1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
72 NeutronBridgeMappings:
74 The OVS logical->physical bridge mappings to use. See the Neutron
75 documentation for details. Defaults to mapping br-ex - the external
76 bridge on hosts - to a physical name 'datacentre' which can be used
77 to create provider networks (and we use this for the default floating
78 network) - if changing this either use different post-install network
79 scripts or be sure to keep 'datacentre' as a mapping network name.
80 type: comma_delimited_list
81 default: "datacentre:br-ex"
82 NeutronEnableTunnelling:
88 Enable/disable the L2 population feature in the Neutron agents.
91 type: comma_delimited_list
94 If set, flat networks to configure in neutron plugins.
97 default: '' # Has to be here because of the ignored empty value bug
99 type: comma_delimited_list
100 description: The tenant network type for Neutron.
102 NeutronNetworkVLANRanges:
103 default: 'datacentre'
105 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
106 Neutron documentation for permitted values. Defaults to permitting any
107 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
108 type: comma_delimited_list
110 description: The password for the neutron service account, used by neutron agents.
113 NeutronPhysicalBridge:
115 description: An OVS bridge to create for accessing external networks.
117 NeutronPublicInterface:
119 description: A port to add to the NeutronPhysicalBridge.
122 type: comma_delimited_list
124 The tunnel types for the Neutron tenant network.
126 NeutronTunnelIdRanges:
128 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
129 of GRE tunnel IDs that are available for tenant network allocation
130 default: ["1:1000", ]
131 type: comma_delimited_list
134 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
135 of VXLAN VNI IDs that are available for tenant network allocation
136 default: ["1:1000", ]
137 type: comma_delimited_list
138 NeutronPublicInterfaceRawDevice:
144 NeutronMetadataProxySharedSecret:
145 description: Shared secret to prevent spoofing
151 The core plugin for Neutron. The value should be the entrypoint to be loaded
152 from neutron.core_plugins namespace.
154 NeutronServicePlugins:
157 Comma-separated list of service plugin entrypoints to be loaded from the
158 neutron.service_plugins namespace.
159 type: comma_delimited_list
161 default: "vxlan,vlan,flat,gre"
163 Comma-separated list of network type driver entrypoints to be loaded.
164 type: comma_delimited_list
165 NeutronMechanismDrivers:
166 default: 'openvswitch'
168 The mechanism drivers for the Neutron tenant network.
169 type: comma_delimited_list
170 # Not relevant for Computes, should be removed
171 NeutronAllowL3AgentFailover:
173 description: Allow automatic l3-agent failover
175 # Not relevant for Computes, should be removed
178 description: Whether to enable l3-agent HA
182 description: Agent mode for the neutron-l3-agent on the controller hosts
186 default: '' # Has to be here because of the ignored empty value bug
189 default: libvirt.LibvirtDriver
190 NovaComputeExtraConfig:
193 NovaCompute specific configuration to inject into the cluster. Same
194 structure as ExtraConfig.
196 NovaComputeLibvirtType:
199 NovaComputeLibvirtVifDriver:
201 description: Libvirt VIF driver configuration for the network
203 NovaEnableRbdBackend:
205 description: Whether to enable or not the Rbd backend for Nova
208 description: The password for the nova service account, used by nova-api.
213 default: '' # Has to be here because of the ignored empty value bug
216 description: Name of integration bridge used by Open vSwitch
218 NovaSecurityGroupAPI:
220 description: The full class name of the security API class
224 description: Comma-separated list of ntp servers
225 type: comma_delimited_list
228 default: '' # Has to be here because of the ignored empty value bug
231 description: The password for RabbitMQ
236 description: The username for RabbitMQ
241 Rabbit client subscriber parameter to specify
242 an SSL connection to the RabbitMQ host.
246 description: Set rabbit subscriber port, change this if using SSL
248 SnmpdReadonlyUserName:
249 default: ro_snmp_user
250 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
252 SnmpdReadonlyUserPassword:
253 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
256 EnablePackageInstall:
258 description: Set to true to enable package installation via Puppet
262 description: Mapping of service_name -> network name. Typically set
263 via parameter_defaults in the resource registry.
267 description: Mapping of service endpoint -> protocol. Typically set
268 via parameter_defaults in the resource registry.
274 Setting to a previously unused value during stack-update will trigger
275 package update on all nodes
278 default: '' # Defaults to Heat created hostname
279 NetworkDeploymentActions:
280 type: comma_delimited_list
282 Heat action when to apply network configuration changes
284 SoftwareConfigTransport:
285 default: POLL_SERVER_CFN
287 How the server should receive the metadata required for software configuration.
290 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
295 The DNS domain used for the hosts. This should match the dhcp_domain
296 configured in the Undercloud neutron. Defaults to localdomain.
