1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
72 NeutronBridgeMappings:
74 The OVS logical->physical bridge mappings to use. See the Neutron
75 documentation for details. Defaults to mapping br-ex - the external
76 bridge on hosts - to a physical name 'datacentre' which can be used
77 to create provider networks (and we use this for the default floating
78 network) - if changing this either use different post-install network
79 scripts or be sure to keep 'datacentre' as a mapping network name.
80 type: comma_delimited_list
81 default: "datacentre:br-ex"
82 NeutronEnableTunnelling:
88 Enable/disable the L2 population feature in the Neutron agents.
91 type: comma_delimited_list
94 If set, flat networks to configure in neutron plugins.
97 default: '' # Has to be here because of the ignored empty value bug
99 type: comma_delimited_list
100 description: The tenant network type for Neutron.
102 NeutronNetworkVLANRanges:
103 default: 'datacentre:1:1000'
105 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
106 Neutron documentation for permitted values. Defaults to permitting any
107 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
108 type: comma_delimited_list
110 description: The password for the neutron service account, used by neutron agents.
113 NeutronPhysicalBridge:
115 description: An OVS bridge to create for accessing external networks.
117 NeutronPublicInterface:
119 description: A port to add to the NeutronPhysicalBridge.
122 type: comma_delimited_list
124 The tunnel types for the Neutron tenant network.
126 NeutronTunnelIdRanges:
128 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
129 of GRE tunnel IDs that are available for tenant network allocation
130 default: ["1:4094", ]
131 type: comma_delimited_list
134 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
135 of VXLAN VNI IDs that are available for tenant network allocation
136 default: ["1:4094", ]
137 type: comma_delimited_list
138 NeutronPublicInterfaceRawDevice:
144 NeutronMetadataProxySharedSecret:
145 description: Shared secret to prevent spoofing
151 The core plugin for Neutron. The value should be the entrypoint to be loaded
152 from neutron.core_plugins namespace.
154 NeutronServicePlugins:
155 default: "router,qos"
157 Comma-separated list of service plugin entrypoints to be loaded from the
158 neutron.service_plugins namespace.
159 type: comma_delimited_list
161 default: "vxlan,vlan,flat,gre"
163 Comma-separated list of network type driver entrypoints to be loaded.
164 type: comma_delimited_list
165 NeutronMechanismDrivers:
166 default: 'openvswitch'
168 The mechanism drivers for the Neutron tenant network.
169 type: comma_delimited_list
170 NeutronAgentExtensions:
173 Comma-separated list of extensions enabled for the Neutron agents.
174 type: comma_delimited_list
175 # Not relevant for Computes, should be removed
176 NeutronAllowL3AgentFailover:
178 description: Allow automatic l3-agent failover
180 # Not relevant for Computes, should be removed
183 description: Whether to enable l3-agent HA
187 description: Agent mode for the neutron-l3-agent on the controller hosts
191 default: '' # Has to be here because of the ignored empty value bug
194 default: libvirt.LibvirtDriver
195 NovaComputeExtraConfig:
198 NovaCompute specific configuration to inject into the cluster. Same
199 structure as ExtraConfig.
201 NovaComputeLibvirtType:
204 NovaComputeLibvirtVifDriver:
206 description: Libvirt VIF driver configuration for the network
208 NovaEnableRbdBackend:
210 description: Whether to enable or not the Rbd backend for Nova
213 description: The password for the nova service account, used by nova-api.
218 default: '' # Has to be here because of the ignored empty value bug
221 description: Name of integration bridge used by Open vSwitch
223 NovaSecurityGroupAPI:
225 description: The full class name of the security API class
229 description: Comma-separated list of ntp servers
230 type: comma_delimited_list
233 default: '' # Has to be here because of the ignored empty value bug
236 description: The password for RabbitMQ
241 description: The username for RabbitMQ
246 Rabbit client subscriber parameter to specify
247 an SSL connection to the RabbitMQ host.
