1 heat_template_version: 2015-04-30
4 OpenStack hypervisor node configured via Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 CeilometerComputeAgent:
13 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
17 - allowed_values: ['', Present]
18 CeilometerMeteringSecret:
20 description: Secret shared by the ceilometer services.
25 description: The password for the ceilometer service account.
28 CinderEnableNfsBackend:
30 description: Whether to enable or not the NFS backend for Cinder
32 CinderEnableRbdBackend:
34 description: Whether to enable or not the Rbd backend for Cinder
38 description: Set to True to enable debugging on all services.
43 Additional hiera configuration to inject into the cluster. Note
44 that NovaComputeExtraConfig takes precedence over ExtraConfig.
47 description: Flavor for the nova compute node
50 - custom_constraint: nova.flavor
53 default: '' # Has to be here because of the ignored empty value bug
56 default: overcloud-compute
58 - custom_constraint: glance.image
60 default: 'REBUILD_PRESERVE_EPHEMERAL'
61 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
64 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
68 - custom_constraint: nova.keypair
69 KeystoneAdminApiVirtualIP:
72 KeystonePublicApiVirtualIP:
75 NeutronBridgeMappings:
77 The OVS logical->physical bridge mappings to use. See the Neutron
78 documentation for details. Defaults to mapping br-ex - the external
79 bridge on hosts - to a physical name 'datacentre' which can be used
80 to create provider networks (and we use this for the default floating
81 network) - if changing this either use different post-install network
82 scripts or be sure to keep 'datacentre' as a mapping network name.
84 default: "datacentre:br-ex"
85 NeutronEnableTunnelling:
91 Enable/disable the L2 population feature in the Neutron agents.
97 If set, flat networks to configure in neutron plugins.
100 default: '' # Has to be here because of the ignored empty value bug
103 description: The tenant network type for Neutron, either gre or vxlan.
105 NeutronNetworkVLANRanges:
106 default: 'datacentre'
108 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
109 Neutron documentation for permitted values. Defaults to permitting any
110 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
111 type: comma_delimited_list
114 description: The password for the neutron service account, used by neutron agents.
117 NeutronPhysicalBridge:
119 description: An OVS bridge to create for accessing external networks.
121 NeutronPublicInterface:
123 description: A port to add to the NeutronPhysicalBridge.
128 The tunnel types for the Neutron tenant network. To specify multiple
129 values, use a comma separated string, like so: 'gre,vxlan'
131 NeutronTunnelIdRanges:
133 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
134 of GRE tunnel IDs that are available for tenant network allocation
135 default: ["1:1000", ]
136 type: comma_delimited_list
139 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
140 of VXLAN VNI IDs that are available for tenant network allocation
141 default: ["1:1000", ]
142 type: comma_delimited_list
143 NeutronPublicInterfaceRawDevice:
149 NeutronMetadataProxySharedSecret:
151 description: Shared secret to prevent spoofing
157 The core plugin for Neutron. The value should be the entrypoint to be loaded
158 from neutron.core_plugins namespace.
160 NeutronServicePlugins:
163 Comma-separated list of service plugin entrypoints to be loaded from the
164 neutron.service_plugins namespace.
165 type: comma_delimited_list
167 default: "vxlan,vlan,flat,gre"
169 Comma-separated list of network type driver entrypoints to be loaded.
170 type: comma_delimited_list
171 NeutronMechanismDrivers:
172 default: 'openvswitch'
174 The mechanism drivers for the Neutron tenant network. To specify multiple
175 values, use a comma separated string, like so: 'openvswitch,l2_population'
177 # Not relevant for Computes, should be removed
178 NeutronAllowL3AgentFailover:
180 description: Allow automatic l3-agent failover
182 # Not relevant for Computes, should be removed
185 description: Whether to enable l3-agent HA
189 description: Agent mode for the neutron-l3-agent on the controller hosts
193 default: '' # Has to be here because of the ignored empty value bug
196 default: libvirt.LibvirtDriver
197 NovaComputeExtraConfig:
200 NovaCompute specific configuration to inject into the cluster. Same
201 structure as ExtraConfig.
203 NovaComputeLibvirtType:
206 NovaComputeLibvirtVifDriver:
208 description: Libvirt VIF driver configuration for the network
210 NovaEnableRbdBackend:
212 description: Whether to enable or not the Rbd backend for Nova
216 description: The password for the nova service account, used by nova-api.
221 default: '' # Has to be here because of the ignored empty value bug
224 description: Name of integration bridge used by Open vSwitch
226 NovaSecurityGroupAPI:
228 description: The full class name of the security API class
232 description: Comma-separated list of ntp servers
233 type: comma_delimited_list
236 default: '' # Has to be here because of the ignored empty value bug
239 description: The password for RabbitMQ
244 description: The username for RabbitMQ
249 Rabbit client subscriber parameter to specify
250 an SSL connection to the RabbitMQ host.
