1 heat_template_version: 2015-04-30
4 OpenStack hypervisor node configured via Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 CeilometerComputeAgent:
13 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
17 - allowed_values: ['', Present]
18 CeilometerMeteringSecret:
20 description: Secret shared by the ceilometer services.
25 description: The password for the ceilometer service account.
28 CinderEnableNfsBackend:
30 description: Whether to enable or not the NFS backend for Cinder
32 CinderEnableRbdBackend:
34 description: Whether to enable or not the Rbd backend for Cinder
38 description: Set to True to enable debugging on all services.
43 Additional hiera configuration to inject into the cluster. Note
44 that NovaComputeExtraConfig takes precedence over ExtraConfig.
47 description: Flavor for the nova compute node
50 - custom_constraint: nova.flavor
53 default: '' # Has to be here because of the ignored empty value bug
56 default: overcloud-compute
58 - custom_constraint: glance.image
60 default: 'REBUILD_PRESERVE_EPHEMERAL'
61 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
64 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
68 - custom_constraint: nova.keypair
69 KeystoneAdminApiVirtualIP:
72 KeystonePublicApiVirtualIP:
75 NeutronBridgeMappings:
77 The OVS logical->physical bridge mappings to use. See the Neutron
78 documentation for details. Defaults to mapping br-ex - the external
79 bridge on hosts - to a physical name 'datacentre' which can be used
80 to create provider networks (and we use this for the default floating
81 network) - if changing this either use different post-install network
82 scripts or be sure to keep 'datacentre' as a mapping network name.
84 default: "datacentre:br-ex"
85 NeutronEnableTunnelling:
91 Enable/disable the L2 population feature in the Neutron agents.
97 If set, flat networks to configure in neutron plugins.
100 default: '' # Has to be here because of the ignored empty value bug
103 description: The tenant network type for Neutron, either gre or vxlan.
105 NeutronNetworkVLANRanges:
106 default: 'datacentre'
108 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
109 Neutron documentation for permitted values. Defaults to permitting any
110 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
111 type: comma_delimited_list
114 description: The password for the neutron service account, used by neutron agents.
117 NeutronPhysicalBridge:
119 description: An OVS bridge to create for accessing external networks.
121 NeutronPublicInterface:
123 description: A port to add to the NeutronPhysicalBridge.
128 The tunnel types for the Neutron tenant network. To specify multiple
129 values, use a comma separated string, like so: 'gre,vxlan'
131 NeutronTunnelIdRanges:
133 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
134 of GRE tunnel IDs that are available for tenant network allocation
135 default: ["1:1000", ]
136 type: comma_delimited_list
139 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
140 of VXLAN VNI IDs that are available for tenant network allocation
141 default: ["1:1000", ]
142 type: comma_delimited_list
143 NeutronPublicInterfaceRawDevice:
149 NeutronMetadataProxySharedSecret:
151 description: Shared secret to prevent spoofing
157 The core plugin for Neutron. The value should be the entrypoint to be loaded
158 from neutron.core_plugins namespace.
160 NeutronServicePlugins:
163 Comma-separated list of service plugin entrypoints to be loaded from the
164 neutron.service_plugins namespace.
165 type: comma_delimited_list
167 default: "vxlan,vlan,flat,gre"
169 Comma-separated list of network type driver entrypoints to be loaded.
170 type: comma_delimited_list
171 NeutronMechanismDrivers:
172 default: 'openvswitch'
174 The mechanism drivers for the Neutron tenant network. To specify multiple
175 values, use a comma separated string, like so: 'openvswitch,l2_population'
177 # Not relevant for Computes, should be removed
178 NeutronAllowL3AgentFailover:
180 description: Allow automatic l3-agent failover
182 # Not relevant for Computes, should be removed
185 description: Whether to enable l3-agent HA
189 description: Agent mode for the neutron-l3-agent on the controller hosts
193 default: '' # Has to be here because of the ignored empty value bug
196 default: libvirt.LibvirtDriver
197 NovaComputeExtraConfig:
200 NovaCompute specific configuration to inject into the cluster. Same
201 structure as ExtraConfig.
203 NovaComputeLibvirtType:
206 NovaComputeLibvirtVifDriver:
208 description: Libvirt VIF driver configuration for the network
210 NovaEnableRbdBackend:
212 description: Whether to enable or not the Rbd backend for Nova
216 description: The password for the nova service account, used by nova-api.
221 default: '' # Has to be here because of the ignored empty value bug
224 description: Name of integration bridge used by Open vSwitch
226 NovaSecurityGroupAPI:
228 description: The full class name of the security API class
232 description: Comma-separated list of ntp servers
233 type: comma_delimited_list
236 default: '' # Has to be here because of the ignored empty value bug
239 description: The password for RabbitMQ
244 description: The username for RabbitMQ
249 Rabbit client subscriber parameter to specify
250 an SSL connection to the RabbitMQ host.
