1 heat_template_version: 2015-04-30
4 OpenStack hypervisor node configured via Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 CeilometerComputeAgent:
13 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
17 - allowed_values: ['', Present]
18 CeilometerMeteringSecret:
20 description: Secret shared by the ceilometer services.
25 description: The password for the ceilometer service account.
28 CinderEnableNfsBackend:
30 description: Whether to enable or not the NFS backend for Cinder
32 CinderEnableRbdBackend:
34 description: Whether to enable or not the Rbd backend for Cinder
38 description: Set to True to enable debugging on all services.
43 Additional hiera configuration to inject into the cluster. Note
44 that NovaComputeExtraConfig takes precedence over ExtraConfig.
47 description: Flavor for the nova compute node
50 - custom_constraint: nova.flavor
53 default: '' # Has to be here because of the ignored empty value bug
56 default: overcloud-compute
58 - custom_constraint: glance.image
60 default: 'REBUILD_PRESERVE_EPHEMERAL'
61 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
64 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
68 - custom_constraint: nova.keypair
69 KeystoneAdminApiVirtualIP:
72 KeystonePublicApiVirtualIP:
75 NeutronBridgeMappings:
77 The OVS logical->physical bridge mappings to use. See the Neutron
78 documentation for details. Defaults to mapping br-ex - the external
79 bridge on hosts - to a physical name 'datacentre' which can be used
80 to create provider networks (and we use this for the default floating
81 network) - if changing this either use different post-install network
82 scripts or be sure to keep 'datacentre' as a mapping network name.
84 default: "datacentre:br-ex"
85 NeutronEnableTunnelling:
91 Enable/disable the L2 population feature in the Neutron agents.
97 If set, flat networks to configure in neutron plugins.
100 default: '' # Has to be here because of the ignored empty value bug
103 description: The tenant network type for Neutron, either gre or vxlan.
105 NeutronNetworkVLANRanges:
106 default: 'datacentre'
108 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
109 Neutron documentation for permitted values. Defaults to permitting any
110 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
111 type: comma_delimited_list
114 description: The password for the neutron service account, used by neutron agents.
117 NeutronPhysicalBridge:
119 description: An OVS bridge to create for accessing external networks.
121 NeutronPublicInterface:
123 description: A port to add to the NeutronPhysicalBridge.
128 The tunnel types for the Neutron tenant network. To specify multiple
129 values, use a comma separated string, like so: 'gre,vxlan'
131 NeutronTunnelIdRanges:
133 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
134 of GRE tunnel IDs that are available for tenant network allocation
135 default: ["1:1000", ]
136 type: comma_delimited_list
139 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
140 of VXLAN VNI IDs that are available for tenant network allocation
141 default: ["1:1000", ]
142 type: comma_delimited_list
143 NeutronPublicInterfaceRawDevice:
149 NeutronMetadataProxySharedSecret:
151 description: Shared secret to prevent spoofing
157 The core plugin for Neutron. The value should be the entrypoint to be loaded
158 from neutron.core_plugins namespace.
160 NeutronServicePlugins:
163 Comma-separated list of service plugin entrypoints to be loaded from the
164 neutron.service_plugins namespace.
165 type: comma_delimited_list
167 default: "vxlan,vlan,flat,gre"
169 Comma-separated list of network type driver entrypoints to be loaded.
170 type: comma_delimited_list
171 NeutronMechanismDrivers:
172 default: 'openvswitch'
174 The mechanism drivers for the Neutron tenant network. To specify multiple
175 values, use a comma separated string, like so: 'openvswitch,l2_population'
177 # Not relevant for Computes, should be removed
178 NeutronAllowL3AgentFailover:
180 description: Allow automatic l3-agent failover
182 # Not relevant for Computes, should be removed
185 description: Whether to enable l3-agent HA
189 description: Agent mode for the neutron-l3-agent on the controller hosts
193 default: '' # Has to be here because of the ignored empty value bug
196 default: libvirt.LibvirtDriver
197 NovaComputeExtraConfig:
200 NovaCompute specific configuration to inject into the cluster. Same
201 structure as ExtraConfig.
203 NovaComputeLibvirtType:
206 NovaComputeLibvirtVifDriver:
208 description: Libvirt VIF driver configuration for the network
210 NovaEnableRbdBackend:
212 description: Whether to enable or not the Rbd backend for Nova
216 description: The password for the nova service account, used by nova-api.
221 default: '' # Has to be here because of the ignored empty value bug
224 description: Name of integration bridge used by Open vSwitch
226 NovaSecurityGroupAPI:
228 description: The full class name of the security API class
232 description: Comma-separated list of ntp servers
233 type: comma_delimited_list
236 default: '' # Has to be here because of the ignored empty value bug
239 description: The password for RabbitMQ
244 description: The username for RabbitMQ
249 Rabbit client subscriber parameter to specify
250 an SSL connection to the RabbitMQ host.