300 Extra properties or metadata passed to Nova for the created nodes in
301 the overcloud. It's accessible via the Nova metadata API.
305 description: Optional scheduler hints to pass to nova
311 type: OS::Nova::Server
316 get_param: ImageUpdatePolicy
317 flavor: {get_param: Flavor}
318 key_name: {get_param: KeyName}
321 user_data_format: SOFTWARE_CONFIG
322 user_data: {get_resource: UserData}
323 name: {get_param: Hostname}
324 software_config_transport: {get_param: SoftwareConfigTransport}
325 metadata: {get_param: ServerMetadata}
326 scheduler_hints: {get_param: SchedulerHints}
328 # Combine the NodeAdminUserData and NodeUserData mime archives
330 type: OS::Heat::MultipartMime
333 - config: {get_resource: NodeAdminUserData}
335 - config: {get_resource: NodeUserData}
338 # Creates the "heat-admin" user if configured via the environment
339 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
341 type: OS::TripleO::NodeAdminUserData
343 # For optional operator additional userdata
344 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
346 type: OS::TripleO::NodeUserData
349 type: OS::TripleO::Compute::Ports::InternalApiPort
351 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
354 type: OS::TripleO::Compute::Ports::StoragePort
356 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
359 type: OS::TripleO::Compute::Ports::TenantPort
361 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
364 type: OS::TripleO::Compute::Ports::ManagementPort
366 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
369 type: OS::TripleO::Network::Ports::NetIpMap
371 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
372 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
373 StorageIp: {get_attr: [StoragePort, ip_address]}
374 TenantIp: {get_attr: [TenantPort, ip_address]}
375 ManagementIp: {get_attr: [ManagementPort, ip_address]}
378 type: OS::TripleO::Compute::Net::SoftwareConfig
380 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
381 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
382 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
383 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
384 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
387 type: OS::TripleO::SoftwareDeployment
389 config: {get_resource: NetworkConfig}
390 server: {get_resource: NovaCompute}
391 actions: {get_param: NetworkDeploymentActions}
393 bridge_name: {get_param: NeutronPhysicalBridge}
394 interface_name: {get_param: NeutronPublicInterface}
397 type: OS::Heat::StructuredConfig
399 group: os-apply-config
404 - heat_config_%{::deploy_config_name}
405 - compute_extraconfig
408 - ceph_cluster # provided by CephClusterConfig
410 - all_nodes # provided by allNodesConfig
413 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
414 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
415 - midonet_data # Optionally provided by AllNodesExtraConfig
418 mapped_data: {get_param: NovaComputeExtraConfig}
420 mapped_data: {get_param: ExtraConfig}
422 raw_data: {get_file: hieradata/common.yaml}
424 raw_data: {get_file: hieradata/ceph.yaml}
426 raw_data: {get_file: hieradata/compute.yaml}
428 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
429 nova::debug: {get_input: debug}
430 nova::rabbit_userid: {get_input: rabbit_username}
431 nova::rabbit_password: {get_input: rabbit_password}
432 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
433 nova::rabbit_port: {get_input: rabbit_client_port}
434 nova_compute_driver: {get_input: nova_compute_driver}
435 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
436 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
437 nova_api_host: {get_input: nova_api_host}
438 nova::compute::vncproxy_host: {get_input: nova_public_ip}
439 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
440 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
441 nova_password: {get_input: nova_password}
442 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
443 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
444 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
445 ceilometer::debug: {get_input: debug}
446 ceilometer::rabbit_userid: {get_input: rabbit_username}
447 ceilometer::rabbit_password: {get_input: rabbit_password}
448 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
449 ceilometer::rabbit_port: {get_input: rabbit_client_port}
450 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
451 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
452 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
453 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
454 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
455 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
456 nova::glance_api_servers: {get_input: glance_api_servers}
457 neutron::debug: {get_input: debug}
458 neutron::rabbit_password: {get_input: rabbit_password}
459 neutron::rabbit_user: {get_input: rabbit_username}
460 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
461 neutron::rabbit_port: {get_input: rabbit_client_port}
462 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
463 neutron_host: {get_input: neutron_host}
464 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
466 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
467 neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types}
468 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
469 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
470 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
471 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
472 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
473 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
474 neutron_physical_bridge: {get_input: neutron_physical_bridge}
475 neutron_public_interface: {get_input: neutron_public_interface}
476 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
477 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
478 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
479 neutron_router_distributed: {get_input: neutron_router_distributed}
480 neutron_agent_mode: {get_input: neutron_agent_mode}