254 description: Set rabbit subscriber port, change this if using SSL
256 SnmpdReadonlyUserName:
257 default: ro_snmp_user
258 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
260 SnmpdReadonlyUserPassword:
262 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
265 EnablePackageInstall:
267 description: Set to true to enable package installation via Puppet
271 description: Mapping of service_name -> network name. Typically set
272 via parameter_defaults in the resource registry.
276 description: Mapping of service endpoint -> protocol. Typically set
277 via parameter_defaults in the resource registry.
283 Setting to a previously unused value during stack-update will trigger
284 package update on all nodes
287 default: '' # Defaults to Heat created hostname
288 NetworkDeploymentActions:
289 type: comma_delimited_list
291 Heat action when to apply network configuration changes
297 The DNS domain used for the hosts. This should match the dhcp_domain
298 configured in the Undercloud neutron. Defaults to localdomain.
304 type: OS::Nova::Server
309 get_param: ImageUpdatePolicy
310 flavor: {get_param: Flavor}
311 key_name: {get_param: KeyName}
314 user_data_format: SOFTWARE_CONFIG
315 user_data: {get_resource: UserData}
316 name: {get_param: Hostname}
318 # Combine the NodeAdminUserData and NodeUserData mime archives
320 type: OS::Heat::MultipartMime
323 - config: {get_resource: NodeAdminUserData}
325 - config: {get_resource: NodeUserData}
328 # Creates the "heat-admin" user if configured via the environment
329 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
331 type: OS::TripleO::NodeAdminUserData
333 # For optional operator additional userdata
334 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
336 type: OS::TripleO::NodeUserData
339 type: OS::TripleO::Compute::Ports::InternalApiPort
341 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
344 type: OS::TripleO::Compute::Ports::StoragePort
346 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
349 type: OS::TripleO::Compute::Ports::TenantPort
351 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
354 type: OS::TripleO::Network::Ports::NetIpMap
356 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
357 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
358 StorageIp: {get_attr: [StoragePort, ip_address]}
359 TenantIp: {get_attr: [TenantPort, ip_address]}
362 type: OS::TripleO::Compute::Net::SoftwareConfig
364 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
365 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
366 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
367 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
370 type: OS::TripleO::SoftwareDeployment
372 config: {get_resource: NetworkConfig}
373 server: {get_resource: NovaCompute}
374 actions: {get_param: NetworkDeploymentActions}
376 bridge_name: {get_param: NeutronPhysicalBridge}
377 interface_name: {get_param: NeutronPublicInterface}
380 type: OS::Heat::StructuredConfig
382 group: os-apply-config
387 - heat_config_%{::deploy_config_name}
388 - compute_extraconfig
391 - ceph_cluster # provided by CephClusterConfig
393 - all_nodes # provided by allNodesConfig
396 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
397 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
400 mapped_data: {get_param: NovaComputeExtraConfig}
402 mapped_data: {get_param: ExtraConfig}
404 raw_data: {get_file: hieradata/common.yaml}
406 raw_data: {get_file: hieradata/ceph.yaml}
408 raw_data: {get_file: hieradata/compute.yaml}
410 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
411 nova::debug: {get_input: debug}
412 nova::rabbit_userid: {get_input: rabbit_username}
413 nova::rabbit_password: {get_input: rabbit_password}
414 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
415 nova::rabbit_port: {get_input: rabbit_client_port}
416 nova_compute_driver: {get_input: nova_compute_driver}
417 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
418 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
419 nova_api_host: {get_input: nova_api_host}
420 nova::compute::vncproxy_host: {get_input: nova_public_ip}
421 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
422 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
423 nova_password: {get_input: nova_password}
424 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
425 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
426 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
427 ceilometer::debug: {get_input: debug}
428 ceilometer::rabbit_userid: {get_input: rabbit_username}
429 ceilometer::rabbit_password: {get_input: rabbit_password}
430 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
431 ceilometer::rabbit_port: {get_input: rabbit_client_port}
432 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
433 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
434 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
435 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
436 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
437 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
438 nova::glance_api_servers: {get_input: glance_api_servers}
439 neutron::debug: {get_input: debug}
440 neutron::rabbit_password: {get_input: rabbit_password}
441 neutron::rabbit_user: {get_input: rabbit_username}
442 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
443 neutron::rabbit_port: {get_input: rabbit_client_port}
444 neutron_flat_networks: {get_input: neutron_flat_networks}
445 neutron_host: {get_input: neutron_host}
446 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
448 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
449 neutron_tunnel_types: {get_input: neutron_tunnel_types}
450 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
451 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
452 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
453 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
454 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
455 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
456 neutron_physical_bridge: {get_input: neutron_physical_bridge}
457 neutron_public_interface: {get_input: neutron_public_interface}