251 description: Set rabbit subscriber port, change this if using SSL
253 SnmpdReadonlyUserName:
254 default: ro_snmp_user
255 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
257 SnmpdReadonlyUserPassword:
258 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
261 EnablePackageInstall:
263 description: Set to true to enable package installation via Puppet
267 description: Mapping of service_name -> network name. Typically set
268 via parameter_defaults in the resource registry.
272 description: Mapping of service endpoint -> protocol. Typically set
273 via parameter_defaults in the resource registry.
277 description: The timezone to be set on compute nodes.
283 Setting to a previously unused value during stack-update will trigger
284 package update on all nodes
287 default: '' # Defaults to Heat created hostname
291 description: Optional mapping to override hostnames
292 NetworkDeploymentActions:
293 type: comma_delimited_list
295 Heat action when to apply network configuration changes
297 SoftwareConfigTransport:
298 default: POLL_SERVER_CFN
300 How the server should receive the metadata required for software configuration.
303 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
308 The DNS domain used for the hosts. This should match the dhcp_domain
309 configured in the Undercloud neutron. Defaults to localdomain.
313 Extra properties or metadata passed to Nova for the created nodes in
314 the overcloud. It's accessible via the Nova metadata API.
318 description: Optional scheduler hints to pass to nova
324 type: OS::Nova::Server
329 get_param: ImageUpdatePolicy
330 flavor: {get_param: Flavor}
331 key_name: {get_param: KeyName}
334 user_data_format: SOFTWARE_CONFIG
335 user_data: {get_resource: UserData}
338 template: {get_param: Hostname}
339 params: {get_param: HostnameMap}
340 software_config_transport: {get_param: SoftwareConfigTransport}
341 metadata: {get_param: ServerMetadata}
342 scheduler_hints: {get_param: SchedulerHints}
344 # Combine the NodeAdminUserData and NodeUserData mime archives
346 type: OS::Heat::MultipartMime
349 - config: {get_resource: NodeAdminUserData}
351 - config: {get_resource: NodeUserData}
354 # Creates the "heat-admin" user if configured via the environment
355 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
357 type: OS::TripleO::NodeAdminUserData
359 # For optional operator additional userdata
360 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
362 type: OS::TripleO::NodeUserData
365 type: OS::TripleO::Compute::Ports::ExternalPort
367 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
370 type: OS::TripleO::Compute::Ports::InternalApiPort
372 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
375 type: OS::TripleO::Compute::Ports::StoragePort
377 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
380 type: OS::TripleO::Compute::Ports::StorageMgmtPort
382 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
385 type: OS::TripleO::Compute::Ports::TenantPort
387 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
390 type: OS::TripleO::Compute::Ports::ManagementPort
392 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
395 type: OS::TripleO::Network::Ports::NetIpMap
397 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
398 ExternalIp: {get_attr: [ExternalPort, ip_address]}
399 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
400 StorageIp: {get_attr: [StoragePort, ip_address]}
401 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
402 TenantIp: {get_attr: [TenantPort, ip_address]}
403 ManagementIp: {get_attr: [ManagementPort, ip_address]}
406 type: OS::TripleO::Compute::Net::SoftwareConfig
408 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
409 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
410 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
411 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
412 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
413 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
414 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
417 type: OS::TripleO::SoftwareDeployment
419 name: NetworkDeployment
420 config: {get_resource: NetworkConfig}
421 server: {get_resource: NovaCompute}
422 actions: {get_param: NetworkDeploymentActions}
424 bridge_name: {get_param: NeutronPhysicalBridge}
425 interface_name: {get_param: NeutronPublicInterface}
428 type: OS::Heat::StructuredConfig
430 group: os-apply-config
435 - heat_config_%{::deploy_config_name}
436 - compute_extraconfig
439 - ceph_cluster # provided by CephClusterConfig
441 - all_nodes # provided by allNodesConfig
444 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
445 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
446 - midonet_data # Optionally provided by AllNodesExtraConfig
449 mapped_data: {get_param: NovaComputeExtraConfig}
451 mapped_data: {get_param: ExtraConfig}
453 raw_data: {get_file: hieradata/common.yaml}
