1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
72 NeutronBridgeMappings:
74 The OVS logical->physical bridge mappings to use. See the Neutron
75 documentation for details. Defaults to mapping br-ex - the external
76 bridge on hosts - to a physical name 'datacentre' which can be used
77 to create provider networks (and we use this for the default floating
78 network) - if changing this either use different post-install network
79 scripts or be sure to keep 'datacentre' as a mapping network name.
80 type: comma_delimited_list
81 default: "datacentre:br-ex"
82 NeutronEnableTunnelling:
88 Enable/disable the L2 population feature in the Neutron agents.
91 type: comma_delimited_list
94 If set, flat networks to configure in neutron plugins.
97 default: '' # Has to be here because of the ignored empty value bug
99 type: comma_delimited_list
100 description: The tenant network type for Neutron.
102 NeutronNetworkVLANRanges:
103 default: 'datacentre:1:1000'
105 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
106 Neutron documentation for permitted values. Defaults to permitting any
107 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
108 type: comma_delimited_list
110 description: The password for the neutron service account, used by neutron agents.
113 NeutronPhysicalBridge:
115 description: An OVS bridge to create for accessing external networks.
117 NeutronPublicInterface:
119 description: A port to add to the NeutronPhysicalBridge.
122 type: comma_delimited_list
124 The tunnel types for the Neutron tenant network.
126 NeutronTunnelIdRanges:
128 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
129 of GRE tunnel IDs that are available for tenant network allocation
130 default: ["1:1000", ]
131 type: comma_delimited_list
134 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
135 of VXLAN VNI IDs that are available for tenant network allocation
136 default: ["1:1000", ]
137 type: comma_delimited_list
138 NeutronPublicInterfaceRawDevice:
144 NeutronMetadataProxySharedSecret:
145 description: Shared secret to prevent spoofing
151 The core plugin for Neutron. The value should be the entrypoint to be loaded
152 from neutron.core_plugins namespace.
154 NeutronServicePlugins:
155 default: "router,qos"
157 Comma-separated list of service plugin entrypoints to be loaded from the
158 neutron.service_plugins namespace.
159 type: comma_delimited_list
161 default: "vxlan,vlan,flat,gre"
163 Comma-separated list of network type driver entrypoints to be loaded.
164 type: comma_delimited_list
165 NeutronMechanismDrivers:
166 default: 'openvswitch'
168 The mechanism drivers for the Neutron tenant network.
169 type: comma_delimited_list
170 NeutronAgentExtensions:
173 Comma-separated list of extensions enabled for the Neutron agents.
174 type: comma_delimited_list
175 # Not relevant for Computes, should be removed
176 NeutronAllowL3AgentFailover:
178 description: Allow automatic l3-agent failover
180 # Not relevant for Computes, should be removed
183 description: Whether to enable l3-agent HA
187 description: Agent mode for the neutron-l3-agent on the controller hosts
191 default: '' # Has to be here because of the ignored empty value bug
194 default: libvirt.LibvirtDriver
195 NovaComputeExtraConfig:
198 NovaCompute specific configuration to inject into the cluster. Same
199 structure as ExtraConfig.
201 NovaComputeLibvirtType:
204 NovaComputeLibvirtVifDriver:
206 description: Libvirt VIF driver configuration for the network
208 NovaEnableRbdBackend:
210 description: Whether to enable or not the Rbd backend for Nova
213 description: The password for the nova service account, used by nova-api.
218 default: '' # Has to be here because of the ignored empty value bug
221 description: Name of integration bridge used by Open vSwitch
223 NovaSecurityGroupAPI:
225 description: The full class name of the security API class
229 description: Comma-separated list of ntp servers
230 type: comma_delimited_list
233 default: '' # Has to be here because of the ignored empty value bug
236 description: The password for RabbitMQ
241 description: The username for RabbitMQ
246 Rabbit client subscriber parameter to specify
247 an SSL connection to the RabbitMQ host.
251 description: Set rabbit subscriber port, change this if using SSL
253 SnmpdReadonlyUserName:
254 default: ro_snmp_user
255 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
257 SnmpdReadonlyUserPassword:
258 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
261 EnablePackageInstall:
263 description: Set to true to enable package installation via Puppet
267 description: Mapping of service_name -> network name. Typically set
268 via parameter_defaults in the resource registry.
272 description: Mapping of service endpoint -> protocol. Typically set
273 via parameter_defaults in the resource registry.
279 Setting to a previously unused value during stack-update will trigger
280 package update on all nodes
283 default: '' # Defaults to Heat created hostname
284 NetworkDeploymentActions:
285 type: comma_delimited_list
287 Heat action when to apply network configuration changes
289 SoftwareConfigTransport:
290 default: POLL_SERVER_CFN
292 How the server should receive the metadata required for software configuration.
295 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
300 The DNS domain used for the hosts. This should match the dhcp_domain
301 configured in the Undercloud neutron. Defaults to localdomain.
305 Extra properties or metadata passed to Nova for the created nodes in
306 the overcloud. It's accessible via the Nova metadata API.