458 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
459 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
460 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
461 neutron_router_distributed: {get_input: neutron_router_distributed}
462 neutron_agent_mode: {get_input: neutron_agent_mode}
463 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
464 neutron::core_plugin: {get_input: neutron_core_plugin}
465 neutron::service_plugins: {get_input: neutron_service_plugins}
466 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
467 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
468 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
469 admin_password: {get_input: admin_password}
470 ntp::servers: {get_input: ntp_servers}
471 tripleo::packages::enable_install: {get_input: enable_package_install}
472 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
474 NovaComputeDeployment:
475 type: OS::TripleO::SoftwareDeployment
476 depends_on: NetworkDeployment
478 config: {get_resource: NovaComputeConfig}
479 server: {get_resource: NovaCompute}
481 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
482 debug: {get_param: Debug}
483 nova_compute_driver: {get_param: NovaComputeDriver}
484 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
485 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
486 nova_public_ip: {get_param: NovaPublicIP}
487 nova_api_host: {get_param: NovaApiHost}
488 nova_password: {get_param: NovaPassword}
489 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
490 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
491 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
492 nova_ovs_bridge: {get_param: NovaOVSBridge}
493 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
494 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
495 ceilometer_password: {get_param: CeilometerPassword}
496 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
497 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
498 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
499 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
500 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
501 neutron_flat_networks: {get_param: NeutronFlatNetworks}
502 neutron_host: {get_param: NeutronHost}
503 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
504 neutron_tenant_network_type: {get_param: NeutronNetworkType}
505 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
506 neutron_tunnel_id_ranges:
508 template: "['RANGES']"
513 - {get_param: NeutronTunnelIdRanges}
516 template: "['RANGES']"
521 - {get_param: NeutronVniRanges}
522 neutron_network_vlan_ranges:
524 template: "['RANGES']"
529 - {get_param: NeutronNetworkVLANRanges}
530 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
531 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
532 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
533 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
534 neutron_public_interface: {get_param: NeutronPublicInterface}
535 neutron_password: {get_param: NeutronPassword}
536 neutron_agent_mode: {get_param: NeutronAgentMode}
537 neutron_router_distributed: {get_param: NeutronDVR}
538 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
539 neutron_core_plugin: {get_param: NeutronCorePlugin}
540 neutron_service_plugins:
542 template: "['PLUGINS']"
547 - {get_param: NeutronServicePlugins}
548 neutron_type_drivers:
550 template: "['DRIVERS']"
555 - {get_param: NeutronTypeDrivers}
556 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
557 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
558 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
559 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
560 admin_password: {get_param: AdminPassword}
561 rabbit_username: {get_param: RabbitUserName}
562 rabbit_password: {get_param: RabbitPassword}
563 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
564 rabbit_client_port: {get_param: RabbitClientPort}
565 ntp_servers: {get_param: NtpServer}
566 enable_package_install: {get_param: EnablePackageInstall}
567 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
569 # Resource for site-specific injection of root certificate
571 depends_on: NovaComputeDeployment
572 type: OS::TripleO::NodeTLSCAData
574 server: {get_resource: NovaCompute}
576 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
577 ComputeExtraConfigPre:
578 depends_on: NovaComputeDeployment
579 type: OS::TripleO::ComputeExtraConfigPre
581 server: {get_resource: NovaCompute}
583 # Hook for site-specific additional pre-deployment config,
584 # applying to all nodes, e.g node registration/unregistration
586 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
587 type: OS::TripleO::NodeExtraConfig
589 server: {get_resource: NovaCompute}
592 type: OS::TripleO::Tasks::PackageUpdate
595 type: OS::Heat::SoftwareDeployment
597 config: {get_resource: UpdateConfig}
598 server: {get_resource: NovaCompute}
601 get_param: UpdateIdentifier
605 description: IP address of the server in the ctlplane network
606 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
607 internal_api_ip_address:
608 description: IP address of the server in the internal_api network
609 value: {get_attr: [InternalApiPort, ip_address]}
611 description: IP address of the server in the storage network
612 value: {get_attr: [StoragePort, ip_address]}
614 description: IP address of the server in the tenant network
615 value: {get_attr: [TenantPort, ip_address]}
617 description: Hostname of the server
618 value: {get_attr: [NovaCompute, name]}
621 Server's IP address and hostname in the /etc/hosts format
624 template: "IP HOST.DOMAIN HOST"
626 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
627 DOMAIN: {get_param: CloudDomain}
628 HOST: {get_attr: [NovaCompute, name]}
629 nova_server_resource:
630 description: Heat resource handle for the Nova compute server
632 {get_resource: NovaCompute}
634 description: identifier which changes if the node configuration may need re-applying
638 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
639 - {get_attr: [NodeTLSCAData, deploy_stdout]}
640 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
641 - {get_param: UpdateIdentifier}