254 description: Set rabbit subscriber port, change this if using SSL
256 SnmpdReadonlyUserName:
257 default: ro_snmp_user
258 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
260 SnmpdReadonlyUserPassword:
262 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
265 EnablePackageInstall:
267 description: Set to true to enable package installation via Puppet
271 description: Mapping of service_name -> network name. Typically set
272 via parameter_defaults in the resource registry.
276 description: Mapping of service endpoint -> protocol. Typically set
277 via parameter_defaults in the resource registry.
283 Setting to a previously unused value during stack-update will trigger
284 package update on all nodes
287 default: '' # Defaults to Heat created hostname
288 NetworkDeploymentActions:
289 type: comma_delimited_list
291 Heat action when to apply network configuration changes
297 type: OS::Nova::Server
302 get_param: ImageUpdatePolicy
303 flavor: {get_param: Flavor}
304 key_name: {get_param: KeyName}
307 user_data_format: SOFTWARE_CONFIG
308 user_data: {get_resource: UserData}
309 name: {get_param: Hostname}
311 # Combine the NodeAdminUserData and NodeUserData mime archives
313 type: OS::Heat::MultipartMime
316 - config: {get_resource: NodeAdminUserData}
318 - config: {get_resource: NodeUserData}
321 # Creates the "heat-admin" user if configured via the environment
322 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
324 type: OS::TripleO::NodeAdminUserData
326 # For optional operator additional userdata
327 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
329 type: OS::TripleO::NodeUserData
332 type: OS::TripleO::Compute::Ports::InternalApiPort
334 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
337 type: OS::TripleO::Compute::Ports::StoragePort
339 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
342 type: OS::TripleO::Compute::Ports::TenantPort
344 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
347 type: OS::TripleO::Network::Ports::NetIpMap
349 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
350 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
351 StorageIp: {get_attr: [StoragePort, ip_address]}
352 TenantIp: {get_attr: [TenantPort, ip_address]}
355 type: OS::TripleO::Compute::Net::SoftwareConfig
357 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
358 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
359 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
360 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
363 type: OS::TripleO::SoftwareDeployment
365 config: {get_resource: NetworkConfig}
366 server: {get_resource: NovaCompute}
367 actions: {get_param: NetworkDeploymentActions}
369 bridge_name: {get_param: NeutronPhysicalBridge}
370 interface_name: {get_param: NeutronPublicInterface}
373 type: OS::Heat::StructuredConfig
375 group: os-apply-config
380 - heat_config_%{::deploy_config_name}
381 - compute_extraconfig
384 - ceph_cluster # provided by CephClusterConfig
386 - all_nodes # provided by allNodesConfig
389 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
390 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
393 mapped_data: {get_param: NovaComputeExtraConfig}
395 mapped_data: {get_param: ExtraConfig}
397 raw_data: {get_file: hieradata/common.yaml}
399 raw_data: {get_file: hieradata/ceph.yaml}
401 raw_data: {get_file: hieradata/compute.yaml}
403 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
404 nova::debug: {get_input: debug}
405 nova::rabbit_userid: {get_input: rabbit_username}
406 nova::rabbit_password: {get_input: rabbit_password}
407 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
408 nova::rabbit_port: {get_input: rabbit_client_port}
409 nova_compute_driver: {get_input: nova_compute_driver}
410 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
411 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
412 nova_api_host: {get_input: nova_api_host}
413 nova::compute::vncproxy_host: {get_input: nova_public_ip}
414 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
415 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
416 nova_password: {get_input: nova_password}
417 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
418 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
419 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
420 ceilometer::debug: {get_input: debug}
421 ceilometer::rabbit_userid: {get_input: rabbit_username}
422 ceilometer::rabbit_password: {get_input: rabbit_password}
423 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
424 ceilometer::rabbit_port: {get_input: rabbit_client_port}
425 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
426 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
427 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
428 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
429 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
430 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
431 nova::glance_api_servers: {get_input: glance_api_servers}
432 neutron::debug: {get_input: debug}
433 neutron::rabbit_password: {get_input: rabbit_password}
434 neutron::rabbit_user: {get_input: rabbit_username}
435 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
436 neutron::rabbit_port: {get_input: rabbit_client_port}
437 neutron_flat_networks: {get_input: neutron_flat_networks}
438 neutron_host: {get_input: neutron_host}
439 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
441 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
442 neutron_tunnel_types: {get_input: neutron_tunnel_types}
443 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
444 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
445 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
446 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
447 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
448 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
449 neutron_physical_bridge: {get_input: neutron_physical_bridge}
450 neutron_public_interface: {get_input: neutron_public_interface}
451 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