455 raw_data: {get_file: hieradata/ceph.yaml}
457 raw_data: {get_file: hieradata/compute.yaml}
459 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
460 nova::debug: {get_input: debug}
461 nova::rabbit_userid: {get_input: rabbit_username}
462 nova::rabbit_password: {get_input: rabbit_password}
463 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
464 nova::rabbit_port: {get_input: rabbit_client_port}
465 nova_compute_driver: {get_input: nova_compute_driver}
466 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
467 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
468 nova_api_host: {get_input: nova_api_host}
469 nova::compute::vncproxy_host: {get_input: nova_public_ip}
470 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
471 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
472 nova_password: {get_input: nova_password}
473 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
474 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
475 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
476 ceilometer::debug: {get_input: debug}
477 ceilometer::rabbit_userid: {get_input: rabbit_username}
478 ceilometer::rabbit_password: {get_input: rabbit_password}
479 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
480 ceilometer::rabbit_port: {get_input: rabbit_client_port}
481 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
482 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
483 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
484 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
485 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
486 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
487 nova::glance_api_servers: {get_input: glance_api_servers}
488 neutron::debug: {get_input: debug}
489 neutron::rabbit_password: {get_input: rabbit_password}
490 neutron::rabbit_user: {get_input: rabbit_username}
491 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
492 neutron::rabbit_port: {get_input: rabbit_client_port}
493 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
494 neutron_host: {get_input: neutron_host}
495 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
497 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
498 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
499 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
500 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
501 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
502 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
503 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
504 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
505 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
506 neutron_physical_bridge: {get_input: neutron_physical_bridge}
507 neutron_public_interface: {get_input: neutron_public_interface}
508 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
509 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
510 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
511 neutron_router_distributed: {get_input: neutron_router_distributed}
512 neutron_agent_mode: {get_input: neutron_agent_mode}
513 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
514 neutron::core_plugin: {get_input: neutron_core_plugin}
515 neutron::service_plugins: {get_input: neutron_service_plugins}
516 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
517 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
518 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
519 keystone_public_api_virtual_ip: {get_input: keystone_vip}
520 admin_password: {get_input: admin_password}
521 ntp::servers: {get_input: ntp_servers}
522 timezone::timezone: {get_input: timezone}
523 tripleo::packages::enable_install: {get_input: enable_package_install}
524 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
526 NovaComputeDeployment:
527 type: OS::TripleO::SoftwareDeployment
528 depends_on: NetworkDeployment
530 name: NovaComputeDeployment
531 config: {get_resource: NovaComputeConfig}
532 server: {get_resource: NovaCompute}
534 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
535 debug: {get_param: Debug}
536 nova_compute_driver: {get_param: NovaComputeDriver}
537 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
538 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
539 nova_public_ip: {get_param: NovaPublicIP}
540 nova_api_host: {get_param: NovaApiHost}
541 nova_password: {get_param: NovaPassword}
542 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
543 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
544 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
545 nova_ovs_bridge: {get_param: NovaOVSBridge}
546 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
547 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
548 ceilometer_password: {get_param: CeilometerPassword}
549 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