481 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
482 neutron::core_plugin: {get_input: neutron_core_plugin}
483 neutron::service_plugins: {get_input: neutron_service_plugins}
484 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
485 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
486 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
487 keystone_public_api_virtual_ip: {get_input: keystone_vip}
488 admin_password: {get_input: admin_password}
489 ntp::servers: {get_input: ntp_servers}
490 tripleo::packages::enable_install: {get_input: enable_package_install}
491 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
493 NovaComputeDeployment:
494 type: OS::TripleO::SoftwareDeployment
495 depends_on: NetworkDeployment
497 config: {get_resource: NovaComputeConfig}
498 server: {get_resource: NovaCompute}
500 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
501 debug: {get_param: Debug}
502 nova_compute_driver: {get_param: NovaComputeDriver}
503 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
504 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
505 nova_public_ip: {get_param: NovaPublicIP}
506 nova_api_host: {get_param: NovaApiHost}
507 nova_password: {get_param: NovaPassword}
508 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
509 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
510 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
511 nova_ovs_bridge: {get_param: NovaOVSBridge}
512 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
513 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
514 ceilometer_password: {get_param: CeilometerPassword}
515 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
516 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
517 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
518 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
519 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
520 neutron_flat_networks:
524 NETWORKS: {get_param: NeutronFlatNetworks}
525 neutron_host: {get_param: NeutronHost}
526 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
527 neutron_tunnel_id_ranges:
531 RANGES: {get_param: NeutronTunnelIdRanges}
536 RANGES: {get_param: NeutronVniRanges}
537 neutron_tenant_network_types:
541 TYPES: {get_param: NeutronNetworkType}
542 neutron_tunnel_types:
546 TYPES: {get_param: NeutronTunnelTypes}
547 neutron_network_vlan_ranges:
551 RANGES: {get_param: NeutronNetworkVLANRanges}
552 neutron_bridge_mappings:
556 MAPPINGS: {get_param: NeutronBridgeMappings}
557 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
558 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
559 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
560 neutron_public_interface: {get_param: NeutronPublicInterface}
561 neutron_password: {get_param: NeutronPassword}
562 neutron_agent_mode: {get_param: NeutronAgentMode}
563 neutron_router_distributed: {get_param: NeutronDVR}
564 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
565 neutron_core_plugin: {get_param: NeutronCorePlugin}
566 neutron_service_plugins:
570 PLUGINS: {get_param: NeutronServicePlugins}
571 neutron_type_drivers:
575 DRIVERS: {get_param: NeutronTypeDrivers}
576 neutron_mechanism_drivers:
580 MECHANISMS: {get_param: NeutronMechanismDrivers}
581 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
582 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
583 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
584 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
585 admin_password: {get_param: AdminPassword}
586 rabbit_username: {get_param: RabbitUserName}
587 rabbit_password: {get_param: RabbitPassword}
588 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
589 rabbit_client_port: {get_param: RabbitClientPort}
590 ntp_servers: {get_param: NtpServer}
591 enable_package_install: {get_param: EnablePackageInstall}
592 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
594 # Resource for site-specific injection of root certificate
596 depends_on: NovaComputeDeployment
597 type: OS::TripleO::NodeTLSCAData
599 server: {get_resource: NovaCompute}
601 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
602 ComputeExtraConfigPre:
603 depends_on: NovaComputeDeployment
604 type: OS::TripleO::ComputeExtraConfigPre
606 server: {get_resource: NovaCompute}
608 # Hook for site-specific additional pre-deployment config,
609 # applying to all nodes, e.g node registration/unregistration
611 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
612 type: OS::TripleO::NodeExtraConfig
614 server: {get_resource: NovaCompute}
617 type: OS::TripleO::Tasks::PackageUpdate
620 type: OS::Heat::SoftwareDeployment
622 config: {get_resource: UpdateConfig}
623 server: {get_resource: NovaCompute}
626 get_param: UpdateIdentifier
630 description: IP address of the server in the ctlplane network
631 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
632 internal_api_ip_address:
633 description: IP address of the server in the internal_api network
634 value: {get_attr: [InternalApiPort, ip_address]}
636 description: IP address of the server in the storage network
637 value: {get_attr: [StoragePort, ip_address]}
639 description: IP address of the server in the tenant network
640 value: {get_attr: [TenantPort, ip_address]}
641 management_ip_address:
642 description: IP address of the server in the management network
643 value: {get_attr: [ManagementPort, ip_address]}
645 description: Hostname of the server
646 value: {get_attr: [NovaCompute, name]}
649 Server's IP address and hostname in the /etc/hosts format
652 template: "IP HOST.DOMAIN HOST"
654 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
655 DOMAIN: {get_param: CloudDomain}
656 HOST: {get_attr: [NovaCompute, name]}
657 nova_server_resource:
658 description: Heat resource handle for the Nova compute server
660 {get_resource: NovaCompute}
662 description: identifier which changes if the node configuration may need re-applying
666 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
667 - {get_attr: [NodeTLSCAData, deploy_stdout]}
668 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
669 - {get_param: UpdateIdentifier}