310 description: Optional scheduler hints to pass to nova
316 type: OS::Nova::Server
321 get_param: ImageUpdatePolicy
322 flavor: {get_param: Flavor}
323 key_name: {get_param: KeyName}
326 user_data_format: SOFTWARE_CONFIG
327 user_data: {get_resource: UserData}
328 name: {get_param: Hostname}
329 software_config_transport: {get_param: SoftwareConfigTransport}
330 metadata: {get_param: ServerMetadata}
331 scheduler_hints: {get_param: SchedulerHints}
333 # Combine the NodeAdminUserData and NodeUserData mime archives
335 type: OS::Heat::MultipartMime
338 - config: {get_resource: NodeAdminUserData}
340 - config: {get_resource: NodeUserData}
343 # Creates the "heat-admin" user if configured via the environment
344 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
346 type: OS::TripleO::NodeAdminUserData
348 # For optional operator additional userdata
349 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
351 type: OS::TripleO::NodeUserData
354 type: OS::TripleO::Compute::Ports::ExternalPort
356 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
359 type: OS::TripleO::Compute::Ports::InternalApiPort
361 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
364 type: OS::TripleO::Compute::Ports::StoragePort
366 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
369 type: OS::TripleO::Compute::Ports::StorageMgmtPort
371 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
374 type: OS::TripleO::Compute::Ports::TenantPort
376 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
379 type: OS::TripleO::Compute::Ports::ManagementPort
381 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
384 type: OS::TripleO::Network::Ports::NetIpMap
386 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
387 ExternalIp: {get_attr: [ExternalPort, ip_address]}
388 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
389 StorageIp: {get_attr: [StoragePort, ip_address]}
390 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
391 TenantIp: {get_attr: [TenantPort, ip_address]}
392 ManagementIp: {get_attr: [ManagementPort, ip_address]}
395 type: OS::TripleO::Compute::Net::SoftwareConfig
397 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
398 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
399 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
400 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
401 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
402 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
403 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
406 type: OS::TripleO::SoftwareDeployment
408 config: {get_resource: NetworkConfig}
409 server: {get_resource: NovaCompute}
410 actions: {get_param: NetworkDeploymentActions}
412 bridge_name: {get_param: NeutronPhysicalBridge}
413 interface_name: {get_param: NeutronPublicInterface}
416 type: OS::Heat::StructuredConfig
418 group: os-apply-config
423 - heat_config_%{::deploy_config_name}
424 - compute_extraconfig
427 - ceph_cluster # provided by CephClusterConfig
429 - all_nodes # provided by allNodesConfig
432 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
433 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
434 - midonet_data # Optionally provided by AllNodesExtraConfig
437 mapped_data: {get_param: NovaComputeExtraConfig}
439 mapped_data: {get_param: ExtraConfig}
441 raw_data: {get_file: hieradata/common.yaml}
443 raw_data: {get_file: hieradata/ceph.yaml}
445 raw_data: {get_file: hieradata/compute.yaml}
447 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
448 nova::debug: {get_input: debug}
449 nova::rabbit_userid: {get_input: rabbit_username}
450 nova::rabbit_password: {get_input: rabbit_password}
451 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
452 nova::rabbit_port: {get_input: rabbit_client_port}
453 nova_compute_driver: {get_input: nova_compute_driver}
454 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
455 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
456 nova_api_host: {get_input: nova_api_host}
457 nova::compute::vncproxy_host: {get_input: nova_public_ip}
458 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
459 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
460 nova_password: {get_input: nova_password}
461 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
462 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
463 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
464 ceilometer::debug: {get_input: debug}
465 ceilometer::rabbit_userid: {get_input: rabbit_username}
466 ceilometer::rabbit_password: {get_input: rabbit_password}
467 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
468 ceilometer::rabbit_port: {get_input: rabbit_client_port}
469 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
470 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
471 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
472 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
473 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
474 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
475 nova::glance_api_servers: {get_input: glance_api_servers}
476 neutron::debug: {get_input: debug}
477 neutron::rabbit_password: {get_input: rabbit_password}
478 neutron::rabbit_user: {get_input: rabbit_username}
479 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
480 neutron::rabbit_port: {get_input: rabbit_client_port}
481 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
482 neutron_host: {get_input: neutron_host}
483 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
485 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
486 neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types}
487 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
488 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
489 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
490 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
491 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
492 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
493 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
494 neutron_physical_bridge: {get_input: neutron_physical_bridge}
495 neutron_public_interface: {get_input: neutron_public_interface}
496 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
497 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
498 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
499 neutron_router_distributed: {get_input: neutron_router_distributed}
500 neutron_agent_mode: {get_input: neutron_agent_mode}
