1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 CeilometerComputeAgent:
13 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
17 - allowed_values: ['', Present]
18 CeilometerMeteringSecret:
20 description: Secret shared by the ceilometer services.
25 description: The password for the ceilometer service account.
28 CinderEnableNfsBackend:
30 description: Whether to enable or not the NFS backend for Cinder
32 CinderEnableRbdBackend:
34 description: Whether to enable or not the Rbd backend for Cinder
38 description: Set to True to enable debugging on all services.
43 Additional hiera configuration to inject into the cluster. Note
44 that NovaComputeExtraConfig takes precedence over ExtraConfig.
47 description: Flavor for the nova compute node
50 - custom_constraint: nova.flavor
53 default: '' # Has to be here because of the ignored empty value bug
56 default: overcloud-compute
58 - custom_constraint: glance.image
60 default: 'REBUILD_PRESERVE_EPHEMERAL'
61 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
64 description: Name of an existing Nova key pair to enable SSH access to the instances
68 - custom_constraint: nova.keypair
69 KeystoneAdminApiVirtualIP:
72 KeystonePublicApiVirtualIP:
75 NeutronBridgeMappings:
77 The OVS logical->physical bridge mappings to use. See the Neutron
78 documentation for details. Defaults to mapping br-ex - the external
79 bridge on hosts - to a physical name 'datacentre' which can be used
80 to create provider networks (and we use this for the default floating
81 network) - if changing this either use different post-install network
82 scripts or be sure to keep 'datacentre' as a mapping network name.
83 type: comma_delimited_list
84 default: "datacentre:br-ex"
85 NeutronEnableTunnelling:
91 Enable/disable the L2 population feature in the Neutron agents.
94 type: comma_delimited_list
97 If set, flat networks to configure in neutron plugins.
100 default: '' # Has to be here because of the ignored empty value bug
102 type: comma_delimited_list
103 description: The tenant network type for Neutron.
105 NeutronNetworkVLANRanges:
106 default: 'datacentre'
108 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
109 Neutron documentation for permitted values. Defaults to permitting any
110 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
111 type: comma_delimited_list
114 description: The password for the neutron service account, used by neutron agents.
117 NeutronPhysicalBridge:
119 description: An OVS bridge to create for accessing external networks.
121 NeutronPublicInterface:
123 description: A port to add to the NeutronPhysicalBridge.
126 type: comma_delimited_list
128 The tunnel types for the Neutron tenant network.
130 NeutronTunnelIdRanges:
132 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
133 of GRE tunnel IDs that are available for tenant network allocation
134 default: ["1:1000", ]
135 type: comma_delimited_list
138 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
139 of VXLAN VNI IDs that are available for tenant network allocation
140 default: ["1:1000", ]
141 type: comma_delimited_list
142 NeutronPublicInterfaceRawDevice:
148 NeutronMetadataProxySharedSecret:
150 description: Shared secret to prevent spoofing
156 The core plugin for Neutron. The value should be the entrypoint to be loaded
157 from neutron.core_plugins namespace.
159 NeutronServicePlugins:
162 Comma-separated list of service plugin entrypoints to be loaded from the
163 neutron.service_plugins namespace.
164 type: comma_delimited_list
166 default: "vxlan,vlan,flat,gre"
168 Comma-separated list of network type driver entrypoints to be loaded.
169 type: comma_delimited_list
170 NeutronMechanismDrivers:
171 default: 'openvswitch'
173 The mechanism drivers for the Neutron tenant network.
174 type: comma_delimited_list
175 # Not relevant for Computes, should be removed
176 NeutronAllowL3AgentFailover:
178 description: Allow automatic l3-agent failover
180 # Not relevant for Computes, should be removed
183 description: Whether to enable l3-agent HA
187 description: Agent mode for the neutron-l3-agent on the controller hosts
191 default: '' # Has to be here because of the ignored empty value bug
194 default: libvirt.LibvirtDriver
195 NovaComputeExtraConfig:
198 NovaCompute specific configuration to inject into the cluster. Same
199 structure as ExtraConfig.