254 description: Set rabbit subscriber port, change this if using SSL
256 SnmpdReadonlyUserName:
257 default: ro_snmp_user
258 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
260 SnmpdReadonlyUserPassword:
262 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
265 EnablePackageInstall:
267 description: Set to true to enable package installation via Puppet
271 description: Mapping of service_name -> network name. Typically set
272 via parameter_defaults in the resource registry.
276 description: Mapping of service endpoint -> protocol. Typically set
277 via parameter_defaults in the resource registry.
283 Setting to a previously unused value during stack-update will trigger
284 package update on all nodes
287 default: '' # Defaults to Heat created hostname
288 NetworkDeploymentActions:
289 type: comma_delimited_list
291 Heat action when to apply network configuration changes
297 The DNS domain used for the hosts. This should match the dhcp_domain
298 configured in the Undercloud neutron. Defaults to localdomain.
303 Extra properties or metadata passed to Nova for the created nodes in
304 the overcloud. It's accessible via the Nova metadata API.
310 type: OS::Nova::Server
315 get_param: ImageUpdatePolicy
316 flavor: {get_param: Flavor}
317 key_name: {get_param: KeyName}
320 user_data_format: SOFTWARE_CONFIG
321 user_data: {get_resource: UserData}
322 name: {get_param: Hostname}
323 metadata: {get_param: ServerMetadata}
325 # Combine the NodeAdminUserData and NodeUserData mime archives
327 type: OS::Heat::MultipartMime
330 - config: {get_resource: NodeAdminUserData}
332 - config: {get_resource: NodeUserData}
335 # Creates the "heat-admin" user if configured via the environment
336 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
338 type: OS::TripleO::NodeAdminUserData
340 # For optional operator additional userdata
341 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
343 type: OS::TripleO::NodeUserData
346 type: OS::TripleO::Compute::Ports::InternalApiPort
348 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
351 type: OS::TripleO::Compute::Ports::StoragePort
353 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
356 type: OS::TripleO::Compute::Ports::TenantPort
358 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
361 type: OS::TripleO::Network::Ports::NetIpMap
363 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
364 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
365 StorageIp: {get_attr: [StoragePort, ip_address]}
366 TenantIp: {get_attr: [TenantPort, ip_address]}
369 type: OS::TripleO::Compute::Net::SoftwareConfig
371 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
372 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
373 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
374 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
377 type: OS::TripleO::SoftwareDeployment
379 name: NetworkDeployment
380 config: {get_resource: NetworkConfig}
381 server: {get_resource: NovaCompute}
382 actions: {get_param: NetworkDeploymentActions}
384 bridge_name: {get_param: NeutronPhysicalBridge}
385 interface_name: {get_param: NeutronPublicInterface}
388 type: OS::Heat::StructuredConfig
390 group: os-apply-config
395 - heat_config_%{::deploy_config_name}
396 - compute_extraconfig
399 - ceph_cluster # provided by CephClusterConfig
401 - all_nodes # provided by allNodesConfig
404 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
405 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
408 mapped_data: {get_param: NovaComputeExtraConfig}
410 mapped_data: {get_param: ExtraConfig}
412 raw_data: {get_file: hieradata/common.yaml}
414 raw_data: {get_file: hieradata/ceph.yaml}
416 raw_data: {get_file: hieradata/compute.yaml}
418 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
419 nova::debug: {get_input: debug}
420 nova::rabbit_userid: {get_input: rabbit_username}
421 nova::rabbit_password: {get_input: rabbit_password}
422 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
423 nova::rabbit_port: {get_input: rabbit_client_port}
424 nova_compute_driver: {get_input: nova_compute_driver}
425 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
426 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
427 nova_api_host: {get_input: nova_api_host}
428 nova::compute::vncproxy_host: {get_input: nova_public_ip}
429 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
430 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
431 nova_password: {get_input: nova_password}
432 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
433 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
434 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
435 ceilometer::debug: {get_input: debug}
436 ceilometer::rabbit_userid: {get_input: rabbit_username}
437 ceilometer::rabbit_password: {get_input: rabbit_password}
438 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
439 ceilometer::rabbit_port: {get_input: rabbit_client_port}
440 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
441 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
442 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
443 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
444 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
445 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
446 nova::glance_api_servers: {get_input: glance_api_servers}
447 neutron::debug: {get_input: debug}
448 neutron::rabbit_password: {get_input: rabbit_password}
449 neutron::rabbit_user: {get_input: rabbit_username}
450 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
451 neutron::rabbit_port: {get_input: rabbit_client_port}
452 neutron_flat_networks: {get_input: neutron_flat_networks}
453 neutron_host: {get_input: neutron_host}
454 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
456 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
457 neutron_tunnel_types: {get_input: neutron_tunnel_types}
458 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
459 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
460 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
461 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
462 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
463 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
464 neutron_physical_bridge: {get_input: neutron_physical_bridge}
465 neutron_public_interface: {get_input: neutron_public_interface}