501 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
502 neutron::core_plugin: {get_input: neutron_core_plugin}
503 neutron::service_plugins: {get_input: neutron_service_plugins}
504 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
505 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
506 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
507 keystone_public_api_virtual_ip: {get_input: keystone_vip}
508 admin_password: {get_input: admin_password}
509 ntp::servers: {get_input: ntp_servers}
510 tripleo::packages::enable_install: {get_input: enable_package_install}
511 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
513 NovaComputeDeployment:
514 type: OS::TripleO::SoftwareDeployment
515 depends_on: NetworkDeployment
517 config: {get_resource: NovaComputeConfig}
518 server: {get_resource: NovaCompute}
520 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
521 debug: {get_param: Debug}
522 nova_compute_driver: {get_param: NovaComputeDriver}
523 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
524 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
525 nova_public_ip: {get_param: NovaPublicIP}
526 nova_api_host: {get_param: NovaApiHost}
527 nova_password: {get_param: NovaPassword}
528 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
529 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
530 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
531 nova_ovs_bridge: {get_param: NovaOVSBridge}
532 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
533 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
534 ceilometer_password: {get_param: CeilometerPassword}
535 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
536 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
537 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
538 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
539 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
540 neutron_flat_networks:
544 NETWORKS: {get_param: NeutronFlatNetworks}
545 neutron_host: {get_param: NeutronHost}
546 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
547 neutron_tunnel_id_ranges:
551 RANGES: {get_param: NeutronTunnelIdRanges}
556 RANGES: {get_param: NeutronVniRanges}
557 neutron_tenant_network_types:
561 TYPES: {get_param: NeutronNetworkType}
562 neutron_tunnel_types:
566 TYPES: {get_param: NeutronTunnelTypes}
567 neutron_network_vlan_ranges:
571 RANGES: {get_param: NeutronNetworkVLANRanges}
572 neutron_bridge_mappings:
576 MAPPINGS: {get_param: NeutronBridgeMappings}
577 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
578 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
579 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
580 neutron_public_interface: {get_param: NeutronPublicInterface}
581 neutron_password: {get_param: NeutronPassword}
582 neutron_agent_mode: {get_param: NeutronAgentMode}
583 neutron_router_distributed: {get_param: NeutronDVR}
584 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
585 neutron_core_plugin: {get_param: NeutronCorePlugin}
586 neutron_service_plugins:
590 PLUGINS: {get_param: NeutronServicePlugins}
591 neutron_type_drivers:
595 DRIVERS: {get_param: NeutronTypeDrivers}
596 neutron_mechanism_drivers:
600 MECHANISMS: {get_param: NeutronMechanismDrivers}
601 neutron_agent_extensions:
603 template: AGENT_EXTENSIONS
605 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
606 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
607 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
608 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
609 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
610 admin_password: {get_param: AdminPassword}
611 rabbit_username: {get_param: RabbitUserName}
612 rabbit_password: {get_param: RabbitPassword}
613 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
614 rabbit_client_port: {get_param: RabbitClientPort}
615 ntp_servers: {get_param: NtpServer}
616 enable_package_install: {get_param: EnablePackageInstall}
617 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
619 # Resource for site-specific injection of root certificate
621 depends_on: NovaComputeDeployment
622 type: OS::TripleO::NodeTLSCAData
624 server: {get_resource: NovaCompute}
626 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
627 ComputeExtraConfigPre:
628 depends_on: NovaComputeDeployment
629 type: OS::TripleO::ComputeExtraConfigPre
631 server: {get_resource: NovaCompute}
633 # Hook for site-specific additional pre-deployment config,
634 # applying to all nodes, e.g node registration/unregistration
636 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
637 type: OS::TripleO::NodeExtraConfig
639 server: {get_resource: NovaCompute}
642 type: OS::TripleO::Tasks::PackageUpdate
645 type: OS::Heat::SoftwareDeployment
647 config: {get_resource: UpdateConfig}
648 server: {get_resource: NovaCompute}
651 get_param: UpdateIdentifier
655 description: IP address of the server in the ctlplane network
656 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
658 description: IP address of the server in the external network
659 value: {get_attr: [ExternalPort, ip_address]}
660 internal_api_ip_address:
661 description: IP address of the server in the internal_api network
662 value: {get_attr: [InternalApiPort, ip_address]}
664 description: IP address of the server in the storage network
665 value: {get_attr: [StoragePort, ip_address]}
666 storage_mgmt_ip_address:
667 description: IP address of the server in the storage_mgmt network
668 value: {get_attr: [StorageMgmtPort, ip_address]}
670 description: IP address of the server in the tenant network
671 value: {get_attr: [TenantPort, ip_address]}
672 management_ip_address:
673 description: IP address of the server in the management network
674 value: {get_attr: [ManagementPort, ip_address]}
676 description: Hostname of the server
677 value: {get_attr: [NovaCompute, name]}
680 Server's IP address and hostname in the /etc/hosts format
683 template: "IP HOST.DOMAIN HOST"
685 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
686 DOMAIN: {get_param: CloudDomain}
687 HOST: {get_attr: [NovaCompute, name]}
688 nova_server_resource:
689 description: Heat resource handle for the Nova compute server
691 {get_resource: NovaCompute}
693 description: identifier which changes if the node configuration may need re-applying
697 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
698 - {get_attr: [NodeTLSCAData, deploy_stdout]}
699 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
700 - {get_param: UpdateIdentifier}