:
581 MAPPINGS: {get_param: NeutronBridgeMappings}
582 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
583 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
584 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
585 neutron_public_interface: {get_param: NeutronPublicInterface}
586 neutron_password: {get_param: NeutronPassword}
587 neutron_agent_mode: {get_param: NeutronAgentMode}
588 neutron_router_distributed: {get_param: NeutronDVR}
589 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
590 neutron_core_plugin: {get_param: NeutronCorePlugin}
591 neutron_service_plugins:
595 PLUGINS: {get_param: NeutronServicePlugins}
596 neutron_type_drivers:
600 DRIVERS: {get_param: NeutronTypeDrivers}
601 neutron_mechanism_drivers:
605 MECHANISMS: {get_param: NeutronMechanismDrivers}
606 neutron_agent_extensions:
608 template: AGENT_EXTENSIONS
610 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
611 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
612 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
613 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
614 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
615 admin_password: {get_param: AdminPassword}
616 rabbit_username: {get_param: RabbitUserName}
617 rabbit_password: {get_param: RabbitPassword}
618 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
619 rabbit_client_port: {get_param: RabbitClientPort}
620 ntp_servers: {get_param: NtpServer}
621 timezone: {get_param: TimeZone}
622 enable_package_install: {get_param: EnablePackageInstall}
623 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
625 # Resource for site-specific injection of root certificate
627 depends_on: NovaComputeDeployment
628 type: OS::TripleO::NodeTLSCAData
630 server: {get_resource: NovaCompute}
632 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
633 ComputeExtraConfigPre:
634 depends_on: NovaComputeDeployment
635 type: OS::TripleO::ComputeExtraConfigPre
637 server: {get_resource: NovaCompute}
639 # Hook for site-specific additional pre-deployment config,
640 # applying to all nodes, e.g node registration/unregistration
642 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
643 type: OS::TripleO::NodeExtraConfig
645 server: {get_resource: NovaCompute}
648 type: OS::TripleO::Tasks::PackageUpdate
651 type: OS::Heat::SoftwareDeployment
653 config: {get_resource: UpdateConfig}
654 server: {get_resource: NovaCompute}
657 get_param: UpdateIdentifier
661 description: IP address of the server in the ctlplane network
662 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
664 description: IP address of the server in the external network
665 value: {get_attr: [ExternalPort, ip_address]}
666 internal_api_ip_address:
667 description: IP address of the server in the internal_api network
668 value: {get_attr: [InternalApiPort, ip_address]}
670 description: IP address of the server in the storage network
671 value: {get_attr: [StoragePort, ip_address]}
672 storage_mgmt_ip_address:
673 description: IP address of the server in the storage_mgmt network
674 value: {get_attr: [StorageMgmtPort, ip_address]}
676 description: IP address of the server in the tenant network
677 value: {get_attr: [TenantPort, ip_address]}
678 management_ip_address:
679 description: IP address of the server in the management network
680 value: {get_attr: [ManagementPort, ip_address]}
682 description: Hostname of the server
683 value: {get_attr: [NovaCompute, name]}
686 Server's IP address and hostname in the /etc/hosts format
689 template: "IP HOST.DOMAIN HOST"
691 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
692 DOMAIN: {get_param: CloudDomain}
693 HOST: {get_attr: [NovaCompute, name]}
694 nova_server_resource:
695 description: Heat resource handle for the Nova compute server
697 {get_resource: NovaCompute}
699 description: identifier which changes if the node configuration may need re-applying
703 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
704 - {get_attr: [NodeTLSCAData, deploy_stdout]}
705 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
706 - {get_param: UpdateIdentifier}
Code Review / apex-tripleo-heat-templates.git / blob