452 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
453 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
454 neutron_router_distributed: {get_input: neutron_router_distributed}
455 neutron_agent_mode: {get_input: neutron_agent_mode}
456 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
457 neutron::core_plugin: {get_input: neutron_core_plugin}
458 neutron::service_plugins: {get_input: neutron_service_plugins}
459 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
460 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
461 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
462 admin_password: {get_input: admin_password}
463 ntp::servers: {get_input: ntp_servers}
464 tripleo::packages::enable_install: {get_input: enable_package_install}
465 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
467 NovaComputeDeployment:
468 type: OS::TripleO::SoftwareDeployment
469 depends_on: NetworkDeployment
471 config: {get_resource: NovaComputeConfig}
472 server: {get_resource: NovaCompute}
474 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
475 debug: {get_param: Debug}
476 nova_compute_driver: {get_param: NovaComputeDriver}
477 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
478 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
479 nova_public_ip: {get_param: NovaPublicIP}
480 nova_api_host: {get_param: NovaApiHost}
481 nova_password: {get_param: NovaPassword}
482 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
483 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
484 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
485 nova_ovs_bridge: {get_param: NovaOVSBridge}
486 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
487 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
488 ceilometer_password: {get_param: CeilometerPassword}
489 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
490 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
491 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
492 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
493 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
494 neutron_flat_networks: {get_param: NeutronFlatNetworks}
495 neutron_host: {get_param: NeutronHost}
496 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
497 neutron_tenant_network_type: {get_param: NeutronNetworkType}
498 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
499 neutron_tunnel_id_ranges:
501 template: "['RANGES']"
506 - {get_param: NeutronTunnelIdRanges}
509 template: "['RANGES']"
514 - {get_param: NeutronVniRanges}
515 neutron_network_vlan_ranges:
517 template: "['RANGES']"
522 - {get_param: NeutronNetworkVLANRanges}
523 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
524 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
525 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
526 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
527 neutron_public_interface: {get_param: NeutronPublicInterface}
528 neutron_password: {get_param: NeutronPassword}
529 neutron_agent_mode: {get_param: NeutronAgentMode}
530 neutron_router_distributed: {get_param: NeutronDVR}
531 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
532 neutron_core_plugin: {get_param: NeutronCorePlugin}
533 neutron_service_plugins:
535 template: "['PLUGINS']"
540 - {get_param: NeutronServicePlugins}
541 neutron_type_drivers:
543 template: "['DRIVERS']"
548 - {get_param: NeutronTypeDrivers}
549 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
550 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
551 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
552 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
553 admin_password: {get_param: AdminPassword}
554 rabbit_username: {get_param: RabbitUserName}
555 rabbit_password: {get_param: RabbitPassword}
556 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
557 rabbit_client_port: {get_param: RabbitClientPort}
558 ntp_servers: {get_param: NtpServer}
559 enable_package_install: {get_param: EnablePackageInstall}
560 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
562 # Resource for site-specific injection of root certificate
564 depends_on: NovaComputeDeployment
565 type: OS::TripleO::NodeTLSCAData
567 server: {get_resource: NovaCompute}
569 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
570 ComputeExtraConfigPre:
571 depends_on: NovaComputeDeployment
572 type: OS::TripleO::ComputeExtraConfigPre
574 server: {get_resource: NovaCompute}
576 # Hook for site-specific additional pre-deployment config,
577 # applying to all nodes, e.g node registration/unregistration
579 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
580 type: OS::TripleO::NodeExtraConfig
582 server: {get_resource: NovaCompute}
585 type: OS::TripleO::Tasks::PackageUpdate
588 type: OS::Heat::SoftwareDeployment
590 config: {get_resource: UpdateConfig}
591 server: {get_resource: NovaCompute}
594 get_param: UpdateIdentifier
598 description: IP address of the server in the ctlplane network
599 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
600 internal_api_ip_address:
601 description: IP address of the server in the internal_api network
602 value: {get_attr: [InternalApiPort, ip_address]}
604 description: IP address of the server in the storage network
605 value: {get_attr: [StoragePort, ip_address]}
607 description: IP address of the server in the tenant network
608 value: {get_attr: [TenantPort, ip_address]}
610 description: Hostname of the server
611 value: {get_attr: [NovaCompute, name]}
614 Server's IP address and hostname in the /etc/hosts format
617 template: "IP HOST.localdomain HOST"
619 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
620 HOST: {get_attr: [NovaCompute, name]}
621 nova_server_resource:
622 description: Heat resource handle for the Nova compute server
624 {get_resource: NovaCompute}
626 description: identifier which changes if the node configuration may need re-applying
630 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
631 - {get_attr: [NodeTLSCAData, deploy_stdout]}
632 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
633 - {get_param: UpdateIdentifier}