201 NovaComputeLibvirtType:
204 NovaComputeLibvirtVifDriver:
206 description: Libvirt VIF driver configuration for the network
208 NovaEnableRbdBackend:
210 description: Whether to enable or not the Rbd backend for Nova
214 description: The password for the nova service account, used by nova-api.
219 default: '' # Has to be here because of the ignored empty value bug
222 description: Name of integration bridge used by Open vSwitch
224 NovaSecurityGroupAPI:
226 description: The full class name of the security API class
230 description: Comma-separated list of ntp servers
231 type: comma_delimited_list
234 default: '' # Has to be here because of the ignored empty value bug
237 description: The password for RabbitMQ
242 description: The username for RabbitMQ
247 Rabbit client subscriber parameter to specify
248 an SSL connection to the RabbitMQ host.
252 description: Set rabbit subscriber port, change this if using SSL
254 SnmpdReadonlyUserName:
255 default: ro_snmp_user
256 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
258 SnmpdReadonlyUserPassword:
260 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
263 EnablePackageInstall:
265 description: Set to true to enable package installation via Puppet
269 description: Mapping of service_name -> network name. Typically set
270 via parameter_defaults in the resource registry.
274 description: Mapping of service endpoint -> protocol. Typically set
275 via parameter_defaults in the resource registry.
281 Setting to a previously unused value during stack-update will trigger
282 package update on all nodes
285 default: '' # Defaults to Heat created hostname
286 NetworkDeploymentActions:
287 type: comma_delimited_list
289 Heat action when to apply network configuration changes
295 The DNS domain used for the hosts. This should match the dhcp_domain
296 configured in the Undercloud neutron. Defaults to localdomain.
300 Extra properties or metadata passed to Nova for the created nodes in
301 the overcloud. It's accessible via the Nova metadata API.
305 description: Optional scheduler hints to pass to nova
311 type: OS::Nova::Server
316 get_param: ImageUpdatePolicy
317 flavor: {get_param: Flavor}
318 key_name: {get_param: KeyName}
321 user_data_format: SOFTWARE_CONFIG
322 user_data: {get_resource: UserData}
323 name: {get_param: Hostname}
324 metadata: {get_param: ServerMetadata}
325 scheduler_hints: {get_param: SchedulerHints}
327 # Combine the NodeAdminUserData and NodeUserData mime archives
329 type: OS::Heat::MultipartMime
332 - config: {get_resource: NodeAdminUserData}
334 - config: {get_resource: NodeUserData}
337 # Creates the "heat-admin" user if configured via the environment
338 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
340 type: OS::TripleO::NodeAdminUserData
342 # For optional operator additional userdata
343 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
345 type: OS::TripleO::NodeUserData
348 type: OS::TripleO::Compute::Ports::ExternalPort
350 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
353 type: OS::TripleO::Compute::Ports::InternalApiPort
355 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
358 type: OS::TripleO::Compute::Ports::StoragePort
360 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
363 type: OS::TripleO::Compute::Ports::StorageMgmtPort
365 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
368 type: OS::TripleO::Compute::Ports::TenantPort
370 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
373 type: OS::TripleO::Compute::Ports::ManagementPort
375 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
378 type: OS::TripleO::Network::Ports::NetIpMap
380 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
381 ExternalIp: {get_attr: [ExternalPort, ip_address]}
382 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
383 StorageIp: {get_attr: [StoragePort, ip_address]}
384 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
385 TenantIp: {get_attr: [TenantPort, ip_address]}
386 ManagementIp: {get_attr: [ManagementPort, ip_address]}
389 type: OS::TripleO::Compute::Net::SoftwareConfig
391 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
392 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
393 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
394 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
395 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
396 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
397 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
400 type: OS::TripleO::SoftwareDeployment
402 config: {get_resource: NetworkConfig}
403 server: {get_resource: NovaCompute}
404 actions: {get_param: NetworkDeploymentActions}
406 bridge_name: {get_param: NeutronPhysicalBridge}
407 interface_name: {get_param: NeutronPublicInterface}
410 type: OS::Heat::StructuredConfig
412 group: os-apply-config
417 - heat_config_%{::deploy_config_name}
418 - compute_extraconfig