550 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
551 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
552 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
553 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
554 neutron_flat_networks:
558 NETWORKS: {get_param: NeutronFlatNetworks}
559 neutron_host: {get_param: NeutronHost}
560 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
561 neutron_tunnel_id_ranges:
565 RANGES: {get_param: NeutronTunnelIdRanges}
570 RANGES: {get_param: NeutronVniRanges}
571 neutron_tenant_network_types:
575 TYPES: {get_param: NeutronNetworkType}
576 neutron_tunnel_types:
580 TYPES: {get_param: NeutronTunnelTypes}
581 neutron_network_vlan_ranges:
585 RANGES: {get_param: NeutronNetworkVLANRanges}
586 neutron_bridge_mappings:
590 MAPPINGS: {get_param: NeutronBridgeMappings}
591 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
592 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
593 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
594 neutron_public_interface: {get_param: NeutronPublicInterface}
595 neutron_password: {get_param: NeutronPassword}
596 neutron_agent_mode: {get_param: NeutronAgentMode}
597 neutron_router_distributed: {get_param: NeutronDVR}
598 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
599 neutron_core_plugin: {get_param: NeutronCorePlugin}
600 neutron_service_plugins:
604 PLUGINS: {get_param: NeutronServicePlugins}
605 neutron_type_drivers:
609 DRIVERS: {get_param: NeutronTypeDrivers}
610 neutron_mechanism_drivers:
614 MECHANISMS: {get_param: NeutronMechanismDrivers}
615 neutron_agent_extensions:
617 template: AGENT_EXTENSIONS
619 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
620 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
621 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
622 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
623 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
624 admin_password: {get_param: AdminPassword}
625 rabbit_username: {get_param: RabbitUserName}
626 rabbit_password: {get_param: RabbitPassword}
627 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
628 rabbit_client_port: {get_param: RabbitClientPort}
629 ntp_servers: {get_param: NtpServer}
630 timezone: {get_param: TimeZone}
631 enable_package_install: {get_param: EnablePackageInstall}
632 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
634 # Resource for site-specific injection of root certificate
636 depends_on: NovaComputeDeployment
637 type: OS::TripleO::NodeTLSCAData
639 server: {get_resource: NovaCompute}
641 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
642 ComputeExtraConfigPre:
643 depends_on: NovaComputeDeployment
644 type: OS::TripleO::ComputeExtraConfigPre
646 server: {get_resource: NovaCompute}
648 # Hook for site-specific additional pre-deployment config,
649 # applying to all nodes, e.g node registration/unregistration
651 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
652 type: OS::TripleO::NodeExtraConfig
654 server: {get_resource: NovaCompute}
657 type: OS::TripleO::Tasks::PackageUpdate
660 type: OS::Heat::SoftwareDeployment
662 name: UpdateDeployment
663 config: {get_resource: UpdateConfig}
664 server: {get_resource: NovaCompute}
667 get_param: UpdateIdentifier
671 description: IP address of the server in the ctlplane network
672 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
674 description: IP address of the server in the external network
675 value: {get_attr: [ExternalPort, ip_address]}
676 internal_api_ip_address:
677 description: IP address of the server in the internal_api network
678 value: {get_attr: [InternalApiPort, ip_address]}
680 description: IP address of the server in the storage network
681 value: {get_attr: [StoragePort, ip_address]}
682 storage_mgmt_ip_address:
683 description: IP address of the server in the storage_mgmt network
684 value: {get_attr: [StorageMgmtPort, ip_address]}
686 description: IP address of the server in the tenant network
687 value: {get_attr: [TenantPort, ip_address]}
688 management_ip_address:
689 description: IP address of the server in the management network
690 value: {get_attr: [ManagementPort, ip_address]}
692 description: Hostname of the server
693 value: {get_attr: [NovaCompute, name]}
696 Server's IP address and hostname in the /etc/hosts format
699 template: "IP HOST.DOMAIN HOST"
701 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
702 DOMAIN: {get_param: CloudDomain}
703 HOST: {get_attr: [NovaCompute, name]}
704 nova_server_resource:
705 description: Heat resource handle for the Nova compute server
707 {get_resource: NovaCompute}
709 description: identifier which changes if the node configuration may need re-applying
713 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
714 - {get_attr: [NodeTLSCAData, deploy_stdout]}
715 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
716 - {get_param: UpdateIdentifier}