466 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
467 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
468 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
469 neutron_router_distributed: {get_input: neutron_router_distributed}
470 neutron_agent_mode: {get_input: neutron_agent_mode}
471 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
472 neutron::core_plugin: {get_input: neutron_core_plugin}
473 neutron::service_plugins: {get_input: neutron_service_plugins}
474 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
475 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
476 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
477 keystone_public_api_virtual_ip: {get_input: keystone_vip}
478 admin_password: {get_input: admin_password}
479 ntp::servers: {get_input: ntp_servers}
480 tripleo::packages::enable_install: {get_input: enable_package_install}
481 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
483 NovaComputeDeployment:
484 type: OS::TripleO::SoftwareDeployment
485 depends_on: NetworkDeployment
487 name: NovaComputeDeployment
488 config: {get_resource: NovaComputeConfig}
489 server: {get_resource: NovaCompute}
491 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
492 debug: {get_param: Debug}
493 nova_compute_driver: {get_param: NovaComputeDriver}
494 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
495 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
496 nova_public_ip: {get_param: NovaPublicIP}
497 nova_api_host: {get_param: NovaApiHost}
498 nova_password: {get_param: NovaPassword}
499 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
500 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
501 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
502 nova_ovs_bridge: {get_param: NovaOVSBridge}
503 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
504 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
505 ceilometer_password: {get_param: CeilometerPassword}
506 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
507 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
508 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
509 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
510 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
511 neutron_flat_networks: {get_param: NeutronFlatNetworks}
512 neutron_host: {get_param: NeutronHost}
513 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
514 neutron_tenant_network_type: {get_param: NeutronNetworkType}
515 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
516 neutron_tunnel_id_ranges:
518 template: "['RANGES']"
523 - {get_param: NeutronTunnelIdRanges}
526 template: "['RANGES']"
531 - {get_param: NeutronVniRanges}
532 neutron_network_vlan_ranges:
534 template: "['RANGES']"
539 - {get_param: NeutronNetworkVLANRanges}
540 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
541 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
542 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
543 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
544 neutron_public_interface: {get_param: NeutronPublicInterface}
545 neutron_password: {get_param: NeutronPassword}
546 neutron_agent_mode: {get_param: NeutronAgentMode}
547 neutron_router_distributed: {get_param: NeutronDVR}
548 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
549 neutron_core_plugin: {get_param: NeutronCorePlugin}
550 neutron_service_plugins:
552 template: "['PLUGINS']"
557 - {get_param: NeutronServicePlugins}
558 neutron_type_drivers:
560 template: "['DRIVERS']"
565 - {get_param: NeutronTypeDrivers}
566 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
567 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
568 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
569 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
570 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
571 admin_password: {get_param: AdminPassword}
572 rabbit_username: {get_param: RabbitUserName}
573 rabbit_password: {get_param: RabbitPassword}
574 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
575 rabbit_client_port: {get_param: RabbitClientPort}
576 ntp_servers: {get_param: NtpServer}
577 enable_package_install: {get_param: EnablePackageInstall}
578 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
580 # Resource for site-specific injection of root certificate
582 depends_on: NovaComputeDeployment
583 type: OS::TripleO::NodeTLSCAData
585 server: {get_resource: NovaCompute}
587 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
588 ComputeExtraConfigPre:
589 depends_on: NovaComputeDeployment
590 type: OS::TripleO::ComputeExtraConfigPre
592 server: {get_resource: NovaCompute}
594 # Hook for site-specific additional pre-deployment config,
595 # applying to all nodes, e.g node registration/unregistration
597 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
598 type: OS::TripleO::NodeExtraConfig
600 server: {get_resource: NovaCompute}
603 type: OS::TripleO::Tasks::PackageUpdate
606 type: OS::Heat::SoftwareDeployment
608 name: UpdateDeployment
609 config: {get_resource: UpdateConfig}
610 server: {get_resource: NovaCompute}
613 get_param: UpdateIdentifier
617 description: IP address of the server in the ctlplane network
618 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
619 internal_api_ip_address:
620 description: IP address of the server in the internal_api network
621 value: {get_attr: [InternalApiPort, ip_address]}
623 description: IP address of the server in the storage network
624 value: {get_attr: [StoragePort, ip_address]}
626 description: IP address of the server in the tenant network
627 value: {get_attr: [TenantPort, ip_address]}
629 description: Hostname of the server
630 value: {get_attr: [NovaCompute, name]}
633 Server's IP address and hostname in the /etc/hosts format
636 template: "IP HOST.DOMAIN HOST"
638 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
639 DOMAIN: {get_param: CloudDomain}
640 HOST: {get_attr: [NovaCompute, name]}
641 nova_server_resource:
642 description: Heat resource handle for the Nova compute server
644 {get_resource: NovaCompute}
646 description: identifier which changes if the node configuration may need re-applying
650 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
651 - {get_attr: [NodeTLSCAData, deploy_stdout]}
652 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
653 - {get_param: UpdateIdentifier}