421 - ceph_cluster # provided by CephClusterConfig
423 - all_nodes # provided by allNodesConfig
426 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
427 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
430 mapped_data: {get_param: NovaComputeExtraConfig}
432 mapped_data: {get_param: ExtraConfig}
434 raw_data: {get_file: hieradata/common.yaml}
436 raw_data: {get_file: hieradata/ceph.yaml}
438 raw_data: {get_file: hieradata/compute.yaml}
440 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
441 nova::debug: {get_input: debug}
442 nova::rabbit_userid: {get_input: rabbit_username}
443 nova::rabbit_password: {get_input: rabbit_password}
444 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
445 nova::rabbit_port: {get_input: rabbit_client_port}
446 nova_compute_driver: {get_input: nova_compute_driver}
447 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
448 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
449 nova_api_host: {get_input: nova_api_host}
450 nova::compute::vncproxy_host: {get_input: nova_public_ip}
451 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
452 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
453 nova_password: {get_input: nova_password}
454 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
455 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
456 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
457 ceilometer::debug: {get_input: debug}
458 ceilometer::rabbit_userid: {get_input: rabbit_username}
459 ceilometer::rabbit_password: {get_input: rabbit_password}
460 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
461 ceilometer::rabbit_port: {get_input: rabbit_client_port}
462 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
463 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
464 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
465 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
466 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
467 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
468 nova::glance_api_servers: {get_input: glance_api_servers}
469 neutron::debug: {get_input: debug}
470 neutron::rabbit_password: {get_input: rabbit_password}
471 neutron::rabbit_user: {get_input: rabbit_username}
472 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
473 neutron::rabbit_port: {get_input: rabbit_client_port}
474 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
475 neutron_host: {get_input: neutron_host}
476 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
478 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
479 neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types}
480 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
481 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
482 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
483 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
484 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
485 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
486 neutron_physical_bridge: {get_input: neutron_physical_bridge}
487 neutron_public_interface: {get_input: neutron_public_interface}
488 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
489 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
490 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
491 neutron_router_distributed: {get_input: neutron_router_distributed}
492 neutron_agent_mode: {get_input: neutron_agent_mode}
493 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
494 neutron::core_plugin: {get_input: neutron_core_plugin}
495 neutron::service_plugins: {get_input: neutron_service_plugins}
496 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
497 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
498 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
499 keystone_public_api_virtual_ip: {get_input: keystone_vip}
500 admin_password: {get_input: admin_password}
501 ntp::servers: {get_input: ntp_servers}
502 tripleo::packages::enable_install: {get_input: enable_package_install}
503 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
505 NovaComputeDeployment:
506 type: OS::TripleO::SoftwareDeployment
507 depends_on: NetworkDeployment
509 config: {get_resource: NovaComputeConfig}
510 server: {get_resource: NovaCompute}
512 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
513 debug: {get_param: Debug}
514 nova_compute_driver: {get_param: NovaComputeDriver}
515 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
516 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
517 nova_public_ip: {get_param: NovaPublicIP}
518 nova_api_host: {get_param: NovaApiHost}
519 nova_password: {get_param: NovaPassword}
520 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
521 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
522 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
523 nova_ovs_bridge: {get_param: NovaOVSBridge}
524 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
525 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
526 ceilometer_password: {get_param: CeilometerPassword}
527 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
528 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
529 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
530 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
531 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
532 neutron_flat_networks:
536 NETWORKS: {get_param: NeutronFlatNetworks}
537 neutron_host: {get_param: NeutronHost}
538 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
539 neutron_tunnel_id_ranges:
543 RANGES: {get_param: NeutronTunnelIdRanges}
548 RANGES: {get_param: NeutronVniRanges}
549 neutron_tenant_network_types:
553 TYPES: {get_param: NeutronNetworkType}
554 neutron_tunnel_types:
558 TYPES: {get_param: NeutronTunnelTypes}
559 neutron_network_vlan_ranges:
563 RANGES: {get_param: NeutronNetworkVLANRanges}
564 neutron_bridge_mappings:
568 MAPPINGS: {get_param: NeutronBridgeMappings}
569 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
570 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
571 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
572 neutron_public_interface: {get_param: NeutronPublicInterface}
573 neutron_password: {get_param: NeutronPassword}
574 neutron_agent_mode: {get_param: NeutronAgentMode}
575 neutron_router_distributed: {get_param: NeutronDVR}
576 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
577 neutron_core_plugin: {get_param: NeutronCorePlugin}
578 neutron_service_plugins:
582 PLUGINS: {get_param: NeutronServicePlugins}
583 neutron_type_drivers:
587 DRIVERS: {get_param: NeutronTypeDrivers}
588 neutron_mechanism_drivers:
592 MECHANISMS: {get_param: NeutronMechanismDrivers}
593 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
594 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
595 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
596 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
597 admin_password: {get_param: AdminPassword}
598 rabbit_username: {get_param: RabbitUserName}
599 rabbit_password: {get_param: RabbitPassword}
600 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
601 rabbit_client_port: {get_param: RabbitClientPort}
602 ntp_servers: {get_param: NtpServer}
603 enable_package_install: {get_param: EnablePackageInstall}
604 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
606 # Resource for site-specific injection of root certificate
608 depends_on: NovaComputeDeployment
609 type: OS::TripleO::NodeTLSCAData
611 server: {get_resource: NovaCompute}
613 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
614 ComputeExtraConfigPre:
615 depends_on: NovaComputeDeployment
616 type: OS::TripleO::ComputeExtraConfigPre
618 server: {get_resource: NovaCompute}
620 # Hook for site-specific additional pre-deployment config,
621 # applying to all nodes, e.g node registration/unregistration
623 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
624 type: OS::TripleO::NodeExtraConfig
626 server: {get_resource: NovaCompute}
629 type: OS::TripleO::Tasks::PackageUpdate
632 type: OS::Heat::SoftwareDeployment
634 config: {get_resource: UpdateConfig}
635 server: {get_resource: NovaCompute}
638 get_param: UpdateIdentifier
642 description: IP address of the server in the ctlplane network
643 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
645 description: IP address of the server in the external network
646 value: {get_attr: [ExternalPort, ip_address]}
647 internal_api_ip_address:
648 description: IP address of the server in the internal_api network
649 value: {get_attr: [InternalApiPort, ip_address]}
651 description: IP address of the server in the storage network
652 value: {get_attr: [StoragePort, ip_address]}
653 storage_mgmt_ip_address:
654 description: IP address of the server in the storage_mgmt network
655 value: {get_attr: [StorageMgmtPort, ip_address]}
657 description: IP address of the server in the tenant network
658 value: {get_attr: [TenantPort, ip_address]}
659 management_ip_address:
660 description: IP address of the server in the management network
661 value: {get_attr: [ManagementPort, ip_address]}
663 description: Hostname of the server
664 value: {get_attr: [NovaCompute, name]}
667 Server's IP address and hostname in the /etc/hosts format
670 template: "IP HOST.DOMAIN HOST"
672 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
673 DOMAIN: {get_param: CloudDomain}
674 HOST: {get_attr: [NovaCompute, name]}
675 nova_server_resource:
676 description: Heat resource handle for the Nova compute server
678 {get_resource: NovaCompute}
680 description: identifier which changes if the node configuration may need re-applying
684 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
685 - {get_attr: [NodeTLSCAData, deploy_stdout]}
686 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
687 - {get_param: UpdateIdentifier}